tag:blogger.com,1999:blog-37798047.post7808137054854309382..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: Notes on open-sourcing abandoned codeDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-37798047.post-23743641637157177032017-06-21T21:23:48.783-04:002017-06-21T21:23:48.783-04:00The concept of open-sourcing abandonware looks ver...The concept of open-sourcing abandonware looks very different depending on how this question is answered.<br /><br />thank you !<br /> <br /> <br /><a href="https://www.golden-slot.com/goldenslot-mobile/" rel="nofollow">goldenslot casino</a><br /><a href="https://www.gclub-casino.com/" rel="nofollow">บาคาร่าออนไลน์</a><br /><a href="http://www.yama16.com" rel="nofollow">gclub casino</a><br /> <br />Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-3545094084568160062017-06-21T06:36:12.123-04:002017-06-21T06:36:12.123-04:00In 2002 Apple bought a company called Emagic, wich...In 2002 Apple bought a company called Emagic, wich produced MIDI devices (Unitor-8 and AMT-8) wich were used to control drum computers and synths. These devices where very popular with both Windows and Apple musicians. Less then half a year after acquisition, the Windows drivers (that went as far as WinNT) were discontinued by Apple. Despite numerous requests from the user base, no source code was ever released. Apparently that was Apple's way of saying "F.U., buy a mac". Personally I'd rather buy another $300 MIDI device than a $2,000 Mac.dramklukkelhttps://www.blogger.com/profile/16688885714285663025noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-11160033575145650592017-06-19T14:54:42.969-04:002017-06-19T14:54:42.969-04:00Does it mean that new BMW model with old engine sh...<i>Does it mean that new BMW model with old engine should make last model "abandoned" ? But they share engine...</i><br /><br />There would certainly need to be some decisions made on the topic of software versioning. MS Office 2010 is no longer sold...does that mean it's abandonware, or is it just released in a newer version now?<br />Is the product "MS Office 2010" (which could be considered abandoned) or "MS Office" (which is clearly not abandoned, and for sale today)? The same question applies to "Windows XP" vs. "Windows": Is XP abandonware, or just an outdated release of the Windows product sold today as release 10?<br /><br />The concept of open-sourcing abandonware looks very different depending on how this question is answered.VirtueAndVicehttps://www.blogger.com/profile/09808456467542851896noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-51377557602010606802017-06-19T00:01:37.390-04:002017-06-19T00:01:37.390-04:00Yes, technically, all the code is in that ZIP file...<i>Yes, technically, all the code is in that ZIP file they gave to the escrow service, but it doesn't build. Essential build steps are missing, so that source code won't compile.</i><br /><br />For the last 15 years I have worked at <a href="www.escrowtech.com" rel="nofollow">EscrowTech</a> which is a code escrow service provider. Over the years I have seen hundreds of releases of source code and been a part of hundreds of technical verifications which involves looking at the code in escrow and verifying that it will work if released.<br /><br />From those experiences, I can tell you that the majority of escrows do compile. That being said every now and then we do come across code that will not compile and we have to get input from the software developer to get going. <br /><br />I also have personally talked to at least 20 customers who after receiving code from their escrow told me how valuable the escrow was and how grateful it was in place. It literally saved their bacon and hearing their gratitude is part of the reason I continue to work for EscrowTech.<br /><br />That being said I don't think every binary should have a code escrow, however, certain software packages should. If the software deals with public safety or another critical and sensitive part of society then having a code escrow in place probably should happen. Anonymoushttps://www.blogger.com/profile/00081482224085039725noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-88941062988629718452017-06-18T11:53:24.083-04:002017-06-18T11:53:24.083-04:00Abandoned means no longer sold.
Imagine it in auto...<i>Abandoned means no longer sold.</i><br />Imagine it in automotive: Does it mean that new BMW model with old engine should make last model "abandoned" ? But they share engine...<br /><i>Code is speech</i><br />Imagine all painters should be forced to publish along with their paintings the process and tricks how they painted the picture. Just because you think "image is speech".<br /><br />Anonymoushttps://www.blogger.com/profile/15972802131630043127noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-65773357814529491552017-06-16T19:11:48.830-04:002017-06-16T19:11:48.830-04:00Compelling the opening of previously closed source...<i>Compelling the opening of previously closed source is compelled speech.</i><br /><br />But really you're only compelling them to rephrase something that they earlier spoke voluntarily. This would only apply to binaries that were publicly-distributed, not all code ever written.<br /><br /><i>When code is truly abandoned, such as when the vendor has gone out of business, chances are good they don't have the original source code anyway. Thus, in order for this policy to have any effect, you'd have to force vendors to give a third-party escrow service a copy of their code whenever they release a new version of their product.</i><br /><br />No. Abandoned means no longer sold. If the vendor is around to release the source, they must. If they are not, so be it. Compelling source code escrow for every binary ever released is silly.<br /><br /><i> Yes, technically, all the code is in that ZIP file they gave to the escrow service, but it doesn't build.</i><br />Again, so be it. Reasonable people just ask for the one thing companies are sure to have, the source code. Not some kind of perpetual support service to ensure that the source code can be built on future hardware and operating systems.<br /><br />I don't see it as some moral right to keep the source code of software secret when you've published the binary for profit, and have then subsequently abandoned doing so. I see where you are coming from with the concept of a "Patched Windows XP" becoming a perpetual viable competitor for newer versions of Windows, but this has to be something approaching a unique case--the vast majority of abandonware is just that.VirtueAndVicehttps://www.blogger.com/profile/09808456467542851896noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-29382463623745557272017-06-15T02:19:55.450-04:002017-06-15T02:19:55.450-04:00Granted it would not be good to have a law to forc...Granted it would not be good to have a law to force vendors to publish their sources. Nonetheless, it is a good thing to compel them to do so, voluntarily.<br />pjbhttps://www.blogger.com/profile/09065388232282458321noreply@blogger.com