Re: [debian-knoppix] Open accounting and Open source

To: debian-knoppix@linuxtag.org
Subject: Re: [debian-knoppix] Open accounting and Open source
From: Gilles Pelletier <gilpel@altern.org>
Date: Mon, 28 Apr 2003 16:27:33 -0400
Message-id: <[🔎] 200304281627.33703.gilpel@altern.org>
In-reply-to: <[🔎] 20030428050814.GX998@linuxtag.org>
References: <[🔎] 200304270023.28382.gipe@videotron.ca> <[🔎] 200304272239.14643.gilpel@altern.org> <[🔎] 20030428050814.GX998@linuxtag.org>

On April 28, 2003 01:08 am, you wrote:
> On Mon, Apr 28, 2003 at 12:13:28AM -0400, Gilles Pelletier wrote:
> > > Issues I have never seen addressed in any other forum... I like
> > > Knoppix even more now and I haven't even burnt the current ISO
> > > to CD yet !
> >
> > Wait till you do. You're in for a surprise.
>
> Realy? Did I miss an error?

:) I meant "in for a stupendous surprise". I find you're doing a 
wonderful job at maintaining your distro. You're really conciencious, 
attentive to all the little details that Volkerding, for instance, 
considers better left to his users for their "learning enjoyment" :)

But I sometimes wonders if this eagerness can last for 10, 20 years. 
Maybe it would be a good thing to have some kind of light-weight 
non-obstrusive structure in place.

> > As knoppixfr.org and knoppix.net were already online, Klaus
> > decided to register knoppix.com (Maybe .org would have been more
> > appropriate?)
>
> Er... I did not register a knoppix.com domain. And neither
> knoppix.org.

Yeah, I just checked when Eaden told me. And I also suppose you don't 
know any of those two "people" (see how strange the entry for 
knoppix.org is: http://www.whois.net/whois.cgi2?d=knoppix.org ). 

If so, it seems to me like a worst case scenario, which I hadn't 
envisioned. (I wouldn't have thought registrars permitted such a 
crocked hijacking.)

What this means is that people will start making their links to 
knoppix.com for the english version and knopper.net for the german 
version thinking, just as I did, that the domain names are that of 
the Knoppix distro. (I mean, who has ever heard of Knopper? Not me! 
:)

One fine day, in three months or three years, just as Knoppix is 
making great strides, the domain-links might just disappear or point 
to a porno page instead. I would be very surprised if anybody asked 
for money from you to get the names back...

I suppose it wouldn't be the end of knoppix, but it's not a reassuring 
situation. The way I see things, of course. What's your POV?

> > I also suppose there are reasons why knoppix.net doesn't use the
> > distro's default background anymore.
>
> I don't know. I didn't register knoppix.net either. That's Eaden's
> playground, and a good one, btw. :-)

Yeah! Too bad "one" of his readers thought his page was hard to read 
with the distro's jpg: despite the little note about the officail 
website, you would have had a pretty official looking site for sure.

So now, com, org and net are not yours. And you don't mind?

> > This basic organisation is needed even for open source. Now comes
> > a new concern: security. From what I could gather, it's not
> > optimum for understandable reasons. Still, I believe it must be
> > adressed.
> >
> > Of course, nobody here gives a damn about a security hole with
> > ghostscript in KDE while opening pdf file.
>
> Well, I do. But I just can't rebuild KDE from source to fix errors
> that should be fixed by the genuine maintainers who are way better
> at building Debian packages than I am. 

I understand this. But it's just that building packages for unstable 
doesn't seem a priority at Debian's. And maybe rightly so, I don't 
know. But it does cause a problem with Knoppix.

> I'm not even sure if the
> ghostscript problem is really present in the current unstable
> debian packages, has anybody tried an exploit?

It seems that if you don't offer KDE 3.1.1a, you have the problem. 
Maybe it's not necessary to wait for exploits?

> > The hell! You just don't
> > open untrusted pdf files, and that's it.
>
> Not a good solution.

I agree. But it seems like the only solution for Knoppix right now.

> > The problem is if you starr distributing Knoppix CD to you family
> > and friends, people who have never seen an extension on their
> > Windows system, never heard about security fixes, someday, you're
> > bound to have problems. And it will be no use explaining why the
> > problem happened, it will be bad for business, even though it's
> > open source business. So, if the is a problem, it must be
> > addressed.
> >
> > How, is the question. Let's move on.
>
> Well, any solutions yet?

The only solution I see for now, unless Debian wants to give a higher 
priority to upgrading unstable, is trying to get some money and have 
somebody do the job.

Maybe it's not a good solution but I can't think of any other for now.

Salut!

Gilles Pelletier
-- 
La Masse critique
Le sionisme
http://pages.infinit.net/mcrit/sionisme.html
_______________________________________________
debian-knoppix mailing list
debian-knoppix@linuxtag.org
http://mailman.linuxtag.org/mailman/listinfo/debian-knoppix

Reply to:

Follow-Ups:
- Re: [debian-knoppix] Open accounting and Open source
  - From: Gilles Pelletier <gilpel@altern.org>

References:
- [debian-knoppix] Open accounting and Open source
  - From: Gilles Pelletier <gilpel@altern.org>
- Re: [debian-knoppix] Open accounting and Open source
  - From: Gilles Pelletier <gilpel@altern.org>
- Re: [debian-knoppix] Open accounting and Open source
  - From: knopper@linuxtag.org (Klaus Knopper)

Prev by Date: Re: [debian-knoppix] Ghosting with Knoppix?
Next by Date: Re: [debian-knoppix] Open accounting and Open source
Previous by thread: Re: [debian-knoppix] Open accounting and Open source
Next by thread: Re: [debian-knoppix] Open accounting and Open source
Index(es):
- Date
- Thread