Will Microsoft Code-Checking Plans Cripple the GPL?

Infonaut was one of many readers to point out that "Thomas C. Green at The Register seems to think Microsoft is after far more than the 'ubiquitous security' they're pitching to the mainstream press. In this lengthy article, he contends that Microsoft's latest plans are in many ways an attempt to kill Linux by rendering GPL'ed software unusable. Yep, that's freedom to innovate, I'd say."

Re:The Sky Isn't Falling Yet

[Zathrus]

In-house is irrelevant. That's not what this is marketed/designed toward. What MS is attempting to solve here is "how can I trust party X out there? How do I even know that party X is party X? And how can I trust party X not to share my private information with party Y?"

It is, at least on the surface, a noble goal. There's still a lot of people out there that aren't willing to do transactions over the net due to security concerns. And even those of us who do use the net to do transactions know that there's pretty much nothing we can do about step 3 above -- if someone decides to share my personal data (be it my name, my address, my credit card numbers, or my social security number), there's pretty much no way in hell for me to ever track it back to them.

The problem is, these are tough nuts to crack. That's why they haven't been fully completed yet. Microsoft is taking the stance that the only way to do it is to have a centralized authority, hardware encryption, and trusted systems. The problem with this is that it must be closed source. You cannot open the source up, nor can you allow people to "self-sign" -- doing so just means that Joe Cracker can say "yeah, I'm trusted - give me your info" and the system will. Because it's designed that way.

Of course, there are a plethora of other issues here... privacy advocates will immediately scream about a centralized database of ALL the private information. Think the credit bureaus are bad? You haven't seen anything yet. And, afterall, we're talking about Microsoft here -- they don't exactly have the greatest history when it comes to security. And this isn't the kind of thing you can release and patch up later. It must be virtually air tight from the very beginning, or else you won't be able to guarantee the system as a whole (good luck patching that security hole on the embedded card reader over there!).

Re:Who will 'force them'??

[rseuhs]

If your new PC refuded to run unauthenticated binaries, that would pretty much kill Windows.

Let me explain:

IMO, the only thing that keeps Windows going is that people have so much software lying around that they have a hard time switching.

Now if the first PCs with this limitation come to the market that force you to replace all your software many would just switch to Linux because your software will become worthless sooner or later if you stay on Windows.

And if Microsoft is stupid enough to enforce Palladium in their OS, Wine/Linux will have BETTER WINDOWS COMPATIBILITY than Windows itself.

Re:The time has come....

[colmore]

It's struck me before that what we need is a "rootless" Linux distro.

One of the main obstacles toward using Linux is installing software. Whenever I try to get my friends to switch over to Linux, and I'm talking about experienced computer users with Unix experience, the inevitable huge stumbling block is "well how do I install anything?"

What Desktop Linux needs is a semi-protected mode (no login) similar to the priveledges of the default Windows user, you can change settings, install software, view the whole directory structure, but you can't change anything that would cripple the system to the point where "click here to restore default settings" (another option we need) wouldn't fix everything.

Linux software should be as easy as download to the desktop -> click to install. Right now the learning curve of linux has been pushed back only a few steps, it's easy to setup a default config, and use the web and email and anything setup by the distro, but you still have to learn all sorts of crazy convoluted things to do anything beyond that. The difficulty of a task shouldn't be greater than the task's complexity.

Once that is done, someone needs to write a book/series of visible articles entitled "So, you're tired of paying Microsoft $100 per year"