Slashdot Mirror
Will Microsoft Code-Checking Plans Cripple the GPL?
Infonaut was one of many readers to point out that "Thomas C. Green at The Register seems to think Microsoft is after far more than the 'ubiquitous security' they're pitching to the mainstream press. In this lengthy article, he contends that Microsoft's latest plans are in many ways an attempt to kill Linux by rendering GPL'ed software unusable. Yep, that's freedom to innovate, I'd say."
In-house is irrelevant. That's not what this is marketed/designed toward. What MS is attempting to solve here is "how can I trust party X out there? How do I even know that party X is party X? And how can I trust party X not to share my private information with party Y?"
It is, at least on the surface, a noble goal. There's still a lot of people out there that aren't willing to do transactions over the net due to security concerns. And even those of us who do use the net to do transactions know that there's pretty much nothing we can do about step 3 above -- if someone decides to share my personal data (be it my name, my address, my credit card numbers, or my social security number), there's pretty much no way in hell for me to ever track it back to them.
The problem is, these are tough nuts to crack. That's why they haven't been fully completed yet. Microsoft is taking the stance that the only way to do it is to have a centralized authority, hardware encryption, and trusted systems. The problem with this is that it must be closed source. You cannot open the source up, nor can you allow people to "self-sign" -- doing so just means that Joe Cracker can say "yeah, I'm trusted - give me your info" and the system will. Because it's designed that way.
Of course, there are a plethora of other issues here... privacy advocates will immediately scream about a centralized database of ALL the private information. Think the credit bureaus are bad? You haven't seen anything yet. And, afterall, we're talking about Microsoft here -- they don't exactly have the greatest history when it comes to security. And this isn't the kind of thing you can release and patch up later. It must be virtually air tight from the very beginning, or else you won't be able to guarantee the system as a whole (good luck patching that security hole on the embedded card reader over there!).
Ya know, the more big media (and big biz in general) talk about DRM (essentially copy prevention), the less interested I become.
Occasionally, big media has come out with some real gems (like LotR:FotR), but frankly, most of it is crap. I used to listen to the radio for music, but I'm not too impressed by most of that either. Now all I listen to is NPR and an independent dance music station.
They can go and use all the technological means to protect their product (as opposed to art). As long as a few of us can still communicate together, I can keep using free software. As long as people still know how to sing and play, I'll still have music to listen to.
Maybe I'll still go to a movie in a theater once in a while, but I'm just about finished with big media. The more effort they spend to protect their products, the less significant it becomes as art.
Let me explain:
IMO, the only thing that keeps Windows going is that people have so much software lying around that they have a hard time switching.
Now if the first PCs with this limitation come to the market that force you to replace all your software many would just switch to Linux because your software will become worthless sooner or later if you stay on Windows.
And if Microsoft is stupid enough to enforce Palladium in their OS, Wine/Linux will have BETTER WINDOWS COMPATIBILITY than Windows itself.
The author of the linked article states that even with GPL'd source code, the binaries you build would not work because they aren't certified. How, then, would a developer develop anything if they can't run binaries? Or would all binaries run under the same cert on a particular machine? This whole scheme seems to be simply unworkable.
It's struck me before that what we need is a "rootless" Linux distro.
One of the main obstacles toward using Linux is installing software. Whenever I try to get my friends to switch over to Linux, and I'm talking about experienced computer users with Unix experience, the inevitable huge stumbling block is "well how do I install anything?"
What Desktop Linux needs is a semi-protected mode (no login) similar to the priveledges of the default Windows user, you can change settings, install software, view the whole directory structure, but you can't change anything that would cripple the system to the point where "click here to restore default settings" (another option we need) wouldn't fix everything.
Linux software should be as easy as download to the desktop -> click to install. Right now the learning curve of linux has been pushed back only a few steps, it's easy to setup a default config, and use the web and email and anything setup by the distro, but you still have to learn all sorts of crazy convoluted things to do anything beyond that. The difficulty of a task shouldn't be greater than the task's complexity.
Once that is done, someone needs to write a book/series of visible articles entitled "So, you're tired of paying Microsoft $100 per year"
In Capitalist America, bank robs you!
the other issue i see is installing from source. unless you can make this a double click graphical process, people wont do it. its as simple as that.
i think what linux needs is something to complete this equation...
Aqua enables Unix like...
XXXX enables Linux.
just look at what Aqua and OSX are doing for Unix, theyre getting real people(pun intended) to use it, after it being around for decades.
that and users dont want to hear about kernals or CLIs or anything remotely tech related. they want to poke at pretty buttons and make things 'magicly' happen.
I want 2D games back.