ESR's Halloween XI -- Get the FUD 771
dave writes "In the newest Halloween Document (mirror), Eric Raymond analyzes Microsoft's 'Get The Facts' road show. The anti-Linux arguments they are using now -- and, even more, the arguments they're *not* using -- reveal how desperate Microsoft is getting. He explains why he thinks we need to focus more on government adoptions, and predicts serious ugliness during the next year."
The beauty of government adoption of open source (Score:5, Interesting)
And since both projects are hosted on a server running GForge [gforge.org], I can help improve GForge during working hours. Good times!
As always (Score:4, Interesting)
Re:The clueless userbase to propagates the worms. (Score:5, Interesting)
This "worm" was about 1 MB, self contained and ran quite fast.
The full intention of this worm was as an auto-hacker for linux machines. It used a IRC seession, DES encrypted and MD5 checksummed. Once 1 machine was infected, it would use a large library of exploits against other known linux machines (with use of nmap-like scans) and attempt to dupe it to others.
Ive been able to isolate it, but whatever the coders did with it, they made it into semi-encrypted spaghetti. Crashes damn near every debugger Ive tried. It's now a collection on one of my cd's now. "Strange and infectous stuf"
Apache runs on Windows (Score:5, Interesting)
I'm sure MS would prefer you use IIS, but this seems an easily deflected statement. I'm positive that MS prefers you using Apache on Windows to you using Apache on Linux.
They have done us a favour (Score:5, Interesting)
I firmly believe Microsoft have done us a favour.
"Windows vs Linux TCO..."
CIO, "Linux, what's Linux?"
Engineer, "Its that system I have been trying to tell you about that can save us time and money"
CIO, "Ok, tell me about it then"
10 Mins later...
"Ok do it, lets see how it goes."
End of Story. And even though the 'facts' are biased, lets hope most CIO's can consider both sides of the story:)
Microsoft are educating their users on our behalf (Score:5, Interesting)
The "Security" Question (Score:1, Interesting)
if the answer was "no, it will decrease our profits" then he was told to think again.
the people at the show were a bit unhappy.
I gotta wonder... (Score:3, Interesting)
-JDF
Re:We need more "freedom" emphasis (Score:3, Interesting)
Semantic warfare -- struggles over the meanings of words as proxies for political or market positions -- is just like other kinds of warfare; you want to fight it on the other guy's turf, not yours. Every minute we spend arguing with Microsoft flacks about what free means is a win for them and a lose for us.
From parent:But there is a logical flaw in ESR's argument here. It's wrong to conclude that using the term "free software" is a bad idea just because MS tries to muddy the waters.
I don't believe that ESR is arguing that using the term "free software" is a bad idea, merely that we should be focusing on arguing how the term "shared source" is a misnomer, at least in the M$ case. I think their logic behind this is exquisite - the best defense is a good offense. Their arguments are so obviously flawed that we shouldn't focus on them, but rather focus on how bad their side of the story is. This automaticaaly makes the "free software" side of the story look that much better without re-iterating the M$ arguments at all.
Re:M$ vs. Linux "Roadshow" (Score:5, Interesting)
- Much of the cost saving of Linux over Unix comes from hardware - i.e. using Intel over mainframe/AIX/zSeries etc.
Wrong. Go buy a license for 100 mail users, or 50 MSSQL user licenses. OUCH. Now compare Postgres/MySQL or Sendmail/Qmail/god-knows-what-free-email-servers
- OS/Platform is just a tool - choose the right one for the job
Not quite. I get a bunch of apps with a linux install that windows doesnt see fit us have. Even compilers come free. Where's a free (stripped down) version of Visual Basic on Windows? You know, include a low VB 5 compiler for quick stuff..
- MS/Linux TCO's are nearly always within 10% for most projects by the time all costs are accounted for (this was from an independent solutions provider)
---As said by Independant firm who just got 50K from Microsoft.
- Don't just focus on TCO - look at ROI (return on investment)
Nope. ROI doesnt work in IT. IT is a loss leader to prevent bigger losses (downtime).
- MS is pretty well zero-development (no code or scripting)
Yep, and it it doesnt fit, you're screwed. Period.
- The People and Processes are more important than the technical solution
Ok, people are stupid. In Linux, you can people-proof more than you can in Windows. Easier to alias and block commands than it is to load some dumb "dont click here" windows program.
- Check licensing model of any platform (will any Linux development become your IP, or will it be open)
USING Linux is free with no strings attached. USING SOURCE code from GPL programs is where you get in trouble. However, using GCC to compile is fully legit.
- Linux still does not have a really good desktop and the office suites available are still lagging
Windows and everything teh sux0r. Face it, THIS IS AN OPINION. The statement is worthless.
- security issues such as virus updates and patch management are more of an administration issue than a platform one
They are? If I hear of root exploit, I take all harmed services down immediately, and patch one by one. I also give calls to the companies I work with. They agree that having a little bit of downtime is well worth the risk of not being auto-hacked.
- Easier porting J2EE->.Net than the other way round (i.e. MS ties you in worse!!!)
That's why you should use Java OR a server side program (who cares about OS then
RMS addresses this issue... (Score:3, Interesting)
RMS addresses this issue in his speech given at Westminster University, entitled "The Danger of Software Patents". His opening line?
"You've probably heard of me in connection with free software, that's free as in freedom, it doesn't mean zero price..."
If RMS has to clarify this in a speech he's giving about something not directly related to the topic at hand, it's reasonable to assume that at least a few people were confused about the term. However, ESR and the Open Source crowd could easily develop similar problems if Microsoft targeted bringing their philosophy into disrepute by playing on the words "Open" and "source", for example, they might say "Open Source means that the source is open, that you can view it - you can do this just as easily with Microsoft's Shared Source license"...in the end, it's Microsoft who is spreading the Fear, Uncertainty and Doubt, and they will try and discredit their opposition in any way possible - no matter who that opposition is.
Terminology (Score:3, Interesting)
I like the way Raymond asserts that arguing over the exact meaning of "free" in "free software" is meaningless, but then takes care to use the word "cracked" instead of "hacked" when referring to MS IIS websites. :)
Re:Um (Score:1, Interesting)
The sooner the OSS movement disassociates itself with this man the better. Microsoft could merely point at his claims of channeling gods to discredit him. Can we get someone who doesn't make us look like lunatics to represent us?
Re:We need more "freedom" emphasis (Score:2, Interesting)
Personally, I think the ambiguity of the term "free software" may be a good thing. It really doesn't matter which definition of "free" runs through the mind of someone unfamiliar with open source software. Freedom has such a strong, positive connotation in our society that employing the adjective "free" to any product instantly makes it more attractive to us. Why would we want to change the wording just to avoid a desperate attack? Freedom: in my mind relating to both definitions:
"Live free or die"
"The best things in life are free"
If Microsoft wants to attack open source on the basis of semantics, that's all right with me. Certainly, we have better ways of supporting our cause than resorting to a vocabulary test.
Re:The clueless userbase to propagates the worms. (Score:5, Interesting)
Ive ran all the common unpackers, and Tron against it. Tron gives "unknown packer" and some pack detecters just crash...
Ive tried hand decoding it (fun fun
Take a look at trying to crack AZPR.. Ill pay you 100$ if you can. AZPR password somehow has the key as part of the executable so when correct, it correctly decrypts the packed part. No softice or asm dumps can beat it. In my opinion, it seems to be the perfect packing setup.
Admittley its way over my head. I can do stuff like DDD debugging, or looking over deadlists (ala MS VC++ compiler errors and inline asm command switching). I just cant even comprehend what exacly its doing.
And yes, anonycoward, I am telling the truth. You actually think that there's no worms at all for Linux?
Re:ESR, again. (Score:1, Interesting)
It's not a war! (Score:5, Interesting)
Now what should be worrying people like Mr. Raymond is that Linux-based desktops (which is what we're really talking about, not simply "open source"), is that Linux *isn't* so blindingly superior as to carry the day. Truthfully, I think this is the case. I've used UNIX, I like Linux, but we're essentially having a big battle of the old and huge operating systems here, and none of them is a revolution. None of them is so much better than all the others is wonderful and positive ways. (Mostly they're all negative: don't get virii, don't have to deal with Microsoft.) In fact, the entire concept of the big operating system is a relic. Does anyone argue about the OS in a digital camera? Or a Palm? Or a cell phone? No. And those are more akin to what an "OS" of the future needs to be: thin, small, and unobtrusive. We need the Commodore 64 of the next decade, not the next VAX.
Thanks for listening
Re:The clueless userbase to propagates the worms. (Score:2, Interesting)
I'm sure I'm not the only slashdottian interested in seeing something like this.
The gloves are off. (Score:4, Interesting)
appears as if they are on the attack again.
I recently had the chance to 'lunch' with a team of boiler room types on the topic of ' Interoperability, Integration, Extensibility'
subtitled 'Unix interoperability'
After enjoying a excellent meal at one of the better steak houses in town I began to notice that this 'meating' wasn't so much about working with Unix systems as it was about providing unix services from Windows servers; After being seeded with 'free' software (funny that, free tools just not free source) title:Windows Services for Unix 3.5 and looking closely I saw that they are now providing NFS, Syslog, NIS, DNS, Mail and a tool to 'port' your Unix 'legacy' (their words) apps to a modern OS.
What frightened me most was that my inclusion to this meeting was last minute and that my 'peers' didn't have a technical bone in em, they were all either Microsoft partners or middle to upper manglement types.
The last 'free' software I saw from Microsoft was IE, I wonder if this latest offering will have as profound an effect.
Re:Um (Score:1, Interesting)
The man is entitled to the religion of his choosing. Oh sorry, I forgot that the new world doesn't like the old gods.
If Microsoft were tempted to use the argument you propose, I'd suggest they, as well as you, look up the meaning of ad hominem.
Something like Meeting Maker wd be cool (Score:3, Interesting)
Collab.net, founded by OS gurus (from Apache IIRC), provides collaboration tools in use by "over 400,000 users", and I think has a free version.
One problem in ESR's logic (Score:4, Interesting)
The difference here is that as he says, Microsoft employs 22,000 programmers. If we assume these are full-time employees, then they're working 40 hours a week on whatever Microsoft wants. Do the 220,000 theorized open-source programmers have 40 hours a week to spend on co-ordinated open source projects?
If this wildly conjectured figure is true, it may be that the case that the number of "man-hours" availble in the two camps is comparable, if the open source coders can find an average of 4 hours a week to work on nonpaying projects. Counting heads doesn't make for a very useful comparison in this case, though, unless someone's going to hire the 220,000 to do open source work (and let me know if that's happening, because I'll show up for an application).
I don't think "we" should get too overconfident about the "capability gap." "We" certainly have fabulously talented coders, but Microsoft certainly does too, and never underestimate the power of a focused monolith. Could we get our army to proceed with even one-tenth of Microsoft's coordinated corporate project discipline? How much potentially productive time do open-source coders lose just bickering with each other in lengthy flamewars about what "free" means?
Comment removed (Score:5, Interesting)
Bonus points for you on using "M$!" (Score:1, Interesting)
"Damn M$. I hate Micro$loth products." Witness the mental fury of these high school/college dorm room Linux zealots. Meanwhile, outside the little niche of the Slashdot forum, the rest of the world doesn't know or care about something called "M$," "RIAA," or even "Linux."
Re:The clueless userbase to propagates the worms. (Score:1, Interesting)
I am the senior software engineer for a small Canadian development company. I manage the design and development of a set of Web Applications.
We've been running Linux-based web servers, and developing on Linux for the past several years. Last year we completed a sort of research project; reimplementing our flagship web application using ASP.NET. We managed to completely replicate functionality which had taken us approximately 850 hours to implement using OSS technology in less than 150 hours of work. Granted, we had an established design to work with, so the comparison is not totally un-biased.
Since then, we have completely switched over to ASP.NET technology. The productivity gains alone have completely negated any initial purchase or migration costs. In this respect, we continue to see gains on a daily basis.
On the support front, comparing MS to Open Source is fruitless. Signing up as a MS Partner (~ $300 USD) provides developers with copies and licenses to use (almost) every current MS software product. It also gives developers access to MS development support. You just can't compare that with the OSS alternative.
a few arguments for free software: (Score:3, Interesting)
"Open Source" can be confused with viewable source. MS can compete against that.
"Free Software" can mean libre or gratis, MS can't compete with either of those meanings.
MS have marketing and business analysts thinking about things like this. They've chosen to say "open source" (and "Linux" for the OS). This should be enough to tell us that these terms are not what we should be using.
Winning depends on us being free to develop and distribute software for all useful purposes. The threats to us are in the form of taking away these freedoms (through DMCA, patents, and Paladium). It's never been about "open", it's about "free".
Re:Apache runs on Windows (Score:3, Interesting)
Not necessarily.
If all your apps are portable across platforms, then the platform is reduced to a commodity, and you can choose the best one based on price/performance. This is not a place where Microsoft wants to be.
Microsoft would prefer that you didn't use Apache at all, but if you do use it, they might rather you ran it on a different platform, separated from Windows by an impenetrable wall of subtle but maddening incompatabilities (big-endian vs. little-endian, ASCII vs. EBCDIC, drive letters vs. mount points, findfirst/findnext vs. opendir/readdir, etc., etc.)
FREE in other languages (Score:2, Interesting)
Maybe that's why Brazil and France (for example) are migrating to Linux/FOSS. After all, the French and Portuguese languages have different words for the two meanings of "free". It's probably easier to make the case for "free" software.
Objective opinion (Score:2, Interesting)
- Number of worms/security issues in Windows
Reminds me of the age old saying that rich people dont die of (NameYourDisease). It is not because they are a better breed, just that they have the means and money to get the cure. Poor people just can't. Most of the virus' and worms exist in windows environment because 1)it is more popular, so offers the biggest bang for the buck to the writers, and 2)windows machines are more likely to be used by novices and hence not well protected. Once Linux reaches the tipping point and we have more people buying walmart sold linux boxes, we will have simillar problems. perhaps a tad more, since not all average Joe's will fix their kernels/applications whereas MS is getting there by automatically performing windowsupdate
- Open source vs Shared Source
Open source is not really open in terms of who can contribute and what. There still exist certain people or groups (like linus for the kernel) who double check to make sure there are no malware introduced. I for one would definitely stay away from somebody offering a latest version of (NameYourAppHere) build offering special features. Of course, you can look at the linux/GNU sources, but I would rather have 'experts' certify applications as good before I use them. With MS, they are this expert and usually people trust them (they may make mistakes, but not deliberate malware attempts)
- Cost
The only advantage of GNU is the initial price (usually zero). Support, IT, maintenence etc still costs real money. Perhaps a tad more for linux since programmers/administrators are a bit more expensive (you can dispute, but look at any job board for the offered salaries for admins in these platforms). As a business model, GNU/free would find it very difficult to survive. I contribute to some open source projects in my free time since I get to pay my bills with the money earned with my paid job working on closed source. Once I dont have a job, chao open source development, I'd rather spend my efforts finding a job that pays me money. Working on open source projects is just a hobby for me and perhaps many others. I'm willing to let it 'cost' me something (time/money) but this cost needs to be underwritten with an income (derived from real paying activities)
I think MS is a necessary evil just as we needed an adversary during the cold war. Without one, we may become complacent and innovation may not continue at this speed.
Mod me down or believe what you want to believe. I believe I am the necessary evil in this discussion
Re:You're missing the point of gov't adoptions (Score:3, Interesting)
The DoD mandates IPv6 since Oct. 2003 as they're going to switch their whole network to IPv6 between now and 2008. It is critical to them.
Now, Windows XP SP1 and Windows server 2003 both have IPv6, but it's not a proper dual stack implementation since an IPv6 socket can't connect to (or accept connections from) an IPv4 host. Which means porting Windows Apps to IPv6 is a total nightmare (unless they're written in Java of course, but that's another story).
Microsoft claims that they're going to have proper dual stack in Longhorn, but they've said that before so can you trust them on that? Also, won't that break compatibility with applications written for the current implementation?
Keep pressing that IPv6 button and you'll be amazed how weak MSFT story will become....
Re:You win the trophy (Score:1, Interesting)
And those, my friend, are called fighting the symptoms without curing the disease. You should need both of these like a fish needs a bicycle, on properly designed system.
Without flatulently poor security design (and its roots as single-user isolated/non-networked work station OS) of Microsoft, platform WOULD NOT BE AS VULNERABLE to nuisances such as worms or viruses. You and your cronies can claim "it's only because of popularity of Windows" 'till you turn blue, but that's just a claim without proof. Repeating it ad nauseaum won't make it a fact.
Re:You're missing the point of gov't adoptions (Score:2, Interesting)
Ask yourself this: On how many thousands of computers would I have to save $100 per license to pay for a small team of programmers with secret or better security clearances for three years? If you figure a small team is 5-6 programmers, it works out to around 20,000 computers.
On how many more thousands of computers would I have to save $100 per license to pay the additional sysadmins, QA, and help desk personnel? What about the project managers that coordinate all these efforts? What about the additional oversight and compliance officers that ensure all of these activities meet regulations and standards?
As you can see, it quickly gets to a point where using a free as in beer product and supporting yourself is more expensive than buying from a vendor and getting a support contract.
A small to medium size business may save some money, but once you grow past that, it just makes more sense to pay for support.
Re:Something like Meeting Maker wd be cool (Score:3, Interesting)
Re:Roadshows (Score:2, Interesting)
I got an invite to the Edinburgh event by virtue of having attended an IBM vs Microsoft open-source debate a few months ago.
Tomorrow I am going to a Novell event touting their SuSE offerings.
I think we are seeing trial events in Europe (certainly in Britain) that are rehearsals for US events later in the year.
Re:Something like Meeting Maker wd be cool (Score:3, Interesting)
It's kind of a hack, but it is convenient...
And yes, the bloody e-mail client SUCKS SUCKS SUCKS. Our e-mail team wants us to forward SPAM to them so they can tweak the filter, BUT, if you do them Outlook will d/l images which tells the low-life spammers that I'm a real account. Brilliant...
Re:One problem in ESR's logic (Score:1, Interesting)
If MS is like any other corporation, I imagine they lose just as much time to political BS.
Re:Too desperate (Score:5, Interesting)
This isn't all that new a phenomenon. For some years, I've found that a simple way of ending most discussions of the subject with non-Americans (and some Americans
Also, for much of the past couple years, I've been working on a project that amounts to getting a big European corporation (it doesn't much matter which one) from under the thumb of IBM. Several years ago, their management realized that their corporate data was in fact controlled by IBM, and they couldn't access it without IBM's cooperation. My job has amounted to "data raiding", extracting the data from their old computers by any means necessary and stuffing it into a flock of little linux (RedHat) boxes scattered around the Net. There has been much obstructionism in this task from IBM, whose people have been ordered to give us as little information about data formats as possible, consistent with their contracts of course. But they're losing the battle, because for their system to work at all, most of the data has to be exposed to the company and its customers at some point, and that's where we can intercept it and cache the information somewhere else. Thus, most customer information can be found by merely sending us a copy of the billing print files.
Much of our "sales" guys' argument is that we can't do to them what IBM did over the years. They have access to all the source, all the way down to the bottom. If they decide they don't like us, they can simply walk away from us, and they won't lose anything (except some capable consultants
One irony is that we've advised them a couple of times that IBM's linux workstations would in fact be very good machines for their purposes. But we also emphasize that ease of migration is important, and they should always be on the lookout for new suppliers.
You might think that there's another irony in the fact that this approach is being used by a group that is mostly Americans. But it's no irony at all, because many Americans are just as worried about IBM and Microsoft power. Any corporation with that much control over our information is a serious threat to society, regardless of where the borders may be drawn.
I just like to say "giant American corporation" to non-Americans because it gets the idea across better. There is a widespread perception in much of the world that the leaders in America have a very arrogant and possessive attitude towards the rest of the world. Many people view MS and IBM as much more threatening than a "local" corporation, irrational as such an attitude may be. But you can use this to get across the idea that they really should look at approaches that free them from domination by any such giant power center.
Re:You're missing the point of gov't adoptions (Score:3, Interesting)
Groupwise, notes, and oracle collaboration suite all have this capability and lots more. They even integrate with outlook for those generals who have trouble learning new software and tying their shoes.
As a bonus they all run on linux.
Why the US govt would patronize a corporation that it found guilty of predetory monopolistic practices is simply beyond me. Aren't there other corporations worthy of getting contracts from the US govt. Why is MS the little darling of the US govt while all other american companies are being snubbed?
Re:Objective opinion (Score:1, Interesting)
- Number of worms/security issues in Windows
you mention two things, that there are many more windows boxes out there, and that linux lacks an automatic update method. many linux distributions (off the top of my head, suse, redhat, debian) offer this as an option. in debians case, they tell you to put it in cron, in suses case, they offer it in the dialog box, in redhats case, theres an applet telling you when to update. as for the greater number of windows boxes, that may be true, but linux is harder to infect from design, and alot of the software is following, by simply not making the same mistakes. thankfully for windows users, alot of this safer software is available on windows as well. what linux does not have is an obligation to maintain compatibility with known bad practices. linux is also more diverse in software. a mutt exploit wont hurt anyone using kmail. with microsoft, the majority of people using email (are actually using the web, it seems, but other than them) use outlook. a worm or virus writer knows where to look. of course, this diversity can add to the cost of linux migration, so its another thing to pay attention to. im surprised microsoft doesnt bring it up.
- open source vs shared source
its alot more complicated than that. one of the not clearly explained consequences is after you (especially if your a student) look at that source, you either dont write that kind of code, or you go work for microsoft. its a neat way to get rid of programmers. more importantly to microsoft, its a marketing thing to deal with the open source trust issue. theyve been having some trust and anti trust issues. why they care is beyond me, they own corporate america and alot of the rest of the world too. and yes, you are allowed to contribute to open source projects. many of them ask. not all, but if your contribution is good, theyll probably take it anyway. and you can always fork the project if you disagree or just want to experiment.
I think MS is a necessary evil just as we needed an adversary during the cold war. Without one, we may become complacent and innovation may not continue at this speed.
doesnt anyone write software because its fun anymore? or because they need to do something that other software doesnt? theres plenty of creative work to be done without some software cold war getting in the way.
Re:You're missing the point of gov't adoptions (Score:3, Interesting)
Microsoft mindshare leaking into the DOD. Or the other way round?
Re:I made a little chart... (Score:3, Interesting)
This is hilarious.
One nitpick though. Regardless of whether or not you agree with RMS on the whole GNU/Linux thing, Linus doesn't even have to enter the debate most of the time because, AFAIK, he rarely bothers himself with the GNU part of GNU/Linux--he is, after all, the Benevolent Dictator For Life of the kernel, not the associated operating system. In other words, when Linus says "Linux" you can usually be sure that he's actually referring to the kernel, which RMS himself would (or should, if he's consistent, and I'd have to say he's consistent) refer to as Linux, not GNU/Linux. The reason for this ramble is that I wouldn't have put Linus in your chart, because he doesn't seem (to me) to talk about GNU/Linux very often, by any name.
Ian
Re:Something like Meeting Maker wd be cool (Score:3, Interesting)
See if you can get them to do what we do: have them create a folder under "Public Folders" called "Spam", and train the users to drag/drop their uncaught spam into there. No messy fowarding. Then get fetchmail to grab all of the messages from that public folder every night (you can connect via IMAP to public folders) into a dummy mailbox on your spam filter, and have a cron job run them through the bayesian engine (we use spamassassin, which comes with sa-learn for training the engine), original headers and all.
Note: we use Samsung Contact's (formerly HP Openmail, but much, much improved) groupware server instead of Exchange on the backend, but nothing in my spamfilter re-training setup is Samsung Contact-specific. AFAIK, it would work just the same with Exchange.
I'd be happy to discuss the details of this setup further with anyone who wants to know.
Belloc