"Since you did it three times so rapidly, I am calling you a liar. And since you refuse to undo your commercial support in Emacs and GCC, I am going to call you a hypocrite."
Just thought I'd let you know that people have things to say. You don't have to read them, though, but you asked to be notified. Now you have. Read, write, or leave.
Three of the last four security holes in SSH were introduced by the OpenSSH team. They did not exist in other implementations. (the last one was *also* in OpenSSH, but in others as well).
OpenBSD is also the most unstable UNIX out there, even people who *like* OpenBSD admit that. (unless they're total fanbois, who just counter with "your mother"-like retorts)
But maybe you have a different definition of "good".
I have used OpenBSD since 3.2 and have never known it to be unstable, it certainly has stood up better than any Red Hat, Gentoo or Ubuntu distro I have tried YMMV.
I'm not a fan boy, but since you asked so nicely ... yo' mama !
You are indeed correct. It is not good code, but thoughtfully and thoroughly audited by Theo and team. As a developer, I cringe at the thought of the plethora of so-called "developers" who have contributed code to Linux in any way. Much of this contributed code has not been audited and quite easily could pose a severe security risk.
Again, you are indeed correct in saying that OpenBSD has no "good" code. OpenBSD consists of fantastic, audited and very secure code. I can rest easy at night knowing that my OpenBSD firewall is still, by far, the most secure and cost effective system available. Dare you issue a similar statement knowing of the conglomerated code that rests behind IpTables? Do you know much of the authors of IpTables? I can state this with great pride, that Theo, with all of his non politically correct statements, has the drive to produce the absolute most secure operating system possible. Therefore neither he nor any of the developers will incorporate ANY code that they feel would put their os at risk.
Three of the last four security holes in SSH were introduced by the OpenSSH team. They did not exist in other implementations. (the last one was *also* in OpenSSH, but in others as well).
The OpenSSH team takes responsibility for their mistakes (if any) and provides timely fixes.
Oh how easy it is to trust in the black box "other implementations" who will fire and/or sue an ethical employee rather than fix a security hole.
OpenBSD is also the most unstable...
Only if you're running -current, otherwise I see little difference in the stability of OpenBSD and any other recent server OS.
Only if you're running -current, otherwise I see little difference in the stability of OpenBSD and any other recent server OS.
I'd just like to point out that -current does not imply unstable, at least not in the same sense that Debian unstable does. You could easily use OpenBSD-current in a production environment without too much trouble (if any at all). They're very careful about what they add to their tree.
Funny, I don't see any company retroactively closing the OBSD source tree, it's all still there on cvs. If you could tell me what command you're using...
Sure, OpenBSD does not have the hype that Linux and Windows has, but hype is not a measure of quality.
Compare Linux' hideous iptables with OpenBSD PF. Compare Linux wireless "support" to that of OpenBSD. See the quality of the OpenBSD code, the built-in security measures, the fantastic documentation... I can go on for a while. Can you?
not free, because anyone can close it.
You're either an idiot or a troll. How can someone close free code? Once free, always free (GPL or not). Future versions or modifications may not be free (depending on the license), but that's hardly the same as closing existing free code.
You GPL fanboys are so blinded by the idea that if we do not protect our code from being "stolen" by the evil corporations, there will be no free software. I think the BSD systems and OpenSSH in particular are shining examples of why this is not true.
Are you jealous TdR od something?
Not sure what to make of that statement. But I can at least say that Theo actually does something to produce free software. RMS just preaches. Until we have a compiler that transforms preaching into usable software, RMS is nothing more than a priest (with the usual group of followers).
What has happened? The code didn't vanish, Apple made a product from it. The original is still there and free. This is the dumbest argument that keeps getting used over and over...
Show me a non-comercial BSD that has gone away cause it was closed while once being open.
This is such backward thinking unless you have hidden financial agendas to "free" software. But the arguments of the people with the money are good so millions believe them.
It's happened to BSD code lots of times [being closed]. Just for an example, Apple has done it in OSuX.
No, they've closed their version of it. The original remains unaffected. The fact that others use OpenSSH code in proprietary products does not make OpenSSH less free. How fscking hard is that to understand? It's still free, as in air, for everyone.
The only way this can be prevented is with a copyleft-style licence, like the GPL.
If you want to prevent people from using Free Software the way they see fit, then the GPL might be what you want. However, if you want to allow people the freedom to choose ...
You keep preaching freedom but keep adding restrictions. It's fascinating, really.
Nicely said! Couldn't have said it any better and any truer.
I'm willing to bet his obvious lack of knowledge made him shove his dirty socks in his mouth.
Poor guy... I feel kinda bad laughing at him right now, but the positive side is that a laugh is always good! He obviously lacks any facts, remote intelligence or coding skills to know the difference, otherwise he wouldn't have posted such non-sense.
Linux just doesn't compare to OpenBSD in many aspects, but the goals are way different. They're all followers, they hate MS because it's a childish Linux trend.
Just for one, OpenBSD is still free and will always be, while Linux is becoming more closed source, commercially dominated that even their god Linus Torvalds doesn't have too much say anymore.
RedHat is the next MS who ate the apple and threw back the (Fedora) core for the public to eat and plant the seeds for them to just take all the apples from the new tree and make even more money... They can't even contribute a dime to OpenSSH, yet everyone uses it while it's developed by the OpenBSD people and people still bash BSD - how pathetic.
I'll be charitable and say that Theo de Raadt is suffering a severe episode of foot-in-mouth syndrome. Richard Stallman may be called many things, but "liar" and "hypocrite" are not among them.
Richard Stallman may be called many things, but "liar" and "hypocrite" are not among them.
He cannot recommend an OS because some system, that the OS developers recommends against using, allows you to install non-free software. At the same time he provides pre-compiled binaries of Emacs (and other programs) for Windows. That's hypocrisy.
He claims that all BSD systems contain (or include), in their ports system, non-free software. That's a lie. He was given a chance to correct his mistake or admit being wrong. Instead he chose to twist the meaning of the words to make it seem no mistake was made. That's lying.
RMS has in this "episode" shown to be a hypocritical liar. That said, I'm generally an RMS supporter (though I'm not that fanatical about things as he is).
can someone explain what the thing about commercial support in Emacs and GCC means? I am aware that companies offer commercial support for open-source software, but do not know how Richard Stallman connects to this.
... do not know how Richard Stallman connects to this.
He connects to this quite nicely by writing code (lots of code actually) for the sole purpose of having Emacs work on non-free software. Then he has the nerve to say that referring to non-free software is bad and he cannot recommend such a system. By his own standard, he should not recommend anyone use Emacs.
The classic counterargument is Stallman's view that:
1) running some free software on non-free system is better than running only non-free software;
2) running some non-free software on free system is worse than running only free software.
These facts are justified roughly as follows:
In case of 1) the user is already in the non-free land. One can hope to addict him to free software and thus migrate him fully to the free land. In case of the free system, the non-free parts represent a drift towards opposite direction. Stallman militantly opposes 2) but does not oppose 1). To apply this to GCC and Emacs: code to support win32 in gcc and emacs falls in the situation 1 category.
The counterargument to this counterargument is:
Allowing free software to run on non-free platforms can migrate users to non-free systems. There is evidence of this, but not much analysis on how serious the problem is. Hardly anyone would switch from, say, Linux, to Windows just because one could use emacs there. But being able to keep your favourite applications with you does help migration both to free and non-free alike.
Not sure if this is what is being referred to, but somewhere in the thread it was mentioned that Emacs is capable of running in Windows, that there is specific code in the official Emacs tree which serves no purpose other than to allow Emacs to run in Windows. I will agree that this by far seems like far more of an endorsement of proprietary software than simply listing URLs where proprietary software exists.
This seems to be one of the main reasons RMS is here being called a hypocrite. It is okay in his mind to acknowledge the existence of proprietary software by writing code specifically to support it, but it is not okay in his words to even tell others that proprietary software exists. I can certainly understand his position, as it seems to be: "If you're using proprietary software already, we're going to do everything we can to let you run free software. If you're using free software already, we're going to do everything we can to make sure you don't know about proprietary alternatives."
As he says in some of the exchanges, he is not saying proprietary software should be impossible to install, or even difficult. He says that proprietary software should not be acknowledged as a legitimate option by mentioning it in lists of installable packages. There's a very clear and obvious distinction between "not including installation instructions for proprietary software" and "not including support to be installed on top of proprietary software", but many, including myself, see that his point of "lending legitimacy" is equally valid regardless of that distinction. Emacs having support to run on windows lends legitimacy to Windows, a proprietary platform. It says "installing Emacs on Windows is a valid option which we support". If code speaks louder than words in one situation, it should in the other situation as well.
The main problem is that RMS seems so black and white about it. Either your distribution ignores propriety software, or it doesn't. Even if proprietary options are disabled by default, give lots of warnings about what you are doing, etc, just having the distribution be aware of them is too much. Including a list of them is the same as saying it's a good thing. (guess how long it took for that particular line of thought to lead to Godwin's law)
The disparity between the black and white "mention it and you support it" policy on lists of available packages and "recipes", vs "write code which serves no other purpose but to allow compatibility with proprietary software. We don't support using it, we just support the ability to use it." which Emacs seems to fall under, is where some of the calls of "hypocrite" come from.
I understand both sides. I agree with one of them. I think RMS should stick to his guns, I think that's admirable. But I think he should do so by only supporting distributions of Emacs which do not include code to support proprietary software.
But then, I think he should do that because I know he likes to stick to his principles. I would of course rather he just ask Debian to provide more warnings about why using proprietary software is a Bad Thing^TM, rather than saying "don't mention proprietary software or it makes all your efforts towards ensuring free software worthless!"
People are going to use proprietary software. Distributions keeping track of it, mentioning that it is non-free, and encouraging people to get that software through distribution channels controlled by purveyors of free software, allows
people to be made aware of what they are doing. And it allows distributions to recommend free alternatives when they become available. And any number of other good and useful reasons. Ignoring proprietary software won't make it go away. Out-doing proprietary software despite it being a simple-to-use alternative will.
Ignorance is no excuse for sin.
Ignorance is no excuse for virtue.
Sheesh. Fanatics from both sides of the licenses keep saying the other's dead. People are using and developing these systems since time immemorial, for reasons between warm fuzzy feelings and personal gain, isn't that enough?
This has been going on for
This has been going on for about a month now, when someone has something to say let me know.
Letting you know
Just thought I'd let you know that people have things to say. You don't have to read them, though, but you asked to be notified. Now you have. Read, write, or leave.
Happy hacking.
NATSTM
Theo is someone who is not afraid to speak their mind. Good on 'em.
This is another person that does the same, that made waves recently:
http://www.zedshaw.com/rants/rails_is_a_ghetto.html
Good stuff. Stirring shit keeps things interesting :)
well
I can't really take someone seriously who considers DHH to be a good coder.
I get the feeling that Theo
I get the feeling that Theo should work a bit on his people skills.
Nah
He's too busy writing good, free, code.
"Good" code? Hardly
Three of the last four security holes in SSH were introduced by the OpenSSH team. They did not exist in other implementations. (the last one was *also* in OpenSSH, but in others as well).
OpenBSD is also the most unstable UNIX out there, even people who *like* OpenBSD admit that. (unless they're total fanbois, who just counter with "your mother"-like retorts)
But maybe you have a different definition of "good".
I have used OpenBSD since
I have used OpenBSD since 3.2 and have never known it to be unstable, it certainly has stood up better than any Red Hat, Gentoo or Ubuntu distro I have tried YMMV.
I'm not a fan boy, but since you asked so nicely ... yo' mama !
You're right.
You are indeed correct. It is not good code, but thoughtfully and thoroughly audited by Theo and team. As a developer, I cringe at the thought of the plethora of so-called "developers" who have contributed code to Linux in any way. Much of this contributed code has not been audited and quite easily could pose a severe security risk.
Again, you are indeed correct in saying that OpenBSD has no "good" code. OpenBSD consists of fantastic, audited and very secure code. I can rest easy at night knowing that my OpenBSD firewall is still, by far, the most secure and cost effective system available. Dare you issue a similar statement knowing of the conglomerated code that rests behind IpTables? Do you know much of the authors of IpTables? I can state this with great pride, that Theo, with all of his non politically correct statements, has the drive to produce the absolute most secure operating system possible. Therefore neither he nor any of the developers will incorporate ANY code that they feel would put their os at risk.
RMS, go have some rhinophytonecrophilia.
Three of the last four
The OpenSSH team takes responsibility for their mistakes (if any) and provides timely fixes.
Oh how easy it is to trust in the black box "other implementations" who will fire and/or sue an ethical employee rather than fix a security hole.
Only if you're running -current, otherwise I see little difference in the stability of OpenBSD and any other recent server OS.
-current
I'd just like to point out that -current does not imply unstable, at least not in the same sense that Debian unstable does. You could easily use OpenBSD-current in a production environment without too much trouble (if any at all). They're very careful about what they add to their tree.
Good code.
SSH is a protocol and is specified by a set of RFCs. I doubt OpenSSH where responsible for introducing security holes in those documents.
Pedantry aside, all software has bugs. OpenBSD just has less, in my experience (and less severe thanks to their security features).
What where the other implementations?
I may also have a different definition for "a fscking idiot" but I'll call you one anyway.
WT?
He's too busy abusing others.
> He's too busy writing good, free, code
Light years behind Linux code, not free, because anyone can close it. Are you jealous TdR od something?
Funny, I don't see any
Funny, I don't see any company retroactively closing the OBSD source tree, it's all still there on cvs. If you could tell me what command you're using...
Uh... that's because they do
Uh... that's because they do it and don't tell you. FreeBSD runs in Juniper routers for example.
So? FreeBSD didn't go away
So? FreeBSD didn't go away because of this. Who cares if somebody is making money if the original is still free?
last time I checked...
FreeBSD is still free, available for all to use and it's still actively growing to it's developers base.
How does somebody using/selling a solution based on *BSD make the existing source non-free?
Uh, I mean the code is still
Uh, I mean the code is still there on *BSD CVS servers. What company is going to shut down the code in CVS?
Light years?
And what parts, exactly, are light years behind?
Sure, OpenBSD does not have the hype that Linux and Windows has, but hype is not a measure of quality.
Compare Linux' hideous iptables with OpenBSD PF. Compare Linux wireless "support" to that of OpenBSD. See the quality of the OpenBSD code, the built-in security measures, the fantastic documentation... I can go on for a while. Can you?
You're either an idiot or a troll. How can someone close free code? Once free, always free (GPL or not). Future versions or modifications may not be free (depending on the license), but that's hardly the same as closing existing free code.
You GPL fanboys are so blinded by the idea that if we do not protect our code from being "stolen" by the evil corporations, there will be no free software. I think the BSD systems and OpenSSH in particular are shining examples of why this is not true.
Not sure what to make of that statement. But I can at least say that Theo actually does something to produce free software. RMS just preaches. Until we have a compiler that transforms preaching into usable software, RMS is nothing more than a priest (with the usual group of followers).
One myth, then other myth, then... *bsd
What you've said it's just a myth that *bsd fanboys tell each other :D. Now I can't stop laughing.
> quality of the OpenBSD code
Please stop! I can't take it any more. LOL
You obviously don't read
You obviously don't read code
I guess having to worry
I guess having to worry about getting flooded with regressions is a good sign of quality...to you, at least.
Can Free Stay Free
The only way this can be prevented is with a copyleft-style licence, like the GPL.
What has happened? The code
What has happened? The code didn't vanish, Apple made a product from it. The original is still there and free. This is the dumbest argument that keeps getting used over and over...
Show me a non-comercial BSD that has gone away cause it was closed while once being open.
This is such backward thinking unless you have hidden financial agendas to "free" software. But the arguments of the people with the money are good so millions believe them.
Think for yourself.
Wrong
No, they've closed their version of it. The original remains unaffected. The fact that others use OpenSSH code in proprietary products does not make OpenSSH less free. How fscking hard is that to understand? It's still free, as in air, for everyone.
If you want to prevent people from using Free Software the way they see fit, then the GPL might be what you want. However, if you want to allow people the freedom to choose ...
You keep preaching freedom but keep adding restrictions. It's fascinating, really.
Nicely said!
Nicely said! Couldn't have said it any better and any truer.
I'm willing to bet his obvious lack of knowledge made him shove his dirty socks in his mouth.
Poor guy... I feel kinda bad laughing at him right now, but the positive side is that a laugh is always good! He obviously lacks any facts, remote intelligence or coding skills to know the difference, otherwise he wouldn't have posted such non-sense.
Linux just doesn't compare to OpenBSD in many aspects, but the goals are way different. They're all followers, they hate MS because it's a childish Linux trend.
Just for one, OpenBSD is still free and will always be, while Linux is becoming more closed source, commercially dominated that even their god Linus Torvalds doesn't have too much say anymore.
RedHat is the next MS who ate the apple and threw back the (Fedora) core for the public to eat and plant the seeds for them to just take all the apples from the new tree and make even more money... They can't even contribute a dime to OpenSSH, yet everyone uses it while it's developed by the OpenBSD people and people still bash BSD - how pathetic.
RMS 2, TdR 0
I'll be charitable and say that Theo de Raadt is suffering a severe episode of foot-in-mouth syndrome. Richard Stallman may be called many things, but "liar" and "hypocrite" are not among them.
Why not?
So, even though RMS lies and condemns other for doing things he himself does, he may not be called a "liar" neither an "hypocrite". I wonder why...
Hypocrite and liar
He cannot recommend an OS because some system, that the OS developers recommends against using, allows you to install non-free software. At the same time he provides pre-compiled binaries of Emacs (and other programs) for Windows. That's hypocrisy.
He claims that all BSD systems contain (or include), in their ports system, non-free software. That's a lie. He was given a chance to correct his mistake or admit being wrong. Instead he chose to twist the meaning of the words to make it seem no mistake was made. That's lying.
RMS has in this "episode" shown to be a hypocritical liar. That said, I'm generally an RMS supporter (though I'm not that fanatical about things as he is).
Commercial support
Hello everyone,
can someone explain what the thing about commercial support in Emacs and GCC means? I am aware that companies offer commercial support for open-source software, but do not know how Richard Stallman connects to this.
Regards
Christian
Connects
He connects to this quite nicely by writing code (lots of code actually) for the sole purpose of having Emacs work on non-free software. Then he has the nerve to say that referring to non-free software is bad and he cannot recommend such a system. By his own standard, he should not recommend anyone use Emacs.
Ok, RMS view once again...
The classic counterargument is Stallman's view that:
1) running some free software on non-free system is better than running only non-free software;
2) running some non-free software on free system is worse than running only free software.
These facts are justified roughly as follows:
In case of 1) the user is already in the non-free land. One can hope to addict him to free software and thus migrate him fully to the free land. In case of the free system, the non-free parts represent a drift towards opposite direction. Stallman militantly opposes 2) but does not oppose 1). To apply this to GCC and Emacs: code to support win32 in gcc and emacs falls in the situation 1 category.
The counterargument to this counterargument is:
Allowing free software to run on non-free platforms can migrate users to non-free systems. There is evidence of this, but not much analysis on how serious the problem is. Hardly anyone would switch from, say, Linux, to Windows just because one could use emacs there. But being able to keep your favourite applications with you does help migration both to free and non-free alike.
Commercial Support
Not sure if this is what is being referred to, but somewhere in the thread it was mentioned that Emacs is capable of running in Windows, that there is specific code in the official Emacs tree which serves no purpose other than to allow Emacs to run in Windows. I will agree that this by far seems like far more of an endorsement of proprietary software than simply listing URLs where proprietary software exists.
This seems to be one of the main reasons RMS is here being called a hypocrite. It is okay in his mind to acknowledge the existence of proprietary software by writing code specifically to support it, but it is not okay in his words to even tell others that proprietary software exists. I can certainly understand his position, as it seems to be: "If you're using proprietary software already, we're going to do everything we can to let you run free software. If you're using free software already, we're going to do everything we can to make sure you don't know about proprietary alternatives."
As he says in some of the exchanges, he is not saying proprietary software should be impossible to install, or even difficult. He says that proprietary software should not be acknowledged as a legitimate option by mentioning it in lists of installable packages. There's a very clear and obvious distinction between "not including installation instructions for proprietary software" and "not including support to be installed on top of proprietary software", but many, including myself, see that his point of "lending legitimacy" is equally valid regardless of that distinction. Emacs having support to run on windows lends legitimacy to Windows, a proprietary platform. It says "installing Emacs on Windows is a valid option which we support". If code speaks louder than words in one situation, it should in the other situation as well.
The main problem is that RMS seems so black and white about it. Either your distribution ignores propriety software, or it doesn't. Even if proprietary options are disabled by default, give lots of warnings about what you are doing, etc, just having the distribution be aware of them is too much. Including a list of them is the same as saying it's a good thing. (guess how long it took for that particular line of thought to lead to Godwin's law)
The disparity between the black and white "mention it and you support it" policy on lists of available packages and "recipes", vs "write code which serves no other purpose but to allow compatibility with proprietary software. We don't support using it, we just support the ability to use it." which Emacs seems to fall under, is where some of the calls of "hypocrite" come from.
I understand both sides. I agree with one of them. I think RMS should stick to his guns, I think that's admirable. But I think he should do so by only supporting distributions of Emacs which do not include code to support proprietary software.
But then, I think he should do that because I know he likes to stick to his principles. I would of course rather he just ask Debian to provide more warnings about why using proprietary software is a Bad Thing^TM, rather than saying "don't mention proprietary software or it makes all your efforts towards ensuring free software worthless!"
People are going to use proprietary software. Distributions keeping track of it, mentioning that it is non-free, and encouraging people to get that software through distribution channels controlled by purveyors of free software, allows
people to be made aware of what they are doing. And it allows distributions to recommend free alternatives when they become available. And any number of other good and useful reasons. Ignoring proprietary software won't make it go away. Out-doing proprietary software despite it being a simple-to-use alternative will.
Ignorance is no excuse for sin.
Ignorance is no excuse for virtue.
Links into mail archive discussion
Some links:
http://kerneltrap.org/mailarchive/openbsd-misc/2007/12/13/504143
http://kerneltrap.org/mailarchive/openbsd-misc/2007/12/13/504611
http://kerneltrap.org/mailarchive/openbsd-misc/2008/1/1/532373
Tact?
Charming fellow that Theo. It is no wonder that he is as popular a leader as he is. Has anyone told him? BSD is dead. GNU/Linux killed it.
Sorry what?
>Charming fellow that Theo. It is no wonder that he is as popular a leader as he is. Has anyone told him? BSD is dead. GNU/Linux killed it.
sorry what? who does your research, a monkey?
Sheesh. Fanatics from both
Sheesh. Fanatics from both sides of the licenses keep saying the other's dead. People are using and developing these systems since time immemorial, for reasons between warm fuzzy feelings and personal gain, isn't that enough?
Both are idiots, just
Both are idiots, just different idiots.
And I actually agree on Theo's points more than on RMS here.
That being said, Theo is also the reason I rather stick to my Linux from scratch than trying out OpenBSD.
Curious
I'm curious. What kind of logic do you apply to arrive at such a statement?
I'm also curious about what SSH implementation you use on your LFS system.
I'm curious. What kind of
He probably values the community around whatever os he uses. Theo may be right, but that doesn't mean you have to like him ;)
How does that matter at all? Theo doesn't like RMS but he still uses gcc (for now).
Community
That's fair enough, but Theo is not the community.
It matters if he use OpenSSH but refuse to try OpenBSD because of personal issues with the project leader.