lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180705131027.GB9802@localhost>
Date:   Thu, 5 Jul 2018 15:10:27 +0200
From:   Johan Hovold <johan@...nel.org>
To:     Bjørn Mork <bjorn@...k.no>
Cc:     Johan Hovold <johan@...nel.org>, Karoly Pados <pados@...os.hu>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
        Martyn Welch <martyn.welch@...labora.co.uk>
Subject: Re: [PATCH] USB: serial: cp210x: Implement GPIO support for CP2102N

On Mon, Jul 02, 2018 at 08:04:32PM +0200, Bjørn Mork wrote:
> Johan Hovold <johan@...nel.org> writes:
> 
> >> Not quite. It is not from a forum post, but from a SiLabs Knowledge
> >> Base article
> >> (https://www.silabs.com/community/interface/knowledge-base.entry.html/2017/06/12/fletcher_checksumfo-TeDF)
> >
> > Yeah, that's the one I was referring to.
> >
> >> That article states explicitly that the code was taken from Wikipedia,
> >> so it is CC-SA, which is to the best of my knowledge 1) compatible
> >> with GPL, and 2) does not require attribution if the original material
> >> is missing it, and it does. So AFAICT we are clear on the licensing
> >> front.
> >
> > First of all I can't seem to find that code snippet on the wiki page it
> > does refer to, so I'm still not convinced.
> 
> It was there in older versions of the article.  See for example:
> https://en.wikipedia.org/w/index.php?title=Fletcher%27s_checksum&oldid=730327006

Ah, thanks for digging that out.

> > Second, this should have been high-lighted in your submission somehow.
> 
> Definitely. All code has an original author who deserves credit.  And if
> you cannot find the original author, then there is always a risk than
> someone along the line stole the code...  Maybe long before it ended up
> in Wikipedia.  But that doesn't matter.
> 
> Doesn't seem worth the risk for a simple checksum algorithm which
> probably has lots of GPL implementations.

Right.

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ