Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Open Source Foundations Coming of Age — What Next?

Soulskill posted about 2 years ago | from the demanding-a-new-car-for-their-birthdays dept.

Open Source 65

An article at The H makes the case that many open source foundations have successfully proven their worth and withstood the test of time as legitimate entities. This leads to the question: where do they go from here? The author suggests an umbrella foundation to provide consistent direction across many projects. Quoting; "As you might expect, the main aim of most foundations is to promote their own particular project and its associated programs. For the putative [Open Source Foundation Foundation], that would generalise into promoting open source foundations as a way of supporting open source activity. In practical terms, that might translate into establishing best practice, codifying what needs to be done in order to create an open source foundation in different jurisdictions with their differing legal requirements. That would make it far easier for smaller projects – such as Krita – to draw on that body of knowledge once they have decided to take this route. It might also encourage yet more projects to do the same, encouraged by the existence of support mechanisms that will help them to navigate safely the legal requirements, and to minimise costs by drawing on the experience of others. After all, this is precisely the way open source works, and what makes it so efficient: it tries to avoid re-inventing the wheel by sharing pre-existing solutions to problems or sub-problems."

Sorry! There are no comments related to the filter you selected.

"Centralization does not scale." (3, Informative)

John Hasler (414242) | about 2 years ago | (#42391245)

Multiple "umbrella" organizations? Sure. One single central authority? Do Not Want.

Re:"Centralization does not scale." (0)

Anonymous Coward | about 2 years ago | (#42391327)

What is structure without authority?

Sometimes more is not better.

Re:"Centralization does not scale." (1)

steviesteveo12 (2755637) | about 2 years ago | (#42394463)

The nice thing about standards is that there're so many of them.

Re:"Centralization does not scale." (2)

jcoy42 (412359) | about 2 years ago | (#42391529)

No kidding. I read that summary as "Hey, we've found these systems that are really working well and so we were thinking we'd like to change that".

It's working JUST FINE- bugger off.

Re:"Centralization does not scale." (0)

Anonymous Coward | about 2 years ago | (#42391793)

I know this sounds horribly negative, but I'm getting one of those vibes like someone wants to be more important than they already are. Do these Open Source foundations feel like they lack direction and need the authority and guidance of a new boss foundation to get things done?

I've found that additional bureaucracy and the in-fighting that comes with it makes things worse. Not better.

Re:"Centralization does not scale." (2)

davester666 (731373) | about 2 years ago | (#42392279)

It's just like most analysts of Apple.

You are very successful up to now.
But now that you are so successful, you must change and start doing things the way everybody else is, otherwise, you will go out of business.

Re:"Centralization does not scale." (1)

unixisc (2429386) | about 2 years ago | (#42392317)

Not only that - if different organizations have different goals, like OSI and FSF do, bringing them under a common umbrella is self defeating.

Re:"Centralization does not scale." (-1)

Anonymous Coward | about 2 years ago | (#42392631)

TEMPEST Attacks! LCD Monitor leaks system noise to FRS
=
I don't operate any wireless equipment at my living location. This includes computers, computer equipment, routers, non-computer equipment, etc.

I'm having a problem with one of my LCD monitors.

It works without problems. That was until I picked up some heavy static noises from a hand held radio. I eliminated all sources of generating this type of noise until I came towards an LCD monitor. When the monitor is on and there is content on the screen the radio makes several types of garbage(static) sounds. As I manipulate contents on the screen, maximize and minimize windows, open different applications, the radio responds with scratchy(static) noises to match the activity on the screen. This includes typing and mouse movement.

When I switched the desktop background to a solid black color without wallpaper, the radio noise went down to almost nothing. But when I loaded any program with a white background, the noise from the radio exploded in volume.

When I passed the radio across different computer and non-computer electronic devices other than the LCD monitor, the wired mouse made a high pitched squeal sound within the static. None of the other computing devices such as the tower generated any noise.

I tried CRT monitors and separate computers attached to the CRT monitors but they did not generate any noise in the radio. On the computer connected to the net, I unplugged the cable leading to the router to rule this out but it made no difference, the LCD monitor is at fault.

While monitoring the radio noise, there were several instances where the noise on the channel being monitored stopped, and I switched to another channel and the same noise appeared. Why would the noise from the LCD switch channels during normal use of the LCD? Back and forth throughout the day the noise generated by the LCD would switch from one channel to the next and back to the first channel again.

The noise extends several steps within my living location. I'll test this another day to determine if it extends outside my living location and if so by how many feet.

The computer/monitor are grounded and attached to a surge protector. I'm not sure what I need to do to stop this, or if I should ignore it.

I assumed LCDs would be quieter than CRTs when it came to noise.

Unless I have a radio tuned to a specific channel, the LCD does not generate any noise which I can detect, unless it's above my hearing capacity.

The LCD monitor also functions as speakers, and while the sound cable is connected to the tower, I have disabled the onboard sound in my BIOS. The only other connection is the DVI cable to the tower.

How may I decrease this noise or eliminate it? It seems like the LCD is a mini radio station. When I turn it off the noise in the radio stops, if I blacken the screen the noise lessens. When I switch to a colorful background or load white screened applications like a web browser the noise jumps up loudly. I've tried grabbing and moving a browser window around the screen and the movement matches the noises in the radio.

Would any of this be considered normal?
=
This certainly isn't unheard of, it's because some part of the monitor is unshielded. The more fix-it stuff is at the top of the following, with the technical backdrop that just might be good to know is at the bottom.

Unfortunately, the issue is most likely the panel charging the LCs. The only thing you can do is see if the manufacturer will replace it or upgrade you. Complain to the manufacturer, be sure to come up with some important thing it's interfering with(if I recall some medical devices use some sort of radio).

If the issue is actually internal wiring which is highly unlikely as detailed below, and it isn't in warranty, attempt to shield it yourself. To shield it yourself, you'll need thin foil(not kitchen foil) and electrical tape.

So, in any given monitor, there's 3 main parts. Input, logic, and output. Output, as previously mentioned, can't really be shielded. To shield both of the other sections, all you really need to do is manipulate the wiring to reduce the number of holes in the foil wrap needed to put it all back together. Obviously this will take some trial and error, and time.

USEFUL INFO THAT ISN'T REQUIRED:

Shielding wires can best be thought of as a encasing a wire in a Faraday cage, made of foil. If you want to see an example, Apple's iPod charging cords are all shielded, strip the insulation and see for yourself. This shielding acts doubly, keeping EM noise from messing with the signal, and keeps the signal's own noise from leaving.

WHY IT IS THE CHARGING PANEL AND NOT WIRING:
Because of the specific details you provided( bravo to you, the amount of data provided helped ), I can conclude that the charging panel(the array of electrodes responsible for producing the image) is putting out the interference. Three of your observations prove this.

First, you state the noise ceases completely when the monitor is turned off, which is consistent with it being EM noise.
Second, the noise's perceived pitch changes when the display is manipulated, which is to be expected, as the electrode charges would change as the display changes.
Third, a black screen is "quieter" than a white screen. Black is the lowest charge state, with the only power in use going to the backlight.

As for your questions:
Noise hopping channels isn't unheard of, though I don't know the science behind it. My best guess is that because the noise isn't an intended result of the electricity, small changes in voltage/amperage result in those hops.
(indirect question-ish) The mouse was likely the only other emitter because it has a fairly high density of wires + it emits light.
=
@W00t:

What 1s the d1fference between - and where may 1 obta1n the non-k1tchen "foil" you ment1oned?

The d1sturbances sound l1ke a bugged env1ronment. The squeal com1ng from one area and/or dev1ce could mean the locat1on of the bug has been found - and 1 know adding a small dev1ce and/or mod1f1cation to a keyboard and/or mouse 1s s1mple enough - espec1ally for a quick 1n and out the door type bugging.

1s there an affordable method of sh1elding the equ1pment while not violating FCC/TEMPEST laws? Would a simple screen d1mmer attached to the monitor bring the no1se down? Or would 1t be best to put out the extra money requ1red by purchas1ng spec1al paint or wallpaper wh1ch blocks RF signals?

Whether or not 1t's a bug, at this point you are broadcast1ng your computer mon1tor and 1ts activ1t1es, down to the keyboard and mouse movements. What 1s the use of using Tor or any other l1ke serv1ce 1f you are pwned over the a1r waves?
=
You could use kitchen foil, it's just more unwieldy to work with.

Yes, it could be a bug, I was running under the assumption you had no reason to believe you were bugged, and if you did you ran bug sweeps. If you believe you are bugged, you should definitely dismantle things to make sure a bug isn't simply piggybacking on the same power source.

Dimming the screen would reduce noise, but not completely eliminate it.
=
Thanks, W00t.

"Dimming the screen would reduce noise, but not completely eliminate it."

I have modified my browser to function with a black background and my choice of text colors and unchecked the option for all pages to use their own colors, so every page I visit is black with my choice of font/links colors. I'll rescan to determine if this lessens the noise. It's ugly, but tolerable. Coupled with a black theme for the desktop, including the background and system wide applications should also help - including disabling images in the browser.

You mentioned foil. I'm not an electrician, but wouldn't wrapping cords with foil and finishing the job off with a layer of strong black tape possibly conduct electricity? Are you suggesting I cover all wires leading to the computer(s) using this method? Wouldn't they each require special grounding? How many repeating layers of this and/or other material is needed? Have you tried "conductive tubing?"

While I want to shield enough to block noisy RF, I don't want to create a microwave type scenario where RF is contained but it still remains and is possibly amplified so as to add to the degeneration of my health, if that's possible.

1. Ferrite beads
2. Split beads
3. Toroids

CONDUCTIVE TUBING & FERRITE SNAP BEAD
http://www.lessemf.com/wiring.html [lessemf.com]

https://en.wikipedia.org/wiki/Electromagnetic_interference [wikipedia.org]
https://en.wikipedia.org/wiki/Electromagnetic_radiation_and_health [wikipedia.org]
https://en.wikipedia.org/wiki/Electromagnetic_shielding [wikipedia.org]
https://en.wikipedia.org/wiki/EMF_measurement [wikipedia.org]

I could try some or all of the three options above in addition to your advice? TY
==
Anyways this reminding me of Van Eck phreaking look it up, some pretty interesting stuff.

Yep, had the same thought.

Countermeasures are detailed in the article on TEMPEST, the NSA's standard on spy-proofing digital equipment. One countermeasure involves shielding the equipment to minimize electromagnetic emissions. Another method, specifically for video information, scrambles the signals such that the image is perceptually undisturbed, but the emissions are harder to reverse engineer into images. Examples of this include low pass filtering fonts and randomizing the least significant bit of the video data information.
=
can someone please point me to techie LCD monitor internal guides? If I'm going to take it apart I'd like to know what to expect. I've read more about Van Eck and Tempest than anyone can teach me here. Now I'm looking for LCD guides of what's inside.
=
To be honest, its not the whats inside the LCD monitor you should be worrying about if you want to phreak LCD's . You should be worry more about the RF side of things, and figuring out the spread spectrum clock signal so you can pick up the signal. Top if off background noise is going to be bitch when it comes to LCD. Old CRT monitors are way easier to phreak those thing throw off EM radiation like nobody business.
=
The noise coming from the LCD monitor is appearing on FRS channels:

- http://en.wikipedia.org/wiki/Family_Radio_Service [wikipedia.org]

It continues for several minutes before it jumps to another channel then after a few minutes jumps back to the original channel. One of my concerns is the ability for others to pluck this noise from the air (Van Eck/TEMPEST) and monitor my activity, or possibly use an attack against the computer somehow. A recent UN report mentioned a high tech method(s):

* U.N. report reveals secret law enforcement techniques

"Point 201: Mentions a new covert communications technique using software defined high frequency radio receivers routed through the computer creating no logs, using no central server and extremely difficult for law enforcement to intercept."

- http://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf [unodc.org]
- http://www.hacker10.com/other-computing/u-n-report-reveals-secret-law-enforcement-techniques/ [hacker10.com]

In addition, I don't want my LCD monitor constantly sending monitor and/or system activity to a FRS channel(s) for others to hear. I choose wired over wireless for a reason, and there shouldn't be any noise coming from my LCD monitor and appearing over FRS, unless there is a bug or problem with the monitor. All of my
CRT systems are silent on FRS.

When I position the radio near different components, the power supply doesn't emit any noise on FRS, but it could be a problem, I don't know, I'll move to that once I resolve the LCD monitor problem, unless the PSU is the problem and not the monitor.

I may take apart the LCD monitor, I'm looking for a good list of what I'll find if I do.

I peered inside the vents on the top/back left hand side with a strong flashlight and came across a strange piece of silver tape inside, here's how I describe it:

OOGGGGGGGGGGGGGGG__

OO = a small thin black material coming out from underneath the silver piece of tape
GG = the strip of silver tape
__ = the bottom right hand portion of the silver tape is raised enough to allow a pinky finger entry

The silver tape/material/opening under tape is on the top left corner inside the monitor. The rest of the length and area inside that I can see contain no tape or black material. I've seen photos of planted bugs in people's living spaces and most if not all of the invasive ones are wrapped/covered in silver foil. I've found no other reason for that strip and material to be there, but what do I know.
=
In addition, my CDROM drive light blinks once every second, sometimes with a second or 1/2 second in between, and I found this:

http://catless.ncl.ac.uk/Risks/19.60.html#subj9 [ncl.ac.uk]

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"
==
"I'd worry about a Tempest virus that polled a personal computer' personal computer' CD-ROM drive"

Yes and the hard drive and in some PC's the cooling fans as well are under CPU control.

You can also do it with PC's where the CPU does not control the fan, but the hardware has a simple thermal sensor to control it's speed. You do this by simply having a process that uses power expensive instructions in tight loops, thus raising the CPU temprature (it's one of the side channels I was considering a long time ago when thinking about how the temp inside the case changed various things including the CPU clock XTAL frequency).

The change in sound side channel is one of the first identified problems with Quantum Key Distribution. Basicaly the bod who came up with the idea whilst first testing the idea could tell the state of "Alice's polarizer" simply by the amount of noise it made...

The CD-ROM motor idea I'd heard befor but could not remember where till I followed your link.

Dr Lloyd Wood has worked with the UK's Surrey Uni, the European Space Agency and Americas NASA and one or two other places as part of his work for Surrey Satellite Technology Ltd. He has been involved with CLEO (Cisco router in Low Earth Orbit) and other work on what's being called "The Space Internet".

Of interest is his work on Delay and Disruption Tolerant Networks (DTN). It's not been said "publicaly" as far as I'm aware but the work has aspects that are important to anonymity networks such as TOR.

You can read more on Dr Wood's DTN work etc at,

http://personal.ee.surrey.ac.uk/Personal/L.Wood/dtn/ [surrey.ac.uk]

The UK occupies an odd position in the "Space Race" it is the only nation who having put a satellite into space then stopped further space rocket development (the Black Knight launch platform was considerably safer and more economic than the then US and CCCP systems). The UK has however continued in the Space Game and is perhaps the leading designers of payloads for scientific and industrial satellites (it probably is on military sats as well but nobody who knows for sure is telling ;-)

Clive Robinson
http://www.schneier.com/blog/archives/2012/12/interesting_win.html#c1049823 [schneier.com]
=
I don't think there should be anymore blinking if you remove the CD/DVD inside.
If it keeps blinking, find out which process uses it.
Anyway, you can disable it when you're not using it, if it's bothering you.

And shield your monitor.
http://en.wikipedia.org/wiki/Electromagnetic_shielding [wikipedia.org]
==
"I don't think there should be anymore blinking if you remove the CD/DVD inside."

Does Tails support this at boot?

If not, is there a Linux LiveCD which allows this and does not give you root access at boot?

I've looked at several different distributions which allow you to boot into RAM and remove the CD, but they all give you root and that's a very insecure environment to run TBB in!

"If it keeps blinking, find out which process uses it."

It doesn't blink on the several distros which boot into RAM, but I don't want to run Tor as root or reconfigure the permissions/PAM/etc. just to use TBB. As above, with Tails and many LiveCDs which don't boot into RAM, 99% of them have this blinking light issue. The actual INSTALLS I've done to HDD experience constant light activity too, even more so, without anything to explain them.

For Linux, I've ran rkhunter, chkrootkit, tiger, and other tools and nothing malicious is found. Without a deep binary analysis I don't know what else I could do.

For Windows, I use a few programs in the SysInternals Suite and they display strange usage on the system and reference programs which cannot be found with a search on the system, references to impersonation, spoofing, and more. I've ran almost every N.American scanner on the Windows systems, including command line only rootkit detectors and I've seen some strange 'strings' of binaries mentioned, but have no idea on how to clean the system.

I prefer to run LiveCDs because all installations, Windows and Linux, contain unexplainable frenzies of blinking lights, far worse than the blink every second on most LiveCDs. I'm wondering if this is firmware malware on my NIC or the CDROM itself. This has existed for years and never goes away, no matter what system I use, this strange baggage seems to re-infect everything.

"Anyway, you can disable it when you're not using it, if it's bothering you."

Disable what?

"And shield your monitor."

Thanks. I'm investigating and most of the guides require specific addons to the computer's cabling system. Most of the guides appear incomplete, or are in another language other than English.

Any comments on the Tempest/blinking light possibility?

Any comments on why it's spewing out noise to FRS stations and freq hopping?
==
More comments from elsewhere:

@kb2vxa:

"You're making a mountain out of a mole hill."

I respect your opinion and I don't wish to argue against it, but please look at it from the way I and some others have. I want to eliminate the noise created by the LCD monitor. If this was such a common experience, I would expect at least one of the dozens of other electronic equipment to generate some noise, however faint, on FRS - but they do not.

"You are under the wrong impression that somehow RF hash from the back light can somehow carry data. A liquid crystal display (LCD) does not generate its own light like a CRT or plasma screen and requires a light source to make the display visible. Even those that do cannot transmit computer data being none reaches the monitor."

The LCD is connected to a tower, which other devices connect to. Under testing I've heard the CDROM drive accessing data noises within the FRS channels, along with mouse movements and keyboard activity, along with other noises. When I disable the LCD monitor, all of these disturbances vanish. This means the weakness is in the monitor, and my tower is well shielded or shielded enough so as not to generate any noise in radios I can notice. The reference I made to the strange tape and material within the back side of the LCD monitor at the top could be a sign of some type of antenna or device for amping.

"Their FRS radios will only hear what yours does, RF hash, no data whatsoever THAT IS if one is standing outside your house tapping the radio and scratching his head wondering what's the matter with his radio. You and only you know what it is and where it's coming from."

And what of experienced and curious sysadmins? Rogue crackers? Bored HAMs?
Are there any remote radio injection attacks against systems? This is something I'll research later, as I do believe it was mentioned in at least one whitepaper on side channel attacks.

"Thanks for the chuckles, if the report reveals secrets it would not be published but sent by secret courier to the KGB in Moscow."

I'm not aware of any secrets revealed within the document. But it did raise an interesting point without exposing the method(s) delivered to us from an interesting party. This wasn't just some random article written by some anonymous, disturbed fellow and posted to a pastebin or conspiracy minded blog or forum. And one cannot deny the dozens of TEMPEST attacks available today.

"So... all this and no word on moving the radio farther from the monitor. Why don't you try talking somewhere besides in front of the computer if it bothers you so much?"

Thank you for considering conversation as my reason for posting this, but it is not. I would not choose a noisy channel to talk on. Clear conversation is not the point of this thread. I desire the elimination of this garbage coming from the LCD monitor. I don't care if no one in the world can pick up on it and hear it, I would like to properly resolve it and not ignore it.

One can also dredge up the subject of EMF on health, too, but I have not experienced any disturbance of health from exposure to this noise and most people would argue any possible EMF effects on health to be one of one's over active imagination and not real world application.

[-]

A continued discussion was posted elsewhere, this may be useful in the voyage to remove this "noise":

[-]

In addition, my CDROM drive light blinks once every second, sometimes with a second or 1/2 second in between, and I found this:

[-]

http://catless.ncl.ac.uk/Risks/19.60.html#subj9 [ncl.ac.uk]

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"

[-]

Any comments on the silver tape and material inside the back of the LCD? ...Disconnection of the LED CDROM and HDD lights could be something I should do to relieve one possible issue.

[-]

Some articles with examples:

"If everything is just right, you can pick up signals from some distance. "I was able to eavesdrop certain laptops through three walls," says Kuhn. "At the CEBIT conference, in 2006, I was able to see the Powerpoint presentation from a stand 25 metres away."

uhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximise the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.

As for defending against this kind of attack, Kuhn says using well-shielded cables, certain combinations of colours and making everything a little fuzzy all work."

http://www.newscientist.com/blog/technology/2007/04/seeing-through-walls.html [newscientist.com]

=!==!=
TO EASILY VIEW THE PDF files below:
=!==!=

Online viewer for PDF, PostScript and Word:

"This is an online viewer, with which you can view PDF and PostScript files as browsable images and Word documents as web pages. Given a URL on the net or a file on your computer, the viewer will try to retrieve the document, convert it and show it to you. No plugin software is required."

http://view.samurajdata.se/ [samurajdata.se]

The viewer software is open source, licensed under the GNU Public License.
=!==!=

Electromagnetic eavesdropping risks of flat-panel displays
http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf [cam.ac.uk]

=

Eavesdropping attacks on computer displays
http://www.cl.cam.ac.uk/~mgk25/iss2006-tempest.pdf [cam.ac.uk]

=

Compromising emanations: eavesdropping risks of computer displays
http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-577.html [cam.ac.uk]
http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-577.pdf [cam.ac.uk]

=

Compromising emanations of LCD TV sets
http://www.cl.cam.ac.uk/~mgk25/emc2011-tv.pdf [cam.ac.uk]

=

"Q: Can I use filtered fonts also on flat-panel displays

My experience so far has been that with LCDs, the video cable is the most significant source of radiated information leakage. Where an analogue video cable (with 15-pin VGA connector) is used, low-pass filtered fonts have the same benefits as with CRTs. Where a purely digital video cable is used (DVI-D, laptop-internal displays with FPD/LVDS links, etc.) only the last step, namely randomizing the least-significant bits, should be implemented.

Where the video signal is entirely encoded in digital form, the low-pass filtered step will not have the desired effect. In fact, it can actually increase the differences between the signal generated by individual characters, and thereby make automatic radio character recognition more reliable."

http://www.cl.cam.ac.uk/~mgk25/emsec/softtempest-faq.html [cam.ac.uk]

=

Remotely Eavesdropping on Keyboards (and read the comments!)

"The researchers from the Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne are able to capture keystrokes by monitoring the electromagnetic radiation of PS/2, universal serial bus, or laptop keyboards. They've outline four separate attack methods, some that work at a distance of as much as 65 feet from the target.

In one video demonstration, researchers Martin Vuagnoux and Sylvain Pasini sniff out the the keystrokes typed into a standard keyboard using a large antenna that's about 20 to 30 feet away in an adjacent room."

https://www.schneier.com/blog/archives/2008/10/remotely_eavesd.html [schneier.com]

=

Video eavesdropping demo at CeBIT 2006
http://www.lightbluetouchpaper.org/2006/03/09/video-eavesdropping-demo-at-cebit-2006/ [lightbluetouchpaper.org]

=

Optical Emission Security â" Frequently Asked Questions

"Q: What about LEDs?

For devices with RS-232 serial ports, it is customary to provide a status indicator LED for some of the signal lines (in particular transmit data and receive data). Often, these LEDs are directly connected to the line via just a resistor. As a result, anyone with a line of sight to the LED, some optics and a simple photosensor can see the data stream. Joe Loughry and David A. Umphress have recently announced a detailed study (submitted to ACM Transactions on Information and System Security) in which they tested 39 communications devices with 164 LED indicators, and on 14 of the tested devices they found serial port data in the LED light. Based on their findings, it seems reasonable to conclude that LEDs for RS-232 ports are most likely carrying the data signal today, whereas LEDs on high-speed data links (LANs, harddisk) do not. Even these LEDs are still available as a covert channel for malicious software that actively tries to transmit data optically.

I expect that this paper will cause a number of modem manufacturers to add a little pulse stretcher (monostable multivibrator) to the LEDs in the next chip set revision, and that at some facilities with particular security concerns, the relevant LEDs will be removed or covered with black tape.

The data traffic on LEDs is not a periodic signal, and therefore, unlike with video signals, periodic averaging cannot be used to improve the signal-to-noise ratio. The shot-noise limit estimation technique that I used to estimate the CRT eavesdropping risk can even more easily (because no deconvolution is needed) also be applied to serial port indicators and allows us to estimate a lower bound for the bit-error rate at a given distance. I have performed a few example calculations and concluded that with a direct line of sight, and a 100 kbit/s signal (typical for an external telephone modem), at 500 m distance it should be no problem to acquire a reliable signal (one wrong bit every 10 megabit), whereas for indirect reflection from the wall of a dark room, a somewhat more noisy signal (at least one wrong bit per 10 kilobit) can be expected to be receivable in a few tens of meters distance.

http://www.cl.cam.ac.uk/~mgk25/emsec/optical-faq.html [cam.ac.uk]

=

Ancient Story on Slashdot: Coming to a Desktop near you: Tempest Capabilities

"New Scientist has an interesting article about a new toy we will all want. It's a card that plugs in one of your PCI slots and allows you to scan the EMF spectrum and read your neighbours terminal. In about 5 years you might be able to get one for just under £1000. (Modern Tempest Hardware costs about £30000) "

http://www.yro.slashdot.org/story/99/11/08/093250/coming-to-a-desktop-near-you-tempest-capabilities [slashdot.org]

=

"Any unshielded electrical device with a variable current (including LCDs) will give out EMF radiation. It's the nature of the beast.

For that matter, light is EMF radiation, so unless you have your LCD in a coal-mine, it's reflecting EMF all the time it's switched on.

Then, there's the fact that screen monitoring isn't the only monitoring you can do. I used to use a radio, tuned into the bus for the PET, as a sound card. Worked surprisingly well, for all that very clunky metal shielding. What's to stop a much higher-quality receiver from seeing the data, in an unshielded box, being sent TO the LCD, or to any other device on the machine?

It's a mistake to assume that Tempest technology is single-function and that that single-function only works in a single situation."

http://slashdot.org/comments.pl?sid=2333&cid=1553178 [slashdot.org]

=

800Mbps Wireless Network Made With LED Light Bulbs
http://science.slashdot.org/story/11/08/02/1322201/800Mbps-Wireless-Network-Made-With-LED-Light-Bulbs [slashdot.org]

=

There are a lot of other files, many in PPT format, which can be found easily on this subject of LCD monitor (and other computing devices) TEMPEST sniffing.

=

Sources for this discussion:

- http://www.dslreports.com/forum/r27848275-TEMPEST-Attacks-LCD-Monitor-leaks-system-noise-to-FRS [dslreports.com]
- http://clsvtzwzdgzkjda7.onion/viewtopic.php?f=9&t=10919 [clsvtzwzdgzkjda7.onion]

        The following link will probably be deleted in the near future:
- http://forums.radioreference.com/computer/255488-lcd-monitor-broadcasts-noise-radio-why.html [radioreference.com] .onion link above requires a running Tor client session in order to view. (https://www.torproject.org)

This on-going discussion backed up to Pastebin(s) in order to retain it as an artifact. Many of these
types of discussions are REMOVED from the net because of the nature of the discussion (TEMPEST).

Re:"Centralization does not scale." (0)

Anonymous Coward | about 2 years ago | (#42392835)

The premise is just ridiculous. It's like calling for all world armies to unite under one flag... Most FOSS projects are legal tools for companies to circumvent anti-cartel restrictions under the guise of philanthropy[y. A few players would seek to combine their effort in developing some technology, without getting dragged to court over price fixing, will setup their shared code base as GPL and will match code contributions to one another thus enforcing mutual corporation.
This is what drives the linux server development despite the competitiveness of the players.
As both end-user and developer I like having one system to rule them all. But as a consumer I know this is really hurting competition in the sense that we haven't had OS alternatives for 3 decades. Worse since when technologically superior alternatives are offered, they are often rejected since it's nearly impossible to over power a cartel of any kind.
As such, the idea different projects of this nature should somehow be centralized is counter productive to their purpose of appearing decentralized.

As a side note, FOSS seems to be the M.A.D of the tech world: If a company exerts too much pull to make sure it keeps a monopoly, other companies will offer their commercially failing but otherwise technologically equivalent \ superior product as FOSS. This will provide a golden parachute of sorts since if a tech company wants to take out a competitor, it will have to buy them out eventually instead of actually competing over quality features. Trace back enough of the current patent claims and you'll find this small companies that could never compete as the source for the I.P.

Generally, I find FOSS is overly romanticized in Slashdot and is rarely seen for what it is when big names are involved.

Re:"Centralization does not scale." (1)

Seeteufel (1736784) | about 2 years ago | (#42394779)

The example is good for the following reasons: Some are US entities, some are European ones. Organisations like Apache Foundation are obsolete. No one wants to be governed by US entities because we don't understand them. KDE e.V., Document Foundation are so much better governed.

Well duh... (1)

Alwin Henseler (640539) | about 2 years ago | (#42391273)

These foundations should get into the online advertising business.

Maybe then -finally- their market cap would increase... or something.

Exchanging the Bazar for the Cathedral? (5, Interesting)

Lisias (447563) | about 2 years ago | (#42391283)

*NO*.

Open source can be a "mess". But it's exactly this "mess" that makes the FOSS resilient.

Re:Exchanging the Bazar for the Cathedral? (0)

Anonymous Coward | about 2 years ago | (#42392753)

Industrial organizations do seem to work in general, so the supporting role, or meta-role of the OSFF suggested in the summary should not lessen the resiliency of the FOSS. Pooling resources does not always equal pooling power.

Re:Exchanging the Bazar for the Cathedral? (1)

Lisias (447563) | about 2 years ago | (#42395423)

Industrial organizations do seem to work in general, so the supporting role, or meta-role of the OSFF suggested in the summary should not lessen the resiliency of the FOSS. Pooling resources does not always equal pooling power.

I don't agree with you.

I had worked for Siemens Mobile (acquired by BenQ at the time of my leave), Siemens VDO (acquired by Continental, then acquired by Schaefler Group, and then I leave). The recent Sun acquisition by Oracle came to my mind.

The industrial organizations mindset is all about power concentration and promoting scarceness in order to promote revenue. It's about acquisition and/or annihilation of the competition.

I'm serious. We can't afford this mindset on FOSS.

Re:Exchanging the Bazar for the Cathedral? (0)

Anonymous Coward | about 2 years ago | (#42409949)

I had worked for Siemens Mobile (acquired by BenQ at the time of my leave), Siemens VDO (acquired by Continental, then acquired by Schaefler Group, and then I leave). The recent Sun acquisition by Oracle came to my mind.

Those are not examples of industrial organizations. Examples of industrial organizations are IEEE, IETF, ECMA and CEA.

Re:Exchanging the Bazar for the Cathedral? (1)

wzzzzrd (886091) | about 2 years ago | (#42397553)

Industrial organizations do seem to work in general

Ahem, no. Industrial organizations do not work, not even in general. Brands and trade marks do, but "industial organization" is almost an oxymoron.

Re:Exchanging the Bazar for the Cathedral? (1)

martin-boundary (547041) | about 2 years ago | (#42392927)

Ok. What if there was just one foundation, and then a second, secretive, foundation foundation whose purpose is to monitor the foundation's activities in Open Source? We could even build an open source AI that could secretly oversee the second foundation foundation and make executive decisions for human^H^H^H^HOpen Source.

I think that could work. Oh, and we'd have to nuke the Earth, to encourage programmers to free their code and spread it far and wide across the Internet, for free (don't worry, the Internet was designed to be nuke resilient). A bit on the "messy" side, granted, but trust me, I've thought this through.

Re:Exchanging the Bazar for the Cathedral? (1)

Lisias (447563) | about 2 years ago | (#42395481)

Ok. What if there was just one foundation, and then a second, secretive, foundation foundation whose purpose is to monitor the foundation's activities in Open Source?

A FOSS oriented Church? =P

Come to Brazil, Churches don't pay taxes around here. This can be a highly lucrative enterprise! =D

(Ahh, the blips of the bitcoins being donated by mobile phones on the mass....)

Re:Exchanging the Bazar for the Cathedral? (1)

bug1 (96678) | about 2 years ago | (#42400517)

Dont be so superficial, its not about the structures, its about the people.

Im sure we could all make a big mess in a cathedral if it was useful.

next... Copyleft adoption !! (1)

martiniturbide (1203660) | about 2 years ago | (#42391325)

I think that the copyleft adoption is next. Currently corporations like non-copyleft open source licenses like Apache, eclipse so they can create commercial derivative works. The next step is don't caring about commercial software anymore and focusing 100% in services, turning on the obligatory open source on derivate works. ... nah... don't have the time to think on details.

Re:next... Copyleft adoption !! (1)

YurB (2583187) | about 2 years ago | (#42392539)

Yeah I think the same. Things like Wikipedia and Creative Commons are helping to promote this model. I think people are 'by default' thinking the copyleft way, we just need to show them there's nothing wrong with their thinking, and show how it might work ethically:)

Re:next... Copyleft adoption !! (1)

kthreadd (1558445) | about 2 years ago | (#42392905)

I don't mind corporations preferring non-copyleft, especially since non-copyleft contributions can usually be used within both copyleft and non-copyleft projects. If corporations started to mass-adopt copyleft a lot of non-copyleft projects that used to rely on contributions from such companies would be left out in the cold.

What we need is ONE Destop UI Standard (1)

VortexCortex (1117377) | about 2 years ago | (#42391335)

We could call it the Free Desktop Standard, and all Open Source Desktops could implement it -- Yes, even you my little Haiku. What's that Haiku? You don't want to conform to some generic standard? It would limit your ability to differ from other desktops other than by look & feel? You don't want to implement X11 just to comply with the Standard?! Well, fine. You just won't be under the Umbrella of the Free Desktop Standard. You just won't benefit from the services we provide! What do you mean you greatest assets are user/developer hybrids not money and legal advice? Haven't you heard of the patent wars? Well, just remember this you rebel factions, when the Propriety Axis of Evil Patent-Cross-Licensors comes to call. Don't bother whining to the EFF! They're under OUR Open Source Umbrella! HA!

On second thought, maybe the Umbrella Corporation should be fought tooth and nail. Maybe open source foundations should just act as a collection of independent tools that each do one thing and do it well regardless of loyalty to any platform, standard, or ideology (CopyFree vs CopyLeft), instead of become a single insane bureaucrazy... You know, because THAT'S the Open Source Way.

Re:What we need is ONE Destop UI Standard (0)

Anonymous Coward | about 2 years ago | (#42392923)

Hey it's called the GNU Project you insensitive clod.

Re:What we need is ONE Destop UI Standard (0)

Anonymous Coward | about 2 years ago | (#42393403)

We could call it the Free Desktop Standard, and all Open Source Desktops could implement it -- Yes, even you my little Haiku. What's that Haiku? You don't want to conform to some generic standard? It would limit your ability to differ from other desktops other than by look & feel? You don't want to implement X11 just to comply with the Standard?! Well, fine. You just won't be under the Umbrella of the Free Desktop Standard. You just won't benefit from the services we provide! What do you mean you greatest assets are user/developer hybrids not money and legal advice? Haven't you heard of the patent wars? Well, just remember this you rebel factions, when the Propriety Axis of Evil Patent-Cross-Licensors comes to call. Don't bother whining to the EFF! They're under OUR Open Source Umbrella! HA!

First of all, that will be a dumb thing to do. Who needs just one DE? Why limit yourself? People don't have the same taste. People don't have the same needs.
One like configurability, others like effects, some like widgets, some not.

Second of all: have you seen this? http://www.freedesktop.org/wiki/
Think of having multiple DE in term of...websites
How about we make a unique website, so we don't have to search through google to find something? A? Wonderfull idea, right?

consistency (0)

girlintraining (1395911) | about 2 years ago | (#42391361)

The author suggests an umbrella foundation to provide consistent direction across many projects. Quoting;

Consistency is the hobgoblin of little minds. Open source does not need consistency. It was created as a reaction against people who think they do need it.

Re:consistency (1)

Zapotek (1032314) | about 2 years ago | (#42391421)

Well, yes and no. As a leader/owner of a F/OSS project myself a reviewed and tested legal framework, along with some operation guidelines, would be immensely helpful in "business" situations or any time monetary issues are at hand.
That's probably what they meant with "to provide consistent direction across many projects", not some plan to force everyone to rank and file under their command.

And since no-one is born with universal knowledge of every imaginable field then that sort of thing would benefit medium (or even largish) sized minds by saving them from a boatload of research and brain-melting legalese.

Re:consistency (1)

iggymanz (596061) | about 2 years ago | (#42391881)

businesses have to have their lawyers go over such issues with a fine tooth comb anyway, they're not going to trust some "foundation"

Re:consistency (1)

Anonymous Coward | about 2 years ago | (#42391477)

The exactly quote is more specific:

A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines.

However, this does not give a complete dismissal of the value of consistency, and if I wanted to dig up some pithy quote about the value of a regular structure, I'm sure I could do so.

And you can bet if Open Source becomes a mish-mash of inconsistency, there will be people who decide to cut that Gordian Knot.

Re:consistency (1)

noobermin (1950642) | about 2 years ago | (#42392103)

How about an interface instead of a abstract base class?

If two or more organizations feel they can do better if they pool resources together, why not make an alliance or a small partnership or such? If there is no real need for a meta-bureaucracy to handle the existing bureaucracy, why make it?

Re:consistency (1)

noobermin (1950642) | about 2 years ago | (#42392109)

s/a abstract/an abstract/

slashdot needs an edit button.

Re:consistency (0)

Anonymous Coward | about 2 years ago | (#42401027)

Agreed! Down with standards of any kind! bitchintraining says it's bad and she's an expert on everything!

SImple really... (0)

Anonymous Coward | about 2 years ago | (#42391435)

What should happen now is stop the e-peen waving and produce software that is usable to non-neckbeards.

Re:SImple really... (0)

Anonymous Coward | about 2 years ago | (#42391751)

Free software is already usable by non-neckbeards and has been for years. Take Ubuntu, or Mint, or any of the other dozens GNU/Linux distros made for newbies - you insert the disc or flash drive, boot into it (this is non-trivial, but booting a Windows DVD would be non-trivial as well) and can use the system right away (unless you have unsupported hardware, of course, but finding supported hardware isn't difficult). To install you simply click install and it works. The idea that GNU/Linux is difficult to use is nothing but a myth.

Open source can go fuck itself. Free software is where it's at.

Re:SImple really... (2)

unixisc (2429386) | about 2 years ago | (#42392381)

This is pure hogwash. First of all, Ubuntu, or Mint, or the dozens of distros are not recognized by GNU as legit; instead, what is endorsed are distros like Trisquel, Dyne:bolic, gNewSense and some others that nobody outside the FSF has heard of. Secondly, while it's true that Linux distros have been made that boot automatically and so on, very often, this plug & play functionality is b'cos they have binary blobs - something that's hated by the FSF guys. OSI doesn't have an issue w/ them, but FSF does. That's why one is more likely to find holes in those Linux-libre distros than in the standard Linux distros. Heck, even Debian, recognizing that there are times that un-liberated software is needed, provides those separately from its liberated software for those who are not that uptight about this purity, and guess what? Debian too doesn't have the endorsement of the FSF.

Open source is more accommodating of such deviations than Free Software, and that is why most businesses are more receptive to it.

Re:SImple really... (0)

Anonymous Coward | about 2 years ago | (#42393433)

What if your binary blob becomes incomaptible with the new API? What if you have ATI HD 3000, and ATI doesn't want to support that?
Have you ever thought of the future?
FSF is doing a great thing, promoting freedom. If they wouldn't be where they are, and they have allowed all sort of blobs for
for the sake of "I don't want to upset you, o mighty company" and other thing the OSI aproves, the world would be a worse place.

I'm using blobs too, heck, I'm even using the proprietary ATI drivers. But I'm supporting the FSF, and I wish them all the luck in the world.
I have no idea why are you hating someone is working for your good, guys. I just look at this, and wonder.

Re:SImple really... (1)

unixisc (2429386) | about 2 years ago | (#42393693)

Aha!!! Here is the problem! Why would a new API not be backward compatible? The only reason is to accommodate the FSF's insistence that all software be liberated. Not everybody is comfortable w/ liberating their software, but why should a customer who likes their software - or hardware - be punished b'cos of that? Binary blobs are again a win-win situation for both vendor and customers, since the latter gets to use the thing, and former gets to sell it. Why should the former be forced to publish their specs if there are either business or other reasons for not doing it? If a vendor and a customer like a particular solution, who is any third party to dictate whether that solution is good enough or not?

This incompatible by design philosophy is also the reason that old software doesn't work on newer distros. On top of everything, there are several combinations of kernel versions, library versions, compiler versions and the like which make even FOSS tough to work w/, since one can't freely mix and match, due to incompatibilities that already exist. Things like drivers should be a write-once, forget about it deal. It's not that way in Linux. In Windows, the only time there has been a disruption has been when the very base of the OS has changed, like going from Windows ME to Windows 2000, or XP to Vista (since the latter was a migration from a win32 to a win64 OS). Allowing things like blogs also forces some discipline w/ OS makers, and forces them to maintain backwards compatibility.

The FSF is not a live-and-let-live organization - their whole philosophy is about disrupting the businesses of others by encouraging things like boycotts and the like. That's not the deal w/ the OSI. Otherwise, I'd have had no problems w/ them. Maybe the organization should become more independent of RMS, for starters - I wonder whether the rest of their membership are really as fanatical as he is?

Just for Fun (1, Flamebait)

tuppe666 (904118) | about 2 years ago | (#42391509)

Microsoft Mission Statement (http://www.microsoft.com/about/en/us/default.aspx) - "At Microsoft our mission and values are to help people and businesses realise their full potential." their values are more interesting "As a company, and as individuals, we value integrity, honesty, openness, personal excellence, constructive self-criticism, continual self-improvement, and mutual respect. We are committed to our customers and partners and have a passion for technology. We take on big challenges, and pride ourselves on seeing them through. We hold ourselves accountable to our customers, shareholders, partners, and employees by honoring our commitments, providing results, and striving for the highest quality."...they haven't looked at those for a while.

Apples Mission Statement (http://investor.apple.com/faq.cfm?FaqSetID=6) - "Apple designs Macs, the best personal computers in the world, along with OS X, iLife, iWork and professional software. Apple leads the digital music revolution with its iPods and iTunes online store. Apple has reinvented the mobile phone with its revolutionary iPhone and App Store, and is defining the future of mobile media and computing devices with iPad." - Seriously Apple!! that is less of a mission statement and more of a list of products.

flexibility (1)

RedHackTea (2779623) | about 2 years ago | (#42391867)

The one great attribute (besides being free & open) about F/OSS is flexibility. Don't like this distro/program/script? Use this one. Like this distro/program/script but not feature X? Use a forked version with alternate feature Y, install alternate feature Z, or hack it up yourself. Don't like the license being BSD-like? Find one that uses the GPL, request for someone to write a new version (or for the author to change licenses), or again hack up your own.

Creating one umbrella foundation sounds good on paper, but how to make it flexible? And how do you guarantee there won't be corruption? We (humans) have spent years on philosophy, politics, etc., and there is always a little corruption. The problem is that corruption trickles down. If there's a break in the main foundation of the umbrella, then you might as well throw it away. Do we really want to risk this? And is it even possible to get everyone to agree?

It could work, and there are good intentions here, so perhaps I'm just being selfish? But for me personally, when I write open source code I don't want standards forced upon me. I want the freedom to write my code like I want, put my braces/brackets/whatever where I want to put them, name my program with f***ed up acronyms, and I don't want to be part of corporation-like practices when I "code for fun." I want individuality, and I want that from others too. I want unrestricted creativity and intelligence without being delayed and distracted by yet another "standard." And, I may be wrong, but I think that's some of the roots of the original F/OSS.

It just depends on what this umbrella foundation is supposed to do. From reading the article, it sounds like it's just to pool money and create documents about legality in different countries? This doesn't really sound like a foundation to me; you could just make a small website for this and ask people to post best-practices documents and for donations. I think there needs to more details about what this "umbrella foundation" is actually for.

One Foundation to rule them all, One Foundation to code them,
One Foundation to bring them all and in the darkness bind them.

Make Open Source win-win (0)

unixisc (2429386) | about 2 years ago | (#42392269)

For starters, Open Source organizations (I'm not including the FSF in this, since they themselves deny that they are one) should abandon all support for 'free' software - be it speech or beer - and state that they are only about ensuring that source code always accompanies binary code. In other words, say nothing about re-distribution rights, and allow Open Source licenses to disallow re-distribution if the software writers choose.

This way, the advantages of Open Source software will always be there w/ ISVs, w/o forcing them to swallow poison pills, such as allowing re-distribution and thereby struggle to discover a profitable business model. The vendors can continue to sell their software, maybe even to a larger market, since customers that have the expertize to modify them might buy it even if it doesn't do everything they need, assuming that they can design in their requirements. Customers can rest easy knowing that a vendor can neither force them to buy a future upgrade (a la a Microsoft or an HP) nor would their going out of business force them to search for newer solutions. This way, open source software will be a win-win proposition for business: ISVs can sell their software w/o being afraid of it being re-distributed to those who might otherwise buy it from them, while customers can buy the software comfortable that since they have the source code, they can have their IT departments make whatever modifications are needed to customize it for their specific requirements, and not hold them hostage to upgrade plans.

The current 'software freedom' movement is a lose-win proposition - lose for ISVs, and win for end-users. But in the long term, like Stephen Covey pointed out, lose-win or win-lose solutions ultimately attain equilibrium in a lose-lose state. Which in fact has been the story of most GPL software business to date. Open source programs can lose the 'lose' element here by jettisoning the 'help your neighbor' philosophy and instead make it completely a win-win proposal for software vendors by eliminating that risk of their not recouping the cost of development b'cos some people, who would otherwise have bought it, got it for free from somewhere else.

Re:Make Open Source win-win (2)

YurB (2583187) | about 2 years ago | (#42392569)

This shows me that RMS was right: open source is too lose term. 100 businesses making similar modifications to the source code of a single program on their own, fixing the same bugs, adding the same features is a waste of time. Also they may begin suing each other eventually. Libre Software is all about cooperation, and source availability is just a technical requirement for that.

Re:Make Open Source win-win (1)

unixisc (2429386) | about 2 years ago | (#42393017)

Fixing bugs is just one aspect of it, and usually something that the original vendor would want to do. But there are a lot of other things that individual customers may want, but which the vendor may not be interested in b'cos there ain't many other customers interested in it. For instance, let's say an ISV makes a program that helps a company manage its finances. One customer, which is located both domestically and offshore, would like some features that helps it transact business not only according to domestic, but also foreign tax laws. The vendor has limited employees and can't/doesn't want to explore the latter. In the model that I suggested, their customer can just go ahead w/ it, implement it in-house and use it, w/o worrying about support.

As FreeBSD has shown, when a company is making modifications that others may be interested in and that the vendor may be willing to own and maintain, they are only too happy to send those modifications to be merged upstream. That's what Juniper has done in FBSD. But other than that, when Juniper wants to add modifications to FBSD that it can then use in its routers, they do it, and the FBSD foundation has nothing to say to them, and is only too happy to let them mind their own business. OSI too doesn't care.

Cooperation is a fine idea, but forced cooperation is not cooperation. What's more, the basic question out there is whether software developers have the right to earn a living simply by selling software, and not having to worry about services and those aspects. RMS' answer to that question is practically no. Their current choices are to either go proprietary, thereby denying themselves the advantages of open source, or go open source, and be put at a disadvantage in that they can't restrict redistribution of their software. My above idea would pick a sweet spot that allows them to benefit from the advantages of open source, while not having to suffer the disadvantages. That way, people who simply want to make & sell software can do that being forced to allow their customers to become their competitors.

Displacing Microsoft in the Workplace (1)

Anonymous Coward | about 2 years ago | (#42392517)

As someone who spent the last 20 odd years coding C# NET / C++ COM among other things, I've recently become disillusioned with the MS nosedive as a dev platform.
I am exploring open source alternatives, learning Ubuntu, Apache, GNU tools, Google App Engine, Clojure, etc.
Now that MS has abandoned the desktop (& stagnated NET) with its Win8 disaster, Its no longer "developers, developers, developers" - it is now a "devices & services" company. Their problem with this is that they have completely lost to Android on the device front, and on the cloud services front, people are mainly interested in VM hosting not PAAS - so they are just another 2nd rate host provider. The only thing going for them is their massive workplace install base, which is rapidly ossifying into legacy tech.

So, what is stopping Linux penetrating the corporate market? Companies dont like paying MS license costs. here's my insider's take:
1) people (both LOB dev poohbahs / fanboys & office workers) are dumb, lazy to learn new things, resistant to change
2) people are unaware of the alternatives - joe shmoe does not know that you can use Google Drive for free instead of paying exorbitant license fees.
3) there is no hand-holding guidance for IT win admin bob to migrate his platform away from windows / office, or marketing materials to help convince his manager that this is the path to take.
4) retraining is expensive & disruptive.
5) A lot of in-house info systems are built on an underlying MS infrastructure: SQL Server, ShitePoint etc - there is no cheap migration path here.

So what is need is :
1) market awareness - an intense & prolonged marketing campaign regarding replacing windows & office
2) training material
3) migration guidance
4) migration tools

I was there when IBM went from hero to zero in 1992 with OS/2, & saw Digital VAX die in the 90s. Paradigms shift & change can happen fast.

Open sounrce vs free software (1)

YurB (2583187) | about 2 years ago | (#42392523)

It would be great if Free Software Foundation and OpenSource Initiative worked together to minimize the differences and together support the critical projects like a free/open source Skype replacement.

P.S. I personally would be very happy to see the term "Libre Software" to become the common denominator. Open source sounds cool and everyone knows it, but the name only says the source has to be open, that's only a part of what we all mean by it, and FSF is opposing it. Free software, on the other hand, is a little ambiguous in the meaning of the word 'free'. Also I don't like that FSF only says a system is free if it doesn't provide tools to install non-free software, and thus excludes Debian. User must be free to make the choise on his own (oh I mean her own:), while understanding the risks.

Re:Open sounrce vs free software (1)

Rockoon (1252108) | about 2 years ago | (#42392639)

"What we actually mean by 'Free' is this set of restrictions on freedom.."

The only free source code and/or software is Public Domain.

Re:Open sounrce vs free software (0)

Anonymous Coward | about 2 years ago | (#42392819)

The only free source code and/or software is Public Domain.

The public domain gives developers the freedom to restrict others' freedom. Licenses like the GPL guarantee the freedom can't be taken away.

Re:Open sounrce vs free software (1)

Rockoon (1252108) | about 2 years ago | (#42392899)

The public domain gives developers the freedom to restrict others' freedom.

Its impossible for my use of the Public Domain to take away your freedom to also use the Public Domain.

Licenses like the GPL guarantee the freedom can't be taken away.

That thing that you are calling freedom, isn't. Freedom is not a contract with obligations.

Re:Open sounrce vs free software (0)

Anonymous Coward | about 2 years ago | (#42395179)

That thing that you are calling freedom, isn't. Freedom is not a contract with obligations.

Contrarily, freedom is exactly a contract with obligations. To be free from something, there must be a background against which that freedom has meaning. In other words, whenever someone says something is free, we have to ask 2 questions:

1) Freedom for whom?

2) Freedom to do what?

I can easily talk about the freedom to exploit one's user base, or the freedom to steal. The thing is, sometimes one freedom limits another freedom. In those cases, we don't choose between freedom and tyranny. Instead, we choose which freedom is most important to society. Developers using the GPL decided that their own freedom to benefit from their software trumps others' freedom to benefit from their software.

Re:Open sounrce vs free software (0)

Anonymous Coward | about 2 years ago | (#42395299)

Its impossible for my use of the Public Domain to take away your freedom to also use the Public Domain.

You haven't case matched on all possible types. Your argument is equivalent to proving "for all numbers x, x+0=0" by demonstrating the statement is true in the x=0 case. This is because "Freedom to use the public domain" is not the only type of freedom.

For example: It is possible for your refusal to use the public domain to take away from my freedom to use the public domain.

Some freedoms necessarily limit other freedoms. In such cases, we have to choose what type of society we value. GPL develops value sharing over personal profit.

Re:Open sounrce vs free software (1)

Rockoon (1252108) | about 2 years ago | (#42395919)

For example: It is possible for your refusal to use the public domain to take away from my freedom to use the public domain.

Examples come with things called examples. You clearly couldnt provide one.

Re:Open sounrce vs free software (1)

Bengie (1121981) | about 2 years ago | (#42405079)

For example: It is possible for your refusal to use the public domain to take away from my freedom to use the public domain.

It is impossible to take from someone something that which they never had.

You've ventured into the RIAA's "lost sale" logic.

Re:Open sounrce vs free software (1)

booch (4157) | about 2 years ago | (#42397847)

Licenses like the GPL guarantee the freedom can't be taken away.

That thing that you are calling freedom, isn't. Freedom is not a contract with obligations.

So your claim then is that a society that allows the freedom to own slaves is more free than a society that disallows slavery?

Re:Open sounrce vs free software (1)

Rockoon (1252108) | about 2 years ago | (#42399633)

Nice try reaching for the emotional card.

Re:Open sounrce vs free software (1)

kthreadd (1558445) | about 2 years ago | (#42392959)

The public domain gives developers the freedom to restrict others' freedom. Licenses like the GPL guarantee the freedom can't be taken away.

And it won't as long as you have your copy. GPL merely restricts the existence of non-free copies. Code can be copied, which means that just because someone uses a copy in a non-free way doesn't mean that your free copy is now somehow also non-free. It doesn't matter if it's GPL or permissive, freedom isn't just magically taken away.

Re:Open sounrce vs free software (0)

Anonymous Coward | about 2 years ago | (#42405037)

Forced freedom is not freedom.

It's like saying, "I know you don't want to have kids early in life, so I'm going to sterilize you to protect you from yourself".

Re:Open sounrce vs free software (1)

vurian (645456) | about 2 years ago | (#42393167)

Where I live "public domain" does not exist. The concept has no legal meaning over here.

Re:Open sounrce vs free software (1)

booch (4157) | about 2 years ago | (#42397895)

How about the term "Free Source"? It allows the FSF to continue having the word "free" as in freedom. And it allows the OSI to still focus on the source code. And realistically, the source code really is the only "free as in beer" portion. Additionally, it solves the problem that the OSI has, in that "open source" already has a meaning in the intelligence community, causing the term to not be trademarkable.

Would there be One Ring? (1)

Voline (207517) | about 2 years ago | (#42392827)

Cause that would be cool.

They need "UI experts". (1)

Alex Belits (437) | about 2 years ago | (#42393013)

They should all hire some hipster UI company to ruin the remaining desktop environments and UI-heavy software with some moronic tablet-wannabe interface. After all, Windows 8 is selling so well, GNOME3 is welcomed by the users, and Unity did not hurt the popularity of Ubuntu at all!

Re:They need "UI experts". (1)

kthreadd (1558445) | about 2 years ago | (#42393085)

I think that once GNOME 3 and maybe also Unity (I haven't looked too much at it) has been more fine tuned that users will actually like them more than the older GNOME 2 desktop. It's however unfortunate that GNOME 2 has been discontinued since while GNOME 3 is probably the right desktop for most users it's not the right desktop for all users. Sure Mate exists but the whole thing could have been handled so much more smoothly.

Re:They need "UI experts". (1)

Alex Belits (437) | about 2 years ago | (#42393907)

No, the whole models of both are fatally flawed. GNOME 3 breaks all window managers except its own shell -- that kills any customization that is not done within that shell, and their shell sucks. Both Unity and Gnome break easy window switching and screen layout control -- that clearly identifies them as touch-only design, no matter what their authors thought.

Re:They need "UI experts". (1)

kthreadd (1558445) | about 2 years ago | (#42394181)

Sure and that's why I said that they are not the desktop for everyone. I don't know much about Unity, but at least GNOME 3 will (when it's ready) be a good desktop for most users. I have seen a ton of people that previously would never touch Linux try GNOME 3 and say that this is the point where they could actually consider it as an alternative to Windows or OS X.

Now the bad thing that the GNOME developers really dropped the ball on was that GNOME 3 is not a good fit for those of us that have used Linux for many years now. We want t keep using GNOME 2, or whatever else we are using. For example we have a lot of users still on fvwm. So it would have been so much better if GNOME 2 and GNOME 3 had continued to live side by side. The fact that we have to rename a lot of things in Mate just to avoid name collisions is just ridiculous.

Open source foundations - what next? (0)

Anonymous Coward | about 2 years ago | (#42393525)

You already have various major projects tying up in Software in the Public Interest (the organisation behind Debian, amongst others) and SPI are prepared to talk and deal with OSI and the FSF. Many of the people involved in SPI and Debian are also luminaries in FSFE for those who prefer to deal with FSFE. Do we need much more?

Re:Open source foundations - what next? (1)

unixisc (2429386) | about 2 years ago | (#42393711)

From what I understand, Debian wasn't previously a member of OSI, but joined them not too long ago. I guess being tarred by the FSF for not being free enough (by providing separately the option of un-liberated software for those who wanted them) probably made them decide that they're better off w/ an open-source certification as well, in addition to the Debian Free Software Guidelines.

OSI (1)

booch (4157) | about 2 years ago | (#42397919)

Seems like that would be a good role for the Open Software Initiative.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?