|
Home > Archive > Anonymous Servers > May 2007 > [OmniMix] New release 1.0.1
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
[OmniMix] New release 1.0.1
|
|
| OmniMix 2007-04-24, 1:13 pm |
| Hi all!
I recently uploaded OmniMix 1.0.1.
Changes:
- Bugfix: A parameter type incompatibility within Indy's SSL handling
caused range check exceptions noticed under Windows 9x.
- With a simultaneous retrieval of POP3 messages and NNTP nym mails
through one client connection now keep-alive commands are sent to
the inactive server to prevent a timeout.
- 'Implicit SSL' option added to the extended username syntax.
- GnuPG updated to version 1.4.7.
You'll find the new version at
http://www.danner-net.de/om/OmniMix..._Uno_Setup.exe.
Kind regards
Christian
--
OmniMix .. protect your privacy
http://www.danner-net.de/om.htm
| |
| George Orwell 2007-04-24, 7:12 pm |
| OmniMix <om@nym.mixmin.net> wrote:
> Hi all!
>
> I recently uploaded OmniMix 1.0.1.
>
> Changes:
> - Bugfix: A parameter type incompatibility within Indy's SSL handling
> caused range check exceptions noticed under Windows 9x.
> - With a simultaneous retrieval of POP3 messages and NNTP nym mails
> through one client connection now keep-alive commands are sent to
> the inactive server to prevent a timeout.
> - 'Implicit SSL' option added to the extended username syntax.
> - GnuPG updated to version 1.4.7.
You're distributing GPL'd software with OmniMix, and don't release
source code?
Do you believe the GPL doesn't apply to you or your software packages
for some reason?
>
> You'll find the new version at
> http://www.danner-net.de/om/OmniMix..._Uno_Setup.exe.
>
> Kind regards
>
> Christian
> --
> OmniMix .. protect your privacy
> http://www.danner-net.de/om.htm
>
| |
| Anonymous 2007-04-24, 7:12 pm |
| OmniMix <om@nym.mixmin.net> wrote:
> Hi all!
>
> I recently uploaded OmniMix 1.0.1.
>
> Changes:
> - Bugfix: A parameter type incompatibility within Indy's SSL handling
> caused range check exceptions noticed under Windows 9x.
> - With a simultaneous retrieval of POP3 messages and NNTP nym mails
> through one client connection now keep-alive commands are sent to
> the inactive server to prevent a timeout.
> - 'Implicit SSL' option added to the extended username syntax.
> - GnuPG updated to version 1.4.7.
Ahem.
If you're distributing/bundling or incorporating GPL'd software with
OmniMix and don't supply source code you're in direct violation of the
GPL. I'd wager not only GnuPG but also Hashcash and SSL are violations,
and that source code inclusion isn't the only type of violation you're
guilty of.
If you believe the GPL is unenforceable, you may be in for a rude
awakening. 
>
> You'll find the new version at
> http://www.danner-net.de/om/OmniMix..._Uno_Setup.exe.
>
> Kind regards
>
> Christian
> --
> OmniMix .. protect your privacy
> http://www.danner-net.de/om.htm
>
| |
| Borked Pseudo Mailed 2007-04-24, 7:13 pm |
| George Orwell wrote:
> OmniMix <om@nym.mixmin.net> wrote:
>
>
> You're distributing GPL'd software with OmniMix, and don't release
> source code?
>
> Do you believe the GPL doesn't apply to you or your software packages
> for some reason?
We've been through all this before. Danner believes two things above
all else:
1. He knows more about anonymous mail than the people who wrote the
software that makes it possible.
2. Common sense, courtesy, and the law are beneath him.
| |
| Anonyma 2007-04-25, 1:13 am |
| In article < ce13317e10e0e70d94fe9e36d95b234e@mixmast
er.it>
George Orwell <nobody@mixmaster.it> wrote:
>
> You're distributing GPL'd software with OmniMix, and don't release
> source code?
>
> Do you believe the GPL doesn't apply to you or your software packages
> for some reason?
Yes, I guess so. Many people have asked for the source code and have
been ignored.
The scary part is that even if he wasn't in violation of the GPL
(which he is), why would anyone use a software to protect their
anonymity when they can't even see what it does? Omnimix is, after
all, just a front end and the source code would not take long to check
through.
It's not just a trend for security or privacy software to release
source code, it's to bring confidence that there are no back doors too.
| |
| macarro 2007-04-25, 7:12 am |
|
> The scary part is that even if he wasn't in violation of the GPL
> (which he is), why would anyone use a software to protect their
> anonymity when they can't even see what it does? Omnimix is, after
> all, just a front end and the source code would not take long to check
> through.
>
> It's not just a trend for security or privacy software to release
> source code, it's to bring confidence that there are no back doors too.
>
I have never seen Quicksilver source code available neither.
Apologies if I am wrong.
--
Customized News: http://news.spotback.com
| |
| Thomas J. Boschloo 2007-04-25, 7:12 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonyma wrote:
> In article < ce13317e10e0e70d94fe9e36d95b234e@mixmast
er.it>
> George Orwell <nobody@mixmaster.it> wrote:
>
> Yes, I guess so. Many people have asked for the source code and have
> been ignored.
>
> The scary part is that even if he wasn't in violation of the GPL
> (which he is), why would anyone use a software to protect their
> anonymity when they can't even see what it does? Omnimix is, after
> all, just a front end and the source code would not take long to check
> through.
>
> It's not just a trend for security or privacy software to release
> source code, it's to bring confidence that there are no back doors too.
Maybe Chris wants the code to be more mature and cleaned up before he
releases it to the public. Give him time. It is not like he makes any
money off it! One of the reasons Richard stopped were reactions like
these. Don't you want any easy to use frontends to be developed? Plea
with the GnuPG team to release anonimity software. You will find you
will have a hard time doing this!
I myself would rather have GnuPG as a separate download so I can update
it myself when a new version comes out. And so it doesn't mess up my
current install (I have GnuPG 1.4.7 installed after all..)
Thomas
- --
"Forget it. I am taking my own chances now" - Dee, Mean Guns
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRi8lTQEP2l8iXKAJAQFfJAMdHYhaRd40
XggkPwtQfMr+nLyvW2Ob0Wf4
iRqorzmpfd5oAYRMPSMrUbLEz8wvrosadlY/q06qMNSboQiODgI2Oo35Fqb+3/0I
M+lfKh9ZwEaXr76qWp1mutkbwH9UpBahq266JA==
=h9GG
-----END PGP SIGNATURE-----
| |
| Thomas J. Boschloo 2007-04-25, 7:12 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonymous wrote:
> OmniMix <om@nym.mixmin.net> wrote:
>
>
> Ahem.
>
> If you're distributing/bundling or incorporating GPL'd software with
> OmniMix and don't supply source code you're in direct violation of the
> GPL. I'd wager not only GnuPG but also Hashcash and SSL are violations,
> and that source code inclusion isn't the only type of violation you're
> guilty of.
>
> If you believe the GPL is unenforceable, you may be in for a rude
> awakening.
Apparently it is
http://www.jumaros.de/rsoft/faq.html#ge02
Regs,
Thomas
- --
"Forget it. I am taking my own chances now" - Dee, Mean Guns
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRi8qOgEP2l8iXKAJAQFHvQMglLUalCOH
E4cRxDYTxus8HqVV6iAC2tmj
orM1PCz/ 4eDVxH1Uoinx+ys2BCBf7cFIMCAVDToC3Oye7FeW
XjKsn6ddyyPArY9D
4mgfZXmSRfxIhtsLb8kpcv4lvHKG+mOXiYI99w==
=1GBy
-----END PGP SIGNATURE-----
| |
| Borked Pseudo Mailed 2007-04-25, 7:12 am |
| > I have never seen Quicksilver source code available neither.
>
> Apologies if I am wrong.
You're wrong. The source code is in the download directory.
| |
| Cyberiade.it Anonymous Remailer 2007-04-25, 7:12 am |
| In article <462f2557$0$18626$e4fe514c@dreader16.news.xs4all.nl>
"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
>
> Maybe Chris wants the code to be more mature and cleaned up before he
> releases it to the public. Give him time. It is not like he makes any
It's been years. The GPL doesn't give a time limit, it says that the
source code must be available to anybody that the binary is also
available to. It doesn't say you can wait 25 years before you hand it
over.
> money off it! One of the reasons Richard stopped were reactions like
> these. Don't you want any easy to use frontends to be developed? Plea
> with the GnuPG team to release anonimity software. You will find you
> will have a hard time doing this!
If you don't like the terms of the GPL and don't wish to abide by
them, then don't use GPL code for your software. Simple.
If you do use GPL code, abide by the rules of that code. It's not a
choice, it's a legal requirement.
I fail to see how you equate having a problem with someone abusing the
GPL and not releasing the source code as 'not wanting any frontends to
be developed'.
| |
| George Orwell 2007-04-25, 1:13 pm |
| "Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
> Anonyma wrote:
>
> Maybe Chris wants the code to be more mature and cleaned up before he
> releases it to the public. Give him time. It is not like he makes any
Baloney.
It the code isn't "mature and cleaned up" enough to be presented to the
public the damned application shouldn't be released in the first place.
> money off it! One of the reasons Richard stopped were reactions like
> these. Don't you want any easy to use frontends to be developed? Plea
Not really. I have no use for any of them.
> with the GnuPG team to release anonimity software. You will find you
> will have a hard time doing this!
And why would you suppose that is?
Gosh, maybe Werner and the crew aren't in the anonymity software racket?
>
> I myself would rather have GnuPG as a separate download so I can update
> it myself when a new version comes out. And so it doesn't mess up my
> current install (I have GnuPG 1.4.7 installed after all..)
You yourself doesn't really count. What you want is irrelevant. There's
copyrights and redistribution agreements that need to be adhered to.
| |
| Borked Pseudo Mailed 2007-04-25, 1:13 pm |
| macarro <email@is.invalid> wrote:
> I have never seen Quicksilver source code available neither.
It is available.
Richard forbids the distribution of any binaries not compiled by himself.
| |
| Nomen Nescio 2007-04-25, 7:13 pm |
| Someone wrote:
>OmniMix <om@nym.mixmin.net> wrote:
>
>
>Ahem.
>
>If you're distributing/bundling or incorporating GPL'd software with
>OmniMix and don't supply source code you're in direct violation of the
>GPL.
That's barking based on guesswork and pipe dreams.
You misinterpret the GNU General Public License. There you find the
vague expression "derived work", which, concerning GnuPG, doesn't
conclusively apply to OmniMix.
- First of all it isn't illegal to distribute GPL'd software along
with software covered by a different license.
- Besides, OmniMix doesn't incorporate GPL'd code and isn't linked to
GnuPG, neither statically nor dynamically. Simple piped exec function
calls of separate programs aren't necessarily covered by the GPL,
which is about copying and sharing code, not about the data created
and processed by that code. Or do you think GPL software isn't allowed
to be executed by non-GPL software?
- During the setup process you're even asked whether to install GnuPG
or not, as it isn't necessary for most of the tasks, only the nym part
and WME use it. So even distributing OmniMix without GnuPG would make
sense. They aren't unseparable.
- Moreover, with earlier versions, which enlisted PGP DLLs, OmniMix
has proven that GnuPG isn't indispensable, as there are alternatives.
Therefore OmniMix by no means is a "derived work" of GnuPG - as well
as QuickSilver isn't a derived work of PGP. On principle they're able
to use every software under the sun that offers OpenPGP compatible
encryption. And as they are not depended on the specific features of a
certain implementation, there is no GPL violation if a developer
decides on a GPL'd plug-in in the way described above.
http://www.fsf.org/licensing/licens...NFUseGPLPlugins
and
http://www.fsf.org/licensing/licens...MereAggregation
might shed more light upon this topic and underpin my assertions.
> I'd wager not only GnuPG but also Hashcash and SSL are violations,
Concerning HashCash, it can be distributed and used under any of the
following licenses:
- CPL
- public domain
- BSD (3 clause -- no advertising clause)
- LGPL (2.1)
- GPL (2)
So feel free to choose the least restrictive one. ;-)
The OpenSSL license also doesn't restrict any binary distribution.
If you're capable of reading and willing to do so, you find all that
information in the distribution package of OmniMix.
>and that source code inclusion isn't the only type of violation you're
>guilty of.
Then, Your Honour, please enlighten us with your further findings.
>If you believe the GPL is unenforceable, you may be in for a rude
>awakening.
But, disregarding this ng, no condemnation without facts. So where are
the legal arguments for your pretensions? Or is the sole reason for
your attacks on OmniMix to achieve its withdrawal from potential users
in order to make anonymous mailing and posting more inconvenient, thus
less widespread?
| |
|
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Borked Pseudo Mailed <nobody@pseudo.borked.net> wrote in
news:f765d8ee7b8ce5bf87dd2e1c9549dbe9@ps
eudo.borked.net:
> macarro <email@is.invalid> wrote:
>
>
> It is available.
> Richard forbids the distribution of any binaries not compiled by
> himself.
I've heard that before. Any idea why?
How about getting the source and compiling your own binary? What's
required?
- --
HTTP://lurasbookcase.com/reunion.shtml
HTTP://lurasbookcase.com/river.shtml
HTTP://lurasbookcase.com/road1.shtml
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32) - GPGshell v3.52
iQEVAwUBRjAaFXV+YnyE1GYEAQhjhAgAnKgfwAnH
BOyaHkurxHfcBEuM6OBWjYXI
679nOwibzJU7I0YB7b/e2y4SU7C4CBpmQGj8lQE0I/uTPUeqL5aBhd7ZTkDoBf2N
WGzW1uPgEyNo7+Lf1NujxiIeRfdKONmil0GGOJZd
w20igujvEUi2dq08ZNpTjapl
m5dVeUTuypbeAnqziDveodKsDMprjdSR17NxPCVd
hbb+2keK3Zr0fVLTjDCNwD84
uWC1G2i/ MHqzndl5jqftEREWhdua1GPjYHudaxl2P9pMHyl5
lBU4hiir2VfmUitl
TYgfJc9WQBTAuEPz1FkXA7YCVNKAvaO2/gxXMLNXG0dgyB/PGh3NTQ==
=oiW0
-----END PGP SIGNATURE-----
| |
| Nomen Nescio 2007-04-26, 1:13 am |
| In article <Xns991DE2FCB9C412362352@127.0.0.1>
Ed <apostle@REMOVETHISpeculiar.homeip.net> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Borked Pseudo Mailed <nobody@pseudo.borked.net> wrote in
> news:f765d8ee7b8ce5bf87dd2e1c9549dbe9@ps
eudo.borked.net:
>
>
> I've heard that before. Any idea why?
>
> How about getting the source and compiling your own binary? What's
> required?
I've got the source and he gives permission to compile it for your
own use. I think it's written in Borland C++ Builder v1.0.
| |
| George Orwell 2007-04-26, 7:12 am |
| Thomas J. Boschloo wrote:
>I myself would rather have GnuPG as a separate download so I can update
>it myself when a new version comes out. And so it doesn't mess up my
>current install (I have GnuPG 1.4.7 installed after all..)
OM doesn't touch your GnuPG installation. It uses an independent set
of GnuPG files held in one of its subdirectories, and the command line
calls include all necessary parameters, so that no additional system
settings (gpg.conf, registry, environment variables or whatever) are
required. No problem to replace OM's GnuPG files by those coming
directly from the GnuPG project. But don't forget to deactivate the
installation of GnuPG on an update of OM, which actually is nothing
more than a copying, or your modifications are gone.
The same applies to Tor. Thus, apart from possible bandwidth
restrictions, it's no problem (and even recommended) to run OM with
its dedicated Tor system simultaneously with Torpark or the Vidalia
package.
As long as you avoid absolute paths by keeping all necessary parts
local within the OmniMix folder it's designed to be a portable
solution running even from a USB flash drive.
Regards
| |
| Thomas J. Boschloo 2007-04-26, 1:12 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
George Orwell wrote:
> "Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
>
>
> Baloney.
>
> It the code isn't "mature and cleaned up" enough to be presented to the
> public the damned application shouldn't be released in the first place.
Same goes for Windows Vista and every version before that given the
exploits found in it on an almost daily basis.
So you don't want to use Windows? All software of considerable size will
have multiple flaws in them. If you want software it is almost certainly
secure go use something like:
http://home.hccnet.nl/t.j.boschloo/wordcnt/ It took a few hours to write
and many, many days to debug to the state it is in now.
Thomas
- --
"Forget it. I am taking my own chances now" - Dee, Mean Guns
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRjCkYgEP2l8iXKAJAQHzXgMfdIbNFIBQ
WLEJHY94QSCckdLGf86vMYNk
X+LYKQDJ4Ezvm2YGfP4zf24XaAhXdF9ACURjLJ73
eMNPpv8/7z7M/ajpdyh3QnNk
Ofy8gaAvVeucnF19K0gsB9VGZGwzq/CapmCNYA==
=vLj/
-----END PGP SIGNATURE-----
| |
| Anonyma 2007-04-26, 1:12 pm |
| > So you don't want to use Windows?
I don't use it.
> All software of considerable size will have multiple flaws in them.
But not all software gets to run as root and provide access to the
entire system when it has a flaw, unlike windows.
> If you want software it is almost certainly secure go use something
> like: http://home.hccnet.nl/t.j.boschloo/wordcnt/ It took a few hours
> to write and many, many days to debug to the state it is in now.
I don't want to offend you, but wasting that much time on a program
that counts words is a little over the top.
| |
| Cyberiade.it Anonymous Remailer 2007-04-26, 7:12 pm |
| "Thomas J. Boschloo" <nospam@hccnet.nl> wrote:
>
> Same goes for Windows Vista and every version before that given the
> exploits found in it on an almost daily basis.
<discard>
No XXXXwit, the same deosn't go for Windows because that's not the
author stated, or even a credible reason why Winblows source code isn't
widely distributed to Wintards like you. And Winblows source code IS
available, so you're a XXXXwit times two.
Now is there any other direction you'd like to embarrass yourself with
by meandering off in today? <laugh>
| |
| Thomas J. Boschloo 2007-05-07, 7:14 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonyma wrote:
>
> I don't use it.
>
>
> But not all software gets to run as root and provide access to the
> entire system when it has a flaw, unlike windows.
So the kernel mustn't be of considerable size..
>
> I don't want to offend you, but wasting that much time on a program
> that counts words is a little over the top.
Not considering that I wrote it for Zax to run on one of his computers.
It /had/ to be secure. Some software cannot afford to contain flaws.
Remailer server software is one of those software. Medical equipment
that has software in it is another one.
Anyways, it was fun to write and that is what counts most. Every
programmer should try to write software without any flaws. If they did
maybe CERT wouldn't have such a hard job keeping up with them.
Thomas
- --
You crawl before you walk
You run before you leap
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBRj+bRwEP2l8iXKAJAQH9nQMfSsmiEMXG
7myq6Ir/rxYfT4/OwqE6vh4Z
Xm1XGzDkvj2xTLs0KfN5UqRjcUntyrlMsjf8AMgi
LioUUgCJlqmIznhGDTqhVTsz
zISXTmJAnpnECXaKzRS0ZvpmUKUBvRDr8F4wZw==
=Gn+h
-----END PGP SIGNATURE-----
|
|
|
|
|