Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tlug: OpenSSH and keys
- To: firstname.lastname@example.org
- Subject: Re: tlug: OpenSSH and keys
- From: Shimpei Yamashita <email@example.com>
- Date: Fri, 14 Jul 2000 00:14:26 +0900
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain; charset=us-ascii
- In-Reply-To: <396D86E6.87DEC486@example.com>; from AKKurahone@example.com on Thu, Jul 13, 2000 at 02:07:50AM -0700
- References: <396D86E6.87DEC486@example.com>
On Thu, Jul 13, 2000 at 02:07:50AM -0700, Austin K. Kurahone wrote: > >Hello > >I was using openssh-1.2.1 for a while and recently switched to > >openssh-2.1.1 > Ugh, I feel unpure and tainted by answering this question. First > of all get a real ssh implementation freesoftware is no good if > it's crap. (www.ssh.org) But did you read the new license for ssh 1.2.30? Oh my gawd. Exhibit A: >Further, subject to the terms and conditions contained herein and >provided that your are an individual, SSH hereby grants to You, an end >user, a personal, non-transferable, non-exclusive, non-sublicensable >license to install and use the Software for recreational and hobby >purposes only. In other words, you arguably can't use this software for such purposes as maintaining a volunteer organization's web server, unless you do it strictly as a hobby rather than as a charity work. (Academic users do get a "non-commercial" license, BTW. While I find that suboptimal, I would be able to live with it. However, the fact that they get a catch-all non-commercial license and we don't strongly suggest that they would like to exclude some non-commercial activities by non-students.) Exhibit B is even more clear-cut and evil. >You may not: (i) use the Software, except under the terms listed >above; (ii) modify, translate, reverse engineer, decompile, >disassemble or otherwise attempt to reconstruct or discover the source >code of the Software (except to the extent applicable laws >specifically prohibit such restriction); WTF is the point of the source code if you can't even modify it for your own use?!?!?! The way I read this license, you're screwed if the source fails to compile, because you aren't allowed to modify the source to allow it to compile. Sigh. Am I the only one who finds the "reverse engineer" a bit farcical, BTW? You already have the source code; what else is there to reverse engineer? Finally, Exhibit C: >If You are a licensee under the Non-Commercial User License, >or the Evaluation for Commercial Use License, You may make a single >copy the Software for back-up purposes, provided such copy contains >all of the original Software's copyright, trademark and other >proprietary notices and marks. If You are a licensee under the >Commercial User License, You may make only the number of copies of the >Software paid for by You plus a single additional copy for back-up >purposes, provided any and all copies must contain all of the original >Software's copyright, trademark and other proprietary notices and >marks. This software is freely downloadable from an FTP site, BTW. If you used software such as Netscape to get a copy, chances are that you've already breached your contract preemptively by keeping a copy for non-backup purposes in your web cache; if you're going through a caching proxy, the entity operating the proxy may be in violation of the contract as well. I also wonder: what sort of a butt-headed lawyer came up with this lame license? The best you can say about it is that it's myopic, and needs to be put through a grammar checker; the worst is that it may well be unenforceable given how the software is distributed. The least he could have done is use a boilerplate shareware/ trialware license, which is basically what this ssh release is. This license is unreasonably restrictive, looks hastily put together (look at the grammar errors in the parts I quoted you), doesn't mesh well at all with their mode of distribution--everything that suggests that whoever is doing release management at DataFellows (or whatever they call themselves these days) is not doing their job. I haven't actually compiled and tried out the new release yet, but the shoddy nature of this license does not increase my confidence in the code quality of this release. What was that you were saying about crap software, Austin? Finally, what the hell is GNU gmp doing in a non-free software package? It sure looks like a flagrant violation of GPL to me, now that I think about it, but it's hard for me to believe that no one else has noticed this before. I've avoided OpenSSH up to this point, but I'll have to think really, really, really hard about switching now. At least Theo de Raadt isn't obnoxious enough to require me to remember not to use ssh for anything I don't find "recreational," and he also can't stop me from applying patches should anyone ever find a security hole in it (just theoretically speaking, of course; we all know that There Are No Security Holes In OpenBSD Because It's Been Audited). -- Shimpei Yamashita <http://www2.gol.com/users/shimpei/>
- Re: tlug: OpenSSH and keys
- From: Frank Bennett <firstname.lastname@example.org>
- Re: tlug: OpenSSH and keys
- From: "Austin K. Kurahone" <AKKurahone@example.com>
Home | Main Index | Thread Index
- Prev by Date: RE: Information regarding "Kernel Code read party" on 14th, July as YLUG activity.
- Next by Date: RE: Information regarding "Kernel Code read party" on 14th, July as YLUG activity.
- Prev by thread: Re: tlug: OpenSSH and keys
- Next by thread: Re: tlug: OpenSSH and keys
Home Page Mailing List Linux and Japan TLUG Members Links