Slashdot Mirror

http://www.computerweekly.com/articles/article.asp ?liArticleID=131513&liArticleTypeID=1&liCategoryID =2&liChannelID=22&liFlavourID=1&sSearch=&nPage =1

http://www.computerweekly.com/articles/article.asp ?liArticleID=131513&liArticleTypeID=1&liCategoryID =2&liChannelID=22&liFlavourID=1&sSearch=&nPage =1

Mac OS X COULD be, except for legal issues. The Open Group sued Apple years ago (link) over Apple's use of UNIX in regards to Mac OS X, and the lawsuit was delayed last year until this year....I don't remember hearing anything more about it since....and I can't find any new info. Apple is fighting the very idea that Open Group has a trademark on UNIX anymore, claiming the term generic. Might weaken their case if they paid to license it now.

Indeed, it is trivially easy to get a connection to the internet (unless you're with AOL).
Even cutting the cables to Sri Lanka only affected 'most of the population' (ie - not *ALL* of them).

Sun, after years of vacillation, finally decided to commit to Solaris on x86. In order to bolster their woeful driver support, they had a choice: implement a bunch of x86 drivers (hardly a core competency) from scratch; or: buy hundreds of current, SVR4 compatible drivers from an x86 UNIX vendor, with said vendor waiving _all_ IP rights on the drivers. As business decisions go, it's as close to a no-brainer as you'll get. That it also indemnifies them from SCO's antics is just the gilt on the gingerbread.

Tony.

I notice that DRAM prices, for the same technology, have stayed at their 2001 price level at $100 to $150 per gigabyte. During the same period flash memory has fallen from $300 per gigabyte to $80. I like to look for "odometer threshholds" when prices drop the next factor of ten (about every every five years). For example, hard disk fell below $1 / GB in 2003 and flash $100 / GB in 2004.
I did read recently there was some price fixing in the DRAM market.

Can anyone track down the original Gartner report that indicated 50% of server sales would be Linux by 2008? The linked article just mentions the Gartner report (and all-important statistic) in passing, but doesn't provide a proper reference for fact-checkers. Google didn't do the trick for me, it did turn up an article about an IDC report released in June 2004 that predicted Linux server shipments would rise to 29% in 2004, a fairly significant difference.

Novell's stock is looking pretty attractive at $5.80, given that they're trading close to their 52-week low and now own SuSE, one of Red Hat's only commercial competitors. Mind you, Red Hat is actually earning a profit these days, even though their price::earnings ratio is about 100.

So is it time to invest in Linux stocks (again), except this time with an eye for the long-term instead of the wild ride of the late 90's?

In a sensible world, this would be tantamount to selling insurance against an invasion by Martians, but things being what they are who knows? The SCO suit against Autozone, last I heard, was stayed pending the outcome of SCOs case against IBM, rather than being completely thrown out as utter nonsense, so perhaps there's some legal theory under which using a product makes you liable for the actions of the product's developers. As obviously stupid as that is.

Uh.. IBM and EDS both are experts in bidding with offshhore admins. They just don't lower their prices as much to reflect the practice.

In case you don't want ot read the link...

IBM giveth, taketh away
WSJ: Internal documents say millions of dollars to be saved by moving thousands of jobs overseas.
January 19, 2004: 3:00 PM EST

NEW YORK (CNN/Money) - IBM, the world's largest computer maker, has discussed saving millions of dollars by moving thousands of U.S. jobs offshore, according to internal documents obtained by the Wall Street Journal, the paper reported on Monday.

EDS opens offshore facility in India

cw

EDS has opened a facility in Mumbai, India, that will provide helpdesk and business process outsourcing services to clients worldwide.

Where the media is failing is in getting a diverse opinion of the facts presented above. Almost all of the mainstream news outlets covered McBride's presentation of events, "IBM orchestrating an attack on SCO", while McBride proudly thumped on the results of his own media manipulation. How pathetic is that? Turner is right, the wintel press and most media are little more than a big choir all singing the same song.

Please post your comments about this article to columns@computerweekly.com

I guess the rest of their 2004 money went to those Europeans.

Actually, MS reported $10.15bn (10.15 billion dollars) operating income for last year Computer Weekly Article. From their operating statement, you can see they do show about a 2-to-1 earning ratio. Though my understanding is that a large portion of that ~$10bn "cost" to run MS is actually all the enterprises that aren't making a profit. As I recall, 3 out of the 5 departments in MS are operating with a loss (the two who are making money are Windows and Office). So, it's possible to invest a lot of money into other enterprises to deflate one's apparent net income to stretch out the stock expectations so you can reach new markets so investors don't dump ship when there's not "continuous" growth.

.. was actualy upgraded recently but they are still using the same old software.
article

"We won't be able to build a part that meets our requirements for quality," said Chuck Molloy, a spokesman for Intel, which is based in Santa Clara, Calif. But Mr. Molloy said that Intel's problems with the Chinese standard were "philosophical" as well.

Just in case you're interested... actual link to the ComputerWorld story is here

The only bright spot for UNIX is the fact that Oracle scales better on UNIX than on Windows.

In another article he talks about how with the introduction of intels ia64 chip UNIX will be regulated to the back room running a Database and will basically die out.

In article "Wintel Vendors: Data Center Addition?" Sorry no public link.
He opens saying that the impact of Linux on the data center is negligable compared to Windows which growth is expanding faster than anything else.

Looking through this information it also strikes me that he has always help product marketing positions, but has no listed experience actually having implemented and designed any of this.

He is also one of metagroups leading open source knowledgeable people without ever having worked with Linux. link

In this article
he states "anything but Linux on Intel is niche." and seems to poo-poo any thought of running linux on non-intel equipment... Which doesn't speak well for his Linux experience... He claims that they only look at what his clients are doing, so it seems that he won't know about it unless they are doing it and his job is to advise them on what to do... Make your own conclusions...

In this article dated April 20th, 2004 so it should reflect his current position, he seems to be promoting Linux. Definately worth a read through.

And this article back in dec 09th 2002 he states he see's in 5 years windows at the low end and linux at the high end of computing.

Meta Group's position
2001 Linux not on their roadmap
2002 Linux is immature and should not be used in mission critical applications
2003 - current not sure

Overall it looks like he isn't a techie, just a manager that overlooks what consultants in the field are do and provides a "face" for the UNIX department. Doesn't look like he's a Microsoft shrill especially considering the last two articles I left on him.

Hopefully this helps, going to sleep.

McBride is at a Loss for Words

Maybe he shouldn't have used them all up before.

This is probably a good thing. In fact, as it presently stands Darl could teach a thing or two about not running your mouth off unnecessarily to a certain other proprietary Unix company.

"Take note of Mono now and start writing Mono WinForms apps. When the Mono people get smart-client technology working, you will see a surge in linux based departmental applications."

I disagree that MONO is the ONLY solution to that problem. Try typing this into Google, and you'll see that things like FLEX, and the equivalent is were business is headed, for Internet, and Intranets. The difference between MS technologies and FLEX, is that FLEX is here, and MS is somewere down the road. Plus they aren't the only two with "solutions". So while things are still fresh, let's not propagate the Monopoly into another application space.

This,
or this,
or this

The standards argument being made

check out the demo

In Dutch, sorry
http://www.macromedia.com/resources/business/ric h_ internet_apps/">What RIA is

"Most office computer users are bean-counters, secretaries, powerpoint-using middle managers, etc. These people do NOT need 3D graphics, 4G of RAM, or 3 GHz CPUs."

I disagree very much. with that assesment.

The terms sold were "AXA" and "Direct Assurance". ... it appears to be the assertion of AXA (the company) that their trademarks were sold to AXA's direct competitors.

The company claims that the use of their words infringes on its trademarks, patents and copyrights, and wants to stop Google from selling them.

[Begin rant]

Google is not selling people's trademarks. The company still owns them.

Google is not selling people's copyrights. They are making fair use of published material, as an indexing service.

Google is not infringing on people's patents by linking to their pages, unless that patant was on linking to someone's pages through a search engine.

Google is not supporting the competitors, other than through paid advertizing.

Google is not making any statements about which product to use.

Google is not making any statements about which company to support.

Google is not transferring any legal rights or ownership of the rights.

Google is not stating that you have a criminal record, or that you are doing something illegal, not making libel claims about you, and not violating your privacy, even though they might offer that information if it is searched for.

What ARE they doing?

Google is saying "You just asked us about one or more word. We have been paid to show you these ads when you typed that word, and these web sites use that word or have a high correlation to that word."

I'm sick of lawsuits against them for indexing public sites.

There are billions of web sites. These sites are publically available. Since Google is doing nothing more than indexing publically available content using fair-use excerpts, THESE LAWSUITS SHOULD ALL BE THROWN OUT.

If somebody is to be sued, it is the company paying for the ads, and the people publishing the source sites, making the information available to the public. Not Google.

[End Rant]

Anyone can use x86, but any improvements they do to it are free for Intel to incorporate.

This generalization is not entirely true, as the landscape has been littered with lawsuits.

Intel even sued over the usage of the term "x86" and lost, hence the 'pentium' name was born.

VIA tried to escape the lawsuits (unsuccessfully) by buying cyrix and IDT, who had licensing agreements with intel.

It is safe to say that if your x86 processor can plug into one of Intel's sockets, you will be sued. That's why AMD has "socket A".

The only reason Trnansmeta has not been sued over x86 is because of the funky "code morphing" that it does.

If you are a meaningful x86 competitor, it would be stupid to not be looking over your shoulder.

This hard fought compatibility has brought lower prices and better performance for the consumer, unlike the OS arena.

Just set up a directional Wi-Fi link to the house 220 yards away, and split the cost of broadband with them. Now, with WPA Wi-Fi can be very secure.

Check it out

And for anyone who thinks Netware is dying -- check out Netware 6.5...It has come COOL stuff in it.

Also, they're putting out Netware Services for Linux betas already...

Oyster (and Navigo in France) does not use RFID proper. They use RFID-style technology (i.e. electromagnetic signals ).
There is certainly people who will build custom solution based on RF tech everywhere provided you pay the price. But it seems harder to find RFID standards based providers :( (not that I like RFID)

Computer Weekly

another area's ham radio operators get it up the arse

73 de F8EJF

What are the chances that any of these "licensees" will get their money refunded when SCO loses?

Why would they get a refund? Have you looked at the SCO Intellectual Property License for Linux?

If you terminate the license, you don't get a refund. They can terminate your license if you're doing something wrong, but a) SCO terminated IBM's Unix license without proper notification of the breach and b) SCO has described contracts as "what you use against parties you have relationships with."

They're selling a license that covers...

[boldfaced parts emphasized by me] "UNIX-based Code" shall mean any Code or Method that:
(i) in its literal or non-literal expression, structure, format, use, functionality or adaptation
(ii) is based on, developed in, derived from or is similar to (iii) any Code contained in or Method devised or developed in
(iv) UNIX System V or UnixWare(R), or
(v) any modification or derivative work based on or licensed under UNIX System V or UnixWare.

So they're bascially selling a license which purports to cover any code, in anything, that just so happens to behave the same way code in Unix System V or UnixWare behaves, or any product derived from those sources. Pretty broad spectrum, neh?

This is why people have been saying it's a bad idea to buy an SCO "IP license" until they are found to have rights to any "IP" in Linux. Because you're entering into a legally-binding agreement with a company that will audit you to try to intimidate you into "compliance".

Contrary to the notion where you get some kind of security in buying a license to use someone's IP, SCO's license gives you the exact opposite; no warranty, no indemnity (but Mr. McBride, what about all the times you claimed Linux users were at risk because of lack of warranty indemnification? And they explicitly state that there's no protection if you happen to infringe on someone else's intellectual property rights by using this license... like, say, the Linux kernel developers whose GPL-licesned code would be infringed?) and the right for SCO to audit you any time they want and make you cough up money if you "pirate" Linux by putting it on another machine -- oh, and the licenses are not transferrable between machines, either.

Sucker. Anyone who buys an SCO IP license has, in my opinion, no right to cry later when it turns out they bought a pig in a poke.

Jay (=

So you're suggesting that MS would just bail out of the second largest IT market, give up ~$7B USD worth of revenue per year (source), and not to mention provide a tremendous shot in the arm to Linux adoption rates? You think stock holders and more importantly the stock market would react positively to an immediate 25% reduction in revenue and a disproportionately larger reduction in profit? I only wish that MS were so blatantly stupid as to say "screw you Europe", sadly, money talks, bullshit walks. Microsoft will pay the fine and ensure that they hold their monopoly firm. Even at a full 10% penalty on their full worldwide ~$30B of revenue, they'd only be reducing their $8B profit for the year by $3B, not incurring a loss.

Who thinks that them grabbing the Linux life preserver will save them from the bottom of the NOS ocean? They will soon be swimming with the Banyans!

The article's title reads: SCO sends notices to 6,000 Linux licensees. The rest of the article contains no such error. Now, that wouldn't be false but alarming on purpose, would it?

That is unless I guess commercial airlines transmit on L1 & L2 frequencies. Provided of course the military sees fit to allow commercial airlines to use that frequency. Which makes me wonder about what juridstiction the United States would have if say a Japan Airlines plane was using that frequency when it pulled in our airspace... Oh well back to work

This article seems to be at least somewhat interesting, but here is a guide to software IP. HTH

PAY that SCO license FEE you cock smoking teabagging linux fucktards!!!

Yahoo Instant Messenger has security flaw


A security hole in Yahoo's Messenger could allow attackers to run their own code on computers using the program.

The buffer overrun vulnerability was found in a file named "yauto.dll," which is an ActiveX component of Messenger software versions up to 5.6.0.1347, according to a security alert released by Copenhagen security company Secunia.

Yahoo is working to verify the report and develop a patch for Messenger.

ActiveX is a Microsoft technology that allows software developers to create small, reusable bits of code, called "controls" that enable programs to share information over computer networks and the Internet.

Attackers could trigger a buffer overrun on machines running Messenger by sending a long stream of data in the form of a web page URL to a vulnerable function within yauto.dll, crashing the application or allowing the attacker to place his or her own malicious code on the machine, according to Secunia.

To launch an attack, hackers could set up a web page, then lure Messenger users into visiting the site and clicking on a link that triggers the buffer overrun and runs the attack code, Secunia said.

In buffer overflow attacks, hackers use flaws in a software program's underlying code to overwrite areas of the computer's memory, replacing legitimate computer instructions with bad data or other instructions.

Secunia rated the Messenger vulnerability "highly critical", saying that researchers tested the hole and successfully exploited it by downloading and running a Trojan horse program.

Messenger users running vulnerable versions of the program were advised to remove yauto.dll from their computer hard drive. Users should also consider modifying their web browser configuration to prevent ActiveX controls and Active Scripting from running, except on approved websites, Secunia advised

Read all about it in ComputerWeekly!

• some of those companies were running Windows-based control systems with Port 135 open - the port through which the worm attacked systems.

"The Road Ahead" appeared in December 1995, just as Gates was unveiling Microsoft's master plan to "embrace and extend" the Internet. Yet the book's first edition, with its clunky accompanying CD-ROM, mentioned the Web a mere seven times in nearly 300 pages. Though later editions tried to correct this gaffe, "The Road Ahead" remains a landmark of bad techno-punditry -- and a time-capsule illustration of just how easily captains of industry can miss a tidal wave that's about to engulf them.

Gates and MS STILL don't "get" the Internet. Now, that they believe they have now finally, once and for all, won the browser war. They can finally drop the pretense that IE will be free now and forever (it's now free when you buy an up-to-date MS operating system even though this is exactly what they claimed would not happen, saying that it would be supported on Unix and Apples forever).

Security hole hits patched Internet Explorer
Microsoft Recalls Botched Browser Security Patch
MS security patch slows XP systems to a crawl
Microsoft withdraws faulty server patch
Microsoft replaces, broadens faulty Exchange patch
Microsoft fixes another faulty patch
Faulty Patch Leaves IE Open to Attack
More patching problems for Microsoft
Minor glitch in Win2K patch

Not to mention that Microsoft's WMP strategy is probably illegal.

It is also backed up with the way they fought against full-disclosure and bundling patches / advisories several years ago. A year later, the bundled patches were spun as a reduced number of vulnerabilities/advisories.

Everyone except the average stockholder knows it's over for Microsoft, especially as it's customers are figuring out that, despite bleatings from the marketing teams, Windows is not ready for the Internet. The bad reputation they've worked so hard to earn in the tech community is now starting to spread to the general public.

As a result he said, "We have developed a relationship with security researchers to avoid public disclosure of security holes."

As Schneier predicted, for Microsoft, the threat is bad publicity, and they are going to produce a security system that deals with the threat. Without some kind of disclosure, sysadmins cannot take stop gap measures to secure their systems. This is just another instance of rather than working on securing its products to a level needed for the Internet, the issue is being handled as a PR problem.

Time to upgrade if you haven't already.

As Schneier predicted, for Microsoft, the threat is bad publicity, and they are going to produce a security system that deals with the threat. Without some kind of disclosure, sysadmins cannot take stop gap measures to secure their systems. This is just another instance of rather than working on securing its products to a level needed for the Internet, the issue is being handled as a PR problem.

Time to upgrade if you haven't already.

No, because all the claims raised in the question are true: Microsoft users are getting fed up. They're battered by worms, viruses , security patches and increasing enterprise licensing costs . Aggravation has users talking about switching from Microsoft software to something else. We're trying to figure out how much of that talk is just talk, and how much is serious action. Do you seriously plan to dump Microsoft software? The claims in your Wal-Mart analogy are obviously false. That's the difference.

What then of your personal data? Would you still say with your best NYC accent that the victim got what they deserved for giving personal data to a business that willfully and knowingly used insecure technology which cannot be improved for years to come? Especially when more secure options are known and well-documented?

First, there will be a further clamp down on what is convered in the media and how it is spun: "To Microsoft, the threat is bad publicity, and they are going to produce a security system that deals with the threat," he said. [Schneier] said.

Realize also that Microsoft in all likelihood is going to try to make the option DRM patch mandatory, if for no other reason than to lock out competitors. ""Windows 2003 may be secure, but the level of security it provides could break backwards compatibility."

The last thing MS wants is for people to go over to the new version of OpenOffice.org or to avoid the hidden payloads in WMP9 by using Ogg. Office2003 and WMP9 are essential vectors in getting the "optional" DRM patch into Windows machines.

Personally, I'd rather not throw kids in jail and ban them from computer usage once they get out - that's a good way to create a hardened criminal or a very bitter and suicidal geek.

There will always be someone writing viruses - whether for misguided political motivations, as a last gesture from a disgruntled employee, or for commercial interests. For example, there's a lot of speculation that SoBig is the work of a professional spammer.

But it would be good to take the kids out of the equation without destroying their futures.

And unfortunately, I'd hardly say that typical security has gotten much better since the Morris worm made its rounds years ago. It's still the same in most places - nonexistant. Places that hire good people to protect their systems improve every day, but for most companies they don't seem to think security is worth the salary a really competent sysadmin usually requires (or they simply can't afford it).

I don't think that's going to change until having a virus take down a company's servers has a larger chance of destroying the company rather than just inconveniencing it.

Since you asked for one:

You'll find many other examples via Google. But you probably already knew that.

It seems that openres was badly written also.

Humor you? People that maintain and patch MS systems for a living *should* have a favorite grouping of mailing lists and forums to follow information like this. If you are truely interested I would suggest you subscribe to the NTBugtraq mailing list for starters. Just because you choose to limit your knowledge to what is posted on slashdot does not mean these things do not exist. Many of the introduced bugs are somewhat small, may not effect more then a small % of the users, and fixed with relative ease but they still exist. Specific to NTBugtraq, if there is a problem, you will noramlly see a reply within a day or so of the lists announcing the MS patch. The group knowledge is very helpful in troubleshooting and repairing any issues. Very few of the patches cause something major to fail but that does happen also.

Here is a couple of quick finds from Google. I don't track or keep lists of problems like you are requesting. I do monitor select mailing lists and web sites and take note of things that will directly effect me. These bugs or lack of fixes were a little bigger so they got news coverage.

NT patch causes other services to fail
Microsoft patch causes system failure
Microsoft Knowledge Base Article - 192816
Super patch fails to fix worst flaw in Internet Explorer
Microsoft fails Slammer's security test Not a direct patch failure but describes the complexity of deploying some patches and the side effects.
Researchers: Newest Microsoft IE patch flawed