lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8c18dcc5-9028-672f-1449-359ac3d73592@petrovitsch.priv.at>
Date:   Mon, 24 Sep 2018 21:45:36 +0200
From:   Bernd Petrovitsch <bernd@...rovitsch.priv.at>
To:     xDynamite <dreamingforward@...il.com>
Cc:     "jonsmirl@...il.com" <jonsmirl@...il.com>,
        Theodore Tso <tytso@....edu>, fche@...hat.com,
        riel@...riel.com, ec429@...tab.net,
        Olof Johansson <olof@...om.net>,
        Jonathan Corbet <corbet@....net>,
        lkml <linux-kernel@...r.kernel.org>
Subject: Re: Code of Conduct: Let's revamp it.

On 24/09/2018 20:59, \0xDynamite wrote:
>>> * Publishing others’ private information, such as a physical or
>>> electronic
>>> address, without explicit permission
>>
>> I need an (explicit) permission to "publish" an already published email
>> address which is already world-wide known because it can be found by the
>> simplest and worst search engine as the email address is in public
>> mailing list archives and git repos?
>>
>> Sounds pretty absurd as the people themselves already published their
>> email address.
>>
>> IMHO you cannot "publish" already published stuff.
> 
> The notion of being "published" means at least these two things:  1)

Where exactly - URL? - is that notion defined?
Especially the intention is IMHO not necessary - just the fact if it
happened (and I don't think we want to discuss legal stuff about "X
broke into my home, stole and published my work" - the patent world has
the same problem).

> you INTEND it to be PUBLIC, 2) you made it available to the PUBLIC
> A semi-private email list is a boundary area of being public.  Just

Define "semi-private" - URL?:

Any company/club/family/...-internal ML is - should be;-) - obviously
private as the subscription policy is usually pretty selective (read:
not public, not debatable, ...) and the archives - if any - are not
public by design. So everyone there should know that.

Of course, anyone getting all mails can put an $SEARCH_MACHINE indexed
archive publicly online but that's another (law) question.

On the otherhand, if the mailinglist is public, the (future) subscribers
should know the beforehand.

> like a memo distributed within a university department.  Participants
> in the latter have some reasonable expectation that the material is
> not being published in the larger public sphere beyond actions of the
> trusted participants involved (which might share it in a limited
> fashion as a personal note).

ACK but what has that to do with LKML etc?
You try to change - manipulate - the issues of the discussion. Are you
only a troll?

> So, is code a *published* item?  Most of the public can't read it.

I cannot read (or understand) neither Russian nor Chinese nor almost any
natural (let alone dead) languages of the world. I'm pretty sure that
I'm not the only one;-)
Does that make Russian literature non-public? I don't think so ...
You really don't want to go down that road - neither with law people and
even less with techies.

So how can be (source) code (at least in any publicly known/defined
language) posted on a "everyone can subscribe" mailinglist, archived in
several $SEARCH_ENGINE indexed mailinglist archives and replicated in a
myriad of public accessible git-repos with the only intention of
inclusion in the Kernel not be *obviously* and *clearly* public?

> It is often not intended for the public, per se, only a specialized

Maybe but doesn't change any fact of publication - you may also want to
check with patent folks and "unintended or unwanted publication" (yes,
some talk in a "maybe publicly accessible space" might count there as
"publication") - they have more or less the same situation.

> COMMUNITY.  Because once published, it belongs to copyright and fair> use (THAT sticky little wicket).

In the law area, the Copyright (TTBOMK) and the much more advanced
Central European Authors rights start to exist with existence of the
"work" (and not a µs later) independent of any status or situation of
publication.

Where does the "fair use" come from?
Reads: where is that defined?

If you want me to define "fair use of source code publicized in the LKML
and similar under the GPLv2": You also cease the right to efeectively
revoke it (though that is in some jurisdictions not possible but that
"revoke-right" was made for completely different situations - long
before GPL or CC was even thinkable).

"effectively revoke it" is meant that you cannot say "I wrote parts of
it/I'm the initial contributor/I have a significant patch accepted and
I'm fed up with the kernel so remove all my contributions".
BTW you cannot do that at your workplace either because in all sane
software development companies you cease all (transferable) rights of
your written to the company paying you (and the rest is usually not
enough to get anything revoked).

I don't see why that should be any different with GPLv2 patches for the
Kernel sent to public mailinglists with the intent of inclusion.

Please get back to the issue and circumstances at hand and do not try to
divert people with "not intended for the public" or "semi-public" or any
other off-topic stuff which is clearly not the case here.
Or - even better - shut up, unsubscribe and go away, thank you.

MfG,
	Bernd, NAL but I talked to a lot of them;-)

PS: Sorry for troll feeding:-(
-- 
Bernd Petrovitsch                  Email : bernd@...rovitsch.priv.at
                     LUGA : http://www.luga.at

Download attachment "pEpkey.asc" of type "application/pgp-keys" (1779 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ