Geer Comments On Firing From @Stake 433
dwbryson writes "Last week Dan Geer, co-author of the CCIA Microsoft security report, was fired from @stake for expressing 'values and opinions [of the report] not in line with @stake's views.' Now Geer has been talking to eWeek and comments on his dismissal."
A true math geek... (Score:4, Funny)
"The Venn diagram of facts doesn't intersect. The intersection of all of those statements is the null set," Geer said.
Ahhh, one of our own... :)
Re:A true math geek... (Score:3, Funny)
'See honey, this circle represents everything I want and this other circle represents you. Notice how the intersection of these two is the null set?'
Re:I'm not surprised (Score:2)
Re:I'm not surprised (Score:2, Interesting)
Firing your CTO for using an eighth-grade math term is like firing your doctor because he insists on using technical words like "prescription" and "stethoscope."
Re:I'm not surprised (Score:2)
I did them in the fifth grade, let's see, that would have been about 1972. My daughter did them last year in the fourth grade.
So are you saying any of the following?
Something to read (Score:4, Funny)
Re:Something to read (Score:2)
Comment removed (Score:5, Insightful)
Re:Unfortunately... (Score:2, Insightful)
I guess it's corporate-shaped, instead.
Re:Unfortunately... (Score:2)
Re:Unfortunately... (Score:5, Insightful)
I'm ashamed of our academics, as cited in the article. He apparently went to get 9 to sign onto that paper and all declined because of funding issues.
What's the point of tenured academics if they are going to be afraid of losing corporate grants and therefore are squelched?
The problem isn't the academics. The problem is the funding.
If you're an academic, there's tremendous pressure to get external funding. That's usually a tenure critereon nowadays; unless you demonstrate an ability to get external funding, you won't get tenure. Even after you get tenure, there's huge incentve to get external funding. For instance, the amount of time and freedom you have to do your research (versus other duties) is often directly linked to the amount of external funding you can secure.
People are surprised sometimes when I tell them that I need to figure out how to get grants to support my research. "Doesn't the University support your research?" Only in that they provide me a 9-month salary, an office, and administrative support-- which, I grant you, is real support. But it's not sufficient; it doesn't pay any grad students or post-docs, it doesn't pay any publication fees, it doesn't pay for any travel, it doesn't pay for any equipment.
If you're in a field where corporate support is expected, then you're caught in a bit of a catch-22. You're supposed to have academic freedom, and indeed once you have tenure the University can't fire you. But if you want to be able to keep doing your research, you need to get funding, and as such you are in a position where you can't say something that will offend whatever corporate source of funding you depend on.
If you want to fix the problem, fix the way that academic researchers are funded. Don't just do away with them altogether, or you'll find that there are even fewer people who can speak with some sort of credentials who aren't completely beholden to some specific private interest. In other sciences, government funding does alleviate some of the trouble, although I'm not so naive as to believe that one's ability to get government funding through the NSF and such wouldn't be harmed by speaking out against certain influential private interests.
It's similar to politicians and large special interest groups. No politician who wants to get elected can support an even wise and rational policy (e.g., let's say eliminating drug patents and reforming the way drug research is funded in the interest of lowering overall healt care costs for individuals) if you risk ticking off huge campaign donors, for you will get buried.
-Rob
Re: (Score:2)
Re:Unfortunately... (Score:2)
Even incumbent politicans risk getting the boot if they rub special interest groups (especially those with deep pockets) the wrong way.
Re:Unfortunately... (Score:5, Funny)
pay grad students?????
where the hell were you when I was in grad School???
Re:Unfortunately... (Score:5, Insightful)
There is no proof that Microsoft had anything to do with this, and I think they didn't. I believe what he said in the article, he was fired because of the ties @stake has with Msoft, not because they specifically called @stake and asked for him to be fired.
That being said, this whole thing is bad. I do however have to agree with one of the posts above, that mentiones that although freedom of speech is a good thing, the employer can choose to fire you because you are using that freedom against the will of the company. I guess that is the freedom that the company has (upto a certain point ofcourse).
It's been said many times before, freedom comes at a price! If you use your freedom, you must be prepared to deal with the Consequences.
Re:Unfortunately... (Score:5, Insightful)
free $peech (Score:3, Insightful)
Re:free $peech (Score:2, Insightful)
Re:free $peech (Score:2)
This shows once more that Microsoft has become too dominant.
Sorry, but this has little to do with Microsoft per se, but rather, it has everything to do with the fact that Microsoft is @Stake's biggest customer. Any company would fire any employee on the spot if they embarrassed their biggest client. In just about every employment agreement that exists, there are indeed provisions that allow for immediate dismissal if you as an employee take such actions. Even if no such provision existed, did this guy
Re:free $peech (Score:3, Insightful)
We need diversity in computer operating systems. This racist computing has too many problems and the vendor Micro$oft is still not fixing the security issues. (Just mending it where they get caught).
@stake at fault and should be blamed (Score:5, Insightful)
Why should companies trust future research from @stake? Should existing employees be watching their backs? Bad smell all around!
You go, Greer (Score:4, Interesting)
His job is to spot the trends coming in the future - And his employer gags him for doing his job - I stand by my remarks in the previous thread on this topic - @Stake will have a very hard time attracting a decent replacement candidate, and their research will now always be suspect...
Define Irony: (Score:2, Interesting)
What happened l0pht? (Score:4, Interesting)
Re:What happened l0pht? (Score:3, Insightful)
Remember their tagline? MS: "That vulnerability is completely theoretical." The l0pht: "Making the theoretical practical since (some year)." I'd be willing to bet that not all the people within @stake are very happy about this decision, just like there's probably a few VeriSign employees that are
Live and Learn (Score:5, Interesting)
I am surprised that Dan has decided to publicly say anything. This would seem to indicate his relutcance to pursue the matter in court. Or maybe he just hasn't spoken to a lawyer yet. Or is this opening slavo?
Before the obvious referances are made let me just say (again) that what @stake has become is in no way related to what L0pht was. I think there is only one of us left (Weld), everyone else has seen the writing on the wall and moved on. I just hope Dan is able to put this behind him soon and move on as well.
- SRspacerog AT spacerogue DOT net
Take the money, accept the rules (Score:2, Interesting)
If one of my employees did or said something that was obviously against the interests of my business, I would reprimand and possibly fire him. If they discussed this in public, I would blacklist him as a "big mouth".
What Greer says is something I also believe, but unfortunately being right does not pay the bills. He has probably made himself unemployable by any conventional organisation, and will have to find a way to leverage his noto
Re:Take the money, accept the rules (Score:3, Insightful)
his job was to be right and say the truth, not to be a talking head that takes money and says what somebody other wants.
at least supposedly, so it gives a real fucklike view of @stake now. why would you consult them when they don't tell you what they really think is the right decision but the decision that suits them for various reasons including commitment to some other big $$$ firm? why wouldn't you go and just read the marketing material by that other firm straight and just skip using them as a m
Re:Take the money, accept the rules (Score:3, Interesting)
Maybe for you. Actually, I am quite nauseated by the sheer number of people who think this way and accept (and by omission, condone) the unethical behavior of their employers. What's interesting is that these are frequently the same people who frequently complain that corporations are "evil."
While I acknowledge that I've made my share of mistakes in previous jobs, my individuality and sense of free will (hallucinatory or otherwise) ha
Interesting Note (Score:4, Interesting)
As an example of the kind of behind-the-scenes influence that large vendors have, Geer cited his efforts to find an academic security expert or two to sign on to the paper on software diversity. After contacting nine people and striking out each time, he gave up.
"All of them said it was too hot for their position," Geer said. "They enjoy the free speech benefits of tenure but not necessarily those of funding."
His experience is interesting; it shows just how there are limits, even in academia, to how far people are willing to go in their pursuit of the truth.
Microsoft might not have an irresponsible security record due to business practices, but the hypothesis put forward by Geer and the others should be examined carefully and openly both for where it might errors, and where their hypothesis fits the facts. That's the way all scientific progress is made.
And he's right, too, about a phone call not being necessary. Conditioning, and seeing what happens to people that take a stand in opposition to some powerful force, is enough to convince most people that self-censorship, if not the better part of valor, is certainly the better expedient for maintaining your comfort.
Geer's chance to form another company? (Score:3, Insightful)
What can be proven? (Score:5, Insightful)
Whether or not Microsoft had anything to do with his firing, directly or not, is somewhat irrelevant. Sure it adds more fuel to the "we hate Microsoft" fire but outside of that it proves nothing except that @Stake is driven by their sponsors and not by the ideal of exposing the truth. This makes @Stake a security company that isn't secure in its convictions. Security you cannot trust.
Geer, on the other hand, has proven himself to be unshakeable from the pursuit of the truth. He is unshaken by political and financial forces and the industry will see that, like it or not, his opinions can be trusted.
Generally, this is a good thing for him and the business of security. The more high-profile these matters become, the more public opinion will influence commerce in these matters.
It is hard for the American heart to forgive even perceived violation of the free speech ethic. We believe we can say whatever we want whenever we want so long as it is the truth. The public perceives the "breech" of the free speech ethic as a bad thing. "Oh look honey, this bad company fired this man because he was doing what he was hired to do and they didn't like the truth." That's the message most people will receive in this case I believe.
They probably fired him because they knew they couldn't get him to retract anything he said.
Re:What can be proven? (Score:2)
The reality is that I can say anything about any business, injurious or not, so long as it is factual. They can attempt to sue me but they would have to prove that my statements are false. This is why he was fired and not sued into non-existance.
Re:What can be proven? (Score:5, Informative)
I spent 8 years in the USAF. I completely disagree with that statement.
It might be worth stressing that US military members do give up many of the rights they have sworn to protect. They becomes something other than a US citizen. But they do have certain rights and duties.
You, as a member of the US military, are not allowed to attend political events or make political comments in uniform. Doing so would imply an official position of the US military. But you are (or at least should be - I certainly was through my career) encouraged to take part in the political process. That includes being involved in legal political activity, holding a personal opinion of our political leaders, and voting - be it for or against a sitting president.
Go ahead. Hold the opinion that Bush is a moron. Devote some of your off duty time to campaign against his office. Get up in front of people and state your opinion without rank or tittle.
But he is still Commander in Chief and you will follow all lawfull orders coming from his office.
One final comment - just because you are in the military, it does not excuse you from the duty of having your own mind. I'm not sure what branch you are in but in my training the concept of a lawfull order was stressed again and again. One is required and duty bound to review all orders given by superiors and ensure that they are, in fact, lawfull orders. In short, one is responsible for one's own actions.
I had a few superiors in my military career that seemed to forget this concept. They took every utterance of a political leader on CNN as both as binding as an order and a personal guide to their own opinions. These are the ones I most fear. Thankfully they were few and far between.
Chilling effects (Score:2, Insightful)
Whether @stake abd microsoft had the right to act as they did is beside the point. The point is that this sort of thing is really really bad for society because of the chilling effects. If it's risky to criticize the big boys, guess what, they get less criticism than they should have on account of their actions. They seem to be acting better than they really are - the mechanisms in a democracy that should prevent this sort of thing don't work, because people are afraid t
Poor guy (Score:2)
Computer World Standings (Score:2)
Computer World PDF [computerworld.com]?
Did he own the rights to his papers? (Score:3, Interesting)
If I worked for Adobe, and then decided to release a photoshop clone in my spare time, and claimed that it was my own program, not Adobe's, I think that there would be some problems.
In his job as a security expert, I'm sure that he used @stake's resources and expertise in coming up with the paper. So technically he might not have the right to say that the paper is his own and has no affiliation with the company.
Perhaps if he had brought the paper to his employers and gotten their approval, they could have released it as part of a security report and sold it. Basically he took something that he made for his company and gave it away.
Of Mixed Minds (Score:3, Informative)
It was pretty painful, but not like you'd think.
"For those who don't know, Geer wrote an article talking about the risks of monoculture that situations like we have with Microsoft expose."
Lets look at the article's title:
Does anyone see the word Monoculture in there? No, just monopoly. It's up there next to "Dominance", "Cost", and "Insecurity".
Somewhere along the lines, this paper jumped from technical analysis to political polemic, and Geer got the political response. Don't get me wrong: The vast majority of the conclusions reached in this article have way more than a grain of truth in them. But the degree to which Schneier backpedalled on the tone was pretty noticable, and stood in stark contrast to the near-rage of the paper itself.
Would Geer have kept his job if the paper was more objectively written? I don't know. But I sure note what I see reported on doesn't match what I read in that paper, and I have to wonder why.
Yours Truly,
Dan Kaminsky, CISSP
DoxPara Research
http://www.doxpara.com
a natural evolution? (Score:3, Insightful)
Although viruses got their start on the floppy disk vector (recall boot sector viri?) they have come into their own throught the vector of the Internet. That machine could not have been better built to propogate malware even if one had set out to do so, but the only reason it can actualy do so to the degree it has is because of the brain dead operating systems (and rookie sysadmins) at the remote ends of the pipes. And the monoculture of both is at the heart of the problem. I use MacOSX on broadband, but do you seriously think I have to worry about any of this? No I do not.
Enter security. Now an entire industry has emerged to counterpoint the monoculture, an industry devoted to what would simply have been the day-to-day work of any competent sysadmin just 10 years ago, except that today there are few competent sysadmins. Rather there are hordes of desktop drones massaging M$-based networks across the planet, only incidently linked each to the other by an Internet of which they have no particular understanding nor much interest (a direct reflection of M$'s own utter indifference.) It has all become a dense, dry, sprawling monotypic tinder of light twigs and leaves awaiting the match. The security industry is built around that monoculture of neglect and ignorance, would have no purpose without it, and yet is directed at undoing what the monoculture has done to, and via, the Internet. And since M$ is just a marketing and sales juggernaut with its roots deep in the fertile manure of personal computing, should anyone be surprized that here again the network technology and science are falling under the tracks of the M$ Panzer divisions? I should hope not. M$ did not become a monopoly by being easily distracted with technical details.
I can see no solution but one. Government will not act because politicos are hip to marketing. Regulators will not act because they are afraid of the politicos and like their cushy jobs. And people will continue to select technology out of innocent ignorance. M$ spends freely, buys strategic friends, revises history, and builds outward seemingly oblivious to the coming train wreck because they know for a fact they will just walk away with profits intact; they are afterall about personal computers, and not much more. What is the Internet to M$ except a problem? They distribute their software on CDs and only security patches over the Internet to defend their CD-based software from Internet attack. I should think they would be twice-pleased if the Internet and everything associated with it, including OSS, simply vanished in a general conflagration.
The one solution? I propose we take a clue from Nature and let it burn. We don't need these weeds growing here anymore, burn them out and their seeds as well. The network will survive because the network is not the problem, while the strictly "personal" computers will burn to the ground at the ends of the pipes. Then perhaps something more robust will spring up where they were. It might even be that M$ has the very thing waiting in the wings, ready to roll out, "Windows ProSecure" or some silliness. Fine with me. But if they don't then they are fools and their undoing will be of their own devising.
I will no longer trust @Stake... (Score:3, Interesting)
With the termination of Geer, @Stake has shouted from the rooftops that they are NOT an unbiased source for information security.
When I write a security paper, I write it from the perspective of an independant auditor, which I am. Someone from the outside looking in. I don't CARE what someones intention was when they created an insecure system. If I found it to be insecure, I let them have it.
I just lambasted a luddite CEO of a major corporation for not making information security HIS #1 priority. I told him that the insecurity of his network was his problem, a management problem, not an IT problem. I railed on him for two hours in a meeting last monday... and he appreciated it. Was my report one-sided? Your damn right! I don't care what his intentions/perceptions are or were. What I told him was the pure, unadulterated and unvarnished truth. As painful as it was - it was true.
He's a good CEO and changes are being made. Now, if this same info were coming from an @Stake consultant: The information would now be suspect as being slanted in M$ favor, because 'they help pay our paychecks' and we can't speak out too strongly against them. @Stake now takes the side of Microsoft.
Was there any lies in what Geer wrote? No... Was it the painful truth, backed up by facts? Yes... Did the truth hurt? You bet. And it needed to be said.
I think that the political ramifications taken out on Geer has just signed the death warrant for @Stake.
Re:Help! Help! I'm being repressed! (Score:5, Insightful)
Having sys-admins who do their jobs instead of whining about patching will fix *many* windows related problems.
I think it's a matter of using the right tools for the job. Secretaries shouldn't have to learn userland *nix just to type up a TPS cover sheet for their weekly memos.
Likewise some network admin shouldn't be forced to use WinXP just because the latest
That being said you can run GNU/Linux and get rooted just as easily as you could with Windows if you don't patch your system.
Tom
Re:Help! Help! I'm being repressed! (Score:2, Insightful)
Especially if that vulnerability was initially discovered by a "black hat."
Re:Help! Help! I'm being repressed! (Score:2)
Patching is a reactive thing. If you look at SQL Slammer was able to infect over 90% of hosts in under 10 minutes [caida.org]
This time we were lucky, A) the patch had been available before hand (although it was nearly impossible to apply) B) it was for a service that usually shouldn't be Internet facing. C) It was for a service that has "minor" use on the Internet.
What about next time? When someone finds an exploit in a common web server? ssh daemon? smtp daemon? or name server? All things that are much less li
Re:Help! Help! I'm being repressed! (Score:3, Insightful)
The supervisors blamed the workers for being stupid and lazy. The supervisors of course hadn't done any real work in a couple of years. When I ac
Re:Help! Help! I'm being repressed! (Score:2, Insightful)
Non-sequitor. Going from Word2k to WordXP is at least as violent a change as it would be to go to OpenOffice, with the exception that OO interops better with Word2K.
That being said you can run GNU/Linux and get rooted just as easily as you could with Windows if you don't patch your system.
Getting "rooted" (ie - having your system compromised by a real live human) isn't so much the problem. It's th
Re:Help! Help! I'm being repressed! (Score:2)
But secretaries should have to learn userland WinXP? Using OpenOffice under (say) KDE to do memos is as easy as running XP.
That being said you can run GNU/Linux and get rooted just as easily as you could with Windows if you don't patch your system.
No you can't! Did you read the paper? With GNU/Linux I can set up the box with just those s
Re:Help! Help! I'm being repressed! (Score:2)
You haven't installed OpenOffice.org in a while, have you? If you had, you would have seen the rotating ad that explicitly informs you that OO.o is ideal for all your TPS reports -- whether on Windows or Linux.
Re:Help! Help! I'm being repressed! (Score:2)
Except that by default, Windows leaves a lot more ways open, and makes it just the slightest bit harder to close them (read: damn near impossible).
Once again, repeat after me: people can't root a box they can't send traffic to. With Linux, that's possible. With Windows, it's a lot more work, if not impossible (depends on how far you trust XP's firewall).
root considered harmful (Score:2)
if you don't have root you can't get rooted [bell-labs.com]
Re:Help! Help! I'm being repressed! (Score:2, Insightful)
RTFA
Microsoft didn't fire him, but they may have been involved.
And his paper didn't say that Microsoft is monopolistic, it said that lack of diversity is a bad thing, be it all MS or all Linux or whatever.
Re:Help! Help! I'm being repressed! (Score:2)
"The more powerful you are, the less likely you are to have to pick up the phone" he said. In other words, MS didn't do a thing, but its still their fault.
Hey, it could have been the government, they dislike people criticising the security on the systems they use. Or the Illuminati, don't want to upset them you know, and Bill Gates is quite high up in that organisation...
Wha
Re:Help! Help! I'm being repressed! (Score:2, Insightful)
It's the same way in the pharmaceutical industry isn't it?
Re:Help! Help! I'm being repressed! (Score:5, Interesting)
What kind of wooly crap is this? I mean, if I criticise my biggest customer, or my company's profit base, I think I can expect my manager to have 'words' with me at least. This is just another MS-is-bad-and-I-don't-care-if-that's-true-or-not story.
If you claim to be security consultants who know security, rather than PR consultants who use words like "security" to help advertising, then you do very poorly for yourself by so obviously and publicaly squelching any appearance of having said something potentially negative about the security of one of your largest customers.
The point is that Microsoft's huge power in the industry appears to be making it impossible for real security firms to exist. As such, we should all be leary of any such's claims, and wonder if in fact they are really PR firms who use words like "security".
-Rob
It's about Monoculture, not Microsoft (Score:3, Insightful)
You weren't paying attention last week [slashdot.org]. Yes, the report was critical of Microsoft's shoddy security record. But the main concern is that any software monoculture is dangerous. Geer's #1 recommendation is to use a mix of (non-Windows) systems, which Microsoft obviously can't approve (short of being broken up by antitrust).
Re:Help! Help! I'm being repressed! (Score:2)
No-one in the computing field will accept what they say in relation to non-MS products without more data to back it up.
Re:free speech has a cost (Score:5, Insightful)
Re:free speech has a cost (Score:5, Insightful)
Was it right for @stake to fire Geer? I don't think so. However, it's not illegal (as far as I know; IANAL).
Credibility @Stake... (Score:2)
Q.
Re:free speech has a cost (Score:3, Insightful)
The biggest hit is to the credibility of the authors. The report was a baddly written crock. The only reason it is popular on slashdot is the choice of target. In terms of its arguments it is Matt Drudge or Michael Moore rather than Stephen Jay Gould.
I could not find a single original thought. You can find more interesting arguments in an average slashdot post.
It is no
Re:I don't buy it (Score:3, Insightful)
This may be true -- I haven't read it.
But you think that on the basis of a slashdot discussion you have enough information to take on someone who did read it? The paper is online, it is not exactly hard to find.
There is absolutely zero reason for a paper intended to summarize problems with a company's products to contain "original ideas".
The title of the report claims to be addressing national security issues. The report itself only considers a single softw
Re:free speech has a cost (Score:2, Interesting)
Re:free speech has a cost (Score:2, Informative)
In fact, it was the employer excercising their rights to fire an employee for making statements they didn't like(...) (emph. mine)
The term 'statement' does not exactly cover what he said. It is an scientifically well-known fact that monoculture leads to vulnerability. Genetic diversity exists for a specific reason: to ensure survival of the species.
So, he got fired for speaking the truth. No great miracle considering that religious zealots in the same country want to prevent Darwins theories from being t
Re:free speech has a cost (Score:2)
How do I know? Because the Darwinists said so, and they control the educational system. So STFU before I accuse you of giving aid and comfort to the Creationist enemy and throw you in Guantanamo!
First Al Qaeda, then the Creationists. For an Enlightened America!
Re:free speech has a cost (Score:2)
Well there is a lot of evidence pointing to the fact that the universe was created in 7 days. Doesn't the Big Bang theory pretty much line up with biblical accounts? The only missing piece of e
Re:free speech has a cost (Score:2, Informative)
Yes, they are both theories. There is nothing scientifically factual about evolution whatsoever.
Your post demonstrates your complete lack of knowledge about evolution and about science. While I don't have time to get into specifics (late for work), I will post some links:
A nice set of links at syacuse university [syr.edu]
Coalition for Excellence in Science and Math Education [cesame-nm.org]
National Center for Science Education [ncseweb.org]
Re:free speech has a cost (Score:5, Insightful)
I don't know of a single religious zealot who wants to prevent Darwin's theory of evolution from being talked about
There have been teachers in US courts of law because they told their students about Darwin. That enough for you?
The problem the religious zealots have is that the Darwinian's are preventing creationist theories from being talked about.
Religious zealots do not like science, because there is no 'believing' involved. Also Darwinist, being scientists, do not have as extreme prejudice in discussions as religious zealots. Scientists change their pov when they are proven wrong, they do not run away with fingers in their ears like some others do. Has there ever been a creationist in a court of law for telling about the Adam & Eve story?
In an education environment, it's quite reasonable to expect that both theories be taught. (Yes, they are both theories. There is nothing scientifically factual about evolution whatsoever.)
Yes, and the earth existing for only 4000 years is also a theory? No. In no way. A theory is supported by evidence and/or objective reasoning and/or perceptions. Basically the only thing creationists have is: "Well, there are all these creatures, they _must_ have been created.". They never have a decent explanation for exinct creatures (did God make a mistake?), nor for the fact that species change over the course of many generations (God making a mistake again? His design was not perfect), nor for the fact that several million years ago the bio-diversity was much, much lower (God making a mistake again, not having created enough species).
Re:free speech has a cost (Score:5, Interesting)
But should corporations have constitutional rights? Like individuals?
Considering that the avowed objective of any corporation is to make money, and no other purpose, they are by definition non-ethical. The individuals that comprise them may well be ethical, but the resulting "virtual entity" isn't. A human being has a conscience, may care about the consequences of his actions; moral, ethical, religious, or justicial. A corporation has no conscience, no morals, and should not be considered equal or superior to a human being, and be given equal rights.
Re:free speech has a cost (Score:2)
>individuals?
Maybe, maybe not, but that's completely irrelevant considering the first amendment starts with "congress shall make no law" do you not understand?
Unless you want to declare businesses to be a division of congress or otherwise endowed as a governmental branch, it doesn't particularly matter whether corporations can have constitutional rights.
>Considering that the avowed objective of any corporation
>is to make money, and no o
Re:free speech has a cost (Score:2)
--dave
Re:free speech has a cost (Score:3, Insightful)
if it isn't specifically outlined in the constitution, you can't pass a law against it. not a hard principle to understand.
There can be no rights that you obtain as an individual but are denied when you form a group. A group is merely a collection of individuals. Just the same, there are no rights you gain when you join a group and abdicate when you leave one. A corporation is a contract of individuals, who seek a common goal. There are leaders of a corporation who ulti
Re:free speech has a cost (Score:2)
Re:Free speech doesn't apply at work. Deal with it (Score:3, Insightful)
Re:free speech has a cost (Score:2)
Insightful?
Who mentioned the constitution?
Just because it may not be a constitutional issue, does not mean that it is not a free speech issue. The constitution is not the only context for free speech.
Most people sacrifice significant freedom of speech by joining a corporation.
Re:free speech has a cost (Score:2)
No, it both affirms AND denies the Bill of Rights (Score:2)
On the most immediate level, yes, the government's *not* taking action against @stake affirms the Bill of Rights (and yes, the Bill of Rights is best applied to *all* groups within our society, including both individuals and corporations and even clubs if you li
Re:free speech has a cost (Score:2)
Re:free speech has a cost (Score:3, Interesting)
But the timing is odd. Geer worked his last day on Tuesday, according to @stake. He co-published his paper on Wednesday. His dismissal was announced on Thursday. Unless @stake is saying that he dismissed himself by publishing, or that they had told him on Tuesday n
Re:free speech has a cost (Score:5, Interesting)
We will probably see more cases as this as a higher percentage of scientists are funded directly (in companies) or indirectly (sponsored uni/gov-programs) by businesses.
As if anyone did not know about it; sustained publishing of controversial research funded by corporations is almost impossible.
Re:free speech has a cost (Score:5, Insightful)
In many ways the most sinister bit is towards the bottom, where he tried to get a number of academics to co-sign the paper with him. None felt able to. They all had tenure, which is supposed to allow academics to be free of the pressures that make employees keep quiet about problems, but they were afraid for their funding, which comes from industry and is not tenured. An academic who says the wrong thing may not be out on the street touting for work, but with no research funding in an expensive subject like CS, he is reduced to a schoolteacher.
This is a case where more non-commercial funding is needed. Which usually means goverment funding. But on secutiry issues, the government is also a very interested party and is likely to step on the "wrong sort" of research (e.g. research that might block loopholes used by NSA, but potentially usable by black hats).
Part of the problem is again the size of one giant customer. If the industry were more diviersified commercially (as opposed to technically), a small organisation could take the risk of offending a proportion of the market in order to be seen as frank an knowledgeable by the remainder. But with M$ being the slarges customer for just about anything, as well as the largest supplier, any profit-driven organisation has to think of its opinion.
Re:free speech has a cost (Score:2)
Of course the law protects your right to free speech - but only protects you from the government, not employers. But it can only protect you from big hassles, not little ones. Very difficult to *prove* why you didn't get that promotion.
Of course, the sayings of an AC deserve less initial credit than those of someone who is prepared to put their name to it, and should be examined more cynically. But. in a ro
Re:free speech has a cost (Score:2)
Why? Anonymity is an important guarantor of free speech.
Re:Nothing to discuss (Score:5, Insightful)
While I don't really like the idea of someone getting let go for speaking their mind, what's unfair about it? His company clearly has ties to MS, and he jeopardized those ties with his statements. If it were his own company, he could have felt free to say anything about anyone he wanted to, and dealt with the aftermath of his comments on his own. But it was someone elses company... someone who was (yuck) concerned about their business relationship with Microsoft.
While the first amendment gives every American the freedom to express their beliefs/thoughts and guarantee no retribution from the government, it gives us no protection from employers.
Here's a proof. Go to your boss. Call that boss every foul word you can think of, and then say you were exercising your freedom of speech. Better yet, do it over an intercom at work, broadening your audience. You will probably be fired, but not wind up in court.
When you work for someone else, you have to play by their rules. Sometimes those rules allow for changes to be made by going through said company's proper channels, sometimes there is no room for discussion at all. Any way you look at it, they are the ones who have bestowed the job.... not the other way around.
I think the problem this guy ran into was the size of his audience. Maybe when he spoke at conferences about security and Windows (oxymoron that it is), his user base was a select group, and small by comparison. But in print, your audience can be unlimited, and so can the damages of your statement.
Re:Nothing to discuss (Score:5, Insightful)
Anyway, @Stake did not "bestow" the job on Geer. He was a founding member and it become politically incorrect for him to do something he had always been doing. He is correct in that we have a very large problem. When tenured academics scuttle about in fear of MS, we definitely have a problem.
Re:Nothing to discuss (Score:4, Insightful)
It is still unfair dismissal. As long as his name was on the report, then the report is his words, not his employer's, and if someone can't understand, well, that's their problem. You cannot be dismissed from a job simply for disliking your boss, otherwise there would be many more on the dole than working.
In my last job, I made no secret what I thought of my boss. My co-workers {as, one by one, they left the company; some had nervous breakdowns, some got other jobs, some were desperate enough that they would forego six weeks' giro by leaving a job voluntarily; one went into what he described as a less stressful job - teaching!} felt the same way. In this job, I'm fortunate to have a boss I get on with really well. Even if I didn't, that would not be grounds for dismissal.
Also, there is a commonly-overlooked defence to libel, and that is that it was true.
Re:Nothing to discuss (Score:2)
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of
Re:Nothing to discuss (Score:4, Insightful)
I must disagree...
@Stake is supposed to be a security research and consulting firm. How is any research out of this company ever to have even one ounce of credibility again? I realize Mr. Geer's paper was not published as an "official" company report, but they were angry based on the fact that his paper might "appear" to be At Stake's opinion.
So if At Stake is so concerned about ruffling Microsoft's feathers that a report they DIDN'T EVEN WRITE causes the firing of a senior, uber-experienced employee with a vast repository of knowledge to draw on, how do we know their reports aren't already being slanted to avoid offending "partner" Microsoft?
His firing is tantamount to killing the messenger for a message they didn't like. Sorry, but as an employee I resent the idea that if I do something on my own time and dime that offends somebody inside some business partner's corporate structure, I could lose my job. In this economy, that is a pretty chilling statement, President Bush's assinine assertions that "Everything is okay!" aside...
Re:Nothing to discuss (Score:2)
While this hurts their reputation with the informed general public, nothing wrong, according to US law, happened.
When you do something on your own time and dime, and you're a leading expert at a c
Re:Nothing to discuss (Score:2)
Re:He got what he deserved. (Score:3, Informative)
>expertise they possess in aparticular area, and think they
>can apply it for an another -especially, when they speak
>on behalf of their employer.
RTFAs.
1) Geer is both well known and well respected inside this field, he was speaking inside of his area of expertise.
2) He wasn't speaking "on behalf of [his] employer." The paper specifically states that the individuals who signed it represented themselves and not their companies.
3) From what he
Re:He got what he deserved. (Score:2)
4) In the paper, Geer identifies himself as the Chief Technical Officer of @Stake. Kindly explain how being the CTO of a computer security company fails to qualify one to speak about computer security.
Actually, he did get what he deserved. (Score:2)
If you cash in your business for gold, you're going to lose the gold, and then have nothing. If, on the other hand, you trade in your gold for a business, then you're going to get even more gold.
Substitute reputation for business, and you have the security business in a nutshell. @Stake just traded in their business for gold. Geer just traded in his gold for business.
Sooner or later, it's going to be appare
Re:He got what he deserved. (Score:2)
@Stake probably didn't defend him because it knew what he was saying was a biased, and incorrect interpretation. After all, if security is improved by using a variety of products, he'd have said that TCP/IP is the bad boy of internet security (as *all* internet attacks use it), or SMTP, or HTTP, etc. No, instead he singles out MS. At no point did he bother to point out the benefits of a widespread 'standard' either.
I would
Re:He got what he deserved. (Score:2)
Did you even read the paper? TCP, SMTP, and HTTP are open protocols with many different
Re:Plagiarism (Score:2)
Re:Plagiarism (Score:2)
He passes off this "analysis" as his own. But really he's pulling stuff right out of the anti-trust complaint, which, has been around for many years.
MOD DOWN, unless he answers (Score:2)
Re: Plagiarism not proven (Score:2)
I read the paper. It really was nothing new, nothing groundbreaking. It read just like so many stories before.
Stating the obvious is not Plagarism. Plagarism means copying someone else's words. Got evidence for that?
Re: Plagiarism not proven (Score:2)
Re:All together now (Score:2, Insightful)