LXer Feature: 26-Nov-2009Here's a quick blog, because I'm really in hurry, so please forgive any mistakes.
Microsoft worked together with Apple to bring Silverlight video to the iPhone. What this solution basically does is take a video at the server side, cut it in parts and convert the parts to separate H.264 streams. Then stream those files to end users with IIS Media services. These have .ts extensions, a format mplayer understands.
CentOS has updated kdelibs (C4: arbitrary code execution).
Debian has updated libvorbis (arbitrary code execution).
Fedora has updated php-pear-Net-Ping (F10, F11, F12: arbitrary code execution) and php-pear-Net-Traceroute (F10, F11, F12: arbitrary code execution).
Gentoo has updated uw-imap (multiple vulnerabilities), dstat (arbitrary code execution), and wireshark (multiple vulnerabilities).
Red Hat has updated kdelibs (RHEL 4 & 5: arbitrary code execution).
rPath has updated httpd, mod_ssl (rPath 1, rPath 2: man-in-the-middle/SSL injection) and sun-jdk, sun-jre (multiple vulnerabilities).
Computing’s greatest accomplishment of this decade will likely go unremarked in the popular press.
I call it the “death of the black box EULA.” (Picture from the blog Fortunes Pawn Luncheonette, December 2007.)
Free software wounded it in the early 1990s. The Internet stabbed it again. But it was open source, in this decade, that struck the fatal blow.
Users under 25 may be unaware of what I am talking about. Let me explain how the scam worked.
The black box EULA is descended from licenses IBM wrote in the 1950s, when computers filled great rooms and the value of calculating, say, the pay-outs for a horse race were worth a fortune.
Software was unstable then, even more so than now, and without the EULA companies like IBM might have been sued out of business by angry customers. The computer revolution may never have happened without the black box EULA.
Companies like Microsoft brought the black box EULA into the 1990s intact. Even though PCs were very reliable, even though software storage had become stable, and even though the creation of software was no longer a black art, the black box EULA remained.
The black box EULA made Bill Gates a billionaire 50 times over. It made many other people wealthy too, rich beyond their wildest schemes.
But the black box EULA was always hopelessly one-sided. It was unfair to customers. And lawyers could provide no help — they had written the black box EULA and were sworn to uphold it.
So folks like Richard Stallman struck a blow against wealth and said software should be free. Not only free but visible so you could see it, smell it, kiss it, touch it. Fix it, improve it. And they wrote their own license, which they dubbed copyleft.
The war against the black box EULA was on.
The free software folks won applause, but the people who needed complex black boxes were skeptical. They knew you couldn’t just give stuff away, that software writers need to eat, too. Even if Linus Torvalds was happy with hamburger while the customers ate steak, a way was needed to get him a hamburger. And a beer.
This is what I have now spent a half-decade covering. Open source is a transformation enabled by the Internet, born of righteous indignation, and driven home by hard-headed businessmen and women on both sides of major transactions.
So now you have an alternative to the black box. The makers of black boxes know they can’t hold customers to their EULAs forever. They have to compete with free. The eye of Gates has fallen. The age of men has begun.
The black box is now encased in plastic and steel. You can return an iPhone to the store. The EULAs are still there, and they retain their legal weight, but they no longer control the market.
It’s a good time, at the end of the first decade of the 21st century, to look back from these heights and see what has been accomplished.
The black box EULA no longer has the power to cloud mens’ minds. It is dead as a controlling force in the software world. You can open the box, see what’s inside. You are free to tinker with it, to freely connect with it, and you no longer think of it as a black box that holds all light, but as a physical product, with a warranty.
There are obligations on both sides. It’s a fairer and more just software world. It’s worth celebrating this Thanksgiving.
Happy Turkey Day.
Fedora has updated asterisk (F11, F10: cross-site ajax requests), snort (F11, F10: denial of service), bugzilla (F12: information leak).
SUSE has updated cups, jetty5, libqt4/dbus-1-qt, opera, puretls/jessie, kdegraphics3-pdf, qemu (various issues).
Ubuntu has updated libvorbis (arbitrary code execution).