Re: EPL and GPL incompatibility
On 10/09/16 16:45, George Bateman wrote: Also, if upstream are wrong, is the mechanism described at https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs sufficient to resolve the problem? Yes, they should granting an additional permission to link with libraries covered by the Eclipse Public License. Granting that shouldn't be a problem since they already think it's allowed. The only nitpick is that all copyright holders (of the GPL code linking with incompatible libs) would need to agree on this, not just eg. the main developer.
Re: Can "rockyou" wordlist be packaged in Debian?
On Wed, Sep 21, 2016 at 12:47 AM, Eriberto Mota wrote: > Can rockyou be packaged in Debian, considering that Kali will put a > DFSG-compatible license for this wordlist? Kali certainly isn't the owner of the wordlist so they definitely can't put a license on it. OTOH, it probably is not copyrightable. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Can "rockyou" wordlist be packaged in Debian?
On 21/09/16 01:46, Ben Finney wrote: Thanks for raising this question. Eriberto Motawrites: Well, the quoted event resulted in a file with 14 million passwords, distributed by Kali Linux. Do you have any reference to the discussions those people had over their license to distribute that information? I would expect such a discussion to get into the issue of whether a single password is subject to copyright restrictions, and further whether a compiled collection of such works is itself subject to copyright restriction. I would want to see such a discussion with clear, solid support for the freedom to redistribute that work under a free license, before proposing its distribution in Debian. IMHO, the passwords themselves are unlikely to pass the threshold of originality. Looking at the longer entries, there are a few passphrases,¹ but not much that could be considered copyrightable. In addition, the fact that passwords appeared multiple times is also an indicator that there was little to no originality involved. Another question would be if the database itself could be copyrighted, but given that there was no compiling effort at all from rockyou, that won't be the case.² Plus, it was a US company, where there are no database rights. However, I wonder if the fact that it was stolen would be a problem. Best ¹ and a lot of waste. In some cases they were probably inserted from spambots which confused it with a comment field. ² Ok, they might claim that their only goal creating the rockyou website was getting such password list from their users, but that would equal admitting an ever bigger misdemeanor.
Re: Can "rockyou" wordlist be packaged in Debian?
Thanks for raising this question. Eriberto Motawrites: > Well, the quoted event resulted in a file with 14 million passwords, > distributed by Kali Linux. Do you have any reference to the discussions those people had over their license to distribute that information? I would expect such a discussion to get into the issue of whether a single password is subject to copyright restrictions, and further whether a compiled collection of such works is itself subject to copyright restriction. I would want to see such a discussion with clear, solid support for the freedom to redistribute that work under a free license, before proposing its distribution in Debian. -- \ “Airports are ugly. Some are very ugly. Some attain a degree of | `\ugliness that can only be the result of a special effort.” | _o__) —Douglas Adams, _The Long Dark Tea-Time of the Soul_, 1988 | Ben Finney
Re: your mail
Hi Jennifer, On Tue, Sep 20, 2016 at 09:45:17AM -0400, Jennifer Nielsen wrote: > I believe my personal, private data( photos, videoing, watching, recording > audio, etc.) Has been tampered with, and placed on the Debian FTP site, > without my permission or knowledge. Your copyright permission notice states > that without permission from me it becomes a copyright, patent issue. I > believe that money has been involved in distribution of it. If you have > advice for me or a way to help, I greatly appreciate it! Thank u I think you must have misunderstood something. The Debian FTP site is this: http://ftp.debian.org/debian/ This site is used to distribute the Debian operating system, which is Free Software. No private data is distributed from this site. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org signature.asc Description: PGP signature
Can "rockyou" wordlist be packaged in Debian?
Hi, >From Wikipedia[1]: "Based in San Francisco, California, RockYou was founded in 2005 by Lance Tokuda and Jia Shen. The company's first product, a slide show service, was designed to work as an application widget. Later applications included various forms of voice mail, text and photo stylization, and games. [...] In December 2009, the company experienced a data breach resulting in the exposure of over 32 million user accounts. This resulted from storing user data in an unencrypted database and not patching a ten-year-old SQL vulnerability. RockYou failed to provide a notification of the breach to users and miscommunicated the extent of the breach." [1] https://en.wikipedia.org/wiki/RockYou Well, the quoted event resulted in a file with 14 million passwords, distributed by Kali Linux. These passwords are widely used by most common users around the world and are a very good dictionary for crackers as John the Ripper and Aircrack-ng. It is useful for security checks, forensics investigations, etc. A little example: bowhunter6 bowhunter3 bowhouse bowflex1 bowfinger Can rockyou be packaged in Debian, considering that Kali will put a DFSG-compatible license for this wordlist? Thanks a lot in advance. Regards, Eriberto
[no subject]
I believe my personal, private data( photos, videoing, watching, recording audio, etc.) Has been tampered with, and placed on the Debian FTP site, without my permission or knowledge. Your copyright permission notice states that without permission from me it becomes a copyright, patent issue. I believe that money has been involved in distribution of it. If you have advice for me or a way to help, I greatly appreciate it! Thank u