[Interest] Building 5.13.1 on CentOS6.
I am trying to build Qt 5.13.1 on CentOS6. I have run into an error that others have reported, but the reported solutions don't seem to work. I am using devtoolset-8, which brings in gcc version 8.3.1 The error is: ERROR: Feature 'xcb' was enabled, but the pre-condition 'features.thread && features.xkbcommon && libs.xcb' failed. I have the related xcb packages installed: # sudo yum install libxcb-devel xcb-util xcb-util-devel Loaded plugins: fastestmirror Setting up Install Process Loading mirror speeds from cached hostfile epel/metalink | 17 kB 00:00 * base: mirror.sjc02.svwh.net * centos-sclo-sclo: sjc.edge.kernel.org * epel: mirror.sjc02.svwh.net * extras: mirror.keystealth.org * updates: mirror.sjc02.svwh.net base | 3.7 kB 00:00 centos-sclo-rh | 2.9 kB 00:00 centos-sclo-sclo | 2.9 kB 00:00 extras | 3.4 kB 00:00 updates | 3.4 kB 00:00 Package libxcb-devel-1.12-4.el6.x86_64 already installed and latest version Package xcb-util-0.4.0-2.2.el6.x86_64 already installed and latest version Package xcb-util-devel-0.4.0-2.2.el6.x86_64 already installed and latest version I can't find a package that installs xkbcommon in the standard repositories. My configure command: ./configure -v -R '\\$$ORIGIN/lib:\\$$ORIGIN:\\$$ORIGIN/../lib:\\$$ORIGIN/../../lib' -opensource -qt-libpng -qt-zlib -qt-libjpeg -nomake examples -sql-sqlite -sqlite -confirm-license -prefix /usr/lib/Qt/Qt-5.13.1-x86_64 -widgets -skip activeqt -skip androidextras -skip connectivity -skip macextras -skip serialport -icu -fontconfig -no-reduce-relocations -qt-xcb -system-proxies -no-pulseaudio -no-alsa -no-mtdev -dbus -qt-pcre -no-libudev -no-openssl -no-xcb-xinput -rpath which results in the following summary: Configure summary: Build type: linux-g++ (x86_64, CPU features: mmx sse sse2) Compiler: gcc 8.3.1 Configuration: sse2 aesni sse3 ssse3 sse4_1 sse4_2 avx avx2 avx512f avx512bw avx512cd avx512dq avx512er avx512ifma avx512pf avx512vbmi avx512vl compile_examples enable_new_dtags f16c largefile precompile_header rdrnd shani x86SimdAlways shared rpath release c++11 c++14 c++1z concurrent dbus reduce_exports stl Build options: Mode ... release Optimize release build for size no Building shared libraries .. yes Using C standard ... C11 Using C++ standard . C++17 Using ccache ... no Using new DTAGS yes Using precompiled headers .. yes Using LTCG . no Target compiler supports: SSE .. SSE2 SSE3 SSSE3 SSE4.1 SSE4.2 AVX .. AVX AVX2 AVX512 ... F ER CD PF DQ BW VL IFMA VBMI Other x86 AES F16C RDRAND SHA Intrinsics without -mXXX option .. yes Build parts libs tools Qt modules and options: Qt Concurrent .. yes Qt D-Bus ... yes Qt D-Bus directly linked to libdbus yes Qt Gui . yes Qt Network . yes Qt Sql . yes Qt Testlib . yes Qt Widgets . yes Qt Xml . yes Support enabled for: Using pkg-config ... yes udev ... no Using system zlib .. no Zstandard support .. no Qt Core: DoubleConversion ... yes Using system DoubleConversion no GLib ... yes iconv .. no ICU yes Built-in copy of the MIME database . yes Tracing backend Logging backends: journald . no syslog ... no slog2 no Using system PCRE2 . no Qt Network: getifaddrs() ... yes IPv6 ifname yes libproxy ... no Linux AF_NETLINK ... no OpenSSL no Qt directly linked to OpenSSL no OpenSSL 1.1 no DTLS ... no OCSP-stapling .. no SCTP ... no Use system proxies . yes Qt Gui: Accessibility .. yes FreeType ... yes Using system FreeType yes HarfBuzz ... yes Using system HarfBuzz
[Interest] Proper way to handle QUdpSocket::writeDatagram when it returns TemporaryError
Hi all, I've got a thread in an application (Linux, Qt 5.13.0) which just writes udp datagrams at a relatively high frequency (video streaming). Sometimes the QUdpSocket::writeDatagram function returns -1 and the socket error is "TemporaryError". Looking into the source code of the udp socket class, it seems like the actual reason is that the OS returns EAGAIN which means I need to try again. The thread is a QThread running the default event loop. What's the best way to handle this? Right now I just made a dumb loop trying again and again with a short usleep inbetween until it finally ships the datagram. I tried using waitForBytesWritten when getting the temporary error before trying again, but that had no noticeable effect. Without a sleep, this spinning loop might have some several 100 retries before it is successful. Cheers, Ola ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing
It would maybe be useful to clarify what his mistake is ? >From what I understand Uwe mixes "contributing to open source project" and "using open source Qt for a closed project". In the former case, of course he's welcome to buy commercial licences for whatever project he'll be working on. In the latter case, the rational is (I guess) to prevent a company, say, to work with 20 developers for 3 years on an OSS Qt license, then switch to commercial when it's time to ship the product and the team is reduced to a core maintenance crew. That late switch is unfair to companies that are playing by the rule, but it's probably hard to police for the Qt company. Best regards Ilya Le mar. 8 oct. 2019 à 15:30, Melinda Seifert a écrit : > Uwe, > You are completely mistaken! I'm more than happy to discuss this with > you. My phone number is listed below. In the meantime please view > https://www.qt.io/faq/ > > 2.13. If I have started development of a project using the open source > version (LGPL), can I later purchase a commercial version of Qt and move my > code under that license? > "This is not permitted without written consent from The Qt Company. If you > have already started the development with an open-source version of Qt, > please contact The Qt Company to resolve the issue. If you are unsure of > which license or version to use when you start development, we recommend > you contact The Qt Company to advise you on the best choice based on your > development needs." > > Best Regards, > > Melinda Seifert > Regional Director of the Americas > The Qt Company > O: 617-377-7918 | M: 617-413-4479 > Qt Customer Case Studies - https://resources.qt.io/customer-stories-all > > > On 10/8/19, 3:54 AM, "Interest on behalf of Uwe Rathmann" < > interest-boun...@qt-project.org on behalf of uwe.rathm...@tigertal.de> > wrote: > > On 10/8/19 1:21 AM, Melinda Seifert wrote: > > > You can use commercial if you previously used Open Source but it’s on > > a case by case basis and you need to get approval from the Qt > > company. > > Like you need to get approval from the Qt company when not having been > Open Source before - it is the basic right of any seller not to sell. > > But your statement implies, that the Qt Company is blacklisting users > because of contributing to Open Source projects. Am I already > blacklisted because of offering code under an Open Source license ? > > How does this all fit to the Qt project, that is in parts based on > contributions from Open Source developers. Am I invited to contribute > to > the code base, while not being allowed to buy my own contribution > afterwards ? > > Uwe > > ___ > Interest mailing list > Interest@qt-project.org > https://lists.qt-project.org/listinfo/interest > > > ___ > Interest mailing list > Interest@qt-project.org > https://lists.qt-project.org/listinfo/interest > ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] TLS/SSL XML encryption security
On 10/8/19 5:00 AM, Thiago Macieira wrote: On Monday, 7 October 2019 18:08:27 PDT Roland Hughes wrote: There was a time when a Gig of storage would occupy multiple floors of the Sears Tower and the paper weight was unreal. Have you ever heard of Claude Shannon? Nope. Anyway, you can't get more data into storage than there are possible states of matter. As far as our*physics* knows, you could maybe store a byte per electron. That would weigh 5 billion tons to store 16 * 2^128 bytes. The same physics, when incorrectly applied "prove" bumblebees cannot fly? https://www.snopes.com/fact-check/bumblebees-cant-fly/ What I really loved was the science text my generation had in 4th grade which taught kids meat naturally contained maggots. Scientists had "proven" if you just left meat out maggots would magically grow from it. https://www.google.com/search?client=ubuntu=2Tv=fs=CbicXZO3GJCo_QaUrJCoBQ=spontaneous+meat+naturally+contained+maggots=spontaneous+meat+naturally+contained+maggots_l=psy-ab.3...15501.20615..21681...1.2..0.164.1803.0j13..01..gws-wiz...0i71.mkiA8iHPvYk=0ahUKEwjT37W5iY3lAhUQVN8KHRQWBFUQ4dUDCAo=5 > How about you do some math before spouting nonsense? Considering and attempting to prove nonsense is what is required when you are at the architect level. At the Chicago Stock Exchange when they were running PDP machines they wanted to use 2 machines to run the trading floor having process shared memory between them. Digital Equipment Corporation, makers of the PDP and its operating system told them it was nonsense, couldn't be done. They did it. Ported it to the VAX (completely different hardware and OS), the Alpha ("same" OS, different hardware) and the Godforsaken Itanium. At Navistar (though it wasn't named Navistar then) they wanted the IBM order receiving system to directly send orders to the VMS based order processing/inventory management/picking ticket system. Both DEC and IBM told them it was complete nonsense, couldn't be done. We did it. Long before RJE was talked about. At any rate, enough rows in the DB to achieve a 1% penetration rate gives them 10,000 compromised credit cards via an automated process. A tenth of a percent is 1,000. Not a bad haul. Sure. How many entries in the DB do you need to generate a 0.1% hit rate? I don't know how to calculate that, so I'm going to guess that you need one trillionth of the total space for that. Depends on what you find when testing and probing. Some were richly rewarded with the Debian bug limiting keys to a range of 32768. If the current OpenSSL library isn't blocking keys below 32769, the database and tools created to exploit that weakness still work for any key in that range. If there is a ToD sensitivity in the random generator, shouldn't be, but on this Debian system looks like there might be, then one can dramatically reduce the DB size needed and reduce the target range to all traffic within a window. I don't doubt that there are hackers that have dedicated DCs to cracking credit card processor traffic they may have managed to intercept. But they are not doing that by attacking the encryption. Some are and some aren't. The fact so many deny the possibility is the reason. -- Roland Hughes, President Logikal Solutions (630)-205-1593 http://www.theminimumyouneedtoknow.com http://www.infiniteexposure.net http://www.johnsmith-book.com http://www.logikalblog.com http://www.interestingauthors.com/blog ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] import sitecustomize fails 5.12.4, OSX
This part is still true: > I'm stuck in XCode hell. I upgraded XCode because I needed to work with a > iPhone 11 (iOS 13), which required me to install XCode 11, which created > issues. I started a new project and got: > 11:27:26: Starting: "/usr/bin/make" clean -j4 > 'import sitecustomize' failed; use -v for traceback > Traceback (most recent call last): > File "/Users/jhihn/Qt/5.12.4/ios/mkspecs/features/uikit/devices.py", line > 78, in > if is_suitable_runtime(runtimes, runtime_name, args.platform, > args.minimum_deployment_target): > File "/Users/jhihn/Qt/5.12.4/ios/mkspecs/features/uikit/devices.py", line > 53, in is_suitable_runtime > and "unavailable" not in runtime["availability"] \ > KeyError: 'availability' > > Not sure if 5.12.5 or 5.13 will fix? But this part is not an issue, was due to a bad include path, ignore this part!!: > Curiously, my old legacy app is still working though. But compilation does > not stop and it gets through many of my own files until finally bombing out > at: > In file included from > /Users/jhihn/Projects/ios_mobile_app/ios/platformshim_ios.mm:1: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UIScreen.h:12: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UITraitCollection.h:13: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UIInterface.h:11: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UIColor.h:13: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreImage.framework/Headers/CoreImage.h:15: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreImage.framework/Headers/CIImage.h:10: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreVideo.framework/Headers/CoreVideo.h:29: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreVideo.framework/Headers/CVPixelBuffer.h:462: > In file included from > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreVideo.framework/Headers/CVPixelBufferIOSurface.h:26: > /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/IOSurface.framework/Headers/IOSurfaceRef.h:15:96: > error: expected ';' after top level declarator ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] TLS/SSL XML encryption security
On 10/8/19 5:00 AM, Thiago Macieira wrote: On Monday, 7 October 2019 15:43:21 PDT Roland Hughes wrote: No. This technique is cracking without cracking. You are looking for a fingerprint. That fingerprint is the opening string for an xml document which must be there per the standard. For JSON it is the quote and colon stuff mentioned earlier. You take however many bytes from the logged packet as the key size the current thread is processing and perform a keyed hit against the database. If found, great! If not, shuffle down one byte and try again. Repeat until you've exceeded the attempt count you are willing to make or found a match. When you find a match you try key or key+salt combination on the entire thing. Pass the output to something which checks for seemingly valid XML/JSON then either declare victory or defeat. That DOES work with keys produced by OpenSSL that was affected by the Debian bug you described. That's because the bug caused the problem space to be extremely restricted. You said 32768 (2^15) possibilities. Unless the key range 2^15 has been physically blocked from the generation algorithm, the database created for that still works ~ 100% of the time when the random key falls in that range. The percentage would depend on how many Salts were used for generation or them having created the unicorn, a perfectly functioning desalinization routine. A non-broken random generator will produce 2^128 possibilities in 128 bits. You CANNOT compare fast enough Does not matter because has nothing to do with how this works. Not the best, not the worst, just a set it and forget it automated kind of thing. It's taking roughly 8 bytes out of the packet and doing a keyed hit on the database. If found great! If not, it slides the window down one byte and performs a new 8 byte keyed hit. This is *NOT* a real time attack. Everything is independent. The sniffer wakes up once per day, checks how much space is left in one or more directories, if there is room for more packets, it reaches out and sniffs a few more. Either way, it goes back to sleep for a day. These attacks aren't designed for 100% capture/penetration. The workers are continually adding new rows to the database table(s). The sniffed packets which were not successfully decrypted can basically be stored until you decrypt them or your drives fail or that you decide any packets more than N-weeks old will be purged. You seem to be arguing for brute-force attacks until one gets lucky. That is possible. But the chances of being lucky in finding a key are probably worse than winning $1 billion in the lottery. Much worse. Not really, but I haven't had time to write this stuff because people keep interrupting me with direct mails. There are several things I want to deep dive on first. One of which is poking at some desalinization routines. The other, which really shouldn't be because such a thing would be taking us back to the 1970s is the few things I ran made it seem like the Salt had a ToD sensitivity. So it can happen. But the chance that it does happen and that the captured packet contains critical information is infinitesimal. When you are targeting a DNS address which has the sole purpose of providing CC authorization requests and responding to them, 100% of the packets contain critical information. Even the denials are important because you want to store that information in a different database. If you ever compromise any of those cards, sell them on the Dark Web cheap because they are unreliable. The success rate of such an attack improves over time because the database gets larger by the hour. Rate of growth depends on how many machines are feeding it. Really insidious outfits would sniff a little from a bunch of CC or mortgage or whatever processing services, spreading out the damage so standard track back techniques wouldn't work. The only thing the victims would have in common is that they used a credit card or applied for a mortgage but they aren't all from the same place. Sure, it improves, but probably slowly. This procedure is limited by computing power, storage and the operating costs. Breaking encryption by brute-force like you're suggesting is unlikely to produce a profit: it'll cost more than the gain once cracked. Crackers don't attack the strongest part of the TLS model, which is the encryption. They attack the people and the side-channels. Kids do. If correct that means they (the nefarious people) could have started their botnets, or just local machines, building such a database by some time in 2011 if they were interested. That's 8+ years. They don't_need_ 100% coverage. No, they don't need 100% coverage. But they need coverage such that the probability of matching is sufficient that it'll pay the operating costs. In 8 years, assuming 1 billion combinations generated every second, we're talking about 242 quadrillion combinations generated. Assuming 64 bits per entry and no overhead,
[Interest] import sitecustomize fails 5.12.4, OSX
I'm stuck in XCode hell. I upgraded XCode because I needed to work with a iPhone 11 (iOS 13), which required me to install XCode 11, which created issues. I started a new project and got: 11:27:26: Starting: "/usr/bin/make" clean -j4 'import sitecustomize' failed; use -v for traceback Traceback (most recent call last): File "/Users/jhihn/Qt/5.12.4/ios/mkspecs/features/uikit/devices.py", line 78, in if is_suitable_runtime(runtimes, runtime_name, args.platform, args.minimum_deployment_target): File "/Users/jhihn/Qt/5.12.4/ios/mkspecs/features/uikit/devices.py", line 53, in is_suitable_runtime and "unavailable" not in runtime["availability"] \ KeyError: 'availability' Not sure if 5.12.5 or 5.13 will fix? Curiously, my old legacy app is still working though. But compilation does not stop and it gets through many of my own files until finally bombing out at: In file included from /Users/jhihn/Projects/ios_mobile_app/ios/platformshim_ios.mm:1: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UIScreen.h:12: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UITraitCollection.h:13: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UIInterface.h:11: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/UIKit.framework/Headers/UIColor.h:13: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreImage.framework/Headers/CoreImage.h:15: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreImage.framework/Headers/CIImage.h:10: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreVideo.framework/Headers/CoreVideo.h:29: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreVideo.framework/Headers/CVPixelBuffer.h:462: In file included from /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/CoreVideo.framework/Headers/CVPixelBufferIOSurface.h:26: /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS13.0.sdk/System/Library/Frameworks/IOSurface.framework/Headers/IOSurfaceRef.h:15:96: error: expected ';' after top level declarator line 1 of platformshim_ios.mm is: #import And yes, I added the framework to LIBS Any help is appreciated. ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing questions for iOS and Android
Am Tue, 8 Oct 2019 10:16:45 +0300 schrieb Vyacheslav Lanovets : > 2 persons use *Mac* to make the app work on iOS (static linking!). what about going lgpl and delivering object files to enable relinking statically with another qt version? -- /* * Your lucky number has been disconnected. */ pgpdN4BcRTmDG.pgp Description: Digitale Signatur von OpenPGP ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing questions for iOS and Android
Hi Vyacheslav, Where are you located? It is probably easiest that our regional sales team or local reseller is in contact to discuss. Commercial Qt licensing is developer based, so each person working on the same project (e.g. same end user application) needs to have a commercial license. One person can use many machines to develop across multiple operating systems. The persons who are not developing with Qt, do not need a license (e.g. in case you have some part of the application not done with Qt). We have a FAQ to explain how Qt licensing works: https://www.qt.io/faq/ Yours, Tuukka On 08/10/2019, 10.19, "Interest on behalf of Vyacheslav Lanovets" wrote: I hope to hear expert opinions on the following. Let's say the company has 10 developers who develop a Mobile app for consumer phones. 2 persons use *Mac* to make the app work on iOS (static linking!). Another 2 persons work from PCs on supporting Android specifics (shared linking). All 10 have primary PC with Microsoft Visual Studio for regular development because it is faster. Also there is 2 build machines: 1 PC for generating Android builds. 1 Mac for generating iOS builds. So, how many licenses should the company pay for? 13 licenses (~4 euro a year)? Or 12? Or 10? Or just for 3 Macs? Or maybe only for 2 developer Macs? Has anyone investigated the case with the legals? Opinions? ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing questions for iOS and Android
> I hope to hear expert opinions on the following. > > Let's say the company has 10 developers who develop a Mobile app for > consumer phones. > > 2 persons use *Mac* to make the app work on iOS (static linking!). > Another 2 persons work from PCs on supporting Android specifics > (shared linking). > All 10 have primary PC with Microsoft Visual Studio for regular > development because it is faster. > Also there is 2 build machines: > 1 PC for generating Android builds. > 1 Mac for generating iOS builds. > > So, how many licenses should the company pay for? > 13 licenses (~4 euro a year)? Or 12? Or 10? Or just for 3 Macs? Or > maybe only for 2 developer Macs? I am not sure what the current licensing scheme is, however, following previous licensing models, I would not fault you for thinking that you need 10 licenses. FWIW, AFAICR, I've never heard of Qt licenses being dependent on development platform, and have always seen the number of developers and deployment platform be what governs. HTH, YMMV, IANAL. ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing
Uwe, You are completely mistaken! I'm more than happy to discuss this with you. My phone number is listed below. In the meantime please view https://www.qt.io/faq/ 2.13. If I have started development of a project using the open source version (LGPL), can I later purchase a commercial version of Qt and move my code under that license? "This is not permitted without written consent from The Qt Company. If you have already started the development with an open-source version of Qt, please contact The Qt Company to resolve the issue. If you are unsure of which license or version to use when you start development, we recommend you contact The Qt Company to advise you on the best choice based on your development needs." Best Regards, Melinda Seifert Regional Director of the Americas The Qt Company O: 617-377-7918 | M: 617-413-4479 Qt Customer Case Studies - https://resources.qt.io/customer-stories-all On 10/8/19, 3:54 AM, "Interest on behalf of Uwe Rathmann" wrote: On 10/8/19 1:21 AM, Melinda Seifert wrote: > You can use commercial if you previously used Open Source but it’s on > a case by case basis and you need to get approval from the Qt > company. Like you need to get approval from the Qt company when not having been Open Source before - it is the basic right of any seller not to sell. But your statement implies, that the Qt Company is blacklisting users because of contributing to Open Source projects. Am I already blacklisted because of offering code under an Open Source license ? How does this all fit to the Qt project, that is in parts based on contributions from Open Source developers. Am I invited to contribute to the code base, while not being allowed to buy my own contribution afterwards ? Uwe ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing questions for iOS and Android
Il 08/10/19 10:24, Yves Maurischat ha scritto: I dont think that you'll get a definitive answer from this list as The other side of the coin: this list is NOT for sales or detailed licensing questions. It's about technical questions related to the usage of Qt (and, specifically, the parts of it released by the Qt Project, not the Qt commercial-only addons). HTH, -- Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Senior Software Engineer KDAB (France) S.A.S., a KDAB Group company Tel. France +33 (0)4 90 84 08 53, http://www.kdab.com KDAB - The Qt, C++ and OpenGL Experts smime.p7s Description: S/MIME Cryptographic Signature ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing questions for iOS and Android
Let me answer that shortly with the gist of severeal other threads on this list: "It depends. Please contact the sales representatives of The Qt Company." I dont think that you'll get a definitive answer from this list as licensing seems to depend on your project, the mood of the sales rep, whether Mars and Jupiter align and a million other things. You'll have to work it out with someone from TQtC as their licensing scheme changes often, is mostly not really shared with outsiders (even with partners) and often applied on a case to case base. Mit freundlichen Grüßen | Kind regards, *Yves Maurischat* Senior Software Engineer basysKom GmbH Robert-Bosch-Str. 7 | 64293 Darmstadt | Germany Tel: +49 6151 870 589 -144 | Fax: -199 yves.maurisc...@basyskom.com | www.basyskom.com Handelsregister: Darmstadt HRB 9352 Geschaeftsfuehrende Partner: Heike Ziegler, Alexander Sorg Am 08.10.2019 um 09:16 schrieb Vyacheslav Lanovets: I hope to hear expert opinions on the following. Let's say the company has 10 developers who develop a Mobile app for consumer phones. 2 persons use *Mac* to make the app work on iOS (static linking!). Another 2 persons work from PCs on supporting Android specifics (shared linking). All 10 have primary PC with Microsoft Visual Studio for regular development because it is faster. Also there is 2 build machines: 1 PC for generating Android builds. 1 Mac for generating iOS builds. So, how many licenses should the company pay for? 13 licenses (~4 euro a year)? Or 12? Or 10? Or just for 3 Macs? Or maybe only for 2 developer Macs? Has anyone investigated the case with the legals? Opinions? ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] Licensing
On 10/8/19 1:21 AM, Melinda Seifert wrote: You can use commercial if you previously used Open Source but it’s on a case by case basis and you need to get approval from the Qt company. Like you need to get approval from the Qt company when not having been Open Source before - it is the basic right of any seller not to sell. But your statement implies, that the Qt Company is blacklisting users because of contributing to Open Source projects. Am I already blacklisted because of offering code under an Open Source license ? How does this all fit to the Qt project, that is in parts based on contributions from Open Source developers. Am I invited to contribute to the code base, while not being allowed to buy my own contribution afterwards ? Uwe ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest
Re: [Interest] TLS/SSL XML encryption security
On Monday, 7 October 2019 18:08:27 PDT Roland Hughes wrote: > There was a time when a Gig of storage would occupy multiple floors of > the Sears Tower and the paper weight was unreal. Have you ever heard of Claude Shannon? Anyway, you can't get more data into storage than there are possible states of matter. As far as our *physics* knows, you could maybe store a byte per electron. That would weigh 5 billion tons to store 16 * 2^128 bytes. We have absolutely no clue how to have that many electrons in one place without protons and without violating the Pauli Exclusion principle. > According to this undated (I *hate* that!) BBC Science article at some > point in time Google, Amazon, Microsoft and Facebook combined had 1.2 > million terabytes of storage. By your calculations, shouldn't putting > that much storage on one coast shifted the planet's orbit? How about you do some math before spouting nonsense? 1.2 million terabytes is 2^60 bytes. Which is NOWHERE NEAR the mass I talked about for 2^132 bytes. At the estimate I used of 21 ng/byte, the total is only 25200 metric tonnes. > As I said, the hackers don't need the entire thing. If they are sniffing > a CC processor handling a million transactions per day (not unreasonable > especially during back-to-school, on Saturday or during holiday shopping > season) > > https://www.statista.com/statistics/261327/number-of-per-card-credit-card-tr > ansactions-worldwide-by-brand-as-of-2011/ > > At any rate, enough rows in the DB to achieve a 1% penetration rate > gives them 10,000 compromised credit cards via an automated process. A > tenth of a percent is 1,000. Not a bad haul. Sure. How many entries in the DB do you need to generate a 0.1% hit rate? I don't know how to calculate that, so I'm going to guess that you need one trillionth of the total space for that. One trillionth of 2^128 possibilities is roughly 2^88. Times 16 bytes per entry, with no overhead, we have 2^92 bytes. Times 1 picogram per byte is 5 billion tons. More importantly, 2^92 bytes is orders of magnitude more storage than exists today. The NSA Datacentre in Utah is estimated to handle 12 exabytes, so let's estimate the total storage in existence today is 100 exabytes. That's 50 million times too little to store one trillionth of the problem space. I don't doubt that there are hackers that have dedicated DCs to cracking credit card processor traffic they may have managed to intercept. But they are not doing that by attacking the encryption. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel System Software Products ___ Interest mailing list Interest@qt-project.org https://lists.qt-project.org/listinfo/interest