On Wed, 26 Jun 2013 12:31:27 +0200, Matthias wrote in message <[email protected]>:
> Hei, > > On 06/25/2013 12:00 PM, [email protected] wrote: > > ..sha256 is the one approved gold standard? In the EU too? > > Norwegian "law enforcement" _evades_ this very issue whenever > > I ask. > > Gold standard for what exactly ? ..to verify and prove the identity of e.g. a file in a file listing of disputable origins in a court of law, as admissible evidence. ..a judge given a binary, source and the build recipe, e.g. a build script, giving all all the details so the judge can repeat the build and verify when he is being told the truth, and when not, whenever he hears a story from an alleged expert witness. > Which issue is Norwegian law enforcement evading ? ..they never answer my question above when I ask them, they instead _evade_ my question, e.g. pretend I never asked, or that it is "top secret", or some such, there's also the crazy possibility that Norway doesn't have a standard on this. ;oD > >> > I most cases the companies / people bringing the device in > >> > question into public are either completely unaware of the issue > >> > or try to silently ignore it. Once they are made aware of it > >> > they pretty soon resolve the issue without the need to fully > >> > proof all and everything. > > > > ..in my cases they play Kafka games litigating me, and prevail with > > "Chad's Defense", because I don't have the money to hire lawyers. > > Forgive my ignorance, but what is a "Chad's Defense" ? ..you managed to miss it??? 8oD About half the list traffic on this list ([email protected]) this spring, and the very reason it is now moderated since April, "Chad Goodman and Anthrax kernels", "binary-only releases to members of his special exempt organisation", under NDAs. All clear GPLv2 violations, and likely part of a future anti-GPL litigation scheme, AFAICT. Google. ;o) http://www.reddit.com/r/Android/comments/197fjt/anthrax_kernels_facing_a_potentially_gigantic_gpl/ > >> > But there are surely also cases where the manufacturer simply > >> > denies everything and then it will be super handy to have this > >> > tool! > >> > > >>> > > You have to keep in mind that automated tooling is just used > >>> > > to gather evidence for a *possible* GPL violation. > > Why only "possible" violations ? ..yes? > When a file is binary equal to a GPL binary, > it is proof for copying, isn't it ? ..yes, depends on how it is compiled. ..binary equal means exact same copy, or built from source etc so checksums match. E.g. md5sum have flaws that can make md5sums match on e.g. 2 different files, is why I'm looking for gold standards on checksums that can make it thru litigation etc scrutiny all the way up to the supreme courts around this planet. > > -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen > > Viele Grüße = Best regards, > Matthias > -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case.
