Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Open Source Software IT

NX Compression Technology To Go Closed Source 286

An anonymous reader writes "NoMachine has sneakily revealed it is closing its source of the NX compression technology with NX 4.0: 'This release marks an important milestone in the history of the company. Version 4.0 of the software, in fact, will be only available under a closed source license.'"
This discussion has been archived. No new comments can be posted.

NX Compression Technology To Go Closed Source

Comments Filter:
  • by RAMMS+EIN ( 578166 ) on Tuesday December 21, 2010 @08:03PM (#34636012) Homepage Journal

    "NoMachine has sneakily revealed..."

    That's quite remarkable.

    • by Monkeedude1212 ( 1560403 ) on Tuesday December 21, 2010 @08:05PM (#34636048) Journal

      It would appear they've achieved the impossible.

      Congrats NoMachine! No matter how often I try to sneakily reveal something, I'm either too sneaky and nothing is revealed, or its revealed and not very sneaky at all!

      • It would appear they've achieved the impossible.

        Not impossible. To me, "sneakily reveal" sounds like "bury in a tl;dr changelog".

        • by Monkeedude1212 ( 1560403 ) on Tuesday December 21, 2010 @08:23PM (#34636224) Journal

          The problem with trying to hide something in a tl;dr changelog is that Someone - somewhere - WILL read the change log, and likely make mention of anything out of the ordinary on their blog.

          In fact - I went to renew my Xbox live Gold membership a month ago or so... And they said that the terms and conditions of the service had changed since I last was on Gold. So I decided I would read through them. However - to continue this anecdote and help explain why it might be remotely funny - is that I had previously set my regional settings of my Xbox to Spain, and language to Spanish - so that when I got achievements in Halo 3 they came up as a different language. It's true, you can go and change it to like, Korean, then get some achievements, and no matter what language you go from there on out - they will come up in whatever language you achieved them in. I did this for a while, finding it to be of great amusement when someone new came over to my house and just happened to look at which achievements I had.

          Anyways, so this ended up backfiring on me because the EULA and TOC of Live was now in Spanish, but I thought perhaps there was English at the bottom. However, there is no fast scroll when looking at the TOC - its very slow and you have to hold the analog stick down. To my dismay, there wasn't English. Afraid that going next would Mean I accepted to terms I didn't actually agree too - I quickly pulled up my computer and typed it in verbatim the entire thing into Google Translator.

          If you've ever tried reading legalese in a language you do not understand - I highly recommend you NEVER EVER try it. Even after going through an internet translator you still will have no idea what the heck they are saying.

          In hindsight I probably just should have not accepted the terms, gone and changed my language settings, and then gone through it - but I guess that seems obvious now, it didn't back then.

          • I was about to say something snarky and suggest you should have read it online, except that it seems pretty difficult to find. I haven't found it yet. Maybe you can't read it unless you are on the XBox, which would be rather bothersome?

            • Microsoft intentionally makes dealing with XBox Live extremely difficult and time-consuming. You can't unregister to stop their billing charges online - you have to call & wait. Cancel the credit card? They lock the account (stop providing the service) but keep accumulating charges, then hit you with back charges if you ever put in a valid card number. They're jerks.
              • Really? I stopped my service online. Maybe you just have to log into their service with a web browser? Did you try that?

                • Re:Buried in tl;dr (Score:4, Interesting)

                  by timeOday ( 582209 ) on Wednesday December 22, 2010 @12:32AM (#34637892)
                  I did it online once too, a few months ago. But last night I spent about 20 minutes searching the menus and searching for help, and I think they removed the function.
          • by TheLink ( 130905 ) on Tuesday December 21, 2010 @09:28PM (#34636774) Journal

            Anyways, so this ended up backfiring on me because the EULA and TOC of Live was now in Spanish,

            Nobody expects the Spanish interpretation!

            • Our chief weapon is surprise. Surprise and fear... Our two weapons are fear and surprise... and horrible machine-language interpretation. Amongst our weapons.... Amongst our weaponry...are such elements as fear, surprise.... I'll come in again.

        • Re:Buried in tl;dr (Score:5, Insightful)

          by kiwimate ( 458274 ) on Tuesday December 21, 2010 @08:53PM (#34636476) Journal

          Well, I thought exactly the same thing as the grandparent - "sneakily revealed" is a fairly remarkable statement.

          The link is "http://www.nomachine.com/news-read.php?idnews=331", so it would appear that it's on a regular news portion of their site - hardly sneaky. Furthermore, it's mentioned in the very first paragraph.

          Rome, Italy, December 21, 2010 - NoMachine, a global leader in cross platform remote access and application delivery solutions, announced a software preview of its upcoming new products and technologies which offer a completely redesigned client GUI and restructure its flagship suite of NX Server. The new products will not only extend the current functionalities of NX application delivery and remote access products, there will also be new naming conventions adopted. This release marks an important milestone in the history of the company. Version 4 of the software, in fact, will be only available under a closed source license.

          Beats me how they're being sneaky about doing it, at any rate. Shall we agree that the summary is (shock, stunner, surprise!) badly written, or at least very biased, and go on to debating the impact of the move?

        • So, last sentence of the first paragraph of a press release that starts with "Rome, Italy, December 21, 2010" is not sneaky? They even hid a link to it in plain sight on the front page of the site... how much more evidence do we need?
          Unloose the villagers with their digital pitchforks and torches!!!
      • by Jah-Wren Ryel ( 80510 ) on Tuesday December 21, 2010 @08:22PM (#34636214)

        It would appear they've achieved the impossible.

        It's part of their new NX 4.0 implementation - they have other forms of encryption likes AES and 3DES but Sneaky Reveal is their own proprietary encryption algorithm.

    • Indeed! I thought nothing could be seen in a NoRoo...

      Oh, wait. Nevermind.

  • VNC or reverse engineer an open alternative.

    • There's no need to reverse engineer anything. Version 3 is there, and no one is going to give a damn about 4.

      Anyone who feels the open version lacks something is free to extend it on their own. If not... well... it's not going to stop working outright, and at least security bugs will be fixed in a timely manner.

      • Re: (Score:3, Informative)

        by harrkev ( 623093 )

        Version 3 is in fact very good, but not perfect. It seems to have problems if the client is on a system with multiple monitors. Also, I have seen crashes when I full-screen SOC-Encounter. An update/bug fix would be very welcome.

        This product is simply the BEST remote software for *NIX systems, period. VNC (all flavors) runs like an absolute dog compared to NX and, depending on the program, it as times completely unusable, while NX is generally very smooth.

        • Version 3 has one fatal flaw. It requires password authentication, and cannot do public key authn. If version 4 addresses this, I'd pay for it.

          • You can use PK authentication for the SSH traffic(for example if you want to thwart bruteforce attempts by allowing ONLY PK authentication) but the NX login requires a password regardless, I assume for security measures; I personally am cool with that.

            • by phtpht ( 1276828 ) on Wednesday December 22, 2010 @05:19AM (#34639150)

              the NX login requires a password regardless, I assume for security measures

              Ouch. Getting your password transferred to & used at arbitrary locations is hardly more secure than the challenge/response PK schema in which your secrets never leave your computer.

              IMO the reasons behind this are merely laziness/incompetence on top of bad design.

              I personally am cool with that

              I am not. First of all it is un-secure to enter your password somewhere without really having control of where it goes.

              Second, it is a pain in the ass. Even if you use PK for all your ssh access you will have to maintain a password just for nx sake. Come on in the year 2010 (or 2011 for that matter) it is totally idiotic to use ssh with passwords for normal daily jobs.

              That's why NX made its way out of my door very shortly after trying it out.

              If you want to know the whole story then read on.

              What really happens with NX is that your client first opens a ssh session to nx@server - this session uses PK auth. Unfortunately the private key is well known, as it ships with a default one and almost noone bothers with replacing it (in fact it is not advised - lol). That means anyone in the world can open that connection to your server and get authenticated and proceed to step 2.

              Coming to step 2 after logging to your server as user nx the nx server program is launched. This program actually manages translating the X window protocol to the nx protocol - all the "compression" and stuff. It will set up a DISPLAY variable to point to itself and then launches ANOTHER ssh to you@localhost (localhost being the server). That's where your password comes in.

              After that X applications (usually the whole desktop) can be launched under your account, they are going to talk to the sshd spawned by ssh @localhost, where the X protocol is encrypted and compressed, shortly afterwards decompressed and decrypted by the nx server running the ssh command, then translated to nx protocol, encrypted and compressed again through the ssh session for user nx all the way to your client pc where finally decrypted, decompressed, translated to X and displayed on your screen.

              As you can see the weird part here is the user nx running the nx server. It is technically absolutely possible to avoid at all this step. The nx server could be easily launched on behalf of the user with the applications spawned from there. IIRC the introduction of the nx account is something as ill as licensing.

              Even with the nx account present it is totally irresponsible to leave it protected by well known PK, for the sake of making the installation & deployment 2 clicks easier. The impact is that anyone can launch a nx server on your server. They claim it is secure - hah. At the very least you can start brute forcing passwords for local users, at the other extreme you can find a neat hole to hijack the process and make your way in to the system. Combine with the knowledge of some kernel loophole and you can start scanning for nx enabled systems all over the internet with satisfaction guaranteed.

              And even with the ssh@localhost weirdness it is feasible to use PK auth, either by use of ssh agent or some sort of channel forwarding. But no, that's not supported, because...

              ... enter the customized ssh client shipped with nx which one of the steps involves. Being customized it is never kept up to date so say goodbye to features and say welcome another lot of security holes.

              And finally when I read the forums about the open source client wondering if all this mess was fixed at last, I found out that it wasn't/won't - for COMPATIBILITY reasons.

              Sad story.

        • Right, I've used NX over a WAN link (albeit a very fast one) and it's able to handle non-intensive tasks like running Eclipse or general GNOME apps on a 2560x1600 display with reasonable performance. You can forget trying to do much of anything at that resolution with VNC over a WAN.

          That said, NX totally dies if you try to do anything with animation or video. Protocols like PCoIP or HP RGS do a lot better here since they compress more.

        • The problem simply is X itself, the protocol is in a serious need for an overhaul, maybe now that things are moving towards wayland and push the X protocol on top of the rendering stack than being the base of everything as huge big X server blob will get things moving. Making Cairo remote seems like a sane choice and has been done as websocket demonstration already.

      • by dpilot ( 134227 )

        I've never used NX because it always seemed almost insurmountable to do it "free". There was free NX available, but from everything I read, it was much more difficult to set up, and I never had the time to go through it all. Add to that the fact that it seemed necessary to pick up "freely available" parts from NoMachine. I work for a company that's very picky about licenses, and knowing that an attorney's reflexive answer is "NO!" I just stick to known-good licenses like GPL, BSD, and other things I know

    • by Svartalf ( 2997 )

      Why bother? The NX compression tech prior to this release is GPLed.

      You don't NEED to reverse engineer anything. Just re-name it and take it down the way.

  • New? (Score:5, Informative)

    by RAMMS+EIN ( 578166 ) on Tuesday December 21, 2010 @08:05PM (#34636044) Homepage Journal

    Perhaps I don't remember it right, but in my recollection, NoMachine has always been a bit possessive with their (definitely impressive) technology. To the point that lesser alternatives have continued to be used and even developed.

    • Re:New? (Score:5, Informative)

      by Trepidity ( 597 ) <delirium-slashdot@nosPAM.hackish.org> on Tuesday December 21, 2010 @08:25PM (#34636244)

      Well, they previously opened under an "open source it but make the open-source version a pain-in-the-ass to use" business model. You got a random code dump that wasn't even buildable. However, there was code there, and it was possible to fix it up, which is what the FreeNX and OpenNX projects did (along with adding a few things). With no GPL release of the core libraries, it's no longer possible to even use it as a base for a cleaned-up open-source release--- either projects will have to independently develop a fork of the previous version, or come up with something else.

      • by mattdm ( 1931 )

        Presumably, the success of FreeNX and the advent of OpenNX is what pushed them over the edge -- the "code dump that no one can use hahaha" model wasn't working for them.

      • Re:New? (Score:5, Informative)

        by Junta ( 36770 ) on Tuesday December 21, 2010 @09:02PM (#34636564)

        I'm hoping this will be the impetus for the forks to abandon all pretense of interoperability with NoMachine's crap session management and do it right.

    • by Hatta ( 162192 )

      Indeed. It's like they *want* people to not use it.

      • Yes, they want people to use VNC, like any normal person would do. What they really want is people to depend on their product, then lock them in with a new version that is paid, but that ain't gonna happen. VNC is just fine, and X11 is free, plus every company I've ever worked for wanted to buy my Hummingbird, so why would I even bother with NoMachine? The only admin who ever recommended it to me was of the Windows side of the house, and I'm not buying. So long, and thanks for all the fish!

    • by keeboo ( 724305 )

      NoMachine has always been a bit possessive with their (definitely impressive) technology.

      To be fair, it's not like NX appeared from nowhere: it's a fork from DXPC.

  • why else would they close their source when the compression industry is already saturated with near optimal free products?
    • "Optimal" is subjective.

      The patents would most likely be related to speed, rather than compression ratio. For instance, all the good (fast) arithmetic encoders are still under patent. These trade a small bit of compression efficiency to avoid the expensive division per symbol that is otherwise required.
    • by noidentity ( 188756 ) on Tuesday December 21, 2010 @10:35PM (#34637216)
      It's not a general-purpose compression product; it's specialized for the X windows protocol.
    • Pun intended? ah, given who's posting, probably not...
  • Someone will come along and make a better opensource alternative to it.

  • NX is a bandaid (Score:4, Insightful)

    by girlintraining ( 1395911 ) on Tuesday December 21, 2010 @08:14PM (#34636146)

    Rather than bitch about how they're making it closed source, or dismissing the gesture entirely, maybe this should be taken as a sign that the problem NX solves needs a different solution. Like, oh I don't know... maybe revising the X windows protocol so it doesn't suck so hard it has its own event horizon?

    • maybe revising the X windows protocol so it doesn't suck so hard it has its own event horizon?

      That would be a start. The X protocol is really chatty and there's lots of unneeded roundtrips. NX does filter away what isn't needed and compresses the rest into larger packets that then get sent all at once instead of small bits all the time. So, perhaps X.org should start doing the same.

      But even that simply isn't enough. X11 forwarding would still be immensely slow compared to what NX does as NX for example keep

  • by Anonymous Coward on Tuesday December 21, 2010 @08:18PM (#34636192)
    • In summary, it speeds X windows sessions over a remote link, by compressing and caching data going across the link.
  • Who's had sucess? (Score:4, Interesting)

    by jvillain ( 546827 ) on Tuesday December 21, 2010 @08:26PM (#34636256)
    I am trying to think of any company that has closed their source and been more successful and I can't think of any. It sure didn't help SSH. NX used to be really great and a number of people I know used it. But I don't know any one that still does.
    • Re:Who's had sucess? (Score:5, Informative)

      by Junta ( 36770 ) on Tuesday December 21, 2010 @09:00PM (#34636544)

      SSH lives on as Tectia and still has quite the revenue stream selling to companies that presume it's more secure because they have to pay for it. Commercial SSH has always just pretty much been for suckers and continues to be, the open source aspect being pretty well a moot point.

      • by tepples ( 727027 )

        Commercial SSH has always just pretty much been for suckers

        By "always", did you mean even before there was PuTTY or another decent free SSH client for Windows? Or did you mean Windows itself is for suckers?

    • What about SAINT? (An honest question, I don't know how well they're doing.)

  • Specifically, the core tech isn't too shabby. Their session management stuff with awkward use of ssh keys and a separate user on top of the user's real account, a real awkward mess. I use a complete separate management of nxagent/nxproxy that doesn't use any extraneous user and it's nice.

    The real shame is their strategy seemed to be oriented around selling their crappy session management stuff and giving away the quality stuff.

  • Er... (Score:5, Informative)

    by Michael Hunt ( 585391 ) on Tuesday December 21, 2010 @08:50PM (#34636446) Homepage

    The reason that the "core" bits of NX were always Free is because dxpc (and, thus, mlview-dxpc, from which NX sprang) is only available under the GPL.

    If i was involved in dxpc (or mlview-dxpc, really, although I'd imagine most of those changes are owned by the NX folks) development I'd be lawyering up at this point, if only to get some kind of proof that I wasn't being ripped off.

    • by tepples ( 727027 )

      If i was involved in dxpc (or mlview-dxpc, really, although I'd imagine most of those changes are owned by the NX folks) development I'd be lawyering up at this point, if only to get some kind of proof that I wasn't being ripped off.

      NoMachine's defense might be to claim a ground-up rewrite of the parts of the program demonstrably derived from dxpc, just as the LAME team wrote replacements for ISO's MP3 encoder demonstration code piece by piece. How would your lawyer talk a judge into authorizing a fishing expedition to see whether this is the case?

    • Actually I assume they now closed it up because they have removed the last trace of the old GPL core.

  • There is nothing software based on the market right now which comes close to offering what NX has. Nothing. X, VNC and Spice all have their drawbacks and it boils down to how they behave with limited bandwidth and high latency. With NX, our engineers can actually be productive in an NX session. While I am philosophically opposed to them closing the source for version 4 and not sharing, the pragmatist in me is thinking "hey, built in web server, cool, that'll make it easier for me to allocate VMs to the engi

"Everyone's head is a cheap movie show." -- Jeff G. Bone