Slashdot Mirror
Samba Team Responds to Microsoft CIFS Spec License
Jeremy Allison - Samba Team writes: "The Samba Team has released a statement regarding the Microsoft CIFS specification license and its effect on Samba. Regards! Jeremy Allison" Reading this and the Microsoft CIFS Technical License raises a number of issues worth considering. The statement maintains that the specification details an old implementation of the SMB/CIFS protocol, one Microsoft itself has abandoned. One wonders if the only reason they release such docs are as props for a court case or something.
Is Samba available for Win32 platforms?
I know this sounds like a strange question, but consider: Microsoft's SMB-based file sharing system is buggy and insecure. Could Samba be used as a drop-in replacement for regular Windows file sharing?
E.G.: you don't like Windows file sharing. So, you turn it off and install Samba instead. It works the same -- you wind up with shared folders that appear on the network -- but the sharing is being handled by Samba instead of the vanilla Win32 file sharing.
Is that possible? Maybe I'm suffering from hallucinations induced by too much Mountain Dew . . .
I have a crazy idea. Since Samba is probably used by many Microsoft-oriented shops too, why can't the Samba Team embrace and extend the CIFS protocol? This would be a two pronged attack. One of the prongs would be the Samba Team which will extend the CIFS protocol and publish it under the GPL. The other prong will be a group that will write win32 applications that will take advantage of the Samba extensions to the CIFS and distribute the app for free. Since the OSS community numbers in the thousands at least, this would be very straightforward to accomplish.
I wonder what Microsoft will do if the Samba extensions to the CIFS become a de-facto standard? When is the next iteration of Windows anyway? Right now could be a window of opportunity just opening up.
Sigh, I know I'm day dreaming. But, wouldn't it be nice to give MS a dose of its own medicine?
Or worse, what if the Windows EULA was changed to explictly forbid running it in an emulated virtual machine? That would kill VirtualPC, VMware, and plex86 all with one fell swoop -- and drive a lot of users back to the Windows platform.
You've got a good point. Hopefully, if enough people become aware of the dangerous possibilities of this kind of faux-open documentation licensing, the antitrust people will be able to do something about it.
"Anything is better than IE, and you can quote me on that." -- Wil Wheaton.
I hope this is a horror scenario, but happenings similar this are already documented history:
;))
when and if Samba raises to compete as the file/printer sharing protocol to be installed on Microsoft products instead of Microsoft products, they will just start using client certificates or something to criple Samba access to other MSFT shares. I quess cross-compatibility is not bad enough for MSFT to take action, but dare you replace their perfect piece of software with some GPL crap and you are in trouble.
I do believe this is a scenario which could happen, maybe the court case changes something and the future is different, but until then they have strong artillery left to "defend the shares"
...SMB will have to go away.
Micro$haft is the main company working on Windows networking protocols, and as has always been the case they don't seem to encourage standards or interoperability.
I'm thinking a better solution would be to use OpenAFS. It works on Windows and Linux just fine, and its not going to have interoperability problems because all of the stuff is open source.
I believe its only a short time, maybe a year or four, before M$ doesn't have anything to do with network interoperability software, unless they change their policy.
A saying comes to mind:
"The more you tighten your grip, the more star systems will slip through your fingers."
Mod me down and I will become more powerful than you can possibly imagine!
Blockquoth the responder:
Heh.
Tell that to the Mozilla team, or anybody who's worked on a win32 web browser in the last few years. Internet Explorer is proprietary, comes bundled with all windows versions . . . and it's got a big, red bulls-eye in the middle that all the other browsers are aiming for.
Thanks for the info on the Cygwin Samba client. I actually did do a couple of Google searches before posting, but evidently I didn't pick the magic words.
I have a crazy idea. Since Samba is probably used by many Microsoft-oriented shops too, why can't the Samba Team embrace and extend the CIFS protocol? This would be a two pronged attack. One of the prongs would be the Samba Team which will extend the CIFS protocol and publish it under the GPL. The other prong will be a group that will write win32 applications that will take advantage of the Samba extensions to the CIFS and distribute the app for free. Since the OSS community numbers in the thousands at least, this would be very straightforward to accomplish.
This would work so long as there was a compelling advantage (i.e. - lots faster file transfers). There's no point adding extensions just for the hell of it - they have to do something that users want done. Personally I'd like to see SSL support built into SMB, and adding that to the Samba implementation with a seamless Win32 client would be enough for me to switch all the Windows boxen I use to the Samba implementation.
Neat work, MS.
Fear, Uncertainty, Doubt. You can't choose just two out of the three, they come co-mingled.
Stop spreading FUD about Closed Source. You say though with their source being proprietary, we can't know for sure. By saying this, you appear to be thinking that that MS has stolen GPL source code. I think you've been watching Antitrust too much.
:)
Microsoft has better things to do with its development dollars than hire people to rip off open source developers. If they were ripping off OSS, Microsoft is smart enough to fold Apache into IIS a long time ago and make IIS not suck so much
Requiring open source implementations takes away from the ability of the best coder to sell a better product, and harms software devel as a business. So stop spreading FUD about closed source. Let people choose their own damn license. If someone believes that a closed source license protects their interests, let them use it.
- MS/RPC on top of
- DCE/RPC and
- Remote Access Protocol (RAP) over
- Named Pipes on top of
- Transactions on top of
- Server Message Block (SMB) on top of
- NetBIOS
If you do an RPC call it goes through all of that (minus RAP which is quite dead post NT). A redesign would be trivial to implement by comparison because you could reduce all of that crap to one uniform API.> work of it, and you must therefore obey the
> license you "obtained" the document under.
So I should consider the license MS uses for this document as a viral license in the Gates/Ballmer sense of terms.
MS is using viral licenses to threaten open source developers with law suits. Nice.
Not 100% on the legalities, but surely an NDA used to perpetuate such a copyright infringement (or theft of IP for the tinfoilers) cannot be considered valid?
It's like saying "I'm stamping fake DVDs in the basement, but you can't tell cos you signed this agreement." Don't think it's gonna hold up somehow.
I attended the first CIFS conference held up in Redmond back in 1996 or 1997 when I was working for Apple. One of the SAMBA team members also participated, I think it was Andrew Tridgell. The MS people were actually very respectful to Andrew. One of the funny things about SMB/CIFS was that there was NO documentation on the protocol. All MS had was three different codebases (Windows for Workgroups, Win '95 and Win NT) implementing the damn thing in slightly or sometimes majorly different ways. They stood up in front of us and admitted it. As a result, there were several times when Andrew was the only person in the room who knew the answer to a particular question. Overall, though, their basic attitude was "We're Microsoft - you have to put up with our bogus crap"
There were also definitely portions of SMB that they wanted to keep secret, most notably the manner in which authentication was handled. When heckled from the floor about that, their response was "If we opened the whole protocol suite to you there would be no need for a NT server box in your network." !!!!
I was able to view the whole conference as kind of an amusing episode since none of the problems really affected me directly. However, the majority of the conference attendees were poor schmoes who had started developing something that fit into the MS networking scheme and their companies and jobs were dependent on the MS stuff. They had a definite love/hate attitude towards Microsoft.
Overall, my feeling at the time was that MS encouraged the SAMBA team. If you check the SAMBA web site, you'll see a picture of a number of the SAMBA team at the '98 CIFS conference which I'm sure was also MS sponsored. So, I don't think MS is actively discouraging SAMBA. (Interestingly, who's another key player with CIFS? Network Appliance)
The mind boggles at the sort of mangled system that is required to create the scenario that "Some printers don't support network sharing"!
Surely printing & sending data over a network are two seperate issues? You know, the problem that was solved 30 odd years ago, with print queues and a low-priority task dispatching the jobs to the printer? You have a directory on the computer doing the printer, the print deamon watching that directory, and then a way of transfering printer data into the print directory(SMB). How can you fuck something like that up?
Let me guess, the Microsoft system is better because its newer?
Then MS is even more brain dead than I thought.
I have never seen a case where a printer cannot be shared over the network under UNIX. The printer driver layer and the network printing layer are separated. I always thought it was the same under MS, so every printer could be shared. Then again, I don't use MS as a print server.
"I'd like to see SSL support built into SMB"
That's a very interesting idea. And I'd have to say that I would probably also switch to such an implementation. I'd also like to see passwords stored in Win9x with MUCH stronger encryption. I wonder if the Samba team is up for a few ideas.
So you're saying that the incorporation of zlib (non-gpl lic.) was prior to '98?
Anyhow my understanding per an earlier /. is that a large number of universities and others have source licenses for all versions of winblows. (see list of who's who) I'm sure that the NDA's associated preclude actually saying anything about it but if CIFS has samba code these source-licensed groups would be able to find it.
Linux is Linux, if One need clarify their dist: <Dist>/GNU Linux
bsds are of course just BSD
Perhaps a tax on amateur lawyers on slashdot would close the WBush budget deficit and help save social security.
IANAL but I know the basics of copyright law having spent time trying to stop people extending them. Copyright has no connection to trade secret law as you imply. In fact under European law copyright is a bargain, you get copyright protection in return for disclosure. In the US that bargain aspect has largely been erased as the doctrine of intellectual property as intrinsic right developed.
The point about the phone book is that copyright is meant to protect only the representation of the idea, not the idea itself. In the case of a phone book the representation is so lacking in creativity - alphabetical order, that there is only an idea.
The Microsoft 'license' is not something I would want to spend money attempting to enforce. The information in the document is clearly not a trade secret, bars on redistribution of ideas are unlikely to work in a US court. Copyright doctrine even in the US is not favorable.
What the license does do however is to make it clear that anyone developing a samba type implementation knows that there is a patent on the implementation.
The license also makes it impossible for someone to claim that they have acquired any rights as a result of a GPL license. While folk on slashdot try to claim otherwise the explicit purpose of RMS's scheme was to make it impossible to sell software. You might think RMS is with you but whatever RedHat and co say, RMS turned down offers to join their advisory boards because their business is contrary to his 'principles'. What this comes down to is that Gates understands what RMS is really up to better than most slashdotters.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/