22 Nov
2004
22 Nov
'04
4:39 p.m.
With the issue of Ekush talking about sending us patches once they
publish thier code and what not I as many of you are worried about being
tainted, I have an idea, but I don't know how safe it is from a GPL
stand point (I know nothing of the GPL) here's the idea, when we get
patches that are questionable from *any* source, we send MS a copy of
the suggested patch, and request they compare it with thier code to see
if it is differant or the same as thier Windows code, if MS comes back
and says it's teh same we delete the patch and move on...
I know this idea sounds bad but we need to discuss a plan for any
potential tainting and how we'd deal with it, please if you don't like
my idea then please by all means suggest something else.
22 Nov
22 Nov
5:34 p.m.
if it is differant or the same as thier Windows code,
if MS comes back
and says it's teh same we delete the patch and move on...
Right idea, but wrong source I think. We need a neutral party who is
under a microsoft NDA but contributes code neither to microsoft's nor
our codebase.
The right question is: does this match anything you saw from microsoft?
And the right answer can only be either yes or no.
It's a service we may well wind up paying for eventually.
--
Here's a simple experiment. Stand on a train track between two locomotives
which are pushing on you with equal force in opposite directions. You will
exhibit no net motion. None the less, you may soon begin to notice that
something important is happening.
-- Robert Stirniman
5:33 p.m.
Hi,
--- art yerkes <ayerkes(a)speakeasy.net> wrote:
Right idea, but wrong source I think. We need a
neutral party who is
under a microsoft NDA but contributes code neither to microsoft's nor
our codebase.
It's a service we may well wind up paying for eventually.
Thats what I was thinking....We would end up needing to pay someone to
review these patches and be under the NDA from Microsoft as they would
be really limited as to what other projects they could work on due to
the terms of the NDA. I am willing to try and open a dialog to discuss
this matter with Microsoft but as it stands right now they are avoiding
us (and the Wine project) and I would like to keep it that way.
Thanks
Steven
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
5:53 p.m.
On Monday 22 November 2004 18:33, Steven Edwards wrote:
Hi,
--- art yerkes <ayerkes(a)speakeasy.net> wrote:
Simple solution (and the opnion of many if not all developers I think): don't
take any of "their" code.
- blight
Right idea, but wrong source I think. We need a
neutral party who is
under a microsoft NDA but contributes code neither to microsoft's nor
our codebase.
It's a service we may well wind up paying for eventually.
Thats what I was thinking....We would end up needing to pay someone to
review these patches and be under the NDA from Microsoft as they would
be really limited as to what other projects they could work on due to
the terms of the NDA. I am willing to try and open a dialog to discuss
this matter with Microsoft but as it stands right now they are avoiding
us (and the Wine project) and I would like to keep it that way.
Thanks
Steven 
6:01 p.m.
-----Original Message-----
From: ros-dev-bounces(a)reactos.com
[mailto:ros-dev-bounces@reactos.com] On Behalf Of Jeff Smith
Sent: 22. november 2004 17:39
To: ReactOS Development List
Subject: [ros-dev] Idea to protect ReactOS
With the issue of Ekush talking about sending us patches
once they publish thier code and what not I as many of you
are worried about being tainted, I have an idea, but I don't
know how safe it is from a GPL stand point (I know nothing of
the GPL) here's the idea, when we get patches that are
questionable from *any* source, we send MS a copy of the
suggested patch, and request they compare it with thier code
to see if it is differant or the same as thier Windows code,
if MS comes back and says it's teh same we delete the patch
and move on...
I know this idea sounds bad but we need to discuss a plan for
any potential tainting and how we'd deal with it, please if
you don't like my idea then please by all means suggest
something else.
It is not Microsofts job to check that our code doesn't violate
IP laws. Just opening a support request at Microsoft is about
$580 (at least here in Denmark; it has been several months since
I've done that though). Do you really think they will look through
our source code for free?
We are better off using common sense and not accepting large
patches. The source code doesn't even have to be from Microsoft
in order to violate IP laws.
Btw. can someone design a new mouse pointer. Our mouse pointer is
100% equal to the Windows XP one.
Casper
7:10 p.m.
What about this cursor? It's just a dirty try.
http://www.freeworld.net/tests/cursor2.cur
Greetings Michael
----- Original Message -----
From: "Casper Hornstrup" <chorns(a)users.sourceforge.net>
To: "'ReactOS Development List'" <ros-dev(a)reactos.com>
Sent: Monday, November 22, 2004 7:01 PM
Subject: RE: [ros-dev] Idea to protect ReactOS
-----Original Message-----
From: ros-dev-bounces(a)reactos.com
[mailto:ros-dev-bounces@reactos.com] On Behalf Of Jeff Smith
Sent: 22. november 2004 17:39
To: ReactOS Development List
Subject: [ros-dev] Idea to protect ReactOS
With the issue of Ekush talking about sending us patches
once they publish thier code and what not I as many of you
are worried about being tainted, I have an idea, but I don't
know how safe it is from a GPL stand point (I know nothing of
the GPL) here's the idea, when we get patches that are
questionable from *any* source, we send MS a copy of the
suggested patch, and request they compare it with thier code
to see if it is differant or the same as thier Windows code,
if MS comes back and says it's teh same we delete the patch
and move on...
I know this idea sounds bad but we need to discuss a plan for
any potential tainting and how we'd deal with it, please if
you don't like my idea then please by all means suggest
something else.
It is not Microsofts job to check that our code doesn't violate
IP laws. Just opening a support request at Microsoft is about
$580 (at least here in Denmark; it has been several months since
I've done that though). Do you really think they will look through
our source code for free?
We are better off using common sense and not accepting large
patches. The source code doesn't even have to be from Microsoft
in order to violate IP laws.
Btw. can someone design a new mouse pointer. Our mouse pointer is
100% equal to the Windows XP one.
Casper
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.com
http://reactos.com:8080/mailman/listinfo/ros-dev
7:31 p.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Freeworld wrote:
| What about this cursor? It's just a dirty try.
| http://www.freeworld.net/tests/cursor2.cur
|
|>Btw. can someone design a new mouse pointer. Our mouse pointer is
|>100% equal to the Windows XP one.
|>
|>Casper
|>
How about these? I think they're good and they don't look copied:
http://reactosde.re.funpic.de/mediadetail.php?sec=Graphic%20arts&cat=cu…
~ -uniQ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBoj6c7mze81O92HkRAu2fAJ9BcU/ZSsYe4vBhGoKT7bliI4n6OwCgikwv
Z4/KcYfLpigxIPJ0RXr6Ns4=
=DpiG
-----END PGP SIGNATURE-----
7:21 p.m.
Btw. can someone design a new mouse pointer. Our mouse
pointer is
100% equal to the Windows XP one.
There are plenty of GPL cursorsets available on the internet. I found
http://www.kde-look.org/content/show.php?content=6550 which looks quite
clean and nice. Even without shadow it still looks quite decent (see
attachment)...
Sebastiaan
7:47 p.m.
Hi Casper,
--- Casper Hornstrup <chorns(a)users.sourceforge.net> wrote:
Btw. can someone design a new mouse pointer. Our mouse
pointer is
100% equal to the Windows XP one.
I imported the first Cursors from winehq. Can we just revert back to
those?
Thanks
Steven
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
11:50 p.m.
After viewing
http://www.kde-look.org/content/preview.php?preview=1&id=6550&file1…
I really like the look of those, why don't we use those?
Steven Edwards wrote:
Hi Casper,
--- Casper Hornstrup <chorns(a)users.sourceforge.net> wrote:
Btw. can someone design a new mouse pointer. Our
mouse pointer is
100% equal to the Windows XP one.
I imported the first Cursors from winehq. Can we just revert back to
those?
Thanks
Steven
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.com
http://reactos.com:8080/mailman/listinfo/ros-dev
23 Nov
23 Nov
8:11 p.m.
I've converted most of the pointers to windows compatible cursor files. I've
removed the shadow and gave the cursors a sharp edge to have a nice contrast
on all sorts of background colours. Each cursor file contains a 8bit and a
1bit version of the cursor.
I hope these are of any use...
Sebastiaan
After viewing
http://www.kde-look.org/content/preview.php?preview=1&id=6550&file
1=6550-1.png&file2=&file3=&name=Jimmac+cursor+theme
I really like the look of those, why don't we use those?
>
>>Btw. can someone design a new mouse pointer. Our mouse pointer is
>>100% equal to the Windows XP one.
24 Nov
24 Nov
2:24 a.m.
For what it's worth I just setup my windows scheme to use these
pointers, and i like it a lot. They give a very clean feel to the cursor
set (and are clearly not based too closely on the original windows).
Cheers
Derek
P.S. This is my first post after joining the list, so hello to all and
hopefully you'll hear more from me as I get into the swing of reactos
development :)
Sebastiaan Roodenburg wrote:
I've converted most of the pointers to windows
compatible cursor files. I've
removed the shadow and gave the cursors a sharp edge to have a nice contrast
on all sorts of background colours. Each cursor file contains a 8bit and a
1bit version of the cursor.
I hope these are of any use...
Sebastiaan
>After viewing
>
>http://www.kde-look.org/content/preview.php?preview=1&id=6550&file
>1=6550-1.png&file2=&file3=&name=Jimmac+cursor+theme
>
>I really like the look of those, why don't we use those?
>
>
>>>Btw. can someone design a new mouse pointer. Our mouse pointer is
>>>100% equal to the Windows XP one.
>>>
>>>
>>>------------------------------------------------------------------------
>>>
>>>_______________________________________________
>>>Ros-dev mailing list
>>>Ros-dev(a)reactos.com
>>>http://reactos.com:8080/mailman/listinfo/ros-dev
>>>
23 Nov
23 Nov
8:10 p.m.
New subject: Mouse Icons for ReactOS
Hi!
I created some mouse icons (last summer). Today i uploaded a new extended
version. (License: GNU LGPL)
->
http://reactosde.re.funpic.de/mediadetail.php?sec=Graphic%20arts&cat=cu…
Klemens Friedl
...
Btw. can someone design a new mouse pointer. Our mouse pointer is
100% equal to the Windows XP one.
Casper
--
Geschenkt: 3 Monate GMX ProMail + 3 Top-Spielfilme auf DVD
++ Jetzt kostenlos testen http://www.gmx.net/de/go/mail ++
24 Nov
24 Nov
12:22 a.m.
Hi,
--- Casper Hornstrup <chorns(a)users.sourceforge.net> wrote:
We are better off using common sense and not accepting
large
patches. The source code doesn't even have to be from Microsoft
in order to violate IP laws.
Btw. can someone design a new mouse pointer. Our mouse pointer is
100% equal to the Windows XP one.
I think we need to have someone audit all of the resources to make sure
they are not tainted.
Thanks
Steven
__________________________________
Do you Yahoo!?
Meet the all-new My Yahoo! - Try it today!
http://my.yahoo.com
1:40 a.m.
Hi,
--- Steven Edwards <steven_ed4153(a)yahoo.com> wrote:
I think we need to have someone audit all of the
resources to make
sure
they are not tainted.
The md5sums and binary records don't match for most of the resources I
have already looked at. We could revert to Wines cursor and icons as
they look enough like Windows but are not a 100% match. It looks like
they were developed using another tool and not just copied from
Windows.
I would assume the cursor and icon pixels are covered under fair use as
they are such a small part of Windows but we better developer our own
unique set of icons just to be sure so we don't have to fight it out in
court. As KJK said...They got Al Capone for Tax Evasion.......
Thanks
Steven
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
22 Nov
22 Nov
7:10 p.m.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I don't know if this is any better, but could we have some sort of
agreement that contributers would have to give legal agreement too, that
their code is completely legal and not copied from other sources? Or
wouldn't that help?
I'm wondering if the source of these problems is people who are
deliberately trying to taint ROS, or who don't know that this is bad. If
the latter, then maybe the above agreement and an addition to the
developer FAQ that such contributions are dangerous. If the former then
I'm not immediately sure what steps can be taken, maybe partial hashing
and comparison, or other partial/contextual comparisons of
MS/contributed files?
My 2¢,
~ -uniQ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBojm67mze81O92HkRApbNAJ0fYqh9m+uEvCqqTuPVk8KIxmD5JACgjX05
2XPRA+CqRDzmthc//CM0fzk=
=pGgw
-----END PGP SIGNATURE-----
9:41 p.m.
Am Montag, 22. November 2004 17:39 schrieb Jeff Smith:
my idea then please by all means suggest something
else.
use tools like monotone (http://venge.net/monotone) that provide mechanisms to
trust/distrust code from certain sources. if an ekush (or other) developer is
found out to be tainted, distrust him, and fix up the source tree you'll get
when building a tree with all changes except theirs..
of course, your approach is proactive, while this one is retroactive - so they
could work hand in hand instead of being mutual exclusive (or even targetting
the same problem space)
patrick mauritz
7343
days inactive
7345
days old
16 comments
12 participants
participants (12)
-
Anich Gregor -
art yerkes -
Casper Hornstrup -
Derek Hinchliffe -
Freeworld -
Jeff Smith -
K McI -
Klemens Friedl -
Patrick Mauritz -
Richard Campbell -
Sebastiaan Roodenburg -
Steven Edwards