Slashdot Mirror
Did MS Lobbying Stop NSA Work On SELinux?
inquisitive points to this CNET story on how George Wash Univ. may help Linux gain certification under the Common Criteria, certification required for software to be used in some sensitive government roles. In the same story, though, is an interesting quote from another effort at bringing GPL'd software to the public sector: "'We didn't fully understand the consequences of releasing software under the GPL (General Public License),' said Dick Schafer, deputy director of the NSA. 'We received a lot of loud complaints regarding our efforts with SE Linux.'" Sources familiar with events said that aggressive Microsoft lobbying efforts have contributed to a halt on any further work. 'Microsoft was worried that the NSA's releasing open-source software would compete with American proprietary software,' said a source familiar with the complaints against the NSA who asked not to be identified."
And we are supposed to believe anything remotely associated with the letters N, S and A ??
college and universitys cheating those who already know the job out of jobs because they teach average joes how to do a better job.
I'm a big retard who forgot to log out of Slashdot on Mike's computer! LOOK AT ME.
...called competition.
'Microsoft was worried that the NSA's releasing open- source software would compete with American proprietary software,'
Apparantly MS is worried that it'll catch on.
If you think education is expensive, you should try ignorance -- Derek Bok, president of Harvard
If the NSA software would compete with MS, then the government has no business releasing it. Government isn't there to compete with private industry. It's unfair, especially considering the fact that the government can subsidize any projects with tax money that comes from it's competitors.
We have Microsoft telling the NSA what to do. Shouldn't it be the other way around?
Or maybe it's one of Bill's minions I hear breathing over the phone line?
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
Do you trust them? How about anyone outside of the US, do you trust them? Didn't think so. This is a case of having the source code to "review" means little as 99.9% of us would not be able to find anything amiss in the NSA contributed code if their were intentional flaws.
If MS keeps saying how much better Windows is in the server room then why are they worried about SELinux?
Seems like they're having a hard time believing their own hype - maybe if they spent the effort fixing the SSL IE/Windows hole, then SELinux wouldn't have such an 'advantage'.
Use AIX or Solaris... so maybe they were wasting their time?
Aw, fuck it. Let's go bowling. - The Big Lebowski
maybe Microsoft has such poor faith in their products that they don't think they can compete against anthing else without a hugh advantage.
or possibly their products are that bad.
Does this mean that TrustedBSD's days are numbered?
http://www.trustedbsd.org
Nah, MS just wants the government to use nothing but THEIR software, so Big Bad Billy can cruise through the DoJ sites with his secret backdoor :)
"The amount of intelligence on this planet is a constant. The population is growing." -Cole's Axiom
^_^
Ah hah! You're another fat anime-loving moron!
They killed Tux!
(apologies to SP)
You know, take the high road, like the open source community did, and attempt to legally exclude your competition from even being elligible? Oh yeah, spin the story so it's all about "freedom."
Translation...Complaints from Microsoft criticized the agency for providing the fruits of research to everyone, not just Microsoft, and thus hurting Microsoft's control over the world.
Thus...Bill slaps the NSA and says "Don't do that!", and the government quickly complies.
"I bet I'll get blamed for this." --Mayor Quimby
It wouldn't surprise me and goes in line with their current effort of "advising" the government on how linux is evil. Remember Corel dropping linux? Yes the linux desktop was a tough market, but really there is no doubt it was a quid pro quo transaction.
Also what's with MS giving its software away for Free to a different government every week? Its a clear pattern designed to make sure noone can possibly compete. How are they even allowed to do this? I mean its not like they are some cash strapped competitor with no market share looking to get an edge. They are a convicted monopolist who somehow continues to walk between the raindrops and "get away with murder" right out in the open!
If you wanna get rich, you know that payback is a bitch
It seems to have no end. Does anyone have a short list compiled of some monopolistic things MS has done? I'm going to start putting one together for reference.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
No. On who pays the fiddler orders the tune..
Oh, you are saying its the tax payers who pay NSA, not Microsoft shareholders....
Bah..
<^>_<(ô ô)>_<^>
They are also half-wrong.
Software paid for with tax-money should be fully public domain with no strings attached what so ever.
In this case the original code that the tax-payers paid for will be free forever and whoever wants to use it for commercial or GPL'd software can.
"Our interest is in helping to ensure that the government licenses its research in ways that take into account a stated goal of the U.S. government: to promote commercialization of public research."
As an American, i see the government to
- serve protect the people
above and beyond anything else. I include protector from other Americans, and other American Companies in this. The government was NOT made to serve commercial interests. The U.S. Gov't was made to keep individual freedoms, from the dammed British Stamps.I'm simply atonished by how a Company now has more power than an Individual. It was this way in the early 1900s and late 1800s, when de facto slavery of immigrants and whole families in factory towns led to the Union movements. Sadly, Unionization will not work in this day and age, not in these circumstances. Instead, sheer humanity must overcome evils like this, lead by initiatives like Open Source, which give the power back to the Individual, and letting him control his own destiny once more. Thank you programmers and hackers for letting OSS live on.
FSCK the man!
I'm not surprised Microsoft lobbied the NSA....
I'm surprised they listened. Didn't Alchin, senior Microsoft executive, recently testify (in the anti-trust case, IIRC) that Microsoft software is so poorly designed and/or implemented that full disclosure of the API would inevitably result in the death of many Americans? (That is, after all, what "national security" ultimately comes down to.)
Maybe Microsoft has a point that the NSA's work with SELinux hurts the proprietary software manufacturers, but by Microsoft's own testimony it should be out of the running for all future contracts anyway. I don't care about certification, when a senior exec testifies in court that using his product poses a threat to national security I want the procurement officials to pay attention!
(On a related note, I WILL be asking the Congressional candidates this election cycle what they plan to do about the Federal software procurement cycle in light of senior Microsoft executives admitting that the quality is so poor that it threatens the national security. Microsoft has made it's values clear - $40 billion in the bank is more important than lives - and I want to make sure that my representatives make our values as a country clear. I don't want to force governments to only use OSS software, but I have no patience for excuses from companies sitting on cash reserves larger than the GDP of many nations!)
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Well, duh!
Have anyone noticed this buzzword used by every Microsoft lobbying effort after 9/11 just to trying to give the probably fake impression of Microsoft being "patriotic"?
Somebody has to wake up.
BSD and GPL aren't compatible licenses because of the GPL restrictions. Since SELinux is an expansion of current GPL code it has to be GPL licensed as well. If it were a collection of libraries then it might be possible to use BSD for the libraries as long as they access the core Linux in an LGPL compatible manner.
(IANAOLE - I am not an OSS License Expert)
--- I wish I could hear the soundtrack to my life. That way I'd know when to duck.
If I were Microsoft, I would attempt to buy the patents to the Mandatory Access Controls as used in SELinux, in order to stop the scenario described here from playing out.
The scenario is that by further developing the SELinux concept, linux would become such a secure OS for general government use that governments would be forced to use it instead of Windows.
In this slashdot article. It is the same article text on zdnet.com and news.com.
... if a conglomeration of quotes from /. was sent to some senators, or even better, the judges in the antitrust suit. obviously m$ has far more far-reaching influences than we expected. every now and then we see another story about how m$ tells some company (dell) or some gov't agency (nsa) they are not allowed to do something, or HAVE to do something. that is BS. sure, the agencies and companies can't do anything b/c bill is sleeping w/ the CEOs' wives...but perhaps judges will be better.
QED
BSD is for people who love UNIX. Linux is for those who hate Microsoft.
It's good to see that we now live in a nation that fears competition, exhaults mediocrity, and rewards the foolish, corrupt, and wicked. Oh what a brave new world! Soma! Soma For All!
Welcome to hell.. The United Socialist States of America. I had hoped my kids whould have had the opportunity to grow up on the USA, looks like we lost the war for freedom.
-=[ Who Is John Galt? ]=-
'Microsoft was worried that the NSA's releasing open- source software would compete with American proprietary software,'
Indeed. We ought not have the government funding university labs, because releasing medical research to the public domain might interfere with pharmaceutical company profits.
Not everything that's good for General Motors is good for the country, or its people, or its economy.
~Idarubicin
Soon we'll see Microsoft putting spaceships into space.
oh wait.. it's NSA, not NASA
AutoCAD used to be available for a number of the proprietary *nixes (Solaris, SGI IRIX, HP/UX, etc) back in the Release 10, 11, 12 (and early R13) days. People I used to know that worked at AutoDesk used to make sort of veiled hints that Microsoft put some kind of pressure on them to quit supporting alternative platforms. More or less what they were saying is that AutoDesk was told if didn't quit supporting non-Microsoft platforms that Microsoft would enter the CAD market (possibly by buying up one of AutoDesk's competitors), or at least announce that they were going to, and that would kill AutoDesk by "giving away" the product. But of course nobody in those days would dare come right out and say something like that.
In the Department of Defense, desktops and servers have to go through a NSA lockdown of the operating system before they can go into production. If you wanted to run linux on your desktop, the first question they ask is what does the NSA say about it.
:(
While there are lockdown procedures for Linux from what I understand, having an NSA secure version of linux would have gone a long way to validating the os from the information assurance people. I hate to be forced to use Winx for _security_ reasons.
Don
One day the United States will have a long range rocket or two loaded with WindowsCE and something's going to go wrong. A windows crash will happen.. the rocket will hit the wrong country.. and it'll cause the third world wear.
And it'll be Bill's fault that only cockroaches and ABIO roam the earth.
Should Microsoft be worried about releasing a secure product before ordering around the government? Next thing you know, Bush will come out and say that CEO's shouldn't take out loans from a company to buy stock. They are all a bunch of flamebaiting hypocritical butt-munchers.
And with that, I release my excellent karma to the winds of change.
Why don't we at least write our representatives regarding this. If we do not at least let them know about our objections, we cannot expect them to take them into consideration.
For years the NT folks have never let us live down that their OS is certified and Linux was not.
This is really positive stuff.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
Let's say you have a fruit stand. This fruit stand is your sole source of income. Now let's say someone plants an apple tree right next to your fruit stand and let everyone take some apples for free(worms and all!). Now let's say you have an axe. Do you mean to tell me that you wouldn't try to chop down that tree? I would.
How right you are-BUT if you_own_ 80% of the desktop market anyway who will stop you? The DoJ uses nothing but MS on their computers so why shut them down? Besides we have all seen from MS's "new" EULAs that they can tailor it to there needs while making the end-user bow down. It's like suing the gas companies for having a monopoly on the gas-turbine engine...99% of the would use it.
This SIG pulled due to lack of funding. (This damn war is costing too much!)
Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business
Gee, imagine that -- the fruits of the research that the hard working taxpayers of America paid for is also provided to those very same citizens! Outrageous! It may be true that this research also benefits any other government or company in the world which may choose to use it; but more importantly, it can benefit any US citizen who chooses to implement it.
aggressive Microsoft lobbying efforts have contributed to a halt on any further work. "Microsoft was worried that the NSA's releasing open-source software would compete with American proprietary software," said a source familiar with the complaints against the NSA who asked not to be identified.
Gee, imagine that -- the taxpayers get can get free access to the fruits of the research which their tax dollars made possible. Lets not forget, MS can also get access to this research and implement it: either the exact implementation, which would need to be separated (at a hands length) from other components of MS' OS, or the idea and make their own implementation, which they could license under any scheme they wanted.
Microsoft would not comment directly on its lobbying efforts, but did stress that it wanted to ensure the government continued to fund commercial ventures. "The federal government plays an important ro7le in funding basic software research," said a Microsoft representative. "Our interest is in helping to ensure that the government licenses its research in ways that take into account a stated goal of the U.S. government: to promote commercialization of public research."
That's interesting. According to MS, the government has an obligation to make taxpayers pay twice for the what their tax-dollars funded. Come on. Research is publicly funded because it can help all of the US, not just corporations like MS. Gee, tough concept there -- everyone pays taxes to support research, thus everyone should benefit from it, not just MS. Again, MS can make use of this research internally, thus benefit, or even put it in their OS at a hands length, or develop their own implementation of it.
In addition, the Common Criteria process, run jointly by the NSA and the National Institute of Standards and Technology under the National Information Assurance Partnership (NIAP), is better suited to certify proprietary software coming from a single company. It's ill suited to deal with the myriad updates that the open-source community produces on a regular basis.
Then the solution is rather simple. We create a central organization of Linux volunteers to handle the mriad of updates, and they analyze and review those updates (quality-control), and submit them to the NSA and the NIAP.
Back to the government development of GPL'ed software. I think that whenever possible, the government should develop using the BSD-type license (actually, I think that the public domain should be redefined to be like the BSD-license, so that credit is always given and that the "source" of the originals are always distributed under that "license"). This is because the BSD-license allows all of the US taxpayers to implement the code in exactly the way they choose, even charge for it or make non-free modifications; but it also preserves the commons aspect of what was created by a public effort. In some cases, it may be necessary to develop under the GPL because that which your basing development off of is the GPL; such was the case in SE Linux.
social sciences can never use experience to verify their statemen
How can we even trust what the NSA was doing? Perhaps there was some weird coding loophole that they could exploit..
ANyways, wasnt this patch only used to add a level of true user based security and checking (based on certain credientials: IP, time, packet size.. whatnot).
And If I can remember, I believe Linux made the security model of the Linux kernel to be hot swappable with future new models- like that of VMS. The user/group based security is a pain in the ass. At least with MS, permissions arent a big problem (they have shitloads of other problems).
All this leads up to what my big point is.. MS has it right with permissions (well, what they ripped off of VMS) and Linux doesnt. The NSA source is GPL and just sitting there. WHo wouldnt stop a kernel hacker to make a good implementation of a UP TO DATE security model? Well, that and an FS for it.
Comment removed based on user account deletion
so everyone will switch to clothes made overseas? already happened anyway
the company I work for sells many desktops, workstations and servers to the DOD. NONE of them are Windows machines. their either OSX or Unix....take it how you will...
the history of the world
We didn't fully understand the consequences of releasing software under the GPL (General Public License),'
NSA probably figured out that terrorists have the right to create a derived work without the NSA backdoor as long as they distribute the source code.
"I have opinions of my own, strong opinions, but I don't always agree with them." -- George H. W. Bush
It's particularly annoying that an explanation of exactly what the NSA didn't understand about the GPL wasn't well identified here-- other than "a lot of well-heeled lobbying.... erm complaints ... changed our minds".
The NSA has a large breadth of expertise to offer that should not benefit solely proprietary software. Has no-one bothered to propose to them the concept of dual-licensing? Surely if Microsoft was interested in a portion of their technology they could obtain that technology under a different license.
This whole escapade has the feel of ugly politics.
I know I found the idea of SE Linux extremely refreshing and encouraging.
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
The article makes this statement, "Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business."
This statement is wrong. If the NSA had wanted to make a secure version of FreeBSD, then the fruits of the research would have been available to everyone. It is because they choose to use Linux, which is licensed under the GPL, that they received complaints because the fruits of the research would be available only to non-commercial entities. [Keep in mind the fruits of the research refers to the source code, not the binaries. A lot of Free Software advocates seem to like to confuse those terms.]
Towards the end of the article they mention some cooperation with Apple on making a secure version of FreeBSD. There are drastic differences between the BSD and GPL licenses, and it is extremely frustrating to see those issues either not addressed, or purposefully blurred. Commercial software developers are not complaining about Open Source, they are complaining about the GPL.
In essence, we get to decide who makes the money.
I hate Microsoft.
Just like Standard Oil.
Just like Ma Bell.
Just like General Elecrtic.
If our tax money goes to pay programmers for a public agency, such as, the NSA for instance, then the fruits of those efforts should be made available to the public that paid for it. Granted, software that deals with national security does not need to be opened to the world, but the NSA recognizes, as do many others in the security business, that having secure systems in the public leads to greater security overall. One insecure system by itself can't cause much damage, but when thousands, millions of them are exploitable, it is not only the owners of those individual systems that suffer, but others on the same network. The world survives if Yahoo and Ebay go down for a day due to the juvinile maliciousness of a 15 year old. But as our lives become ever more intertwined with public networks, there will be those with far less honorable intentions who can cause REAL damage.
The NSA had chosen to work on a product that will assist in making some of these systems more secure. They even did so in such a way that the conspiracy theorists out there can be satisfied without a doubt that there are no hidden NSA backdoors. And since they probably did so with the aim of using such software in house, at least to some extent, the lack of significant license expenses will result in less budget requirements, or at the very least, more efficient use of the current budget.
Microsoft may be upset over the double blow. One, because the NSA won't be purchasing as much of their software, and two because they'll be releasing their efforts back into the open source (read PUBLIC) community for no additional cost, therefore offering more competition to Microsoft. Of course, it's the very actions of companies like Microsoft that gave rise to the open source communities in the first place. Its a shame they feel the need to whine about it now.
-Restil
Play with my webcams and lights here
well you're the fucking journalist timothy. you tell us, instead of basing an article purely on conjecture
at least to the NSA ... they knew about this 4 weeks before it happened.
new for us tho.
i wonder if they're still after will smith ... i know the movie is over, but his acting was dreadful. please nsa spooks, find him and do something with him.
vodka, straight up, thank you!
Apparently Microsoft is lobbying specifically against the GPL license for products made with tax dollars.
BSD or LGPL would be fine as far as I'm concerned.
Let's not be GPL integrist.
Recently, Tim O'reilly wrote a piece on the growing politicization of open source. The software industry has already been politicized by Microsoft. We already have an IT purchasing system where merit has been passed over for political expediency. Quoteth The Who, Microsoft "decided the shotgun sings the song". With government IT spending already politicized, Open Source is merely playing by the rules of the game.
Ergonomica Auctorita Illico!
Comment removed based on user account deletion
Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business.
Microsoft would not comment directly on its lobbying efforts, but did stress that it wanted to ensure the government continued to fund commercial ventures. "Our interest is in helping to ensure that the government licenses its research in ways that take into account a stated goal of the U.S. government: to promote commercialization of public research."
Hmm, so let's get this straight, using tax-payers money to do useful research and then giving the results of the research out to the tax-payers, hurts companies, so instead the research should be handed over to a commercial company who will sell the IP at a huge profit ?
There is something wrong in American society where the needs of a few (or one) companies, outweighs the need of all the citizens, and the other 99.99% of companies, who would all benefit from the research being released into the public domain.
I suggest for the benefit of your country, you send a message of support to the Open Source now bill, before your government is completely assimilated.
"Free software as in beer, copy protection as in racket" - Telsa Gwynne
As i look in my AutoCAD 'about' file, i see "Copywright Microsoft 1996." so, basically, they 0\/\/|\| Autocad. yeh, poopy, isn't it? my opinion is that Acad should be a part of their Ori-er, Office package.
The news article says: "Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business."
.. we all love the american way of thinking ...
So it is OK for ripping off the work of people living worldwide and use it only for American Corporation, and rip of companies of other countries?
Yeah
...it was Mrs. Plum...in the library...with a candlestick.
This wasn't just plain terrible, this was fancy terrible. This was terrible with raisins in it. - Dorothy Parker
Comment removed based on user account deletion
True, but we at least like to think we made some leeway in there somewhere. old man: "remember back in the day, when we could walk down the street, tokin on a doobie, and the cop would just nod his head and say 'have a good day sir'? them were the days, oh yeah." it's what the capitalistic business model is: more restrictive for bigger profits. like sh1t, it happens
SE Linux does not compete with private industry. Any corporation can take the techniques used to enhance linux (hence SE) and implement them in their own software. Any corporation can just grab the code and stick it in, provided they keep it separated from their proprietary code.
Any corporation can benefit from this by using it within their infrastructure.
MS' claims are absurd. The US government has the responsibility to do what is best for all of its citizens (while respecting the constitution and the amendments), not just what is best for corporate America. Granted, corporate America is a part of the picture, but its not all of it. SE Linux is a great benefit to the public as a whole.
The government has no obligation to subsidize obsolete products by buying them when it can make superior ones and use them; this -- subsidizing and using inferior products regarding security -- is dangerous to the security of the nation.
Futhermore, the results of government research should be available to all to use, whenver possible. In this case, the government based it off of the GPL, so it had to be GPL'ed. Never-the-less, it is available for all to use, with one restriction in that any modifications of it must also be GPL'ed. But MS whine the same complaint if the government did SE BSD: its competing with private industry. Bullshit.
If MS doesn't like the fact that this is hurting their business, they should make a more secure OS. But don't expect MY tax dollars to go towards buying an INSECURE OBSOLETE operating system, thus subsidizing a private industry (i.e., MS) which can't make it on its own.
social sciences can never use experience to verify their statemen
Hold up. Forget competition for a second.
/.ers don't trust the govenment to keep our privacy intact, but you want to run a government built OS?
A large number of
Not to mention the govenment doesn't exactly have the best record with any type of security. Hell, they can't even keep track of the acutal computers that contain private information.
I can't tell you how disappointed I am that I don't get my govenment OS.
IMO Government research, if it is to be done at all, must be placed in the public domain for all to use. Its undesireable and unneccesary to have the government advocating any particular license. Using BSD or X11 license would make more sense for government software projects. Let everyone (even proprietaries) get some use out of it. After all, all that money to pay for it was stolen from them too.
Yeah, so is all government funded research. Have you heard of The Genome Project vs. Celera?
Years ago the University Ag Campus where I went to school had a meat shop where you could get cheap beef/poultry/pork, etc. These were animals that had been raised on the Ag Campus farms for research and teaching and were no longer of use in whatever project. But they got into hot water with the Krogers supermarket chain because they were a gov't entity competing with private enterprise. NSA's Linux enhancements are no different. It isn't clear to me that MS is in the wrong here. Gov't should not be writing GPLd software that cannot be used in proprietary applications. A BSD style license would be much better. And such software efforts should be relegated to research only and not be attempts to build production ready software.
FreeSpeech.org
When you think about it, the government's only real job is to defend the rights and freedoms of its citizens.
Government's role is to promote the welfare of the people. Sometimes that means promoting business. Sometimes that means providing a social safety net. Sometimes that means providing for a common defense.
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
"The federal government plays an important role in funding basic software research," said a Microsoft representative.
As a US tax payer, that is MY MONEY they are talking about there. I have no objectisons to the federal goverment funding development for things they need, but Microsoft is talking as if it is their right to have the money. It is not a right. Software may not be a significant part of the US budget (though much of it is obscured in other items), but it still amounts to millions or even billions of dollars a YEAR! (I used to work from one company that was getting a couple million a year to develop software, combine that with a few other companies)
I pay taxes on the money I earn. I expect that money will be used as carefully as I take care of mine. (and I'm known as a frugral guy) That doesn't mean spend no money, but it means think twice before spending it.
It is NOT the job of the goverment to fund research. Microsoft has a large pile of money, it is their job to invest that money in research. It is the goverment's job to see where the goverment needs something (that may not even be useful to anyone else), and supply money to get the need filled quickly. Any other research is for universities, and should be public domain.
When you think about it, the government's only real job is to defend the rights and freedoms of its citizens.
But wasn't that *exactly* what the NSA was doing by working on Security-Enhanced Linux? Defending your rights and freedoms by making sure the computers on which they depend are more secure? Should they be entrusting this job to corporate America, instead?
Second thing: What should happen to software that the government creates? Should it never be released to the public, left to sit and wallow as a waste of our tax dollars? Aren't we better off by having more choices in the marketplace instead of less?
(Wow -- every sentence a question.)
He who refuses to do arithmetic is doomed to talk nonsense.
Is this the transcript of Bill Gates talking to the NSA??
---- There are 10 types of people in the world. Those that understand binary and those that don't
Add these to your list:
127.0.0.1 images2.slashdot.org
127.0.0.1 ad.doubleclick.net
127.0.0.1 ln.doubleclick.net
127.0.0.1 m.doubleclick.net
127.0.0.1 m2.doubleclick.net
Call me paranoid, but I think there's more than campaign contributions and fiscal back-scratching going on here.
I'd say that most of the reason this has come about is a secret agreement between Microsoft and the Bush administration to install backdoors Microsoft Operating systems that the NSA can access.
Why do you think there was the recent change in the way that Win2K does software updates?
Just a thought.
in the article, the fear was that american businesses would suffer because, if the nsa produced open-source software, it would be available on a international level, and would offer more competition to american businesses.
"Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business."
which is all bullshit: open source stuff would promote more and better research; you have to learn how to do it better/faster/whatever when everyone just got access to the latest greatest way of doing it (whatever "it" happens to be).
anyway the good news is,
"Despite the intense battle surrounding the open source, the NSA will still fund research on secure operating systems based on Linux as well as work with U.S. companies to create better security in their own operating systems."
Microsoft is certainly worried about one thing: the increase in noise coming out of governments (Peru, China, the EU, etc) where they are either creating or promoting GPLed software across the board. RedFlagLinux is aptly named, as it throws up a red flag regarding the future of government IT.
Governments have the resources to push public IT anywhere they choose. And where public IT goes the private sector might follow. In the US, corporate giants are welded to the suger tit of Government contracts. What if they had to start developing financial and defense applications for a GPLed Federal infrastructure? They would, you know. The NSA could have handed out their inhouse Linux brew, even if there was no Peru-style legislation to require it. And given the hysterical terror-hacker meme making the media rounds many US agencies would have snapped up a free governement certified secure OS, if only to cover themselves. It would have been all done under the table, and nobody the wiser unless they noticed a downturn in governement IT RFPs for general purpose operating systems.
But given that this is the NSA, come on folks, what do you really think? They just shut down and went home? What do you think they do with all that "black budget" funding they get to fight terrorism? The next time you run into SELinux it might reading your email.
"The federal government plays an important role in funding basic software research," said a Microsoft representative. "Our interest is in helping to ensure that the government licenses its research in ways that take into account a stated goal of the U.S. government: to promote commercialization of public research."
Translation: we want the Feds to pay for stuff we can package up and sell. God, mom, and apple pie forbid they release anything for free under a license we don't like.
Read another way, it sounds as if Microsoft wants to turn public information into private property for its own benefit.
A lot of people complain that the federal government seems to be bought and owned by numerous corporate interests. Microsoft seems to be saying that's the way it should be, that federally-produced software, made with taxpayer dollars, should be released in such a way that M$ can sell it back to those taxpayers for a healthy profit.
Perhaps I'm overreacting (I do that quite a bit lately), but this seems to be a very arrogant position for a company to take. Then again, this is the same company that invited Peru's president to its headquarters in an effort to fight a Peruvian free-software-in-government law, while that company's government made nasty noises to Peru through its ambassador.
Am I the only one creeped out by this?
Someday, you're going to die. Get over it.
This article pisses me off so much I'm going to remove one Windows Server from my corporate network.
I don't suffer from insanity, I enjoy every minute of it.
Let me go on record as saying that the next time I see another such ad, I will install an ad-blocker so I won't see any of /.'s sponsors. It is for your guys' own good. I just dread the thought of what would happen if Slashdot got much cozier in Microsoft's money-lined bed.
Let the NSA continue it's research into securing the Linux Kernel. Then they can Certify it for Government Use ONLY.
Now this in my book does not compete with American Companies because as far as I know, there's no one out there who is trying to build a Linux kernel *just* for the government..
Besides, how many of you are going to trust the NSA enough to have a SE Linux box in your home LAN?
---
To err is human.. and then there was Microsoft...
spin-tastic!
Now, did you actually say anything to refute the previous poster? I mean, you can't deny the fact that the government already has its hand in quite a lot of things, through academic grants, defense research, etc. etc.
How the government wields power in this arena is how it premits the fruits of that labor to be releasesd. Refusing to release code under the GPL, but simultaneously allowing vendors to appropriate code developed with public money, smacks of hypocrisy and shows a clear bias in how they approach this issue. It is obvious that they bowed to pressure from a few whiney corporations threatened by Linux.
So, either the government keeps its hands off industry entirely, or it should plays fair and impartially. You can't have it both ways, using the former argument to attack the latter.
let me tell ya something, the government contract selection process period (IT or not) is heavily politicized.
DO NOT DISTURB THE SE
To release source code under the GPL, you have to hold the copyright to the code.
The US Government (in this case represented by NSA) cannot hold a copyright, the law does not allow for it.
No copyright, no GPL, end of story.
But I have no doubt that M$ whined too.
Poul-Henning Kamp -- FreeBSD since before it was called that...
w000t! What a surprise.
Nobody wants RMS breathing over his neck (or inside his a$$).
it seems that all MS has to do is say "We're going to start bundling strong encryption if we have to compete." everybody encrypting email would make the NSA's job impossible.
People who think they know everything really piss off those of us that actually do.
Apparently, all of a sudden the NSA's partner, Secure Computing Corporation, came out and made a special exception from their Manditory Access Control Patents for SELinux. It may have been a desperate act to keep the NSA on board. It seems this company was deriving exclusive software patents from work partial completed/funded by the NSA. If I were a generally unaware politican told of this situation by a Microsoft birdie, I would see it a fraud/waste as well.
Although I cannot know for sure, from the basic facts availible to me, this seems to be a case of SCC's software patent greed biting them on their own ass. MSFT probably spun it as, "the govenment partially paid for labor leading to a patent for a competitor of ours, and it's not public domain.
Disclaimer: I hate software patents, as much as I would hate math patents if they existed. This may bias me against SCC.
Novel theory: Modern Man evolved from psychopath
umm, the 'Copywright Microsoft 1996' in AutoCAD is there because ACAD supports .wmf file format, which is copywright microsoft.
Hi, how are things in Redmond? I guess it is ok for Microsoft to have an unfair advantage in the market, but if someone does it to them they have to stop. Why shouldn't the government write something that is GPL'd? Shouldn't they too be able to make use of any advances in the code base that others may make? After, all they wrote it.
Which of the listed points are wrong? I will make corrections.
Instead, sheer humanity must overcome evils like this, lead by initiatives like Open Source, which give the power back to the Individual, and letting him control his own destiny once more. Thank you programmers and hackers for letting OSS live on.
Thank you, Comrade. You are just the example of the individuals we need to make the Democratic People's United States of America a reality.
The GPL makes software more like your mom. Free and open to all.
Though I think that there's no basis for MS' complaints, all credability to them would be lost if MS released their additional improvements or modifications into the public domain or under the BSD license.
But the question is, can the government do that? According to the GPL, no. But, the owner of a copyright can grant exceptions to the license. Thus, Torvalds could grant an exception to the NSA regarding SE Linux, which would be as such: the original source code of the kernel/Linux upon which you based your modifications must still be released under the GPL; however, the modifications or additions you made may be released into the public domain or under the BSD license.
Furthermore, such would give the GPL license legal credability, as the government would be asking for an exception (though the NSA already gave the GPL license legal credability by releasing their modifications under the GPL).
That said, perhaps there should be some modifications of the GPL to allow people to release modifications under alternate licenses (which would include the public domain and OSI-certified or OSS licenses), if they can't possibly (due to legal restrictions) release it under the GPL. After all, its better that the modifications be released under a BSD-like license or the public domain (as opposed to the GPL), than not be released at all (which would ocur if the authors of the modifications were prevented from releasing modifications under the GPL).
social sciences can never use experience to verify their statemen
Therefore, when the government interferes with free enterprise, it's interfering with the rights of its citizens.
By providing a free operating system, the US govt. is NOT 'interfering with the rights of its citizens any more than:
1. The public libraries interfere with the private bookstores' rights.
2. Police officers interfere with private security firms' rights.
3. Public water fountains interfere with bottled water vendors' rights.
4. Free public skateparks threaten private Van's-owned parks.
I think it's high-time the US govt. supported an open-source OS project. Though backwards in its perspective on human rights, China is lightyears ahead in its thinking on this subject. If we had a national open-source OS that was used in every government office and available to citizens for free, it would be a dozen times more powerful of a punishment than any wrist-slapping the DOJ is going to give to MS for it's anti-trust crimes.
Seth
$5 / month hosted VPS on linux = awesome!
The government is owned and operated "by the people" for the benefit "of the people." It should go about its appointed tasks in spite of its possible effects on business. There are a million examples of things the government provides every day which could be construed as harming the commercial enterprises that provide those same services.
This goes to a more fundamental point. If the will and needs of the people must be set aside whenever some commercial interest feels unfairly marginalized then to my mind it satisfies one condition of "anti-competitive" monopoly behavior. i.e., If changes to a product are designed to serve the profit motive of an enterprise at the expense of hurting customers then that action can be seen as anti-competitive.
It seems to me that the American People should establish themselves as a corporation that can compete on the same level field as Microsoft. The American People - as shareholders in this enterprise - should seek to do what is in their best interest, in service of long-term viability, and to hell with competitors like Microsoft.
-- thinkyhead software and media
Nothing is stopping Microsoft from using SELinux. If they don't like GPL, they can just look at it and use the ideas with their own code. With an open license many "American" companies can make use of it. This is much better than the government working with a single company to develop a commerical product. In that case only that company benefits. Their argument is nothing but FUD.
>Linux is slower and less stable than windows
...If you're running a 486.
./configure . It ckecks for everything you need on your system and errors if you dont have it.
Which versions? Are you using standard (good) hardware or POS rummage stuffs?
>My windows box uses about 40 megs of ram to boot, Linux uses about 175 (and
Linux is a monolithic kernel)
I'm using 172 MB of memory (with all the nicieties ON). And about that "Monolithic kernel crap"..
modprobe idiot_slashdot_poster IQ=1
>Linux crashes much more often than windows, way more
How so? Windows freezes much more on me. Even hangs during INSTALL. I've never seen Linux hang like that.
>The few Apache/MySQL vs IIS/MS SQL tests I have seen have been won (sometimes dominated by) Windows
I dont care about those tests... However, I do remember some test that had really crappy hardware for Linux and a quad proc with Win. Wonder what won that...
X is a one size fits all poor implementation at a responsive display server (both Apple and MS are moving to hardware accelerated GUI)
>KDE is maybe the only thing on earth more intigrated than windows explorer, everything under the sun imbeded into konqueror, it makes it clunky as hell, Nautalus is nearly as bad
Damn straight. It crashes a lot over stupid stuff, and it does hog memory. Still, after it crashes It works OK.
>Ease of use for the newbie is not as important as ergonomics for powerusers, but Linux has yet to bring an environment to the table that I can efficiently get work done it.
If you like Windows interface, go use FVWM95. I'll stick to using KDE and Wmaker.
>WinXP Pro comes with a 480 meg CD, Mandrake is 3 CD's and SuSE is 7
That's all apps you can use. Only thing I need to download is a DVD/AVI app. Windows comes with garbage (MSNMessenger vs. Gaim , IE vs. Moz, Paint vs. Gimp, nothing vs GCC suite).
>NTFS is much more stable than any Linux file system, hard shut down in Linux and watch it fsck your box
Permissions on WinNT are much nicer to deal with. Still, XFS and Reiser are really good for Linux. Only a second or 2 to "check disk".
>Installing software on a Linux system is badly broken, often you end up fixing make files, chasing dependencies, or in situations where you can't update a library with out breaking other apps, many libraries are not very backwards compatable and someone still has yet to write an installer for Linux. Nullsofts SperPiMP installer for windows is only 498K but such a simple installer has yet to exist for Linux because it's design is funamentally flawed.
Even windows 3.11 had an installer and you can install the 32 bit libraries for it and still run binaries that were compiled on XP, lets see Linux do that
Creators dont care to package a nice installer like the one Loki used in UT install. Still, if you compile static LIBS inside your binaries, thye'll run on nearly any Linux X86 platform (if that's the arch you compiled them for). RPM's are OK, but you have different companies repackaging them and breaking them. Still, the best is AUTOCONF
>Developers will often use GPL just so they can avoid having to create and test seperate packages for the last 3 versionsof every major distro, GPL lets someone else do it.
Yep. Essentially they are lazy in a certain regard. If you'd undertsand, they make the app for themselves alone. If somebody else wants it, try it out. If it doesnt work (and you want it), you fix it and submit patches. That's part of the cost of using Linux stuff. It doesnt cost money... Just time.
>The exists no development environment more compelling than gcc and emacs, for this reason Linux apps will always be behind
QTdesigner, INTEL's cc, KDevelop... I'd say they're "nice". Still, that's a simple bitch comment.
>Would like feedback on this
>Thanks
Like the subject line says, what do you find more frightening?
- NSA controlling you
or
- MS controlling NSA
I have a problem with this statement:
Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business.
This is pretty biased. Shouldn't it be more like 'Many complaints criticized the agency for providing the fruits of research to only free software developers, not to all software developers and companies, thus hurting American business.'
How would developing the security extensions in the public domain, or under a BSDish license keep them from being used by 'everyone'? Putting then in Linux (and consequently having them been covered by the GPL) does a much better job of keeping 'everyone' from using them than a more free license like BSD.
If the NSA were going to do something like this, they should have based it on one of the BSDs instead. By developing the extensions in Linux, they effectively made them useful only to Linux - putting them beyond reach of countless software companies. Of course, this has been the software industry's complaint to government funded research producing GPLed software from the start.
Yeah back in the early part of the century before Redmond bought the rights to everything that ever had been or ever will be invented, thought of, spoken, typed, glyphed or otherwise ideated or communicated in any living or non living mode. Then they put a EULA on the Declaration of Independence and the Constitution and made people pony up dollars if they wanted to be a legitimate licencee of Freedom and Democracy. Everyone else was sent to the Gulags "to protect them from themselves and to insure that the bona owners were not stolen from."
Then they added a new ammendment to the Contitution EULA that effectively invalidated the 13, 14, 15 ammendments of the old Constitution and made it legal for software companies (MS because by then there was only one) to literally own people and make them buy software whether they wanted to or not. Debtor's prisons came back online after over 200 years. The shortway around that was to simply become the nation and hire the entire country as cadres of MS employees. Everyone became a 'limited use MS employee licencee'.
Around 2014 was when DoubleplusXXXP+# was running the food distribution complex in east central Billtania (formerly called the "Midwest") and a major BSOD glitch caused 65 million people to starve to death. In order to make up market share MS tripled the food EULA charges on the survivors and then cut their wages by 30%. Which is when the mass suicides and infanticides began.
In 2018 Bill proclaimed himself God-Man and licenced the air we breathe now.
...with a few thousand unpatched Linux boxes? There's no magic bullet that suddenly makes a given server safe for eternity out there, now or ever. As the lifetime of a server unpatched and unmanaged (as all these hypothetical NT4 boxes in your example are) reaches infinity, you can be damned sure that the probability that ANY box gets rooted out reaches 100% as well.
Or will running SELinux and forgetting about those patches be different from running NT4 and forgetting to run well-publicized best practices checklists?
Easy does it!
This comment has been submitted already, 276865 hours , 59 minutes ago. No need to try again.
No. Not at all... People themselves are much better at that, governments need not bother. Keep this sort of ideas to your socialist conventions...
In Soviet Washington the swamp drains you.
that the NSA will also stop helping M$ with securing thier own produts ?? http://nsa1.www.conxion.com/
Well, the U.S. government does place restrictions on one's right to give software away (in the case of strong cryptography). Hence OpenBSD is based in Canada.
But do these U.S. export restrictions apply to free software? The current crypto export regulations (section 740.13(e)) seem to grant an export License Exception for publicly available source code and object code compiled from publicly available source code provided that the original publisher of such code notifies crypt@bis.doc.gov (cc: enc@ncsc.mil) of the code's public availability. (Notification seems not to be required for mirrors.)
Hence Mozilla is based in the United States, where the only restriction on exporting OSI Certified(tm) open source encryption software is that it not implement a system primarily designed to restrict the fair use of a copyrighted work.
Will I retire or break 10K?
We the people of the United States, in order to form a more perfect union, establish justice, insure domestic tranquility, provide for the common defense, promote the general welfare, and secure the blessings of liberty to ourselves and our posterity, do ordain and establish this Constitution for the United States of America.
If you look at the speed GNU/Linux is picking up in China and other countries in other parts of the world Microsoft can be seeng themselves outpaced by various distributions. Microsoft will find themselves fighting to many wars instead of making their own crappy OS workable.
Sure they can lobby and buy votes in congress but its harder to do it abroad. SElinux wasnt used that much and wasnt a fullblown ready to go distro but rather a concept. There are plenty of highly secure distros out there but one fact remain. Almost any distro can be secure if it has a good sysadmin. The same cannot be said about Windows where the sysadmin and his server is in the hands of someone else.
HTTP/1.1 400
I sort of work on SE Linux. Our group is unsponsored by the NSA (thus far). Since we are unofficially working on it, though, we hear birds chatter sometimes. The rumor mill around our office has been saying that it is not the case that Microsoft has done anything. What happened? A party, whose name shan't be mentioned, because we have not been told their name (we shall call them the Party), was given an SE Linux contract by the NSA. The NSA it seems didn't understand the GPL so well (or some lawyer of theirs who hammered out the contract didn't). The NSA contract said that the Party working on the contract could have propietary code, and could patent ideas used to achieve goals on the project. Much work was done on SE Linux in the mean time by the Party, but patents/etc are held on certain parts of the code by the Party, and therefore cannot be released under GPL. The quotes you see in this article heading make perfect sense to me in this context. The NSA didn't understand the GPL. And yeah, I would complain too if I couldn't have the complete source to my kernel...
Yes I hate Microsoft, but this article is kind of ridiculous...it uses some vague quote to make microsoft look bad. This is not the way to win the war.
The Right Reverend K. Reid Wightman,
No, if the gov't requires the GPLing of proprietary enhancements, that would be theft of the enhancement, something forbidden by the US Constitution which requires that the gov't pay for any private property taken for a public purpose.
And I live in the Midwest, so I haven't a clue how things are in Redmond. When you grow up you will realize that even the worst villians occasionally have something useful to say.
FreeSpeech.org
The distinction between MAC (mostly used by the military) and Discretionary Access Control (the common form in most OSs) is classical in the security literature. SELinux was primarily an attempt to produce a MAC system our of a free resource, Linux, that is highly usable, works on cheap hardware, runs lots of applications, and could do many functions for the government. Microsoft, to the best of my knowledge, doesn't even offer an OS with MAC capabilities. That the NSA would be cowed by Microsoft nonsense out of continuing development on a worthwhile project that could save the government hundreds of millions of dollars is absurd and criminally stupid.
The NSA goofed from the very beginning by trying to implement SELinux themselves.
Lets take a look at the main complaint about the NSA working on SE Linux.
"NSA's releasing open-source software would compete with American proprietary software"
So put the work in the hands of the American companies! A very simple solution would be to contract the work out to a private company like all other government work that needs to get done. The goverment doesn't design aircraft, they pay boeing and lockheed martin to do it. So why should they program a secure OS? They shouldn't! Pay someone else to. Define a set of requirements (If linux is one of them is irrelevant) and put the contract out for bid. This way, any company, including M$, has a chance to make money of the contract. So how government funds being put in private industry is hurting "American proprietary software" is beyond me.
We may disagree as to what the general welfare requires, but the framers intended that we accept this principle as being essential to the preservation of freedom.
"Flyin' in just a sweet place,
Never been known to fail..."
>Which versions? Are you using standard (good) hardware or POS rummage stuffs?
Yes, but Windows was fast on the bad hardware too
>I'm using 172 MB of memory (with all the nicieties ON). And about that "Monolithic kernel crap"..
Even when I am multitasking on windows I don't use 172 MB of RAM, one of the major advantages of Monolithic systems is that they are "faster and use less RAM" so Linux even with that advantage is still lacking. Microkernel designs are much more robust and stable, in windows, close everything out, then go to task manager and kill explorer.exe, then go the apps tab and select a new task and run explorer again. Only on a microkernel can this be done and have the system remain stable.
>modprobe idiot_slashdot_poster IQ=1
Drivers are something I forgot to cover, again much easier write and install on a microkernel system, thanks.
>How so? Windows freezes much more on me. Even hangs during INSTALL. I've never seen Linux hang like that.
I think this is up for debate only by the people that do not use Linux. I've used multiple versions of multiple distro, 2K and XP crash _much_ less (if ever). I am not making this up.
>X only sucks if you're running a 486.
I'm not
>KDE crashing.. Damn straight. It crashes a lot over stupid stuff, and it does hog memory. Still, after it crashes It works OK.
Reiteration of my above point on stability.
I don't think I'd bet anything on GW's ability to create something our country must rely and depend on.
I mean, c'mon, the head of this "Cyberspace Policy Institute", Director Martin, was part of NASA's successful Apollo 13 mission.
Plus the school is a money hungry, special interest serving beast.
What do you expect from a school who's core CompSci curriculum is based on the Ada 95 programming language?
ChopSuey
Writing server-type apps to live within the constraints of a mandatory access policy is tough. (Look at how much crap runs as root because people can't make it live within the UNIX permission structure, which is far less restrictive.) But it's the only approach that works, because the applications aren't trusted.
If you want to help, make some major application, like a mail program, work under SELinux, with as little trusted code as possible. Somebody was doing this for an FTP server, but those are of limited use. A mail server on SELinux would actually be useful.
I know the US government is here to serve US interest and all but whatever happened to doing things for the betterment of mankind.
Perhaps I'm being too idealistic.
Two words: Post Office.
Next topic?
I am not a number! I am a man! And don't you
It doesn't matter if someone is light-years "ahead"..
If it's for all the wrong reasons. It will change again, as everything does.
There are substantial research projects that consist of basic sciences, social sciences, and the humanities that do play a role in the public good. I don't a problem with the government funding basic research. Product development is another issue.
Having worked there, I can tell you this: intercepting a US person is a SERIOUS infraction. Its not something you can do without running afoul of a lot of laws. The abuse done by the NSA during the Nixon years caused a lot of severe curbs (both open and classified) to be placed on the NSA, and those laws have serious teeth that will bite anyone violating them. As with the armed forces, there are a lot of very liberty minded folks working there to preserve your freedoms at the cost of their own. One example is that free speech is very limited once you hold certain accesses and clearances.
IMHO, you're in more danger from those folks at the FBI.
You really ought to do a seach on "USSID 18". I cant say anything confirming or denying, but there are some very interesting things that have been declassified out of Big Daddy DIRNSA's pockets.
Secondarily, its NSA/CSS. Ever hear of the CSS side of the house? I suggest you look it up before posting obvious biased off-base stuff thats based on a hokey movie [sneakers].
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo! http://goo.gl/J9bkO
I think the line about anyone having access is telling, but not in the way many people seem to be taking it. The NSA isn't concerned with US citizens having access to SELinux, although I'm sure that some people within the NSA are. They are concerned that security technology developed by the NSA will be made available to other countries. The NSA is fighting the tide of knowledge. The Soviet Union used to do this, to an even more dramatic extent than our government does. Anything mailed or published outside the USSR was subject to censorship. Soviet scientists used to get around this in interesting ways. For example, a physics paper was published that started "Imagine the interior of a star .... ". The censor immediately decided that there was nothing of interest militarily and passed the paper through for publishing in Western Europe. The star described could not possibly exist, it was actually describing a third stage thermo-nuclear explosion and gave Western physicists insight into the sophistication of Soviet nuclear weapons technology.
Information and knowledge cannot be prevented from spreading, as the Catholic Church in the middle ages learned, as the Soviet Union learned, and as the NSA keeps trying to forget.
In my universe I'm perfectly normal, it's not my fault you don't live in my universe.
With the GPL there is no such thing has proprietary enhancements. Don't you get it? If the tax payers pay for something a company can't just take it enhance it and make money off it without contributing back.
I don't want my tax dollars spent to make someone a millionare.
Comment removed based on user account deletion
So let me get this right: the National Security Agency develops a port of Linux to augment, unsurprisingly, national security. Microsoft bitches that national security runs counter to their profit interests and manages to get SE Linux terminated.
Fine.
But let's be sure to mention this next time Osama bin Ballmer starts foaming at the mouth about how Linux is un-American, and remind him that Linux developers have never undermined the safety of American citizens in order to line their pockets.
And while we're at it, let's consider what gigantic software monopoly distributes a flight simulator capable of accurately emulating passenger airliners, along with detailed scenery of American airports and major urban centers, complete with individual office towers.
Of course, having already crippled Naval warships, I shouldn't be surprised that Microsoft is now trying to cripple our chief intelligence agency.
Proud member of the Weirdo-American community.
Somebody should call the NSA's Public Affairs Office and ask for Dick Shafer, because I've never heard of the guy, and I wonder if he was made up. And if not, PAO should have cleared him to make that statement - which definitely doesn't sound like bureaucrat-ease.
Is the last one sentence a question or an interjection?
-James
Mark Westerman, managing partner with network consultant Westcam, installed the SE Linux access controls on a critical server for one of his customers after a common security flaw, known as a buffer overflow, allowed a hacker to take control of the company's server. Westerman configured the access rules but left the buffer overflow unpatched on the server as a test.
When the hacker came back a second time to the server and attempted to gain control of the process, the access controls limited what the attacker could do. Instead of taking control of the computer, the hacker could only crash the service that had the buffer overflow, but did no other damage.
That's all well and good, but if I were a Westcam customer, I don't think I would want a critical server left unpatched "as a test".
I've run Linux since 1993 when there were no distributions. I ran it on a 386 / 16 with 8Megs of memory. I've run almost every version since and I have yet to have any lockups / crashes. Either you have no idea how to install the OS or you are forcing the software to load into improper directories so that the system crashes when it is trying to run. Currently I'm running Mandrake 8.0 on a Pentium 100MHZ PC with 60 Megs memory and it hasn;t crashed in over six months. Personnaly, if I could run it at work, I'd delete every copy of windows I have and only run Linux.
I can't agree with your experiences on stability. In fact, I trust my Linux boxes more than anything with Winx on it. In my experience, the only reason our Winx boxes don't crash once or more per month is that we've adopted a strategy of rebooting them once per week so they don't "eat themselves". (A hard learned lesson. Maybe exagerated _a little_.)
That only addresses the server side of things though.
I agree on software installation - there are a lot of problems, mostly stemming from the lack of a strong, unified configuration. That is, everybody seems to have their own version of how a Linux (or unix in general) box should go together - and so the configuration options are too broad for a strong standard to emerge. MHO. Even Red Hat's RPM fails to solve the problem a lot of the time (my experience)...
I recently launched a RH7.3 server for MySQL & Resin (JSP Application Developmet). Everything from the CD went well - and then I needed to add Java. Got the RPM from Sun, and wouldn't you know it - the install went great.
(The other shoe drops here)
...but the program (java) wouldn't run - let alone the fact that I have to manually hack all of the environment varialbes. I thought that maybe this was ahead of the curve (using 1.4 instead of 1.3 on the CDs). I Turned back to the 1.3 version on the CD's - that failed too in precisely the same way.
As it turns out Java needed another package installed before it would work - a dependency - precisely what RPM is supposed to solve. After 3 days w/ tech support (sometimes it just doesn't go well) I got the answer on the package that needed to be there - I found it on the CD, installed it manually, and that problem was solved.
This is an example of something that should have been very simple, but became extraordinarly complex - from cryptic error messages and difficult technical support calls to locating installation packages to manual environment configuration etc... A less technical user would have been in real trouble.
An executive comparing that to the one-button install on a Winx machine doesn't take long to decide it's a better business decision to "stick with what works".
On the point of a user environment/desktop. There again, I have to agree. Every couple of months I pull out the latest RH version, wipe a machine, and try to build a user workstation that I could throw at my user base for business, software development, or even webware work... Every time so far it's a disaster - there are too many tools missing and the tools that do exist have steep learning curves.
On the point of learning curves, there's another core problem here I think - a cultural one. The *nix crowd in general seems to have a built in right of passage. You either know all of the right buzzwords, techniques, tools, and utilities, or it's your own fault that you haven't figured it out yet. (RTFM!)
It's difficult to describe - but I'll bet anyone who's tried to use *nix has had the experience:
You find yourself staring at a problem that should be simple to solve, but everything about it is inpenetrable - you don't even know what questions to ask... - or when abruptly reminded RTFM - which FM to F' READ...
...then, if you're lucky, you will stumble across some *nix guru who will press a few obscure keys and solve the problem instantly (thus is the power of *nix) - Even if they were nice about it and tried to teach you, and even if you took copious notes - this little tid-bit is probably not much more help than wrote instructions - and if you loose them, or forget them some day, you're just as lost as if you'd never had the help.
Even the simple things are maddening. Take the vi / emacs debate - then, prompty forget about it because it completely misses the point. For the typical computer user, in a world where every editor you can find works just about like Notepad (even edit on a DOS prompt works this way for the most part) - vi and emacs are useless and inaccessible.
The newbie can't begin to gain access to a *nix system. What we (people who want Linux to succeed) have to do is realize that in it's most profound terms.
In most of the companies in the world using computers, the guy that has to make it all work isn't a well trained technician or engineer, or even a hobbiest. He's the poor schmuck who figured out how to modify autoexec.bat with his trusty text editor - the token computer geek in the office - and through his continuing experiences he may eventually become a well trained technician... but today he can get by with a few simple tweaks and keep the wheels moving. This is just not so in the Linux world right now.
Show of hands: How many of you know why the following expression is a bad idea:
[ /] rm -rf *
The short of it is that I think *nix in general, and by extension Linux, is structured so that the learning curve is far too high for casual entry.
Once you get past the learning curve enough to be somewhat effective, you no longer have the time or energy it would take to bring the next fellow along - and so they will struggle as you have, or they won't "join the club".
I think it likley that until the Linux community solves this entry problem the barriers to solving usability, installation, and integration problems will remain unsolved.
What's needed is a workable environment that doesn't require a deep knowlegde, but does not preclude the benefits of that deep knowledge. A way for the novice to get their work done on their way to becoming a whiz...
Typically those in the open source development community that have the skills to solve these problems are busy with other things - and in any case there's little strong direction as to what the details of such an environment should be...
The challenge is going to be defining that goal and motivating the developer community to achieve it.
The first part is hard because the very people who can help to define that goal are kept out of the community by the entry barriers - and therefore don't get into the conversation.
The second part is hard because it is the nature of the development community (generally) to solve local problems and then share those solutions - rather than coming together to collectively solve a central problem they don't personally have. (Is that where RTFM comes from?!)
Think of it this way... If I have to make my mail server or database work properly, and I can fix the open source code to solve that problem - then I can do that and keep my job - it's all part of the work I've got to do. When I'm done, that work is now available for everyone. By extension, the most common problems will be solved and overall the open source software will be extremely reliable for the majority of people most of the time.
Try to apply that to this problem: Basic users need a unified desktop and operating system with integrated applciations and a shallow learning curve. Now tell your boss that you're working on a suite of productivity apps and a one CD linux distribution that will slickly install and interoperate with the majority of the business world running Windows. I'll bet he will ask: "How's that going to get our database up?"
The boss in this case might be the developer themselves. Best intentions, altruism, and grand visions not withstanding, it is not the open source developer's job to make everyone's desktop work and their installs go without a hitch - This is an advantage that the Microsoft developer has - it is their job and they get paid to do it. Similarly for the ISV/ISD - the potential for conflicts of interest are reduced significantly.
The short way of saying this might be that the open source community, left to it's own devices, probably can't solve this problem.
What's needed is an economically viable project that can focus the community on a unified vision, and specifically one that is strong enough, and compelling enough that the majority of the community will wish to participate.
To work, this project would have to encoumpass a wide range - not only the operating system and it's environment, but also the applications that make that environment powerful - IDEs for all programming languages, Word processing and document publishing, Spreadsheet, Database, Presentation, Mulitimedia, Web & Email access, all of those applications will have to work together in a seamless way - and had better coexist nicely with Microsoft's products which, like it or not, set the standard due to market share.
To date, I've seen some methodologies get close to supporting this kind of effort (a few good tries) - but nothing seems to have captured the critical mass necessary to generate this kind of focus.
It's a thorny problem.
I think we'ev seen some glimpses of what it _might_ be in the likes of MySQL, RedHat, Sun(java)... where there is a blend of open source and commercial licensing - sort of the best of both worlds. None of these seem to be perfected yet.
Anybody have a solution?
Oh, so I'm a Socialist for asserting that promoting the welfare of the people is a legitimate role of government?
I didn't advocate government ownership of industry.
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
The last thing we need is for the US Government to nationalize the software industry..
Why don't you socialist maggots go read about the communist revolution and look what it leads to before you bash Microsoft.
Did anyone bother to check the info? This quote may be old, misquoted (or misinterpreted), or dead wrong.
:-)
Dick Schafer is not the deputy director of the NSA. Per one of their press releases over two years ago, Bill Black is the Deputy Director:
http://www.nsa.gov/releases/newddir_071000.html
Also, SELinux was updated on July 3rd. Sounds like a bit of work for a dead project
http://www.nsa.gov/selinux/news.html
I am Me. No one else is Me, but Me. You are You. Get over it.
The founders intended for the federal government to be essentially what the libertarians say it should be. It enumerates specific powers granted to the federal government. Anything not covered by that enumeration, or one of the amendments, is not in the jurisdiction of the federal government. Please locate the constutitional authority for federal "welfare" programs such as social security and medicare.
You and I can think "general welfare" means whatever we want for it to mean; but when it comes down to it, the constitution determines what powers the federal government actually, legitimately, has.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Linux-certified? I know technology and internet companies are short of funds these days, but I didn't know it was that bad.
>>Which versions? Are you using standard (good) hardware or POS rummage stuffs?
/dev . It's much easier to access /dev/dsp rather than to go through some Windows DLL for sound.
.tar.gz's. RedHat is nice only if you like Gnome (I prefer KDE/WMaker). Debian users are usally too uppity to even glance at you if they're problems. Let alone that most of their packages are either "stable" (old crap) or apt-get doesnt even work (current or whatever). Mandrake hides all the problem solving stuff (or doesnt even have it at all). It prevents you from tamering with the system much. Then there's Slackware. I like it, but it's waaay too hard for the average Linux newbie. I download all my stuff in source and compile it. I've even considered adding to the RPM database with Slack so that you could add all the dependancies (now, all the dependancy lists aren't there - all must be forced). Still under no way, the installer has NEVER crapped out while installing packages. I've had problems with other things (unsupported/badly supported sound cards, graphics cards and modems). Network stuff usually just works.
;-) Good points though.
>Yes, but Windows was fast on the bad hardware too
I'll give you that one. Linux seems to find all those nasty hardware fuckups (on the bad hardware expessially)
>>I'm using 172 MB of memory (with all the nicieties ON). And about that "Monolithic kernel crap"..
>Even when I am multitasking on windows I don't use 172 MB of RAM, one of the major advantages of Monolithic systems is that they are "faster and use less RAM" so Linux even with that advantage is still lacking. Microkernel designs are much more robust and stable, in windows, close everything out, then go to task manager and kill explorer.exe, then go the apps tab and select a new task and run explorer again. Only on a microkernel can this be done and have the system remain stable.
You mentioned something about mono kernals that doesnt quite fit Linux. Well, you can have a monolithic kernel with Linux... however about that ram usage. Linux buffers stuff into ram until it "needs" to write it. As an example (what runs me away from using Linux on public computers) is the floppy example. Take a 1 MB file and a clear floppy (Fat 16, right). Now mount the floppy in Linux and cp the file over to it. It "somehow" got done writing to it in less than a second (expessially when floppy write is about 8 KB/s). Instead the Linux kernnel cached the floppy in memory, so when you umount it, it does the rest of the writing. I see a good and bad points about this system...
Good: YOU can cp a movie file (given enough ram) and edit iot on the other location. It's actually in memory, so your speed is greatly increased in editing. However, It's sort of a hack doing it that way, as if the computer fcrashes, you've lost your edit.
Bad: Floppy example in a public setting. Some user makes a document and saves to a disk. They've been taught (by Windows) whgen green light is off, it's ok to remove disk. They now have lost all of the document. I could see a possible project in the floppy, or zip driver to make them more.. well idiot friendly. In the current way, though they work, but suck for regular users.
>>modprobe idiot_slashdot_poster IQ=1
>Drivers are something I forgot to cover, again much easier write and install on a microkernel system, thanks.
True, so are the device lists in
>>How so? Windows freezes much more on me. Even hangs during INSTALL. I've never seen Linux hang like that.
>I think this is up for debate only by the people that do not use Linux. I've used multiple versions of multiple distro, 2K and XP crash _much_ less (if ever). I am not making this up.
Well, I've used all common versions of WIndows (3.1 up to Win2k) and many distro's of Linux. Usually the Win9x versions would hang on teh install in about a 1/4 chance. The NT versions are much better at that in about a 1/100 chance of hanging on install. Under standard installs (no apps) WIndows is very stable (both WinNT and Win9X). It's only when you start actually using the system, does it start to degrade. However, I'm guesssing that the half-life of a Windows installation is much less than the half-life of a Linux installation.
With Linux, I've used Slackware, debian, Redhat, SuSE, and Mandrake. I dont like the way SuSE handles configurations in some sort of config DB. It likes to crap out Autoconf on many source
>>X only sucks if you're running a 486.
>I'm not
I've got quite a bit of modules to increase the quality of XWindows and (window manager). That includes GL, DRI, V4L, and a bunch of other modules. All that adds up, no matter what system you put it in. I'd rather have a video input that would go directly to the video card (through X11) through DGA.
>>KDE crashing.. Damn straight. It crashes a lot over stupid stuff, and it does hog memory. Still, after it crashes It works OK.
>Reiteration of my above point on stability.
I know.
The moron would rather believe Bill Gates.
Third - What the government produces, all competitors share equally...
That's what's SUPPOSED to happen.
But if the government enhances a GPLed product and releases the result, the enhancement comes under the GPL.
So proprietary software vendors (like Microsoft) DON'T get to use the improvements - at least not verbatim. The improvements carry the Gnu Public Virus and can't be integrated into the vendor's code base without risking a suit from the FSF for GPL violation.
Of course Microsoft cried "foul". They have a valid point. (How would YOU like it if the CIA spent a lot of YOUR tax money helping Microsoft fix up their software and wouldn't let YOU have the result?)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
SELinux was based on patented technology and a hardware processor. http://dte.sourceforge.net is the one shown off at defcon, and there are other projects with other styles of access control schemes.
is CLIT a subgroup of TWAT? (The War Against Terrorism)
We've /.ed "www.nsa.gov".
At first I was surprised, but a Netcraft look-up explained it all.
"The site www.nsa.gov is running Microsoft-IIS/5.0 on Windows 2000."
That does NOT comfort me at all.
Do you guys really think the NSA has stopped working on SELinux? The NSA is one of the most powerful, secretive government agencies in the world; for years its very existence was classified. They operate covertly and answer to virtually no authority. They haven't stopped working on SELinux, they've just stopped giving out their work to the public. Why would they want a super-secure os to be in the hands of people they might want to spy on?
As a longtime BSD advocate, I must partly disagree. SELinux must be under the GPL, because it's based on GPLd software. The NSA can't arbitrarily change the license. As long as the choose to create derivative products from GPLd code, they must use the GPL. Besides which, public domain is incompatible with the GPL.
p.s. On the other hand, the NSA getting involved in a hardened BSD OS would be awesome.
A Government Is a Body of People, Usually Notably Ungoverned
I believe that MS is probably guilty, based purely on their past history. I can't consider that attributing "unidentified sources" for this conjecture adds much of anything to its trustworthyness.
I think we've pushed this "anyone can grow up to be president" thing too far.
Having the U.S. government develop open source is just fine. We, the people, are the ones paying for the work, and the results of the work belong to us. However, having the U.S. government develop under the (full) GPL results in software which is restricted, and not available to everyone. The appropriate result of government work is really the PUBLIC DOMAIN.
C//
That sux, I was looking forward to playing an GNU version of scrabble from the NSA...
The projects freely avaliable why doesn't the linux community just dl and continue the work themselves? Someonse gotta be able to make up for the cost of continuing developing it.
The article does say that Redhat is working with the NSA on something, although they don't tell you what it is. While they say that Redhat has the money to get certified, I'd be surprised if they really wanted to put forth that money to get it done. Then again, I have no idea what the cost/benefits ratio really is, so maybe that's something they're working on.
Either way, the SELinux stuff is GPL'ed, so I'd bet Redhat has taken it up and continued to work on it. There will be competition with Windows for the secure government desktops, and I know that the NSA understands the value in having the source GPL'ed. They just want to be able to cast the "guilt" on to Redhat when talking to Microsoft.
"I may not have morals, but I have standards."
Nah, you're a "Welfare Statist."
Welfare Statists advocate forcible (re-)distribution of wealth by the government (can't do it without using force), and government control (at some level) of the means of production. But not outright ownership.
"Welfare Statists" are generally "Liberals." "Socialists" are generally "Authoritarians" or "Totalitarians."
I'll take "welfare statists" over "socialists" any day, they're a much more reasonable bunch. Of course, the more capitalism and freedom-oriented the "welfare statist" is, the better I will like him.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
It's bad enough that the NSA is dabbling with OS design. But wasting our tax money on efforts to make prettier HTML formats is even worse. That job clearly should be left to independent standards organizations such as the W3C. Devoting half of a government agency to this effort is totally absurd. Does anybody in Washington have any sense of priorities??
The government/military are quite important to national stability, so it's a fair bet that pretty much everyone is going to say they want their government/military to have computers that work properly, I mean, they invented fiendishly anal languages like Ada precisely to make software less likely to go wrong when someone's butt is on the line. ;) because they will know much better than I do what is secure. I don't even care what they are using, I just want to know that they got some smart people to rubber stamp it as safe. ;)
I hope that the NSA hires the best of the best of the best (sir!
What I don't like to see, is anyone telling any important infrastructure that they should run anything other than the technically best solution available to them. I would rather have important data be secure than a monopoly get confirmation from on high what everyone has known for years - rebooting an air craft carrier in the middle of a battle is liable to get you killed
If Microsoft or anybody else wants to fight their corner, the battle should not be about market forces, it should be about the best solution!
Chris "Ng" Jones
cmsj@tenshu.net
www.tenshu.net
I'm not talking about just the kernel. I'm talking X+KDE as well. I don't remember DOS crashing that often either.
So the NSA can work with microsoft to make it secure? but when they want to help make linux more secure its a bad thing? What a bunch of fscking hypocrates.
The status quo is actually fine.
I don't WANT a government-developed OS. I much prefer the *BSD and Linux alternatives that are available under the most reasonable terms imaginable in a market economy.
While it was nice of the NSA to provide a blueprint for a more secure linux, it is not REQUIRED to do so unless it starts with GPL'ed code and keeps modifying it.
I'm not advocating MS lobbying to keep it from being further developed, but neither am I saying we have a guaranteed right to the NSA work product as long as it makes the GPL code it has available on a non-discriminatory basis (free download of source code, no guarantee that working system can be made with it, and NO WARRANTY). If someone else wants to make "Fred's SE Linux", then they can start with what NSA has done, or they can start over with the concepts embodied therein and use OpenBSD and Mac 4 as a base, as those products are available under a less restrictive license than GPL. So go ahead and
cancel the SE Linux project and let the Open Source advocates take over the project(s)
Microsoft and anyone else can take the GPL code under GPL terms, but the LAST thing we
need is a 'government standard, Open-source operating system'? Can you imagine the political football that would come with that?
Commercial software development is not the government's principal role, and I would much prefer that:
a) Government sponsored University research project place all their source code in the public domain (with no restrictions)
That way, anyone can make use as they see fit, and nobody can complain about either:
a) sweetheart deals for the source code 'licensee'
b) exclusion (or expensive) citizen's access
or
b) government competing with/inhibiting commercial product development. Most technologies with staying power are built on more then free source code, they are built on a unique service concept around that source code.
Look at the license for NIHCL, the NIH Class Library for C++ programmers. This should give you an idea of possible licensing terms
Just why couldn't M$ release the source to the code they borrow from the NSA?
The abuse done by the NSA during the Nixon years caused a lot of severe curbs (both open and classified) to be placed on the NSA, and those laws have serious teeth that will bite anyone violating them.
Indeed. However, there's absolutely nothing stopping a friendly foreign signals intelligence agency (say, the UK's GCHQ or Canada's CSE) from gathering intelligence on US nationals, and then passing that intelligence back to US agencies through the formalised intelligence sharing agreements that exist. Of course, the NSA isn't allowed to even solicit such information, but how hard do you think it would be for GCHQ to find out who the NSA is interested in, or simply make the judgement call on who to monitor themselves?
Which means that in reality, those safeguards against spying on your own people mean absolutely nothing. The NSA can enforce those regulations as tightly as they like, and all it does is create warm fuzzies. They'll still be getting all the intelligence they want.
First, the individuals:
;)
:o
:)
> Linux is slower and less stable than windows
A far too generic comment.
> The few Apache/MySQL vs IIS/MS SQL tests I have
> seen have been won (sometimes dominated by)
> Windows
You can't really compare mySQL and MS-SQL. mySQL is a lightweight database, MS-SQL tries to play in the same league as Oracle, DB2.
And while I don't have any links at hand to prove you that you're wrong about the speed-comparison, I think that Apache is fast enough for most websites. Let alone the security issues IIS has
> WinXP Pro comes with a 480 meg CD, Mandrake is 3
> CD's and SuSE is 7
This is because MS only gives you the basic OS with some goodies, whereas Mandrake/RedHat/SuSE t al. offer you an OS _and_ applications. In most cases you don't need to download/buy anything else than a Linux distro. It already has everything you need.
> Installing software on a Linux system is badly
> broken.
That'S what RPMs are for. Despite Win32 installation program, RPM keeps track of dependencies. Windows can't do that out of the box.
> The exists no development environment more
> compelling than gcc and emacs, for this reason
> Linux apps will always be behind
kDevelop, Kylix, only to name the two most professional ones. For Windows there MSVC++, which is actually a neat DevIDE, but it costs quite much and has issues of its own.
That said, a more general comment by me:
Linux can be a pain in the ass. Setting up a system is, for a (technical skilled) newbie much more difficult than setting up a Win32 box. Trying to make Linux do something can be quite some (research) work, and during that time you may say 'Oh what a crap system, nothing works.', but once you figured out how to do it right, Linux will rarely fail at its new job.
WinXP, on the other hand, is the best piece of code that left MS for a few years. It's stable, clearly multimedia-orientated, has a neat UI-design and runs everything you want. But it can be as much as pain in the butt as Linux, when your apps start crashing because you uninstalled a small shareware tool which removed a crucial DLL. Let a newbie figure that out...
But quite frankly, I wouldn't use Linux as my desktop OS if there wasn't this DRM/security stuff.
Summarized: Both OS'es aren't bad. Each has its use. I happen to favor Linux, you favor WinXP. But try to stay constructive
You're jingoistic ranting indicates your dire need of grin-inducing drugs!
I've heard this "run with it" argument time and again. First companies big and small pay taxes as well as citizens. Second even though they may "run with it", so can we. The important thing is that *everyone* is on an equal footing. The GPL doesn't do that, while BSD does, and public domain will break the cycle that generates more research. As far as the advertising clause (which I believe was dropped), that hasn't stopped BSD's use in Linux distributions.
BTW How are *they* going to run with "BSD + GPL + proprietary + ??"? You might want to rethink your equation?
Well, that's because you have a crap memory, or you're talking about purely DOS. Sure, DOS sitting at a command prompt doesn't crash... but any app is capable of crashing that OS. I remember having to hit reset thousands of times. Millions once I started writing my own ASM programs.
Besides which, you are clearly trolling to compare the linux command line system with a DOS 'system'.
Kinda stupid given that the US government has become a by-the-lobbiests-for-the-special-interests form of government.
Welcome to the net of 1000 lies. Upgrades are scheduled soon that should bring us to the 10,000 lies mark.
You are aware that companies pay taxes too, aren't you? Second even if some don't, they do end up paying anyway through licensing fees (read the story). One way or the other it get's paid for.
Besides the BSD license would be better, because *everyone* would be starting at the *same point*, and anything they *add* on their own would go either proprietary (and can make money) or go GPL ( and further a political goal).
It's kinda disingenuous to say, "If the government produces IP, everyone should get a piece," and then turn around and say the government can pay others to produce software for it that everyone won't get a piece of. If you're paying a winning bidder to develop government software that relies upon an Open Source license like the GPL, ultimately, taxpayer dollars are being spent developing non-public domain software.
I'm not attacking you here; I've been thinking about the same thing myself for a while. Public domain is pretty obviously the best way of developing & releasing government source, since it preserves the ability of the code to be used for either proprietary or Open Source projects in the future. But limiting ourselves to public domain software is likely to be grossly inefficient as Open Source becomes more and more pervasive.
My own feeling is that guidelines should exist which take different licenses and their cost of development into account. For instance (very roughly):
All things being equal,
If the cost of creating public domain software is 150% or more of the cost of coding comparable software which relies on GPL code, the GPL software should be chosen.
If the cost of creating software which relies on GPL code is 150% or more of the cost of licensing comparable proprietary software, proprietary software should be chosen.
____
The actual percentages could change, obviously, but should still embody the notion that there is an acceptable amount extra we will pay for public domain software, and a smaller amount extra we will pay for Open Source software. Proprietary software is the worst deal, since it leaves us nothing to give back to taxpayers, so we should only choose it if it does everything we want and it's much cheaper than any other solution.
He who refuses to do arithmetic is doomed to talk nonsense.
NSA works on free software all the time - it's how they push their agenda. Look for Free ASN.1 compilers. Hell, the whole Public/Private Key stuff is NSA pushed (for obvious reasons to very few apparently) and now available free every where including it's inclusion at no extra cost with Microsoft software. NSA stopped working on Secure Linux because there was no interest. Yeah, I heard that acording to an annonymous source. lol.
Comment removed based on user account deletion
"for all to use"? What about our enemies? Should we subsidize them?
If that's true, then all libraries should be closed, the national army should be privatized, the police forces should be privatized, and the nation's energy should bederegulated such as it was in California. Good idea, let's dissolve our country.
So proprietary software vendors (like Microsoft) DON'T get to use the improvements - at least not verbatim.
This is Microsoft's choice.
The improvements carry the Gnu Public Virus
No they carry an antibody against the proprietary software virus. The likes of Microsoft can't simply appropriate the code.
BSD sucks. Why do you guys insist on giving your IP away to rich fuckers like Bill Gates and Steve Jobs. BSD developers are slaves for proprietary software corporations.
If you post it on the net, then there's nothing stopping [Axis of Evil] countries from getting the code. Hence, doesn't that put one in murky legal waters?
Not under the definition of "knowingly" used by BIS. Did you read the regulations I linked to? 740.13(e)(6) clearly states (my emphasis):
And if you really want to cover your rectum, you can make a "best effort" by looking up the IPv4 address ranges for the popular ISPs in the Axis of Evil, and just firewall those off.
Will I retire or break 10K?
A little late, but this is all fact:
MS did in fact come to NSA and lobby the hell out of them to stop because "it helps Linux and not us". What the article _doesn't_ mention was that the group doing SELinux immediately offered to implement security upgrades in Windows _without the GPL_.
MS said no. Why? Because MS don't really give a crap about security. If it doesn't make them money, MS doesn't care. That's what _really_ happened. It had nothing to do with open vs proprietary. It had to do with MS not wanting to spend money on security that they could get away without, and trying to hide it by doing away with the competition. (like usual)
-Erwos
Plausible conjecture should not be misrepresented as proof positive.
Cause it crashes all the time.
can I have it? I'm getting rid of all GPL software on my network. Trade ya a linux distro that we dont use anymore.
Ive found linux much more stable then even xp, i have used both slack and mandrake. im running a tricked 8.1 with ext3fs, ext3 blows ntfs and any other m$ based file system clear out of the water and so does gnome 2.0
Apache vs IIS, apache wins that war hands down, it has over 70% of the market share and growing.
Clearly all this negative press about linux companies dying, linux distributions dying, companies using linux dying, linux publications dying, companies developing linux productst dying, linux distributions numbers getting dwarfed by BSD and MacOS X, and the realization that linux source code just isn't as good as the freely available coherently distributed BSD source code all spell one thing: linux is dying.
We give our code away to everyone, rich or poor, short or tall, stupid or smart. We don't attach strings to it. If you don't like Bill's copy of the code, download your own.
A Government Is a Body of People, Usually Notably Ungoverned
Yes, DOS does suck hard compared to bash or tcsh, but I really don't think it's crap memory. I am crrently running a beta so that is to be expected, but even on stable releases I get crashes with Konq, Netscape, Mozilla, Galeon kicker, etc. I have 3 computers, 2 of them with good quality hardware. BTW VI on the other hand, has never crashed once, same with Apache.
Anybody here ever used SE Linux? It wasn't nearly mature enough for serious testing, let alone deployment. I would say it was an academic exercise in extending the Flask architecture to Linux, and leave it at that. The code is still available, and anybody interested can work on making the system useable. It would take a concerted effort among kernel hackers and/or security gurus in the open source community to get the code at any realistic state anyway -- so if you really want it, fire up sourceforge and make it happen!
Communism was just a red herring.
Microsoft already does release GPL'ed code it did not write (nor explicitly ask permission to release -- e.g. of me) and yet does not risk such a suit.
And, as another comment points out, that they can't simply fold NSA's changes into Windows and distribute it under the licensing MS finds convenient is Microsoft's choice -- a choice they can undo in an instant.
Here's another thing Microsoft can't do with any government code put out in the public domain: it can't monopolize access to that code the way it does to Windows code it writes itself.
That means anything the government writes, or modifies, cannot be used by Microsoft to further its monopoly, since the public can always choose to get at the free, PD versions of the enhancements instead of having to buy MS's formulations (involving those enhancements intertwined with proprietary MS code).
So, just as with the case you complain about, the fact that the government releases code to the public, instead of simply handing it directly over to Microsoft for monopoly control (and I mean this in the copyright/patent, not desktop-PC, sense), means that Microsoft cannot benefit from this expenditure of taxpayer money in the ways to which it has chosen to become accustomed.
Will you therefore argue that government is to never distribute software except to Microsoft?
Else, please explain why the US government, or any other people-funded agency, should be expected to avoid public-minded licenses like the GPL and BSD simply to conform to the business models certain corporations happen to find convenient under current market conditions.
(These licenses are public-minded in the sense that they are specifically authored to ensure long-term free public access to the code -- the source [GPL] or the binaries derived therefrom [BSD], put simply -- and they do not discriminate against any individual or organization, nor do they restrict freedoms such as of speech once any such entity accepts the terms of these licenses. It is precisely this sort of public-minded, freedom-oriented licensing that Microsoft finds frightening, because it cannot conceive of a future in which its business model, of selling closed software under licenses that stifle speech to people who think Software Is Magical And Thus Requires Great Expenditures By Huge Corporations, has been eroded by the public discovering, on its own, that software isn't so magical after all. But MS has specifically targeted the GPL and not BSD license, because with the BSD license it can at least "keep up" with the arms/feature race in theory.)
Disclaimer: my sister works for Microsoft.
Practice random senselessness and act kind of beautiful.
In response to the article about the Tim O'Reilly
editorial the other day, I said that if the open-
source community is afraid to lobby, we will only
ensure that we are not heard in the halls of
power. This is a lousy situation, but a great
example of that phenomenon at work. Microsoft is
not afraid to make government aware of their
positions. Well, if we believe that open source
software promotes openness and prevents vendor
lock-in, and if we believe that those are good
goals for government -- as many of us do -- then
we should not hesitate to explain our reasoning
to our elected representatives and appointed civil
servants.
Ben "You have your mind on computers, it seems."
I don't want my tax dollars spent to make someone a millionare.
Why not? I want the research efforts of government to be open enough that we all have an equal chance of becoming millionaires. All you need do is be smart enough to recognize the commercial potential of any publicly funded research.
BTW, do you even pay taxes? I sure do! And to be told that I cannot attempt to profit from the research efforts that my tax dollars paid for means that you are stealing from me twice!
FreeSpeech.org
- I don't WANT a government-developed OS.
You're soaking in it! If you are using Linux, then you are probably using networking infrastructure developed by Don Becker on NASA's time. They supported his work, and he felt that as a government employee, he had a "patriotic duty" to develop technology that could be used freely by the citizens who paid his salary.If you don't agree with that, go use Microsoft Windows and don't forget to pay the proper per-connection license for your non-government network stack.
So tell me again why we need the government to develop on OS?
Why can't the open source community develop this on their own?
BTW...I hear the FBI is developing a secure open source file sharing application. It will be free for download next month, and will also be packaged with every new CD/DVD.
I think that's a misunderstanding... I didn't say you have crap RAM, I said you had A crap memory...
DOS crashed all the goddamn time, it's just that it was due to apps, not DOS itself, because DOS doesn't DO anything past booting up.
Re: the GUI stuff, I agree with you... I find nearly ALL gui stuff buggy beyond belief with constant crashes, whether it be Linux, BSD, Win32, OS/2 or whatever. I'm starting to question the validity of GUI interfaces as a useful mechanism.
This is absurd. GPL'd software can be used by anyone willing to abide by the terms of the license. If a company chooses to make proprietary software and not release the source, they are voluntarily choosing not to use GPL'd software. It is ridiculous to say that they "cannot" use the software; that is a choice they made based on their own business model.
No wonder disney and six flags can't provide such good service anymore, you have all these national parks competing for business at a much lower price.
Tonight at 11: Kraft and Velveeta to sue US for government cheese cutting into their business.
This is true, but I would rather have small, fast, solid base system that can be easily added to. Something like Gentoo with an installer.
>That'S what RPMs are for. Despite Win32 installation program, RPM keeps track of dependencies. Windows can't do that out of the box
RPM's have problems too. I think Linux would gain by moving away from package systems and moving to using an installer. There are plenty of Linux apps out there that do come with installers like Netscape, OOo, SO, Kylix, Loki. All of these installed beautify on my system. I don't know how well any of those installers would work for other applications, but maybe some sort of functional universal installer would go a long way. IMHO, this is one of the two largest problems facing Linux. The other major problem is that the RH limbo beta 2 C++ binaries will not run on the beta 3 system. I do realize there has been major changes to GCC recently, but I think this sets a new record for lack of backwards compatibility. These two things are playing the biggest part in holding Linux back from the desktop space. I had many of my windows apps replaced, but many of the apps I used are broken after I updated to QT3 and GCC 3. This is an important issue as major Linux releases usually come more frequent than windows and it hinders commercial support.
I think if Linux does hit desktop space there will have to be LSB support for an /apps directory or similar. LSB does not really address desktop needs to the extent that it should, I have 20 or so text editors and word processors, most of them in separate locations, /apps/textedit would be nice.
>kDevelop, Kylix, only to name the two most professional ones. For Windows there MSVC++, which is actually a neat DevIDE, but it costs quite much and has issues of its own.
I have used Kylix a few times but mostly for little stuff. It is probably the closest thing Linux has to VS.NET, too bad more people don't use it. Delphi has never really gotten the credit it deserves, and Borland only recently added C++ support, maybe it will pick up in popularity soon.
>Linux can be a pain in the ass. Setting up a system is, for a (technical skilled) newbie much more difficult than setting up a Win32 box. Trying to make Linux do something can be quite some (research) work, and during that time you may say 'Oh what a crap system, nothing works.', but once you figured out how to do it right, Linux will rarely fail at its new job.
I think the initial install is something Linux has improved on, I actually like Mandrake's DrakeX more than Windows' installer.
>WinXP, on the other hand, is the best piece of code that left MS for a few years. It's stable, clearly multimedia-orientated, has a neat UI-design and runs everything you want. But it can be as much as pain in the butt as Linux, when your apps start crashing because you uninstalled a small shareware tool which removed a crucial DLL. Let a newbie figure that out... :o
I find when I am in Windows I miss many of the command Line functions of Linux, and when I am in Linux I miss many of the multimedia apps and GUI of Windows. I liked 2K more than XP, and don't get crashes because I am picky about the code I run on my system. I have had 2 crashes on my XP system; the first was when I killed some services the system needed to boot, the second was when I was using tweakXP with WindowBlinds. My stratagy for keeping windows stable is to run as little code as possible when it boots. It leaves a much smaller footprint in memory and is much less likely to crash. I also usually gut windows pretty thoroughly and make extensive changes to the default install before building on it. A few of the changes I make to my system can be found here and here.
I'm surprised they listened."
The NSA needs Microsoft's cooperation in the future if they want security holes fixed in Microsoft operating systems. Goodness knows the free market economy has not reacted to convince Microsoft of a need for security.
Microsoft already does release GPL'ed code it did not write ...
Not relevant.
Here's another thing Microsoft can't do with any government code put out in the public domain: it can't monopolize access to that code the way it does to Windows code it writes itself
But we're not talking about code in the public domain. We're talking about code under the GPL. Such code is "monopolized" by the Open Source Community.
If the code were in the public domain (or under some other licenses, such as BSD), Microsoft could integrate it, or its features, with the core of its own systems, and distribute them without revealing the source. They couldn't stop OTHER people from doing the same. But other people count't stop them, either.
But the code is under the GPL. The GPL is a RESTRICTIVE LICENSE, based on copyright. If Microsoft integrates such code into one of its OSes, that puts the whole OS under the GPL and requires Microsoft to release the source.
And the NSA's changes aren't ADDITIONS to Linux, but MODIFICATIONS to it. So they're a derived work, and if the NSA releases it it MUST release it under GPL. They don't have the option to release their enhancements into the public domain or under any other license.
Linux is under the GPL, a restirictive license that makes its internals useful to the Open Source Community but not Microsoft. Microsoft's OSes are under the Microsoft ELUA, a restrictive license that makes them useful to Microsoft (and to some extent to its customers) but not to the Open Source community. The NSA is just as much in the wrong when it uses taxpayer funds to enhance Linux and give the enhancements to the Open Source Community but not Microsoft as it would be if it used the same funds to enhance Windows 2000 and give the enhancements to Microsoft but not to the Open Source Community.
So Microsoft was right to squalk. And the NSA was right, once it was pointed out, to stop working on Security Enhanced Linux.
I don't like it either. And I understand that the viral terms of the GPL exist explicitly to prevent a variation of "Embrace, Extend, Extinguish", to wit: "Embrace, Enhance, Exclude".
But if the Open Source Community licenses its work in a way that excludes the closed-source community from using the result, it must expect to work without government subsidies. (Or at least without more subsidies that Microsoft, and Sun, and Apple, and SGI, and HP, and IBM, and Amdahl, and SCO, and any other closed-source OS company receive.)
The cost to a closed-source company for using GPLed code has been characterized as "more expensive than money". Seems that catchphrase applies to the cost to the Open Source Community as well.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Better off checking news at ipkonfig.com with this type of crap. who really cares, Microsoft is a needle in the hay-stack, with a bunch of queers wondering around the art show.
At the end of this post I state some of the changes I make to windows so its stable. A stable GUI is not hard to do if you scale back on useless features and focus on maintainable code. Fluxbox is an example of this, but could use a few things to make it more ergonomic.
Echelon?
Adults are obsolete children. - Dr. Seuss
NSA doesn't leak. Some faggot LOONIX zelot said some fucking shit. Who cares.
Can people understand for once and for all that the US is not America?! I mean Cristobal Colon (which is the real name for the guy that Anglos called Christopher Columbus) didn't even found the US directly. He actually found the Caribean Islands of Cuba, Haiti/Dominican Republic and Puerto Rico. Indirectly, it found the US, only because of Puerto Rico. Still, it is far from the concept that most people in the US have. As if he went directly to Washington, DC and he declared that that was America. Oh boy, and some people actually belief things like this. No buddy, if there is anything that's really America is one of the three Islands just mentioned. European sailors were the ones that discovered the rest of the continent. Yes, the continent of America. Only in the US can people have such big heads to say they constitute the whole continent, regardless if it's only part of the northern side. I wonder if someone could explain that one. We are America, and we are part of North America. Now even songs and little by little encyclopedias are conceived to change history for the interest of a few. Wow! I bet that if Cristobal Colon was here, he would have quite a laugh.
If this story is true then the US has trouble in the horizon.
Well NSA may be forced to drop off its efforts on Linux and close everything "open source". Will America be safer? Absolutely not. What will happen will be the same as USSR dropping its efforts to reach the Moon when things are just two steps away. This will only boost the efforts in other countries on developing "security enhanced" linuces. And the US will just loose foot on it.
Let's note that before NSA took the step there were already a few flavours of such systems. Some are produced in the US, others in Israel, Russia and in the European Union. Porbably India and China have also their projects on the move. Most flavours concern in one way or the other specific parts of computer security. Only two or three projects try to "generalize" the concept of security on the whole. One of them is exactly SELinux.
Frankly SELinux is not the first but also not the last of these projects. In fact it is a marvelous sprint made by NSA to get a place on leadership. They came late and came with things and ideas that wouldn't fit many wishes and requirements. In fact they came in a way that everyone started to cry wolf as their system first looked as the "only security standard" for Linux. However, with the years, they didn't only managed to cool down the mood but also to gain great respect among the community for their effort. One must say that NSA's reputation changed a lot with this. Before many looked at it as the Agency in Black, now they look a lot more sympathetical and familiar.
Well SELinux is not a supersystem. It has good things but also a lot of bad things. For a corporate, militar or highly-profiled governmental environment it is quite interesting and manageable. However it is quite unflexible, clumsy and resource hungry to be universally used. It is not unique, in Europe (including Russia) its concurrents don't sleep. One should note that no matter the efforts SELinux still has not won a position in production environments in a market that has already two years of life. Most experts consider it still in a Alfa-Beta status and prefer less complex and more flexible systems for use in critical environments. Besides SELinux is great on its ideology of processes and management, but as with common ideologies, there are those who disagree and this reflects on systems that have nothing familiar with SELinux. The only thing that SELinux may influence on them is to boost the ideological dissidence of the algorithms.
If SELinux is stopped then the only thing that will happen is that someone will took the podium and drop out the NSA. SELinux will be developed by a corporation, another government or a community. Besides this will not stop all those other systems that are being developed and used in many places in the world. If those who force NSA to close doors to open development claim being American patriots, then I'm sure that they should shut up their mouths before speaking about "America's leadership". In the way things go the US, in the future, may see its once superb security machine trying to find a place in the end of the queue.
I'm not American and don't well sympathize with the US. But I know the field and know what NSA is doing, and their work is quite interesting. In an academical point of view, because I highly prefer another way to secure the penguin and most of my friends think the same. Not everything "made in America" is taken for granted. Frequently it is taken the other way...
To NSA: It is a pitty to see you dropping the ship. Hope to see you some day again...
I agree with you that the GPL may not be the best license under which to make government sponsored software available. However I think that just making it public domain is an even worse idea.
Software is functional so I think that the interests of the people would be best served by including a condition that requires any information needed for interoperability to be published if the software is extended. The specific case I have in mind is Kerberos.
There may be some other conditions that should be added in order to better serve the interests of the people but I think that it is important that properietary software vendors don't have to jump through a bunch of hoops in order to use the results of government sponsored software research.
I'm not trying to start any arguments here, but I do think a couple of things are quite ammusing.
:)
Firstly, the complaints are that a US government agency is providing security patches internationally for a product that was designed and built internationally. If they want a Kernel using the NSA security code only for use by US companies, I think that it should only be allowed to use the kernel code developed in the US. Pretty non functional I'd think. It's pretty poor of them to say, "we'll take all the code developed by foreign private companies and foreign governments thanks, but you lot arn't alowed to touch US Gov funded stuff!". If they (private or government) want to build on shared code, they should provide it.
Also I think it's ammusing that MS is kinda fighting on behalf of RedHat.
"I'll take the red pill. No! Blue! AAAaaaahhhhhhhhh"
- Monty Python meets the Matrix
The bit of your story that doesn't sit well with me is if it was a problem with one contractor- well rip out that code. If it's too deep to make that practicable, start from scrach. The NSA has the budget and enough smart people working for them that if the political will for this thing to happen was there, it would happen. Buy off the friggin patent. Buy the company. Make them pray the deal doesn't get changed further.
No project goes through without hickups. If there was a 'party' who weaseled a patent in, I don't really see this as a show stopper. A convenient excuse for gracefully canceling something that was causing friction from the higher-ups? A combination of all these things?
So what are the political reasons for stopping (or closing) public crypto projects?
The whole question of how bomb-proof do you make something that your adversaries will have free access to may figure. Don't want to give the enemy the tools they don't already have so as to keep you out when you really want in. But-
The US stands to lose way more than any other country in the world from a massive digital attack. It is much more important to the economic well being of the country (and thus tax money for proxy bombs) that Wall Street's (and main street's, taken in a cumulative sense) main computer systems can be trusted, than taking out an foreign intelligence server. We're way to dependent to go take that on the chin.
The other thing to remember, is that MS, and others who stand lose from Open Source work have cash and access. Microsoft has lobbyists who can make noise in Washington and put the seeds of semi-reasonable sounding ideas into lawmaker's heads. Open source has slashdot where there's a lot of loud (but nonetheless silent) arguing and self-righteousness and preaching to the choir. -which maybe gets through to one or a few of the hipper congress-peoples, but not much further.
So get out there and write to John McCain explaining the good that a secure private national computer grid will do for the greater national security! He's our man!
One thing's for sure, sitting around evangelizing on slashdot won't do shit for any of the good ideas that pop up here from out of the muck from time to time. No more than yelling at the TV or newspaper every day would.
It's all about political will, and it's all about controlling and feeding ideas to lawmakers. And I don't think the slashdot/stallman digest is delivered to all the guests at the fundrasing weekend each morning.
food for thought I hope.
go team!
~.~
I'm a peripheral visionary.
The European Union maybe?
you said it right!
You do know windows 98 is now 4 going on 5 years old. If you are going to use windows 98 as a comparison, compare it to Linux of nearly 5 years ago.
Now under which licence should be released patches to Windows created using tax dolars? Looks like under two licences too: some Microsoftish and again public domain. (question is: How will Microsoft like that? IMO they wont give permission for such hacking in the first place).
And also what about intelectual property? I make some hacking for say NSA, patches are release as public domain (so the results of the research paid by tax dolars is available) but I can (at least try to) defend my IP and stop everybody from using that public domain code, so I'm defeating the reason for which public domain licence has been used in the first place.
hany
Americans are strange people. They'll vote for local taxation to build a group of already-wealthy businessmen a new baseball stadium, but suggest the same thing to pay for the healthcare of the poorest sections of society and they'll call you a socialist.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
It's all a symptom of extreme emphasis on free market, free trade and free capital. Any company (with the capital to do so) would not do it's job (making even more money for their stock-holders) without lobbying and using other methods of applying pressure to their own and any other goverment to do whatever is in their own (capitalistic) intrest.
As to whether Microsoft lobbys against NSA and every other goverment agancy to make them stop using free software, developing such themself or giving away research to the public domain: They wouldn't be doing their job if they didn't. The fact that they get caugth doing this kind of activity from time to time just means that they are not very good at it.
wether or not anybody want's to listen to Microsoft and it's like is up to them.
On the more paranoyd note, microsoft may have been payd by USA's goverment in a devious plan to make software that's completly insecure and have every other goverment and military to use it. The only problem was: If someone else made a secure OS (like SELinux) their efforts would be completely in vain.
Course you can. Its called taxation
Try collecting taxes without the use of force. I know that a lot of people pay "their share" just because they think it's the right thing to do. But what do you suppose would happen to the "compliance rate" if there was no force to back up the tax laws?
They'll vote for local taxation to build a group of already-wealthy businessmen a new baseball stadium
I won't. I think that's a scam of outrageous proportions.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
I think you're right.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
From what I know of these countries, it seems extremely unfair to lump Cuba in with Iraq et al as "Axis of Evil".
Don't blame me. Blame the people who write the export regulations. Blame USA Government. Blame PoizonBOx. The USA Government has considered Cuba a state sponsor of terrorism long before September 2001.
Imagine a system where the government is so intrusive that it even controls the amount of food which one is entitled to live off.
Will I retire or break 10K?
Office 2000 Premium comes on 4 CDs...
I'm sure they could work out an arrangement whereby the FSF would add final spit and polish (say, a README) and accept copyright of the final work.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
your grand politicians and thier deep pocketed lobbiers. I bet millions are dumped daily into the coffers of the democratic and repulsican parties. Micro$ has yet proved again, if you cant break the law and get away with it, campaign contributions work too
Based on what I wrote, the government would not be able to produce something like SELinux and release it to the public, because it would require a massive licensing violation to put someone else's GPLed work in the public domain.
Similarly with Windows. The Gov't should not hack windows. That would be unfairly assisting MS.
There are no trails. There are no trees out here.
We didn't fully understand the consequences of releasing software under the GPL (General Public License)
Funny! They don't know GPL but M$, did they try to express that it's just a "commerical" goverment?
But you can profit! You can use linux and save the money you pay to M$. And help the rest by reducing the virus rampage.
I want the research efforts of government to be open enough that we all have an equal chance of becoming millionaires.Ah! getting rich off selling someone else's work! What a marvellous and novel idea...
I have a suggestion for you: go to LasVegas, you might just WIN BIG without much effort. : ))
sigh>Linux is slower and less stable than windows
...If you're running a 486.
YEAH RIGHT! In many cases, Linux is FASTER. It is getting faster all the time. PLUS, Linux is REALLY just another UNIX, which provides FAR more platform support!
>My windows box uses about 40 megs of ram to boot, Linux uses about 175 (and
Linux is a monolithic kernel)
YEAH RIGHT! I have 1GB(RAM) on my windows system, and it is STILL not enough! Linux has run on 4MB systems just FINE!(I have an 8MB system that is running just fine with it) Last I heard, people were working on making it run in LESS than 1MB! Try running Windows 95 in 16MB, and it is like a DOG! Will Windows 2000 even BOOT with less than 32MB?
MONOLITHIC KERNEL? How about M/S with ONE FAULTY message queue? How about the fact that it loads almost ALL DLLS into limited memory, and they STAY there! Windows ends up being quite monolithic!
Besides, the arguements against monolithic are:
1. Not able to be updated through modules:
Linux CAN be, and windows is very limited in this regard.
2. Not being able to allocate memory dynamically as needs arise for parts of the system.
Linux CAN. Windows is limited here, and a HOG!
3. Not well organized.
Linux is well organized. From what I have heard and seen, windows ISN'T
4. Not running in as little memory as possible.
They are trying to get linux down, but it runs well in 1/4 the memory that windows systems require just to boot!
>Linux crashes much more often than windows, way more
I have had windows crash MANY times each day on me! Others have the SAME problems! I LAUGHED when it happened to Bill Gates on the BEST system at the WORST time! Yet MANY people had a linux error cause their systems to crash! OH you say, Linux CRASHES! Want to hear the punch line?
1. This error was fixed OVER 7 years ago!
2. It ONLY occured if you had your system up for over a year(As I recall it took several years) with NO reboots.
3. It happened because a counter wasn't reset, and would cause a fault when it overflowed.
>The few Apache/MySQL vs IIS/MS SQL tests I have seen have been won (sometimes dominated by) Windows
IIS ISN'T STABLE, and has LOTS of problems.! Most of the tests have been rigged. And they ALL show strengths/weeknesses of each platform. NONE shows Windows is best in all cases.
X is a one size fits all poor implementation at a responsive display server (both Apple and MS are moving to hardware accelerated GUI)
Windows is WORSE! X doesn't look quite as nice, and isn't quite as integrated, BUT.... Problems with X DON'T crash the system. It is multiplatform. It is networkable.(windows requires all CLIENT processing, specialized software, or a buggy and clunky "terminal server").
>KDE is maybe the only thing on earth more intigrated than windows explorer, everything under the sun imbeded into konqueror, it makes it clunky as hell, Nautalus is nearly as bad
Damn straight. It crashes a lot over stupid stuff, and it does hog memory. Still, after it crashes It works OK.
>Ease of use for the newbie is not as important as ergonomics for powerusers, but Linux has yet to bring an environment to the table that I can efficiently get work done it.
Unix, and the Linux implementation, have been getting work done for OVER 30 YEARS! Microsoft isn't even 27 years old.
Do you REALLY think that, 10 years after the fact, people would have spent THOUSANDS for UNIX(the O/S, with NO computer), if it was bad? Sure, NOW you have cheap or free variants, but THEN you DIDN'T! SCO for the full system cost over $5000! Yet it competed against M/S Windows/DOS!
BTW, I made a prediction in the early eighties. I was laughed at. NOW, it is true! Nearly every Computer company has standardized on UNIX!
IBM, DEC(now gone, I know), DELL, APPLE, HP,SUN, etc.... For their bigger systems, and proprietary ones, as well as many PC workalikes, they use a variant of UNIX!
IBM =AIX/LINUX
DEC =ULTRIX
DELL=LINUX
APPLE=BSD (as a kernel to their new MAC OS)
HP=HP/UX
SUN=SOLARIS(sunos)
>WinXP Pro comes with a 480 meg CD, Mandrake is 3 CD's and SuSE is 7
WINXP pro does NOT come with 1 CD! You need MANY to match Linux! You need exchange(disks?), MSDN(1 DVD), SQL SERVER(1+ CD), etc..... NO comparison!
For the basic O/S? Linux needs 1 DISK(a FLOPPY!)!
And Windows needs HOW many?
>NTFS is much more stable than any Linux file system, hard shut down in Linux and watch it fsck your box
Hard shut down with windows, and watch IT take a while!
>Installing software on a Linux system is badly broken, often you end up fixing make files, chasing dependencies, or in situations where you can't update a library with out breaking other apps, many libraries are not very backwards compatable and someone still has yet to write an installer for Linux. Nullsofts SperPiMP installer for windows is only 498K but such a simple installer has yet to exist for Linux because it's design is funamentally flawed.
Even windows 3.11 had an installer and you can install the 32 bit libraries for it and still run binaries that were compiled on XP, lets see Linux do that
Don't get me started! I had a problem REinstalling VB4 on Windows! When I called Microsoft, they said "It sounds like you installed Office 97." They made changes to OS files, and caused problems! SO, you claim windows 3.11windows XP compatibility? I'm telling you windows doesn't even have Windows 98 windows 98 (SAME installation, and SAME computer) compatibility!
As for the dependency problem? I call microsoft, and they say "reinstall windows in another directory." This means a weeks downtime, and possibly accomplishes NOTHING. With Linux, you will likely get your problem solved quickly.
BTW, even MSnbc said that Linux is better supported than Windows! And THEY are part owned by microsoft!
Fundamental flaws? Microsoft has a GREAT methodology that they encourage everyone to use, but it will NEVER work! WHY? Because M/S doesn't use it! What good is it if your C program handles all dependencies, but the C library(from M/S) DOESN'T? Linux, on the other hand, has distributions that are supported, and has standards that are being followed more and more!
>Developers will often use GPL just so they can avoid having to create and test seperate packages for the last 3 versionsof every major distro, GPL lets someone else do it.
Linux supports more platforms DIRECTLY than any other O/S on the planet. Do YOU have the money for vaxes, alphas, mainframes, suns, IBM PCs, Macs, etc.... Not to MENTION the OTHER hardware! GPL reduces the cost from BILLIONS or trillions, to peanuts!
>The exists no development environment more compelling than gcc and emacs, for this reason Linux apps will always be behind
There are actually quite a few. KYLIX, FORTE, ETC... Still, I'm betting you're NOT a programmer!
>Would like feedback on this
>Thanks
For any horror story on software installation on Linux, I could come up with one for Windows too. For all the "reasons" someone comes up with for why linux sucks, I could come up with Windows couterparts. It's pointless.
I've got a major newsflash for all you OS bigots. Learning a new OS requires learning new skills, terminology, etc. It takes time. OS's are also different. Yessiree, folks. Setting an IP address on Windows is different than Linux, the Mac, VMS, AS/400, Mainframe, etc. Each OS has it's strengths and weaknesses, but YOUR lack of skill is NOT a weakness in the OS. The poster who claims that his linux kernel took 175M is a good example of someone who does not have the skill or knowledge to understand what he is doing / seeing (which in this case it's probably the fact that Linux uses most of the available memory for buffers / cache, and free's it as needed for other uses. One of those "performance enhancing" features.)
Understanding a feature and understanding the CONCEPTS behind the feature are two different things. Someone with conceptual / theoritical knowledge is going to be able to pick up a new OS easier than someone who doesn't. Someone without the conceptual knowledge moving from one OS to another is going to try apply the old OS's features and behaviors to the new one and therefore will have LOTS of problems. Stick a Windows user in front of a Mac for the first time and watch them squirm.
Yeah, a newbie installing Linux for the first time is going to be JUST AS CONFUSED as a newbie installing Windows. So what's a newbie to do?
First, any novice should buy a book on linux and READ THE DAMN THING. There are several modern distros that are well geared towards the novice. Most install MUCH easier than windows. As long as your hardware is listed as being supported on the compatablility matrix for the distro, things just work. Once installed, the system is fairly self-maintaining, and virtually anything can be done via GUI tools. Users don't need to use vi or emacs, they can use one of the bajillion other editors out there for either the command line or GUI. The solution to virtually any problem a newbie may face is easily solvable by typing a few keywords into google (since ALL linux documentation is online) or browsing the online manuals that come with the distro to find the solution. Next, get the damn book out again and try some of the examples. Learn the system. It's NOT that hard - if my 65 year old non-computer literate mother can do it, and my 9 year old nephew can do it, so can you.
Enough of the tired old whiney claim that Linux is hard. It's 100% FUD at this point. You just make yourself look incompetent.
I think that comment is shortsighted and unfair. I also think I would be hard pressed to come up with a better example of the barrier I'm talking about.
From my personal experience - a Winx user sat in front of a Mac will generally be productive within a day. Same user in front of a Linux desktop will typically give up.
What's needed here and apparently absent from your comment is an ability to listen to the problems I raised and address them constructively. All too often what I find are comments like yours which belittle the user and serve to squelch the kind of insights that are necessary before Linux will succeed on the desktop.
This is precisely the barrier I was talking about. A glowing example in fact.
To address your first point on horror stories, and hopefully leave out the un-needed emotional heat, the point is not a numerical comparison of how many Winx horror stories there are compared with how many *nix horror stories there are. That is immaterial.
What is important is that there are any Linux horror stories and what to do about reducing that number.
I for one am not content to have Linux be "just as good" or "better than" Winx in any case by case comparison. I feel that Linux is far too powerful to settle for that.
Rather, my goal would be to have Linux serve as the basis for a near revolution in computing - one that finally makes reliable, scalable, and powerful computing capabilities accessible in a way that computing has never been. As simple as a toaster for the novice, yet as powerful as the largest super-computer ever concieved for the expert, with no large bumps in-between on the learning curve. An environment that encourages wide and constant innovation while preserving reliability and stability. If a goal must be picked, that would be mine. No FUD here. Linux is good. But, it's not good enough yet. With open eyes - let's solve that issue.
I am talking about desktop Linux, not just the kernel itself; you knew that but chose not to see past it. My windows system has 512 megs of DDR, my Program Files directory is 8.9 Gig, I go through the folders and open every single program, although some stuff is stored in virtual memory, the system still runs smooth using about 380 of primary memory. Mandrake 9.0 beta 2 used 240 Megs of RAM on default install (no servers) just to boot. As previously stated, I can get windows to boot using 40 Megs of RAM, default install is something like 58. Anyone reading this can right click on task bar and Task manager > performance and see that even with the system in use it will usually stay under 100 Megs of RAM.
1 Gig is not enough for your windows box but Linux runs fine on 4 Megs of RAM...
Yeah right, I think we are both trolling at this point but least I am being honest. You argue my point on stability but saying UNIX is stable, it is. Linux is stable too when used as a server and not a desktop, it also uses much less RAM when you don't load X and a DE. But you're sidestepping the fact that Linux is still huge, slow, and unstable as a desktop, which BTW, is an important fact when considering its potential on the desktop. The rest of your post continues to go on comparing apples and oranges, and for good reason.
Simply put, I do not want MY tax dollars going towards development of software licensed under the GPL. If my tax dollars fund development that goes into the public domain, fine. If my tax dollars fund development that gets licensed under the GPL, NOT FINE.
So you'd be happy to pay more taxes to compensate for the inability of government to modify GPL software in any way. You'd prefer if instead they either wrote from scratch (and released as public domain) or paid for proprietary software, either of which are likely to cost a lot more tax dollers than taking some GPL code, modifying it a bit then complying with both the rules requiring the publically funded work be made public and the GPL...
When it comes to spending public money there are usually rules about not squandering the money. Not allowing government departments to modify GPL software (which is effectivly what a "government may not release GPL software" type rule does, since, unlike private individuals and corporations, they are obliged to publish any modifications made) means that they can have to spend considerably more money, with no apparent benefit to anyone, except possibly a few corporations who didn't contribute their fair share of tax dollers in the first place.
These licenses are public-minded in the sense that they are specifically authored to ensure long-term free public access to the code -- the source [GPL] or the binaries derived therefrom [BSD], put simply -- and they do not discriminate against any individual or organization, nor do they restrict freedoms such as of speech once any such entity accepts the terms of these licenses. It is precisely this sort of public-minded, freedom-oriented licensing that Microsoft finds frightening,
When did "to further progress of science and the useful arts" become "to further the profits of big business" anyway?
because it cannot conceive of a future in which its business model, of selling closed software under licenses that stifle speech to people who think Software Is Magical And Thus Requires Great Expenditures By Huge Corporations,
To the vast majority of companies software is infrastructure. Even people who may think having clean water piped through out a building, electricity, high speed LANs, telephones, etc are "magical" generally understand that to get these sort of things sorted you can either employ people who know about them or get an external contractor in. No-one in their right mind would chase half way across a continent (or even the planet) to get a magic plumbing kit or a magic cabling kit or even a magic building kit. But somehow Microsoft has managed to sell the idea of a magic software kit, an off the shelf product which will cover all your companies needs without needing to employ an expert to set it up. Maybe because software is newer than buildings, plumbing, etc and there is no real material cost involved in deploying it.
I have been using Linux as long as I have been using windows, learning the OS is not the problem, it's using it.
Yeah, a newbie installing Linux for the first time is going to be JUST AS CONFUSED as a newbie installing Windows
I remember the first time I installed windwos, I don't remember it being a problem. The fist time I installed Linux I didn't have trouble aside form not knowing the mount point for the primary Linux partition.
Enough of the tired old whiney claim that Linux is hard. It's 100% FUD at this point.
I don't really think Linux is hard and don't have a problem sifting through google or man pages (apropos :), but even with that in mind, Linux has a long way to go before it is able to replace Windwos on the desktop. FUD is hearing how Linux (desktop) is so much faster and windows crashes all the time, the other way IMHO. Windows never seems to crash for me, I don't really mind Galeon or Mozilla crashing on me either, but it makes BSOD jokes get old fast. I find myself running xkill and kill -9 often.
But a stable GUI does not equal stable GUI apps, which is more part of the problem. I am complaining about the general state of GUI interfaces and applications, and I see tens to hundreds of crashes and bizarrities every day.
Hell, at least once a week Win2k decides to completely remap my keyboard in a random app. Sometimes a command prompt, sometimes Outlook Express.
Thank you -- an excellent point.
Personally, I don't mind if the NSA or any other government agency chooses to use PD, or BSD, or GPL for distribution. If it's difficult to make a decision based solely on technical merit, but there happen to be substantial economic benefits to choosing, say, PD over GPL (say, if it might speed acceptance of a new protocol by making the implementation more attractive to software proprietors), I doubt I'd spend hours on /. screaming how that's "discriminatory" against GNU and the GPL.
So your point is well taken -- the government is not to be accused of "discrimination" simply because the public license under which it might choose to distribute software it writes happens to be inconvenient for a few existing businesses, thanks to distribution models to which they've grown accustomed.
The interesting thing, to me, about this whole discussion is how intent pro-MS types are on propagating lies and distortions about the GPL being "anti-business", "anti-corporate", "anti-commerce", and "discriminatory", rather than more calmly and rationally discussing the real issues, such as whether Linux is technically the best platform upon which to build a secure OS. (I'd have guessed OpenBSD, based purely on my impressions from reading stuff on the web, for what that's worth....)
Seeing the stack of cards upon which MS has built its anti-GPL efforts makes me wonder what they're really scared of, and what might be about to happen to their profitability, their stock price, etc. I mean, if they have nothing to fear due to having vastly more funding and all that other stuff, why propagate lies about the GPL?
Practice random senselessness and act kind of beautiful.
I have almost 9 gig of installed programs on my windows box, all of them stable. I don't have any spyware installed on the system though, and nothing non-MS runs in the backround. I am not sure what programs on your system are buggy, but there are probably better more stable replacements for most of them.
but I think that it is important that properietary software vendors don't have to jump through a bunch of hoops in order to use the results of government sponsored software research.
It isn't the job of government to ensure any business models work and never break. Why shoudl proprietary software vendors get special treatment?
Yes, but the Office XP has only one install disk (the other disk is a media disk), and GobeProductive for windows is only about 11 meg.
You're full of shit dude. The experience of thousands of others denies your unprovable statement.
l Studio
Incidentally, I looked at your links, and you must think all windows users are just below "severely retarded" to think either of those articles told me anything I didn't already know, or find out in my first week of running XP. Holy shit.
Incomplete list of applications that crash frequently (order of at least once a week):
Outlook Express
Internet Explorer
Mozilla
Opera
Explorer
Delphi
Visua
To be fair, Opera doesn't usually crash a second time after restarting it, even viewing the same pages.
Most of the people I know that run 2K and XP claim it's fairly stable. I don't seem to have any problems with the apps you listed (accept outlook which I don't use). Any crashes in Delphi or VS were usually attributed to my inability to code. Maybe the fact that my system does not seem to crash is attributed to pure luck.
Perhaps you're talking about the entire system overall. I am not claiming Win2k falls down forty times a day - it certainly doesn't. But the software running on it DOES. Frequently.
And it's the same on all GUIs too... Mozilla crashes everywhere I've tried it (Note: not every five minutes or anything). This isn't necessarily an attack on Windows, I'm just countering your claim that everything is fine in the land of Win32.
And sure, some of Delphi's crashes are due to my own imperfect state, but most certainly not all.
> This is true, but I would rather have small, fast,
:(
./configure;make;make install software.
;)
> solid base system that can be easily added to.
> Something like Gentoo with an installer.
I agree that I don't use of the apps on my RedHat distro. But unlike Gentoo et al. all I don't need to download each new app I may need. apt-get/emerge might be a neat idea, if you have either a flat or broadband. For me per-minute modem user they're unavailable
Still, RPM's ability to watch the dependencies is a good idea. They can save you a lot of hassle when you're about to deinstall a package on which other packages rely. This is the main advantage over vanilla windows.
Unfortunately, this only works for the RPMS and not user compiled apps/libs. But I read about checkinstall, which creates RPMS out of
> I think the initial install is something Linux
> has improved on, I actually like Mandrake's
> DrakeX more than Windows' installer.
Getting Linux on your harddisk is pretty easy nowadays. And I think vanilla Linux is already far better configured than out-of-the-box Windows (i.e. I don't need to install drivers for half of my hardware).
It's getting Linux to do all the small things you like it to do. That's the pain in the ass. For example, you want to view encrypted DVDs under Linux. Ok, you got Xine already installed, but nada, that'S not enough. For menu support you need Xine-DVDnav. Oh wait, DVDnav requires libdvd and libdvdcss. Each library needs to be d/l'ed seperately, you need to compile/install the libraries, you need to take care that the version of Xine-DVDnav and Xine are compatible... sheesh, I only want to watch the occasional DVD. Got my point?
> I liked 2K more than XP, and don't get crashes
> because I am picky about the code I run on my
> system. I have had 2 crashes on my XP system;
I had a few more, but I could always trace back the source of the error. Most times it was my fault (wrong driver etc); only Mozilla made my XP box crash totally on certain webpages, and even then not the whole OS crashed, only the GUI did (which may have the same effect, but Winamp, for example, still played my MP3 collection).
But you can profit! You can use linux and save the money you pay to M$
That isn't profit, it is cost reduction.
Ah! getting rich off selling someone else's work!
It isn't someone else's work. It is MINE! I paid their bills!
FreeSpeech.org
Your point is germaine. It's not the job of government to select business models. Picking GPL is a selection; one that specifically excludes certain models. Hence my original comment that public domain is more appropriate; or more open licenses (like the essentially unrestricted BSD, Apache, and similar licenses).
C//
Well, they can maintain and distribute patches. And while patch is theirs as a whole, they can licence it under whatever licences they like: GPL, public domain, some commercial licenses. All at the same time.
Sure it is less practical, but so is rewritting whole Linux or Windows.
IIRC lame used such tactic to avoid problems with licence of code they used as building base - they distributed patch licensed under GPL used to patch software under some "free to use but restricted" license.
(Btw, lame managed to rewrite whole base so now it is fully functional and all under GPL. But "Lame Aint Mp3 Encoder" is not "Linux" :)
hany
It isn't the job of government to ensure any business models work and never break. Why should proprietary software vendors get special treatment?
That is exactly my point as well as that of the original poster. Proprietary software vendors should not get special treatment and neither should open source projects. In my opinion the GPL would amount to special treatment of open source efforts.
The point I wanted to make was that I think that the welfare system for proprietary vendors that would result from everything being put in the public domain is going to far in the other direction. The GPL and public domain are, in my opinion, at opposite ends of the spectrum and I feel that a more balanced license would better serve the public.
Given that you have some software that was funded by the government what should be done with it? In my opinion you want to maximize that value of the software to the people who paid for it, i.e. the people of the country. It is generally not of much direct use to the majority of people so you are left with choices like license it to a company, put it in the public domain, license it under the GPL or choose some other license.
My opinion is that the best way to maximize the benefits for the people is to choose a license that maximizes use while also ensuring interoperability and thus competition. The GPL does not maximize use while the public domain does nothing to ensure interoperability.
> Linux is slower and less stable than windows
.. coffee time. Don't even have to reboot afterwards (or every day..hehe).
You don't actually know this do you? You've never run Linux, hence can't appreciate the fact that the only time it crashes is... dunno. I've only locked it up when playing with accelerated X drivers (closed source NVidia drivers at that.. ha!)
> My windows box uses about 40 megs of ram
Mate, you're confusing Windows with Office.. Office takes 40Mb to boot, Windows 2000 and XP both take approx 100 - 170Mb after logging in. I know, I run the both.
For those who care, OpenBSD/FreeBSD uses about 30Mb.. cool, eh?
> Installing software on a Linux system is badly broken
I agree with installs being a pain in the arse..
I've used Slackware, RH and Mandrake (and stints on Turbolinux and SuSe).. but Gentoo Linux gets my nod due to its excellent portage tree.
Portage is basically a rip of what BSD has had for ages.. if the app u want is in the ports area, cd into the dir, type make and let your machine handle dependency checks, downloading all relevant apps/libs, building dependant programs, installing etc.
And guess what.. it works.
I've cd'd into the 'gnome' dir and typed 'make'. Come back an hour or two later and you've got a complete gnome system, optimised for your machine - the dependancy checks ensured the X was downloaded, built and installed.. tip of the hat to the Gentoo team.
You can't get any easier than that.. 'make install'
... and AIX... ... and HP-UX .... ... and SCO ... ... and IRIX ...
IANAL but write like a drunk one.
Picking GPL is a selection; one that specifically excludes certain models.
It's an implicit choice, since they started with GPL material and obeyed the licence. N.B. none of the actual copyright holders are complaining about this.
That is exactly my point as well as that of the original poster. Proprietary software vendors should not get special treatment and neither should open source projects. In my opinion the GPL would amount to special treatment of open source efforts.
Proprietary software vendors are PSVs out of their own choice. No third party went to them and said "you are a PSV, you will always and forever be a PSV". Should corporations be protected form possible negative consequences of their own actions?
Given that you have some software that was funded by the government what should be done with it? In my opinion you want to maximize that value of the software to the people who paid for it, i.e. the people of the country.
By this criteria Microsoft probably shouldn't be considered part of the people who paid for it in the first place.
My opinion is that the best way to maximize the benefits for the people is to choose a license that maximizes use while also ensuring interoperability and thus competition.
If the US government cannot release GPL code then the only way they could make use of GPL code is to use the programs unmodified. This potentially places a huge and expensive restriction on the US government. Where they could have taken a GPL program and modified it a bit they now have to either develop from scratch or buy from a PSV.
The GPL does not maximize use while the public domain does nothing to ensure interoperability.
So maybe you;d need something else for software originated by the US government. The thing is that the issue is more about the US government creating derived works under licence. You'd also need to ensure that they are not restrained from modifying someone elses code, where the copyright holder is perfectly happy for them to do so. Otherwise this would be restricting the interests of the directly involved parties, the US Government and the GPL copyright holder, in order to satisfy some third party PSV.
But this is the thing. Government employees should not be in the business of giving up their intellectual property rights to private organizations. Why? "Their" intellectual property rights are actually _ours_.
C//
...Secure Computing actually did a fair amount of the hardening of the kernel, and that NSA wasn't really in a position to release Secure's work, but figured that out after the cow was out of the barn.
If that's true, it's a wonder that Secure hasn't dragged them into court.
the constitution and the bill of rights do not delineate the only specific rights that you have- they are merely a list of rights that the founders felt needed to be enumerated for clarity. you are given the right to more or less EVERYTHING barring items that conflict with existing laws (and even that is arguable- you can claim, for example, that the DMCA and other 'corporate laws' violate many rights.)
don't assume you are only given what is listed- that's not how it was intended, and now how you should perceive it.
EOM
Yep, another one of the MANY here on slashdot ^_^