With the issue of Ekush talking about sending us patches once they publish thier code and what not I as many of you are worried about being tainted, I have an idea, but I don't know how safe it is from a GPL stand point (I know nothing of the GPL) here's the idea, when we get patches that are questionable from *any* source, we send MS a copy of the suggested patch, and request they compare it with thier code to see if it is differant or the same as thier Windows code, if MS comes back and says it's teh same we delete the patch and move on...
I know this idea sounds bad but we need to discuss a plan for any potential tainting and how we'd deal with it, please if you don't like my idea then please by all means suggest something else.
if it is differant or the same as thier Windows code, if MS comes back and says it's teh same we delete the patch and move on...
Right idea, but wrong source I think. We need a neutral party who is under a microsoft NDA but contributes code neither to microsoft's nor our codebase.
The right question is: does this match anything you saw from microsoft? And the right answer can only be either yes or no.
It's a service we may well wind up paying for eventually.
Hi,
--- art yerkes ayerkes@speakeasy.net wrote:
Right idea, but wrong source I think. We need a neutral party who is under a microsoft NDA but contributes code neither to microsoft's nor our codebase.
It's a service we may well wind up paying for eventually.
Thats what I was thinking....We would end up needing to pay someone to review these patches and be under the NDA from Microsoft as they would be really limited as to what other projects they could work on due to the terms of the NDA. I am willing to try and open a dialog to discuss this matter with Microsoft but as it stands right now they are avoiding us (and the Wine project) and I would like to keep it that way.
Thanks Steven
__________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com
On Monday 22 November 2004 18:33, Steven Edwards wrote:
Hi,
--- art yerkes ayerkes@speakeasy.net wrote:
Right idea, but wrong source I think. We need a neutral party who is under a microsoft NDA but contributes code neither to microsoft's nor our codebase.
It's a service we may well wind up paying for eventually.
Thats what I was thinking....We would end up needing to pay someone to review these patches and be under the NDA from Microsoft as they would be really limited as to what other projects they could work on due to the terms of the NDA. I am willing to try and open a dialog to discuss this matter with Microsoft but as it stands right now they are avoiding us (and the Wine project) and I would like to keep it that way.
Thanks Steven
Simple solution (and the opnion of many if not all developers I think): don't take any of "their" code.
- blight
-----Original Message----- From: ros-dev-bounces@reactos.com [mailto:ros-dev-bounces@reactos.com] On Behalf Of Jeff Smith Sent: 22. november 2004 17:39 To: ReactOS Development List Subject: [ros-dev] Idea to protect ReactOS
With the issue of Ekush talking about sending us patches once they publish thier code and what not I as many of you are worried about being tainted, I have an idea, but I don't know how safe it is from a GPL stand point (I know nothing of the GPL) here's the idea, when we get patches that are questionable from *any* source, we send MS a copy of the suggested patch, and request they compare it with thier code to see if it is differant or the same as thier Windows code, if MS comes back and says it's teh same we delete the patch and move on...
I know this idea sounds bad but we need to discuss a plan for any potential tainting and how we'd deal with it, please if you don't like my idea then please by all means suggest something else.
It is not Microsofts job to check that our code doesn't violate IP laws. Just opening a support request at Microsoft is about $580 (at least here in Denmark; it has been several months since I've done that though). Do you really think they will look through our source code for free?
We are better off using common sense and not accepting large patches. The source code doesn't even have to be from Microsoft in order to violate IP laws.
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
Casper
What about this cursor? It's just a dirty try. http://www.freeworld.net/tests/cursor2.cur
Greetings Michael ----- Original Message ----- From: "Casper Hornstrup" chorns@users.sourceforge.net To: "'ReactOS Development List'" ros-dev@reactos.com Sent: Monday, November 22, 2004 7:01 PM Subject: RE: [ros-dev] Idea to protect ReactOS
-----Original Message----- From: ros-dev-bounces@reactos.com [mailto:ros-dev-bounces@reactos.com] On Behalf Of Jeff Smith Sent: 22. november 2004 17:39 To: ReactOS Development List Subject: [ros-dev] Idea to protect ReactOS
With the issue of Ekush talking about sending us patches once they publish thier code and what not I as many of you are worried about being tainted, I have an idea, but I don't know how safe it is from a GPL stand point (I know nothing of the GPL) here's the idea, when we get patches that are questionable from *any* source, we send MS a copy of the suggested patch, and request they compare it with thier code to see if it is differant or the same as thier Windows code, if MS comes back and says it's teh same we delete the patch and move on...
I know this idea sounds bad but we need to discuss a plan for any potential tainting and how we'd deal with it, please if you don't like my idea then please by all means suggest something else.
It is not Microsofts job to check that our code doesn't violate IP laws. Just opening a support request at Microsoft is about $580 (at least here in Denmark; it has been several months since I've done that though). Do you really think they will look through our source code for free?
We are better off using common sense and not accepting large patches. The source code doesn't even have to be from Microsoft in order to violate IP laws.
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
Casper
Ros-dev mailing list Ros-dev@reactos.com http://reactos.com:8080/mailman/listinfo/ros-dev
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Freeworld wrote: | What about this cursor? It's just a dirty try. | http://www.freeworld.net/tests/cursor2.cur | |>Btw. can someone design a new mouse pointer. Our mouse pointer is |>100% equal to the Windows XP one. |> |>Casper |>
How about these? I think they're good and they don't look copied:
http://reactosde.re.funpic.de/mediadetail.php?sec=Graphic%20arts&cat=cur...
~ -uniQ
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
There are plenty of GPL cursorsets available on the internet. I found http://www.kde-look.org/content/show.php?content=6550 which looks quite clean and nice. Even without shadow it still looks quite decent (see attachment)...
Sebastiaan
Hi Casper,
--- Casper Hornstrup chorns@users.sourceforge.net wrote:
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
I imported the first Cursors from winehq. Can we just revert back to those?
Thanks Steven
__________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com
After viewing
http://www.kde-look.org/content/preview.php?preview=1&id=6550&file1=...
I really like the look of those, why don't we use those?
Steven Edwards wrote:
Hi Casper,
--- Casper Hornstrup chorns@users.sourceforge.net wrote:
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
I imported the first Cursors from winehq. Can we just revert back to those?
Thanks Steven
__________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com
Ros-dev mailing list Ros-dev@reactos.com http://reactos.com:8080/mailman/listinfo/ros-dev
I've converted most of the pointers to windows compatible cursor files. I've removed the shadow and gave the cursors a sharp edge to have a nice contrast on all sorts of background colours. Each cursor file contains a 8bit and a 1bit version of the cursor.
I hope these are of any use...
Sebastiaan
After viewing
http://www.kde-look.org/content/preview.php?preview=1&id=6550&file 1=6550-1.png&file2=&file3=&name=Jimmac+cursor+theme
I really like the look of those, why don't we use those?
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
For what it's worth I just setup my windows scheme to use these pointers, and i like it a lot. They give a very clean feel to the cursor set (and are clearly not based too closely on the original windows).
Cheers Derek
P.S. This is my first post after joining the list, so hello to all and hopefully you'll hear more from me as I get into the swing of reactos development :)
Sebastiaan Roodenburg wrote:
I've converted most of the pointers to windows compatible cursor files. I've removed the shadow and gave the cursors a sharp edge to have a nice contrast on all sorts of background colours. Each cursor file contains a 8bit and a 1bit version of the cursor.
I hope these are of any use...
Sebastiaan
After viewing
http://www.kde-look.org/content/preview.php?preview=1&id=6550&file 1=6550-1.png&file2=&file3=&name=Jimmac+cursor+theme
I really like the look of those, why don't we use those?
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
Ros-dev mailing list Ros-dev@reactos.com http://reactos.com:8080/mailman/listinfo/ros-dev
Hi!
I created some mouse icons (last summer). Today i uploaded a new extended version. (License: GNU LGPL)
-> http://reactosde.re.funpic.de/mediadetail.php?sec=Graphic%20arts&cat=cur...
Klemens Friedl
...
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
Casper
Hi,
--- Casper Hornstrup chorns@users.sourceforge.net wrote:
We are better off using common sense and not accepting large patches. The source code doesn't even have to be from Microsoft in order to violate IP laws.
Btw. can someone design a new mouse pointer. Our mouse pointer is 100% equal to the Windows XP one.
I think we need to have someone audit all of the resources to make sure they are not tainted.
Thanks Steven
__________________________________ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com
Hi,
--- Steven Edwards steven_ed4153@yahoo.com wrote:
I think we need to have someone audit all of the resources to make sure they are not tainted.
The md5sums and binary records don't match for most of the resources I have already looked at. We could revert to Wines cursor and icons as they look enough like Windows but are not a 100% match. It looks like they were developed using another tool and not just copied from Windows.
I would assume the cursor and icon pixels are covered under fair use as they are such a small part of Windows but we better developer our own unique set of icons just to be sure so we don't have to fight it out in court. As KJK said...They got Al Capone for Tax Evasion.......
Thanks Steven
__________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I don't know if this is any better, but could we have some sort of agreement that contributers would have to give legal agreement too, that their code is completely legal and not copied from other sources? Or wouldn't that help?
I'm wondering if the source of these problems is people who are deliberately trying to taint ROS, or who don't know that this is bad. If the latter, then maybe the above agreement and an addition to the developer FAQ that such contributions are dangerous. If the former then I'm not immediately sure what steps can be taken, maybe partial hashing and comparison, or other partial/contextual comparisons of MS/contributed files?
My 2¢, ~ -uniQ
Am Montag, 22. November 2004 17:39 schrieb Jeff Smith:
my idea then please by all means suggest something else.
use tools like monotone (http://venge.net/monotone) that provide mechanisms to trust/distrust code from certain sources. if an ekush (or other) developer is found out to be tainted, distrust him, and fix up the source tree you'll get when building a tree with all changes except theirs..
of course, your approach is proactive, while this one is retroactive - so they could work hand in hand instead of being mutual exclusive (or even targetting the same problem space)
patrick mauritz
-
Anich Gregor -
art yerkes -
Casper Hornstrup -
Derek Hinchliffe -
Freeworld -
Jeff Smith -
K McI -
Klemens Friedl -
Patrick Mauritz -
Richard Campbell -
Sebastiaan Roodenburg -
Steven Edwards