Re: [Pharo-dev] About strange email related to smalltalkhub read-only on squeak-dev

[Mariano Martinez Peck]

On Tue, Jun 2, 2020 at 6:18 AM Norbert Hartl  wrote:

> Hi Paul,
>
> thanks for the info but I won't read it. I try to focus on things that
> matter. There are too many things that try to distract everyone from
> producing something helpful. Law suits are IMHO not of that kind.
>
> I would rather put some money on the table for someone building proper FFI
> to openssl. The Cryptography was a mess I cleaned a bit but I had also
> scenarios where the squeak code was not working properly. And there is no
> real reason to have a smalltalk implementation of crypto if we carry around
> openssl anyway (for iceberg and secure connects).
>
> PierceNg has an implementation that implements a subset of openssl. This
> implementation is modeled after the library so lots of class methods. I'd
> prefer to have something more object model like.
>
> So if you think you can implement this please contact me and tell me what
> you think how long it takes and how much it will cost to do at least the
> things we have now in Cryptography. I'm willing to collect money or pay it
> myself.
>
>

I second this. VA Smalltalk included a complete FFI wrapper of OpenSSL in
VAST 8.6.2 (2015) and it was one of the best decisions ever.


-- 
Mariano Martinez Peck
Email: marianop...@gmail.com
Twitter: @MartinezPeck
LinkedIn: www.linkedin.com/in/mariano-martinez-peck

Blog: https://marianopeck.wordpress.com/

Re: [Pharo-dev] About strange email related to smalltalkhub read-only on squeak-dev

[Norbert Hartl]

Hi Paul,

thanks for the info but I won't read it. I try to focus on things that matter. 
There are too many things that try to distract everyone from producing 
something helpful. Law suits are IMHO not of that kind. 

I would rather put some money on the table for someone building proper FFI to 
openssl. The Cryptography was a mess I cleaned a bit but I had also scenarios 
where the squeak code was not working properly. And there is no real reason to 
have a smalltalk implementation of crypto if we carry around openssl anyway 
(for iceberg and secure connects).

PierceNg has an implementation that implements a subset of openssl. This 
implementation is modeled after the library so lots of class methods. I'd 
prefer to have something more object model like. 

So if you think you can implement this please contact me and tell me what you 
think how long it takes and how much it will cost to do at least the things we 
have now in Cryptography. I'm willing to collect money or pay it myself.

Norbert

> Am 31.05.2020 um 16:04 schrieb Paul DeBruicker :
> 
> Hi Norbert,
> 
> The EFF gives a nice overview of the US situation:
> https://www.eff.org/deeplinks/2019/08/us-export-controls-and-published-encryption-source-code-explained
>  
> 
> 
> Although you are not a US citizen, and don't live here,  so I don't know how
> it could affect you.  
> 
> In the link above the EFF does say they provide free consultations about
> this topic so I'm sure someone there will clear things up for you.
> 
> Paul
> 
> 
> 
> 
> 
> 
> NorbertHartl wrote
>> Yes, let us coordinate what to respond. To me this doesn't even sound like
>> Ron. Usually he is a rather quite and reasonable guy. Seems to be a lot of
>> misunderstandings here (again).
>> As I was the one copying the Cryptography package to github it concerns me
>> a bit. I've been remembered now about yet another strange law suit in the
>> US and indeed we need to raise a bit of awareness for this. 
>> 
>> So let's figure out what has to be done. 
>> 
>> Norbert
>> 
>> 
>>> Am 30.05.2020 um 14:43 schrieb Stéphane Ducasse 
> 
>> stephane.ducasse@
> 
>> :
>>> 
>>> Hi all
>>> 
>>> This is the week-end and we worked super well yesterday during the
>>> sprint. Lot of good enhancements - Thanks a lot to all the participants. 
>>> I not really happy to be forced to do it on a sunny saturday but I’m
>>> doing it to clarify points.
>>> 
>>> Esteban sent me this text that was posted on Squeak-Dev (I personally do
>>> not read squeak related forums because 
>>> I have not the time and my focus is Pharo, its consortium, my team, my
>>> research and my family). 
>>> 
>>> We have to react because 
>>> - We do not really at ***all** understand this email
>>> - We did not kicked anybody from our mailing-list from ages - so ron is
>>> lying. In the past we even had discussion with ron - so we do not 
>>> really understand. May be we got problem to log on our mailing-lists. 
>>> We have no idea because we are working and not looking at such things.  
>>>  
>>> - When we migrated smalltalkhub to readonly we payed attention to make
>>> sure that private projects stay private.
>>> We did not migrated smalltalkhub for fun. We MUST do it or it will be
>>> done by our infrastructure!
>>> - Now the cryptography packages are MIT and they are public anyway. So
>>> again we do not understand anything. 
>>> 
>>> We do not get why Ron contacted us because we announced the migration
>>> publicly way in advance and we will keep 
>>> the Smalltalkhub frozen repo for at least next 5 years. 
>>> 
>>> I feel really sorry to hear such kind of email because we do not want to
>>> fight with anybody. 
>>> Our goal is to make sure that people can work with Pharo and expand their
>>> business and knowledge. 
>>> We are working hard to make sure that people can invent their future with
>>> Pharo and people that know us personally 
>>> know that we are not lying.
>>> 
>>> S
>>> 
>>> 
 Hi all,
 
 I've tried to work with the Pharo group but they keep kicking me out of
 their mailing list.  I've already mentioned this a number of times to
 the Pharo group but nobody seems to care.  
 
 BOLD BOLD BOLD PLEASE TAKE THIS SERIOUSLY  BOLD BOLD BOLD
 
 I am not a lawyer but we used very good lawyers to make the squeaksource
 repository a safe place to do cryptography work.  If you are working on
 cryptography DO NOT POST your code anywhere except squeaksource. 
 Especially if you are in the USA.  The ONLY repository that is approved
 to host our cryptography code in the USA and therefore not subject to
 criminal violations is squeaksource.  It is a CRIME in the USA to move
 code and make it available on the internet for everyone to download! It
 must be hosted on squeaksoruce.com  
 

Re: [Pharo-dev] About strange email related to smalltalkhub read-only on squeak-dev

[Paul DeBruicker]

Hi Norbert,

The EFF gives a nice overview of the US situation:
https://www.eff.org/deeplinks/2019/08/us-export-controls-and-published-encryption-source-code-explained

Although you are not a US citizen, and don't live here,  so I don't know how
it could affect you.  

In the link above the EFF does say they provide free consultations about
this topic so I'm sure someone there will clear things up for you.

Paul






NorbertHartl wrote
> Yes, let us coordinate what to respond. To me this doesn't even sound like
> Ron. Usually he is a rather quite and reasonable guy. Seems to be a lot of
> misunderstandings here (again).
> As I was the one copying the Cryptography package to github it concerns me
> a bit. I've been remembered now about yet another strange law suit in the
> US and indeed we need to raise a bit of awareness for this. 
> 
> So let's figure out what has to be done. 
> 
> Norbert
> 
> 
>> Am 30.05.2020 um 14:43 schrieb Stéphane Ducasse 

> stephane.ducasse@

> :
>> 
>> Hi all
>> 
>> This is the week-end and we worked super well yesterday during the
>> sprint. Lot of good enhancements - Thanks a lot to all the participants. 
>> I not really happy to be forced to do it on a sunny saturday but I’m
>> doing it to clarify points.
>> 
>> Esteban sent me this text that was posted on Squeak-Dev (I personally do
>> not read squeak related forums because 
>> I have not the time and my focus is Pharo, its consortium, my team, my
>> research and my family). 
>> 
>> We have to react because 
>>  - We do not really at ***all** understand this email
>>  - We did not kicked anybody from our mailing-list from ages - so ron is
>> lying. In the past we even had discussion with ron - so we do not 
>>  really understand. May be we got problem to log on our mailing-lists. 
>>  We have no idea because we are working and not looking at such things.  
>>  
>>  - When we migrated smalltalkhub to readonly we payed attention to make
>> sure that private projects stay private.
>>  We did not migrated smalltalkhub for fun. We MUST do it or it will be
>> done by our infrastructure!
>>  - Now the cryptography packages are MIT and they are public anyway. So
>> again we do not understand anything. 
>> 
>> We do not get why Ron contacted us because we announced the migration
>> publicly way in advance and we will keep 
>> the Smalltalkhub frozen repo for at least next 5 years. 
>> 
>> I feel really sorry to hear such kind of email because we do not want to
>> fight with anybody. 
>> Our goal is to make sure that people can work with Pharo and expand their
>> business and knowledge. 
>> We are working hard to make sure that people can invent their future with
>> Pharo and people that know us personally 
>> know that we are not lying.
>> 
>> S
>> 
>> 
>>> Hi all,
>>> 
>>> I've tried to work with the Pharo group but they keep kicking me out of
>>> their mailing list.  I've already mentioned this a number of times to
>>> the Pharo group but nobody seems to care.  
>>> 
>>> BOLD BOLD BOLD PLEASE TAKE THIS SERIOUSLY  BOLD BOLD BOLD
>>> 
>>> I am not a lawyer but we used very good lawyers to make the squeaksource
>>> repository a safe place to do cryptography work.  If you are working on
>>> cryptography DO NOT POST your code anywhere except squeaksource. 
>>> Especially if you are in the USA.  The ONLY repository that is approved
>>> to host our cryptography code in the USA and therefore not subject to
>>> criminal violations is squeaksource.  It is a CRIME in the USA to move
>>> code and make it available on the internet for everyone to download!  It
>>> must be hosted on squeaksoruce.com http://squeaksoruce.com/; or
>>> another location that is also properly registered. 
>>> 
>>> IF YOU COPIED CRYPTOGRAPHY CODE TO ANOTHER REPOSITORY THAT IS NOT
>>> REGISTERED I would recommend you delete it immediately.
>>> 
>>> END BOLD!  
>>> 
>>> Please feel free to post this to the Pharo mailing list because they
>>> apparently do not want to hear from me!
>>> 
>>> All the best,
>>> 
>>> Ron Teitelbaum
>> 
>> 
>> 
>> Stéphane Ducasse
>> http://stephane.ducasse.free.fr http://stephane.ducasse.free.fr/;
>> / http://www.pharo.org http://www.pharo.org/; 
>> 03 59 35 87 52
>> Assistant: Aurore Dalle 
>> FAX 03 59 57 78 50
>> TEL 03 59 35 86 16
>> S. Ducasse - Inria
>> 40, avenue Halley, 
>> Parc Scientifique de la Haute Borne, Bât.A, Park Plaza
>> Villeneuve d'Ascq 59650
>> France
>>





--
Sent from: http://forum.world.st/Pharo-Smalltalk-Developers-f1294837.html

Re: [Pharo-dev] About strange email related to smalltalkhub read-only on squeak-dev

[Cédrick Béler]

He’s on discord on squeak server. Maybe chatting with him in private could help 
resolve the misunderstanding.

Cheers,
Cedrick

> Le 30 mai 2020 à 18:26, Norbert Hartl  a écrit :
> 
> Yes, let us coordinate what to respond. To me this doesn't even sound like 
> Ron. Usually he is a rather quite and reasonable guy. Seems to be a lot of 
> misunderstandings here (again).
> As I was the one copying the Cryptography package to github it concerns me a 
> bit. I've been remembered now about yet another strange law suit in the US 
> and indeed we need to raise a bit of awareness for this. 
> 
> So let's figure out what has to be done. 
> 
> Norbert
> 
> 
>> Am 30.05.2020 um 14:43 schrieb Stéphane Ducasse :
>> 
>> Hi all
>> 
>> This is the week-end and we worked super well yesterday during the sprint. 
>> Lot of good enhancements - Thanks a lot to all the participants. 
>> I not really happy to be forced to do it on a sunny saturday but I’m doing 
>> it to clarify points.
>> 
>> Esteban sent me this text that was posted on Squeak-Dev (I personally do not 
>> read squeak related forums because 
>> I have not the time and my focus is Pharo, its consortium, my team, my 
>> research and my family). 
>> 
>> We have to react because 
>>  - We do not really at ***all** understand this email
>>  - We did not kicked anybody from our mailing-list from ages - so ron is 
>> lying. In the past we even had discussion with ron - so we do not 
>>  really understand. May be we got problem to log on our mailing-lists. 
>>  We have no idea because we are working and not looking at such things.  
>>  
>>  - When we migrated smalltalkhub to readonly we payed attention to make 
>> sure that private projects stay private.
>>  We did not migrated smalltalkhub for fun. We MUST do it or it will be 
>> done by our infrastructure!
>>  - Now the cryptography packages are MIT and they are public anyway. So 
>> again we do not understand anything. 
>> 
>> We do not get why Ron contacted us because we announced the migration 
>> publicly way in advance and we will keep 
>> the Smalltalkhub frozen repo for at least next 5 years. 
>> 
>> I feel really sorry to hear such kind of email because we do not want to 
>> fight with anybody. 
>> Our goal is to make sure that people can work with Pharo and expand their 
>> business and knowledge. 
>> We are working hard to make sure that people can invent their future with 
>> Pharo and people that know us personally 
>> know that we are not lying.
>> 
>> S
>> 
>> 
>>> Hi all,
>>> 
>>> I've tried to work with the Pharo group but they keep kicking me out of 
>>> their mailing list.  I've already mentioned this a number of times to the 
>>> Pharo group but nobody seems to care.  
>>> 
>>> BOLD BOLD BOLD PLEASE TAKE THIS SERIOUSLY  BOLD BOLD BOLD
>>> 
>>> I am not a lawyer but we used very good lawyers to make the squeaksource 
>>> repository a safe place to do cryptography work.  If you are working on 
>>> cryptography DO NOT POST your code anywhere except squeaksource.  
>>> Especially if you are in the USA.  The ONLY repository that is approved to 
>>> host our cryptography code in the USA and therefore not subject to criminal 
>>> violations is squeaksource.  It is a CRIME in the USA to move code and make 
>>> it available on the internet for everyone to download!  It must be hosted 
>>> on squeaksoruce.com or another location that is also properly registered. 
>>> 
>>> IF YOU COPIED CRYPTOGRAPHY CODE TO ANOTHER REPOSITORY THAT IS NOT 
>>> REGISTERED I would recommend you delete it immediately.
>>> 
>>> END BOLD!  
>>> 
>>> Please feel free to post this to the Pharo mailing list because they 
>>> apparently do not want to hear from me!
>>> 
>>> All the best,
>>> 
>>> Ron Teitelbaum
>> 
>> 
>> 
>> Stéphane Ducasse
>> http://stephane.ducasse.free.fr / http://www.pharo.org 
>> 03 59 35 87 52
>> Assistant: Aurore Dalle 
>> FAX 03 59 57 78 50
>> TEL 03 59 35 86 16
>> S. Ducasse - Inria
>> 40, avenue Halley, 
>> Parc Scientifique de la Haute Borne, Bât.A, Park Plaza
>> Villeneuve d'Ascq 59650
>> France
>> 
> 

Re: [Pharo-dev] About strange email related to smalltalkhub read-only on squeak-dev

[Norbert Hartl]

Yes, let us coordinate what to respond. To me this doesn't even sound like Ron. 
Usually he is a rather quite and reasonable guy. Seems to be a lot of 
misunderstandings here (again).
As I was the one copying the Cryptography package to github it concerns me a 
bit. I've been remembered now about yet another strange law suit in the US and 
indeed we need to raise a bit of awareness for this. 

So let's figure out what has to be done. 

Norbert


> Am 30.05.2020 um 14:43 schrieb Stéphane Ducasse :
> 
> Hi all
> 
> This is the week-end and we worked super well yesterday during the sprint. 
> Lot of good enhancements - Thanks a lot to all the participants. 
> I not really happy to be forced to do it on a sunny saturday but I’m doing it 
> to clarify points.
> 
> Esteban sent me this text that was posted on Squeak-Dev (I personally do not 
> read squeak related forums because 
> I have not the time and my focus is Pharo, its consortium, my team, my 
> research and my family). 
> 
> We have to react because 
>   - We do not really at ***all** understand this email
>   - We did not kicked anybody from our mailing-list from ages - so ron is 
> lying. In the past we even had discussion with ron - so we do not 
>   really understand. May be we got problem to log on our mailing-lists. 
>   We have no idea because we are working and not looking at such things.  
>  
>   - When we migrated smalltalkhub to readonly we payed attention to make 
> sure that private projects stay private.
>   We did not migrated smalltalkhub for fun. We MUST do it or it will be 
> done by our infrastructure!
>   - Now the cryptography packages are MIT and they are public anyway. So 
> again we do not understand anything. 
> 
> We do not get why Ron contacted us because we announced the migration 
> publicly way in advance and we will keep 
> the Smalltalkhub frozen repo for at least next 5 years. 
> 
> I feel really sorry to hear such kind of email because we do not want to 
> fight with anybody. 
> Our goal is to make sure that people can work with Pharo and expand their 
> business and knowledge. 
> We are working hard to make sure that people can invent their future with 
> Pharo and people that know us personally 
> know that we are not lying.
> 
> S
> 
> 
>> Hi all,
>> 
>> I've tried to work with the Pharo group but they keep kicking me out of 
>> their mailing list.  I've already mentioned this a number of times to the 
>> Pharo group but nobody seems to care.  
>> 
>> BOLD BOLD BOLD PLEASE TAKE THIS SERIOUSLY  BOLD BOLD BOLD
>> 
>> I am not a lawyer but we used very good lawyers to make the squeaksource 
>> repository a safe place to do cryptography work.  If you are working on 
>> cryptography DO NOT POST your code anywhere except squeaksource.  Especially 
>> if you are in the USA.  The ONLY repository that is approved to host our 
>> cryptography code in the USA and therefore not subject to criminal 
>> violations is squeaksource.  It is a CRIME in the USA to move code and make 
>> it available on the internet for everyone to download!  It must be hosted on 
>> squeaksoruce.com  or another location that is also 
>> properly registered. 
>> 
>> IF YOU COPIED CRYPTOGRAPHY CODE TO ANOTHER REPOSITORY THAT IS NOT REGISTERED 
>> I would recommend you delete it immediately.
>> 
>> END BOLD!  
>> 
>> Please feel free to post this to the Pharo mailing list because they 
>> apparently do not want to hear from me!
>> 
>> All the best,
>> 
>> Ron Teitelbaum
> 
> 
> 
> Stéphane Ducasse
> http://stephane.ducasse.free.fr  / 
> http://www.pharo.org  
> 03 59 35 87 52
> Assistant: Aurore Dalle 
> FAX 03 59 57 78 50
> TEL 03 59 35 86 16
> S. Ducasse - Inria
> 40, avenue Halley, 
> Parc Scientifique de la Haute Borne, Bât.A, Park Plaza
> Villeneuve d'Ascq 59650
> France
> 

[Pharo-dev] About strange email related to smalltalkhub read-only on squeak-dev

[Stéphane Ducasse]

Hi all

This is the week-end and we worked super well yesterday during the sprint. Lot 
of good enhancements - Thanks a lot to all the participants. 
I not really happy to be forced to do it on a sunny saturday but I’m doing it 
to clarify points.

Esteban sent me this text that was posted on Squeak-Dev (I personally do not 
read squeak related forums because 
I have not the time and my focus is Pharo, its consortium, my team, my research 
and my family). 

We have to react because 
- We do not really at ***all** understand this email
- We did not kicked anybody from our mailing-list from ages - so ron is 
lying. In the past we even had discussion with ron - so we do not 
really understand. May be we got problem to log on our mailing-lists. 
We have no idea because we are working and not looking at such things.  
 
- When we migrated smalltalkhub to readonly we payed attention to make 
sure that private projects stay private.
We did not migrated smalltalkhub for fun. We MUST do it or it will be 
done by our infrastructure!
- Now the cryptography packages are MIT and they are public anyway. So 
again we do not understand anything. 

We do not get why Ron contacted us because we announced the migration publicly 
way in advance and we will keep 
the Smalltalkhub frozen repo for at least next 5 years. 

I feel really sorry to hear such kind of email because we do not want to fight 
with anybody. 
Our goal is to make sure that people can work with Pharo and expand their 
business and knowledge. 
We are working hard to make sure that people can invent their future with Pharo 
and people that know us personally 
know that we are not lying.

S


> Hi all,
> 
> I've tried to work with the Pharo group but they keep kicking me out of their 
> mailing list.  I've already mentioned this a number of times to the Pharo 
> group but nobody seems to care.  
> 
> BOLD BOLD BOLD PLEASE TAKE THIS SERIOUSLY  BOLD BOLD BOLD
> 
> I am not a lawyer but we used very good lawyers to make the squeaksource 
> repository a safe place to do cryptography work.  If you are working on 
> cryptography DO NOT POST your code anywhere except squeaksource.  Especially 
> if you are in the USA.  The ONLY repository that is approved to host our 
> cryptography code in the USA and therefore not subject to criminal violations 
> is squeaksource.  It is a CRIME in the USA to move code and make it available 
> on the internet for everyone to download!  It must be hosted on 
> squeaksoruce.com or another location that is also properly registered. 
> 
> IF YOU COPIED CRYPTOGRAPHY CODE TO ANOTHER REPOSITORY THAT IS NOT REGISTERED 
> I would recommend you delete it immediately.
> 
> END BOLD!  
> 
> Please feel free to post this to the Pharo mailing list because they 
> apparently do not want to hear from me!
> 
> All the best,
> 
> Ron Teitelbaum



Stéphane Ducasse
http://stephane.ducasse.free.fr / http://www.pharo.org 
03 59 35 87 52
Assistant: Aurore Dalle 
FAX 03 59 57 78 50
TEL 03 59 35 86 16
S. Ducasse - Inria
40, avenue Halley, 
Parc Scientifique de la Haute Borne, Bât.A, Park Plaza
Villeneuve d'Ascq 59650
France