Re: [Fwd: Open-Hardware]
Richard Stallman wrote: If something is harder to copy, it is ethically ok to have a different standard for this piece of technology. Seriously, that's what you're saying above. Because hardware may have to be copied by hand, you consider them ethically not the same. Yes, that's my position, for 20 years or more. I think that's the right place to make the distinction: between "you can copy it yourself" and "somebody can build more of them". I'm reading this right, the decision as to if something is right and wrong, ethical and non-ethical, is a function of how easy it is? Freedom is only important if you don't have to pay for it? Wow.
Re: how to create a sha256 hash
I've always used "sha1 -a sha256 filename", but I suppose cksum(1) would be the better command to use.. ;) -Nix Fan.
Apologies for the subject-less post...
I messed up while replying to a topic, won't happen again... hopefully.. -Nix Fan.
Re: how to create package example..
Perfect.. thanks.. This is exactly what I needed to learn how to do this. Sriram > Did you look at Bernd Ahlers' ports tutorial from OpenCON 2007? > OpenCON 2007 (among many interesting events) is mentioned here: > > http://www.openbsd.org/events.html > > Here is a direct link to the tutorial: > > http://www.openbsd.org/papers/opencon07-portstutorial/index.html
Re: delete deleted data
On 1/4/08, Jon <[EMAIL PROTECTED]> wrote:
> rm -P wont work... I looking to clean up deleted data ... not securely
> delete a file.
i was curious how they do this, but it's nothing fancier than creating
a big file and filling it up. i notice that they are using the magic
guttman incantation. i am inherently distrusting of anyone who does,
because it means they didn't really pay attention. nobody uses MFM or
RLL disks.
i was also curious how they claimed to clear inodes. so i looked at
the code, and technique is pretty weak. and the code is a complete
clusterfuck. regardless of whether it (mostly) works or not, i firmly
believe that such juvenile code should not be allowed near any secure
data.
void sdel_wipe_inodes(char *loc, char **array) {
char *template = malloc(strlen(loc) + 16);
int i = 0;
int fail = 0;
int fd;
if (verbose)
printf("Wiping inodes ...");
array = malloc(MAXINODEWIPE * sizeof(template));
strcpy(template, loc);
if (loc[strlen(loc) - 1] != '/')
strcat(template, "/");
strcat(template, ".xxx");
while(i < MAXINODEWIPE && fail < 5) {
__sdel_random_filename(template);
if (open(template, O_CREAT | O_EXCL | O_WRONLY, 0600) < 0)
fail++;
else {
array[i] = malloc(strlen(template));
strcpy(array[i], template);
i++;
}
}
FLUSH;
if (fail < 5) {
fprintf(stderr, "Warning: could not wipe all inodes!\n");
}
array[i] = NULL;
fd = 0;
while(fd < i) {
unlink(array[fd]);
free(array[fd]);
fd++;
}
free(array);
array = NULL;
FLUSH;
if (verbose)
printf(" Done ... ");
}
Re: how to create a sha256 hash
thanks antti. command is cksum -a sha256 filename jon On Jan 4, 2008 9:46 PM, Jason George <[EMAIL PROTECTED]> wrote: > >hi > > how to create a sha256 value for file in openbsd ? > > > > can you please provide the command similar to > > > >sha1 foobar > > > >or > > > >md5 foobar > > > > man cksum
Re: FW: Real men don't attack straw men
keeps objecting that he doesn't object.
Re: Open Source Article Spawns Interesting Ethical Question
On Jan 4, 2008 10:14 PM, L <[EMAIL PROTECTED]> wrote: > Todd Alan Smith wrote: > >> When someone asked him how to make a living of IT without using or > >> promoting non-free software, his answer was that you don't have to > >> work in the IT field to contribute to free software, and he'd prefer see > >> a kernel contributor being a taxi driver than administrating Windows > >> workstations (It may not be the very same words, but the intent is the > >> same). > ... > >> So I could be a gardener and contribute to projects I > >> estimate worthy. From a very abstract point of view, that's coherent. > ... > >> And as a gardener, I'm not sure software will > >> be my first source of problems. L, the above quoted text is not mine. You need to be more careful in the configuration of your replies. I, for one, would appreciate it. Todd > A gardener? Replicating vegetables and charging for them is unethical > and antisocial. > Seeds and plants can be replicated at virtually no cost, and it is fun > to do. > > http://z505.com/gng/free-gardening.htm > > And charging for consulting about the gardening.. is being a prostitute. > Why would you want to unethically charge an hourly fee to discuss > gardening? You are holding back something that you should be giving all > your head to, for free. When I speak of freedom, I speak of free sex, > not cost. > > > http://z505.com/gng/
Re: Advice requested on security issues
On 1/4/08, Rusty Gadd <[EMAIL PROTECTED]> wrote: > 1: The P3 will only ever connect to bank websites, which I have to assume > are 'clean' (I might be able to disable scripting for some sites). However > malware may conceivably infect the main PC. Am I right in assuming I need to > run PF within OBSD on the P3 to protect against possible intrusion across > the LAN? Would this be enough? Also even within this minimal installation, > are there services which I could/should disable? you may or may not find this helpful. you should consider how much money you have, how many other people have that much or more money, how many of those people only use a windows pc to do their banking, and how many would-be thieves capable of infecting all those windows machines would decide to spend the extra effort figuring out your installation in order to exploit it instead of settling for only all the money of all the windows users. i actually have a similar setup, but have no concerns about the windows machine attacking the openbsd machines.
Re: how to create a sha256 hash
On Fri, Jan 04, 2008 at 09:30:36PM -0800, Jon wrote: > hi > how to create a sha256 value for file in openbsd ? See the "-a" option to cksum(1). or Type "apropos sha256" at the prompt, pick something that looks promising (e.g., SHA256_Init) and open its man page. Don't get dejected if the first thing you try isn't what you might have hoped to see. Take a peek at the "SEE ALSO" section of the man page for something that looks promising. Continue as necessary. The first works in this case, but the second (supported by the FAQ, the various mailing list archives and a bit of patience) seems to work pretty much all the time (mutatis mutandis). At least it does on OpenBSD.
Re: Open Source Article Spawns Interesting Ethical Question
And as a gardener, I'm not sure software will be my first source of problems. L, the above quoted text is not mine. You need to be more careful in the configuration of your replies. I, for one, would appreciate it. Todd Sincere apologies.. It was a double > > and your name should have been removed, or the original person should have been left above you. I am getting used to Thunderbird, but it is definitely my fault for confusing that conversation. L505
FW: Re: how to create package example..
Forgot to CC [EMAIL PROTECTED] - Forwarded message from Mike Erdely <[EMAIL PROTECTED]> - Date: Sat, 5 Jan 2008 00:55:00 -0500 From: Mike Erdely <[EMAIL PROTECTED]> Subject: Re: how to create package example.. To: Jon <[EMAIL PROTECTED]> Download ports.tar.gz. Extract it in /usr. Look at /usr/ports/geo/openbsd-developers. It's a perfect port that doesn't download anything or build anything. It' has a file that's in ./files that gets copied to the "fake" area and then added to a package. Refer to that port and man 5 bsd.port.mk for the meanings of the variables and Makefile targets (like do-install). It's perfect for what you're looking for and not a hack way to do something in a different way than is designed. -ME On Fri, Jan 04, 2008 at 09:24:03PM -0800, Jon wrote: > Not doing any thing strange.. just want to create a binary (foobar) > and create a package so I can add it.** Why I want to do that is > not the question. I know I can tar the install location with +CONTENT > and +DESC etc.. and get done with it.. I would like to know how to > use pkg_create or the ports for a sw that is not current ports > directory. > > I have tried using the ports and working with an example, and it seems > like it is beyond my understanding. It works with what ever is in the > ports, but I can't seem to replicate it > > All I need is a ** screen dump ** of a creating a package for a > software dist that is not in the default ports. Can some one help > provide that examples - with out pointing out a rtfm / source code for > a bsd.mk etc.. I have tried and can't seem to understand - so please > do put a command of pkg_create with dummy variables.. > > many thanks.. > > On Jan 3, 2008 3:52 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote: > > On 2008/01/03 15:04, Jon wrote: > > > I understand the value and usefulness and the reccomendation of Ports.. > > > This > > > is for my own software. I have also searched the net for examples and > > > can't > > > find any. > > > > You'd have to be doing something _very_ strange for there to be any > > advantage in not just making your own port and typing "make package", > > the tgz file will then appear in /usr/ports/$ARCH/all. You don't have > > to distribute that port at all. It doesn't even have to build the > > software, just unpacking a tar file would be perfectly ok (like the > > Opera and Acrobat ports do). (Note that even these "PERMIT_*=no" > > ports still build a package locally. EVERY installation from the > > ports tree is done by building a package and using pkg_add). > > > > If you still really must, all OpenBSD packages are produced using > > the ports tree, so you can find several thousand examples there. > > Pick something, "make fake" then "make -n _internal-package-only" > > to see how pkg_create is called. > > > > If you want more than this, well, you know where to find the source :-) > - End forwarded message -
Re: Real men don't attack straw men
http://directory.fsf.org/project/Windows32API/ http://directory.fsf.org/project/wxwindows/ http://wxwindows.org/about/credits.htm see the acknowledgment from one of the softwares endorsed by FSF your favourite organization. == Thank you to Microsoft for donating a copy of Visual C++ 6.0 to help wxWidgets compile on this version of the compiler (for a Virginia Tech course). We do not refuse to list a program merely because it mentions a non-free platforms on which it runs. I've explained that already. I don't like the warm and positive attitude towards Microsoft expressed by that thank-you. If wxwindows were a GNU package I would ask the developers to change that. But wxwindows is not a GNU package, and I doubt I have veryx much credit with its developers. I'd rather not use it on this.
Re: Real men don't attack straw men
My favorite organization, the FSF, was not involved. If > any of "my friends" were involved, they did not inform me. > Good friends you have then. More likely they aren't my friends. You may have noticed that the Linux developers disagree with my philosophy. I know very few of them, and they wouldn't listen to me about anything. If you and they have a dispute about some legal issue, I will leave it to lawyers.
Re: [Fwd: Open-Hardware]
If something is harder to copy, it is ethically ok to have a different standard for this piece of technology. Seriously, that's what you're saying above. Because hardware may have to be copied by hand, you consider them ethically not the same. Yes, that's my position, for 20 years or more. I think that's the right place to make the distinction: between "you can copy it yourself" and "somebody can build more of them". First of all, VHDL/Verilog are source code. Don't look anything like a plan. The crucial thing about source code is that you can compile it and run it. (And also that you can edit it -- which can be done with VHDL/Verilog code.) Also, you don't need your very own fab. There are plenty of fabs out there that will gladly take your source/plan and turn it into a nice chip or two for you. It's even semi-affordable if you stick to the larger feature sizes. I don't think this brings us to the point where hardware plans become morally equivalent to software. Perhaps in the future there will come a time when we can all copy computer hardware, or all produce computer hardware from plans (in VHDL or whatever form). At that point I will conclude that we should insist on making hardware from free plans. In the mean time, however, I don't think we need to do this.
Re: Real men don't attack straw men
Before you argue that ReactOS is merely a free implementation of Win32 API, let me clarify: if the purpose of ReactOS isn't to run some Windows-only software S, then what is the purpose of ReactOS? if S was free, it wouldn't be Windows-only as it would have ported to free OS's. I don't object to implementing free software to support APIs that users use. There is a lot of non-free software written for the Lose32 API, but there is also a lot of private (unreleased) software which runs on that API. Thus, its use is not only for running proprietary software. I would ask the developers of platforms that run the Lose32 API to tell the users that running proprietary Windows apps is not freedom.
Re: [Fwd: Open-Hardware]
> But I think the FPGAs in products are more like the possible computer > in my microwave oven: nobody installs software in them, so they might > as well be circuits. Really? All those wifi/raid/cpu/etc cards/chips out there that need "firmware", you think they're not a mix of both microcontroller code and other binary bits that configure an ASIC or FPGA? I am not a hardware expert; I don't know sort of hardware the firmware blobs run on. I will presume you're right. Whether it runs on a computer or an FPGA, either way it's a program. So the next crucial question is, do users normally install programs on that device? For some devices, the answer is no. However, if the firmware is stored in a file on the disk, and the system downloads it into the device, the answer to that question is yes. That is the case where I object to the non-free firmware blobs.
Re: FW: Real men don't attack straw men
I was a bit curious about what would someone who reads web-sites by using a wget daemon through e-mails whose own web-site looks like... well... Apache httpd 2.0.54 ((Debian GNU/Linux) DAV/2 SVN/1.2.0 PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e) I use wget for personal reasons. I have nothing against running a web site. I don't endorse Debian, but I don't object to getting free software from Debian (or from OpenBSD) and installing it. As for Subversion, I don't know why it is mentioned there, but I have nothing against using Subversion. It is free software. This continues the pattern of straw men. Over and over, people on this list criticize me for doing something which neither I nor anyone else here actually thinks is wrong.
Re: Real men don't attack straw men
The "wget" he uses is worse. You can download any non-free software with it and it does not warn the user at all!!! I don't object to general-purpose tools just for being general.
Re: how to create a sha256 hash
On Fri, Jan 04, 2008 at 09:30:36PM -0800, Jon wrote: > hi > how to create a sha256 value for file in openbsd ? > > can you please provide the command similar to > > sha1 foobar > > or > > md5 foobar man 1 cksum
Re: how to create package example..
On Fri, Jan 04, 2008 at 09:24:03PM -0800, Jon wrote: > Not doing any thing strange.. just want to create a binary (foobar) > and create a package so I can add it.** Why I want to do that is > not the question. I know I can tar the install location with +CONTENT > and +DESC etc.. and get done with it.. I would like to know how to > use pkg_create or the ports for a sw that is not current ports > directory. > > I have tried using the ports and working with an example, and it seems > like it is beyond my understanding. It works with what ever is in the > ports, but I can't seem to replicate it > > All I need is a ** screen dump ** of a creating a package for a > software dist that is not in the default ports. Can some one help > provide that examples - with out pointing out a rtfm / source code for > a bsd.mk etc.. I have tried and can't seem to understand - so please > do put a command of pkg_create with dummy variables.. > > many thanks.. Did you look at Bernd Ahlers' ports tutorial from OpenCON 2007? OpenCON 2007 (among many interesting events) is mentioned here: http://www.openbsd.org/events.html Here is a direct link to the tutorial: http://www.openbsd.org/papers/opencon07-portstutorial/index.html
Re: how to create a sha256 hash
On Fri, 4 Jan 2008, Jon wrote: how to create a sha256 value for file in openbsd ? can you please provide the command similar to sha1 foobar From sha1(1): The sha1 command is shorthand for cksum -a sha1 The cksum(1) command can also be used to compute digests from the SHA-2 family: sha256, sha384 and sha512. -- Antti Harri
Re: how to create a sha256 hash
>hi > how to create a sha256 value for file in openbsd ? > > can you please provide the command similar to > >sha1 foobar > >or > >md5 foobar > man cksum
how to create a sha256 hash
hi how to create a sha256 value for file in openbsd ? can you please provide the command similar to sha1 foobar or md5 foobar thanks
Re: how to create package example..
Not doing any thing strange.. just want to create a binary (foobar) and create a package so I can add it.** Why I want to do that is not the question. I know I can tar the install location with +CONTENT and +DESC etc.. and get done with it.. I would like to know how to use pkg_create or the ports for a sw that is not current ports directory. I have tried using the ports and working with an example, and it seems like it is beyond my understanding. It works with what ever is in the ports, but I can't seem to replicate it All I need is a ** screen dump ** of a creating a package for a software dist that is not in the default ports. Can some one help provide that examples - with out pointing out a rtfm / source code for a bsd.mk etc.. I have tried and can't seem to understand - so please do put a command of pkg_create with dummy variables.. many thanks.. On Jan 3, 2008 3:52 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2008/01/03 15:04, Jon wrote: > > I understand the value and usefulness and the reccomendation of Ports.. This > > is for my own software. I have also searched the net for examples and can't > > find any. > > You'd have to be doing something _very_ strange for there to be any > advantage in not just making your own port and typing "make package", > the tgz file will then appear in /usr/ports/$ARCH/all. You don't have > to distribute that port at all. It doesn't even have to build the > software, just unpacking a tar file would be perfectly ok (like the > Opera and Acrobat ports do). (Note that even these "PERMIT_*=no" > ports still build a package locally. EVERY installation from the > ports tree is done by building a package and using pkg_add). > > If you still really must, all OpenBSD packages are produced using > the ports tree, so you can find several thousand examples there. > Pick something, "make fake" then "make -n _internal-package-only" > to see how pkg_create is called. > > If you want more than this, well, you know where to find the source :-)
Re: Advice requested on security issues
Rusty Gadd wrote: > I am seeking advice on the security aspects of the configuration of my home > system. I have 2 PC's, connected to the internet via a firewalled NAT > router. The main PC is an i386 P4 used for general computing, the second is > an older i386 P3 which I intend to dedicate to internet banking for maximum > security. I have installed OpenBSD on the P3 with just the xfce4 window > manager and the Mozilla Firefox browser. Both PC's have separate printers. > > 1: The P3 will only ever connect to bank websites, which I have to assume > are 'clean' (I might be able to disable scripting for some sites). However > malware may conceivably infect the main PC. Am I right in assuming I need to > run PF within OBSD on the P3 to protect against possible intrusion across > the LAN? Would this be enough? Also even within this minimal installation, > are there services which I could/should disable? See the home page of the OpenBSD website. That "Two holes in the default install in 10 years" applies directly to your situation. If you can put OpenBSD bare on the 'net "safely", I suspect your home network is no worse. :) Sure, if you run PF on that machine and have eliminated those two remaining security holes. Certainly not a bad thing. One can make a case for running PF on almost every OpenBSD machine, but administration becomes a bit more difficult for what is often minimal benefit. Your PF rules would probably just block all incoming traffic and pass outgoing traffic. Or if you want to make sure it is used only for your desired app, block everything outbound 'cept for that traffic destined to your desired locations (note: this is a lot of "fun" to maintain). If you gotta ask, don't disable things. You will more likely hurt yourself than help. In order for your "general purpose" machine to impact your OpenBSD machine you would need to be running some app on the OpenBSD machine that is vulnerable to attack. So, in general, just don't add anything to the machine you don't need, and in your case, "default install" is about right. > 2: Space for the P3 is limited and I would like to remove its printer and > print bank statements across the LAN on the main PC (running Linux, or maybe > FreeBSD in future) using CUPS. Does this introduce security risks? Some. Not much. If you end up (accidentally) running a poorly written service on your OpenBSD machine, yes you could be attacked. Even if you are initiating contact with a compromised machine, it *might* be able to send something back at you that could choke your app and cause Bad Things to happen. The sad thing is you are being more careful with your system design than your bank probably is. :-/ By the time you are running OpenBSD on your banking computer, I suspect you have shifted the primary risk to the other end of the wire...your bank is a bigger risk to your data than you are. Nick.
Re: Open Source Article Spawns Interesting Ethical Question
Todd Alan Smith wrote: When someone asked him how to make a living of IT without using or promoting non-free software, his answer was that you don't have to work in the IT field to contribute to free software, and he'd prefer see a kernel contributor being a taxi driver than administrating Windows workstations (It may not be the very same words, but the intent is the same). ... So I could be a gardener and contribute to projects I estimate worthy. From a very abstract point of view, that's coherent. ... And as a gardener, I'm not sure software will be my first source of problems. A gardener? Replicating vegetables and charging for them is unethical and antisocial. Seeds and plants can be replicated at virtually no cost, and it is fun to do. http://z505.com/gng/free-gardening.htm And charging for consulting about the gardening.. is being a prostitute. Why would you want to unethically charge an hourly fee to discuss gardening? You are holding back something that you should be giving all your head to, for free. When I speak of freedom, I speak of free sex, not cost. http://z505.com/gng/
Re: Richard Stallman...
Maxim Bourmistrov wrote: > Yes, as this continues you have to say something Theo, but. > I personally prefer the moto "If you want it right - you have to do > it yourself". > > So please Theo stop wasting your time and continue with your > development of OpenBSD. > The energy you wasting to reply this flame is taken from OpenBSD > project. > > "So stfu and work!" > > P.S. > The last one should be interpreted as "Do what you suppose to do!" Theo and the other developers do what they do because they want to, not because you want them to. Seriously, how can you tell him to "Shut the F**k up"?... who do you think "you" are? -Nix Fan.
Re: delete deleted data
2008/1/5, Jon <[EMAIL PROTECTED]>: > rm -P wont work... I looking to clean up deleted data ... not securely > delete a file. > > Just create a file and filling it with /dev/zero until it takes up all the free spaces, then rm -P that file. Or just use an encrypted file system next time you set up an OS, that you don't have to worry about free space inside your encrypted partitions, but the encryption strength. -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: delete deleted data
rm -P wont work... I looking to clean up deleted data ... not securely delete a file. On Jan 4, 2008 5:45 PM, Ted Unangst <[EMAIL PROTECTED]> wrote: > On Jan 4, 2008 3:55 PM, Jon <[EMAIL PROTECTED]> wrote: > > Ok.. well seeing how I got 2 usefull responses after some 30 emails > > with most others just randomly emailing _crap_ I decided to search the > > web based on the suggestions from Hannah. (the first responder) > > > > I think I am going to try working with THC-SecureDelete > > (http://freeworld.thc.org/releases.php?o=1&s=4) which seems to be > > working of the more popular delete algorithms. > > see my last email. if rm -P isn't good enough, that won't be either.
Re: delete deleted data
On Jan 4, 2008 3:55 PM, Jon <[EMAIL PROTECTED]> wrote: > Ok.. well seeing how I got 2 usefull responses after some 30 emails > with most others just randomly emailing _crap_ I decided to search the > web based on the suggestions from Hannah. (the first responder) > > I think I am going to try working with THC-SecureDelete > (http://freeworld.thc.org/releases.php?o=1&s=4) which seems to be > working of the more popular delete algorithms. see my last email. if rm -P isn't good enough, that won't be either.
Re: Open Source Article Spawns Interesting Ethical Question
On Jan 4, 2008 5:47 PM, dermiste <[EMAIL PROTECTED]> wrote: > On Jan 4, 2008 11:41 PM, Paul de Weerd <[EMAIL PROTECTED]> wrote: > > For some reason, earlier mail on the strawllman-thread did not make it > > to the list. I'm copying parts of some of these mails inline. Note > > that both mails were CC:'ed to misc@ (so they were intended to end up > > on the list. As such, i don't think using them inline here is a > > problem) > > > > > However, I expect you're exaggerating when you say that your situation > > > is that grave. There are many jobs people can do in the Netherlands. > > > If you lost this particular job -- which could happen for many reasons > > > -- the result would most likely just be some discomfort. > > > > I've been working in IT for well over 10 years now. I can promise you > > that, had I denounced non-free software, I would not have been able to > > pay for my food or my rent/mortgage for the past 10 years. > > > > I very much enjoy working with free software. Some of that stuff is > > simply amazing. But it is not of this world to think that more than a > > handful of people can make their living without ever touching non-free > > software in this world. If you're waiting for this to happen : dont > > hold your breath. > > > > Yes, there are many jobs people can do in the Netherlands (and in > > other countries). My point is that most (if not all) IT-jobs require > > the employee to somehow interface with non-free software. In the > > general case, you can not simply refuse to work with non-free software > > and expect to keep your job. > > > > Paul 'WEiRD' de Weerd > > In February 2004, Mr Stallman did a keynote at an event held in Paris > called "Solutions Linux" (or stg along theses lines) about free software. > When someone asked him how to make a living of IT without using or > promoting non-free software, his answer was that you don't have to > work in the IT field to contribute to free software, and he'd prefer see > a kernel contributor being a taxi driver than administrating Windows > workstations (It may not be the very same words, but the intent is the > same). > > FOS projects being what they are, they do not require any kind of > qualification to participate, only the final product (code, doc) is taken > in account. So I could be a gardener and contribute to projects I > estimate worthy. From a very abstract point of view, that's coherent. > > But contributing is not an abstract process: a contributor has to run > into a problem to solve it. Personnally, I never managed to solve a > problem I couldn't grasp. And as a gardener, I'm not sure software will > be my first source of problems. Another point is if contributions are > my only contact with software, the range of my perceptions will be > greatly narrowed. You can't expect creativity to come from this > overconstrained setup: solutions often come from the 10.30 coffee > break, when you discuss with your colleagues. > > So, I'm the first one to say we should judge on the results not the look, > but I think it's way harder to write quality code when not in IT. I thought you were leading up to a last clause of, "but I think it's way harder to know which quality code to write, when not in IT." To which I would have answered, "But what about the public bug tracking system? Wouldn't that suffice for highlighting, to a person not employed in IT (but still a hacker), the code that needs to be written?" Todd
Re: delete deleted data
On Fri, Jan 04, 2008 at 03:55:41PM -0800, Jon wrote: > Ok.. well seeing how I got 2 usefull responses after some 30 emails > with most others just randomly emailing _crap_ I decided to search the > web based on the suggestions from Hannah. (the first responder) > > I think I am going to try working with THC-SecureDelete > (http://freeworld.thc.org/releases.php?o=1&s=4) which seems to be > working of the more popular delete algorithms. Hi, I haven't read every message in this thread, and I can't be bothered to do it just now ;-) I did want to mention svnd(4), vnconfig(8), et al. Depending on your needs it may be even better to keep everything in encrypted form the whole time. If someone has already mentioned this then sorry for the noise. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: delete deleted data
Ok.. well seeing how I got 2 usefull responses after some 30 emails with most others just randomly emailing _crap_ I decided to search the web based on the suggestions from Hannah. (the first responder) I think I am going to try working with THC-SecureDelete (http://freeworld.thc.org/releases.php?o=1&s=4) which seems to be working of the more popular delete algorithms. Jon- On Jan 3, 2008 2:55 PM, Jon <[EMAIL PROTECTED]> wrote: > > hi folks, > > again - the thread is deviating from the original request. windows has a > open source software called erase (http://www.heidi.ie/eraser/features.php). > the question is what is a software that would work similarly in OpenBSD. > > let the people who want to grind/hammer/burn/snort etc.. do what they want.. > > All I want is to ensure that my current disks don't have any recoverable data > with out affecting the OS installed on it. > > -jon
Re: Richard Stallman...
On Fri, Jan 04, 2008 at 02:29:38PM +, Rui Miguel Silva Seabra wrote: > On Fri, Jan 04, 2008 at 07:35:16PM +0530, Mayuresh Kathe wrote: > > Could we all please stop responding to his emails as well as emails > > from trollers like Rui Seabra? > > F.Y. You are the troll. > Why didn't you answer my mail Rui ? You are a troll. Gilles -- Gilles Chehade
Re: delete deleted data
Just FYI about security of deleted data.. I purchase used computers for parts every so often. Many of them have working hard drives in them. For fun, I analyze the hard drive out and see what I can find.. just as a little game of mine. When I run my undelete/recovery tools on them I can see basically everything the previous owner had on the drive.. including passwords. Some of the stuff may be overwritten.. but not much. I don't look at the stuff for malicious use, I just do it out of curiosity to study whether or not formatted drives really are secure. And I can say for sure they are not secure. I don't go in looking at each password I recovered or anything either.. i basically just confirm for fun that I can recover the disk.. it's a cheap thrill and only someone with no life would do such a thing. me. Actually there was a goal in all this.. it was to find the best undelete tool that worked generically in the most situations. And yes I found a few for MS Winblows that worked very well, since most computers I buy had ms windows on them. One thing I found was that some undelete tools are not nearly as good as others. I thought many of them used similar algorithms.. but some of them really worked much better and completely differently L505
Re: Open Source Article Spawns Interesting Ethical Question
On Jan 4, 2008 11:41 PM, Paul de Weerd <[EMAIL PROTECTED]> wrote: > For some reason, earlier mail on the strawllman-thread did not make it > to the list. I'm copying parts of some of these mails inline. Note > that both mails were CC:'ed to misc@ (so they were intended to end up > on the list. As such, i don't think using them inline here is a > problem) > > > However, I expect you're exaggerating when you say that your situation > > is that grave. There are many jobs people can do in the Netherlands. > > If you lost this particular job -- which could happen for many reasons > > -- the result would most likely just be some discomfort. > > I've been working in IT for well over 10 years now. I can promise you > that, had I denounced non-free software, I would not have been able to > pay for my food or my rent/mortgage for the past 10 years. > > I very much enjoy working with free software. Some of that stuff is > simply amazing. But it is not of this world to think that more than a > handful of people can make their living without ever touching non-free > software in this world. If you're waiting for this to happen : dont > hold your breath. > > Yes, there are many jobs people can do in the Netherlands (and in > other countries). My point is that most (if not all) IT-jobs require > the employee to somehow interface with non-free software. In the > general case, you can not simply refuse to work with non-free software > and expect to keep your job. > > Paul 'WEiRD' de Weerd In February 2004, Mr Stallman did a keynote at an event held in Paris called "Solutions Linux" (or stg along theses lines) about free software. When someone asked him how to make a living of IT without using or promoting non-free software, his answer was that you don't have to work in the IT field to contribute to free software, and he'd prefer see a kernel contributor being a taxi driver than administrating Windows workstations (It may not be the very same words, but the intent is the same). FOS projects being what they are, they do not require any kind of qualification to participate, only the final product (code, doc) is taken in account. So I could be a gardener and contribute to projects I estimate worthy. From a very abstract point of view, that's coherent. But contributing is not an abstract process: a contributor has to run into a problem to solve it. Personnally, I never managed to solve a problem I couldn't grasp. And as a gardener, I'm not sure software will be my first source of problems. Another point is if contributions are my only contact with software, the range of my perceptions will be greatly narrowed. You can't expect creativity to come from this overconstrained setup: solutions often come from the 10.30 coffee break, when you discuss with your colleagues. So, I'm the first one to say we should judge on the results not the look, but I think it's way harder to write quality code when not in IT. -- Vincent
Re: FW: Real men don't attack straw men
Rui Miguel Silva Seabra wrote: On Fri, Jan 04, 2008 at 02:49:45PM -0800, Ted Unangst wrote: On Jan 4, 2008 2:31 PM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: What I find even more hysterical is your lack of english comprehension, for what I said is that restrictions against commercial usage make it proprietary, not that I need that piece of software. you still don't get to make up new definitions for proprietary. Neither do you, so you could spare everyone by not keeping this thread going. Rui This thread was started by Stallman, not the OpenBSD folks. That said I think it is important for OpenBSD developers to tell us users what a complete and unsolicited fucknut you are so that we, the users, don't get the impression you have any kind of authority. Anyway it has now been communicated what a blatant fucksteak you are so now that everyone knows, feel free to stop posting to the thread. Regards Johan M:son Lindman
Re: FW: Real men don't attack straw men
Rui Miguel Silva Seabra wrote: know what proprietary means. if you don't understand the big words, stop using them. you also totally failed to comprehend the license. No, I understood it quite well. Yes, no I did not understood it nor not quite never well. what i find even more hysterical is your claim that running a 5 year old rogue clone is needed to get your work done. What I find even more hysterical is your lack of english comprehension, for what I said is that restrictions against commercial usage make it proprietary, not that I need that piece of software. Rui Last time I tried to download VirtualBox emulator (GPL'd), they would not let a company download the binary compiled versions of VirtualBox for commercial use... i.e. they were restricting my commercial use of the software only to source code copies, which is obnoxious and restrictive. To me and 99 percent of other companies, only the binaries are the things we care about for the working emulator package. Having the source code is an additional nice extra to have, but not essential. Personal users are of course allowed to download the VirtualBox binaries - but companies are forced to download the obnoxious sources only. GPL software can therefore be proprietary software (since your definition of proprietary software is restricting the commercial users). Several GNU softwares out there restrict the binaries from companies or restrict other factors.. such as documentation and consulting (which could be recorded on audio tapes and copied millions of times instead).
Re: FW: Real men don't attack straw men
Rui Miguel Silva Seabra wrote: Neither do you that's insulting.
Re: Is Visiting the gnewsense website or downloading it actively promoting the use of non-free software?
On 1/4/08 7:51 PM, Siju George wrote: http://www.gnewsense.org/FAQ/FAQ#toc3 Ah, don't forget to look here: http://lists.gnu.org/archive/html/gnewsense-users/2007-11/msg00042.html with: as we go along we find out now and then that we've got non-free software. Some scripts have been written to help automate these checks, but it still takes "too long". and I don't believe that any package manager has built-in support for license issues and this is something that I think is a technical flaw that harms our distro .. I don't know how to "find" binary blobs. I dont' know what they look like in the source, so I'm almost totally useless as to determining non-license freedom And reaction: http://wiki.gnewsense.org/ForumMain/WhatSucksAboutGNewSense Yes it is hard to find non-free software in a distribution. It is probably much easier to start from scratch and add from day one only free software to your distribution. So you don't have to check existing packages, you just know that you have add only free software. Creating a distribution from scratch is probably to much work. So we have to go the second way: Build upon an existing distribution. GnewSense has waste already a lot of time with PFV. "package freedom verification" Time in which Gnewsense could have create a real good and up-to-date distribution. I think that's bad for GnewSense because thereby Gnewsense lost it's momentum. Just look at the mailinglist it calls itself a "users"-list but i haven't seen any users question/discussion for a really long time. So the overall question is how we can make PFV easier so that we can concentrate more on creating an exciting distribution instead of putting all our effort in checking licenses? For me the answer is clear. Gnewsense should build upon a distribution which already really cares about freedom. I can think about two possible distribution: (Debian and Fedora are mentioned, no OpenBSD "of course"...) I know the question upon which distribution Gnewsense should buid on was discussed many times before. But using a distribution which bases on a quite good distribution (in the sense of freeness) and adds non-free components looks like a bad decision. We see and feel this bad decisions more and more. Gnewsense struggles now for months to get Gnewsense 100% free. We could get this much cheaper with a different distribution and concentrate more on making a exciting distribution which attract (many) new users.
Re: Real men don't attack straw men
On Jan 4, 2008, at 14:26, "Ted Unangst" <[EMAIL PROTECTED]> wrote: On Jan 4, 2008 1:22 AM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: Otherwise why should he repeatedly say some thin that is not proprietary as proprietary even after being informed by tedu and others? Because for me it is proprietary when I can't run it in a commercial context. you clearly don't know what proprietary means. if you don't understand the big words, stop using them. you also totally failed to comprehend the license. what i find even more hysterical is your claim that running a 5 year old rogue clone is needed to get your work done. No he's claiming that not being able to use a five year old rogue clone in a commercial setting is a great injustice and unethical. See now that makes perfect sense. NOT.
Re: CCC 2007 / 202c
On Jan 4, 2008 9:20 AM, Lars Noodin <[EMAIL PROTECTED]> wrote: > Some here were at CCC 2007. How was it and what plans are there to > correct the recent anti-competency legislation rolled out in Germany? go check www.vorratsdatenspeicherung.de. (If that's what you're referring to) I don't have much more information, but I think I'll have to check all this very soon, given how the French government wants to legalize trojan horses ... well of course it's to fight against terrorism and mafias, but it does not make it a realistic solution ... Do you think they'll forbid OpenBSD use, with its source code being clear and available :-p ? > Regards, > -Lars
Re: FW: Real men don't attack straw men
On Fri, Jan 04, 2008 at 02:49:45PM -0800, Ted Unangst wrote: > On Jan 4, 2008 2:31 PM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > > What I find even more hysterical is your lack of english comprehension, > > for what I said is that restrictions against commercial usage make it > > proprietary, not that I need that piece of software. > > you still don't get to make up new definitions for proprietary. Neither do you, so you could spare everyone by not keeping this thread going. Rui -- Umlaut Zebra |ber alles! Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: Open Source Article Spawns Interesting Ethical Question
For some reason, earlier mail on the strawllman-thread did not make it to the list. I'm copying parts of some of these mails inline. Note that both mails were CC:'ed to misc@ (so they were intended to end up on the list. As such, i don't think using them inline here is a problem) On Thu, Jan 03, 2008 at 11:31:51PM -0700, Theo de Raadt wrote: | Don't worry. You can ask rms if your behaviour is ethical. He'll set | you straight, and tell you to stop working for those companies and | instead suckle off your McArthur Idiot grant. Quiting your job at those companies is just 'some discomfort' : On Tue, Dec 18, 2007 at 10:16:02PM +0100, Paul de Weerd wrote: > Helping people install non-free programs puts food on my plate. In > fact, it enables me to make financial contributions to OpenBSD. It is > of vital importance to me that I can install non-free programs, I > literally need it to survive. > > I don't think you will step up to the plate to support me financially > when I decide to denounce non-free software and get fired as a > consequence. So I do think I should help people install non-free > programs. They want me to do so, so I do it. On Wed, Dec 19, 2007 at 07:53:12PM -0500, Richard Stallman wrote: > Helping people install non-free programs puts food on my plate. In > fact, it enables me to make financial contributions to OpenBSD. It is > of vital importance to me that I can install non-free programs, I > literally need it to survive. > > If someone points a gun at you and tells you to install non-free > software, I would not criticize you for going along with him. I > wouldn't ask anyone to lay down his life for the free software > movement. > > However, I expect you're exaggerating when you say that your situation > is that grave. There are many jobs people can do in the Netherlands. > If you lost this particular job -- which could happen for many reasons > -- the result would most likely just be some discomfort. [note that, although I am Dutch, I currently do not live (or work) in the Netherlands] In the real world, people have jobs that, at the end of the day, pay for the food on their plates and the roofs over their heads. In our current world there are *very few* jobs in IT that do not deal with non-free software in one way or another. >From my own experience, I've started as a Windows and NetWare guy. Totally non-free software. I moved to supporting UNIX systems (HPUX, Solaris and AIX with some Linux systems (with non-free parts added) mixed in), mostly non-free software. I moved on to be admin of a mail platform for a Dutch ISP. Much FreeBSD and other free software but we had to use Windows for certain (administrative) tasks and were required to use non-free anti-virus solutions. Then, I moved to another ISP where I did UNIX support (for many different types of UNIX, both free and non-free) and network admin for Cisco IOS and Junipers JunOS (cisco routers and switches and juniper equipment could be considered "appliances" like a microwave, still the software that runs on them is non-free). I'm currently working for an American software company in Switzerland, using mostly Linux for its servers. The software my colleagues create (and ask me to install on those Linux servers) is highly proprietary. I've been working in IT for well over 10 years now. I can promise you that, had I denounced non-free software, I would not have been able to pay for my food or my rent/mortgage for the past 10 years. I very much enjoy working with free software. Some of that stuff is simply amazing. But it is not of this world to think that more than a handful of people can make their living without ever touching non-free software in this world. If you're waiting for this to happen : dont hold your breath. Yes, there are many jobs people can do in the Netherlands (and in other countries). My point is that most (if not all) IT-jobs require the employee to somehow interface with non-free software. In the general case, you can not simply refuse to work with non-free software and expect to keep your job. Paul 'WEiRD' de Weerd | > On Jan 4, 2008 9:48 AM, Ioan Nemes <[EMAIL PROTECTED]> wrote: | > > You confusing the issue! The software market - where you sell your product | > > (i.e., software) is unethical, | > > distorted and manipulated, and not by the ethical software crafters! | > | > Why is the software market unethical? Because there are some bad | > apples? Gee, that makes pretty much every single business sector | > unethical. Unless you're trying to say that selling software in itself | > is unethical but that's bullshit. | > Who are the ethical software crafters? Does simply not charging money | > for your software make you ethical? | > Most OSS, for example, can be, and is, used by governments to oppress | > the people. Does that make working on OSS unethical? | > | > --- | > Lars Hansson | -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<--
Re: FW: Real men don't attack straw men
On Jan 4, 2008 2:31 PM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > What I find even more hysterical is your lack of english comprehension, > for what I said is that restrictions against commercial usage make it > proprietary, not that I need that piece of software. you still don't get to make up new definitions for proprietary.
Re: FW: Real men don't attack straw men
On Fri, Jan 04, 2008 at 02:26:12PM -0800, Ted Unangst wrote: > On Jan 4, 2008 1:22 AM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > > > Otherwise why should he repeatedly say some thin that is not > > > proprietary as proprietary even after being informed by tedu and > > > others? > > > > Because for me it is proprietary when I can't run it in a commercial > > context. > > you clearly don't know what proprietary means. if you don't > understand the big words, stop using them. you also totally failed to > comprehend the license. No, I understood it quite well. > what i find even more hysterical is your claim that running a 5 year > old rogue clone is needed to get your work done. What I find even more hysterical is your lack of english comprehension, for what I said is that restrictions against commercial usage make it proprietary, not that I need that piece of software. Rui -- Or not. Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: delete deleted data
If you never write cleartext, there is nothing to recover. http://dlock.com.tw/ Kevin (P.S. I might be a satisfied dLock customer, if only they'd make it easier to buy their product!)
Re: FW: Real men don't attack straw men
On Jan 4, 2008 1:22 AM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > > Otherwise why should he repeatedly say some thin that is not > > proprietary as proprietary even after being informed by tedu and > > others? > > Because for me it is proprietary when I can't run it in a commercial > context. you clearly don't know what proprietary means. if you don't understand the big words, stop using them. you also totally failed to comprehend the license. what i find even more hysterical is your claim that running a 5 year old rogue clone is needed to get your work done.
Re: delete deleted data
On Fri, Jan 04, 2008 at 11:22:16AM +0100, Otto Moerbeek wrote: > > I can do two more: . and .. Damn. Split it with you 3 ways... :) -Toby. -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Puffy 'Wizard of OS' (Was: Re: Richard Stallman...)
chefren wrote (shortened): Don't forget to take a look at the unforgettable "all talk no action" character with GNU horns "behind the curtain" on the paperwork of the OpenBSD 3.7 release CD. http://openbsd.org/lyrics.html#37 OK, I promised myself I wouldn't respond again to this thread or its children, but... The Puffy 'Wizard of OS' sequence is really cute. I hadn't seen that one before. I have to admit that the artwork was one of the things that attracted me to OBSD. -Ken
Re: Richard Stallman...
Yes, as this continues you have to say something Theo, but. I personally prefer the moto "If you want it right - you have to do it yourself". So please Theo stop wasting your time and continue with your development of OpenBSD. The energy you wasting to reply this flame is taken from OpenBSD project. "So stfu and work!" P.S. The last one should be interpreted as "Do what you suppose to do!" On 4 jan 2008, at 18.08, Theo de Raadt wrote: > I actually prefer that it does continue. > > I note that Richard also says that AROS is a free operating system. > > Oh really? Did he not notice the web page where AROS includes > software which emulates an Amiga perfectly, and to do this talks > about stealing the ROM from a real Amiga machine? > > Is that not the largest blob stolen, ever? > > http://aros.sourceforge.net/documentation/users/applications/euae.php > > And did Richard even check their License page, to notice that it > has numerous revocation clauses? > > You are no Academic. You don't belong anywhere near MIT campus. You > just plain don't know how to do research, and then you go around > spreading mistruths. > > Richard, you are such a hypocrite. You don't matter any more in > this world. > >> We're all tired of explaining to Richard Stallman about how he's >> wrong. >> It somehow isn't registering with him, that, or he's not willing to >> accept his position of being wrong. >> >> Either ways, by replying to his emails we are creating more noise >> than >> required and giving him more importance than is due. >> >> Could we all please stop responding to his emails as well as emails >> from trollers like Rui Seabra? >> >> Lets just ignore them and focus on our war cry of "Shut-up and Hack". >> >> As a special power, let only Theo respond to Stallman's emails, that >> way there isn't a lot of commotion and only the heavy weights slug it >> out. >> >> And for heaven's sake, please don't respond to this email on the >> list, >> if you feel strongly about it, mail me offlist. >> >> Best, >> >> ~Mayuresh > Best regards Maxim Bourmistrov mailto: [EMAIL PROTECTED] tfn.: +46735461332
Is Visiting the gnewsense website or downloading it actively promoting the use of non-free software?
Dear RMS, from the data I get from below http://toolbar.netcraft.com/site_report?url=http://www.gnewsense.org I just wonder if the gnewsense OS is being distributed through the very non free OSes http://www.gnewsense.org/FAQ/FAQ#toc3 you denounce. Perhaps the website is run by gnewsense itself and netcraft wrongly identifies it as Ubuntu. But since you actively promote gnewsense it would be good to study that and clarify it to people --Siju
Re: Richard Stallman...
On 1/4/08 7:14 PM, Siju George wrote: http://redfox.redfoxcenter.org/gallery/main.php?g2_itemId=15560 is the man who is spreading all these lies about other decent Free Software developers. If you haven't seen him yet! Don't forget to take a look at the unforgettable "all talk no action" character with GNU horns "behind the curtain" on the paperwork of the OpenBSD 3.7 release CD. http://openbsd.org/lyrics.html#37 or more precise: http://openbsd.org/images/37song.gif +++chefren
Re: Richard Stallman...
On Jan 4, 2008 10:38 PM, Theo de Raadt <[EMAIL PROTECTED]> wrote: > > You are no Academic. You don't belong anywhere near MIT campus. You > just plain don't know how to do research, and then you go around > spreading mistruths. > > Richard, you are such a hypocrite. You don't matter any more in > this world. > This http://redfox.redfoxcenter.org/gallery/main.php?g2_itemId=15560 is the man who is spreading all these lies about other decent Free Software developers. If you haven't seen him yet!
Re: Improving disk reliability
On 1/4/08 6:22 PM, Douglas A. Tutty wrote: How well do tapes written with one drive read on another? Good, provide you use serious designed tape drives. > Presuably, drives don't last for 30 years. .. How robust are the drives? How well do they age? It's difficult to speak for other makings but Exabyte always made it's newer generation drives read compatible with older generations. Most drives are in production for say 5 years, so the first 10 years are more or less covered. We are paid by a Dutch police department to keep 2 different generations of tape readable by unsupported Exabyte drives. We do so by carefully storing the last new drives we could buy and using a few other drives each month for backup operations and storing and not touching a few other good ones from different production series for spare parts. We are nearing 20 years of reliable reading tapes without any problem. I don't foresee problems for the next 5 years. +++chefren
Re: FW: Real men don't attack straw men
that's right, it's there! eh, Richard, my mom told me once that it is the best thing to tell truth, even when the truth is salty, as when you start to lie, you cannot stop and eventually you get all your lies exposed. Server: Apache/2.0.54 (Debian GNU/Linux) DAV/2 SVN/1.2.0 PHP/4.3.10-22 mod_ssl/2.0.54 OpenSSL/0.9.7e this sums it all up. jeez, that much for those principles of yours! gosh! to think of it... when i was in school, i read in a journal (a soviet one at that time) about great Richard Stallman, which fought the corporations by creating free software and the software was better than the commercial competition. i thought then "wow, that's the man, he's so great!". now, that's a *disappointment* to see that the "great man freeing the world" in reality is behaving like irrelevant, lying politician. Theo's right, absolutely "Richard, you are a lying hypocritical irrelevant man." You've completely lost your way, irrelevant, having many people that listen to you, you speak irresponsibly. and you're not sorry a bit. br, the judging reader On Jan 4, 2008 5:56 AM, Sunnz <[EMAIL PROTECTED]> wrote: > Hmmm Mr. Stallman is this your home page: stallman.org > > I was a bit curious about what would someone who reads web-sites by > using a wget daemon through e-mails whose own web-site looks like... > well... > > Apache httpd 2.0.54 ((Debian GNU/Linux) DAV/2 SVN/1.2.0 PHP/4.3.10-22 > mod_ssl/2.0.54 OpenSSL/0.9.7e) > > And I thought you do not 'endorse' Debian nor Subversion? > > I am ready to hear what kind of exception rule you would to define next.
Advice requested on security issues
I am seeking advice on the security aspects of the configuration of my home system. I have 2 PC's, connected to the internet via a firewalled NAT router. The main PC is an i386 P4 used for general computing, the second is an older i386 P3 which I intend to dedicate to internet banking for maximum security. I have installed OpenBSD on the P3 with just the xfce4 window manager and the Mozilla Firefox browser. Both PC's have separate printers. 1: The P3 will only ever connect to bank websites, which I have to assume are 'clean' (I might be able to disable scripting for some sites). However malware may conceivably infect the main PC. Am I right in assuming I need to run PF within OBSD on the P3 to protect against possible intrusion across the LAN? Would this be enough? Also even within this minimal installation, are there services which I could/should disable? 2: Space for the P3 is limited and I would like to remove its printer and print bank statements across the LAN on the main PC (running Linux, or maybe FreeBSD in future) using CUPS. Does this introduce security risks? Any helpful comments would be much appreciated. Russell
Re: Improving disk reliability
On Thu, Jan 03, 2008 at 11:40:44PM -0800, Ted Unangst wrote: > On 1/3/08, Douglas A. Tutty <[EMAIL PROTECTED]> wrote: > > I thought that there was a trend in the industry away from tapes toward > > hard-drive-based systems, e.g. virtual tape libraries that are basically > > large file servers with far more capacity than throughput. If bitrot is > > a serious concern, perhaps they have a way to monitor the condition of > > the drives. > > there's a difference between archives and backups. videos of the poop > factory learning to walk need to be archived until the end of time. a > receipt for your tuna sandwich needs to be backed up until the taxman > cometh. in most cases, your data doesn't need to be rapture ready. I like "poop factory" :) So if videos of George need to be kept until the end of time: Videos used to be on tape. Tape keeps a long time. Now videos are digital. Are we suggesting that to keep our digital videos of George we need to go out and buy a DLT to store our digital videos of George? Is this progress or what! I know that DLTs are good for a long time on the shelf. How well do tapes written with one drive read on another? Presuably, drives don't last for 30 years. I don't have room in my bank safety deposit box to put a spare DLT so if disaster strikes, I'll be buying a replacement drive to use with my old tapes. How robust are the drives? How well do they age? In other words, is buying one off eBay a safe bet? I can't afford a new one. Then there's practical matters of living in Canada: most stuff on eBay comes from the USA. Theres a nasty border between us. Eventhough the dollar is abour par and we have NAFTA, there is still the VISA card exchange rate, customs brokers charge a fee, and its been reported recently that if customs needs to search a truck, the charge through the roof and pass that fee as a surcharge onto the importers. All-in-all, while everyting can go smoothly, it can also go poorly. Anybody know of a good cheap DLT in Canada? Doug.
Re: Richard Stallman...
I actually prefer that it does continue. I note that Richard also says that AROS is a free operating system. Oh really? Did he not notice the web page where AROS includes software which emulates an Amiga perfectly, and to do this talks about stealing the ROM from a real Amiga machine? Is that not the largest blob stolen, ever? http://aros.sourceforge.net/documentation/users/applications/euae.php And did Richard even check their License page, to notice that it has numerous revocation clauses? You are no Academic. You don't belong anywhere near MIT campus. You just plain don't know how to do research, and then you go around spreading mistruths. Richard, you are such a hypocrite. You don't matter any more in this world. > We're all tired of explaining to Richard Stallman about how he's wrong. > It somehow isn't registering with him, that, or he's not willing to > accept his position of being wrong. > > Either ways, by replying to his emails we are creating more noise than > required and giving him more importance than is due. > > Could we all please stop responding to his emails as well as emails > from trollers like Rui Seabra? > > Lets just ignore them and focus on our war cry of "Shut-up and Hack". > > As a special power, let only Theo respond to Stallman's emails, that > way there isn't a lot of commotion and only the heavy weights slug it > out. > > And for heaven's sake, please don't respond to this email on the list, > if you feel strongly about it, mail me offlist. > > Best, > > ~Mayuresh
Re: Improving disk reliability
On 1/3/08 11:35 PM, Douglas A. Tutty wrote: On Thu, Jan 03, 2008 at 05:10:59PM +0100, knitti wrote: .. this is becoming OT, but I can't recommend storing HDDs as "real" backup solution either. HDDs _do_ have bitrot, and one should at least, say, once a year, verify that the *whole* disk is readable, ensuring that sectors which are not yet completely unreadable get remapped. Vaulting a DVD or a HDD for five years or more leaves you in both cases with the real possibility of data loss. If neither hard drives nor CD/DVDs are a good backup soluton, and networking the backup to another computer's hard drive (which then presumably also has the bitrot problem) isn't an option, and a DLT or whatever tape drive is too expensive: Then what other options are there? CF, USB stick? Just look at the specs! Basically magnetics detoriate very slowly compared to about any other technique used for storage. However, for harddisks the bit's are not seriously read after write the way it is done with good tape drives: A good tape drive verifies if a bit has enough magnetisation to make it readable after 30 years (Exabyte specified it that way). If the magnetisation is not enough for that the whole block will be rewritten. Since a tape is very robust compared to a harddisk, that's actually a very complicated system with alligned heads, software and electronic parts that age (diffusion of atoms!) so for backup nothing comes close to a good tape. If you use a disk array for backup just consider it a test system but not as a backup. +++chefren
Re: WAY OT:Re: delete deleted data
Diana Eichert wrote: > > Eric if you were in MI (I really want to make a joke, but I won't) > then you know that techniques related to data recovery from hard > drives would be classified. The intelligence community is not > prone to publicaly publish whitepapers on their operations. > > diana > I know how they do it. I have a friend who knows a guy that once worked for some government agency. Once my friend's friend had a bit too much to drink at a dinner party and he spilled the beans. He said that they divide the hard disk platters by zero and the data just automatically reassembles itself. He never actually saw it done, but he's positive that is the method used. Apparently only God and Governments actually know how to divide by zero :) -- View this message in context: http://www.nabble.com/delete-deleted-data-tp14560809p14619902.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: FW: Real men don't attack straw men
> > > FYI, I continually remove people from the CC on mailing-list posts. > > > > Yet you have no idea whether these people are subscribed to these > > mailing lists. > > If they are not, why do their emails get into the mailing list? Because they sent it to it. > Some moderator enjoys letting flames come up? That's even more > interesting... This list is not moderated. Sometimes I wish it was. > > Isn't it rude to prevent people from receiving answers they are > > seeking? Not everyone not subscribed to this list will end his/her > > messages with a ``please cc: me as I am not subscribed'' notice, because > > they expect people to do the right thing. Which is ``reply to all''. > > Their problem. I could apply the same attitude to people who complain about getting the same message twice.
Re: delete deleted data
Greg Thomas wrote: Myth? Have you read this: http://www.nber.org/sys-admin/overwritten-data-guttman.html? You still haven't convinced me as to why I should believe a tax analyst's rebuttal to a data security analyst's paper. Feenberg has no expertise in this area, and Gutmann does. You're both trying to prove a negative, him by asking an Australian homicide investigator and you by sending your drive to one data-recovery company.
Re: [Fwd: Open-Hardware]
On Jan 3, 2008 10:49 AM, Richard Stallman <[EMAIL PROTECTED]> wrote: >The free software foundation shall not be called free software >foundation.. it shall be called Stallmanist Foundation and the >philosophies are to be outlined as Stallmanism.. not free software. > > If you want to campaign for a philosophical stand about software and > trees, you are entitled to do so. I don't think we will change the > name of the free software movement for you, though. Sorry. Uhmm. Care to share your perspective regarding the name in light of the following recollections from Michael Zeleny, RMS? http://google.com/group/rec.arts.books/msg/cf1768c0e213d438?dmode=source "As a personal note, back in 1985, I was deceptively expelled from the Free Software Foundation, to which I gave its name, by the underhanded dealing of Richard Stallman, whose allies took exception to my argument that "Free" meant just what it said. [...] is most gratifying to see the open source movement finally outgrow the ideology of Frenetics, which was the name RMS had originally favored for his private charity." http://groups.google.com/group/rec.arts.books/msg/a558fd18a4e90340?dmode=source "Once upon a time, RMS wanted software to be as free as air. Based on this claim, I suggested that he name a repository for the same, "Free Software Foundation". Had I known that "free as air" meant something else altogether, our misunderstanding would have been avoided." TIA. regards, alexander.
Re: delete deleted data
On 1/4/08 3:03 AM, Greg Thomas wrote: On Jan 3, 2008 5:21 PM, Harpalus a Como <[EMAIL PROTECTED]> wrote: Myth? Have you read this: http://www.nber.org/sys-admin/overwritten-data-guttman.html? Why are you so upset about this? Myth's that compel people to waste time and energy should be destroyed. It's not myth. Have you read this or any of the papers referenced here: http://www.nber.org/sys-admin/overwritten-data-guttman.html? Pretty sound text but proves nothing, you have to live with it that you don't know. As pointed out, if enough money is involved chances are there that recovery is possible. DDR Stasi agents and American embassy people in Iran all destroyed paper with military grade paper destroyers and it has proved to be readable. Also keep in mind what Diana wrote: Intelligence people need to keep things secret. If it was known they "could" break a type of code people would start using other codes that they cannot break. That would always lead to a seriously unwanted arms race. I can add to that: Police people are by nature even less interested in cracking techniques because for sound justice they have to be clear about their methods and sources. Police will tell you which locks are good for your door as long as they are sure they can get in themselves if necessary. +++chefren
Re: Rui Miguel Silva Seabra
On 1/4/08, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > > Yet, I'm the "asshole" ? > Will wonders never cease? You got it right for once. Congrats! Now quit while you're ahead.
Re: Rui Miguel Silva Seabra
On Thursday 03 January 2008, Dusty wrote: > Rui Miguel Silva Seabra only ever contributes to this list when its > in a flame war, and always to take up a contrary point of view. He > has proved only one thing. Trolls do exist and their primary form of > communication is to point and grunt. > What Rui says is so stupid, its not even wrong. > > Kindest Regards > Dusty > > Please Rui, dont reply, you'll only prove my point. Go troll > somewhere else. Hi Dusty, I'm certainly not an apologist or sympathizer. If you check the archives, you'll find I'm one of the folks who has argued against Rui, and Stallman, and other GNU/FSF folks. Though I fiercely disagree with their views, finding their dissenting views on this list is a sign of healthy interaction. This list, and the world, would be far worse if people were too afraid of attacks to voice an unpopular opinion. If you really think about it, this list, and OpenBSD itself, exist because someone had an "unpopular" opinion about doing things "right" and he had the stones to keep voicing his opinion in spite of the countless personal attacks he has endured. Though I cannot speak for Rui, Stallman or anyone else, I've personally learned a lot by stating my opinions and being challenged by people who often know better, or who merely see things in a way I've never really considered. I've been here for more than a decade and I *still* get things wrong, and get corrected, and learn from it. We all do. If we're lucky or smart, we even learn from watching others get it wrong and get corrected on these public lists. Sure, the constant yammering gets old, but vocal disagreement is still better than repression. Scrutiny of a dissenting view is better than suppression, apathy or neglect. Though it might be extremely annoying, it's still better to let them blither, and continue to challenge their views, than it is to try to stop them from blithering. --Even if Rui, or Stallman, or whoever decides to maintain their views, someone else who is quietly reading the exchange might actually learn from it. Kind Regards, JCR
Re: WAY OT:Re: delete deleted data
this is way off OT but I'll reply anyway. :-) On Fri, 4 Jan 2008, Eric Furman wrote: You throw out this document like it proves anything. I was in the military. I was in Military Intelligence (yes, I know. Hold the jokes) I also had some experience with the degaussing and destruction of disks. This does not prove *anyone* not even a government can recover the data from a completely overwritten disk. Not everything the government or the military does is necessary. Sometimes precautions are taken well above what anyone might even imagine might be possible. Sorry if I sound in any way confrontational. I just would really like to know. Eric if you were in MI (I really want to make a joke, but I won't) then you know that techniques related to data recovery from hard drives would be classified. The intelligence community is not prone to publicaly publish whitepapers on their operations. diana
Re: delete deleted data
Just a little point. Sometimes precautions are taken not so much for the sake of what can be done today but what someone might figure out how to do in the future. I am not an engineer, but the explanation that I have heard of how data is read from a wiped drive sounds plausable (if not possible) given that the equiptment is available. Who's to say that next week or next year someone won't come up with a way of reading data from a wiped drive by a method that we haven't even thought of? After all... man was never supposed to be able to: -fly -break the sound barrier -understand women oh wait... that last one I really do believe is impossible. s
WAY OT:Re: delete deleted data
On Thu, 03 Jan 2008 16:08:08 -0800, "Marco S Hyman" <[EMAIL PROTECTED]> said: > "Brad Tilley" writes: > > performed from the OpenBSD 4.2 install CD. I'll send it to the one > > 'ISO Certified' company that agreed to examine it. If they cannot > > You keep throwing around the 'ISO Certified' tag as if it had some > special meaning. Certified to what standard? It makes a difference. > If they are certified to the 9001 standard, for example, all it means > is that they have written procedures and they follow them. That's > all it means. > > ISO 9001 certification is actually pretty easy to get. The companies > that fail to get it are trying to hard. They come up with procedures > that sound great but are impossible to follow. That's not what > certification means. > > If I have a software company and write up a procedure that says > "all code will be developed on a laptop while sitting in a Starbucks" > and actually follow that procedure, then I can be an "ISO Certified" > company. > > As for disk destruction... I don't know nor pretend to know what can > and can not be recovered. Take a look at > > https://www.dss.mil/portal/ShowBinary/BEA%20Repository/new_dss_internet/isp/odaa/documents/clear_n_san_matrix_06282007_rev_11122007.pdf > > The DSS (Defense Security Service, part of the DoD) calls what you have > done "clearing" the disk. It does not "sanitize" the disk. To sanitize > you need to either degauss or destroy the disk. You throw out this document like it proves anything. I was in the military. I was in Military Intelligence (yes, I know. Hold the jokes) I also had some experience with the degaussing and destruction of disks. This does not prove *anyone* not even a government can recover the data from a completely overwritten disk. Not everything the government or the military does is necessary. Sometimes precautions are taken well above what anyone might even imagine might be possible. Sorry if I sound in any way confrontational. I just would really like to know.
Re: delete deleted data
On Thu, 3 Jan 2008 20:21:27 -0500, "Harpalus a Como" <[EMAIL PROTECTED]> said: > Myth? Why are you so upset about this? It's not myth. > > The techniques involved in recovering data in the manner Marco and the > NSA, > DoD, and many others describe isn't a matter of running a simple software > tool. It's a long, slow, annoying process that is also costly. But it is > possible. Hearsay. >Not every company or person in the forensics industry is a > master > at their job. If they say it's not possible, perhaps it's just "not > something their software package does for them?" (I'm not trying to be > derogatory, but I do know a guy who does computer forensics work, and the > software/hardware he uses is about all he knows. He just goes through the > motions. Doesn't know all that much about filesystems or disks.) > > Why are you so hellbent on proving everybody wrong, to the point of > actually > shipping your drive off? Because myths and misinformation should always be dispelled. > It's by no means a myth. If it is, there are a > number of companies and government institutions interesting in how they > recover data in this fashion if it's "not possible." Hearsay. I'm having a hard > time > believing > On Jan 3, 2008 7:54 PM, new_guy <[EMAIL PROTECTED]> wrote: > > > Marco S Hyman wrote: > > > > > > "Brad Tilley" writes: > > > > performed from the OpenBSD 4.2 install CD. I'll send it to the one > > > > 'ISO Certified' company that agreed to examine it. If they cannot > > > > > > You keep throwing around the 'ISO Certified' tag as if it had some > > > special meaning. Certified to what standard? > > > > > > > I'm just parroting the *one* data recover company's marketing hype that > > agreed to take the drive. They make this claim: > > > > "ISO 9001 - 2000 certified" > > > > I'm working on putting a website up now where I'll fully disclose the > > details. Lots of pictures and details. I will attribute the dd used to > > OpenBSD (the best OS on the planet bar none... although the dd on the > > install CD did not support the conv option... I would have liked to have > > done conv=noerror,sync). I plan to ship the drive off tomorrow. I plan to > > put this myth to rest... where it belongs. > > -- > > View this message in context: > > http://www.nabble.com/delete-deleted-data-tp14560809p14608861.html > > Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: delete deleted data
On Thu, 3 Jan 2008 20:35:11 -0500, "Douglas A. Tutty" <[EMAIL PROTECTED]> said: > On Thu, Jan 03, 2008 at 04:08:08PM -0800, Marco S Hyman wrote: > > > As for disk destruction... I don't know nor pretend to know what can > > and can not be recovered. Take a look at > > > > https://www.dss.mil/portal/ShowBinary/BEA%20Repository/new_dss_internet/isp/odaa/documents/clear_n_san_matrix_06282007_rev_11122007.pdf > > > > The DSS (Defense Security Service, part of the DoD) calls what you have > > done "clearing" the disk. It does not "sanitize" the disk. To sanitize > > you need to either degauss or destroy the disk. > > > > The NIST article that (I think) started this thread says that it (the > document) applies to commercial-grade privacy but not to > government-grade classified material. In other words, there's an > implied difference between the ability of a commercial data recovery > company and a major government. > > So, you have to look at who your adversary is and the value of the data. > If the value is less than the drive, then clear the disk and sell it. > If you are keeping the disk in-house but just re-allocating it, then > clear the disk and re-use it. However, if the agency you wish to not be > able to read the disk has the backing of a major government: > > 1:distroy the disk > 2:distroy the computer (the document actually says this re RAM > chips) > 3:re-evaluate the whole concept of using a computer at all, > expecially if the hardware is at risk of being "stolen" (seized, > confiscated, etc). > > If the data on the drive has always been in encrypted form, then you > have to evaluate the strength of the encryption vs. the strength of the > adversary. People keep quoting what governments can do. This is nothing but hearsay. Please point out one single source, one actual documented source not what some friend of a friend said they saw some guy do, that actually shows someone recovered data from a completely overwritten disk. If there is proof of this I would honestly like to be proven wrong. I have had a casual interest in this for several years (and no, not for any illicit purpose, just casual curiosity) and I have yet to come across any proof it is possible. Not formatting or damage(even fire) or deletion, complete overwriting. I am aware of what commercial data recovery companies can do and as far as I have been able to ascertain this is not within there realm or *anyones* realm.
Re: [Fwd: Open-Hardware]
On 1/3/08 10:55 AM, Richard Stallman wrote: I think you have misinterpreted the principles that I believe in and live by. You certainly don't live by what you preach. You are pointed at not one but various facts to the contrary. It would be good if you admitted so and stepped over to the only software distribution that is to your standards. > I hope my explanations will help. Not one bit. To the contrary, this is an eye opener for lots of people who thought you have sound principles, they now see that the "important" part is clueless. You should give in that it is clueless to put the DRM bit in BSD that makes it GPL and sets programmers and companies less free than they could be. And if you look at results of your church you can see that religious DRM bit isn't necessary at all, churchless, more scientific, OpenBSD allows people to live to your standards =and= all other standards. +++chefren
Re: FW: Real men don't attack straw men
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sent: Thursday, January 03, 2008 3:21 PM To: misc@openbsd.org Subject: Re: FW: Real men don't attack straw men Daniel Ouellet wrote: > >Rui Miguel Silva Seabra wrote: >>> On Thu, Jan 03, 2008 at 12:33:26PM -0700, Theo de Raadt wrote: >>> Rui Miguel Silva is continually making you guys remove [EMAIL PROTECTED] >>> from the cc's of your messages. >> >> FYI, I continually remove people from the CC on mailing-list posts. >> >> I consider it rude to receive duplicate email. > >Except in his case, He is not subscribe to the list and if you don't cc >him, he will simply not get it. > It appears that even if you _do_ cc him, he doesn't get it...
Re: Rui Miguel Silva Seabra
On Fri, Jan 04, 2008 at 02:01:44PM +, Rui Miguel Silva Seabra wrote: > > Yet, I'm the "asshole" ? > Aye, a right prick.
Re: Improving disk reliability
Hi! On Fri, Jan 04, 2008 at 02:47:11AM -0500, Nick Guenther wrote: >On 1/3/08, knitti <[EMAIL PROTECTED]> wrote: >> On 1/3/08, Marius Hooge <[EMAIL PROTECTED]> wrote: >> > I personally don't recommend backups to CD/DVD. >> > They degenerate rather "quickly" depending on their quality and >> > the storage humidity. >> > Unlike a USB/Firewire harddisk inside your fire-, water-, emp-proof >> > safe/vault. ;-) >> > But make shure to set some kind of reminder to update your backup. >> this is becoming OT, but I can't recommend storing HDDs as "real" >> backup solution either. HDDs _do_ have bitrot, and one should at least, >> say, once a year, verify that the *whole* disk is readable, ensuring that >> sectors which are not yet completely unreadable get remapped. Vaulting >> a DVD or a HDD for five years or more leaves you in both cases with the >> real possibility of data loss. >How would you verify the whole disk is readable? dd if=/dev/... of=/dev/null; echo $? >And if it's all >readable, how do you ensure the data is still the same pattern you put >on before? Store checksums, e.g. mtree with appropriate options to store md5/sha1/sha256 along. Unlikely that bitrot keeps that correct. >-Nick Kind regards, Hannah.
Re: Richard Stallman...
On Fri, Jan 04, 2008 at 07:35:16PM +0530, Mayuresh Kathe wrote: > Could we all please stop responding to his emails as well as emails > from trollers like Rui Seabra? F.Y. You are the troll. Rui -- Keep the Lasagna flying! Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: FW: Real men don't attack straw men
Rui, I kindly ask you to not remove Richards's e-mail, since he is as interested as everyone else who follows this thread. Richard does not receive duplicated e-mail, since he is not in misc@openbsd.org, so don't hesitate to add him. Greetings.
Richard Stallman...
Hello, We're all tired of explaining to Richard Stallman about how he's wrong. It somehow isn't registering with him, that, or he's not willing to accept his position of being wrong. Either ways, by replying to his emails we are creating more noise than required and giving him more importance than is due. Could we all please stop responding to his emails as well as emails from trollers like Rui Seabra? Lets just ignore them and focus on our war cry of "Shut-up and Hack". As a special power, let only Theo respond to Stallman's emails, that way there isn't a lot of commotion and only the heavy weights slug it out. And for heaven's sake, please don't respond to this email on the list, if you feel strongly about it, mail me offlist. Best, ~Mayuresh
Re: FW: Real men don't attack straw men
On Fri, Jan 04, 2008 at 05:44:59PM +0530, Siju George wrote: > :-) that was to the guy who called you a troll right? > I said perhaps you are a paid FSF mercenary or as you accused me > "delusional" :-) I wish I was paid to only work on Free Software, I'd be much more productive. Rui -- Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: Rui Miguel Silva Seabra
On Fri, Jan 04, 2008 at 07:19:03AM -0600, Jacob Yocom-Piatt wrote: > i couldn't help but notice his initials are RMSS, not so far from RMS. > perhaps this is a nome de plume for that other weaselly contrarian, mr. > stallman. Yet you couldn't help notice the relation with the name as being more relevant than whatever passed through your mind? Yet, I'm the "asshole" ? Rui -- Umlaut Zebra |ber alles! Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: Real men don't attack straw men
On Dec 14, 2007 9:49 PM, Richard Stallman <[EMAIL PROTECTED]> wrote: >You *can't relicense* code under your choice without the author consent >period! > > That BSD license gives permission for almost any kind of use, > including distributing the code under other licenses. I don't think so. The recipient of BSDL'd material gets a copyright license from the original licensor -- without the middleman getting a chance to do anything at all regarding granting some or all of the copyright rights that middleman received as a licensee. The middleman may or may not grant rights to his modifications though. > The only requirement is not to remove the BSD license statement itself. And that means what? Well, you might want to wget and check out http://opensourcelaw.biz/publications/papers/BScott_BSD_The_Dark_Horse_of_Open_Source_070112lowres.pdf "What is the legal effect of being required to retain "this list of conditions". Are they just there for show? Do they have some other effect? In determining this, a court will look to the objective meaning of the clause and, potentially, the objective intention of the original licensor. In this case, the actual subjective intention of the party granting the license (and what they thought the words meant) is irrelevant.8 What the court is looking to determine is what the reasonable person (ie an idealized and dispassionate citizen who is called on to assess the scope of the license) would make of the words.9 Consider first the warranty disclaimer. If there is a requirement to "retain" a copy of the warranty disclaimer in a redistribution, is a court likely to say the warranty disclaimer is intended to be effective or not? For example, could the disclaimer be retained but framed by a redistributor in such a way that the disclaimer had no legal force?10 It is likely that the reasonable person would read the license and think that the licensor intended that the warranty disclaimer was to be retained without qualification. A similar argument could be made about clause 5 (which prohibits endorsements). On this analysis, the warranty disclaimer travels with the distribution and the redistributor has no ability to qualify it. The question then becomes what about the other clauses? What about clause 2 which permits "redistribution and use" of the source form? If, in the case of the warranty disclaimer, the objective intention of the requirement to "retain" or "reproduce" the warranty disclaimer is that the warranty disclaimer cannot, by the manner of its retention, be limited in its application or scope. Why should the same reasoning not apply to the terms in the "list of conditions"? Moreover, if the disclaimer and endorsement prohibition are operative as conditions, what basis can there be for arguing that the other clauses are not? If the other license terms are operative, then the combined effect of clauses 2 and 3 is that redistribution of the source form must occur on the terms of the NBSDL." > > Another message raised the question of what relicensing means and > whether that involves changes to the code. When I say "relicensing" I > mean distributing the code with another license applied. That doesn't > mean deleting the old license. > > The concept of relicensing... I don't think that "relicensing" is legally a well defined term. You must mean the concept of sublicensing, I suppose. (The act of sublicensing is what happens when a licensee becomes a licensor to some other party by granting some or all of the rights that they received as a licensee.) The "problem" is that nonexclusive copyright licenses are generally indivisible as a matter of law (this is referred to as "settled law" in every source you can find) unless the licensing contract states otherwise. This means that a nonexclusive license does not carry an implicit sublicense agreement. With the exception of the MIT License (which contains a sublicense clause), permissive licenses generally do not include a sublicense right and instead offer a direct grant of rights from the original licensor to any recipient of source code released by him or her under that license. Actually, according to the 9th Circuit, exclusive licensees are not transferrable or sublicenseable either unless otherwise stated. See Gardner v. Nike, a case which appears to have surprised a lot of lawyers at the time: http://www.law.berkeley.edu/institutes/bclt/pubs/annrev/exmplrs/csum/gardnervcsum.pdf I also note that you seem to insist on tying the concept of "relicensing" to the concept of GPL "compatibility": http://fsfeurope.org/projects/gplv3/barcelona-rms-transcript.en.html "The idea is that there are some other Free Software licences which are compatible with the GPL meaning that if a program is released under one of those licences, that licence gives, effectively, permission to relicence under the GPL. There are two ways that can happen. Some licences explicitly say "you can also use this program under the GNU GPL".
Re: Rui Miguel Silva Seabra
Dusty wrote: Rui Miguel Silva Seabra only ever contributes to this list when its in a flame war, and always to take up a contrary point of view. He has proved only one thing. Trolls do exist and their primary form of communication is to point and grunt. What Rui says is so stupid, its not even wrong. aye! in my ~1.5 years on this list i must say that rui takes the cake in terms of the most obnoxious poster i've had the displeasure to receive emails from. his emails are pointedly pointless and so devil's-advocate-driven that they have no real content. i couldn't help but notice his initials are RMSS, not so far from RMS. perhaps this is a nome de plume for that other weaselly contrarian, mr. stallman. Kindest Regards Dusty Please Rui, dont reply, you'll only prove my point. Go troll somewhere else.
Re: FW: Real men don't attack straw men
2008/1/4, Rui Miguel Silva Seabra <[EMAIL PROTECTED]>: > On Thu, Jan 03, 2008 at 07:08:12PM -0700, L wrote: > > That is an insult! Why are you being so mean to Marco? > > Right, his extreme insults are meaningless and unprovocative. > > > And why are you being so mean to me too? I read this list too! > > You are insulting me! > > Right, did the hat fit? Because I said "some" not "all" or even "most". > > > Anything can be taken as an insult. > > Specially insults. > > > Did you know that people who speak the truth are insulting at times? People > > that do not put up with bull are very hard people at times? > > There's a difference between not putting up with bull and throwing bull > along with insults. That seems to be Marco's favourite writing style. > > > Did you know skillful liars are very nice people? Did you know cults drag > > people into their cults by being very nice and calm and positive? > > If you mean that only people who are cult-draggers are nice, calm and > positive, then I hate the reality you live in. You've just insulted most > of my friends, should they ever read you. > > Rui > > -- > P'tang! > Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 > + No matter how much you do, you never do enough -- unknown > + Whatever you do will be insignificant, > | but it is very important that you do it -- Gandhi > + So let's do it...? > > Oh, got to add the cc back btw... -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: Real men don't attack straw men
2008/1/4, David Vasek <[EMAIL PROTECTED]>: > > Sounds like he is hiding somewhere in Tora Bora. > > Regards, > David > Actually I got that message in a private conversation with him as well, he do reply within 48 hours time frame so I don't think he is hiding in "Tora Bora". -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: FW: Real men don't attack straw men
On Jan 4, 2008 2:52 PM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > On Fri, Jan 04, 2008 at 02:15:08PM +0530, Siju George wrote: > > On Jan 4, 2008 1:03 AM, Theo de Raadt <[EMAIL PROTECTED]> wrote: > > > Rui Miguel Silva is continually making you guys remove > > > from the cc's of your messages. > > > > Who knows? > > Perhaps He gets Paid for it, and for this violent defense of insanity > > from all the misused funds of FSF > > Perhaps you're a paranoid dellusional individual? > yes I am! I get a 5-10 minutes break to reality and sanity. Thats when I wrote it. And it is evident to every one who has been on this list before how you behave all the time. > > Otherwise why should he repeatedly say some thin that is not > > proprietary as proprietary even after being informed by tedu and > > others? > > Because for me it is proprietary when I can't run it in a commercial > context. > :-) I don't get you. It is commercial for you? you??? what does the license say? has anything in the license of that software been violated? Oh I understand now. You are just my opposite. You are sane most of the time but get Paranoid for a little time at random. That when you wrote this and felt others are paranoid. But if you want to impose your own judgment of licenses and your own interpretation of licences you better start a project of your own and show the rest of the world an example. > > > That is an OpenBSD site which has software, like for instance zangband, > > > which is proprietary and is compiled and distributed from: > > > > > > ftp://ftp.openbsd.org/pub/OpenBSD/4.2/packages/i386/zangband-2.6.2p1-no_x11.tgz > > > > How many times do we have to tell you it's NOT proprietary, and It's > > not "illegal/prohibbted" to distribute "Zangband". > > Yes it is, if you distribute it in a commercial context. > > > Go the hell away you troll! > > You are the troll. > :-) that was to the guy who called you a troll right? I said perhaps you are a paid FSF mercenary or as you accused me "delusional" :-)
Re: Real men don't attack straw men
On Fri, 4 Jan 2008, Richard M. Stallman - Autoreply Message wrote: [This message was generated by an automated system.] I am not on vacation, but I am at the end of a long time delay. I am located somewhere on Earth, but as far as responding to email is concerned, I appear to be well outside the solar system. After your message arrives at gnu.org, I will collect it in my next batch of incoming mail, some time within the following 24 hours. I will spend much of the following day reading that batch of mail and will come across your message at some point. If I can write a response for it immediately, the response will go out in the next outgoing batch--typically around 24 hours after I collected your message, but occasionally sooner or later than that. As a result, you should expect a minimum delay of between 24 and 48 hours in seeing any response to your mail to me. If you are having a conversation with me, please keep in mind that each message you receive from me is probably a response to the mail you sent 24 to 48 hours earlier, and any subsequent mail you sent has not yet been seen by me. If you are in a hurry to speak with me, try sending mail to <[EMAIL PROTECTED]> saying what you would like to talk with me about, and giving your telephone number. Another option to reach me urgently is to call the Free Software Foundation office at 617-542-5942 and ask them to contact me on your behalf. If you aren't in an immediate hurry, there is no need to contact [EMAIL PROTECTED] or the Free Software Foundation office. I will get back to you as soon as I possibly can. If you do not wish to receive this message ever again, please send a message to [EMAIL PROTECTED] with the subject "OFF". Otherwise, you might receive a reply like this one up to once a month. Sounds like he is hiding somewhere in Tora Bora. Regards, David
Re: Improving disk reliability
On Thu, Jan 03, 2008 at 01:29:38AM +0100, Erik Wikstr??m wrote: > > file-server which will contain stuff with some emotional value, data- loss. Houses burn. Dump/tar & scp/ftp offsite to your box or web space.
Re: Real men don't attack straw men
[This message was generated by an automated system.] I am not on vacation, but I am at the end of a long time delay. I am located somewhere on Earth, but as far as responding to email is concerned, I appear to be well outside the solar system. After your message arrives at gnu.org, I will collect it in my next batch of incoming mail, some time within the following 24 hours. I will spend much of the following day reading that batch of mail and will come across your message at some point. If I can write a response for it immediately, the response will go out in the next outgoing batch--typically around 24 hours after I collected your message, but occasionally sooner or later than that. As a result, you should expect a minimum delay of between 24 and 48 hours in seeing any response to your mail to me. If you are having a conversation with me, please keep in mind that each message you receive from me is probably a response to the mail you sent 24 to 48 hours earlier, and any subsequent mail you sent has not yet been seen by me. If you are in a hurry to speak with me, try sending mail to <[EMAIL PROTECTED]> saying what you would like to talk with me about, and giving your telephone number. Another option to reach me urgently is to call the Free Software Foundation office at 617-542-5942 and ask them to contact me on your behalf. If you aren't in an immediate hurry, there is no need to contact [EMAIL PROTECTED] or the Free Software Foundation office. I will get back to you as soon as I possibly can. If you do not wish to receive this message ever again, please send a message to [EMAIL PROTECTED] with the subject "OFF". Otherwise, you might receive a reply like this one up to once a month.
Re: Improving disk reliability
* Douglas A. Tutty <[EMAIL PROTECTED]> [2008-01-04 03:55]: > I thought that there was a trend in the industry away from tapes toward > hard-drive-based systems, e.g. virtual tape libraries that are basically > large file servers with far more capacity than throughput. yes, because decision makers tend to be clueless. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
Re: FW: Real men don't attack straw men
On Jan 4, 2008 10:51 AM, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > On Fri, Jan 04, 2008 at 09:56:03AM +0100, Karl Sjodahl - dunceor wrote: > > This is a unmoderated list and unsubscribed people can mail to it. > > If one doesn't want to hear what outsiders want to say, then perhaps > posting should be restricted to list members. > > Rui > > -- > This statement is false. > > Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 > + No matter how much you do, you never do enough -- unknown > + Whatever you do will be insignificant, > | but it is very important that you do it -- Gandhi > + So let's do it...? > > Who said anything about that? The discussion was about cc. You need to keep on subject and don't make up things.
Re: Real men don't attack straw men
On Wed, Jan 02, 2008 at 11:02:09AM -0700, Theo de Raadt wrote: > > Richard, you are too stupid to go and learn FACTS before you open > > your big fat lying mouth. > > > > Since you did it three times so rapidly, I am calling you a liar. And > since you refuse to undo your commercial support in Emacs and GCC, I > am going to call you a hypocrite. > I'm going to call him THRUSH, because he is stupid irritating cunt.
Re: delete deleted data
On Fri, Jan 04, 2008 at 02:56:12AM -0700, [EMAIL PROTECTED] wrote: > In gmane.os.openbsd.misc, you wrote: > > > > I'll put up a website with all the details and pictures... I'll call > > it 'Put Up Or Shut Up' Anyone who wants a crack at recovering data > > from the drive may do so (as long as they pay the shipping charges > > both ways). If they can name one file that existed on the drive before > > the dd overwrite from an OpenBSD install CD, then they can keep the > > drive and be crowned king of data recovery and get $40 USD. Come on, > > let's actually *do* and not just *talk*, OK? > > I'm assuming it's a drive that had openbsd 4.2 on it. If that was the > case, I can recover the name of at least one file. The filename will > be "/" (without the quotes). Please send me the drive and $40. I can do two more: . and .. -Otto
Re: Rui Miguel Silva Seabra
On 1/4/08, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > > Firstly, your accusation that I only participate in flame-wars is > blatantly false. > > Secondly, most of my posts on the flame-wars where trying to clear-up > false statements from some people. > > Thirdly, some of my posts on the flame-wars where trying to show how > FSF's Free Software definition is the same as BSD's. > > Finally, the rudeness of some people who only resort to insults and > false accusations is appalling. I expected better from people who > develop such an awesome OS. I thought the comedy writers were on strike. Does the union know you're peddling jokes on [EMAIL PROTECTED] I find your writing enormously entertaining, in general, but I don't want you to get in trouble on your day job.
Re: delete deleted data
In gmane.os.openbsd.misc, you wrote: > > I'll put up a website with all the details and pictures... I'll call > it 'Put Up Or Shut Up' Anyone who wants a crack at recovering data > from the drive may do so (as long as they pay the shipping charges > both ways). If they can name one file that existed on the drive before > the dd overwrite from an OpenBSD install CD, then they can keep the > drive and be crowned king of data recovery and get $40 USD. Come on, > let's actually *do* and not just *talk*, OK? I'm assuming it's a drive that had openbsd 4.2 on it. If that was the case, I can recover the name of at least one file. The filename will be "/" (without the quotes). Please send me the drive and $40. -Toby. -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Re: FW: Real men don't attack straw men
On Fri, Jan 04, 2008 at 09:56:03AM +0100, Karl Sjodahl - dunceor wrote: > This is a unmoderated list and unsubscribed people can mail to it. If one doesn't want to hear what outsiders want to say, then perhaps posting should be restricted to list members. Rui -- This statement is false. Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: FW: Real men don't attack straw men
On Thu, Jan 03, 2008 at 07:08:12PM -0700, L wrote: > That is an insult! Why are you being so mean to Marco? Right, his extreme insults are meaningless and unprovocative. > And why are you being so mean to me too? I read this list too! > You are insulting me! Right, did the hat fit? Because I said "some" not "all" or even "most". > Anything can be taken as an insult. Specially insults. > Did you know that people who speak the truth are insulting at times? People > that do not put up with bull are very hard people at times? There's a difference between not putting up with bull and throwing bull along with insults. That seems to be Marco's favourite writing style. > Did you know skillful liars are very nice people? Did you know cults drag > people into their cults by being very nice and calm and positive? If you mean that only people who are cult-draggers are nice, calm and positive, then I hate the reality you live in. You've just insulted most of my friends, should they ever read you. Rui -- P'tang! Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: Rui Miguel Silva Seabra
On Fri, Jan 04, 2008 at 08:20:50AM +0200, Dusty wrote: > Rui Miguel Silva Seabra only ever contributes to this list when its in a > flame war, and always to take up a contrary point of view. He has proved > only one thing. Trolls do exist and their primary form of communication is > to point and grunt. > What Rui says is so stupid, its not even wrong. > > Please Rui, dont reply, you'll only prove my point. Go troll somewhere else. You insult in public and ask for no answer? You might as well ask gravity to give up by itself. Firstly, your accusation that I only participate in flame-wars is blatantly false. Secondly, most of my posts on the flame-wars where trying to clear-up false statements from some people. Thirdly, some of my posts on the flame-wars where trying to show how FSF's Free Software definition is the same as BSD's. Finally, the rudeness of some people who only resort to insults and false accusations is appalling. I expected better from people who develop such an awesome OS. Rui -- Hail Eris! Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
Re: FW: Real men don't attack straw men
On Fri, Jan 04, 2008 at 02:15:08PM +0530, Siju George wrote: > On Jan 4, 2008 1:03 AM, Theo de Raadt <[EMAIL PROTECTED]> wrote: > > Rui Miguel Silva is continually making you guys remove > > from the cc's of your messages. > > Who knows? > Perhaps He gets Paid for it, and for this violent defense of insanity > from all the misused funds of FSF Perhaps you're a paranoid dellusional individual? > Otherwise why should he repeatedly say some thin that is not > proprietary as proprietary even after being informed by tedu and > others? Because for me it is proprietary when I can't run it in a commercial context. > > That is an OpenBSD site which has software, like for instance zangband, > > which is proprietary and is compiled and distributed from: > > > > ftp://ftp.openbsd.org/pub/OpenBSD/4.2/packages/i386/zangband-2.6.2p1-no_x11.tgz > > How many times do we have to tell you it's NOT proprietary, and It's > not "illegal/prohibbted" to distribute "Zangband". Yes it is, if you distribute it in a commercial context. > Go the hell away you troll! You are the troll. Rui -- Hail Eris! Today is Prickle-Prickle, the 4th day of Chaos in the YOLD 3174 + No matter how much you do, you never do enough -- unknown + Whatever you do will be insignificant, | but it is very important that you do it -- Gandhi + So let's do it...?
