LWN: Comments on "Linux Mint downloads (briefly) compromised"

Linux Mint downloads (briefly) compromised

paulj — Mon, 07 Mar 2016 12:28:43 +0000

Your wife having issues because of some medical errors with painkillers is _not_ a good reason to become an anti-vaccer, is _not_ a good reason to start saying Wakefield should be looked on favourably (seriously, he was an utter charlatan; worse, a charlatan who did lumbar punctures on children for no justifiable reason).

Linux Mint downloads (briefly) compromised

anselm — Wed, 02 Mar 2016 07:46:13 +0000

you are ignoring one factor. how many people catch measles vs how many you are vaccinating.

Measles have a contagiousness index of 0.98, which means that if you're unvaccinated and exposed to the virus you're virtually certain to be infected. (The highest possible value would be 1, which means that everybody who is exposed is infected.) Not everybody who is infected with something actually shows symptoms – the “manifestation index” specifies how many people who are infected do exhibit the symptoms, and in the case of measles this is around 0.95.

So obviously the thing to do is to avoid being exposed to the measles virus in the first place, which is why vaccination against measles is so important. If most people in a community are vaccinated against measles, the resulting “herd immunity” means that the measles virus can't obtain a foothold, and this protects even those people who can't be vaccinated because they are too young (you have to be 1 year old or so to be vaccinated) or their immune system doesn't work as it should. Anti-vaxers can often get away with not vaccinating by hitching a free ride on herd immunity, and that creates the illusion that “I don't need to vaccinate because in reality nobody actually ever gets measles, it's all a scam by Big Pharma”. This goes wrong when there are too many anti-vaxers bunched together. For example, here in Germany measles outbreaks, if they occur, often occur in and around Steiner schools, where anti-vax is a big thing and there is no herd immunity.

The reason we don't see many measles cases in the Western world these days is that widespread vaccination has pushed the disease way back compared to, say, 50 years ago. The measles virus has no non-human host so in theory it would be possible to eradicate it completely like the smallpox virus or (almost) the polio virus, but we're not quite there yet; the fact that it is so contagious doesn't make things easier, either.

If you have something that one in 10,000 people catch, and the vaccination has a problem 1 in 1000 times, it is a net loss, even if the disease is 100% fatal if someone gets it without the vaccination.

One disease which is almost similar to what you're describing is rabies, which is why we don't vaccinate everybody against rabies on the off-chance. Rabies is pretty rare in most places, but there is no cure – if you do catch it you're practically certain to die from it. The rabies vaccination isn't problematic in the way you describe, but it is a very unpleasant experience (though way less unpleasant than the disease itself, and it does have the considerable advantage that in the vast majority of cases it won't kill you like rabies does). Fortunately you can still get vaccinated against rabies after you're exposed to the virus but before you start exhibiting symptoms, so that is the usual approach.

Linux Mint downloads (briefly) compromised

paulj — Wed, 02 Mar 2016 02:40:59 +0000

I've no idea about the person you know, but it is true that some vaccines can have side-effects.

However, that has no bearing on the fact that Wakefield's research was dishonest, manipulated and did not show any link of MMR to autism. Further, his experiments were also highly unethical in subjecting *children* to non-negligible spinal injury risks by carrying out *wholly unnecessary* lumbar puncture procedures.

Just cause you know someone who had some (I assume) unrelated bad experience with vaccines is most definitely not a good reason to start looking favourably on Wakefield or his work.

Again: Wakefield's "MMR causes autism" studies were *complete bull-crap*, and highly dangerous bull-crap.

Linux Mint downloads (briefly) compromised

raven667 — Wed, 02 Mar 2016 02:11:46 +0000

>if there is a vaccination for a disease that has a low activity rate in the general public, then a vaccination for that disease could very well be more dangerous than the disease is overall.

This maybe a misunderstanding of the relevant statistics or of cause and effect, firstly a vaccine which causes more problems than it solves is not useful and so is not done in the legitimate medical field, but specifically to this case the reason that common diseases we vaccinate for are rare is _because_ we vaccinate for them, to the point of taking many diseases out of common circulation because there is not a critical mass of infectable hosts to sustain the disease organism population. Your hypothetical doesn't model anything in reality and is not useful.

Linux Mint downloads (briefly) compromised

mjg59 — Wed, 02 Mar 2016 02:09:30 +0000

That's… really not how infectious diseases work.

Linux Mint downloads (briefly) compromised

dlang — Wed, 02 Mar 2016 00:49:32 +0000

detail, you are ignoring one factor. how many people catch measles vs how many you are vaccinating.

if there is a vaccination for a disease that has a low activity rate in the general public, then a vaccination for that disease could very well be more dangerous than the disease is overall.

If you have something that one in 10,000 people catch, and the vaccination has a problem 1 in 1000 times, it is a net loss, even if the disease is 100% fatal if someone gets it without the vaccination.

Now, there aren't that many diseases that fall in this category, but if you are going to be arguing the risk statistics, you need to include this or you are in the statistics end of "lies, Damn Lies, and Statistics'

Linux Mint downloads (briefly) compromised

Cyberax — Tue, 01 Mar 2016 18:47:19 +0000

> Unfortunately, I get the impression that Cyberax is very insular and thinks "everyone does it the American way".
Nope. I'm not even an American.

However, there's nothing gray about vaccines - it's completely black and white. You should always get vaccinated against common diseases in the absence of clear direct contraindications (allergy to components of vaccines, weakened immune systems due to HIV/cancer/...).

Other medical procedures and medications are more complicated (painkillers, antidepressants, ADHD drugs) and there absolutely is a lot of potential for medical mistakes. Not so with vaccines.

Linux Mint downloads (briefly) compromised

nix — Tue, 01 Mar 2016 16:46:08 +0000

Oh, painkillers are really dangerous -- but, of course, so is pain. Both can and do kill.

And this has nothing whatsoever to do with vaccines. My twin brother died because of pretty staggering levels of medical incompetence, but that doesn't mean I think vaccines are bad or even that doctors are evil or covering anything up: I just think that doctors should go back for retraining every so often (the doctor who accidentally killed my brother at birth through failing to notice that he existed was almost forty years out of training and probably still believed in the leech cure). Mind you it is fairly hard to cover up dead people, except literally.

Linux Mint downloads (briefly) compromised

Wol — Tue, 01 Mar 2016 10:42:29 +0000

> To be fair, he never said that his wife's problems had anything to do with vaccination. Even with modern (science-based) medicine, stuff sometimes Goes Wrong, and that can of course be devastating to the people concerned.

It was painkillers, actually. And now she can't walk without sticks, or walk very far ...

> It's probably a good idea not to put too much blind faith in what a medical doctor tells you – second opinions are generally available –

: -) Including using your own common sense. But the painkiller incident was lack of experience (by a very well-respected Doctor!), and all too often this does boil down to experience or lack thereof. The more I experience of the system, the more I see its failings in sharing experiences ... :-(

> but if you consider the alternatives to modern science-based medicine you will quickly find out that there really aren't any that on the whole are anything near as successful.

Which is why I repeatedly stress that I'm in favour of this stuff. I just come across far too much evidence of dishonest (typically American sharp) practice. Unfortunately, I get the impression that Cyberax is very insular and thinks "everyone does it the American way". THEY DON'T.

We have a major advantage over here in that health care is free. If it wasn't, we'd probably be destitute trying to pay for my wife's care. But that has the side effect that when things go wrong, we get "the linux warranty attitude". In other words, they'll refund us what we paid for it - nothing. But if it's cost you your job, your health, etc etc that's a pretty appalling attitude. And sadly, it is NORMAL over here. Too many people (including Cyberax) take the "I'm all right, Jack" attitude. Until it happens to them. And then they scream and say "why isn't anybody doing anything!?!?". Well, I'm trying to do something, because it's happened to us, but it's hard work against the megaphone of "I'm all right".

Cheers,
Wol

Linux Mint downloads (briefly) compromised

anselm — Tue, 01 Mar 2016 08:29:20 +0000

To be fair, he never said that his wife's problems had anything to do with vaccination. Even with modern (science-based) medicine, stuff sometimes Goes Wrong, and that can of course be devastating to the people concerned. It's probably a good idea not to put too much blind faith in what a medical doctor tells you – second opinions are generally available – but if you consider the alternatives to modern science-based medicine you will quickly find out that there really aren't any that on the whole are anything near as successful.

As far as adverse vaccine side effects are concerned, there may be some underreporting going on but personally I don't think that this happens enough to make a significant dent in the risk/benefit ratio (as I said in my other message, a 3.5-order-of-magnitude difference in fatality rates is hard to beat). When you're talking about adverse vaccine side effects, it's also worth remembering that pretty much anything bad that happens to you after a vaccination may be (and often is) written up as an adverse side effect. There doesn't have to be an obvious cause-effect relationship. In principle, if you step out of the doctor's office after your vaccination and get hit by a car in the road, that can go into the database as an adverse side effect of your vaccination.

Finally, different countries operate their own separate tracking systems for adverse vaccine reactions. Since these all agree that the risks of vaccination are vanishingly small, there must be a global conspiracy going on where doctors and public-health organisations everywhere collude in playing down vaccination side effects, and that becomes progressively more unlikely the bigger the conspiracy needs to be.

So, people, get vaccinated. It's really quite safe and it helps protect you and the people around you from all sorts of nasty, debilitating, and possibly lethal diseases, including nasty diseases that we don't know how to make better once you actually have them.

Linux Mint downloads (briefly) compromised

Cyberax — Tue, 01 Mar 2016 02:15:48 +0000

> My point was that reports of bad reactions to vaccines (and, presumably, other medicines) GET SUPPRESSED!!!
No, they're not. At least in the US they are registered centrally: https://vaers.hhs.gov/data/index - it's even available for download. And the reporting is _mandatory_ for doctors.

> Again, I have PERSONAL EXPERIENCE of this - my wife (imho) has been injured by a medical mistake.
Sorry, nope. I don't believe you or your wife. Vaccines are extremely safe unless you have a direct allergy to one of the components.

Pretty much the only medical mistake is NOT getting a vaccine absent clear contraindications.

Linux Mint downloads (briefly) compromised

anselm — Tue, 01 Mar 2016 02:01:19 +0000

Of course there are risks associated with vaccination. No reasonable person disputes that. There are risks associated with everything. Crossing the street is risky. However, as you correctly state, the risks associated with vaccination are very, very low and the benefits are huge, which makes vaccination worth doing on the whole.

Even if you are right and adverse effects from vaccinations are underreported by, say, a factor of 10 (i.e., only 1 out of 10 cases is actually reported and 9 cases are suppressed through negligence or malice), you're still statistically way more likely to become severely disabled or even die from some disease like measles than to become severely disabled or die from the vaccination. For measles, the fatality rate in Western countries is something like 0.3%, or 3 cases out of 1000, while the fatality rate from measles vaccinations is considerably less than 3 cases out of 1,000,000. That's more than three orders of magnitude right there, so even if – hypothetically – only 1 out of 100 adverse reactions was being reported and the other 99 suppressed, measles vaccination would still end up being a good idea by a comfortable margin. Widespread vaccination programmes have brought world-wide measles fatalities down from an estimated 2.6 million deaths per year in 1980 to around 100,000 in 2015.

Measles are very, very contagious. You can of course rely on “herd immunity” (i.e., the fact that almost everyone around you is vaccinated) and hope that you'll get away with not being vaccinated yourself because the measles virus will never get near you, but if enough people around you think the same thing, herd immunity will break down, measles outbreaks can happen – thanks to anti-vaxers this occurs a lot more often than it used to –, and eventually people will die. Herd immunity is important because there are people who cannot be vaccinated even if they wanted to, and it is up to the rest of us to protect them.

Linux Mint downloads (briefly) compromised

Wol — Tue, 01 Mar 2016 01:22:50 +0000

> That's not correct.

So you're telling me my personal experiences are fake?

Anyway, who gives a **** about a court and compensation (and what happens in reality probably isn't as nice as you'd like to think).

My point was that reports of bad reactions to vaccines (and, presumably, other medicines) GET SUPPRESSED!!! Some doctors are good, and will fill in a yellow card as a matter of course. Unfortunately, many doctors will not, and have to be forced to. Which many patients are not prepared to do!!! So the *evidence* that vaccines are safe is seriously compromised :-(

What you say is nice in theory. The reality is, it probably doesn't work that well in practice - many people do not get (often, do not WANT) compensation. And don't have the energy to fight the system, anyway.

Again, I have PERSONAL EXPERIENCE of this - my wife (imho) has been injured by a medical mistake. We don't want compensation - we just wish it had never happened. And, as so often is the case, it's only in hindsight that we realised what had happened.

Cheers,
Wol

Linux Mint downloads (briefly) compromised

Wol — Tue, 01 Mar 2016 01:14:16 +0000

> The thing is, there shouldn't *be* sides to be on. This is scientific research we're talking about - either the published research was supported by the evidence it presented, or it was not.

The reverse is also true - the evidence should be credible and reliable.

If you read what I said, I have personal proof that the evidence is not credible :-(

There is a "yellow card" system for reporting drug reactions etc. If you have proof that yellow cards *are being suppressed*, then you have no alternative but to conclude that the evidence vaccines are safe is not credible :-(

The worst case I've heard of is official statements that "there is no evidence that this vaccine is dangerous". It only took a few weeks ferreting by journalists to find the following case:

A lad went to the doctors for the vaccine. After the vaccine, he went home and went to bed. Four weeks later, he died, having never left his bed. His death was not officially linked to the vaccine, because of a directive issued to doctors, that said any events after three weeks could not be related.

Hang on? Of course you have no evidence that the vaccine has actually caused fatalities, because you've banned the recording of the evidence!!!

Or the girl that walked into the doctors for a (I believe rubella) vaccination, and left in a wheelchair. I don't believe she ever walked again, but it took a massive fight by her parents to force the doctors to report it.

As I said before, don't get me wrong, I do believe the benefits of vaccination massively outweigh the risks. But by refusing to accept that there ARE risks, we are actually doing ourselves a massive dis-service.

My wife is chronically ill. I'm exposed to health issues constantly. And I wanted to be doctor (never made it into medical school) so I'm personally very interested in this stuff...

Cheers,
Wol

Linux Mint downloads (briefly) compromised

nye — Mon, 29 Feb 2016 13:20:29 +0000

>Which is why I referred to Stacker. I think that was widely recognised as a pretty blatant steal

So the story goes like this:

MS wanted transparent compression in MSDOS, because some of their competitors had it. One of the leading third party utilities was Stacker, and MS spent some time negotiating for it with Stac Electronics, but were unable to reach an agreement; instead, they bought an alternative from one of Stac's competitors and incorporated that into MSDOS.

Subsequently, Stac sued MS for violating the following two patents: http://www.google.co.uk/patents/US5016009, http://www.google.co.uk/patents/US4701745. They eventually settled for about $80 million. Whether you consider this a 'blatant steal' is going to depend on whether you believe in the validity of software patents in general, and these two patents in particular; reasonable people could hold different opinions on this question.

Microsoft at that point in time was pretty much the poster child for 'big evil corporation', so it's easy to believe that there was some seriously underhand stuff going on here, but there's not really any information publicly available to support that.

Linux Mint downloads (briefly) compromised

Cyberax — Fri, 26 Feb 2016 23:15:18 +0000

That's not correct. US has a vaccine court ( https://en.wikipedia.org/wiki/Vaccine_court ) which routinely awards compensations for vaccine side effects (even when there's no clear causal relationship).

UK has something similar: https://www.gov.uk/vaccine-damage-payment/overview

Linux Mint downloads (briefly) compromised

anselm — Fri, 26 Feb 2016 20:53:42 +0000

It is necessary to balance the risk of serious vaccine side effects (which is very, very low – 1 in hundreds of thousands of vaccinations or less, and that's counting all sorts of things that don't have a clear causal relationship to the actual vaccination) against the risk incurred by not vaccinating, which is way higher, especially in communities where there is insufficient “herd immunity” because there are too many anti-vaxers. The problem is that by not having yourself or your kids vaccinated, you're endangering people who cannot be vaccinated at all because they're too young or immunocompromised and have to rely on herd immunity to ensure that infectious diseases (like measles or polio) don't come near them.

We see this in real life with the recent measles outbreaks in the US or Germany. Here in Germany, these usually take place in or around Steiner schools, where parents tend to be against vaccination. Anti-vaxers often claim measles are just a harmless childhood disease, but in fact measles (or complications from measles) can severely disable or kill you and that happens far more often than any sort of serious vaccine side effect. More than 300 people worldwide die of measles per day (115000 deaths in 2014, according to the WHO), usually in places where there are no vaccination programs. Even in Germany, at least one child died recently during a measles outbreak, and it is overwhelmingly likely that this could have been prevented by vaccination.

There is a certain risk to vaccination but the risk/benefit ratio is so clearly in favour of this very important public-health measure that scaring people away from it is disingenuous. In fact, people who think vaccination is too risky should never use a car, bus, or bicycle, because the risk of getting seriously injured or killed in a traffic accident is orders of magnitude greater, even if you believe that serious vaccine side effects are consistently underreported.

Linux Mint downloads (briefly) compromised

Wol — Fri, 26 Feb 2016 20:01:32 +0000

> Pretty much the sole reason why there are anti-vaccine activists in the Western world at all

Or, like me, they've seen the bad side of vaccines at first hand, and also experienced the reports being swept under the carpet and ignored ... :-(

Cheers,
Wol

Linux Mint downloads (briefly) compromised

anselm — Fri, 26 Feb 2016 09:27:25 +0000

I am afraid I am personally disposed to being on Mr Wakefield's side ...

The problem with Wakefield isn't that he said vaccines are dangerous. The problem with Wakefield is that he was out to discredit the popular measles-mumps-rubella (MMR) combination vaccine because he had a financial stake in a measles-only vaccine (so Wakefield wasn't actually “anti-vaccine” at all). He basically made up some data to support his claim that the MMR vaccine causes autism, which according to the overwhelming scientific consensus, based on numerous large studies from various places around the world, is complete and utter BS. Being “on Mr Wakefield's side” is basically being on the side of crookery and scientific fraud.

Sometimes – very occasionally – people do react very badly to vaccines. This does not detract from the fact that vaccination is the #1 public-health intervention in terms of lives saved all over the world. Pretty much the sole reason why there are anti-vaccine activists in the Western world at all is that vaccines have helped us eradicate or push back terrible diseases such as smallpox, polio, diphtheria, measles, or pertussis to a point where people aren't confronted with them any longer on a daily basis, so they have no mental picture of exactly how terrible these diseases are.

Linux Mint downloads (briefly) compromised

BlueLightning — Thu, 25 Feb 2016 21:18:50 +0000

The thing is, there shouldn't *be* sides to be on. This is scientific research we're talking about - either the published research was supported by the evidence it presented, or it was not. It seems like in that case it wasn't, and the result was that many people were scared away from beneficial vaccination to the measurable detriment of their children's health.

Linux Mint downloads (briefly) compromised

Wol — Thu, 25 Feb 2016 19:39:09 +0000

Ummm ...

As someone who knows personally, someone who was seriously hurt by a vaccine that then got swept under the carpet, I'm afraid I don't agree that Andrew Wakefield was scaremongering. VACCINES ARE DANGEROUS and imho there is a concerted campaign of lying to make us believe they are safer than they are.

Note - I am most emphatically NOT saying vaccines are a bad thing - I think the advantages massively outweigh the disadvantages but, as I said, having had *PERSONAL* experience of the statistics being "fudged", and in the OPPOSITE direction to the one you state, I am afraid I am personally disposed to being on Mr Wakefield's side ...

Cheers,
Wol

Linux Mint downloads (briefly) compromised

Wol — Thu, 25 Feb 2016 19:32:44 +0000

Which is why I referred to Stacker. I think that was widely recognised as a pretty blatant steal ...

Cheers,
Wol

OpenBSD signify

pabs — Thu, 25 Feb 2016 13:05:44 +0000

Are there any HTTP user-agents that support checking these MirrorBrain HTTP Digest headers?

Linux Mint downloads (briefly) compromised

job — Thu, 25 Feb 2016 12:23:41 +0000

If Ubuntu is a distribution, and Linux Mint took it, added their packages, and re-distributed it under their own branding, how is Linux Mint *not* a distribution?

Well, that was perhaps harshly put, but isn't there a difference between redistribution and forking? If you don't even re-build the packages you're just redistributing. From the comments here it seems like the Mint people generally do more of the latter than the former.

Again, I think you're underestimating how far Linux Mint has diverged since their fork. There are many more differences between Linux Mint & Ubuntu or Debian than just the installer & desktop environment

I probably am. I really don't understand why they created a distribution (pseudo- or not) around their desktop environment. It seems like a strange decision from the outside, as they clearly don't have enough resources for even the most basic distribution work, such as keeping track of security issues.

What is it that Linux Mint does differently than Ubuntu or Debian? What were the reasons behind this decision? Again, I don't want to criticize anyone's hobby, but there is a limit when end users at put at risk.

Linux Mint downloads (briefly) compromised

job — Thu, 25 Feb 2016 12:07:06 +0000

If we are to learn anything from that, I think it is that process is no substitute for competence.

Linux Mint downloads (briefly) compromised

zuki — Thu, 25 Feb 2016 03:52:03 +0000

You're right, the checksum needs to be verified independently through a signature.

Fortunately this is also provided. Fedora ISOs are accompanied by a GPG-signed CHECKSUM file (see https://download.fedoraproject.org/pub/fedora/linux/relea...).

Linux Mint downloads (briefly) compromised

viro — Thu, 25 Feb 2016 01:21:13 +0000

Grab a barfbag and google for "Andrew Wakefield". Short version: bastard known for, er, creative interpretation of the data. With much more unpleasant results, at that - nothing ESR has done comes anywhere near the mess that waste of oxygen has helped to create. The worst you get from fetchmail is a break-in; I sincerely doubt that it has led to non-trivial body count. Helping to engineer a serious increase of measles cases, OTOH...

As for C&B... Basically, it goes like this:

Linux development process violates <list of rules>. Normally one would expect that to lead to disastrous mess. Somehow it doesn't. Hypothesis: such-and-such technics used in said development process are sufficient to prevent an otherwise expected degradation. The author has set a project to test the hypothesis above, using those technics and violating the same list of rules. Result of experiment confirms the hypothesis.

The only problem is that his experiment *has* yielded a disastrous mess. If anything, it argues against his hypothesis. Claiming it as a confirmation is fraud, plain and simple. Waving that piece of crap for years and promoting it as major contribution to software engineering takes quite a bit of chutzpah...

Linux Mint downloads (briefly) compromised

Wol — Thu, 25 Feb 2016 00:34:16 +0000

I just wish some patent holder WOULD be daft enough to take a distro to court.

Then hopefully, we would get ALL software patents overturned at a stroke. The problem is, American companies are quite happy to use the *threat* of a lawsuit as a weapon.

But if someone did take Mint to court, I hope all the Free Software bods out there, and a lot of others as well, would all pile in and prove the point "It's Maths, it's a Computer Program, both SCOTUS and the EU Patent Treaty say it is not patentable material".

At the end of the day, it's a case of how much moral fibre you have. Do you cave in to baseless threats? And as far as patents go, ALL threats are BASELESS.

Yes I know - the problem is "can you afford the cost of proving it?".

Cheers,
Wol

Linux Mint downloads (briefly) compromised

Wol — Thu, 25 Feb 2016 00:28:30 +0000

I have, admittedly long ago. And I've heard an awful lot about it - both pluses and minuses. And as a *psychology* paper, I think it has some insights. Mind you, some things take on a life of their own, and I think this has.

NB. What on earth do you mean by a "Wakefield"? Oddly enough, I was in Wakefield House at school, and my daughter now lives in Wakefield, and I don't have a clue what you mean by it ...

Cheers,
Wol

Linux Mint downloads (briefly) compromised

pizza — Wed, 24 Feb 2016 21:46:41 +0000

> How was it that MicroSoft grew in the early days? Steal IP, bankrupt the competitor, then buy them out for cents on the dollar to forestall any legal issues?

No, MS didn't have to resort to stealing -- instead they didn't use copy protection and turned a blind eye to piracy, but only long enough to put their (generally smaller) competitors out of business.

Linux Mint downloads (briefly) compromised

pizza — Wed, 24 Feb 2016 21:43:50 +0000

See, you're arguing from principle, which is fine, but it doesn't have much to do with the legal reality. Patents, once granted, are presumed to be valid. And there's a whole lot of patents covering current codecs. For example, here is the list of the patents in the MPEG-LA AVC (ie mpeg4) patent pool, as of Jan 16 2016.

http://www.mpegla.com/main/programs/AVC/Documents/avc-att...

Just going on the European country codes I recognize, I see Germany, Spain, UK, Italy, Denmark, Poland, the Netherlands, and yes, even France. And that's only eight pages into a 94-page document.

If the Linux Mint folks are based in any of the countries on that list, they're exposing themselves to ruinously expensive risks should any of the patent holders decide to make an example of 'em. (It's not the actual damages so much as the cost of defending themselves)

Linux Mint downloads (briefly) compromised

viro — Wed, 24 Feb 2016 21:21:54 +0000

Have you actually read that pile of intellectual off^H^Hutput? C&B, that is. Read it as a scientific paper it tries to imitate, then look at the actual results of the experiment the author had set to test his hypothesis and had the gall to claim as its confirmation. Andy sodding Wakefield would've been proud...

Linux Mint downloads (briefly) compromised

Wol — Wed, 24 Feb 2016 21:01:46 +0000

> The fact Mint is blatantly violating copyright and patent laws is in the name of expediency is not something that should be lauded. (And that it's arguably necessary in order to compete is downright shameful, but that's another topic..)

Bear in mind it sounds to me like Mint is French. Certainly the name of the chief developer suggests it.

In which case, they CAN NOT be violating European patent law.

Aiui, they also CAN NOT be violating US SCOTUS precedent on patent law.

The fact that the patent lobby would have us believe otherwise, and want to enforce their illegally granted patents against us, is part of the tragedy.

(Hint - if it fits on a CD, then it's Maths. Maths is unpatentable in the US. If it's Maths, then it is also a Computer Program. Besides maths being unpatentable in the EU, Computer Programs are *explicitly* unpatentable, too.)

Cheers,
Wol

Linux Mint downloads (briefly) compromised

Wol — Wed, 24 Feb 2016 20:53:38 +0000

> I don't disagree and perhaps non-developers shouldn't speak up on LWN

If non-developers don't speak up, then how are developers going to hear their voice?

"The Cathedral and the Bazaar" was written to compare the linux Bazaar with the FSF GCC Cathedral. GCC was developed in a closed echo chamber, which is why we got EGCS (or whatever it was called). And Xemacs, and probably a fair few other things as well.

We don't want Linux to move into an empty Cathedral - they do make lovely echo chambers :-)

Cheers,
Wol

Linux Mint downloads (briefly) compromised

Wol — Wed, 24 Feb 2016 20:49:38 +0000

> Chances are that Microsoft has some licensing problems too, but I simply assume that Windows is a fully legal alternative.

How was it that MicroSoft grew in the early days? Steal IP, bankrupt the competitor, then buy them out for cents on the dollar to forestall any legal issues?

Case in point - disk compression (was the company Stacker?)

Cheers,
Wol

Linux Mint downloads (briefly) compromised

anselm — Wed, 24 Feb 2016 17:32:54 +0000

It's really simple. If your distribution is not the popular one, then you are not doing some things the way end users want them done.

End users would probably like all sorts of things that are not within the power of a Linux distribution to provide. I'm pretty sure many end users would greatly enjoy a Linux distribution that came with a free copy of Microsoft Word (running under WINE or something) but not even Linux Mint goes there.

When you make a Linux distribution, you have the basic choice between producing something that obeys applicable laws and therefore must, sadly, omit some stuff that many users would really like to have but that can't be freely distributed, and producing something that includes the stuff in question but ignores the legal issues around it. So far, Linux Mint seems to have successfully evaded the attention of those entities that sue people for distributing stuff they're not supposed to distribute, but that may only be due to the fact that there isn't much point in suing the Linux Mint guys – they don't have the sort of money in the bank that would make suing them worthwhile. This is an option that the bigger outfits like Red Hat, Novell, Ubuntu, or even Debian don't have, so they prefer to obey the law when they have to. It also puts a practical limit on the size that an operation like Linux Mint can attain in its present form, because once they get big enough, money-wise, to become a worthwhile target they will have to rethink how they do things, or the owners of the stuff that they're ripping off today will come for them after all.

Linux Mint downloads (briefly) compromised

pizza — Wed, 24 Feb 2016 17:02:58 +0000

Oh, no worries, you are of course free to make your own choices, and Mint certainly provides a better out-of-the-box experience for many use cases.

But I think it's fair to point out they're accomplishing some of that by ignoring the law and hoping that organizations that like to wield big legal cudgels fail to notice.

Linux Mint downloads (briefly) compromised

pizza — Wed, 24 Feb 2016 16:53:37 +0000

The problem is that even presenting "user choice" has been successfully argued as "inducement" in the US, where RedHat is based. That's why RHEL or Fedora won't provide a one-click option or even instructions for end-users to install the stuff themselves. (Except for that whole codec-buddy thing which pointed people at places where they could legally purchase codecs for use..)

This situation didn't come about because RH or Debian is hostile to (or doesn't care about) end-users, it's because their lawyers say that bundling patent-encumbered codecs so would open themselves up to massive, massive liability should the (extremely litigious) patent holders decide to go after them.

(It's not a matter of right/wrong, morality, or ethics. It's a matter of legality..)

But for Fedora and RHEL at least, a simple google search will provide the instructions to enable the third-party repositories and the packages to install. IIRC Debian has a similar method. I can't comment about OpenSuse, as I've never so much as looked at it.

Linux Mint downloads (briefly) compromised

sneex — Wed, 24 Feb 2016 16:26:20 +0000

PS -- I am way too busy to argue about Mint or Debians facilities (or lack thereof) -- NO distro is without sin in my eyes -- so I am done. Sorry I gave anyone the impression I cared - 'cause I don't ... I am using what I like when I like it and the world can burn if it hates that I am not an X end-user :)

Linux Mint downloads (briefly) compromised

sneex — Wed, 24 Feb 2016 16:22:22 +0000

Pretty sure when I got Mint up and running for my Wife it was 'still end-users choice' - IE; not enabled by default but a damn sight easier than Debian or Debians riff off brethren (who, cough cough Ubuntu, shall remain nameless)... so, it that regard it's like torrenting - making a link possible isn't the act of doing it themselves...

As I stated earlier in this portion of the thread even OpenSuse is easier than Debian or RHEL ... now I suppose you will say they are also in violation?