lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 6 Oct 2011 15:35:32 -0700
From: "Zach C." <fxchip@...il.com>
To: Valdis.Kletnieks@...edu
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: New open source Security Framework

Re: putting things in the public domain: Daniel J. Bernstein and Lawrence
Rosen (of Creative Commons fame, I believe) seem to disagree with you on
that: http://cr.yp.to/publicdomain.html

Plus, pretty much the only 'license' djb uses is public domain, so qmail,
djbdns, etc. are all public domain. Incidentally, SQLite (*not* written by
djb) is *also* public domain, and very widely used, too.

As for being sued for public domain code... I would say it is hard to sue an
owner that does not exist (which is what public domain seems to do). Plus,
they would probably have to prove malice or something.

(I personally still wouldn't do it though!)
On Oct 6, 2011 7:02 AM, <Valdis.Kletnieks@...edu> wrote:
> On Thu, 06 Oct 2011 00:34:00 -0300, root said:
>
>> You don't have the faintest idea of how licencing works. You cannot slap
>> a GPL v3 license to any software you see, much less erase the author's
>> names. If you find a code in the internet without any license, you
>> pretty much can't touch it, and must re-implement it completely.
>
> In particular, if code was written in a country that's a signatory to the
Berne
> conventions, it's usually somewhere between very difficult and impossible
to
> actually place a software work in the public domain - at least under US
law,
> even putting an explicit "This work is hereby placed in the public domain"
> quite likely does *NOT* suffice - the only two clear ways to public domain
in
> the US are expiration of the "lifetime of the author plus 75 years"
copyright,
> and "works for hire by a US federal government employee as part of his
duties"
> (so, for instance, NASA photographs are public domain - but photos of NASA
> activities taken by non-NASA photographers probably aren't).
>
> Also, smart programmers *don't* release their code into the public domain
-
> that means that anybody can do anything with it. And that includes
stealing it,
> using it to make tons of money, and then suing you if they discover a bug.
The
> original reason for the BSD and X11 licenses was because you can't stick a
> "hold harmless" clause on something you public-domain.
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ