Create an Account
username: password:
 
  MemeStreams Logo

Cisco and the Serpent’s Broken Tooth (Response)
search
Home Agent Weblogs Social Network Post Help About

Rattle
Picture of Rattle
Rattle's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Rattle's topics
Arts
  Literature
   Sci-Fi/Fantasy Literature
  Movies
  Music
Business
  Tech Industry
  Telecom Industry
Games
Health and Wellness
Holidays
Miscellaneous
  Humor
  MemeStreams
   Using MemeStreams
Current Events
  War on Terrorism
  Elections
Recreation
  Travel
Local Information
  SF Bay Area
   SF Bay Area News
Science
  Biology
  History
  Nano Tech
  Physics
  Space
Society
  Economics
  Futurism
  International Relations
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
  Military
  Security
Sports
Technology
  Biotechnology
  Computers
   Computer Security
    Cryptography
   Cyber-Culture
   PC Hardware
   Computer Networking
   Macintosh
   Linux
   Software Development
    Open Source Development
    Perl Programming
    PHP Programming
   Spam
   Web Design
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Cisco and the Serpent’s Broken Tooth (Response)
Topic: Computer Security 2:47 pm EDT, Aug  2, 2005

Part of what boggles my mind at the idea of any of the hacker community championing Lynn’s actions is that he broke a legal agreement for the management of intellectual property. And, hello!, such an agreement is of the same nature and function as all of the open source licensing practices currently in use. How would most hackers react if I grabbed a big blob of GPL’d source code, stripped out all the attributions, used it to shore up my own weak proprietary code, and started selling it as closed source? I don’t know who would get me first, the blogosphere or the army of lawyers that would surely descend upon me. But I can almost guarantee that you wouldn’t see the hacker community rallying around me in support of my free speech rights under the first ammendment. The fact that there are hackers coming out in support of Lynn when he has effectively trod upon all the legally essential principles of the GPL is downright shocking to me. Either I don’t understand the hacker community as well as I like to think I do, or these individuals are in serious need of upgrades to their memetic firewall code.

This is the first comment in the blogosphere about this situation I've seen that's been truly misguided.. I would like to respond to the two sections of this quote I've put in bold face.

First, it would be Mike Lynn who would catch you, or someone like him. As proof of this, I offer the recent situation where Mike Lynn did the analysis that proved CherryOS stole the code for its emulator product from the PearPC open source project. I pointed this our earlier. Here are a few quotes from his article:

just incase anyone didn't believe them already here goes the analysis (I do this sort of thing for a living) first off CherryOS.exe is what we call in the security industry "packed", that means that they have taken a compiled binary and run it through an obfuscator to make it hard to reverse engineer (or at least with hard if all you're doing is strings)...this is common for virus writers, worm writers, 31337 bot net kiddies, and on the legitimate side, game developers do this a lot...its not very common among the commercial (or free) legitimate software market (mostly because it doesn't work and doesn't do any good) so, the easiest way to defeat the packing is simply to let it start up (this one has several annoying checks for debuggers so its easiest to just attach after its loaded)...

the eula for this thing says its a violation to reverse engineer it, but if you do disassemble it you find they never had the rights to license it in the first place, so I don't feel worried to put this here...

I think I have made it clear beyond a shadow of a doubt that CherryOS.exe, shipped as the core of cherryos is nothing but a recompiled version of PearPC...it has at most minor changes, most to strip attribution, hide the theft, or remove debugging output...

As far as our memetic firewalls go, we are working on that, and have been for quite awhile. Mike's analysis of the CherryOS situation was posted here on MemeStreams.

Cisco and the Serpent’s Broken Tooth (Response)

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0