Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Translation ... (Score 1) 145

Github does not charge to host projects. Github therefore must use one of these three methods to make a profit if they don't start charging for use.


It does:

Only public projects are free. And this is IMO a fair model. If you want to hide your code from the public, it means in most cases that your software is closed source. And that usually means you make money with it, where its just fair to give github a small part of it, these are basic economic "supply chain" rules. Conversely, if your code is public, it most likely is open source as well. There is some public content on github which is not open source licensed, but most of it is.

And about learning git, it has a steep learning curve, but once you know it, its real fun. CVS isn't distributed, I really like git for its speed and features like git blame. Sadly many people think git == github.

Submission How The Car Industry Has Hidden Its Software Behind The DMCA->

Lucas123 writes: The DCMA has allowed carmakers to keep third parties from looking at the code in their electronic control modules. The effect has been that independent researchers are wary of probing vehicle code, which may have lead companies like Volkswagen to get away with cheating emissions tests far longer than necessary. In a July letter to the U.S. Copyright Office, the Environmental Protection Agency expressed its own concern of the protection provided by the DMCA to carmakers, saying it's "difficult for anyone other than the vehicle manufacturer to obtain access to the software." Kit Walsh, an attorney with the Electronic Frontier Foundation, said the legal uncertainly created by the DMCA "makes it easier for manufacturers to conceal intentional wrongdoing. The EFF has petitioned the U.S. Copyright Office for an exemption to the DMCA for embedded vehicle code so that independent research can be performed on electronic control modules (ECMs), which run a myriad of systems, including emissions.
Link to Original Source

Comment Re:Cybersecurity Cyberdefensive Cybercapabilities (Score 2) 19

Data are programs and programs are data. There is no real distinction between those two. Also, currently I think that the human component is the weakest part of the system. Of course, the "big bugs" get the news coverage, and some are really serious like heartbleed, mostly because it persists in millions of non-updated devices, but most times, modern cybercriminals just use other means, where the user an some authorization step of some form in order to install the payload, be it the "it department" calling, the classical "password update procedure please visit this website" e-mail, or infected warez the user got via bittorrent.

Submission Absent gravitational waves from merging black holes throw scientists into tizzy->

hypnosec writes: For the past eleven years, a team of international scientists is busy looking for gravitational waves by monitoring a set of ‘millisecond pulsars’ using CSIRO's Parkes Telescope. The idea is to record the arrival times of the highly regular trains of radio pulses on Earth to an accuracy of ten billionths of a second. Merging of a pair of black hole produces gravitational waves according to Einstein's theory of relativity. When these gravitational waves pass between Earth and a millisecond pulsar, the squeeze and stretch of space causes a change in distance Earth and the pulsar in tune of about 10 metres — a tiny fraction of the pulsar’s distance from Earth. This changes, very slightly, the time that the pulsar’s signals arrive on Earth. Researchers have been trying to detect this change as a proof of existence of gravitational waves, but to no avail raising questions on our understanding of black holes and on the theory of relativity as well.
Link to Original Source

Submission Is curl|bash insecure? thinks not-> 2

taikedz writes: I can see several flaws in these arguments, so much so that where I previously dismissed the curl|bash offer as non-indicative of Sandstorm's security otherwise, I am now not so sure.

What do you think? From the article:

Sandstorm is a security product, so we want to address that head-on.

When you install software on Linux, no matter what package manager you use, you are giving that software permission to act as you. Most package managers will even execute scripts from the package at install time – as root. So in reality, although curl|bash looks scary, it’s really just laying bare the reality that applies to every popular package manager out there: anything you install can pwn you.

Realistically, downloading and installing software while relying on HTTPS for integrity is a widely-used practice. The web sites for Firefox, Rust, Google Chrome, and many others offer an HTTPS download as the primary installation mechanism.

Link to Original Source

Comment Re:The real problem (Score 2) 299

And building a house is a fairly simple task compared to writing some programs. You should better compare software to digging tunnels in the mountains. You never know what type of stone is ahead, and if you reach sand, you have to cool it so that it's stable etc.
You can make small test drills in order to find that out, but you won't know it for the complete length of the tunnel. And if management now demands that the tunnel has to be larger, it means alot of effort, the longer your tunnel already is.

Comment Re:The song IS public domain (Score 4, Informative) 102

That's a legal argument that the plaintiffs made. The judge denied that one.

That's correct, the judge denied the argument. However, he argued the argument is denied because the plaintiffs didn't provide evidence that the publication of
Happy Birthday in The Everyday Song Book in 1922 was authorized.
He didn't argue that it was denied because the publication was only done by a licensee, like you say.

If you published an authorized work under the Copyright Act of 1909, and missed a copyright mark, the work would become public domain. From the ruling (some quotes removed):

Under the Copyright Act of 1909, one secured a federal copyright by publishing a
work with proper notice. Before such publication, the work was protected by common
law copyright. If the work was published without notice, two things happened: the
author (1) failed to obtain a federal copyright and (2) lost the common law copyright as

General publication, which would cause a forfeiture, occurs “when, by consent of
the copyright owner, the original or tangible copies of a work are sold, leased, loaned,
given away, or otherwise made available to the general public, or when an authorized
offer is made to dispose of the work in any such manner, even if a sale or other such
disposition does not in fact occur.” 1 Nimmer 4.03. By contrast, a limited publication,
which does not cause a forfeiture, is when “tangible copies of the work are distributed
both (1) to a ‘definitely selected group,’ and (2) for a limited purpose, without the right of
further reproduction, distribution or sale.” Acad. of Motion Picture Arts & Scis., 944 F.2d
at 1452. Moreover, “mere performance or exhibition of a work does not constitute a
[general] publication of that work.” Am. Vitagraph, Inc. v. Levy, 659 F.2d 1023, 1027
(9th Cir. 1981).

The judge even said that this would apply for the 1922 publication:

If the [1922] publication was authorized, that could
make it a general publication (without proper copyright notice), divesting the Hill sisters
of their common law copyright.

But later on, he sais:

As Defendants [Time Warner] point out, there is no direct evidence
that the Hill sisters had authorized Summy Co. to grant permission for the publication of
the lyrics in The Everyday Song Book.

And concludes:

Plaintiffs cannot satisfy their initial burden under Rule 56. Accordingly,
Plaintiffs’ Motion is DENIED as to this issue.

Comment Re:Judge didn't say public domain (Score 5, Informative) 102

From the ruling:

The 1909 Copyright Act, which governs E51990, did not require that a work be registered to
obtain a federal copyright
. See 2-7 Nimmer 7.16. But registration was nonetheless
highly desirable, not only because it was a precondition to the filing of an infringement
, but also because, once registered, the certificate of registration “shall be admitted in
any court as prima facie evidence of the facts stated therein.” 17 U.S.C. 209 (1909 Act);
see also 17 U.S.C. 410(c) (1976 Act) (providing for the presumption of validity in the
modern Copyright Act). Furthermore, “[a]lthough the ‘facts’ stated in a certificate of
registration are limited to the date, name and description of the work, and name of the
registration holder, a majority of courts have held that 209 [of the 1909 Copyright Act]
creates a rebuttable presumption that the certificate holder has met all the requirements for
copyright validity.” Acad. of Motion Picture Arts & Scis. v. Creative House Promotions,
Inc., 944 F.2d 1446, 1451 (9th Cir. 1991). Once a claimant shows that she has a
certificate of registration, the burden of proof shifts to the opposing party
who must “offer
some evidence or proof to dispute or deny the [claimant’s] prima facie case.” United
Fabrics Int’l, Inc. v. C&J Wear, Inc., 630 F.3d 1255, 1257 (9th Cir. 2011).

Comment For the web only, not much more (Score 5, Informative) 215

From the paper:

Unlike other algorithms compared here, brotli includes a static dictionary. It contains 13’504
words or syllables of English, Spanish, Chinese, Hindi, Russian and Arabic, as well as common
phrases used in machine readable languages, particularly HTML and JavaScript.

This means that brotli isn't a general purpose algorithm, but only built for the web, not more. I guess that future versions of the algorithm will include customized support for other, smaller languages, whose compression databases are only downloaded if you open a web page in that language.

Submission Google releases new compression algorithm "Brotli"->

NotInHere writes: Google has announced the release of a new open source lossless compression algorithm called Brotli. The release included a blog post, source code, and a draft IETF standard submission. According to Google's compression team engineer Zoltan Szabadka, Brotli is roughly as fast as zlib’s Deflate implementation, and at the same time, it compresses slightly more densely than LZMA and bzip2 on the Canterbury corpus, a generic benchmark dataset for compression algorithms. It therefore combines the speed of deflate with the efficiency of LZMA and bzip2.

The algorithm is named after the swiss german word for small bread, "Brötli". Google hopes that browser vendors will adopt brotli in their HTTP implementations.

Link to Original Source

One of the chief duties of the mathematician in acting as an advisor... is to discourage... from expecting too much from mathematics. -- N. Wiener