Slashdot Mirror
Responses to ADTI Paper
Everyone and their brother has something to say about the silly and incoherent ADTI paper released yesterday. It doesn't even seem worth the effort to me - it's so internally inconsistent that I can't imagine it convincing anyone of anything. Nevertheless, David Skoll of Roaring Penguin has a good rebuttal, and Newsforge ? pointed out that the MITRE study that's been kicking around for so long is now public, and took a look at the differences between the two. Update: 06/11 18:43 GMT by M : Another rebuttal, by John Viega and Bob Fleck of Secure Software.
really just a front for MS to push a political agenda around? i've never heard of ADTI (although i do know who Alexis DeTocqueville is) until now, and they don't seem to be a legitimate research organization.
really, if open source poses a threat to national security because of the availability of the source code, then we should also remove all books from libraries because of the same threat they pose to national security.
Me email iz skyewalkerluke at microsoft's free email service.
I don't know what you all are talking about. I thought it was very convincing.
And I'm a senator. My constituency trusts me to make decisions for them. Why else would Disney^H^H^H^H^H^Hthe people of South Carolina elect me?
Is how obviously biased the paper is - it's badly sourced, badly written, badly argued (there's holes in their arguments big enough to drive the proverbial truck through, like, "GNU doesn't let you steal source code for profit - the bastards!" - when proprietary licenses will throw you in jail for stealing source code), and so far, badly taken by anyone who knows anything about technology.
The counter argument (I read it on The Register this morning) is well written, well argued, has plenty of great sources, and except for the "Adapt or Die" bit repeated over and over again which showed his own bias (cool, but probably not the professional white paper people care about), it was a convincing argument.
So what was the point? If this "independant think tank" was paid for this research, whoever funded them should ask for a refund. If they did it to prove a point, someone should go back to "Presenting Important Arguments 101" and come back when they can present a logical, convincing argument.
All this appears to be is something a backpocket Sentator can wave and say "Look at this important research that proves why we need the GNU Illegal Code Act of 2003!". And sadly, most voters won't care because they don't know any better.
Then again, my 3 month old son doesn't know he shouldn't eat his hand. Same difference, I guess.
52 Weeks, 52 Religions with John Hummel
Wired has an article from almost a week ago titled Did MS Pay for Open-Source Scare.
The government's productive alliance with private enterprise is also relevant particularly when its decision to use GPL source code would inherently turn away many of its traditional partners. Security, as well as other impracticalities make GPL open source very unattractive to companies concerned about intellectual property rights. In effect, the government's use of GPL source code could inevitably shut out the intellectual property based sector.
The Government must choose software to maximize national security and minimize government expenditure. It owes absolutely nothing to the "IP-based sector" or any other corporation. What was it I said before? Oh, yes: "Tough. Adapt or die."
It seems to me that many corporations are complaining about loosing their ability to make a profit. They expect the government to legislate things to help them. The author hints to this here but, let me add to it:
Running a business is a privilege granted by the people (business/vendor license). There are no rights, promises, or guarantees that running a business will earn any profit.
UNIX/Linux Consulting
Yup, I think that's the point I've always wondered at. Why is MS so upset at the GPL? Nobody is forcing anybody to use it (to my knowledge,at least. Long-haired liberals may have kidnapped some CEOs and forced them to renounce Microsoft and all its pomps and works since I last checked, but I rather doubt it).
So I suppose it's only some kind of friendly warning to innocent users (as we all know that nobody ever reads licenses, uhh... wait a moment...). If it's so, well... thanks and all that. Nice from you to spend all those dollars in raising the public awareness of the problem. I think the point is already made, thanks, walk along, it's been a pleasure, we already know what we are doing, thanks, keep moving.
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
The author of the Roaring Penguin rebuttal misses a point, one that's endlessly tossed around Slashdot. That Microsoft's (proprietary) TCP/IP stack is derived from the Berkeley stack is a good thing. As I understand things, the Berkeley stack is pretty much universal now because it was simply better than the closed versions. It's essentially the reference implementation of TCP/IP. And those programmers (not "thousands") who wrote it presumably meant for it to be used anywhere and everywhere.
This is the code the Internet is built on- it's a good thing it's under such a liberal license, and a good thing that Microsoft chose to use it. Certain things should not be GPL'd, and I think Microsoft has this right; open standards like this will never be fully accepted otherwise. A web browser, or a server, or an OS is an entirely different matter, though Microsoft doesn't seem to see this.
The FSF would of course disagree; they put ideology ahead of technology and have demonstrated that the "morality" of a project is more important than its success.
Interesting given that the US census population clock currently pegs US population at 289 Million.:-).
Seriously, having spoken extensively with the author of this study on the 'phone, he just doesn't follow a lot of the details at a level to coherently argue them with an informed audience.
Sure I can find bright folks on both sides of debates on oss/proprietary, full-disclosure/security-secrecy, win/unix/mac etc.
However ADTI's treatment may pass muster with folks who don't know the details and might have a similar set of economic / philosophic biases (e.g. capitalistic=successful=proprietary).
Anyhow 'Debates' are stoopid imo, debates with 'opponents' who lack enough clue to really participate are simply boring / frustrating.
Linux is Linux, if One need clarify their dist: <Dist>/GNU Linux
bsds are of course just BSD
Why does the author keep referring to the IP community and the "GPL community" as separate things? He even says that the GPL competes with US copyright law. This guy either has a fundamental lack of understanding about copyright or is a bald-faced liar. GPL'd software is IP as much as any proprietary software. GPL'd software uses copyright law as its basis, just as proprietary software does. The only issue here is the licensing terms. The only term that they take issue with is the fact that they can't simply steal the code and incorporate it into proprietary products because they would have to release the source to those products. That's their whole gripe.
They don't even consider the fact that most proprietary licenses are far more harsh than the GPL. In fact, you don't even have to agree to the GPL to use GPL'd software. If you don't agree, then basic copyright law applies. If you do agree, then you get additional rights, over and above what traditional copyright law allows, albeit with some obligations as well. I think that any claim about the restrictiveness of the GPL license is disingenuous at best.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
Well, a bit of both of what you suggested. But I should note that I never said it doesn't already exist. My comments were directed at the views expressed in the rebuttal, NOT towards the current state of software.
When I said balance is necessary, I mostly meant that there be both open source and closed source programs out there. With regards to this, my point was that the author of the rebuttal, at times, seems to be advocating 100% GPL'd software. That's NOT balance.
As for a blend of the extremes as you called them, some balance there in the form of more software being released somewhere in the middle, such as the licsencing scheme used by BitMover for BitKeeper (described in this interview) would be nice.
With this point, I think more balance would be achieved through a more co-operative existance between open and closed source. Of course, I can't expect we'll ever see Microsoft being part of such an initiative.
Dark Nexus
"Sanity is calming, but madness is more interesting."
If you ever get the opportunity, try asking for a show of hands at a computer convention of any kind, for all the people who work writing off-the-shelf software. Last I heard, the number was typically well below 20%.
The rest work in a variety of areas, ranging from custom embedded systems (where the license of your code matters not one iota because the code can't be changed once the device is manufactured, and it's only useful to the one device anyway) to custom software such as web application development or "enterprise" business logic (where the license of the code matters not one iota because it's never released, and only useful to the one company anyway).
So at worst, if all off-the-shelf software were eliminated, the software industry would shrink by 20%.
More likely, companies with large software requirements (like needing 100,000 installations of an office suite) will channel some of the money they're not spending on licenses and employ some programmers to answer the question of "where do we get bugfixes from if there's no company to turn to?". Once you reach a certain size, employing a few full-time programmers is actually cheaper than paying the ludicrous license costs of OTS software these days. Or they could pay a company like Red Hat or IBM or Sun for "support" (ie, to employ some programmers to prioritize this set of bugs/features over all others).
You've said that "100% open source isn't truely viable" but not backed it up in any way. David Skoll at least backed his point of view up by pointing to great software produced entirely without business models being in the picture. Who is more credible, the one who makes a (admittedly lightweight) argument to back up his point of view, or the one who simply calls the other a zealot with no argument?
It's hard to argue against someone calling for "balance". But sometimes "balance" simply isn't necessary or desirable. Just ask the Catholic Church what kind of reception their "balanced" approach to sex abuse is getting. Sure, that's a reductio-ad-absurdum. But since your whole argument seems to be "balance is necessary!", it suffices to point out a single counterexample...
Stuart.
General Public License
From the license preamble:
I was quoted in the document as a "programming expert". Er, not exactly. My specialty is installation programs and configuration management. Yes, I code, but in the open source world, I'm not an important contributor. Also, in my email exchange with Mr. Brown, I pointed out that I was not an expert in the GPL, yet he specifically cites me about aspects of the GPL. That particular portion was quite possible my least favorite of everything I wrote because I neglected to mention you only need to publicly release your own source code if you publicly release the binaries. This is a glaring omission and I must apologize to the Open Source community for my own stupidity.
-- Will program for bandwidth
I tried not to make personal attacks, but the AdTI paper is so blatant that I don't see any harm in showing exactly what I think of it now and then. There are well-written non-personal defenses of free software (like Villaneuva's); it's just not my style to hold back.
Dark Nexus writes: About the only thing that I find arguable about that small section of the ADTI report is the part about Open Source not working for a business model. First thing that David Skoll indicates is that he doesn't care about business models.
Perhaps I should have reworded that. What I mean is, I don't care about the GPL in relation to existing, proprietary software business models. And it's not my job to explain to people how to make money from GPL'd software. GPL'd software is out there, and we'd all better learn to adapt.
The gnat writes: This is the code the Internet is built on- it's a good thing it's under such a liberal license, and a good thing that Microsoft chose to use it.
I have no problem with BSD license advocates. But I choose GPL, the AdTI paper attacked the GPL, and it was the GPL I was defending. If people want to use BSD licenses or proprietary licenses, that's fine. All I'm saying is they'd better learn to live with GPL'd software, because it will be out there. It's changing the game.
Anarchos writes: It's interesting to note that Roaring Penguin's own CanIt license [roaringpenguin.com] is considerably more restrictve than the GPL, despite the article's "Tough. Adapt or die" refrain for proprietary licensing.
Yes, the secret's out: I sell non-free software. I'm experimenting with business models, and one that I'm trying is to sell non-free software value-added on top of free software. I gradually migrate the non-free portions to the free parts. That's what paid for the RADIUS support I added to pppd in the Linux PPP CVS. That's what paid for MIMEDefang (the free software which underpins CanIt.)
I'm not a total free software zealot. I believe there always will be proprietary software, and it will always have a niche. But it has to coexist with free software, and CanIt is my experiment with coexistence.
--
David F. Skoll
Need any more proof?
What are the consequences of contributing to a project that comes under fire for patent or copyright infringement? Aren't the major contributors of BNETD kind of going through that now?
If I am a large corporation and I adopt some GPL software for my business and later someone finds that some code in that project was obtained without authorization and now the owner of that code is looking for blood and sees that I have quite a bit of it to give don't I put myself at risk? I may not have been responsible for inserting that code into the project, it could have happened before I joined the project but I improved on it and helped distribute it on my company's website. That could really screw up my business by costing me time and money. Forget backdoors and trojans. I think the real potential enemy of free software is stolen code.
I have a prediction for the future. At some point we will see some proprietary code slip into a free software project and really challenge the system. If I were Ximian I would be very mindful of what people are submitting to the Mono project.
'Same speed C but faster'