MS Struggles to Discredit Linux

PrimeNumber writes "The Register has this interesting story about a supposedly "leaked" email from Microsoft Windows division VP Brian Valentine. Although half of it is admittedly suit/rah rah speak, the interesting nuggets mention use of Microsofts "Sun and Linux insiders"." The whole email is pretty funny actually.

Maybe it's just me

[Wind_Walker]

Maybe it's just me, but I always react with skepticism whenever an "anonymous source" leaks a "classified document" to the public. For all we know, this e-mail was written up by Mark Jabroni from Nowhere, TX.

What especially rings my "hoax/troll bell" is the last couple of lines about the message being "Microsoft Confidential" and how he can track any and all forwards. Give me a break.

This article is complete bull. Nobody will ever be able to convince me otherwise. It was written by a well-intentioned Linux advocate and sent to The Register because it would give the people of Slashdot a reason to cheer.

Nothing to see here, folks. These are not the e-mails you're looking for. Move along.

Re:Maybe it's just me

[Proaxiom]

how he can track any and all forwards. Give me a break.

Actually you can. All the company e-mail is on Exchange Servers, and so anybody within the company forwarding it would be using those servers, and the admins can see it.

He mentioned the problem with auto-forwarding, because if it gets forwarded once then they can no longer track it. Once it's off the company network it is out of view.

Of course anyone can just as easily copy and paste the text into a web browser and send it from a Hotmail account, but security based on futile half-measures just makes me think this must be authentic Microsoft.

Anyway, it is addressed to Microsoft Sales and Marketing people, who probably know none of the above. They would most likely take whatever the guy says at face value.

another leaked email

[MathJMendl]

From: Brian Valentine
Sent: Wed 1/2/2002 1:14 PM
To: WW Sales, Marketing & Services Group
Subject: Me again -- Linux updates (part 2)

Our elite PI squad has managed to break into the linux infrastructure! Now, all their source code base are belong to us! With their source code, we can now see how they do things. This infiltration of linux will let us defeat linux, once and for all, from the inside! All we must do now is figure out what the heck all that code means... We would know already, but Visual Basic wasn't able to open their source code files for some reason.

Re:another leaked email

[Alsee]

Now, all their source code base are belong to us!
...but Visual Basic wasn't able to open their source code files for some reason.

What happen?
Someone set up us the bsod.

-

Discredit?

[TheGreenLantern]

Honestly, isn't "discredit" a slightly harsh, or at least not-quite-right, word for this email? This isn't some mass-media FUD campaign; I mean, it's a motivational email to (presumably) a bunch of sales wonks, encouraging them to try and sell their products. Gasp, call the Justice Department.

It's not as if Linux vendors aren't out there right now doing the same thing, telling customers they're bug-nuts for running NT/2000/XP. I realize it's pretty funny and/or scary to hear him talk about "eliminating" Linux from customer sites, of doing "walkthroughs" to find hidden Linux machines, like some kind of Secret OS Police. But from a business standpoint, you want to sell to your customers, as much as possible. This is just a reminder to the sales guys, "Hey, don't let any sales opportunities slip through your fingers".

Don't get me wrong, MS has been Very Bad on many different things, but I fail to see how trying to sell their product should be considered some kind of Evil Act (tm).

Looks real to me. Here's why.

[Bowie+J.+Poag]

Theres one important clue here that points to this email as being legitimate. The lack of British euphamisms. The Register is a UK-based resource. If they wanted to doctor up a fake email in a conversational tone, it would have been written differently from the style in which it appears. Infact, when I was reading it, I kept expecting to see language differences, and didn't find any. Hell, to any self-respecting haxx0r, that bad-bad-doggy conclusion at the bottom of the email just begs to be disobeyed.

Even more true is the snippet about DH Brown being total FUD-whores. It says so right on their damn webpage, you can pay for the results you want.. Give em $1M and they'll tell that the majority of people surveyed think the sky is green, Windows is better, and we all ride around on invisible pink unicorns.

Now they know who the leaker is....

[tomreagan]

unless they are really stupid.

It's a simple trick - they sent out slightly different copies of the email to everyone on the list. Then, when the public version gets published they can reference the published version against who got what.

The changes can be cosmetic - slight changes in phrasing, additional punctuation, spacing, line breaks. Stuff like this would be pretty much unnoticeable without having a couple of different copies to compare against. Even then, it would likely be tough to notice the difference.

Add in 3 separate requests to "not distribute" as a tempting goad to the leaker, and the odds are that MS has solved their problem with that person.

Unless The Register sliced up the email themselves....

You're right

[Wind_Walker]

I admitted in this thread that it would be pretty easy to "leak" the e-mail (if nothing else, good old pen-and-paper works great!) but it's just that I'm always skeptical of anything from "anonymous sources". And yeah, you could track things going through the central Exchange server, with a pretty simple mechanism. But still...

I think you're right; it was used as a scare tactic towards the clueless non-tech people who don't necessarily have the technical background to filter out the hype from the truth.

Back to my original point, I still think it's a hoax. Maybe it's just my cynicism shining through, but I can't believe that Microsoft is really focusing that much attention on Linux. The hype surrounding Linux in the media has died down, Linux companies are going Chapter 11 left and right... Unless the Xbox is more of a flop than I anticipated, I can't believe Microsoft is that concerned with Linux. I could be wrong, though...

Re:You're right

[iceT]

I think your comment may be a bit short sited.

Sure. People jumped on the LINUX bandwagon way before they market was ready to accept it, and that means that companies will fold.... especially if they're dedicated to the task.

The possible exception to this is RedHat. But you also have to look at the stuff that RH has done. They've been partnering up the wah-zoo. Dell server preloads are ONLY RedHat. Most of RH's announcements recently have been in the 'big' arena: big databases, big support. Big.

Lastly, Redhat is working to make a zSeries port for IBM.

And those three letters are probably what Microsoft fears more than Linux itself: a LARGE scale vendor dishing up LINUX. If large companies use LINUX with their consolidated servers, then it's going to be an easy/easier push down to smaller/dedicated servers.

IBM has the cash that LINUX needs to get accepted... PLUS, there are datacenters full of mainframes with support people that love them. If LINUX let's them keep them longer, They'll embrace it.

Is this letter real? Maybe, maybe not. Based on meetings I've had w/ MS/Redmond people (part of a corporate trip with a fortune 10 company)... it sure sounds exactly like the attitude I've seen from all the employees I've met (including Balmer himself). There's big ego's, big attitudes, and big expectations. Relentless doesn't even BEGIN to describe these guys...

It very well could be real..

Re:You're right

[dhogaza]

IBM is peppering every NFL game with their "The Heist" Linux ad. This ad is selling EXACTLY the server consolidation message the e-mail you so swiftly proclaim to be a hoax addresses.

The e-mail message mentions names IBM specifically. The last time I looked IBM did not fall into the category of "Linux companies going Chapter 11 left and right".

And the "escalation center" rings like it could be true, too. They're not fighting Debian - they're fighting IBM. IBM is clearly targetting MS in its current marketing campaign, so MS taking specific steps to counter them makes fine sense.

Now ... it may be a hoax. But not for any of the reasons you mention.

ALWAYS consider intentional disinformation.

[AgTiger]

Always consider that leak is intentional, and that you have been specifically targeted as part of a disinformation campaign. Ask yourself what purposes might exist in getting you to buy into the message. Be skeptical, it pays off. My own impression is that this message was too convenient and is attempting to convince me to underestimate Microsoft, or to misdirect me away from where their real efforts are. Just look at the opening lines - it's practically _begging_ to be "leaked". Of course, that's just my opinion...

Re:Double standard

[coyote-san]

It's not a double standard when you're discussing different things.

The Mac/Linux/*BSD crowd, overall, just tries to point out that the emperor has no clothes. In response, the naked emperor demands that everyone close their eyes. (Consider MS's recent position regarding the disclosure of vulnerabilities. I know, MS is targeted because it's more popular... so explain how IIS has more exploits than Apache even though the latter is far more widely used?)

MS, in contrast, has a repeated track record of funding and trumpeting skewed tests. The Netcraft "study," for example, had the best minds in MS on hand to tune the server. The Linux system, in contrast, warranted a single vague post to the incorrect newsgroup - they didn't even bother contacting Red Hat to inform them of the tests.

Re:Exchange?

[morcheeba]

You can track emails, even if someone prints it out and mails it, rewrites it by hand (with a pencil), or even speaks it over the phone. It's called Steganography, and it hides information by subtly changing the punctiation and spelling, or by changing the text (omission or inclusion of various words/sentences). For all we know, the sent line "Sent: Wed 1/2/2002 1:14 PM" indicates that employee #114 leaked the info.

Incidently, it's just barely 2 pm here the US east coast... sure, this is a worldwide email, but in Redmond it's still 11 am, not 1:14 pm.

comparable XP-server is still far more expensive

[coyote-san]

First off, if you think that the copy of XP that came bundled with your new system is "free" you are an idiot. The OEM paid MS a significant amount of money (the exact amount is never disclosed, but believed to be in the $100-$200 range) and it's passed on to the consumer. Same as the cost of the hard disks, memory, CD or DVD drive, etc.

But on the main point, your $500 retail copy of XP-server gives you the right to set up a server. But not to use it - that requires a client license. For every service. You want a database? Again, you need a license - and MSSQL is expensive. Plus client licenses. Ditto upgrades to the back office (exchange), IIS, etc.

I haven't seen price comparisons for XP vs. Linux, but I seem to recall that a Win2K server set up for a reasonably sized workgroup would cost $100k and up by the time you had all necessary licenses. In contrast, that $3000 HP charges for their distribution (which includes their own proprietary tools) is pretty cheap.

P.S., maybe you can find a NT MCSE who doesn't drool, but other studies have shown that you better have one MCSE for every 5 users or so. Your 100-person workgroup will need 20 MCSEs to keep it working. In contrast, the average load on Unix sysadmins in 20- to 100- users per admin (depending on the shop) - you'll need 2-5 unix admins to support the same workgroup. (You need at least 2 to cover vacations, illness, etc.)

Assuming each person costs $150k/year (salary, benefits, overhead), the unix shop costs $300k-750k to support. The Windows shop will cost $3 million to support.

Who cares? Show that you don't ...

[Jobe_br]

Anyone looking to see if all those Linux folk are still zealots w/r/t Linux v. Microsoft would only need to measure the response to a story like this. Do you hear that sucking sound? That's the sound of many fine folks wasting their time and energy on bashing Microsoft, their products, their practices, their religions ...

It doesn't need to be like this, folks. Speak with your wallets, speak with your advice to people who seek out your opinions, speak with your civil rights as a citizen of a free country (whichever country that might be!) Don't buy Microsoft products if they aren't any good or if you have ideological reasons not to (this is always your dime, as people say). If you're asked for your opinion on technology, recommend Open Source products if applicable or products produced by competitors of Microsoft if they are better, or if you have ideological reasons not to recommend Microsoft products. Write your senators, representatives, school board members, and city council members about your opinions. Propose alternatives to Microsoft packaged solutions. Maybe your solution costs less, maybe its more reliable, maybe it just makes the point of not supporting a company found guilty of anticompetitive practices, whatever.

Summing up: who cares what Microsoft thinks of Linux, don't waste your time on fruitless flames, trolls, op-ed, etc. that merely 'sings to the choir'. Do something that counts or don't do anything at all. Perpetuating the opinion of others, that all folks involved with Open Source are anti-Microsoft zealots doesn't gain us favor in areas that might provide some of us Open Source advocates money in the future. Its all about impressions when dealing with conservative (or even just fiscally minded) executives. A sure thing is always going to be better than the latest underground trend.

The real source of this email.....

[oobeleck]

Deep inside Slashdot headquarters......

CmdrTaco: Come on guys this is BS. We needs some
news today. Isn't ANYTHING interesting going on?
Do I have to do EVERYTHING myself???

[CMDRtaco@debianbox] telnet expoitable.sendmailbox.ru

220 exploitable.sendmailbox.ru ESMTP Sendmail 8.6

HELO aaaaaaaaaaaaaaaaa(250 times)
250 exploitable.sendmailbox.ru Hello debianbox.slashdot.org pleased to meet you
mail from: bvalentine@microsoft.com
250 2.1.0 bvalentine@microsoft.com... Sender ok
rcpt to: news@theregister.co.uk
250 2.1.5 news@theregister.co.uk... Recipient ok
data
354 Enter mail, end with "." on a line by itself
To: WW Sales, Marketing & Services Group
Subject: Me again -- Linux updates

etc...............

Oldest Troll trick in the book.

Re:Why it's NOT a Hoax: Warning vs. catching the l

[Foochar]

Unless he has the message "Canary Traped" This is a fairly well known method of determining where documents are being leaked. Your format the message slightly differently in each case, not enough to change the meaning or even enough that a casual reader will catch it, but enough that each document is unique. You might use a : instead of a ; or leave out a comma or period here or there. By comparing the leaked document to your originals you can figure out who the document was sent to, and therefore who leaked the document.

Re:Tracking forwards

[Glytch]

Yeah, you're right, if you assume clueless users.

We're talking about sales people here.

Re:comparable XP-server is still far more expensiv

[jht]

Windows isn't cheap to support, but it's a lot cheaper than those figures. I have 150 users here, and we support them with 5 people (myself and 4 staffers). However, of those 5, 1 does primarily applications support (we have a lot of legacy apps) and runs the 2 NetWare servers, and 1 does mostly database work and development. I run the group and work mainly on security. We really have 2 people specializing in NT administration, and we're just fine that way.

I'd also estimate the per-person dollar figures to be a lot lower than $150k/person/year. I'd say a figure of $100-$110k for a highly-paid NT person (total, not salary) is still high, but closer to reality. The skilled Unix person is more expensive, but you _will_ often need fewer of them. Total cost for most shops is probably somewhat comparable.

I used to support about 100 Macs pretty easily with 2 people, so that support cost goes even lower...

Also, I don't know exactly what the OEM cost for Windows is, but I believe that it's typically well under $100 in volume (around $50-$60 or so, typically). XP Pro (NT 4 and 2000 Pro, as well) add a little more to the ticket, but most OEMs typically raise the price $100 from what they'd charge for the "home" OS versions for the pro stuff. At least part of that $100 is profit for the vendor.

Retail packages of the server OS usually include 5-25 licenses. But that's still pricey, of course. I can say that our Enterprise license pricing (we're part of a group with a bigger company, so we qualify) is very attractive - it includes the server CAL, desktop Windows (any version), and Office Pro. It almost makes Windows worth using ;-)

The most telling line in the whole email...

[malevolence]

that makes me think it actually is real is the following:

"We have the best d*mn sales force in the world backed by the best engineers in the world."

Only a marketroid would think that the salesmen are more important than the engineers.

I can write a better fake than that

[Animats]

"While Linux is going nowhere on the desktop, it remains a threat in the server space. The use of Linux, especially with Apache Web Server, slows down the deployment of our next generation of web services, such as .NET, Passport, and Hailstorm. This in turn interferes with transitioning our customers to a subscription model and providing us with an ongoing revenue stream during periods of low growth. It's therefore important that efforts be made to displace non-Microsoft web servers.

We're embarking on several initiatives in 2002 to deal with this.

• The "99.999%" reliability program will be offered competitively to IT shops which use only Microsoft software.
• Presentations to Fortune 1000 clients will emphasize the migration path planned for Windows XP and its successors, which will move consumers away from a generic Web environment to one that requires .NET-enabled web sites.
• We will be introducing a new mail protocol in 2002 which will replace the present "SMTP" protocol. This protocol will provide authentication of mail senders (but not encryption of content) and will protect mail servers from unauthorized use. The client for this mail protocol will be distributed as an update to Internet Explorer. Initially, users will see no change as a result of this action. But when ISPs transition to our replacement for Post Office Protocol, our mail clients will treat old-format unauthenticated mail as potentially hostile. In high-security environments, old-format mail will be down-converted from HTML to plain text, and attachements will be stripped. Our intellectual property will prevent the cloning of this mail protocol, giving us control of the worldwide e-mail system within three years.
• We are working with PC manufacturers to develop firmware which enforces a secure boot process. This will prevent the loading of non-signed operating systems. While any company will potentially be able to obtain permission to sign an bootable file, we are working with the National Infrastructure Protection Center to insure that such authority is only available to U.S. companies able to qualify for Government security clearances.

With these new initiatives, you should have no trouble convincing top IT management that conversion to an all-Microsoft environment is inevitable."