Slashdot Mirror
Responses to ADTI Paper
Everyone and their brother has something to say about the silly and incoherent ADTI paper released yesterday. It doesn't even seem worth the effort to me - it's so internally inconsistent that I can't imagine it convincing anyone of anything. Nevertheless, David Skoll of Roaring Penguin has a good rebuttal, and Newsforge ? pointed out that the MITRE study that's been kicking around for so long is now public, and took a look at the differences between the two. Update: 06/11 18:43 GMT by M : Another rebuttal, by John Viega and Bob Fleck of Secure Software.
Was this really sponsored my Microsoft? Is there proof of that?
FoundNews.com - get paid to blog.,
So you mean to tell me that all the trouble we went through switching to Windows yesterday was for nothing?
really just a front for MS to push a political agenda around? i've never heard of ADTI (although i do know who Alexis DeTocqueville is) until now, and they don't seem to be a legitimate research organization.
really, if open source poses a threat to national security because of the availability of the source code, then we should also remove all books from libraries because of the same threat they pose to national security.
Me email iz skyewalkerluke at microsoft's free email service.
Makes me wish I were a programmer, to release things in an OSS license of my choice, but after a year of classes, I never did master Hangman. So off to the social sciences I went...
I don't know what you all are talking about. I thought it was very convincing.
And I'm a senator. My constituency trusts me to make decisions for them. Why else would Disney^H^H^H^H^H^Hthe people of South Carolina elect me?
Is how obviously biased the paper is - it's badly sourced, badly written, badly argued (there's holes in their arguments big enough to drive the proverbial truck through, like, "GNU doesn't let you steal source code for profit - the bastards!" - when proprietary licenses will throw you in jail for stealing source code), and so far, badly taken by anyone who knows anything about technology.
The counter argument (I read it on The Register this morning) is well written, well argued, has plenty of great sources, and except for the "Adapt or Die" bit repeated over and over again which showed his own bias (cool, but probably not the professional white paper people care about), it was a convincing argument.
So what was the point? If this "independant think tank" was paid for this research, whoever funded them should ask for a refund. If they did it to prove a point, someone should go back to "Presenting Important Arguments 101" and come back when they can present a logical, convincing argument.
All this appears to be is something a backpocket Sentator can wave and say "Look at this important research that proves why we need the GNU Illegal Code Act of 2003!". And sadly, most voters won't care because they don't know any better.
Then again, my 3 month old son doesn't know he shouldn't eat his hand. Same difference, I guess.
52 Weeks, 52 Religions with John Hummel
if you knead proof, just read the report . that's write, & we're sticking to IT, we're NOT taking IT DOWn when sumbuddy w(h)ines about IT.
How much do you think ADTI would charge to conduct another unbiased study that completely counters and argues against their original report?
Bill Clinton: Pimp we can believe in. - The Shirt!!!
Wired has an article from almost a week ago titled Did MS Pay for Open-Source Scare.
Dave does good work. He has a weekly column at @monitor.ca That is full of good Linux information. The column can be reached directly at volXissY/lnxstuff.html
The government's productive alliance with private enterprise is also relevant particularly when its decision to use GPL source code would inherently turn away many of its traditional partners. Security, as well as other impracticalities make GPL open source very unattractive to companies concerned about intellectual property rights. In effect, the government's use of GPL source code could inevitably shut out the intellectual property based sector.
The Government must choose software to maximize national security and minimize government expenditure. It owes absolutely nothing to the "IP-based sector" or any other corporation. What was it I said before? Oh, yes: "Tough. Adapt or die."
It seems to me that many corporations are complaining about loosing their ability to make a profit. They expect the government to legislate things to help them. The author hints to this here but, let me add to it:
Running a business is a privilege granted by the people (business/vendor license). There are no rights, promises, or guarantees that running a business will earn any profit.
UNIX/Linux Consulting
Underlying this whole discussion is the idea that MS source code has been, is and will always be completely secure.
Does that seem very likely?
Could God create an encryption scheme so powerful that even he couldn't crack it?
That's not the point, though. The viability of OSS--particularly in the public service sector--has significance beyond Microsoft's dominance of the software market. Secure software isn't just about keeping the h4x0rs out of your e-mail. For all of the overblown hysteria, there are legitimate real-world security issues at stake in the open source debate. If there is a chance that open source software could make the difference in critical infrastructure systems, don't you think it would be worth the time to make an honest critical assessment? The ADTI study is nothing of the sort, and should be criticized for its faults.
OS, GPL, and Linux'll lose in the long term. Why? Because they play fair!
It doesn't matter that they are technically, practically and totally better than any alternative from M$ or any other company. The EFF simply does not have enough money to line the pockets of the next politician or lawyer that's against them.
In order to win, you'd have to be orders of magnitude better than any commercial alternative. In a fair fight, you'd win, but there ain't going to be any fair fight!
As long as anyone can get money from dubious practices, GPL will be ridiculed.
My guess is Slashdot paid for it. Seeing how many hits they are going to be able to get by 'exposing' it, they got a good deal. :)
Michael Loves Me!
Yup, I think that's the point I've always wondered at. Why is MS so upset at the GPL? Nobody is forcing anybody to use it (to my knowledge,at least. Long-haired liberals may have kidnapped some CEOs and forced them to renounce Microsoft and all its pomps and works since I last checked, but I rather doubt it).
So I suppose it's only some kind of friendly warning to innocent users (as we all know that nobody ever reads licenses, uhh... wait a moment...). If it's so, well... thanks and all that. Nice from you to spend all those dollars in raising the public awareness of the problem. I think the point is already made, thanks, walk along, it's been a pleasure, we already know what we are doing, thanks, keep moving.
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
...but what does "GPL" stand for?
I'm amazed that in all these articles, it's not spelled out anywhere. No wonder the public at large can't get interested in this stuff. All these geeks assume everyone knows what they're talking about.
While I agree with most of the rebuttal, there are a few points that the author's zealotry shows through just as badly as in the Micros.... I mean ADTI report. Example being this:
About the only thing that I find arguable about that small section of the ADTI report is the part about Open Source not working for a business model. First thing that David Skoll indicates is that he doesn't care about business models.
When are the open source zealots (I said zealots not supporters, they AREN'T the same) going to realize that 100% open source isn't truely viable, and that a BALANCE is necessary.
Oh well, at least this one wasn't a Microsoft front.
SUMMARY:
The rebuttal is factually (much) more accurate, but just as zealous as the ADTI report.
Dark Nexus
"Sanity is calming, but madness is more interesting."
IBM has a billion worth of marketing efforts put behind Linux.
Why dont they put forth some study on Open Source and GPL to counter these silly childish efforts be ADTI ?
I hate to say this, the Govt and the industry would definitely listen to Big Blue than a bunch of geeks.
Rapid Nirvana
The author of the Roaring Penguin rebuttal misses a point, one that's endlessly tossed around Slashdot. That Microsoft's (proprietary) TCP/IP stack is derived from the Berkeley stack is a good thing. As I understand things, the Berkeley stack is pretty much universal now because it was simply better than the closed versions. It's essentially the reference implementation of TCP/IP. And those programmers (not "thousands") who wrote it presumably meant for it to be used anywhere and everywhere.
This is the code the Internet is built on- it's a good thing it's under such a liberal license, and a good thing that Microsoft chose to use it. Certain things should not be GPL'd, and I think Microsoft has this right; open standards like this will never be fully accepted otherwise. A web browser, or a server, or an OS is an entirely different matter, though Microsoft doesn't seem to see this.
The FSF would of course disagree; they put ideology ahead of technology and have demonstrated that the "morality" of a project is more important than its success.
That paper can be used against open source - no matter how stupid it might be. It gets media coverage and most journalists believe what they read.
Fleur de Sel
Yahoo has a good page on this.
Not only did he provide an excellent rebuttle, he also made the original paper something comprehendable!
Interesting given that the US census population clock currently pegs US population at 289 Million.:-).
Seriously, having spoken extensively with the author of this study on the 'phone, he just doesn't follow a lot of the details at a level to coherently argue them with an informed audience.
Sure I can find bright folks on both sides of debates on oss/proprietary, full-disclosure/security-secrecy, win/unix/mac etc.
However ADTI's treatment may pass muster with folks who don't know the details and might have a similar set of economic / philosophic biases (e.g. capitalistic=successful=proprietary).
Anyhow 'Debates' are stoopid imo, debates with 'opponents' who lack enough clue to really participate are simply boring / frustrating.
Linux is Linux, if One need clarify their dist: <Dist>/GNU Linux
bsds are of course just BSD
All the right wingers couldn't stop from cumming in their pants when they realized that the democratic process had been short-circuited. They let their true colours shine after the attempted coup.
While I agree with the general sentiment regarding the ADTI paper, it does bring up one interesting and valid point in governmental adoption of open source software. While it is true that there is much to be gained from using software that is developed and improved by a large development community, there is much to be lost if the community dissolves.
The government (at this point) is not in a position to support their own software - they don't have the personnel (either in numbers or skill) for it. If the open source community continues to support government-adopted open source projects and provide the required feature sets and bug fixes, that's great. But if they are not, it is very difficult for the government to meet those needs internally. One valuable aspect (from the government's perspective) in using proprietary software is that it is very easy to offer to pay the company whose software needs improvements to do that work and ensure that government requirements are met. This is not nearly as easy for open source projects.
Note that this argument does not apply to software development projects funded by the government that are released under an open source license.
It's interesting to note that Roaring Penguin's own CanIt license is considerably more restrictve than the GPL, despite the article's "Tough. Adapt or die" refrain for proprietary licensing.
"A good conspiracy is an unprovable one." -Conspiracy Theory
Since no one seems to be discussing the MITRE paper, I guess I'll opin.
The MITRE paper takes a fair look at the business reasons for using OSS. By fair I mean that they don't simply extol the vertues of OSS, but look at the down sides as well. Yes there are some from the business viewpoint. They especially look at what makes it optimal for servers and the military. In the executive summary, they provide pretty pictures easily interpretable by pointy haired bosses every where as good hard data on why they should use OSS. I suggest that every one read at east the first 25 pages(the executive summary) while the business persons among us might gain something might get more details by reading the detailed business case portion of the pdf.
You'd think our unelected representative would have produced his own whitepaper by now lambasting the ADTI rant.
Perhaps he's on the toilet... I'm sure he'll get to it sooner or later.
If the Manhattan Project had used Proprietary Physics, we wouldn't be so worried about terrorists building bombs to drop on us. Problem is, all these photons and atoms and stuff are Public Domain; anybody with a calculator and a few pounds of Plutonium can make use of the technology.
"Tough. Adapt or die."
The dogcow says "Moof!"
It would seem sensible to me for there to be a law or summin requiring all companies who release papers like these - which are MENT to give an impartial view - are they not? to provide disclaimers which list the interests that the company has which may conflict with a truely impartial view on the paper
like...
This is a paper examining the pitfalls of OSS - it was written with extensive feedback from Microsoft, who also sponsored this paper
I'm probably going to get flamed for this, but these arguments are getting silly.
It seems to me that the whole proprietary vs "open source" boils down to an argument of how we share things.
Proprietary = I have cool toys, make it worth my while to let you play. Maybe we can share toys, maybe you keep the bully away from me if you get to play with my toys, or maybe we can make another arrangement. I'm not going to tear your head off if you borrow my toys without permission, but we might end up in a little spat.
ie - capitalism
BSD = we do it for the fun of it, do what you want - if you can make a profit, cool!
ie - pure research (historically good for buinesses)
GPL = you can play with my toys, but if you do you have to let me play with your toys. Mom and Dad are going to enforce this. These toys are magic, they can't even be traded for non-sharing toys.
ie - communism - although somehow people are arguing that this is pro-business?
At this point in the game, the commune is small and can still function, but as it grows it will self destruct.
Do you *really* want to get government burocracy involved in your OSS commune?
Refer to the chart on page 23. How is it that the BSD license is "GNU GPL compatible"?
Why does the author keep referring to the IP community and the "GPL community" as separate things? He even says that the GPL competes with US copyright law. This guy either has a fundamental lack of understanding about copyright or is a bald-faced liar. GPL'd software is IP as much as any proprietary software. GPL'd software uses copyright law as its basis, just as proprietary software does. The only issue here is the licensing terms. The only term that they take issue with is the fact that they can't simply steal the code and incorporate it into proprietary products because they would have to release the source to those products. That's their whole gripe.
They don't even consider the fact that most proprietary licenses are far more harsh than the GPL. In fact, you don't even have to agree to the GPL to use GPL'd software. If you don't agree, then basic copyright law applies. If you do agree, then you get additional rights, over and above what traditional copyright law allows, albeit with some obligations as well. I think that any claim about the restrictiveness of the GPL license is disingenuous at best.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
>As mentioned earlier, open source code
>is not guaranteed nor does it come with
>a warranty
Neither does Microsoft's software, really. Oh sure, they will replace the media, if your willing to pay $20 to $30 dollars, but if you read the Microsoft End User License Agreements, they take responsibility for nothing. At least with free software, you know what your getting.
At the moment there seems to be only a one-page PDF document at the original site explaining that the original paper has been recalled for some unspecified rework. Info regarding the sudden change of position can be found at linuxtoday.
The most interesting point was that when they contacted ADTI, a representative informed them that he was not sure why the paper was off-line, but he believed "they had to make a couple of revisions to the paper." The representative was not sure when the paper would be back online. The paper's author, Kenneth Brown, was
unavailable for comment.
I like David Skoll's very on-point rebuttal to the ridiculous ADTI/MS propaganda piece. However, the thing that David said about GPL advocates not caring whether or not big companies can profit from GPL frustrates me. If GPL advocates start saying things like that, then big companies with lots of programmers, money and motivation are not going to be releasing a lot of GPL'd code!!! I have seen variants of this thinking making its way throughout the community; I even went to a seminar "Making Money off Open Source" in Chicage/Evanston where ALL of the panelists (including founders of two well-known open source comapnies) seemed to accept the idea that the GPL is "Bad" if you are trying to make money. The ammunition for this viewpoint seems to be the presumed failure of the Linux service comapnies (Redhat, SuSE, Caldera, Mandrake, etc.) Now, I admit that RS probably cares very little whether or not GPL'd code can be used to make money; and there are some frothy GPL advocates who sometimes sound like old-fashioned communists. Also, GPL is obviously not an appropriate license model for every piece of commercial software out there. But lets not throw out the baby with the free beer. I would venture to guess that TiVO is making quite a lot of money off of GPL'd code, and perfectly within the terms of the GPL. I bet that Sharp will make at least some money off of the SL-5500 linux-based PDA. And someone at IBM is convinced that putting Linux onto big iron machines is a good way to sell those things. And although none of the Linux service providers are worth their market value, that doesn't mean that you cannot make a lot of money providing value added services to a GPL offering. Finally, there are tons of companies out there that use GPL'd code that they have written and contributed as an entree into premium products. In sum, there are a lot of ways to make money off of GPL so long as you do not try to make the GPLd stuff proprietary (that is the point after all). Lets not give away THAT the argument to MS et al.
Which reminds me, doesn't Microsoft distribute GPL'd software in one of its "migrate-to-Windows-from-Unix" packages?
Finding God in a Dog
Dont you mean `Logic alone will win the day`? What else do you need?
Lick it like you like it!
When are the open source zealots (I said zealots not supporters, they AREN'T the same) going to realize that 100% open source isn't truely viable, and that a BALANCE is necessary.
I think you've got it wrong. He's not saying that everything must be open source. He's saying that open source and proprietary software should compete. He's rebutting the argument made by the report's author that the government should not use open source software. It's the proprietary vendors that are trying to make things 100% proprietary software here by discrediting open source.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
I am a lone out post of open source in the military agency where I work. My solution, just show them the NSA funded SE Linux information.
Who are the green suiters going to trust? A bunch of paid "think tank" lackeys or the good ole spooks behind the triple fence? If it WASN'T safe I don't think the NSA would be wasting it's time on it.
So far NSA's advocacy has been used to let me get away with all kinds of open source implementation. The MITRE report was even sponsored by the Army. I haven't even exploited that angle yet.
If you ever get the opportunity, try asking for a show of hands at a computer convention of any kind, for all the people who work writing off-the-shelf software. Last I heard, the number was typically well below 20%.
The rest work in a variety of areas, ranging from custom embedded systems (where the license of your code matters not one iota because the code can't be changed once the device is manufactured, and it's only useful to the one device anyway) to custom software such as web application development or "enterprise" business logic (where the license of the code matters not one iota because it's never released, and only useful to the one company anyway).
So at worst, if all off-the-shelf software were eliminated, the software industry would shrink by 20%.
More likely, companies with large software requirements (like needing 100,000 installations of an office suite) will channel some of the money they're not spending on licenses and employ some programmers to answer the question of "where do we get bugfixes from if there's no company to turn to?". Once you reach a certain size, employing a few full-time programmers is actually cheaper than paying the ludicrous license costs of OTS software these days. Or they could pay a company like Red Hat or IBM or Sun for "support" (ie, to employ some programmers to prioritize this set of bugs/features over all others).
You've said that "100% open source isn't truely viable" but not backed it up in any way. David Skoll at least backed his point of view up by pointing to great software produced entirely without business models being in the picture. Who is more credible, the one who makes a (admittedly lightweight) argument to back up his point of view, or the one who simply calls the other a zealot with no argument?
It's hard to argue against someone calling for "balance". But sometimes "balance" simply isn't necessary or desirable. Just ask the Catholic Church what kind of reception their "balanced" approach to sex abuse is getting. Sure, that's a reductio-ad-absurdum. But since your whole argument seems to be "balance is necessary!", it suffices to point out a single counterexample...
Stuart.
I would like to comment on this papers addressing of 'documentation' of open source versus proprietary software. I would like to point out that when I bought a copy of Microsoft Windows 2000 Server, there was no documentation at all provided. I had to blindly figure out how to use the product, and eventually had to invest over $200 in outside books and materials (or alternatively I could have paid $1000 for training classes). I purchased Mandrake 8.2 and got a huge book of documentation. I also found online documentation for all of the packages included (apache, sendmail, php, etc.) that was absolutely free. I think open source documentation is some of the best in the world, with code examples and tutorials available all over the internet. Closed source software, by contrast, since it is proprietary, sports very few code examples or complete documentation. Try finding an active server pages version of PHP Nuke for example... Just my $.02. Thank you for your time.
Thanks for your letter; you're not the only person to comment on the lack of documentation for MS software. I was unaware of the documentation situation because I've never actually used MS software to any great extent. A few years back, I briefly (4 months) developed under Windows and became totally frustrated, not by the lack of documentation, but by the fact that a lot of it was inaccurate.
Regards,
David.
Unfortunately, the link provided now just points to some pictures of someone's kid. The lesson I hope this and future authors learn is that if you want to point out something interesting on an enemy site, you should state clearly what it is and you should have a backup copy (perhaps a link to a third party mirror or cache such as Google to avoid accusations that you created false documents or violated copyright) for when the offending information is quickly taken down or even replaced with something that refutes your original point.
I'm an American. I love this country and the freedoms that we used to have.
IE took your market share? Adapt or die!
Oops, now we're on the opposite side of the argument...
Although I hadn't actually read the paper at the time, I posted my first rebuttal to the ADTI press release here.
Now, having skimmed portions of the real deal, let me just say: merde de taureau!
http://www.farmerbob.org
Adapt or die!
Wrong.
If write a program and distribute it under the GPL, I am free to re-license it in any way i choose since i own the copyright. I can't bring back the GPL versions but I can sell another version along side of it. No one else owns the GPLed version, but they are free to modify and distribute it under the terms of the GPL.
page 13
In the U.S., the software sector accounted for approximately 319 million jobs in 2001
But according to the CIA Factbook:
Labor force: 140.9 million (includes unemployed) (2000)
They removed plans and blueprints for government structures that could be considered sensitive in any way imaginable. Many of the documents resided in public libraries, but not all. Some of the documents were also located with the DOT's, Energy companies, Department of Health, etc. A lot of public records were taken out of easy-to-reach places.
You can still get most if not all of this information they took down by special request. They just want to watch who views it now. A contractor bidding on a job to add on to a water treatment facility will get approved, while an unemployed activist might be rejected.
Some of the records are not available at all without security clearances now, where you didn't have to have anything before.
More people should speak out about this, it's leading into a lapse where public documents are being locked away rather than being openly viewed.
The government can pay a company to support its stuff, but that is predicated on the company being around and capable of providing support.
In an OSS environment, the worst case scenario is that the government would have to hire the skills to support their own OSS needs. Even if the community dried up, the government agencies involved could hire the muscle to keep things going. If they depend solely on Microsoft, the worst case scenario is that they suddenly have systems with no support--and no easy way of getting any.
The Roaring Penguin article was reprinted in full in The Age (Melbourne) and the Sydney Morning Herald today. Those IT sections are read by really quite a lot of people in IT in Australia.
http://rocknerd.co.uk
I was quoted in the document as a "programming expert". Er, not exactly. My specialty is installation programs and configuration management. Yes, I code, but in the open source world, I'm not an important contributor. Also, in my email exchange with Mr. Brown, I pointed out that I was not an expert in the GPL, yet he specifically cites me about aspects of the GPL. That particular portion was quite possible my least favorite of everything I wrote because I neglected to mention you only need to publicly release your own source code if you publicly release the binaries. This is a glaring omission and I must apologize to the Open Source community for my own stupidity.
-- Will program for bandwidth
had stuff, like CD archives of nuclear powerplant information, sent back by libraries, or destroyed on site. any government web archive containing concrete information about stuff like nuclear power plants, cleanup operations, and reprocessing facilities were taken offline.
Me email iz skyewalkerluke at microsoft's free email service.
Let me get this straight: you think before an opinion can be published, it must go through a government or psuedo-government review?
Hello? Are you living in Red China?
You'll make my day if you claim you're doing it "for the children".
Note this statement in ADTI's supposed "Paper"
"A worse consideration is that use of GPL could inadvertently create legal problems. IP community members could argue that the government's choice of open source is restrictive and excludes taxpaying firms from taxpayer-funded projects. Adverse impact would include a discontinued flow of technology transfer from government-funded research to the technology sector. Without value, it becomes highly likely that government funding for research would slow as well. "
vs. this one in the letter in response to the Peruvian bill
"The bill, by making the use of open source software compulsory, would establish discriminatory and non competitive practices in the contracting and purchasing by public bodies, violating the base principles of the "Law of State Contracting and Aquisitions" (Number 26850)"
"Open source code is not guaranteed nor does it come with a warranty."
I guess that's in contrast to proprietary software, which comes with a money-back guarantee, and free on-site repairs if any bugs are found.
"You cannot simultaneously prevent and prepare for war." -- Albert Einstein
Homer: Well, what do you think?
Editor: This is a joke, right? I mean this is the stupidest thing I've ever read!
Homer: What's wrong with it?
Editor: You keep using words like "Pasghetti" and "Momatoes" You make numerous threatening references to the UN and at the end you repeat the words "Screw Flanders" over and over again.
Homer: Oh, it's so hard to get to 500 words.
Just replace "Flanders" with "Open Source" and you're done.
GPL's biggest obstacle is the terrible misconception posted here. The uninformed seem to believe that GPL'ed code is forever tainted by the license and nothing can ever be done with it. We see people saying this on every single /. article on the GPL. It's bullshit, but people in the know don't seem to be all that driven to refute it in big print. It's the basis of most attacks on GPL, and we're still doing doing enough to get the truth out. I mean, how can GPL prevent me from licensing my source to someone for profit, when GPL is something to applies towards others and not the author?
"Prejudice is wrong; you should hate everyone the same."
I know it's hard for the Linux crowd to believe, but MS doesn't care one bit what we say about them online. They care what voters and legislators and mainstream customers think. If the Linux crowd rerally wants to do some good they have to figure out how to communicate with that other 99% instead of bitching to each other all the time.
Can someone explain this to me -
You can find on the web, and Scientific American, the details of how key and combination locks work, why doesn't this make them less secure? I use them all the time, front door, as do most of us. Very few burglars actually pick locks, most find a weak spot in the security and enter there. A rock though a window is common enough.
From what I understand most crackers do much the same thing, they don't actually crack the security software, they call up and get someone to give them their password, or go though the garbage and find one written down.
Also, can't you reverse engineer Windows if your determined enough? The binaries are in machine code, sit there with a hex printout of the binary, and the x86 machine instruction set and work out how it works in detail? Okay, its not easy, but if you're willing to kill yourself and anyone else by flying a jet into a skyscraper, how much more difficult is it to do this?
Redmond de Tocqueville's boomerang hit them so bad, I think the study was actually funded by Stallman.
That might explain why they missed the only valuable argument against Open Source:
You can't hide spyware in an Open Source System,
therefore, you can't easily trap terrorists using linux.
I tried not to make personal attacks, but the AdTI paper is so blatant that I don't see any harm in showing exactly what I think of it now and then. There are well-written non-personal defenses of free software (like Villaneuva's); it's just not my style to hold back.
Dark Nexus writes: About the only thing that I find arguable about that small section of the ADTI report is the part about Open Source not working for a business model. First thing that David Skoll indicates is that he doesn't care about business models.
Perhaps I should have reworded that. What I mean is, I don't care about the GPL in relation to existing, proprietary software business models. And it's not my job to explain to people how to make money from GPL'd software. GPL'd software is out there, and we'd all better learn to adapt.
The gnat writes: This is the code the Internet is built on- it's a good thing it's under such a liberal license, and a good thing that Microsoft chose to use it.
I have no problem with BSD license advocates. But I choose GPL, the AdTI paper attacked the GPL, and it was the GPL I was defending. If people want to use BSD licenses or proprietary licenses, that's fine. All I'm saying is they'd better learn to live with GPL'd software, because it will be out there. It's changing the game.
Anarchos writes: It's interesting to note that Roaring Penguin's own CanIt license [roaringpenguin.com] is considerably more restrictve than the GPL, despite the article's "Tough. Adapt or die" refrain for proprietary licensing.
Yes, the secret's out: I sell non-free software. I'm experimenting with business models, and one that I'm trying is to sell non-free software value-added on top of free software. I gradually migrate the non-free portions to the free parts. That's what paid for the RADIUS support I added to pppd in the Linux PPP CVS. That's what paid for MIMEDefang (the free software which underpins CanIt.)
I'm not a total free software zealot. I believe there always will be proprietary software, and it will always have a niche. But it has to coexist with free software, and CanIt is my experiment with coexistence.
--
David F. Skoll
I worked for a defense contractor from 1980 until 1992. During that time software developed under contract for the government became government property. If we worked on a project that was related to another project, we could request the software developed for that project be furnished to us. I know of at least one project that I was personally involved with where we were able to obtain applicable software that had been developed by another company this way. Has this changed? Or are we only talking about the equivalent of shrink wrap or minimally customized software? From some of the articles (such as the one at Newsforge), either people who don't know about developing software for the governement are saying things that have no basis or how the governement treats software it pays to have developed has changed a lot in the past 10 years... and since I keep up on such things, I don't think so.
BTW, we also made use of open source software (I remember one project in particular that used X for the user interface). It was buggy as all get out but it was "free."
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
I here this alot, it's not true. Do you get support from MS on Windows problems by calling them up? I never have called them, but other techs have and then get charged for not correcting the problem. I can fix just about every problem the 4800 user's of Windows have thrown at me (you get real good at fixing Windows problems because there are so many of them) At home I use GNU/Linux of course and have beat the sh#t out of it and brought it back just as good as before. Bottom line from the easy to find support and lack of need of it for the most part, linux is just as supported an OS as MS or better.
Personally I have no problem with buying software. There is nothing wrong with making a product and profiting from it. What I do have a problem with is when a company sells a product that, in may ways, is inferior to something a few guys wrote in their spare time. Now, if the same company refuses to acknowledge/fix problems with their software ... well.. they get what they deserve.
Its seems like the intended audience for his counter rant was pretty much the slashdot crowd itself (the proverbial "choir")
Any version of it to be sent to an "outsider" would probably have to be cleaned up, or in other words boring-erized.
Its very difficult to write a logically strong argument that is both business/professinal as well as interesting/readable. (The recent writings of peruvian congressmen qualify as both)
It would be preferable to me if the rigid business types were a little more forgiving of humor, and accepting of unproven yet obvious anecdotes (such as the fact the ADTI is a blatant shill).
NSA's linux extensions are a research project into adding capability models to Linux. The page clearly states that they are not actually creating or auditing a secure linux distribution, with appropriate disclaimers on the usefulness of the changes. It's a valuable contribution, but in now way constitutes 'NSA Linux, for all of your security needs.'
...is spinning in his grave.
Or perhaps not. After all, he did predict that the Republic would last until the masses realized they could vote themselves bread and circuses.
To that, I'll add "Or Microsoft can buy FUD in his name."
668: Neighbour of the Beast
You mean that it is a good thing that there was a berkeley stack for MS to use, otherwise we would all have ended up using some MS/proprietary networking stack. Were that the case, then it is good because we have open standard interoperable TCP/IP networking.
However, you failed to consider the possibility that MS o/sen would have been a little less dominant if they did not have a tcp stack to acquire. Perhaps we would be using other operating systems while microsoft scrambled to come up with an alternative to a hypothetical GPL'd tcp stack.
Whole operating systems could be interoperable then... perhaps having less market share would encourage MS to be even more standards compliant yet(to compete). Would that not be an even better? Is it inconceivable to entertain the possibility?
The ADTI report focuses on the implications of GPL on the security of computer systems. This is largely irrelevant since the biggest external security problems for computer users are computer viruses, poorly administered system and week security procedures.
Of the 74,148 computer viruses detected by Sophos at least 70,000 rely on security weaknesses in Micrsooft Software.
Forget the FUD about GPL, Fight Microsoft on their security record with viruses
Many end users still think computer viruses attack the hardware !!!
78b1832fed2f6c28776097570352c225 Jun 10 02:52 old_opensource_whitepaper.pdf
3be312fb8ea04f8d31561c64848a2e27 Jun 10 23:14 opensource_whitepaper.pdf
A conversation with Mr Brown yesterday evening suggested that there will be a much revised version forthcoming. No telling what / when /if such a version will be forthcoming. I have to say my expectations aren't all that high, but then hope springs eternal :-).
Linux is Linux, if One need clarify their dist: <Dist>/GNU Linux
bsds are of course just BSD
Atdi's easter egg -- is there something wrong going on here?
That report is dated July 2001; the one that stirred up all the trouble is of much more recent vintage. And it has still not yet been released to the public, although I'm told that is in the works.
The Government must choose software to maximize national security and minimize government expenditure
I believe should read: "The Government must choose software to maximize the welfare of its citizens, of concern is software security as it relates to national security, and minimize government expenditure"
A commercial vendor interested in using open source software in a closed-source product can always request a separate license that does not require release under the GPL.
Even Microsoft doesn't have a one-size-fits-all license for their source code. Microsoft's EULA and the GPL are the default licenses, not the only possible license.
Suggestion for the EFF and/or FSF: help open source software writers negotiate and manage non-open source licenses for closed-source, commercial software.
Have fun...
http://www.adti.net/html_files/
What are the consequences of contributing to a project that comes under fire for patent or copyright infringement? Aren't the major contributors of BNETD kind of going through that now?
If I am a large corporation and I adopt some GPL software for my business and later someone finds that some code in that project was obtained without authorization and now the owner of that code is looking for blood and sees that I have quite a bit of it to give don't I put myself at risk? I may not have been responsible for inserting that code into the project, it could have happened before I joined the project but I improved on it and helped distribute it on my company's website. That could really screw up my business by costing me time and money. Forget backdoors and trojans. I think the real potential enemy of free software is stolen code.
I have a prediction for the future. At some point we will see some proprietary code slip into a free software project and really challenge the system. If I were Ximian I would be very mindful of what people are submitting to the Mono project.
'Same speed C but faster'
http://www.adti.net/html_files/defense/opensource_ whitepaper.pdf
http://www.well.com/~kena/OpenSourceDebate.txt
I think the OSI/FSF communities need a new tact to deal with all this IP FUD. Very few articles in the media make it clear that the GPL DOES promote copyright laws and states it quite explicitly in their licenses. We need to get out the phylosophy that copyright does not equate to profit making. The 2 are absolutely and completely unrelated!! Yes, you can choose to profit from copyrighted material, just and you can choose not to. Again, it's completely your choice because the 2 are completely unrelated... one has absolutely nothing to do with the other. M$ and their media/legal lackeys always infer heavily that IP = $ when it's simply not true. That's why it's called INTELLECTUAL property and not MATERIAL or REAL property! It doesn't, in itself, have any inherent trinsic value.
Anyway, Bruce, RMS, the OSS community at large and all the media out there: Start clarifying that IP != manditory profits.
The hedge fund, though, isn't involved with high-tech; it invests mostly in third-world countries.
I was struck by the adti paper's version of history. It would appear that the GE 645, a top of the line multi-million dollar machine, was a minicomputer. I wonder what the authors were smoking.
Apparently ADTI is not as embarassed as Microsft and Unisys by the fact that they are apparently running Open Source software while simultaneously bashing it.
(yes, I am assuming that Rapidsite/Apa is an Apache variant. Am I wrong? I can't find any info on their website about their httpd server software.)
MjM
XKCD:Xeric Knowledge Comically Dispen
Does anyone know what can be done about this? If you told them you were not an expert but they credited you as one anyway they have a direct lie in the paper. Perhaps the BBB would have something to say about such a thing?
I don't know, it just seems that an institution whose primary business is knowlege knowingly printing a lie should be dealt with somehow.
Science may someday discover what faith has always known.
The http response header of the ADTI webserver is:
RapidSite/APA/1.3.20 FrontPage/4.0.4.3 mod_ssl/2.8.4 OpenSSL/0.9.6
It looks like that they using Apache with modified host string, but they using OpenSSL. Hmm Opensource?
Reverse engineering has a number of implications. It harbors very close to IP infringement because and has staggering economic implications.
There remains considerable differences
To Whom It May Concern:
I deeply apologize to all who were upset by my troglodytic 10-year-old brother's book report. Every time he gets out of the crawlspace he wreaks havok.
PS: If I finds out who plagiarized it and harbored it to the Internet, I'll implicate his ass!
Haha..
& mo de_w=on&site=adti.net
They are running OpenSource on their website:
http://uptime.netcraft.com/up/graph/?mode_u=off
This entire ADTI paper sounds just like something
an Ayn Rand villian would say, all conjectures,
FUD, no hard facts because you can fight facts
but how do you fight grey meaninglessness?
This world makes me sick
Turn it around. A developer gets a job at Microsoft and slips in some code from Mono. After .NET gains lots of users, they let the hammer fall. Microsoft now has to GPL all of .NET. The risks are the same. GPL is just another license, and its conditions must be followed just as completely as those of a proprietary license.
Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
I think its great that so many people are getting involved writing rebuttals to these obvious pieces of propaganda. (Yes, intelligent, logical well written opposition is obviously better than an emotional and sarcastic response)
/.ers, it is probably not to their main target: current Windows users and IT managers. They also provide stories to Yahoo, and many other news organizations and are seen as a respectable Tech News source by many.
/. and The Register build community support, but hardly undo the damage done to the open source reputation in the minds of those who don't read, or don't even know what /. is!
But keep in mind, the target for the original pieces, and the sources that propagate them. As the register points out, ZDNET is a common source of this info. While ZDNET's bias is apparent to
My point is that most of these rebuttals are published on sites where there is already consensus on the validity of open source, and the dangers of closed source in certain situations. Rebuttals on
Clarification and articulation of the open source argument must be made to the same groups MS and ZDNET are targeting.
...you should switch back now (please mirror this under the FDL) blow by blow.
Got time? Spend some of it coding or testing
When I looked at that site, and followed the link to the material on Putnam, and his analysis of civic associations, this quote just about blew me away given the current context:
Now if that doesn't embody the Open Source community, I don't know what does. And here's an organization named after de Tocqueville that seems clueless as to what he valued!
Now, you can rant about "right-wingers" if you wish, but some of us on the "Right" place value on conserving more enduring values such as those de Tocqueville celebrated, and not in "Country Club" Big Business-centric loyalties of politicians of both parties (see how much money Democrats get from big business, which prudently plays both sides of the fence ;-). Many of us on the Right value the human right of free enterprise (and association), in contrast with big enterprise. See also Eric Raymond's "The Cathedral and the Bazaar", with respect to his notion of the "Gift Culture". And, as I recall, he would consider himself to be more of the Right (libertarian variety?), than of the Left.
ROC
Throw the rebuttal URLs at every journo and talkback you can find. And the MITRE study in particular, it has immense credibility.
And don't forget mine, either! (-:
Got time? Spend some of it coding or testing
I can make an infinite number of balls. You can play with one provided that you are also willing to clone and hand it on. If you nail my balls to something you own, you must do the same with the entire object. Putting my balls in a ziplock bag with other people's balls is philosophically safe, I won't speak to the health issues.
Still deficient, because it makes no distinction between source and binary, but better.
Got time? Spend some of it coding or testing
I do appreciate the lack of hidden agendae. (-:
Got time? Spend some of it coding or testing
The header reflects their mod of Apache. AdTI probably have no clue what powers their site. I base this conclusion on their fairly complete lack of a clue in any other technical area.
Got time? Spend some of it coding or testing
Viega and Fleck's rebuttal is the best of the three rebuttals linked to in the blurb, but it has some problems too. The other two rebuttals (of which Miller's is the least valuable for reasons already mentioned in other threads under this story) don't take the time to understand the difference between the Free Software and Open Source movements and they use the term "Open Source" and "commercial" incorrectly.
There are some points in Viega and Fleck's rebuttal I'd like to address. Early on Viega and Fleck make reference to "open software, particularly that licensed under the GPL.". I don't know what "open software" is but given their apparent familiarity with the Free Software movement, I have to wonder why they would talk about the GNU GPL as something other than a Free Software license.
I find there are situations where the person distributing the software didn't give due diligence to the licenses involved and, upon learning the ramifications of distributing GPL-covered software, is eager to resolve the issue. There are situations where the people don't understand what freedoms Free Software refers to, and there are situations where people don't understand why copyleft is necessary and wise. Describing the GNU GPL as a "virus" is typical for people who criticize without understanding its terms or the Free Software movement's philosophy. Therefore it puzzles me why Viega and Fleck would choose to repeat such language.
This is not true at all. Viega and Fleck are apparently unaware that Microsoft ignored their own advice and decided to distribute GNU GPL-covered software. This act alone takes virtually all the wind out of Microsoft and AdTI's anti-GPL arguments. Also being unacceptable to a company is quite different from being unable to distribute due to a clause in the GPL. The GPL has nothing that prevents Microsoft from sharing the software. It was their choice not to distribute GPL'd software until recently.
I agree that it makes little sense for anyone to complain about the few restrictions imposed by the GNU GPL but I don't agree with the first reason Viega and Fleck give above. The impact to any user is there if that user distributes GPL'd works too. It is very easy for almost any computer user to copy software and distribute a copy to someone. This means the GPL (which largely has to do with distributing software) is relevant even for those that don't write software. It is important to understand the terminology of the GPL. The GPL's terms do not talk about "end-users" and "developers" but instead talks about those that "distribute" GPL-covered programs.
Actually the situations are not as comparable as this makes it appear. Microsoft was found guilty of antitrust violations regarding their software. There should be a punishment for violating antitrust law (even though in the Microsoft case it looks like there will be no real punishment). It would be fair and reasonable for Microsoft to lose access to their lock on the market so others can compete. Such a punishment need not force them to make their software Free Software as I outlined in my Tunney Act letter.
Regarding the copyright section (toward the end of the explication of Myth #5), Viega and Fleck say:
In Berne signatory countries, yes (and this covers a lot of people), but not all countries are Berne signatory countries.
During the MySQL vs. Progress Software case, the FSF reported "Judge Saris made [it] clear that she sees the GNU GPL to be an enforceable and binding license". But like Viega and Fleck reported, Eben Moglen said most GPL infringment situations don't go to trial, they are resolved with a few e-mails.
Actually they sell machines with operating systems based on Linux (and advertised these machines on mainstream US television). I don't know if they are GNU systems with Linux but in any case IBM is clearly distributing GPL-covered Free Software. Also they have distributed enhancements to Linux to add support for another file system. By now they may be doing more of which I am unaware.
Finally, Viega and Fleck offer a bit of undefended rhetoric in the end:
The rebuttal doesn't cite precisely what FUD is coming from those in the Free Software movement (which I'm presuming is one of the "camp"s referred to here).
Digital Citizen
That calling this group the "Alexis de Toqueville Institute" is kinda like renaming the Creation Science Institute to the "Charles Darwin Institution for the Study of Evolution".
-- The reason it's called the right wing? Irony.
Since everything technical on the site (except for the actual hosting) sings rapt praises of Microsoft, it's pretty difficult to avoid the conclusion that MS don't so much sponsor as own AdTI.
Got time? Spend some of it coding or testing