Path: utzoo!attcan!uunet!husc6!uwvax!oddjob!ncar!ames!hc!lanl!unm-la!unmvax!charon!xochitl!bonzo From: bonzo@xochitl.UUCP (Matt Armstrong) Newsgroups: news.admin Subject: Re: A counter-example for those who would eliminate PC binaries (long) Message-ID: <172@xochitl.UUCP> Date: 30 Jun 88 23:13:31 GMT References: <264@octopus.UUCP> <3302@s.cc.purdue.edu> Reply-To: bonzo@xochitl.UUCP (Matt Armstrong) Organization: EDS Research, Albq. NM Lines: 96 In article <3302@s.cc.purdue.edu> rsk@s.cc.purdue.edu.UUCP (Rich Kulawiec) writes: >In article <264@octopus.UUCP> pete@octopus.UUCP (Pete Holzmann) writes: >>But, if we're going to take the easy way out and simply ban X, we've got to >>be consistent and ban ALL 'X', even the brand that affects us personally. > >I don't think this applies in this case; I don't feel that "a big posting >containing a game for a certain Unix machine" and "a big posting containing >a binary executable for a certain microcomputer" belong to the same X. I believe that the point here is that the .binaries groups are getting dumped on left and right, but the source groups are left alone. Since c.b.ibm.pc became moderated, traffic has slowed way down. I think that the traffic across that group has dropped down to around the same volume as the sources groups (Although I wouldn't swear to it. That's a lesson I've learned second- hand :-). I am certain that its volume has been less than .sources.games over the last few days. >I have no particular desire to disenfranchise microcomputer users; >however, I have no particular desire to assist in the demise of >their software and data holdings by being a party to the distribution >of binary programs of a malicious nature. "Those who know what's best for us / Must rise and save us from ourselves." - Neil Peart, "Witch Hunt" > Further, I note that >distinguishing between malicious and non-malicious binary programs >is a problem that poses difficulties even for experts in the field, >while distinguishing between malicious and non-malicious source programs >can usually be done much more easily. Since I (and, I suspect, most >of the other Usenet readers, including perhaps many of those who >use binary programs) have trouble making this distinction, it seems >to me to be better to avoid the unpleasant possibilities that >binary distribution raises. And since it is so hard, I take precautions with what I get from any source. To me this includes running chk4bomb and watching the output for unusual messages, and an additional strings run for good measure. This is enough to make me feel safe. Your mileage may vary. Another point to make is that not everyone here can afford compilers for their respective computers. (Think about this one: If someone ports GNU C to the PC of any other micro, how will it be distributed?) > (I am aware that various techniques >for assuring the authenticity of binaries have been discussed, including >moderation, checksums, and so on; but I am also aware that each of >these techniques may be circumvented, usually without much difficulty.) 1. Binaries are generally presented "as-is" with no warrantee that it will do what you want it to do, or even function at all. (Fortunately, most authors of PD software or Shareware take a little more pride in their work than to tell you "Tough luck," but for the general case, this is how it is.) If you don't realize this up front, I, personally, would consider you naive. 2. Most software that I've seen distributed comes right out and says this. Fine with me. They've gotta CTA somehow. 3. If you are wary of using Shareware or PD software because you are wary of viruses or just low-cost software in general, then you should probably use commercial software (that has an author you can actually get your legal fingers on if he bites you). 4. If you don't have the money to buy commercial software to do what you want (like myself), you have to settle for what you can get through PD and Shareware and for the risks associated with it. If you have a computer, you only have a few options along the lines of buy commercial, use PD/Shareware, or write your own software. (Most of the rest are considered illegal at this time.) Why not get my software from local BBS's? If I can't get my software from the net, I probably will. But, contrary to popular belief, there ARE people who have net access but no modem. You want to leave these people in the dark? Why not FTP from Simtel-20? Contrary to popular belief, there are UUCP nodes that don't have access to the Internet. Like us. You want to leave us in the dark? I didn't realize that that's what this net was about. If you don't like propagating the binaries, don't. But please don't force your ideas on the rest of the net. In return, I promise not to bash your favorite group simply because I think it's worthless. Deal? And out of simple curiosity, would someone like to tell me how much money they would save (not "might save." I'm interested in real figures here.) if they cut out the binaries groups? And not the net as a whole; $.02 times infinity gets pretty big, eh? :-) (Sorry for the length. This has been building up in me for some time. I wish I thought that this group bashing would stop anytime soon. Maybe it will.) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Matt Armstrong - Guru-In-Training - Part-Time Hacker - Starving Bassist "Slices in, slices out. That's what toasters are about." ...ucbvax!unmvax!charon!xochitl!bonzo charon.unm.edu!xochitl!bonzo ...uunet!rlgvax!texsun!xochitl!bonzo