FreeBSD COPYRIGHT in OSX

Phishfry

Beastie's Twin

Reaction score: 2,747
Messages: 5,683

Thank you ralphbsz
I cleaned up that rant some. Binary distribution does require an copyright notice.
The license does not say how long it has to remain on the computer.
So you could copy it over to /tmp while installing software and then delete it on cleanup.
That would meet the license requirements as I read them.
 

yuripv

Well-Known Member

Reaction score: 128
Messages: 285

Either way, Apple not displaying a copyright correctly is the least of our concerns.
Well, that's not true, they do follow the requirements. Looking at my iPhone, Settings->General->Legal lists a lot of licences and copyrights for specific code parts that were used. No one is forcing you to display all that on the front page though.
 

CraigHB

Well-Known Member

Reaction score: 130
Messages: 357

It is getting very close to Stockholm Syndrome for consumers.

Never thought of it quite that way, but it's always a line software crosses for me when an internet connection is required to run. Not saying I won't cross that line, but rather a demarcation. More of an "in for a penny, in for a pound". Either my stuff all runs local or it all runs remote, not a mix and mash of both.
 

ralphbsz

Son of Beastie

Reaction score: 2,414
Messages: 3,290

Honestly, I don't know how the copyright notice has to be distributed. The license says in the "documentation and/or other materials provided with the distribution". Let's take MacOS and iOS as an example. To my knowledge, you can only (legally) obtain those when you buy the Apple hardware (the Mac or iPhone or tablet). Therefore it is sufficient if the copyright notice is shipped with the hardware, that matches the "provided" clause. It could for example be printed on the box the hardware comes in. Or on the little piece of paper that comes with the hardware. Or it could be displayed on the screen when you boot. Or it could be in an application or program that you can start. Or one time when first powering it up. I have no idea whether there have been lawsuits clarifying where it needs to be displayed.

On the Mac currently on my lap, it is super easy to find: Top left apple menu -> About this Mac -> bottom right License Agreement -> brings up a finder window, click on first item Acknowledgements -> there it is.

Claiming that Apple is hiding the license, or not properly displaying it, is simply nonsensical. Or perhaps explicit trolling. Accusing that Apple is being unsupportive or inimical to *BSD, and that a "fight" (probably meaning court fight) would be necessary, is not only nonsensical, but outright damaging.
 

ralphbsz

Son of Beastie

Reaction score: 2,414
Messages: 3,290

Hah so true. Absolute idiocy.

Being artificially tied to the internet is basically the easiest way to "damage" a consumer. So naturally that is why 99% of commercial software does its best to tie a consumer to the internet.

It is getting very close to Stockholm Syndrome for consumers. The more they are treated like absolute dirt by these (effectively criminal) corporations, the more they respect, revere and almost worship them.

Either way, Apple not displaying a copyright correctly is the least of our concerns. What is a little bit sad is that if the FreeBSD Foundation did try to fight them, they possibly would not win, even if Apple had actually broken a license agreement.

Sorry, no. Think about the alternatives.

Let's consider a typical consumer, who has one or more devices (laptop, smartphone, tablet, for this discussion they are all the same). They want to do something on their device, and doing so will create some data that they want to be persisted (meaning they can read it again later).

Observation: Most computer users are nearly continuously connected today, but with varying bandwidth and latency. That's simply a verifiable fact. For a fun story, earlier this year I spent 3 weeks in rural southern Brasil (family matter), and that's not a super-rich high-tech area, completely on the contrary. My cell phone was nearly always connected, even on the 1-hour trip on a provincial road between the district capital and a small farming village where my mother lives. Navigation and messaging worked nearly always (because of the nature of the family emergency, I was in constant contact with my siblings, who live in different continents). Many of the "big buildings" (hotel, restaurant, government hospital, court house, ...) had free WiFi which simply worked. Boring. Actually, where I live (in the mountains on the edge of Silicon Valley), connectivity is actually slightly worse than in rural Brasil; there are several stretches of road through uninhabited areas on my daily commute where my cell phone is disconnected (no phone calls) for several minutes. And this anecdotal data agrees with what the computer industry knows: connectivity is nearly always available.

Now lets consider the situation of our consumer. In a nutshell, they want to "save a file". Let's say we are in charge of the software to do that. Where shall we save it? On the device they're using right now? That is the traditional choice, but it is a bad idea for a variety of reasons. First, the consumer expects that data is seamlessly available on all devices; they expect to open the file they just saved on their laptop using their phone, in 1 minute and next year. So it needs to go "in the cloud", like it or not. Second, the storage on the device is by its nature unreliable: drop the cellphone in the swimming pool (been there, done that), and the file is gone, which will get the consumer very upset. Not at themselves for dropping the phone in the pool (people tend to not take responsibility for their actions), but the provider for making a system that broke due to a small mistake. Third, any single storage device is too unreliable for our expectations of data survival today. Disks have expected error rates, and with the size and error rate of disks today, data loss is no longer a remote possibility, but a near certainty. There is the (very accurate) observation from the CTO of NetApp that storing data with fault tolerance to only 1 disk error is today "professional negligence". We need to make at least >2 copies of the data, and they need to spread over multiple failure domains (not all in the same physical location, not all using the same power grid).

Now take that consumer requirement, and put it together with the observation above, and the solution jumps out: rely on the network connection for data safety. Really, there is no sane other option today. You may not like it, you may be a technology luddite who wants to remain in the 80s and 90s, or you may be an anarchist who doesn't want to leave a trail of evidence online, then you can reject the solution, but for most consumers, the right solution is to put all data in the cloud.

That leaves one little problem: What to do for the rare cases where connectivity is missing or insufficient? And this is where software development gets really hard. You need to start leaving cached copies of the data in various places where it likely to be used. The moment you do that, you have a consistency problem that's somewhere between hard and impossible to solve. Go back and read Satya's Code paper: The solution he outlines (eventual consistency with manual conflict resolution) is an attempt to do this, but an attempt that today would get laughed out of town. So today a lot of effort goes into consistent caching, and resolving updates.

So what does this all say? Relying on the "internet" being on is nearly always the right answer. If you don't like it, feel free to unplug your ethernet cable. But don't expect providers of software or systems to cater to your whims; they are trying to serve the bulk of the users well.
 

Phishfry

Beastie's Twin

Reaction score: 2,747
Messages: 5,683

Relying on the "internet" being on is nearly always the right answer
Until the construction crew down the street cuts your fiber optic cable.
Then you have to explain to your customer why you can't do any work for the day.
Piss poor system management I would call it.
Sorry we can't deposit funds in the payroll account because the internet is down.

I recently questioned our IT guy why he moved our Citrix Xen Server to another company to run Xen for us.
He replied he wanted to work from home like the accountant.
120 seats and he thinks he can work from home.
IT at my workplace is a joke if you ask me. Our guy has a MSSE and has no idea what FreeBSD is.

We recently purchased a used CNC Elb Surface Grinder vintage 1998.
Who do you think had to drag their old P4 laptop with serial connection into work. Me.
I had to make a custom DB25 to DB9 cable and download all the programs and parameters from a Schleicher Promodul-F controller to update the firmware.
This kind of work is nowhere in my job title but the IT guy couldn't even read the cable pinout I provided to him.

Let me tell you the pride I got once I got everything flowing. Some people yearn to learn and some do just enough to get paid.

In closing I understand why the cloud exists. Pure laziness on the part of IT people. Instead of running a system they can pawn it off on someone else. Not my problem. That should be the new IT mantra.
 

ralphbsz

Son of Beastie

Reaction score: 2,414
Messages: 3,290

I'll give you two answers to your observation.

First, as I explained above: Most users are nearly continuously connected. And their expectation is that the system works (really well, much better than a system that uses local storage) when connected, and that it doesn't work when not connected.

Second, if you have a business-critical or life safety system, you need to think through the risks. Any company that uses the internet for payroll needs to have a backup plan for when the construction crew does cut the fiber optic cable. I don't know what the appropriate backup plan would be, that depends on the situation. It might be to use a cell phone as a temporary wireless hot spot. It might be to drive to the nearest coffee shop with a laptop, and perform payroll from there. It might be to have a second data center in another location. Another possible solution is to deliberately *NOT* rely on the network for this function, and keep the data locally. In that case, they need a backup plan for what happens when the fire sprinkler in the server room (or above the payroll person's desk) dowses the computer that has the payroll database with water. Or what happens if the construction crew finds the power cable instead of the fiber optic cable, and they can't even run their computers (because it's dark and they can't find the keyboard). Or what happens if there is a disk error or OS bug that renders the payroll database unreadable. In today's world, the danger from storing data locally is probably much higher than from keeping it offsite, although depending on the situation, local caching needs to be considered.

Now, the nature of the backup plan depends on the expected risk, the expected damage from each risk, and the cost. What works for a heart-lung machine is probably not suitable for payroll, and even that is overkill for the company-internal "fantasy football league".

Any IT organization that fails to make backup plans appropriate to the situation is not just "lazy" (I quoted the word from you), but also incompetent.
 

Phishfry

Beastie's Twin

Reaction score: 2,747
Messages: 5,683

I myself have a few Linode instances. So I would not consider myself a luddite.
What I dislike is depending on other organizations for your cloud infrastructure.
Especially considering the sensitivity of many of our business documents.
One leaked document could bring down the entire company.

The fiber line cut was a 1 in a million accident.
So with bean counters running my company they could not justify a second internet provider even though the internet is integral to our survival. It is really hard for bean counters to fathom redundancy.

I have some knowledge of risk management as an old girlfriend was employed by a large insurer to do Risk Analysis for Fortune500 companies. It is an interesting topic. Fiduciary responsibility falls on deaf ears in many organizations until challenged by disaster.
 

kpedersen

Son of Beastie

Reaction score: 2,169
Messages: 3,007

So what does this all say? Relying on the "internet" being on is nearly always the right answer.

I am not so sure they do (or at least for the right reasons). Consider in a magical world where Apple could come round every 10 minutes and store all a users data on a magical floppy disk. Would users choose the internet or Apple and its magical floppy disk?

I can guarantee that they would choose Apple all the way. Again forfeiting all their own personal security and privacy. The internet is honestly nothing more than a means to an end for the user to end up in a big corporations pocket where oddly enough, they are *both* happy :/

Proof of this is fairly simple when you see people using DropBox instead of pretty much any other personal secure remote file setup (version control, owncloud, ftp, etc). They jump straight into bed the the corporation with the "funnest" logo. Both solutions are online but following from Phishfry, the self hosted solution requires them to lift a finger and do their job properly XD.

Never thought of it quite that way, but it's always a line software crosses for me when an internet connection is required to run. Not saying I won't cross that line, but rather a demarcation. More of an "in for a penny, in for a pound". Either my stuff all runs local or it all runs remote, not a mix and mash of both.

Getting a user tied to an online resource is a strategy to "loosen" them up for further monetisation. For example Windows XP DRM / Activation service (Microsoft's first entry into an always online world). This was a big landmark in changing what Microsoft could get away with in terms of privacy and control. It got people to think "oh well, since I need the internet anyway, I don't mind if my computer can only update online instead of service pack isos". The next step is then "since updates are out of my control and I need to be online to receive them; I might as well stream Office (365) rather than download it. It is also a bit cheaper doing so".

Another important step was Apple getting a user to have to store credit card details on their account in order to access the AppStore. Yes, the user initially thought "fine but I will never use it to pay". However this soon turned into, "oh I'll just pay $1 here and now". That was a big win for Apple and it is why every company now wants a store. Taking 1 cent from everyone on the planet is certainly a worthwhile task.
 

Trihexagonal

Son of Beastie

Reaction score: 2,356
Messages: 2,977

Getting a user tied to an online resource is a strategy to "loosen" them up for further monetisation. For example Windows XP DRM / Activation service (Microsoft's first entry into an always online world). This was a big landmark in changing what Microsoft could get away with in terms of privacy and control. It got people to think "oh well, since I need the internet anyway, I don't mind if my computer can only update online instead of service pack isos". The next step is then "since updates are out of my control and I need to be online to receive them; I might as well stream Office (365) rather than download it. It is also a bit cheaper doing so".

Another important step was Apple getting a user to have to store credit card details on their account in order to access the AppStore. Yes, the user initially thought "fine but I will never use it to pay". However this soon turned into, "oh I'll just pay $1 here and now". That was a big win for Apple and it is why every company now wants a store. Taking 1 cent from everyone on the planet is certainly a worthwhile task.
Get thee behind me, Satan.

Although I do have to admire their subtlety in manipulating the masses.
 

ralphbsz

Son of Beastie

Reaction score: 2,414
Messages: 3,290

What I dislike is depending on other organizations for your cloud infrastructure.
Are you proposing to do it all yourself? Do you think you are smarter than AWS, Azure and Google Cloud?

Especially considering the sensitivity of many of our business documents.
One leaked document could bring down the entire company.
Have you ever worried about what happens with the "bad" disk that you get replaced by field service, or throw in the trash? If you care about sensitive documents, encrypt them, and think about the security of the encryption system. Once they are encrypted, you can store them anywhere you want.

The fiber line cut was a 1 in a million accident.
So with bean counters running my company they could not justify a second internet provider even though the internet is integral to our survival. It is really hard for bean counters to fathom redundancy.
In that case, you have nothing to worry about: the bean counters caused the outage by refusing the reasonable request for a second internet provider. I know that the bean counters won't believe that, and the executive might very well not believe it either. But you can't fix a sociological problem (broken bean counters) with technical means.
 

ralphbsz

Son of Beastie

Reaction score: 2,414
Messages: 3,290

Proof of this is fairly simple when you see people using DropBox instead of pretty much any other personal secure remote file setup (version control, owncloud, ftp, etc).
I actually use DropBox. Regularly upload things there, and download them from somewhere else. Works like a charm. What is uploaded is a PGP-encrypted tar file, and I have the key, and nobody else does. I will be amazed if DropBox can read it.

And any amateur who thinks they can make their system more secure than DropBox, while having the same accessibility (can get to the data from anywhere quickly) is probably wrong. If you set up distributed version control or ftp, it will probably be less secure and more hackable than DropBox is.
 

toorski

Active Member

Reaction score: 58
Messages: 163

Although I do have to admire their subtlety in manipulating the masses.
The laws of nature have nothing to do with who or what is right, wrong, good or bad. It's all about who wins, who losses, who lives and who dies!
Cyber world and artificial life are no different than so called real life in the real world. Basic rules of biology apply in both cases. Observe mass of ants or bees and think why the mass of them are willing to sacrifice their life to work for their queens. Now observe humans in the real and cyber worlds.
We are not much different from the ants or bees, other than we also have so called mind. Some of us do mind, others don't mind and the rest have no mind, so they just work for their queens or kings and worship their gods or celebrities.
 

kpedersen

Son of Beastie

Reaction score: 2,169
Messages: 3,007

And any amateur who thinks they can make their system more secure than DropBox, while having the same accessibility (can get to the data from anywhere quickly) is probably wrong. If you set up distributed version control or ftp, it will probably be less secure and more hackable than DropBox is.

I'm not sure; cloud companies like DropBox or Azure (even GitHub now since owned by Microsoft) often have breaches because they are prime targets.
I think any amateur could put a default install of FreeBSD somewhere, lock all ports apart from ssh and then run a number of services through it (i.e svn, smb, ftp) and it remaining a lot more secure than a public cloud.
If anything because no-one knows that server exists. Otherwise just having OpenSSH as the sole attack vector is pretty robust.
Assuming that a midsize company IT expert is more (or less) than an amateur, it should be even more secure; so long as they don't use stupid things like big PHP web services (which DropBox cannot do anyway).

Are you proposing to do it all yourself? Do you think you are smarter than AWS, Azure and Google Cloud?

This is the interesting thing. Individually we are not smarter than these guys. But since we aren't sneaky criminals (unlike these guys), we can provide ourselves with a more trustworthy service by design.
Yes, it likely wont be as "fast", but we do have the benefit of possibly not being screwed from all angles. With a commercial cloud service in 2019; we will always be screwed.

Although I do have to admire their subtlety in manipulating the masses.

Yes! It really is an art form ;). I remember wondering before Apple's "ecosystem"; how to make it easy for people just to flippantly give me their loose change from across the planet. Individually it wouldn't affect their life but it would make my life a lot... richer XD. The difficulty was not in getting people to not care about their small change; the difficulty was in ensuring they had enough effort to get it to me (sending a letter with the money in was far too much effort!). It had to be so easy that they wouldn't think twice about it.

I would have never thought of going a "consumption phone" route. I only ever thought of phones as improving human lives; not weaponizing them. Now people just thumb a single button because their bank details are already required to use the phone properly (basically the bait). Very clever move Apple!
 

Trihexagonal

Son of Beastie

Reaction score: 2,356
Messages: 2,977

Yes! It really is an art form ;).

It's the basis of my skills as a Professional and was professionally trained in the art. Rightly reprehensible as that may be, I'm good with it and at it.

Some of us do mind, others don't mind and the rest have no mind, so they just work for their queens or kings and worship their gods or celebrities.

As such, I know it when I see it and not easily fooled or attracted by "shiny things" in one hand while being grabbed by the other like a dumb animal.
 

forquare

Well-Known Member

Reaction score: 186
Messages: 336


Not the prettiest location, but there is the publically available file that acknowledges FreeBSD (among other parties) for macOS Mojave.
Found it via a DuckDuckGo search.

I myself have a few Linode instances. So I would not consider myself a luddite.
What I dislike is depending on other organizations for your cloud infrastructure.
Especially considering the sensitivity of many of our business documents.
One leaked document could bring down the entire company.

The fiber line cut was a 1 in a million accident.
So with bean counters running my company they could not justify a second internet provider even though the internet is integral to our survival. It is really hard for bean counters to fathom redundancy.

I have some knowledge of risk management as an old girlfriend was employed by a large insurer to do Risk Analysis for Fortune500 companies. It is an interesting topic. Fiduciary responsibility falls on deaf ears in many organizations until challenged by disaster.

I've heard of similar incidents before "The Cloud" from colleagues working a project. Data line got cut, office internet went down. All "internal" systems were unavaiable because it is housed in an office the other side of the city. Doing it themselves didn't help...
 

Barney

Active Member

Reaction score: 17
Messages: 122

That was me until I converted to FreeBSD.
I got some scary lawsuit letters for downloading torrents too. Ignored them and nothing further came from them.
Now I have washed my hands clean of that mess.

Equating commercial products you're stealing via torrents and copyright notices for free software seem different to me?
 

Barney

Active Member

Reaction score: 17
Messages: 122


Not the prettiest location, but there is the publically available file that acknowledges FreeBSD (among other parties) for macOS Mojave.
Found it via a DuckDuckGo search.



I've heard of similar incidents before "The Cloud" from colleagues working a project. Data line got cut, office internet went down. All "internal" systems were unavaiable because it is housed in an office the other side of the city. Doing it themselves didn't help...

Now just look at how long and silly that thing is. So when some dude in Latvia has a kiosk based on some OS he's supposed to display these 5500+ lines to ack every contributed piece of software on the system? It's ridiculous.
 

forquare

Well-Known Member

Reaction score: 186
Messages: 336

Now just look at how long and silly that thing is. So when some dude in Latvia has a kiosk based on some OS he's supposed to display these 5500+ lines to ack every contributed piece of software on the system? It's ridiculous.

s/display/provide

I think that'd be more accurate...
 

ralphbsz

Son of Beastie

Reaction score: 2,414
Messages: 3,290

Now just look at how long and silly that thing is. So when some dude in Latvia has a kiosk based on some OS he's supposed to display these 5500+ lines to ack every contributed piece of software on the system? It's ridiculous.
Sorry, you have a wrong strawman. There is, AFAIK, no need to display the BSD copyright. It needs to be provided with the distribution. That could be a piece of paper shipped with the kiosk before installing it. Or left in the source code, if the source code is shipped with it.

And if you look at the MacOS example, there is indeed a very long file that acknowledges all the contributed pieces of software.
 

kpedersen

Son of Beastie

Reaction score: 2,169
Messages: 3,007

Equating commercial products you're stealing via torrents and copyright notices for free software seem different to me?
If a commercial company uses some code without correctly following the license (even if it is a free license), it is still going against the license agreement.
Pirating software is also an example of going against the license agreement.

Are either examples of stealing? Debatable since no-one has lost anything. Both however can result in a lawsuit (usually just a small fine however). Some countries do not even see breaking license terms as a criminal matter.

If you are a religious man, you might even consider pirating software to be good (and the opposite of stealing). At least in the bible, sharing is very much recommended to secure a position in a place that the religious figureheads call heaven.

Either way it seems that both myself and Phishfry are at zero risk of breaking commercial license terms these days by simply choosing not to use their broken / crummy products. I imagine many on these forums are in a similar position ;)
 

Phishfry

Beastie's Twin

Reaction score: 2,747
Messages: 5,683

That could be a piece of paper shipped with the kiosk before installing it.
It could even be printed inside the physical kiosk.
What about font size. It could be printed in 4 so nobody could read it and still be legal.
What about embedding it in motherboard ROM. No one would ever see it but you are following the license.
If sued you could prove that you provided it.

None of these scenarios are desired, but consider what lawyers do. They find loopholes.
Our license is very broad and you could drive a truck through it.

Just for clarification my two legal threats actually came from torrent downloading video.
 

CraigHB

Well-Known Member

Reaction score: 130
Messages: 357

I actually got a notice from my ISP once for that (downloading something through BitTorrent), funny thing is I wasn't even downloading what they claimed I was. Something in my torrent tripped their system and created a false positive. Anyway it kind of gave me a wake up call on privacy and the internet. I always think about what I'm doing "in the clear" now.

The stuff you experienced and knowledgeable guys talk about in terms of the direction of corporations and such is above my pay grade, but it's scary to me for sure. It looks like a pretty Orwellian future in my eyes.

I wouldn't call myself a Luddite, but I don't use cloud services at all. I do everything through a laptop or desktop computer (use a phone only for text and voice). All my data is on local disks with backups. I don't see myself going the cloud route anytime soon. Hopefully I can keep it that way.
 
Top