taint.org: Justin Mason’s Weblog

Software: a nifty trick in this Slashdot comment:

… This reminds me of an old trick we developed to use on the Amiga on a public-access cable channel. The software was under development and crashed occasionally, so rather than having a flashing guru meditation up on a local TV channel until it was rebooted the next day, we came up with a plan, that would probably work on a Windows machine as well (or just about any other system)

The idea was that while the software application was running, it drove a continuous 1khz tone out the audio port that kept a relay energized (that kept the signal on-air). When the system crashed, the audio output stopped, which meant the relay was no longer energized = video signal switched back to a stock SMPTE bars signal from a test generator.

Nowadays, I’d probably pay the money for a hardware watchdog timer. But this is a good, cheap way to implement a dead man’s switch. Very clever!

Tags: amiga, cable, channel, comment, relay, signal, slashdot, software, system, trick

RFID: Over on Adam Shostack’s weblog, in a comment on an entry regarding the plans to mandate remotely-readable RFID passports, Martin Forssen brings up a great idea:

What I want is a device which beeps every time somebody scans me for RFID-tags. I assume this would be fairly easy to construct since the scanner must send a signal of some strength to activate the chip.

I wonder if that’d work? A keyfob, for example, something similar in size to the dinky Chrysalis Wifi Seeker I have on my keyring, would be perfect. It’d be probably pretty cheap to make, would make a great geek toy, and be quite educational too. ;)

Tags: comment, device, entry, idea, rfid, rfid-tags, scanner, somebody, time, weblog

Web: The slashdot story. The comments contain a massive amount of noise, but there are some highlights…

Some details of the backend; it appears Indymedia need more mirrors, and the imc-tech list and #tech channel are the best contact locations to get in touch. The comment also notes that the Mir CMS used by most IMCs generates static HTML — which is a good thing! I hereby withdraw my kvetching about server-side dynamic scripting in that case ;)

The techie who ‘had the contract with Rackspace’ comments, and provides a link to his weblog, which contains copies of the trouble tickets.

He also notes that the possible illegal posting was a newswire submission — therefore not ‘published’ per se, just uploaded in the same way an unmoderated-up slashdot comment is.

And finally — he notes that the EFF are offering to represent himself and Indymedia pro bono. Yay EFF!

The Electronic Frontier Foundation (EFF) is currently assisting Indymedia investigate possible responses to the seizure of its information. More than 20 Indymedia-related websites, along with Indymedia’s online radio, were hosted on the servers, which were dedicated machines provided by Rackspace.

‘This seizure has grave implications for free speech and privacy. The Constitution does not permit the government unilaterally to cut off the speech of an independent media outlet, especially without providing a reason or even allowing Indymedia the information necessary to contest the seizure,’ said EFF Staff Attorney Kurt Opsahl.

This is great news. Top-secret takedowns are not a good thing, especially when they span three national borders…

Tags: comment, eff, indymedia, information, rackspace, seizure, slashdot, speech, story, thing, web

Patents: Newsforge: Patents in an open source world, by Lawrence Rosen (founding partner of Rosenlaw and Einschlag).

Interesting article, but I’m not sure summary point number 2 (’continue to document our own “prior art” to prevent others from patenting things they weren’t the first to invent’) really helps, when the patent examiners clearly haven’t performed the simplest Google check. I’ve found obvious prior art in 30 seconds, by plugging 3 words from patent claims into Google in the past (and yes, I have a reasonable idea how to read patent claims by now).

Point number 3 is interesting, since it contradicts most other advice I’ve read regarding patent searches: ‘Conduct a reasonably diligent search for patents we might infringe. At least search the portfolios of our major competitors. (This, by the way, is also a great way to make sure we’re aware of important technology advances by our competitors.) Maintain a commercially reasonable balance between doing nothing about patents and being obsessed with reviewing every one of them.’

However, this comment really is interesting and raises something major that I’d never heard of before — users of proprietary software can also face a significant risk from the patent threat. In particular, according to the linked comment, Microsoft licensed some patented technology from a company called Timeline Inc., but the license was not sublicenseable — in other words, it did not grant their customers the rights to fully use the technology! (in fairness to MS, this was established later in court.) Result: href=”http://trends.newsforge.com/comments.pl?sid=39443&cid=96153″>MS SQL server OEMs and ISVs are now being sued.

Tags: art, comment, google, newsforge, number, patent, patents, point, search, technology, way

Patents: Oh, come on. USPTO: task list window for use in an integrated development environment. Here’s claim 1:

1. A computer-implemented method for managing development-related tasks, the method comprising:

   during an interactive code development session, evaluating source code to determine whether a comment token is present;

   in response to determining that the source code contains a comment token, inserting a task into a task list; and

   in response to completion of a task, modifying the task list during the interactive code development session to indicate that the task has been completed.

There’s 74 more claims that are about up to that standard, including the usual ‘an input module connected to the knee-bone’ mumbo-jumbo that means it ‘isn’t a software patent’.

This is just quite simply absurd. Are we really supposed to believe that nobody had thought of what is essentially a list of tickboxes, displaying the output of ‘grep TODO *.c’, before March 6, 2000? You have got to be kidding. This /. comment suggests that Delphi 5 (released 1999) did it.

(update: looks like there was a provisional patent application, so that may have to be Mar 5 1999.)

William Chiles, Anders Hejlsberg, Randy Kimmerly and Peter Loforte should be ashamed of themselves for filing this joke. And the USPTO examiner who granted it should be fired.

(PS: a factoid from the slashdot comments: IBM receives (note: not even ‘files for’) nearly 10 patents every day.)

Tags: code, comment, development, list, method, patents, response, session, source, task, uspto

Humour: This year’s bad sex prizewinners. I think Rod Liddle deserved it, myself, purely for his comment:

Columnist and former Today programme editor Rod Liddle was almost struck out on the grounds that his sex scenes were actually rather well done, but his novel Too Beautiful for You, (’after a modicum of congenial thrusting, she came with the exhilarating whoops and pant- hoots of a troop of Rhesus monkeys’) was reinstated after he said the judges were unqualified, since nobody on the Literary Review had had sex since 1936, in Abyssinia.

Tags: beautiful, columnist, comment, editor, humour, modicum, novel, programme, sex, today, year

during this ongoing European software patents thing, I was reminded of a comment I heard a while back from a pro-patent guy.

He was around in the bad old days of SSLeay’s patent woes. SSLeay, like many cryptographic products in the 80’s and 90’s before the RSA and other patents expired, was in a legal grey area due to patent issues. To quote the ‘Is This Legal?’ section of their FAQ:

That is one of the hard questions on which there is as yet no clear answer. You need to read quite a bit of information to draw your own conclusions - and then go and talk to a lawyer. Again this document is my opinion and as such should be treated in that light - reality could be quite different to how I happen to see things :-).

In short:

• outside the USA there should be no problems
• inside the USA RSA hold patents over the RSA algorithms, however if you use RSAREF (which SSLeay can link to) then non-commercial use is probably okay. For commercial purposes you need to talk to RSA to license one of their toolkits (BSAFE) or come to some other licensing arrangement with them.
• IDEA may be a problem inside Europe and RC4 inside the USA; both can be removed with a simple compile-time option or you can licence the IDEA algorithm.

Eventually, RSA relicensed their algorithms to be freely usable. Thankfully IDEA could be avoided by using alternative algorithms in the SSL transaction, so it wasn’t a biggie; most SSL users just switched it off. Finally, the RSA patent finally expired — so nowadays SSL is commonplace, and using SSL to protect security is a lot easier than it used to be.

Anyway, I’m diverging here… the relevance is this mail from Hartmut Pilch discussing the current euro-swpat proposal. He reckons even the SSLeay defense — saying ‘do not download this software in these countries unless you get these licenses’ — would not work with the current proposal:

To make this clearer: according to the CEC proposal, you still risk being sued even if you only publish a program and warn people ‘please do not execute unless you have obtained a license from XXX’.

Tags: comment, idea, patent, proposal, rsa, software, ssl, ssleay, thing, while

Wow. A spammer has already scraped my blog and caught that one-use cdt_comment_go address I posted a week or so ago. That has to be a record. Ah well, Bayes and the SBL are catching it nicely…

The spammer in question is artprice.com, aka. artlist.com, aka a bunch of unrepentant spammers who’ve been out-and-out spamming for years, from France. Nothing worse than a full-time spamhaus. My consolation is that if they do this after August, I can prosecute them for it, since France is in the EU ;)

Just for reference, if anyone finds this on a Google search: the address was a one-use disposable job, for comments on a survey, posted once, and never used for sign-ups or even to send a single mail message. This is 100% spam, through and through.

Tags: aka, bayes, blog, cdt, com, comment, record, sbl, spammer, week

LWN on the case. An excellent commentary, and features this lovely user-posted comment as well:

‘Without access to such equipment, facilities, sophisticated methods, concepts and coordinated know-how, it would be difficult or impossible for the Linux development community to create a grade of Linux adequate for enterprise use.’

Alan Cox wrote the first SMP version of Linux. Do you know who bought Alan the hardware? It was Caldera :-)

Not IBM, after all, but Caldera — who are now part of the SCO group. This usenet posting from 1995 backs that up, as does the Caldera-badged Linux SMP page.

Tags: access, caldera, case, comment, commentary, equipment, know-how, linux, lwn, smp