Slashdot Mirror
MS getting rid of SAMBA?
BenRussoUSA writes "In this ZDNet story . Brian Behlendorf of Apache, Jeremy Allison of SAMBA, Miguel de Icaza of Ximian and now MONO and Eric Allman of Sendmail are all quoted in a story regarding a nasty rumor. Microsoft may be planning to include a Microsoft patented technology at a crucial interoperability point in .NET and maybe the next version of CIFS. Could this spell the end of SAMBA?"
I doubt they care about anyone else's problems with intergration. Anything that can force people to use NT. They're solely in it for the money, not for more altruistic reasons. If your running Netware they'll probably not help, just send you a bunch of brocshures on the total cost of ownership and some such non-sense. They won't ignore, just keep telling you the perfectly good Netware or Unix server is broken. They're not going to be happy until everyone is dependant on their OS, and then they can raise the prices at will. It's really like crack. The first few are free, and then you can afford the 3rd and 4th, but by the 5th time its so expensive you've got to turn to stealing. When you think Microsoft, think crack dealer.
Among the unexpected features Mac OS X 10.1 will include: A built-in SMB client. I wonder what effect that had on MS's decision.
I think it's possible that the time when MS could "lock up" SMB/CIFS via patents may have passed. Samba is used by too many "mainstream" IT sites to provide Unix/Windows integration - sites that have already spent huge sums of money trying to port their business critical applications to Windows and failed.
If they actually tried to do this, the effect would be akin to the results if they tried to change MSIE to break on Apache servers (to create pressure to switch to IIS). Even before Code Red, very few sites would switch from Apache to IIS. Making the browser break on Apache would break so many sites that it would not force servers to switch to IIS, it would force users to switch from MSIE.
Likewise, if some future version of Windows breaks Samba, IT managers would simply insist on the old versions of Windows until they found a workaround, e.g., third-party SMB drivers for the "improved" Windows on new systems. Or they would investigate whether it's cheaper, and less risky, to convert every single workstation to Linux than to try, again, to port their key application to run on Windows. Combined with the other major headaches MS is trying to force down IT's staff (e.g., some early reports that the "new and improved" licenses sometimes go *poof* without warning, but it can take days to arrange a replacement. If that happens at the wrong moment, a company could lose a contract or a court case, costing millions of dollars. Are you willing to bet your company - and your personal savings - that Windows will never barf on you?) and this could be the straw that finally breaks the camel's back.
If I had to guess what's happening, MS is floating a trial balloon. They won't pay attention to us, but if InfoWorld starts reporting on the rumors and has some Fortune 500 IT managers saying they'll seriously evaluate alternatives if Samba is locked out of a latter-day CIFS, we'll never hear of this idea again.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Alas the US not only give the tone in technology but in legal matters too. For instance EU is seeking to implement a software patent law and a DMCA like law too. Lobbies are pushing this very hard in Bruxelle so this not only a US problem, Japan is doing the same thing, and soon because of WTO everybody else will follow.
This is how harmfull laws are passed without the will of citizens who are eitheir too ignorant to act or too weak to have their voices heard. No wonder you have more and more activism in Worlds Summit like it happened in Genova (Italy).
It won't be the end of Samba, because her mother, Simba, and father, Mjimba (the king of the jungle I might add) will protect her. In fact, I suspect that Mjimba would disembowel any Microsoft weenie who tried to lay a hand his favorite daughter, leaving the carcass to the hyenas.
when they pry it from my /etc/init.d/cold/dead/fingers
Really, what can they do? ECMA rules say they have to licence is "non prejudiciously", and usually that means a percentage of revenues, not a flat fee. So if Jeremy Allison has to send them 20% of whatever he charges for SAMBA, they'll have to accept that.
Yes, the nick is flamebait
A quick search on the United States patent database for all patents from 1996 to the present with the word "password" in the abstract and the assignee having the word "microsoft" reveals 11 patents. It appears that this one : 5,719,941 Swift , et al. February 17, 1998 "Method for changing passwords on a remote computer" is indeed the patent in question. The abstract is : Abstract A method for changing an account password stored at a physically remote location is provided. After initiating a password change sequence, a user submits both an old and a new password to its client machine. Thereafter, the client computes two message values to be transmitted to the server. The first message is computed by encrypting at least the new password using a one-way hash of the old password as an encryption key. The second message is computed by encrypting the one-way hash of the old password using a one-way hash of the new clear text password as the encryption key. The server receives both messages and computes a first decrypted value by decrypting the first message using the one-way hash of the old password, previously stored at the server, as the decryption key. The server computes a second decrypted value by decrypting the second message using a one-way hash of the first decrypted value as the decryption key. The server compares the decrypted one-way hashed value, transmitted in encrypted form in the second message, to the pre-stored hashed old password. If the two values are equal, then the server replaces the old password by the new password. (look for yourself at www.uspto.gov if you don't believe me)
Leaving SMB would mean W95/98/ME and even NT4.0/5.0 would not be able to share files with the newer MS OSes. As long as these old Microsoft OS can communicate with the next MS OS, so will Samba. I doubt MS would break file sharing between NT4.0/5.0 and future OSes.
They threw out NTLM, in came Kerberos
They threw out WINS, in came DDNS
I wouldn't worry too much yet...
AFAIK, you can't patent software in Australia, where Samba is developped. So, even if there were such a (US) patent, it would not stop Samba. Well, there might be a small period where Samba would not work while they are busy catching up (i.e. implementing the new algorithm), but the next version all would be back to normal.
Considering that to really wipe out samba, microsoft would have to destroy interoperability with previous windows versions... I think this article is just more zdnet sensationalist journalism.
AFAIK, you can't patent software in Australia, where Samba is developped. So, even if there were such a (US) patent, it would not stop Samba.
Once the Samba Team did the work and built a port of the new protocol, they would never be able to visit the US, or they would be arrested by the Microsoft Division of the FBI.
"Our products just aren't engineered for security,"
-Brian Valentine,VP in charge of MS Windows Development
> samba still cannot serve the "user list" to
:-) :-).
> windows 9x machines for USER level sharing.
Finally fixed in Samba 2.2.1a. I'm sure you'll now upgrade...
Jeremy Allison,
Samba Team.
> Samba is the best if not only solution for interconnectivity between MS networking protocols and Unix ... but yet MS intends to cut this off.
From Micorsoft's perspective, the "best interconnectivity" is "no interconnectivity".
Sheesh, evil *and* a jerk. -- Jade
Getting rid of SAMBA... not a bad idea. While they're at it, they should get rid of COUNTRY and DISCO.
bp
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
Microsoft might be a major behometh and may attempt to stifle Project Mono but I doubt it would be throught the form of changing CIFS (the new version of SMB for those who don't know).
They should have called it "CIFLS", pronounced "syphilis". Perhaps the 'L' can be implied. "First I got Mono, but then I realized that I also got CIFLS in the same transaction."
Then you open your organization to patent infringement liabilities. Do you want to be the guy who's name comes up when the CIO asks "Who cost me $X in patent licensing fees from 'free software'?"
So now instead of you being able to thumb your nose at the BSA because you use Open Source, they'll be gunning for your Samba installation.
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
CIFS = Common Internet File System, also known as a slightly updated version of SMB, also known as the Windows file-sharing protocol. There is nothing really Common or Internet about it. (Did Microsoft give it this name?)
SAMBA = the SAMBA project, a free implementation of an SMB file server for non-Microsoft systems. SAMBA also includes directory services and other Windows NT Server features, so you could theoretically replace a WinNT box with an old Pentium running Linux.
By adding proprietary and patented encryption into the next version of the SMB protocol, SAMBA will no longer be able to emulate a Windows NT file server. At best, Microsoft clients would warn the user that they are not using a 'secure' connection, scaring management and IT support into buying a new Microsoft server. At worst, it could mean that Windosw XP cannot connect to SAMBA servers at all, forcing people to switch to Microsoft servers.
This is another effort by Microsoft to lock you into using their products. You will no longer be able to choose the type of server you want to run, if you want Windows XP compatibility.
There are two possible hopes:
1) Microsoft doesn't make this encryption a requirement to connect
2) Someone writes a SMB-compliant network driver for Windows XP
Microsoft must be overjoyed that Mac OS X.1 and Linux and Unix all have popular SMB clients. Woo hoo! Desktops of all kinds are locking in the value of having a nice Microsoft-controlled backoffice.
It's the servers of SMB which are the thorn in Microsoft's side. A decent Samba server runs on Linux just fine, which robs Microsoft of all that wonderful lock-in. A Microsoft backoffice solution can be replaced with a drop-in equivalent, and not one desktop user even notices the difference (except there's fewer i.t. emails out to the organization about downtime).
Every time a fully functional drop-in replacement is possible, Microsoft will attempt to change the game to break that possibility. Desktops are hard to replace fully, because every single user has to make a very personal commitment (either by paycheck or choice) to learn all the little differences. Servers are easy to replace without much hardship, and Microsoft knows this. Hence, .net and kerberos tweaks and other closed or extended standards.
[
I would be /very/ surprised to see Microsoft implement a new feature into CIFS which when reverse-engineered by SAMBA (legal under DMCA for interoperability issues) would require them to pay a patent license.
.NET which is entirely possible. We must remember though that the whole world is not kept under US law (though more and more of it has our laws thanks to our friends at WIPO...) Either way, Samba has a pretty stable future despite the minor roadblocks Microsoft throws up.
The reason this would be hard to stomach is that Microsoft has major customers including banks and other data farms which use Samba across their worldwide networks. Microsoft might be a major behometh and may attempt to stifle Project Mono but I doubt it would be throught the form of changing CIFS (the new version of SMB for those who don't know).
Microsoft is a bully and we will always have things to overcome however they still answer to some people, namely their major customers and when they bark orders, Microsoft listens.
Plus, the story doesn't really even talk about Microsoft changing CIFS, it talks about possible patents in
-davidu
# Hack the planet, it's important.
It won't work. Samba requires working seteuid() calls, and full POSIX locking functionality, which is not possible to emulate in a Win32 program (although probably possible in a native NT API program, via hidden calls - you know, the ones Microsoft claim don't exist :-).
That's why Microsoft's "Services for UNIX" product must have a kernel component - Win32 locking is unbearably primitive compared to POSIX locking. We can emulate Win32 locking semantics on top of POSIX, but it's not possible to do this the other way around.
Regards,
Jeremy Allison,
Samba Team.
The article talks about patents, and how if Microsoft were to integrate some form of patented technology into their authentication system it may require Samba to license it.
.Net and Mono.
It's just a general discussion about patents and how they might impact an Open Source project. They use Samba as an example, but are primarily referring to
Hey Mr. Taco... Read the article next time before posting a comment about it.
Allison said he inadvertently learned of a patent from "a high Microsoft official"
I don't know what MS has been smoking lately, but they've obviously smoked it all.
Need Free Juniper/NetScreen Support? JuniperForum
Here's a link to the full text of the patent. But according to the article, "Microsoft does not have to disclose any patents on .Net technologies, unless it is not willing to license them in a nondiscriminatory fashion." And a "nondiscriminatory fashion" toward Ximian Inc would probably involve a royalty-free license. IOW, Microsoft will probably do its usual routine of "We won't sue you over our patents on this technology if you don't sue us over your patents on this technology" in the white paper, as it has done for the FAT specification.
Will I retire or break 10K?
Is this true? Consider this article from Fortune about Rambus, in which they were dinged for not disclosing a patent to a standards committee.
The article mentions that Sun and Dell got in trouble for similar things, and had to license the patents royalty-free. Dell had a patent on VL-BUS technology, and Sun had one on DRAMs for SparcStations that Kingston complained about. The Dell story (from 1996) is summarized here and this is from the FTC, while the Sun case (from this year) is mentioned here and here.
- adam
US law even apparently applies to Russian soil. Just ask Dmitry Sklyarov. The US gov't believes its law applies worldwide. And Russia isn't screaming blooddy murder about it! (Why not?!)
No one is safe, unless perhaps they decide to NEVER visit the US ever again. Even that might not be enough, just look at Manuel Noriega. Kidnapped by the US in a miltary raid and imprisoned in a US jail.
And the US would be very likely to bomb any rig out in international waters. We'd justify its destruction and the killing of its workers by saying we were protecting the US economy from economic terrorism and all our sheep/citizens will bleat their approval. And with it having been in international waters, we wouldn't be in trouble with any other country for violating its sovereignty.
Not that international law has ever (in practice) ever applied to the US ... just look at how many treaties we violate.
Just because it CAN be done, doesn't mean it should!
why oh why do people host their projects in the US ?
why not put it in international waters and work on it from wherever you want ?
this goes back to cryptonomicon CAVE idea
more and more things like this are going to happen we should simply wake up and put them out of reach of poloitical ideas and companys
what are the problems with this approach ?
reagrds
john jones
(I fully suspect they do have a whole file cabinet full of patents, but I'd like to see them before I start making assumptions about the future of open source.)
Not only do we not know the specifics of the alleged patent, but we don't know if it's trivial or not. There's no guarantee it won't flunk the prior art or novelty tests.
WHY do we have to use Microsoft's file server software at all? Why not just write a secure, open source NT/2000 service that can share directories? This can be accessed by a secure, open source client that sits on a NT/2000/9x/Linux/UNIX machine. This (sort of) was done with SSH. There are 3rd party solutions for NNTP, SMTP, POP, IMAP, HTTP, etc. Why not file sharing?
Why don't they realise that they only reason the Internet has been so successfull is because it works by using a set of standard protocols that anyone can adopt and use. The best thing about the Internet is that I can run Linux on all my office machines and still access the Windows based services that others provide. By taking this road MS are in danger of marginalising themselves and not Linux. There simply has to be interoperability between different platforms in the modern business world.
In my company, for example, all of the tech guys use UNIX and all of the admin and sales use Windows. We have to interact with each other. If MS aren't going to allow it through their tools, it just means companies like mine will have to migrate to non-MS solutions for even the Windows machines. I just feel that MS are shooting themselves in the foot by taking this sort of approach.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10);'
The patent covers only the encryption procedures for how a user password is changed, but as part of the transfer protocol, it is a potential dependency for all developers who have to mimic the Windows file system and seek to interoperate with it. For example, successful interoperation with Samba might make the Samba project subject to Microsoft demands for patent licenses and royalties.
Which means MOSX 10.1 will not be able to use the password encryption procedures without MS permission. This could be DCMA test if the SAMBA team decides to go ahead with the implementation of the password encryption. Of course, a black box shouldn't be patentable... I mean, if the code produces the right output with a different algorithm, then it should be kosher, (or parve, I'm bad with analogies).
Andrew
I'm so tired of MS and thier contrary ways. they forever claim that they work for teh benifit of the consumer. Samba is the best if not only solution for interconnectivity between MS networking protocols and Unix. I've used this over and over again in MS, Apple networks, where there is a single Unix server. but yet MS intends to cut this off. how is this helping the consumer. True capitalism you dont muscle a customer to buy your product by stamping out the compitition you make a better product. Ms however does not understand this. Yet on the other hand we have the Gov getting in bed with big business. I really wish slashdot and the like activist woudl start writing their congress man or woman about this. when the old folks prescription goes up or someone threatens to take away there driving privaliges look how quickly they act. we need to adopt the same stance and start fighting for our rights as consumers in a free market.
From reading the article I understand that there is the potential for Samba or any other open source app that realies on CIFS to have to mimic a function that happens when a user changes their password (I am asuming that this is part of MS/CHAP). The problem being that MS might hold a patent on something, that possibly would have to be implimented by said open source app and as a result MS could charge some sort of licencing fee. Maybe
What a friggin joke! The author comes up with a scenario which is has no factual basis, decides it could be a bad thing and then get various people in the community to provide quotes that agree with him.
This is FUD, a pure and perfect example of FUD. ZDnet is getting worse evey year.
As with all large companies Microsoft files lots of ridiculous patents. They do it for the same reason mine does, so that if they are sued by another company thay have something for swapsies.
It would probably not be a good thing for Microsoft if their customers could not attach Linux file systems easily. SAMBA is simply collateral damage in the high stakes game between EMC and Microsoft. EMC servers are very expensive and Microsoft would love to play bigger on that turf.
The bigger problem is that in the crackpot US PTO scheme you never know if a patent has been applied for on something until the government awards a 20 year monopoly in practicing it. The rules have been improved, i.e. made less open to corrupt abuse but they are still an extortionists charter.
I can't remember the last time Microsoft was the plaintif in a Patent lawsuit. They have been the victim of many Patent Trolls.
It would be an idiotic strategy for Microsoft to try to use patents to make .NET proprietary. But then again the tax cut for the ultra-rich and breaking the ABM treaty to build a 21st century Maginot line are crackpot ideas.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
karma capped
Shutting out SaMBa is easy. The trick is not to shut out older MS SMB clients like, say, LanMan, Windows 3.11, 95, 98, ME, NT 3.51, 4.0 and Win2k in the process. If they pursue this too rigorously, they risk alienating customers because the new software isn't backwards compatible. Why do you think they're still putting DOS compatability in their new OSes even though the last MS-DOS release was almost a decade ago?
Huh, didn't think of that one, right?
This is all about lock-in. It is getting harder and harder for MIS departments to fight M$, but we keep getting more reasons to do so. They continually leverage their desktop monopoly to force businesses to use (buy) other software of theirs. Its nothing new, but it has gotten SOOOO much worse this year.
It's nota my planet, monkey-boy - Dr Lizardo.