Slashdot Mirror
Passport for Linux On the Way
mrsam writes "PCWorld reports that
Microsoft comissioned
Ready-to-Run Software,
a small software vendor,
to port the Passport server software
to Solaris, Red Hat Linux, AIX, and HPUX. Oh, joy."
← Back to Stories (view on slashdot.org)
Does it really matter?
The fact that Passport server software will now run on (some of) the unices isn't really a cause for dismay; although it may speed uptake of Passport, it also removes another reason for a web service provider to use IIS.
Any company that really *wants* to run Passport WILL. It's just a matter of what platform they run it on.
Is it just me or is the idea of centralising security bad?
It seems to me that a spread of security/password systems is better, since a comprise of one does not comprise the others?
Somehow the buzz to make everything easier overrules normal safety practises. Do we not get told not to have the same PIN for different credit cards?
One wonders what MS's true intentions are in porting this to Linux... embrace and extend?
Can you even do that to something as complex and loosely-coupled as the open source community of linux developers?
They probably just realized how large a marketshare Linux is getting on the server side and want to attain total market dominance for their worthless Passport product, lest we develop a better, more secure alternative. Hint, hint: won't work, MS. Much like Gnome, KDE and the other 10 or so windows managers, we are all about freedom and choice and will code alternatives to the alternatives to the alternatives until sourceforge runs out of disk space. Just because we can, just because we love coding and have common ideals for what life should be like: Free, especially of YOUR control.
In a recent article at OSNews, I commented about Microsoft's business practices (to a degree), and the "Microsoft problem".
What we need to do is continue the big push with our own software, and develop it from medicore software to Great Software.
Does anyone remember the Insanely Great comment from years ago by Steve Jobs? It's much the same attitude and spirit that we need now, in not only the Linux Communities, BeOS Community, and more, but everywhere that is offering a choice for the end user.
We have to continously keep in mind that all of our hard work is for one target: The end user.
I cite the recent Red Hat reviews at OSNews and other places as prime examples of how we still are not quite getting it.
Please feel free to read my original comment at OSNews here:
http://www.osnews.com/comment.php?news_id=1951&off set=34
The problem won't go away if we play by Microsoft's rules. We need to create our own, and survive.
user@host$ diff
You morons, hie is not saying they don't exist, his statement is more directed at there poor support and reliability under any OS other then Microsoft.
They are rarely updated, and they often break.. From my exp FP ext's are the bane of most linux based hosting companys and cause a majority of the support load..
I once worked for one of the largest free hosting provides online, they bought out a Windows based company, The original plan was to switch them over to there linux based system, But after seeing the numbers keeping the windows servers ONLY for people that required FP was considered,
It is pretty much a known fact to anyone in the webhosting industry that FP ext's on linux are flaky to say the least
Personal Website
So let me get this straight. Their productivity software, Office, that uses de facto document standards and which can currently be sold for a profit, they have no intention of porting to Linux.
But a broken, hole-y DRM/anti-privacy schema, accepted by only a few and generally looked on with suspicion, being developed with no profits in the near future to -- that, they're porting to Linux.
Uh.... HUH.
AHHHHHHH! I'm burning with goodness again!
- Reakk, Sluggy Freelance
Actually, seeing Microsoft source code, but under a dodgy "pseudo-open" license is actually worse than not seeing it at all. You become "tainted" and MS may well sue you if you work on a conceptually related project. They have taken legal action in the past. NTFS driver development in the Linux kernel was effectively halted, for example, over such an issue.
That's why most MS releases are WORSE THAN USELESS.
For companies that already have passport for certain things, you can setup a secure, fast, *nix server, and allow the few half-wits that use passport to authenticate. How many people got excited by the prospect of being able to do groupware, email, and calendar funtions like Exchange, but without using an Exchange server? This could be the same thing; a way for *nix admins to use their current systems, and support their users who choose to use this thing.
Overrated / Underrated : Moderation
If you don't want to use it - don't install it. If it's installed - turn it off.
(I also encourage people not to use Passport in my academic capacity - and I tell them why).
I fail to see why MS is providng ports to platforms where the user base is so hostile to the concept of the massively insecure single sign-in
It's not you: I'm just this horrifically socially awkward with everybody.
chroot() jail
A computer without Microsoft is like ice cream without ketchup.
First of all, everyone is gonna love Microsoft for porting its great universal authentication solution to the *nices platforms, making it more universal. Big *NIX companies will buy the software and will offer Passport support to their clients. Then, after a couple of (outdated) versions, specifications will change without previous notice and the implementation will be worthless, the performance will go much below that the native winXX version, big companies customers will start bitching around about lack of support and functionality, and the final response from M$ to big compianies will be 'our passport system was created to work from the ground up on the .NET framework, which uses native winXX functions not available in any other working environment, thus we cannot guarantee the correct behaviour on other platforms'.
End result: big company will migrate its *NIX servers to M$ platforms, and big company customers opinion about how *nix sucks, and how far winXX is superior at accomplishing the same tasks.
Don't you see it's all but just a FUD game the M$ people is trying to play with you?
Articulos para gente geek: Poleras, linux, libros y mas
A properly set up centralized security server does nothing but run the authentication services and possibly the authorization services. It should not be running other services such as NFS, print services, HTTP servers, etc.
That is not to say that different applications can't use secondary passwords to authorize certain facilities, or to mandate a seperate security ticket for the duration of a special session (e.g. starting an admin tool to add new users to the application's authorization set, or changing their authorization lists.)
Many authentication and authorization services also support facilities like session limits (the place I work at right now only allows each id to be used for a single client station at a time; development and support staff are a special case.)
Centralizing security also means that you only have to deal with hardening one set of authentication servers (gotta have redundant server clusters in a large environment for something this critical!) When patches are needed, you know they've been applied because you don't have to run around to all the application, data, and web server systems. Some application/web servers might break if they aren't patched to work with the updated security server, but that is a good thing -- you don't want outdated clients being authenticated when they're running software that has known security issues.
However, there are far better products out there that aren't limited to Microsoft clients. Tools like Kerberos, Verisign products, Netware, etc. I just cannot fathom why anyone would voluntarily limit their options rather than just using a non-Microsoft product.
I do not fail; I succeed at finding out what does not work.
Liberty.
Why Passport?? *shudders*
HTTP/1.1 400
Yes, think about it, *why* are they sharing the code?
They are fighting fire with fire, all we, as coders have to do, is to see the code, and we are now tainted, and can not legally implement a competing code base.
The same as if they use GPL code, it taints their talent pool, if we *see* their code, it taints ours.
be very careful when offered a bite of this apple.
...please forgive my pseudo-rambling, It's going on 24hrs since I last slept ;p doh! ...
...and don't give me that crap about "nobody is buying X-Box systems". You're right, nobody is buying them. That's not the point. If MS was worried about sales, they wouldn't be giving away litterally hundres, if not thousands of consoles regularly. Pepsi shortly ends yet another "500 free X-Boxes" promotions this month. Who as ever heard of a console manufacture regularly givining away thousands of systems as much as a year after launch? MS only cares about
Look, the primary reason for passport logins is in order to attract customers. PERIOD. If MS can offer passport security (sic) login support across nearly all commonly used platforms, then they can potentially approach a company with large volume customer interaction such as AT&T, FedEx, etc... or even our Government and use the sell line of "XX% of the US internet population has access to Passport, and XX% of internet users already have accounts created, reducing your sign-up/registration headaches. We would like to offer you this secure (sic), unified login solution for your customers as a convienence to both you and them. We can even integrate all of your customer service functions into this login for you as part of your initial installation! We'll even support your internal *nix environment so that you don't have to change servers (!for now!)."
So, then say, FedEx says hey, that sounds great, we can integrate everything into this, and it looks like everyone already has a Passport account, and there's no change in equipment on our end, and wow this will really make it easier for our customers to login and issue shipments, track shipments... We'll take it.
Microsoft never abandons a product, period, they just repurpose it a few years later. The MSN network never died, MS is just trying to co-op the internet under their wing. They want all data to come through them so they can get on with the subcription model they have been trying to migrate to since 1995. Passport has one primary purpose, it is the login mechanism of MSN, and the leverage to get companies to chanel data through MSN, which get's more customers, then more companies, etc...
Once MS has "critical mass" on Passport, they can leverage it even harder as part of their DRM initiatives. This isn't to control what you see and here per se. Remember, MS is about one and only one thing, maximizing the profit of the shareholders. PERIOD. If every piece of data has to pass through a piece of MS technology, even a nominal toll of cents becomes a tremendous amount of money.
What do you think the X-Box is all about. It is about marginalizing the PC. Just wait till next year when the data/streaming formats that are only X-Box compatible, or X-Box first start to role out. Just wait until you can subscribe to Office on your X-Box variant... Not only does this completely elimiate anti-trust issues due to the large volume of established law supporting the rights of hardware manufactures to control the content on their systems. The consolidation of all of these technologies over the next couple of years will give MS even more leverage in pushing their protocols to prospective clients... thus feeding the loop.
DRM components on a PC may or may not ever happen, but I believe the whole discussion will be mute in a number of years anyways...
Really, it's the OS that we don't want Microsoft controlling right?
If this is a move on their part to start supporting Linux as a "valid" operating system, and start developing applications for it, I'm not upset with that one bit.
You can "OpenOffice" all you want, but personally, I *do* like Microsoft Word. And I like Outlook. If they started making these applications available in full form to Linux, I would run them.
Personally, I think that down the road sometime (probably not very soon) Microsoft will be developing real products for alternate operating systems. On one hand, they want everyone to use Windows. On the other hand, there is a growing amount of users switching to alternate systems, and Microsoft would love to sell you software. At some point, unless something goes horribly wrong with Linux, the community won't be able to be ignored.
Ahh well. Who cares what I think anyways.
- It's not the Macs I hate. It's Digg users. -
Everybody please avoid Passport for *nix when it comes out - they are in all likelihood doing the exact same thing. They will abandon you as soon as they get what they want (i.e., a monopoly position).
-----
Free P2P Backup, Windows & Linux
I used to work for them a couple of years ago as an intern- and am still friends with many of them. They're a great small company- I loved working there over all the other places I've worked since then.
They're good folks- diehard unix people(the president, Jeff, is one of the most experienced unix people I've ever met) who have been, for years, making various open-source software easier to install/use, backing the packages with support, and folding changes back into the community. They've been doing this since the very early 1990's.
One could argue that RTR helped, in a major way, bring open source software into the corporate world. Not with Linux- but with all the commercial unixes. Solaris. HPUX. AIX. Irix. etc.
Their ReadyPaks, at the time, were practically revolutionary- with one command you pulled a full installer off a tape, installer asked you a whole bunch of questions, and boom, you got a working installation. It was exactly what many large companies were looking for- open-source software fixed up, given a good installer, and a commercial company to stand behind it for support.
Whereas you'll see other people talking about how to bring free software to the business world- RTR has been doing it for over 10 years.
So if you're going to grumble about a company- please don't grumble about RTR. Much of the open source GNU packages you use today, especially on the non-free unixes, work better(or at all) on those platforms in part due to RTR.
That said, they are a very small company, folks- please use google caches and stuff to keep from swamping their line/webserver....
MS's release of technical information and source (even, as was mentioned recently, on demand from the courts) *is* a joke, as you've pointed out -- it pretty much is a legal ploy to entangle people in legal barriers preventing from them from working on competition.
:-)
But, let's also be fair here. This is *Microsoft* and *Slashdot* we're talking about. If Microsoft BSD-licensed Windows and released the source, there'd be a ton of people on here talking about how it was an attempt to crush Free Software by making BSD licensing more popular than the GPL.
May we never see th
But that is precisely the kind of problem I'm concerned about. When you are dealing with any sort of security services, you do not want server patches held off because of a package dependancy that you have no way to work around. Some of the patches that don't get along with ASE 12.5 are rather important security patches, for example.
I do not fail; I succeed at finding out what does not work.
Like many tech companies, Microsoft is about maximizing its own short-term stock price. To a manager with millions in stock optons, this is more important than anything, even profit.