Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:trick question (Score 1) 263 263

Maybe in one of these weird languages where it's not the operator which determines the operation to be done. Or one of these annoying languages in which you need silly stuff like str(10)... :-)

I feel for the poor poor programmer who didn't get the chance to understand Perl.

And BTW, /. ate my binary operator in the post above. It was meant to be:

to get 327680, you would have used the binary shift operator: "10"<<"15"

Comment: Re:trick question (Score 1) 263 263

should "10" + "15" == "1015" or should it be 25?

What a strange question. Obviously, 25 since you are using an arithmetic operator. So surely, you wanted to do arithmetic, right?
If you had wanted "1015", you would obviously have used a string operator instead ( "10" . "15" ).

Are there languages so stupid that they can't tell the difference and you have to spell it out for them in every boring detail?

PS: And if you had wanted to get 327680, you would have used the binary shift operator: "10""15"

Comment: How is Pocket different from bookmarks / File-Save (Score 1) 351 351

I don't understand the point of this Pocket stuff (or Wallabag, which someone mentioned as similar). Would someone please explain what use it has?

For Pocket, I read "If it's in Pocket, it's on your phone, tablet or computer. You don't even need an Internet connection."

OK, but how is that different from Ctrl-S (Save page)?

For Wallabag, apparently you still need an Internet connection: "when you open your wallabag, you can comfortably read your articles. [...] you can install it on your web server or you can create a free account at Framabag.

So how is that different from just bookmarking the page?

Comment: Why content owners don't like Netflix (Score 2) 224 224

The problems content owners have with Netflix could be what I heard from one of them (in Europe):

- They pay very little

- They give absolutely no information about how many viewers watched the content.

For content owners, Netflix is pretty useless. For smaller movies, it may be more expensive to find and package the content to deliver than what Netflix will pay. (It is in fact time consuming to hunt down the movie files at the right framerate in the right encoding, audio matching the framerate in the wanted languages and mix versions (5.1? LtRt?, both?), subtitles in the right format and with times adjusted for variable logos etc.)

Does someone know if Netflix in the US is also so strangely secretive and also pays so little? After all, they do know exactly how many viewers watched what and when, how many interrupted without watching to the end, etc. They just don't share it per movie with the movie's owner (or rather distributor).

Comment: Re:Mac and Windows PC only. (Score 1) 117 117

Linux is not really meant to be a desktop OS

Unforutnately, you are right. My main machine is Linux (Ubuntu 12.04) since over 5 years, and it is indeed not comparable to WinXP/Win7 or Mac OS X. I still prefer it for various reasons, but would not recommend it to most people as a desktop OS.

There might be a Google Earth for Android and iOS some day, but probably never for Linux. Sad...

Comment: Re:The measurements in question: (Score 2) 142 142

And to list these for your own drive:

$ sudo smartctl -A /dev/sda | egrep '^\s*(ID|5|1[89][78])'
    5 Reallocated_Sector_Ct 0x0033 100 100 036 Pre-fail Always - 0
187 Reported_Uncorrect 0x0032 100 100 000 Old_age Always - 0
188 Command_Timeout 0x0032 100 253 000 Old_age Always - 0
197 Current_Pending_Sector 0x0012 100 100 000 Old_age Always - 0
198 Offline_Uncorrectable 0x0010 100 100 000 etc.

(Incomplete last line to "use fewer 'junk' characters." as requested by that silly filter)

Comment: Try this in the meantime... (Score 1) 329 329

For this new vulnerabilty, there are no toy-command-checks yet I believe. But in the meantime, try the "Fun Shellshock test with curl" on the NAS boxes in your neighborhood (or anywhere else this Google search points you to).

And note that as a bonus the web server on that NAS already runs as root, so there is no need for a "privilege escalation" vulnerability. Nothing to escalate, you start from the top already.

+ - Enforcing the GPL

lrosen writes: I am responding to the article in Opensource.com by Aaron Williamson, "Lawsuit threatens to break new ground on the GPL and software licensing issues."

I want to acknowledge Aaron's main points: This lawsuit challenges certain assumptions about GPLv2 licensing, and it also emphasizes the effects of patents on the FOSS (and commercial) software ecosystem. I also want to acknowledge that I have been consulted as an expert by the plaintiff in this litigation (Ximpleware vs. Versata, et al.) and so some of what I say below they may also say in court.

Let's be open about the facts here. Ximpleware worked diligently over many years to create certain valuable software. The author posted his source code on SourceForge. He offered the software under GPLv2. He also offered that software under commercial licenses. And he sought and received and provided notice of United States patent claims related to that software.

Unbeknownst to Ximpleware, Versata took that GPLv2 software and incorporated it into Versata products – without disclosing that GPLv2 software or in any other way honoring the terms of the GPLv2 license. The reason Ximpleware became aware of that GPLv2 breach is because some months ago Versata and one of its customers, Ameriprise, became embroiled in their own litigation. The breach of GPLv2 came out during discovery.

Ximpleware has terminated that license as to Versata. This is exactly what the Software Freedom Conservancy and others do when confronted by GPL breaches.

That earlier litigation is between two (or more) commercial companies; it is not a FOSS problem. These are mature, sophisticated, profitable companies that have the wherewithal to protect themselves. I know that in my own law practice, whether I represent software vendors or their commercial customers, we typically provide for some level of indemnification. Perhaps Ameriprise and the other customer-defendants can count on Versata defending them against Ximpleware. Such a commercial dispute between big companies – even if it involves the GPLv2 software of a small company and separate indemnification for copyright or patent infringement – is between them alone.

But as to Ximpleware and its GPLv2 copyrighted and patented software, there are a few misunderstandings reflected in Aaron Williamson's article:

1. The notion of "implied patent licensing" has no clear legal precedent in any software licensing. While it is true that goods that one purchases include a patent license under what is known as the "exhaustion doctrine," there is no exhaustion of patented software when copies are made (even though copying of the software itself is authorized by GPLv2). For example, a typical commercial patent license nowadays might include a royalty for each Android phone manufactured and sold. Companies that distribute Android phones and its FOSS software acquire patent licenses so that recipients of their phones are indeed free to use those phones. But that isn't because of some implied patent licenses that come with Android software, but because commercial companies that distribute phones pay for those patent rights, directly or indirectly. I think it is entirely reasonable to require that commercial companies get their patent licenses in writing.

2. Versata's customers who received the (in breach!) GPLv2 software all moved to dismiss Ximpleware's infringement claims against them, pointing to Section 0 of GPLv2, which says that "[t]he act of running the Program is not restricted." What that sentence actually means is just what it says: The GPLv2 copyright grant itself (which is all there is in GPLv2) does not restrict the act of running the program. Nor could it; that is a true statement because running a program is not one of the enumerated copyright rights subject to a copyright license (17 USC 106). The authors of the GPL licenses have themselves made that argument repeatedly: The use of software is simply not a copyright issue.

3. Because there are U.S. patent claims on this Ximpleware software, Section 7 of GPLv2 prohibits its distribution under that license in the United States (or any jurisdictions where patent claims restrict its use). If Ameriprise and the other defendants were outside the U.S. where the Ximpleware patents don't apply, then GPLv2 would indeed be sufficient for that use. But inside the U.S. those customers are not authorized and they cannot rely on an assumed patent grant in GPLv2. Otherwise GPLv2 Section 7 would be an irrelevant provision. Reread it carefully if you doubt this.

The Versata customers certainly cannot depend on an implied patent license received indirectly through a vendor who was in breach of GPLv2 since the beginning – and still is! Versata ignored and failed to disclose to its own customers Ximpleware's patent notices concerning that GPLv2 software, but those patents are nevertheless infringed.

Should we forgive commercial companies who fail to undertake honest compliance with the GPL? Should we forgive their customers who aren't diligent in acquiring their software from diligent vendors?

As Aaron Williamson suggests, we shouldn't ignore the implications of this case. After all, the creator of Ximpleware software made his source code freely available under GPLv2 and posted clear notices to potential commercial customers of his U.S. patents and of his commercial licensing options. Lots of small (and large!) open source commercial companies do that. Although it is ultimately up to the courts to decide this case, from a FOSS point of view Ximpleware is the good guy here!

There is rich detail about this matter that will come out during litigation. Please don't criticize until you understand all the facts.

Lawrence Rosen
Rosenlaw & Einschlag (lrosen@rosenlaw.com)

The UNIX philosophy basically involves giving you enough rope to hang yourself. And then a couple of feet more, just to be sure.