TrueCrypt, GostCrypt, *Crypt - status?
After TrueCrypt, many tens of proposed continuations, and even brand new competing projects appeared, such as: https://www.gostcrypt.org/ Have any of those many projects gained following, review, support, opensource license, and ongoing development work such that they can now be considered the in fact TrueCrypt successor / new independant solution?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 see the thing on cryptsetup discussed in part here: http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-implementatio... (this is a older post from just before mid-2014 I think) I had suggested cryptsetup actually to a few people. I still think it is a good thing. Some discussion of this in May 2014 led to I think, led to some question about what to select? https://tails.boum.org/blueprint/replace_truecrypt/ (this is dated 21 July 2014) Anyway this seemed nice: https://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions But what is in TAILS at the moment so far as the link to the LUKS and cryptsetup stuff that's being used, it's a little hard to see through to the links to find that exact code (where, what exactly to look for, for the average person / user who just wants to see it). It's probably something obvious I missed becasuse I'm tired. If you know exactly what to link to please drop it here. grarpamp:
After TrueCrypt, many tens of proposed continuations, and even brand new competing projects appeared, such as: https://www.gostcrypt.org/
Have any of those many projects gained following, review, support, opensource license, and ongoing development work such that they can now be considered the in fact TrueCrypt successor / new independant solution?
- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJUp1TyAAoJEGxwq/inSG8CwxAH/j5QjM7uVLhVfXiaUSlPD+i1 ajKaaTn/FN6oGX+e9xfpKqP8zpJcJM+XX8AYpL8cRI+vP3dM5qQXfPQGgJpuMR7g vhKmwgfZXCpWSPkMw0X/ORN+UhwHQYOuci3MvbjjhFIozBHg+wNXeyvIDIFpikg4 lBGi5V9CWosd5PXc0NZwEulBI0jwVcyM7GV7jd3A1weodqkhKgNkoj/toiaca0qu QgC1zr/7d9tQZZzsBF0hHdwnDaxX9p3IImvC7qo5HEnlRGuacr8PlW4iyeA9XhnY ZITlKm6K9wghSsRqMEQvfTIPml5iDdevziMO7a4MkwLfVVQYMOOOon8vjy+LdbQ= =NT72 -----END PGP SIGNATURE-----
I hear good things about Zulucrypt, probably because it can also manage truecrypt volumes and devices. I've got truecrypt-encrypted drives that I use truecrypt for, so I'm also really curious to see what the best solution will be long-term. (Preferably awesome and usable and audited). ~Griffin On 2015-01-02 21:33, odinn wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
see the thing on cryptsetup discussed in part here:
http://grugq.tumblr.com/post/60464139008/alternative-truecrypt-implementatio... (this is a older post from just before mid-2014 I think)
I had suggested cryptsetup actually to a few people. I still think it is a good thing.
grarpamp:
After TrueCrypt, many tens of proposed continuations, and even brand new competing projects appeared, such as: https://www.gostcrypt.org/
Have any of those many projects gained following, review, support, opensource license, and ongoing development work such that they can now be considered the in fact TrueCrypt successor / new independant solution?
-- "The apparent safety of modern life is just a shallow skin atop an ocean of blood, guts and bricked devices." ~Pearce Delphin
https://veracrypt.codeplex.com/ Not bad at all. https://ciphershed.org/ On 15.12.2014 - pre-Alpha tested strted.
https://<ANYTHING>.codeplex.com/ Not bad at all.
Microsoft runs CodePlex.com, ...so don't trust any project binaries, only perhaps the project's sources. And it'll likely not last long term, so someone will eventually need to make a snapshot of the sources and put them on another FOSS hosting site, when Microsoft kills off CodePlex. So starting a mirror would be useful.
Dnia sobota, 3 stycznia 2015 09:26:17 Blibbet pisze:
https://<ANYTHING>.codeplex.com/ Not bad at all.
Microsoft runs CodePlex.com, ...so don't trust any project binaries, only perhaps the project's sources.
And it'll likely not last long term, so someone will eventually need to make a snapshot of the sources and put them on another FOSS hosting site, when Microsoft kills off CodePlex. So starting a mirror would be useful.
Also, take note of licensing there, Microsot pushes the Ms-PL hard for CodePlex projects: https://en.wikipedia.org/wiki/Shared_source#Microsoft_Public_License_.28Ms-P... Guess what? Ms-PL is not compatible with GPL. Of course. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
Microsoft runs CodePlex.com, ...so don't trust any project binaries, only perhaps the project's sources.
Also, take note of licensing there. Guess what? Ms-PL is not compatible with GPL. Of course.
Oh, didnt pay attention to that one. Thank you, rysiek. So lets watch the CipherShed team (https://ciphershed.org/)
On Fri, 2015-01-02 at 18:31 -0500, grarpamp wrote:
After TrueCrypt, many tens of proposed continuations, and even brand new competing projects appeared, such as: https://www.gostcrypt.org/
Have any of those many projects gained following, review, support, opensource license, and ongoing development work such that they can now be considered the in fact TrueCrypt successor / new independant solution?
The thing that really irks me the most about TrueCrypt being withdrawn was that it was the only true multi-platform (GNU/Linux and Windows at least, was there a Mac OS X version?) full-disk encryption software available under a free software license. Every other full disk encryption solution out there is either proprietary, only available for one operating system, or both. To me, any true successor to TrueCrypt will be available under GPLv3 (not sure I like the idea of someone forking a BSD/MIT licensed clone and then not sharing the source, aka the "BSD/MIT Tuck And Run"), and for at least GNU/Linux and Windows (ideally Mac OS X as well). While I never really needed something like TrueCrypt while it was maintained, that doesn't mean I won't in the future, and I know there are others who need TrueCrypt (including multi-platform support). -- Shawn K. Quinn <skquinn@rushpost.com>
Truecrypt itself actually wasn't licensed under an OSI/FSF approved license, was it? I recall reading it had some strange clauses in there that they never elaborated upon that made it unsuitable for packaging. What are the critical truecrypt features people actually want, that made it special? Trivial symmetric file encryption? That could be hacked together pretty simply. Or something more esoteric? Deniable volumes? Detachable headers? Keyfiles? On 03/01/15 10:18, Shawn K. Quinn wrote:
On Fri, 2015-01-02 at 18:31 -0500, grarpamp wrote:
After TrueCrypt, many tens of proposed continuations, and even brand new competing projects appeared, such as: https://www.gostcrypt.org/
Have any of those many projects gained following, review, support, opensource license, and ongoing development work such that they can now be considered the in fact TrueCrypt successor / new independant solution?
The thing that really irks me the most about TrueCrypt being withdrawn was that it was the only true multi-platform (GNU/Linux and Windows at least, was there a Mac OS X version?) full-disk encryption software available under a free software license. Every other full disk encryption solution out there is either proprietary, only available for one operating system, or both.
To me, any true successor to TrueCrypt will be available under GPLv3 (not sure I like the idea of someone forking a BSD/MIT licensed clone and then not sharing the source, aka the "BSD/MIT Tuck And Run"), and for at least GNU/Linux and Windows (ideally Mac OS X as well). While I never really needed something like TrueCrypt while it was maintained, that doesn't mean I won't in the future, and I know there are others who need TrueCrypt (including multi-platform support).
On Sat, Jan 3, 2015 at 12:23 PM, Cathal Garvey <cathalgarvey@cathalgarvey.me> wrote:
What are the critical truecrypt features people actually want, that made it special?
Windows + third party + opensource + gui + full disk encryption. I doubt its volumes were portable like ZFS. You could Windows mount iSCSI/SMB/NFS from a VM of FreeBSD+GELI+ZFS. Please stop top posting.
On 03/01/15 10:18, Shawn K. Quinn wrote:
To me, any true successor to TrueCrypt will be available under GPLv3 (not sure I like the idea of someone forking a BSD/MIT licensed clone and then not sharing the source, aka the "BSD/MIT Tuck And Run")
This is a bogus argument. If you don't like that someone has copied it, closed it, and gone off and done their own thing with it... make your own copy and continue open development. BSD is about honoring freedom, not about ramming freedom down your throat under threat of suit. World of difference there. Make no mistake, the more freedom a license gives YOU, the more free it is. What you do with the freedoms you are given is up to you... if you choose to jerk people around, no one will care, they'll just ignore and route around you. Though not as free as BSD, take similar CDDL ZFS example... Sun opened it, FreeBSD ported it, Oracle closed it, open and free people ignored Oracle and eventually congregated at open-zfs.org. Both Oracle and open-zfs won. If it were GPL only open-zfs would have. That's not very free.
On Sat, Jan 3, 2015 at 8:37 PM, grarpamp <grarpamp@gmail.com> wrote:
On Sat, Jan 3, 2015 at 12:23 PM, Cathal Garvey
What are the critical truecrypt features people actually want, that made it special?
Windows + third party + opensource + gui + full disk encryption.
That being the minimal basics on that platform.
Trivial symmetric file encryption? ... Deniable volumes? Detachable headers? Keyfiles?
Icing in conjunction with basic above. Maybe it'll be a few more years before a post truecrypt Windows solution settles out and is widely adopted and recommended.
W dniu 04.01.2015 o 02:49, grarpamp pisze:
On Sat, Jan 3, 2015 at 8:37 PM, grarpamp <grarpamp@gmail.com> wrote:
On Sat, Jan 3, 2015 at 12:23 PM, Cathal Garvey
What are the critical truecrypt features people actually want, that made it special?
Windows + third party + opensource + gui + full disk encryption.
That being the minimal basics on that platform.
Trivial symmetric file encryption? ... Deniable volumes? Detachable headers? Keyfiles?
Icing in conjunction with basic above.
I'd say the killer feature was that it was trustworthy and it had an easy way of backing up the volume header with the key and password. Use case: in a company an employee forgets their password or something messes up the volume header, comes to the IT dept for help and they can easily restore that. So basically saying it was pretty disaster-proof, at least for typical cases (because people never fuc**** make backups, especially the company vips). -- Łukasz "Cyber Killer" Korpalski mail: cyberkiller8@gmail.com xmpp: cyber_killer@jabster.pl site: http://website.cybkil.cu.cc gpgkey: 0x72511999 @ hkp://keys.gnupg.net //When replying to my e-mail, kindly please //write your message below the quoted text.
On 04/01/2015 09:13, Łukasz 'Cyber Killer' Korpalski wrote:
I'd say the killer feature was that it was trustworthy and it had an easy way of backing up the volume header with the key and password. Use case: in a company an employee forgets their password or something messes up the volume header, comes to the IT dept for help and they can easily restore that.
I am expecting a future version to automate some of that - TC, great as it is, really isn't good in the Enterprise because trying to manage hundreds of volumes spread over hundreds of desktops, laptops, and removable media, is a management nightmare. Competing (and presumably less secure) products do well because they *do* cater to central administration, and often integrate into a runtime AV, AT or DLP solution.
Please stop top posting.
When replies are excessive, I will trim them. When a particular snippet of quoted text is immediately relevant (as above) I will top-quote. However, sorry, but I'll continue emailing as I always have done; if I come from a different internet culture to you, and if top-posting is anathema to you but not I, that's just a difference we'll have to reconcile to stay high-signal and on-topic. However, in the spirit of 2015, which will consist mostly of code-golf and optimism, here's a Python one-liner in the most brutalist sense that will solve your problem, at least for the "offending" email to which you were replying. It may be broken across lines by my or your email client or an ignorant intermediary; filter newlines to resolve. Sorry it's so verbose, inlining those imports might help, but by now I'm bored. (lambda P=__import__('email',fromlist=['parser']).parser.Parser(),A=__import__('sys').argv,Re=__import__('re'):(lambda E=P.parse(open(A[1])),B=P.parse(open(A[1])).get_payload(),R=Re.compile('On.+?wrote:(?=\n>[^>])'),O=open(A[2],'w'):(E.is_multipart()and str(E))or(O.write('\n'.join([': '.join(i)for i in E.items()]+['']+[R.search(B).group()if R.search(B)else ""]+[L for L in B.splitlines()if Re.match('>[^>]',L)]+['']+[L for L in B.splitlines()if(not L)or(not Re.match('(>|On.+?wrote:)',L))])+"\n")))())() On 04/01/15 01:37, grarpamp wrote:
Windows + third party + opensource + gui + full disk encryption. I doubt its volumes were portable like ZFS. You could Windows mount iSCSI/SMB/NFS from a VM of FreeBSD+GELI+ZFS.
Please stop top posting.
Dnia sobota, 3 stycznia 2015 20:37:35 grarpamp pisze:
On 03/01/15 10:18, Shawn K. Quinn wrote:
To me, any true successor to TrueCrypt will be available under GPLv3 (not sure I like the idea of someone forking a BSD/MIT licensed clone and then not sharing the source, aka the "BSD/MIT Tuck And Run")
This is a bogus argument. If you don't like that someone has copied it, closed it, and gone off and done their own thing with it... make your own copy and continue open development. BSD is about honoring freedom, not about ramming freedom down your throat under threat of suit. World of difference there. Make no mistake, the more freedom a license gives YOU, the more free it is. What you do with the freedoms you are given is up to you... if you choose to jerk people around, no one will care, they'll just ignore and route around you.
The good old BSD vs. GPL, eh? The problem with this simplified view is that there are a number of good reasons for copyleft clauses, and many of them were verified during Heartbleed, for instance. Apparently Facebook used a modified OpenSSL version that was accidentally not vulnerable. Had OpenSSL been licensed under a copyleft license, maybe we wouldn't have Heartbleed at all. Another reason is a bit broader. In the digital world selling *products* (think: Windows licenses) simply does not work -- the basic operation here is *copying*, trying to make copying hard is not really that smart, is it. We all know how well DRM schemes work, right? The answer here is to move towards selling *services* -- something that is not easily copy-able. Services like support, deployment, etc. But I guess we all know that already, don't we? So why exactly does anybody here feel the need to retain the right to close their (or anybody else's, for that matter) software? That doesn't seem like it's required for selling services based on a given software, moreover -- getting it out on a strong copyleft license (like GPLv3 or AGPL) makes it *harder* for large corporations to close that work and out-sell it, and at the same time makes it easier to get all the patches/fixes/etc other people made in particular software. I see huge practical and economical benefits from using copyleft licenses, and the only argument *against* them is -- as far as I can see -- the "MUH FREEDUMS" aka "I might want to close-off some of my (or somebody else's) work". I actually feel copyleft licenses give me *more* freedom: I am at least sure nobody can close-off any version of a given (including: mine) program from me. I have no problem with people advocating BSD/MIT-style licenses as long as we can have a civil discussion about it. This:
BSD is about honoring freedom, not about ramming freedom down your throat under threat of suit.
...is not exactly what I am talking about here. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
The problem with this simplified view is that there are a number of good reasons for copyleft clauses, and many of them were verified during Heartbleed, for instance.
Earlier, in fact. The phrase "tragedy of the commons" derives from nobel-prize-winning research that found that unregulated commons more often than not are abused to the point of collapse. It's hard to see how this can happen to a source-code commons, but only as far as you see the "commons" in source code being the code itself, rather than the free labour it represents on the part of well-meaning programmers. By propping up proprietary shitware with your lovingly crafted code, you are undermining not only yourself, but the others out there lovingly crafting and then freeing their code. Of course, the shitware doesn't develop as quickly as the "real" curated stuff, so we see Linux thriving in so many ways technically versus Windows and Mac..but then, the lack of protections against theft of the commons is the reason Mac is doing so well in the first place. Where'd they get that Kernel again? Hmm. On 04/01/15 12:00, rysiek wrote:
Dnia sobota, 3 stycznia 2015 20:37:35 grarpamp pisze:
On 03/01/15 10:18, Shawn K. Quinn wrote:
To me, any true successor to TrueCrypt will be available under GPLv3 (not sure I like the idea of someone forking a BSD/MIT licensed clone and then not sharing the source, aka the "BSD/MIT Tuck And Run")
This is a bogus argument. If you don't like that someone has copied it, closed it, and gone off and done their own thing with it... make your own copy and continue open development. BSD is about honoring freedom, not about ramming freedom down your throat under threat of suit. World of difference there. Make no mistake, the more freedom a license gives YOU, the more free it is. What you do with the freedoms you are given is up to you... if you choose to jerk people around, no one will care, they'll just ignore and route around you.
The good old BSD vs. GPL, eh?
The problem with this simplified view is that there are a number of good reasons for copyleft clauses, and many of them were verified during Heartbleed, for instance.
Apparently Facebook used a modified OpenSSL version that was accidentally not vulnerable. Had OpenSSL been licensed under a copyleft license, maybe we wouldn't have Heartbleed at all.
Another reason is a bit broader. In the digital world selling *products* (think: Windows licenses) simply does not work -- the basic operation here is *copying*, trying to make copying hard is not really that smart, is it. We all know how well DRM schemes work, right?
The answer here is to move towards selling *services* -- something that is not easily copy-able. Services like support, deployment, etc. But I guess we all know that already, don't we?
So why exactly does anybody here feel the need to retain the right to close their (or anybody else's, for that matter) software? That doesn't seem like it's required for selling services based on a given software, moreover -- getting it out on a strong copyleft license (like GPLv3 or AGPL) makes it *harder* for large corporations to close that work and out-sell it, and at the same time makes it easier to get all the patches/fixes/etc other people made in particular software.
I see huge practical and economical benefits from using copyleft licenses, and the only argument *against* them is -- as far as I can see -- the "MUH FREEDUMS" aka "I might want to close-off some of my (or somebody else's) work".
I actually feel copyleft licenses give me *more* freedom: I am at least sure nobody can close-off any version of a given (including: mine) program from me.
I have no problem with people advocating BSD/MIT-style licenses as long as we can have a civil discussion about it.
This:
BSD is about honoring freedom, not about ramming freedom down your throat under threat of suit.
...is not exactly what I am talking about here.
It might be good to give Peter Linebaugh's "Magna Carta Manifesto" a read for some understanding both on how the "tragedy of the commons" never actually happened, and how the popular struggle for access to the commons is what eventually gave rise to Parliament and participatory democracy. On Sun, Jan 4, 2015 at 10:11 PM, Cathal Garvey <cathalgarvey@cathalgarvey.me> wrote:
Earlier, in fact. The phrase "tragedy of the commons" derives from nobel-prize-winning research that found that unregulated commons more often than not are abused to the point of collapse.
It's worth pointing out for clarity that I wasn't rabbiting the point used by the powerful to enclose commons, where regulation means enclosure, but rather referring to enclosure itself as the tragedy. I will happily read the directed Manifesto, thanks. But I think it's also clear that commons are often abused, though the classical abuse appears uncommon.. because unregulated commons simply collapse early. Those that appear "unregulated" are more often regulated by social structures; no less significant than threats of reprisal in the right context! However, online, we lack the means to enforce social censure effectively, particularly against large enclosing actors. On 05/01/15 20:52, Chrrles Paul wrote:
It might be good to give Peter Linebaugh's "Magna Carta Manifesto" a read for some understanding both on how the "tragedy of the commons" never actually happened, and how the popular struggle for access to the commons is what eventually gave rise to Parliament and participatory democracy.
On Sun, Jan 4, 2015 at 10:11 PM, Cathal Garvey <cathalgarvey@cathalgarvey.me> wrote:
Earlier, in fact. The phrase "tragedy of the commons" derives from nobel-prize-winning research that found that unregulated commons more often than not are abused to the point of collapse.
On Sun, Jan 4, 2015 at 7:00 AM, rysiek <rysiek@hackerspace.pl> wrote:
Apparently Facebook used a modified OpenSSL version that was accidentally not vulnerable. Had OpenSSL been licensed under a copyleft license, maybe we wouldn't have Heartbleed at all.
No. GPL does not require redistribution of mods used privately, only if redistribution occurs are such mods required to be redistributed. Facebook chose not to redistribute, therefore GPL would have made no difference because it would not trigger.
makes it easier to get all the patches/fixes/etc other people made
No, not unless redistribution triggers. All these giant companies modifying GPL code to their internal purposes, not so many @bigcorp.com's present on the mailing lists.
In the digital world selling *products* (think: Windows licenses) simply does not work
Yeah, apparently not... https://www.google.com/finance/related?q=MSFT https://www.google.com/finance/related?q=FOX Restrictions on piracy are what does not work. Neither GPL or any other license apply in that realm.
The answer here is to move towards selling *services*
No, people are free to choose their careers.
[GPL] makes it *harder* for large corporations to close that work and out-sell it
Both GPL and BSD can dual license and make millions as their own corporations.
So why exactly does anybody here feel the need to retain the right to close their [own software]
People are free to choose that for their own software. It's "all rights reserved", an inalienable moral right. Berne says so... http://en.wikipedia.org/wiki/Berne_Convention https://lists.debian.org/debian-legal/2007/06/msg00252.html
(or [close] anybody else's, for that matter) software?
No, that is not what happens with BSD. You cannot close the authors own rights, or replace their license with your own, it's "all rights reserved". You can only close your copy of the BSD work the author gave you. http://lucumr.pocoo.org/2009/2/12/are-you-sure-you-want-to-use-gpl/ Tomorrow, Linus/Stallman could, via Berne, slap a Microsoft style license on all their own work contributions they ever subsequently released to Linux/GNU under the GPL and seed their own companies with it and be under no obligation to ever let you see it or any future mods they make to it. You, having already received an earlier GPL copy, can keep on with that. "copyleft" GPL is, in fact, a restriction of freedom. "permissive" BSD is, in fact, a granting of freedom. There can be no argument there. NetBSD says... "We don't think it's right to require people who add to our work and want to distribute the results (for profit or otherwise) to give away the source to their additions; they made the additions, and they should be free to do with them as they wish." http://en.wikipedia.org/wiki/Permissive_free_software_licence http://en.wikipedia.org/wiki/BSD_licenses http://www.openbsd.org/policy.html http://www.netbsd.org/about/redistribution.html#why-berkeley https://www.freebsd.org/doc/en/articles/committers-guide/article.html#pref-l... http://en.wikipedia.org/wiki/WTFPL http://en.wikipedia.org/wiki/Public_domain http://en.wikipedia.org/wiki/University_of_Illinois/NCSA_Open_Source_License The BSD is about freedom. If someone copies BSD work and closes it, griping happens, yet the BSD community doesn't really care because they granted and expected that beforehand, and they keep on developing openly. That honoring and/or supporting of free choice is their ethos. Turns out, after getting out from under the AT&T issues, and doing lots of cleanroom work (eg: LLVM/CLANG, adoption of BSD utils over GPL), and enforcing what work they will accept, they're getting that returned to them more and more and won't be disappearing anytime soon... https://www.freebsdfoundation.org/ http://www.openbsdfoundation.org/ http://www.netbsd.org/foundation/
economical benefits
BSD folks also enjoy making BSD products and working for BSD companies that GPL folks like to falsely claim "stole" BSD licensed software. http://en.wikipedia.org/wiki/List_of_products_based_on_FreeBSD https://www.freebsd.org/commercial/commercial.html http://www.netbsd.org/gallery/products.html http://www.openbsd.org/products.html Not being able to sell software because it's been forced open largely wipes out an entire economic sector.
I see [...] benefits from [GPL ...]
... so do perhaps communists/communals and say religious believers. In a way, GPL folks could be seen as a bit afraid, lacking independance or confidence, so as action in commons, (or even if not seen that way but instead only on a mission to push and test new social paradigm). they slap on the GPL to chain others to their belief under threat. That doesn't seem very free.
This: ["MUH FREEDUMS" ...]
BSD is about honoring freedom, not about ramming freedom down your throat under threat of suit.
... is the boiled down distinction between BSD and GPL. GPL is pushing something on you once you touch it, BSD lets you choose freely as suits you best, including from among the social paradigm GPL is pushing. Laws do not prevent people from doing bad things, neither do people need licensed to do good things.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/01/15 05:02 PM, grarpamp wrote:
"copyleft" GPL is, in fact, a restriction of freedom. "permissive" BSD is, in fact, a granting of freedom. There can be no argument there.
There can. Both restore rights that copyright otherwise restricts. The GPL ensures that you are free to use the software even if you receive it from a third party. BSD doesn't do that. Therefore BSD "grants" less freedom than the GPL. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUqiKlAAoJECciMUAZd2dZXBQH/RIIYunfo5YKUXr3kAaBJCen VX3W83XFgjIfs7V1HcKW9EbRNOOyPyFJbdPRA1UDiK/R8f/z94jmq6lo8jdFM8mo R8GKK+Y79m8Jqk0kYvOwoAROqf/Etk6obsT9BEBc9gzzBN4H+46KrsEPmuLyQkgN Uy7pYpLe5146OhR6nfrzojqET207cIGCr0KgrtRXvThVN9Tg1kUcBtrW8jEiv1mq fQS476UCJU/IlQeFZ9tJL4+CFK6bCHKtRCRO1to95jzXUIGqWwa+/OfCN71UZJ5L SAM8WD6twoNh7zDJsfPoCpyl8r2ZLZfWLs13G4VQ5I39NPxn3FvHt740OR4rDsI= =9mQO -----END PGP SIGNATURE-----
On Mon, Jan 5, 2015 at 12:35 AM, Rob Myers <rob@robmyers.org> wrote:
Both restore rights that copyright otherwise restricts.
No. Copyright exists automatically in default state of "all rights reserved". Any "restoration" you may wish or take for yourself within that is an abuse of the author's rights as you have none. Any rights to the author's work you may have are granted to you as the author chooses. Subject to various limited notions... https://en.wikipedia.org/wiki/Traditional_safety_valves https://en.wikipedia.org/wiki/Fair_dealing
The GPL ensures that you are free to use the software even if you receive it from a third party. BSD doesn't do that.
Yes it does. The author can slap BSD or GPL on it, give it to Alice who gives it to Bob who gives it Carl who gives it to you which you then "use". There's no difference between the two there.
Therefore BSD "grants" less freedom than the GPL.
No it doesn't. This has already been explained. GPL people often confuse freedom vs force(d open source redistribution), and permissive vs restrictive. Don't get confused. https://en.wikipedia.org/wiki/Copyright https://en.wikipedia.org/wiki/List_of_parties_to_international_copyright_tre... https://en.wikipedia.org/wiki/Philosophy_of_copyright https://en.wikipedia.org/wiki/Anti-copyright Yarr!
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I read this and I just get more confused. One I feel like this is topic drift (but don't worry about that, I'm glad for a little drift here) and two... what about bitcoin which is.... MIT right? I don't mean to drift it further... but I feel like this gets to be a circular thing. M. Gogulski had an argument (not sure if on this list but maybe it was on Unsystem) sometime I think early last year in which he had some arguments I hadn't considered for different types of unlicensing approaches. Which again, I just hadn't considered before he had elaborated on it at length. In comparison the whole thing I found at the time a bit befuddling. This led me to ask if maybe there was just a way to release it into domain (public domain) without the whole licensing system and multitude of restrictions and competing licensing restrictions (including Unlicense) coming into play, depending on the project / projects being considered. (Again I think we are twirling in circles here) But part of this in the final analysis should be what software projects have succeeded and really circled the globe (and resisted various kinds of intrusions/attacks) regardless of what labels we have slapped on them? Well, they have been: Non-corporate, generally non-organizational also open source Consider some of the conclusions from both 30c3 and 31c3 I'm repeating the obvious now so I'll shut up grarpamp:
On Mon, Jan 5, 2015 at 12:35 AM, Rob Myers <rob@robmyers.org> wrote:
Both restore rights that copyright otherwise restricts.
No. Copyright exists automatically in default state of "all rights reserved". Any "restoration" you may wish or take for yourself within that is an abuse of the author's rights as you have none. Any rights to the author's work you may have are granted to you as the author chooses. Subject to various limited notions... https://en.wikipedia.org/wiki/Traditional_safety_valves https://en.wikipedia.org/wiki/Fair_dealing
The GPL ensures that you are free to use the software even if you receive it from a third party. BSD doesn't do that.
Yes it does. The author can slap BSD or GPL on it, give it to Alice who gives it to Bob who gives it Carl who gives it to you which you then "use". There's no difference between the two there.
Therefore BSD "grants" less freedom than the GPL.
No it doesn't. This has already been explained. GPL people often confuse freedom vs force(d open source redistribution), and permissive vs restrictive. Don't get confused.
https://en.wikipedia.org/wiki/Copyright https://en.wikipedia.org/wiki/List_of_parties_to_international_copyright_tre...
https://en.wikipedia.org/wiki/Philosophy_of_copyright
- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJUqvRGAAoJEGxwq/inSG8CQ7oIAJl6FTr0D9nKKoh4mDOofQtb t4W25ma/aNb0QSMp51Xc18S5EoqCsnHAShkOr4ebzssnNYXYr2M746DjmflwnpXZ xF9OtlSR6CT/17AOFrEXUwgEsDFngdJzumv8Fi09xbJ09PwNVa6x3tZ4jMmv8tPx x57K7fN6VbceMimRQRA24g19z9I8mBF/yW1bdh5+3STmdnR0ASrjnzgywZLoF9Q4 X8tj6E9oZ0cooDRhzDfGwo3lCirYazmHwjK6Y5qHwcRCkyOy2eyDLumKDbeQNEBS 5e64G/6AQfCA6HG1q/2/qpcaf6X8OYVFsX70DQws1q+S5W6rVRaD5K/3MkyeOEU= =px75 -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2015-01-05 12:29, odinn wrote:
This led me to ask if maybe there was just a way to release it into domain (public domain) without the whole licensing system and multitude of restrictions and competing licensing restrictions (including Unlicense) coming into play, depending on the project / projects being considered. (Again I think we are twirling in circles here)
This isn't unheard of, the main example would be SQLite which is completely public domain to great success. Although it depends on jurisdiction, they explain this licensing arrangement as "Anyone is free to copy, modify, publish, use, compile, sell, or distribute the original SQLite code, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means," which sounds about as free as it can get to me. I had a discussion with RMS about this not that long ago. In fact, the discussion began with the BSD project, which he seems to view primarily as an attempt to undermine the work of the FSF (an opinion that he expresses in some of his public talks as well). Anyway, I think it is apparent from talking to RMS that he feels that it is a goal of GPL to prevent "user-subjugating" software vendors ever obtaining any commercial advantage from GPL-licensed code. The theory of it is a bit like not selling ammunition to KKK members or something, RMS does not want to allow his enemies to use the tools he creates. Of course I don't agree with him in this regard, but that's because I don't feel that closed-source software is intrinsically evil. From RMS's perspective, that closed-source software is fundamentally a violation of the rights of the user, it makes a great deal of sense. I think that even FSF advocates increasingly don't align fully with RMS on this issue, but his ideas have certainly influenced the GPL. jc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJUqzotAAoJEBPrCUVAhb3Bn+kH+gLE/UOT4KPtf41ZKDr8L4UC wl6F2GD6Pph7IFFzctpG4L5X84onFX45785Q3l56fmheIrt/FrBQJRmIkaLj3l0P K7nRtHo0pAxrixTPc9CZ/6wnrVg0jHhayqnnXMKJjL6JqX/AUj9eE3qmG9X5EhmW bHpmsl6tmqAMWGWUktEfRdjBpaAMnTCiOIzrSn3SXpILaPU1plK3XHP/pxlHdhnc ULVZ2GbCNPwCU7LgZOHeCZyaC6yFez2VwsxtFO04vLPh9KCoe7cPO+6G/sO5dLrq Mu06kiSUla08eLLTa6soR3meMGGfbQAQq/IkRCKdzLnWz4bH4n6r+t7AsX26ItQ= =ytXp -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello Jesse, Jesse B. Crawford:
On 2015-01-05 12:29, odinn wrote:
This led me to ask if maybe there was just a way to release it into domain (public domain) without the whole licensing system and multitude of restrictions and competing licensing restrictions (including Unlicense) coming into play, depending on the project / projects being considered. (Again I think we are twirling in circles here)
This isn't unheard of, the main example would be SQLite which is completely public domain to great success.
Hmm.
Although it depends on jurisdiction,
Here, then. Why would it necessarily depend on jurisdiction? Isn't the jurisdiction primarily something that really is something that one imagines and then imposes? Or is the imagination and imposition something that occurs simultaneously? Past, present, future, "necessarily" chosen perceptions in order to prevent one's mind from popping before the realization that it is not the spoon that bends, it is you. :-) In any event, are our notions of "jurisdiction" regardless of how they are implemented or put into practice in what we consider to be "real world," practical and reasonable, or are they merely part of a mental prison which we routinely impose upon ourselves? Too many words, though. Wrapping up: The Gateless Gate (1228) by Mumon, translated by Nyogen Koan number 29 out of 49 in this work (published 1228, translated 1934) Two monks were arguing about a flag. One said: "The flag is moving." The other said: "The wind is moving." The sixth patriarch happened to be passing by. He told them: "Not the wind, not the flag; mind is moving." Mumon’s comment: The sixth patriarch said: "The wind is not moving, the flag is not moving. Mind is moving." What did he mean? If you understand this intimately, you will see the two monks there trying to buy iron and gaining gold. The sixth patriarch could not bear to see those two dull heads, so he made such a bargain. Wind, flag, mind moves, The same understanding. When the mouth opens All are wrong. Then, here.
they explain this licensing arrangement as "Anyone is free to copy, modify, publish, use, compile, sell, or distribute the original SQLite code, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means," which sounds about as free as it can get to me.
I had a discussion with RMS about this not that long ago. In fact, the discussion began with the BSD project, which he seems to view primarily as an attempt to undermine the work of the FSF (an opinion that he expresses in some of his public talks as well). Anyway, I think it is apparent from talking to RMS that he feels that it is a goal of GPL to prevent "user-subjugating" software vendors ever obtaining any commercial advantage from GPL-licensed code. The theory of it is a bit like not selling ammunition to KKK members or something, RMS does not want to allow his enemies to use the tools he creates.
Of course I don't agree with him in this regard, but that's because I don't feel that closed-source software is intrinsically evil. From RMS's perspective, that closed-source software is fundamentally a violation of the rights of the user, it makes a great deal of sense.
I think that even FSF advocates increasingly don't align fully with RMS on this issue, but his ideas have certainly influenced the GPL.
jc
- -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJUq47BAAoJEGxwq/inSG8CB1MIAMBHwYOJBLNJiXPLA20G7coS aj3qAT3GjwFcIZSxM4PODIUiozEY1mDrgOf0MSq+3UByAVDh51IbGrDo7D4aApNM +BjD/AuajtTUYZz9+exSBnRynYsDZfBmDi3HPBIwYyWnDfdlasmSvI/jT+9bByl6 0Jnx+8knTQXBOgJF76Gsk2QNwHYyj5AM79wg59z+I4Afhbr2JqZafRtWvD8r/emm CCmxhOxhiiPSCHQ7dde+/4k66gLUBb6Xmvr6pK4GvXxGhVHkC+lAaNziIdZ+Vs3M wTYf7viT4VcBV1rD3u/KbpBj/lUjU7RYPWAods+5dEuJw/KYhWx5HRJ1SBn4s4g= =EhS/ -----END PGP SIGNATURE-----
Dnia wtorek, 6 stycznia 2015 07:29:05 odinn pisze:
Hello Jesse,
Jesse B. Crawford:
On 2015-01-05 12:29, odinn wrote:
This led me to ask if maybe there was just a way to release it into domain (public domain) without the whole licensing system and multitude of restrictions and competing licensing restrictions (including Unlicense) coming into play, depending on the project / projects being considered. (Again I think we are twirling in circles here)
This isn't unheard of, the main example would be SQLite which is completely public domain to great success.
Hmm.
Although it depends on jurisdiction,
Here, then. Why would it necessarily depend on jurisdiction? Isn't the jurisdiction primarily something that really is something that one imagines and then imposes? Or is the imagination and imposition something that occurs simultaneously?
You can imagine and impose all you want, yet you can't release software to Public Domain in Poland. Polish copyright law does not have that functionality (sadly). -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
RMS does not want to allow his enemies to use the tools he creates.
Well, no; he wants them to use it as much as they like, as long as they give back to the commons on which they built their foundations. There's nothing at all wrong with asking that. RMS would likely be insulted at the idea that he would forbid essential freedoms to *anyone*, including the companies he hates. There's an undercurrent in some patches of this discussion, if I may, that suggests that openness is orthogonal to commercial success; the idea being that GPL is "anti-business" and weaker licenses are "pro-business". I'll just throw in "citation needed" with the reminder that correlation does not imply causation. Users (more like "Used") buy Windows all the time even though everyone knows it can be had for free. Music lovers continue to pay for music even though it's common knowledge that it can be had with less malware on torrent sites, or simply cribbed from friends. Same for books, same for everything. Artificial scarcity creates artificial demand, but a natural abundance does not diminish natural demand. And if you want to sell open code, it had better be GPL, or your competitors will steal all your best ideas and leave you with an inferior product. With GPL, you *invite* your competitors to improve with you, while you both crib one another's work and get better and more usefully distinct over time. On 06/01/15 01:28, Jesse B. Crawford wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2015-01-05 12:29, odinn wrote:
This led me to ask if maybe there was just a way to release it into domain (public domain) without the whole licensing system and multitude of restrictions and competing licensing restrictions (including Unlicense) coming into play, depending on the project / projects being considered. (Again I think we are twirling in circles here)
This isn't unheard of, the main example would be SQLite which is completely public domain to great success. Although it depends on jurisdiction, they explain this licensing arrangement as "Anyone is free to copy, modify, publish, use, compile, sell, or distribute the original SQLite code, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means," which sounds about as free as it can get to me.
I had a discussion with RMS about this not that long ago. In fact, the discussion began with the BSD project, which he seems to view primarily as an attempt to undermine the work of the FSF (an opinion that he expresses in some of his public talks as well). Anyway, I think it is apparent from talking to RMS that he feels that it is a goal of GPL to prevent "user-subjugating" software vendors ever obtaining any commercial advantage from GPL-licensed code. The theory of it is a bit like not selling ammunition to KKK members or something, RMS does not want to allow his enemies to use the tools he creates.
Of course I don't agree with him in this regard, but that's because I don't feel that closed-source software is intrinsically evil. From RMS's perspective, that closed-source software is fundamentally a violation of the rights of the user, it makes a great deal of sense.
I think that even FSF advocates increasingly don't align fully with RMS on this issue, but his ideas have certainly influenced the GPL.
jc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBAgAGBQJUqzotAAoJEBPrCUVAhb3Bn+kH+gLE/UOT4KPtf41ZKDr8L4UC wl6F2GD6Pph7IFFzctpG4L5X84onFX45785Q3l56fmheIrt/FrBQJRmIkaLj3l0P K7nRtHo0pAxrixTPc9CZ/6wnrVg0jHhayqnnXMKJjL6JqX/AUj9eE3qmG9X5EhmW bHpmsl6tmqAMWGWUktEfRdjBpaAMnTCiOIzrSn3SXpILaPU1plK3XHP/pxlHdhnc ULVZ2GbCNPwCU7LgZOHeCZyaC6yFez2VwsxtFO04vLPh9KCoe7cPO+6G/sO5dLrq Mu06kiSUla08eLLTa6soR3meMGGfbQAQq/IkRCKdzLnWz4bH4n6r+t7AsX26ItQ= =ytXp -----END PGP SIGNATURE-----
Yay! Bikeshed! /getspopcorn On January 6, 2015 2:43:18 AM CST, Cathal Garvey <cathalgarvey@cathalgarvey.me> wrote:
RMS does not want to allow his enemies to use the tools he creates.
Well, no; he wants them to use it as much as they like, as long as they
give back to the commons on which they built their foundations. There's
nothing at all wrong with asking that.
RMS would likely be insulted at the idea that he would forbid essential
freedoms to *anyone*, including the companies he hates.
There's an undercurrent in some patches of this discussion, if I may, that suggests that openness is orthogonal to commercial success; the idea being that GPL is "anti-business" and weaker licenses are "pro-business". I'll just throw in "citation needed" with the reminder that correlation does not imply causation.
Users (more like "Used") buy Windows all the time even though everyone knows it can be had for free. Music lovers continue to pay for music even though it's common knowledge that it can be had with less malware on torrent sites, or simply cribbed from friends. Same for books, same for everything.
Artificial scarcity creates artificial demand, but a natural abundance does not diminish natural demand. And if you want to sell open code, it
had better be GPL, or your competitors will steal all your best ideas and leave you with an inferior product. With GPL, you *invite* your competitors to improve with you, while you both crib one another's work
and get better and more usefully distinct over time.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2015-01-05 12:29, odinn wrote:
This led me to ask if maybe there was just a way to release it into domain (public domain) without the whole licensing system and multitude of restrictions and competing licensing restrictions (including Unlicense) coming into play, depending on the project / projects being considered. (Again I think we are twirling in circles here)
This isn't unheard of, the main example would be SQLite which is completely public domain to great success. Although it depends on jurisdiction, they explain this licensing arrangement as "Anyone is free to copy, modify, publish, use, compile, sell, or distribute the original SQLite code, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means," which sounds about as free as it can get to me.
I had a discussion with RMS about this not that long ago. In fact,
On 06/01/15 01:28, Jesse B. Crawford wrote: the
discussion began with the BSD project, which he seems to view primarily as an attempt to undermine the work of the FSF (an opinion that he expresses in some of his public talks as well). Anyway, I think it is apparent from talking to RMS that he feels that it is a goal of GPL to prevent "user-subjugating" software vendors ever obtaining any commercial advantage from GPL-licensed code. The theory of it is a bit like not selling ammunition to KKK members or something, RMS does not want to allow his enemies to use the tools he creates.
Of course I don't agree with him in this regard, but that's because I don't feel that closed-source software is intrinsically evil. From RMS's perspective, that closed-source software is fundamentally a violation of the rights of the user, it makes a great deal of sense.
I think that even FSF advocates increasingly don't align fully with RMS on this issue, but his ideas have certainly influenced the GPL.
jc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQEcBAEBAgAGBQJUqzotAAoJEBPrCUVAhb3Bn+kH+gLE/UOT4KPtf41ZKDr8L4UC wl6F2GD6Pph7IFFzctpG4L5X84onFX45785Q3l56fmheIrt/FrBQJRmIkaLj3l0P K7nRtHo0pAxrixTPc9CZ/6wnrVg0jHhayqnnXMKJjL6JqX/AUj9eE3qmG9X5EhmW bHpmsl6tmqAMWGWUktEfRdjBpaAMnTCiOIzrSn3SXpILaPU1plK3XHP/pxlHdhnc ULVZ2GbCNPwCU7LgZOHeCZyaC6yFez2VwsxtFO04vLPh9KCoe7cPO+6G/sO5dLrq Mu06kiSUla08eLLTa6soR3meMGGfbQAQq/IkRCKdzLnWz4bH4n6r+t7AsX26ItQ= =ytXp -----END PGP SIGNATURE-----
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Mon, 5 Jan 2015 02:59:33 -0500 grarpamp <grarpamp@gmail.com> wrote:
On Mon, Jan 5, 2015 at 12:35 AM, Rob Myers <rob@robmyers.org> wrote:
Both restore rights that copyright otherwise restricts.
No. Copyright exists automatically in default state of "all rights reserved".
No. Copyright is just a state-granted privilege. A part of the fake 'intellectual property' collection of 'rights'.
Any "restoration" you may wish or take for yourself within that is an abuse of the author's rights as you have none. Any rights to the author's work you may have are granted to you as the author chooses. Subject to various limited notions... https://en.wikipedia.org/wiki/Traditional_safety_valves https://en.wikipedia.org/wiki/Fair_dealing
The GPL ensures that you are free to use the software even if you receive it from a third party. BSD doesn't do that.
Yes it does. The author can slap BSD or GPL on it, give it to Alice who gives it to Bob who gives it Carl who gives it to you which you then "use". There's no difference between the two there.
Therefore BSD "grants" less freedom than the GPL.
No it doesn't. This has already been explained. GPL people often confuse freedom vs force(d open source redistribution), and permissive vs restrictive. Don't get confused.
https://en.wikipedia.org/wiki/Copyright https://en.wikipedia.org/wiki/List_of_parties_to_international_copyright_tre... https://en.wikipedia.org/wiki/Philosophy_of_copyright https://en.wikipedia.org/wiki/Anti-copyright Yarr!
Dnia poniedziałek, 5 stycznia 2015 21:35:20 Juan pisze:
On Mon, 5 Jan 2015 02:59:33 -0500
grarpamp <grarpamp@gmail.com> wrote:
On Mon, Jan 5, 2015 at 12:35 AM, Rob Myers <rob@robmyers.org> wrote:
Both restore rights that copyright otherwise restricts.
No. Copyright exists automatically in default state of "all rights reserved".
No. Copyright is just a state-granted privilege. A part of the fake 'intellectual property' collection of 'rights'.
For once, we agree: http://copyspeak.org/copyright http://copyspeak.org/intellectual-property -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
On 1/5/15, grarpamp <grarpamp@gmail.com> wrote:
On Mon, Jan 5, 2015 at 12:35 AM, Rob Myers <rob@robmyers.org> wrote:
Both restore rights that copyright otherwise restricts.
No. Copyright exists automatically in default state of "all rights reserved".
But that shifts the ground on what Rob was speaking to. Sure you can say 'in the default state of "all rights reserved"', that 'copyright exists automatically', and we can even go so far as to say the --current legal regime-- grants 'copyright protection by default', which in jurisdictions I am aware of, is the case. BUT, copyright itself, is a legal fiction. THIS (as I read it) is the foundation on which Rob makes his point. So, we most of us do in fact live in an artificial statutory regime of various legal fictions, one of which is called copyright, the right to make copies, and the right to grant (or restrict, by default or otherwise) others the right to make "copies". In THIS regime (default statutory fiction rights, re copying), the BSD and GPL licenses "restore rights that copyright otherwise restricts" - Rob's words are precise, correct, and clear.
Any "restoration" you may wish or take for yourself within that is an abuse of the author's rights as you have none.
This is a non-argument, and I'm not sure you're making a point, or making your point in a way I can understand. The "restoration" that Rob speaks to is **the author's** choice of license, the *author*, who by "statutory legal fiction right by default" is granted exclusive right to make copies of --author's own work--, chooses, of --his own free will-- to "restore" to recipients of author's said works, certain rights otherwise restricted by said statute fiction rights. Rob's words are clear and simple. Mine are verbose. Grarpamp, am I understanding your position correctly, or am I missing something (as in, from my viewpoint, you were missing Rob's point)?
Any rights to the author's work you may have are granted to you as the author chooses.
In the regime of legal fiction rights, yes...
Subject to various limited notions... https://en.wikipedia.org/wiki/Traditional_safety_valves https://en.wikipedia.org/wiki/Fair_dealing
The GPL ensures that you are free to use the software even if you receive it from a third party. BSD doesn't do that.
Yes it does.
No it does not. GPL ensures that recipients may not -further restrict- the freedoms 'granted' by the GPL (which is presumably the author's desire and reason for choosing to license under GPL); BSD only ensures -first recipient- has "GPL like" freedoms, in addition to the "freedom to futher distribute under proprietary license", which some of us consider to be a freedom that ought not be granted, and for those who consider this way, the GPL is therefore a much better choice - the point being, if the -first recipient- of BSD licensed software thereafter distributes under freedom-removing license (proprietary), said recipients are no longer using free/libre software, but proprietary software - this is what GPL attempts to handle/ improve upon, and yes, some people prefer to distribute their software with the right for recipients to distribute as proprietary ("the freedom to take away freedom").
The author can slap BSD or GPL on it, give it to Alice who gives it to Bob who gives it Carl who gives it to you which you then "use". There's no difference between the two there.
:) Your liberal viewpoint is technically correct, -for the example you give-; but as you must well know, Alice or Bob may "remove the BSD license when they distribute" (or to use your term, "slap on a proprietary license") to Bob and Carl respectively. Ignoring this alternative pathway in your argument, does not make that pathway non-existent.
Therefore BSD "grants" less freedom than the GPL.
No it doesn't. This has already been explained. GPL people often confuse freedom vs force(d open source redistribution), and permissive vs restrictive. Don't get confused.
On this point I agree with you. BSD grants all the freedoms that GPL does, -as well as- the freedom for the recipient to add restrictions of any sort when he further distributes. So in that technical sense, the BSD license provides "more freedom". GPL proponents (which include myself), consider that the GPL's 'hack' of the legal fiction rights granted by statute law, is a useful mechanism to work towards maximising the amount of free/libre software available in the world, over the long term. It is a valid, and apparently effective, strategy. And one I wholeheartedly support :) I welcome reviews of my new play, Pirates of the Commons:
https://en.wikipedia.org/wiki/Copyright https://en.wikipedia.org/wiki/List_of_parties_to_international_copyright_tre... https://en.wikipedia.org/wiki/Philosophy_of_copyright
Pirates of the Commons. ================= A play by the freedom-deprived, of the freedom-deprived, and for the freedom-deprived. Arr! <parrot> No freedom. No freedom. Arr. Arr.
<the ghost of christmas Apple> Arrgh me hardies, let us pillage and plunderrr the code of the mighty ship BSD Commons. She sits with her sails a flappin' promiscuously in the breeze tharrr! Arr. <draws out monocular and views the tarrrget> Ay lads, she's sittin' vulnerable in them tharr waters of statutory easy lays and a wealth of booty for us 'n' us alone does she provide. Arr. <sound of whips cracking> Code laddies, code! No slack till the walled garrrden is done lads! <parrot> No freedom. No freedom. Arr. Arr. END.
Dnia niedziela, 4 stycznia 2015 20:02:12 grarpamp pisze:
On Sun, Jan 4, 2015 at 7:00 AM, rysiek <rysiek@hackerspace.pl> wrote:
Apparently Facebook used a modified OpenSSL version that was accidentally not vulnerable. Had OpenSSL been licensed under a copyleft license, maybe we wouldn't have Heartbleed at all.
No. GPL does not require redistribution of mods used privately, only if redistribution occurs are such mods required to be redistributed. Facebook chose not to redistribute, therefore GPL would have made no difference because it would not trigger.
Yeah, that's why I'm actually a fan of the AGPL. :) By the way, I have no problem with private use not triggering *GPL, but Facebook's use of OpenSSL is hardly private, as if I were to use Facebook I would have to interact with their OpenSSL instance/copy/whatever-you-call-it. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
On Fri, Jan 9, 2015 at 5:33 PM, rysiek <rysiek@hackerspace.pl> wrote:
Facebook's use of OpenSSL is hardly private, as if I were to use Facebook I would have to interact with their OpenSSL instance/copy/whatever-you-call-it.
No you're interacting with TLS, an open IETF standard protocol that cryptographically will either secure or not the line connection regardless of what's behind it is legit or not. Facebook's public use of TLS front by OpenSSL library or any other implementation of TLS protocol front is private license wise (while perhaps unfortunate bug, market share, or otherwise).
Dnia niedziela, 18 stycznia 2015 16:44:37 grarpamp pisze:
On Fri, Jan 9, 2015 at 5:33 PM, rysiek <rysiek@hackerspace.pl> wrote:
Facebook's use of OpenSSL is hardly private, as if I were to use Facebook I would have to interact with their OpenSSL instance/copy/whatever-you-call-it.
No you're interacting with TLS, an open IETF standard protocol
Let me stop you right here and let's all ponder for a while the notion of "interacting with a protocol". What an interesting ontology you have! I'll be conservative, though, and keep on claiming that I'm interacting with *software that implements* a given protocol. Although when somebody takes a friend to court over some DDoS or port scanning, I'll be sure to remember this gem and use the "he wasn't attacking the software, he was only interacting with the *protocol*, Your Honour!" defence. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147
Very On-topic talk by Bradley Kuhn at Linux.conf.au this month: https://www.youtube.com/watch?v=-ItFjEG3LaA Still mid-way through it, very philosophical and very good background from a thoughtful and self-critical GPL advocate on "why GPL", and "should the GPL always be the way". On 18/01/15 21:44, grarpamp wrote:
On Fri, Jan 9, 2015 at 5:33 PM, rysiek <rysiek@hackerspace.pl> wrote:
Facebook's use of OpenSSL is hardly private, as if I were to use Facebook I would have to interact with their OpenSSL instance/copy/whatever-you-call-it.
No you're interacting with TLS, an open IETF standard protocol that cryptographically will either secure or not the line connection regardless of what's behind it is legit or not. Facebook's public use of TLS front by OpenSSL library or any other implementation of TLS protocol front is private license wise (while perhaps unfortunate bug, market share, or otherwise).
-- Twitter: @onetruecathal Phone: +353876363185 miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM peerio.com: Use email or phone. Uses above miniLock key.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Jan 3, 2015, at 12:23 PM, Cathal Garvey wrote:
What are the critical truecrypt features people actually want, that made it special?
For me the features were many but mainly; Near seamless big three multi platform compatibility, TC volumes on thumb drives and in the dropbox open pretty much everywhere. While I nver had the need to use them the deniable containers seemed useful for travelers. The consternation that governments have had with it is a bonus. If they can break it, they are classifying it high enough to not break it in public. Would make it seem to be fairly secure. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJUrBwSAAoJEBuh/pdhlD51x5UH/j32ihiczMta14Ms+GGkOAdH 0eO5jF4nOA9fjvMo4yKvB79IOXKoxyKDB9g9tBXzBMzmukYGb4OXtWAZo4Unhgfn T8rlunOnsM0f3c0Esv8fimC9nyjWshpsKUI1ZJhPBbp2r++8lpJW/WF5HwVtOsEO CB0OdcjcfYSccvU12rgvY7EsD4EOob0ylHBPW6hcVIEevGbO6snbNnvqAOwc1JOu XaWgDIK6nEsN+yfEsqhEHkmiGhq/+I7h7C1R8jSDhfjNqArVUdEltgyD9gzj7Uj5 OUD7vMQbGG7ZOKepsGbnM58kvTmQc5jWMmEkVp0PoXwx9uzvXuz2iluX7ElHp5w= =cPF1 -----END PGP SIGNATURE-----
participants (17)
-
Blibbet -
Cathal Garvey -
Chrrles Paul -
Dave Howe -
grarpamp -
Griffin Boyce -
Jerry -
Jesse B. Crawford -
John -
Juan -
odinn -
Rob Myers -
rysiek -
Shawn K. Quinn -
Zenaan Harkness -
Łukasz 'Cyber Killer' Korpalski -
Александр