Slashdot Mirror
Passport for Linux On the Way
mrsam writes "PCWorld reports that
Microsoft comissioned
Ready-to-Run Software,
a small software vendor,
to port the Passport server software
to Solaris, Red Hat Linux, AIX, and HPUX. Oh, joy."
← Back to Stories (view on slashdot.org)
what will be surprising is that once the fist iteration is shipped Microsoft keeps the updates flowing - Frontpage extensions for Apache on Unix anyone?
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I guess with the usual EULA that gives the permission to send all kinds of information to Microsoft about your usage habits and possibly automatically removes your linux partition and install Windows X-whatever on it, after automatically getting the money from your credit card.
No thanks.
Genius doesn't work on an assembly line basis. You can't simply say, "Today I will be brilliant."
Microsoft are going to share some of their source code with the developers. Could this be the start of a new style of policy from microsoft?
It truly seems that MS has 'alienated' a lot of the computer-folks, as it becomes apparent that said computer-folks should now aquire a Passport.
E
Marxist evolution is just N generations away!
Or is microsoft trying to prove that *nix really can be cracked as easily as windows?
Now will I see "how do I set up Passport" in all my favorite mailing lists? Hardly. People get flamed enough for Active Directory postings :)
Conversion Rate Optimisation French / English consultant
When they are done we will be able to see the prices for the communication protocols. Probably only a soul or two.
134340: I am not a number. I am a free planet!
...it keeps crashing on Windows.
<rimshot>
Thanks, I'm here all week.
Seriously, though - why passport? Why not something people might want to use - like Office. Oh yeah - because then there'd be *no* excuse to stick with Windows.
Does it really matter?
The fact that Passport server software will now run on (some of) the unices isn't really a cause for dismay; although it may speed uptake of Passport, it also removes another reason for a web service provider to use IIS.
Any company that really *wants* to run Passport WILL. It's just a matter of what platform they run it on.
As it was originally designed, Passport Manager could only be installed on Microsoft server software. However, prompted by requests from large Passport customers that manage user authentication on Unix or Linux servers, Microsoft has worked with a company called Ready-to-Run Software, in order to port the software to non-Windows systems.
Ok, who is the idiot, stock photo posing, Microsoft "freelance" idiot that asked for this thing? Come on, own up to it. You can't hide forever. We know you _THOUGHT_ it was a good idea.
Is it just me or is the idea of centralising security bad?
It seems to me that a spread of security/password systems is better, since a comprise of one does not comprise the others?
Somehow the buzz to make everything easier overrules normal safety practises. Do we not get told not to have the same PIN for different credit cards?
One wonders what MS's true intentions are in porting this to Linux... embrace and extend?
Can you even do that to something as complex and loosely-coupled as the open source community of linux developers?
They probably just realized how large a marketshare Linux is getting on the server side and want to attain total market dominance for their worthless Passport product, lest we develop a better, more secure alternative. Hint, hint: won't work, MS. Much like Gnome, KDE and the other 10 or so windows managers, we are all about freedom and choice and will code alternatives to the alternatives to the alternatives until sourceforge runs out of disk space. Just because we can, just because we love coding and have common ideals for what life should be like: Free, especially of YOUR control.
I didn't realise there were Visual BASIC ports to Solaris, Linux, AIX and HP/UX :-)
It allready exists, also from Ready-to-Run: http://www.rtr.com/fpsupport/ - note that Digital Unix, FreeBSD, BSDI, Linux (RedHat), Solaris, HPUX and IRIX are supported.
FrontPage - these are about the only guys left still running that stupid logo. Still, if it keeps fat contracts from MS coming in, it's probably worth it. :)
creation science book
Why did MS comissioned a small company to port Passport server software?
I'm not an expert in corporate tactics but could it be that they're already forseeing the flop of those ports and rather ask a small company to have the trouble, the (possible) losses, etc... ?
-- Would it be acceptable to just put my name on my sig?
"Ready-to-Run" is a misnomer. I had to deal with the unix FrontRage extensions at my previous company (a web hosting provider), and Ready-to-Run's software was total dreck.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
I believe we in the Linux community should return the favor, and port Wine to Windows.
that list of *NIX platforms already has an answer to passport - liberty. i may have my negative opinions about IBM and Sun at times, and don't get me started about RH, but i place a lot more faith in their stability and security, and i know they'll answer answer the phone when we have a security issue that has to be fixed 30 minutes ago. i don't feel comfortable ever saying that about Microsoft.
when it rains, it gets real soggy. when it pours, i'm under the tap just _waiting_ for the joy
In a recent article at OSNews, I commented about Microsoft's business practices (to a degree), and the "Microsoft problem".
What we need to do is continue the big push with our own software, and develop it from medicore software to Great Software.
Does anyone remember the Insanely Great comment from years ago by Steve Jobs? It's much the same attitude and spirit that we need now, in not only the Linux Communities, BeOS Community, and more, but everywhere that is offering a choice for the end user.
We have to continously keep in mind that all of our hard work is for one target: The end user.
I cite the recent Red Hat reviews at OSNews and other places as prime examples of how we still are not quite getting it.
Please feel free to read my original comment at OSNews here:
http://www.osnews.com/comment.php?news_id=1951&off set=34
The problem won't go away if we play by Microsoft's rules. We need to create our own, and survive.
user@host$ diff
quidquid id est, timeo Danaos et dona ferentes...
Sorry for nagging, but I have to correct you here. It was the greek who built the Trojan horse...
Making mink coats for PETA members?
Vortran out
Knowledge is like ignorance.. too much can be just as bad as not enough.
The fact that Passpoer is being ported to linux means nothing, really. For a system to exist people have ot use it. The base of linux users who actually register for passport (especially those who use linux because it isn't MS) will be very small. The people who use linux are not idiots. They read thier EULA's, they know what rights MS gives itself with the passport system. Although it is nice that mainstream software is being ported to linux.
History will be kind to me, for I intend to write it - Sir Winston Churchill
So let me get this straight. Their productivity software, Office, that uses de facto document standards and which can currently be sold for a profit, they have no intention of porting to Linux.
But a broken, hole-y DRM/anti-privacy schema, accepted by only a few and generally looked on with suspicion, being developed with no profits in the near future to -- that, they're porting to Linux.
Uh.... HUH.
AHHHHHHH! I'm burning with goodness again!
- Reakk, Sluggy Freelance
I'm certainly Ready-to-Run away from it.
For companies that already have passport for certain things, you can setup a secure, fast, *nix server, and allow the few half-wits that use passport to authenticate. How many people got excited by the prospect of being able to do groupware, email, and calendar funtions like Exchange, but without using an Exchange server? This could be the same thing; a way for *nix admins to use their current systems, and support their users who choose to use this thing.
Overrated / Underrated : Moderation
Interesting how such a limited platform list is provided for servers. What about Mandrake, SuSE, et. al.? With canned commercial support, what of potential customers that want to use a different HTTP server, different patches, different languages/tools, etc.?
You also note that there is no mention of support for developing client software under the *nix platforms. It's yet another way to lock in the desktop as Microsoft-only, much as many of their "servers" already do.
I do not fail; I succeed at finding out what does not work.
If you don't want to use it - don't install it. If it's installed - turn it off.
(I also encourage people not to use Passport in my academic capacity - and I tell them why).
I fail to see why MS is providng ports to platforms where the user base is so hostile to the concept of the massively insecure single sign-in
It's not you: I'm just this horrifically socially awkward with everybody.
For instance, the unix utils (a2ps to top) are included in a distribution that costs $399.
Here is a blurb from their site:
Ready-to-Run provides you with software ready-to-run immediately for much less than what you would pay to acquire the same software in non-executable source form from a bulletin board. And only for a fraction of what you would pay for most of the commercial software available!
So, are they charging for service (giving us the freedom to redistribute?) Anyone knows the answers? Would M$FT's system be really free (as in speech?) S
chroot() jail
A computer without Microsoft is like ice cream without ketchup.
The passport client is a web browser. Works great in any mozila powered browser on any operating system, including Windows, Linux, AIX or whatever.
"XML is like violence. If it doesn't solve your problem, use more." - Anonymous Coward
the whole i want to be a better bank then the banks (ie take a little bit of money for each transaction / authentication or whatever) works out. If it does work out then the whole software development thing that Microsoft does will seem pretty unimportant MS wont care if you are running win or lin or whatever... MS will be raking it in anyhow and will no longer have to maintain a big pile 'o code known as an operating system.
Of course if it doesn't work out then they will be glad that they didnt port anything else and help linux gain popularity and market share at the expense of windows.
Comment removed based on user account deletion
First of all, everyone is gonna love Microsoft for porting its great universal authentication solution to the *nices platforms, making it more universal. Big *NIX companies will buy the software and will offer Passport support to their clients. Then, after a couple of (outdated) versions, specifications will change without previous notice and the implementation will be worthless, the performance will go much below that the native winXX version, big companies customers will start bitching around about lack of support and functionality, and the final response from M$ to big compianies will be 'our passport system was created to work from the ground up on the .NET framework, which uses native winXX functions not available in any other working environment, thus we cannot guarantee the correct behaviour on other platforms'.
End result: big company will migrate its *NIX servers to M$ platforms, and big company customers opinion about how *nix sucks, and how far winXX is superior at accomplishing the same tasks.
Don't you see it's all but just a FUD game the M$ people is trying to play with you?
Articulos para gente geek: Poleras, linux, libros y mas
(*) 1 month :-)
(*) 6 months
(*) 1 year
(*) 2 years
(*) Never
(*) Coyboy Neal passport rules
A properly set up centralized security server does nothing but run the authentication services and possibly the authorization services. It should not be running other services such as NFS, print services, HTTP servers, etc.
That is not to say that different applications can't use secondary passwords to authorize certain facilities, or to mandate a seperate security ticket for the duration of a special session (e.g. starting an admin tool to add new users to the application's authorization set, or changing their authorization lists.)
Many authentication and authorization services also support facilities like session limits (the place I work at right now only allows each id to be used for a single client station at a time; development and support staff are a special case.)
Centralizing security also means that you only have to deal with hardening one set of authentication servers (gotta have redundant server clusters in a large environment for something this critical!) When patches are needed, you know they've been applied because you don't have to run around to all the application, data, and web server systems. Some application/web servers might break if they aren't patched to work with the updated security server, but that is a good thing -- you don't want outdated clients being authenticated when they're running software that has known security issues.
However, there are far better products out there that aren't limited to Microsoft clients. Tools like Kerberos, Verisign products, Netware, etc. I just cannot fathom why anyone would voluntarily limit their options rather than just using a non-Microsoft product.
I do not fail; I succeed at finding out what does not work.
Liberty.
Why Passport?? *shudders*
HTTP/1.1 400
i don't think it would be very difficult to install the passport implementation on any other distribution. essentially RH doesn't differ that much from other "modern" distributions.
;-)
the problem is of course certification. if passport is only certified to work on RH linux, other distributions might be able to run it, but only passport servers running on RH linux will be accepted as being valid passport servers. just a thought...
maybe it's a smart move by MS to allow only passport on one specific linux vendor. suppose passport becomes the primary way to identify yourself on the net (*shiver*), it will enable MS to use their embrace & strangle policy on RH, effectively killing "commercial linux".
maybe they're just being ignorant though, thinking RH = linux. an often made mistake
It just goes to show, if you cannot beat them; blur, subvert, entagle, go to bed with, and later on take a knife to their neck. This is one good way to get their roots into an otherwise concreate group who seem to stand firmly on open source. Heck, making Internet Explorer free (as in cost) utterly destroyed Netscape in the end, and now free (as in freedom) software is starting to destroy Microsoft. Kinda Ironic huh? Well it won't be so easy on this side of the camp for them to subvert. We can see it coming, and if Microsoft is so anti Finux, then why have a company contribute to that very same agenda they are scared of? Is this an "embrace, and exploite" method we have not seen before? Who knows, maybee MS will write their own Finux distro in the end! har... har..
It isn't a lie if you belive it.
What is the purpose of this? Do they really expect people who do not use IIS to use Passport? To what purpose? Think!
The fact that you have this thought is why you will never be a competition for Microsoft (that and I'm guessing a 100 billion dollar income difference) but seriously. Wether you use IIS or Apache is irrelevant to passport users. They don't CARE. If they signed up for passport they think that you OWE them passport support. You can say "screw those end (L)users if you want, but they are a revenue stream and that is not considered "Best practices"
Microsoft knows that by giving Linux/Unix users passport (which is probably shunned by everyone with a 'nix desktop they are catering to WINDOWS desktop users. Think about it, they are using Linux admins to cater to their clientele in the name of being 'open source' friendly.
However, amidst the dust and noise of the current storm of PR, spin, ads, and FUD, they are also dropping support for several key products like NT 4, Exchange 5.5 and Win2000 pro now and in the near future. At least when Cisco is hurting, their sales team treats for lunch. Or when McDonalds jacks up the price of a coke, they run a sale on the burgers.
Microsoft appears to have been circling the ol' financial drain for some time, with shaky bookkeeping, shrinking markets, and admissions that their products cannot compete on technical merits. Perhaps this last week's media blitz is a sign that the execs have offloaded enough of their stock options for us to hear that last *glunk* and see MSFT along side EOG.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
and customers that don't understand their technology or options.
honestly, u can use ldap with pam and smb for win authentication that will work across windoze and *nix. i love ldap and it's amazing how once company just kinda doesn't wanna push something that's a standard in light of their own crap.
it's too bad. but this is typical and unfortunately only the companies and groups that really 'get it' will ever implement things the 'right' way. this is true with probably every software solution.
i can see those guys at that company thinking this is a great idea, but it's not. bad ideas should be shot down and buried. passport has numerous problems and needs to be put in a hole.
of course, like everything m$, they won't bury it. they'll keep bolting on to it until people give in or roll it into something else (read: sneak it in the back door).
apt-get install pam-passport clippy ntkernel msdllmgr mslicmgr msautopay msextraviruses mssolitaire
I so look forward to being able to read those Word attachments management keeps sending me!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I know they exist, I installed them on day 1.
The updates fell out of step with the IIS versions.
And so many things didn't work compared to the IIS version that we dropped the whole 'we host frontpage' idea because it was too much time in support explaining the differences to frontpage users who, quite reasonably, just wanted it to work like it says in the instructions.
And then you still have "why don't my database controls work" to contend with.
fp on Unix was a poisoned chalice as far as we were concerned.
Poison on IIS too but that's another story!
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
...please forgive my pseudo-rambling, It's going on 24hrs since I last slept ;p doh! ...
...and don't give me that crap about "nobody is buying X-Box systems". You're right, nobody is buying them. That's not the point. If MS was worried about sales, they wouldn't be giving away litterally hundres, if not thousands of consoles regularly. Pepsi shortly ends yet another "500 free X-Boxes" promotions this month. Who as ever heard of a console manufacture regularly givining away thousands of systems as much as a year after launch? MS only cares about
Look, the primary reason for passport logins is in order to attract customers. PERIOD. If MS can offer passport security (sic) login support across nearly all commonly used platforms, then they can potentially approach a company with large volume customer interaction such as AT&T, FedEx, etc... or even our Government and use the sell line of "XX% of the US internet population has access to Passport, and XX% of internet users already have accounts created, reducing your sign-up/registration headaches. We would like to offer you this secure (sic), unified login solution for your customers as a convienence to both you and them. We can even integrate all of your customer service functions into this login for you as part of your initial installation! We'll even support your internal *nix environment so that you don't have to change servers (!for now!)."
So, then say, FedEx says hey, that sounds great, we can integrate everything into this, and it looks like everyone already has a Passport account, and there's no change in equipment on our end, and wow this will really make it easier for our customers to login and issue shipments, track shipments... We'll take it.
Microsoft never abandons a product, period, they just repurpose it a few years later. The MSN network never died, MS is just trying to co-op the internet under their wing. They want all data to come through them so they can get on with the subcription model they have been trying to migrate to since 1995. Passport has one primary purpose, it is the login mechanism of MSN, and the leverage to get companies to chanel data through MSN, which get's more customers, then more companies, etc...
Once MS has "critical mass" on Passport, they can leverage it even harder as part of their DRM initiatives. This isn't to control what you see and here per se. Remember, MS is about one and only one thing, maximizing the profit of the shareholders. PERIOD. If every piece of data has to pass through a piece of MS technology, even a nominal toll of cents becomes a tremendous amount of money.
What do you think the X-Box is all about. It is about marginalizing the PC. Just wait till next year when the data/streaming formats that are only X-Box compatible, or X-Box first start to role out. Just wait until you can subscribe to Office on your X-Box variant... Not only does this completely elimiate anti-trust issues due to the large volume of established law supporting the rights of hardware manufactures to control the content on their systems. The consolidation of all of these technologies over the next couple of years will give MS even more leverage in pushing their protocols to prospective clients... thus feeding the loop.
DRM components on a PC may or may not ever happen, but I believe the whole discussion will be mute in a number of years anyways...
Second point, so what? Passport has practically zero penetration, even less since the screwed over doristheflorist.com and removed the Wallet functionality (for being unnecessary bloat). Now don't me wrong, I'm sure MS will push Passport until it gets bigger and better, but at the moment that isn't an issue.
Final point, digital identity is a good idea, and the world will be an easier and more secure place for those who want it to be when we can have digital identities. So, what are we doing about it?
The PingID project is developing an open royalty free set of protocols, with an open source (though unfortunately non-free) reference implementation of the server. This will be something you can download and install onto your server for free, that will then let you sign in to various accounts that support the protocols, manage your personal document store and any authorizations you have given out (at least, in the beginning). The url is pingid.org but I'm not linking to it, because we're going to be putting up a new site that more accurately reflects the new open source nature of the project in like 3 or 4 days, so I don't want people to go look and go "huh, he was talking out of his ass". Code for v0.1 will be coming in a few weeks hopefully, I get paid to hack on it part time. Join the mailing lists to help out and track its progress. So far, this is really the only open answer to digital identity we've found, so I'm pretty glad I'm a part of it :)
slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
Look folks ... it's all well and good to dis passport (and I'm with you in hating it), but if no one comes up with something else that will work, this battle will be lost. Where are the comparable alternatives to passport? (I'm sure they exist, but I'm not familiar with them.)
"He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
Really, it's the OS that we don't want Microsoft controlling right?
If this is a move on their part to start supporting Linux as a "valid" operating system, and start developing applications for it, I'm not upset with that one bit.
You can "OpenOffice" all you want, but personally, I *do* like Microsoft Word. And I like Outlook. If they started making these applications available in full form to Linux, I would run them.
Personally, I think that down the road sometime (probably not very soon) Microsoft will be developing real products for alternate operating systems. On one hand, they want everyone to use Windows. On the other hand, there is a growing amount of users switching to alternate systems, and Microsoft would love to sell you software. At some point, unless something goes horribly wrong with Linux, the community won't be able to be ignored.
Ahh well. Who cares what I think anyways.
- It's not the Macs I hate. It's Digg users. -
Why did Microsoft _pay_ a company to port Passport to _some_ operating systems?
:
They'd better
- Release the source code and the protocol description, so that anyone can freely create Passport compatible software for every operating system.
- Keep their cash for marketing, so that people understand what Passport could bring.
{{.sig}}
They could have simply released the specs for passport without any NDA or other stings attached.
If anyone wanted passport on apache they coulde easily implement it themselves as OpenSource.
What we are getting is a closed source product. We can't fix any fault's (security or other), we can't examine the code to make sure it's secure and we can't trust a fix to be available if it is
Now tell us why we should be happy
- We are the slashdot. Resistance is futile. Prepare to be moderated -
Sorry, couldnt resist, carry on about your business folks, nothing to see here.
"See, we plan ahead! That way, we never have to do anything now."
They're not porting it to XENIX? This is an outrage!
-- Ed Avis ed@membled.com
Much as I would like to believe this, I haven't seen any public signs that they are hurting. Could this be true? The decision in India has to be a big blow to them, I wonder just how bad the international numbers are at this point. I know they are always trying to spread out their income and losses, but if things really are bad, at some point they will have to take a loss. Any predictions on when this might happen?
What is EOG?
With apologies to Dr "Suse", to the tune of "Green Eggs and Ham".
Linux can. Linux can .Use Linux
That Linux can! That Linux can! I do not like that Linux can!
Do you like open sourcing plan?
I do not like that Linux can. I do not like the open sourcing plan.
Would you like to free source share?
I would not like to free source share. I would not like it anywhere. I do not like open sourcing plan. I do not like that Linux can.
Would you like it very stable? Would you like it to enable?
I do not like it very stable. I do not like it to enable. I do not like to free source share. I do not like it anywhere. I do not like the open sourcing plan. I do not like that Linux can.
Would you use it in a X-Box? Would you use it if it ROCKS?
Not on X-box. Not if it rocks. Not if very stable. Not to enable. I would not let them free source share. I would not let them anywhere. I would not allow open sourcing plan. I do not like that Linux can.
Would you? Could you? In your biz? Use it! Use it! Here it is.
I would not, could not, in our biz.
You may like it. You will see. You may like it if it's free!
I would not, could not if it's free. Not in our biz! It should never be!
I do not like it on the X-box. I do not like it that it rocks. I do not like it amongst our biz. I do not like it that it is. I do not like they free source share. I do not like that anywhere. I do not like that Linux can. I do not like you Linux man!
service! service! service! service! Could you, would you, as a service?
Not as a service! Not if it's free! Not in my biz! Man! Let not it be! I would not, could not, on a X-box. I could not, would not, if it rocks. I will not use it if its stable. I will not use it even to enable. I will not let them free source share. I will not let them anywhere. I do not like open sourcing plan. I do not like that Linux can.
Say! if in copyleft? always free copyleft! Would you, could you, copyleft?
I would not, could not, in copyleft.
Would you, could you, why so nervous?
I would not, could not, I'm NOT nervous. Not as copyleft. Not as a service. Not in my biz. Not if it's free. I do not like that it can, you see. Not if it's stable. Not on X-box. Not to enable. Not if it rocks. I will not let them free source share. I do not like it anywhere!
You do not like open sourcing plan?
I do not like that Linux can.
Could you, would you use what we wrote?
I would not, could not, use what you wrote!
Would you, could you, to avoid your bloat?
I could not, would not, avoid bloat. I will not, will not, use what you wrote. I will not compete with them as a service. I will not because it makes us nervous. Not in our biz! Not if it's free! Not if it is! You let me be! I do not like it on the X-Box. I do not like it that it Rocks. I will not use it if it's stable. I do not like that it does enable. I do not like they free source share. I do not like it ANYWHERE I do not like open sourcing plan!I do not like that, Linux can.
You do not like it. So you say. Try it! Try it! And you may. Try it and you may, I say.
Man! If you will let me be, I will try it. You will see.
Say! I like open sourcing plan! I do! I like that, Linux can! And I would use it because it's stable. And I could use it to enable...
And I could charge for providing a service. And I could copyleft without being nervous. And in my biz. And still source free. For you can still charge for a service fee!
So I will use it on the networked X-box. And I will promote it because it ROCKS. And I will use it because it's stable. And I will use it to enable.
And I will use it here and there. Say! I can use it ANYWHERE!
I do so like open sourcing plan! Thank you! Thank you, Linux man!
By The Cat with the RedHat
Everybody please avoid Passport for *nix when it comes out - they are in all likelihood doing the exact same thing. They will abandon you as soon as they get what they want (i.e., a monopoly position).
-----
Free P2P Backup, Windows & Linux
This is a problem with a lot of so-called Open Source projects (e.g. Java). Clearly it's not as bad as MS and the Pasport release, but in essense it is the same. If anyone at Sun is listening, you should pay close attention to this. Give it away under GPL or equivalent terms, and you will be richly rewarded.
Apple should listen too. They would not loose control of their own development programs by releasing under GPL. If external projects went further, they could take the changes in, and if they don't like them, they can keep up their own fork. Naturally, that would eventually mean Apple GUI environments on PC hardware and under Linux, but this would strenghen them, not weaken. Ok, so they have to get more competetive in hardware, but they should be able to keep an edge because with a more controlled hardware platform 'it just works' is easier to achieve. Think about how much easier it would be to get the company to spring for that Apple portable if most of the PCs are running an Apple desktop on Linux.
Note to GPL zealots, this is the kind of idea that promotes software freedom on its own merits, rather that with 'because it's right' arguments. Most people will not be swayed by your religious fervor, and in many cases it will just turn them off.
> Remember, MS is about one and only one thing,
> maximizing the profit of the shareholders. PERIOD.
>
Whoa whoa whoa there cheif! I hate to point this out, but you're wrong. Seriously. I know we all have the little capitialist mantra in our heads about profit. However, MS has constantly and routinely screwed their shareholders out of divedens they rightly deserve. The majority stock holders aren't interested in giving anything back and sharing their gains with the rest. Instead, any and all profit goes to continue lining their 40 billion dollar treasure chest. At this point, MS could buy and sell the world if they'd like - hell, they could stop wars, yet they're to frugal to give a penny back to their investors. And this is the REAL reason why MS will be in the very bottom of hell -- Malice toward benifactors.
Democrats and Republicans only disagree about how to enslave you
A more interesting question is what you *can* learn from looking at their code. Probably a lot of negative examples with some evidence of a few talented coders who left their mark. I suppose they try to prevent people who have seen the code from saying anything qualitative about it, but I don't imagine that this could be binding. Anyone 'in the know' that can comment, or at least say why you can't comment?
I think that's a bit too much conspiring for M$, that said, you did strike a chord in me.
.NET Enterprise 2006 Featuring ApacheM$. I think I'd do it if I were them.
What if M$ was planning on shipping Apache on win32? It wouldn't be a bad move for microsoft. They get a stable code-base to work from, get to make any proprietary extensions they want, get all their own modules running on it (running better under their own version than on the open versions, of course) and BAM! Ship Windows
put the what in the where?
I used to work for them a couple of years ago as an intern- and am still friends with many of them. They're a great small company- I loved working there over all the other places I've worked since then.
They're good folks- diehard unix people(the president, Jeff, is one of the most experienced unix people I've ever met) who have been, for years, making various open-source software easier to install/use, backing the packages with support, and folding changes back into the community. They've been doing this since the very early 1990's.
One could argue that RTR helped, in a major way, bring open source software into the corporate world. Not with Linux- but with all the commercial unixes. Solaris. HPUX. AIX. Irix. etc.
Their ReadyPaks, at the time, were practically revolutionary- with one command you pulled a full installer off a tape, installer asked you a whole bunch of questions, and boom, you got a working installation. It was exactly what many large companies were looking for- open-source software fixed up, given a good installer, and a commercial company to stand behind it for support.
Whereas you'll see other people talking about how to bring free software to the business world- RTR has been doing it for over 10 years.
So if you're going to grumble about a company- please don't grumble about RTR. Much of the open source GNU packages you use today, especially on the non-free unixes, work better(or at all) on those platforms in part due to RTR.
That said, they are a very small company, folks- please use google caches and stuff to keep from swamping their line/webserver....
MS's release of technical information and source (even, as was mentioned recently, on demand from the courts) *is* a joke, as you've pointed out -- it pretty much is a legal ploy to entangle people in legal barriers preventing from them from working on competition.
:-)
But, let's also be fair here. This is *Microsoft* and *Slashdot* we're talking about. If Microsoft BSD-licensed Windows and released the source, there'd be a ton of people on here talking about how it was an attempt to crush Free Software by making BSD licensing more popular than the GPL.
May we never see th
Just a quick look at the PingID website tells me that this idea is pretty far along, but I don't think many people are aware of it yet. I have a lot of questions that probably could be answered by further reading at the website, but maybe it would be worthwhile to give an executive summary. Better would be a /. article just on PingID with a link to the executive summary. The picture is pretty good, but I also want to know where the infrastructure needs to be to support this, and how you are doing in getting it widely adopted (i.e. if servers don't support it, what good does it do to have the choice for my favorite clients).
But that is precisely the kind of problem I'm concerned about. When you are dealing with any sort of security services, you do not want server patches held off because of a package dependancy that you have no way to work around. Some of the patches that don't get along with ASE 12.5 are rather important security patches, for example.
I do not fail; I succeed at finding out what does not work.
I know Passport is irrelevant as far as the browser client sees (it's all buried in tickets/cookies), but I'm talking about "thick" client applications. You log in to Passport on a WinXX box once because it is shared by all applications through Microsoft internals. Using HTTP over SSL from a client would not allow that shared authentication behavior because the information is not shared by the clients in any standard fashion.
That also means that if you have different browsers started, you need to log in for each one seperately, which negates one of the key points of a single-login facility.
I do not fail; I succeed at finding out what does not work.
I'd rather live in a world without Microsoft Office (with all that that entails of .doc-files and other horrors) than a world without Microsoft Windows. The OS is just one piece of the computer experience. Someone running XP at home? That doesn't hurt me, happily using GNU/Linux. Microsoft controlling password servers and document formats? That does hurt me.
You become "tainted" and MS may well sue you if you work on a conceptually related project.
I did some digging on the ms shared source license, and couldn't find much. As much as I appreciate the anec(Slash)dotal evidence, I would like to actually read the damn license and find out how bad the tainting provision is.
I did find the Rotor shared-source CLI license, and it seems relatively benign. But that's not the Windows XP shared-source license. It looks like you have to contact by hand someone at an office if you want to even see the conditions of the license. Anyone have a copy, want to post it?
The fact that they've released a product to new, competing platforms is not a good thing.
I see three possible reasons:
First, they could be extremely desperate to keep a presence on a minimum percentage of the market. This is bad, since that makes them a cornered animal.
Second, they may be desparate to keep that product available for competing platforms. Considering the product, and the nature of Passport, I see it as a potential offense against privacy and, down the road, fair use.
Third, they may be trying to force people to switch to Microsoft products, via making a service a de-facto standard, then dropping all support for that service for any platform they don't have financial interest in. Apache FP extensions is a good example.
(Frankly, I see the idea that one entity controls both software and a kernel as a conflict of interest.)
What's this Submit thingy do?
And since Joe Admin is stuck with one version of a given library, he may also be stuck with some very serious security holes that come with those libraries.
Example: Let's say malloc() (or free()...not sure which) is discovered to not erase a certain-sized block of memory when one program releases it and another program takes it.
If Microsoft were to dynamicly (or staticly) link specifically to that specific version of glibc, and not release an update, then they'd be technically correct in saying "Most Linux servers offering Microsoft-invented services have dangerous security flaws embedded in them. Why not switch to the source?" in an ad campaign.
Sure, it'd be slander, but who's to defend?
Who can take legal retribution for slander against Linux?
What's this Submit thingy do?
All that's left is for WineX to run AC2, and I'll never have to boot into Windows again!
I mod down anyone who uses M$ in their posts. I like to live on the edge.
Microsoft never abandons a product, period, they just repurpose it a few years later.
I'm waitng for the next iteration of MS Bob. Do you think it might be the next security interface?
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
I thought apache could use a large security hole.
Great! Now there will be even more platform on which I can ignore this stupid technology.
Heh. As soon as they do I'll be a Slackware user again.
CUR ALLOC 20195.....5804M
Damn! I saw a beta of this on kazaa last week, but thought it was fake.
Nice troll. Plausible all through, except for this part:
And as we all now, key lengths are selected so that it would take about 1,000,000,000 years to "just factor" that number with "any microcomputer".
Try again :-)
I choose to remain celibate, like my father and his father before him.
How can I get the importance of one-way hashing at the security services database through to you? It is a technology that does not actually store your password on the server at all! Instead, it relies on using your password as a seed value to other information unique to the server to produce a hash value. Only that hash value is stored on disk.
The algorithms used for one way hashing on security servers combine the user's password, a security server seed, and potentially other seeds to produce the value stored to disk. Even if you swipe the "password file" from the security servers, you lack the seeds necessary to even try a brute force attack to produce the key. Because multiple passwords will hash down to the same value, the only way to even know you have "the" password is if you have multiple databases being crunched (you cannot restore the same security data files to a server that is configured with a different seed.)
You also need to read up on what terms like "trusted client" means in the realm of computer security. Generally, it means that the client resides in a physically secure environment where it is guaranteed to be maintained, such as in a corporate data server subnet.
Where you are at risk with centralized authentication services is poorly implemented and maintained security servers. This is not a task managed by a typical sysadmin nor by an MCSE. Why did you think security infrastructure specialists are so damned expensive, even in the post-dot-bomb era? (No, I am not such a specialist, but I learned most of what I know about the topic from people who are security/cryptography specialists. They start talking in set/pattern/probability mathematics that make my head hurt, which is why I never went into that specialty.)
I do not fail; I succeed at finding out what does not work.
The problems that occur with the developere edition do not occur with the commercial or demo versions. It is a weirdity of the developer build, and I don't want to give people the idea that there is a generic problem with Sybase 12.5. This is a very special case problem and they are working on a resolution.
I do not fail; I succeed at finding out what does not work.
All of the Linux browsers out there have a password manager, with the possible exception of Lynx or Opera.
Can somebody tell me why I need .NET passport, especially when it strikes me as a security hole I could pilot the Starship Enterprise through sideways and not hit the edge?
This sig no verb.
We have to continously keep in mind that all of our hard work is for one target: The end user
Wrong. The end user is not the primary target and in all actuality hardly a concern at all I would imagine. I, as I assume others do, make software for myself. Should you find it interesting and wish to help, by all means do so. Don't agree with my vision, it's gpl'd so make your own fork. I am really not concerned with catering to the babbling, drooling masses who "don't get it". I think another poster put it best:
As for the mythical computer-illiterate, eye-candy-thirsty, studpid end user, I don't care about him/her. Let them burn in hell!
And I second that, may we all burn in hell
You are entitled to misunderstanding what security servers are, how redundancy prevents the issues you raise, and how large scale systems are secured.
I can only hope that your clients listen to more knowledgeable sources than you before they make decisions. While smaller environments might not be able to justify the expense of full security servers, they should do so with full information about the risks they incur by doing so.
In the meantime, please get your brain off that "single point of failure" focus. That is what distributed security services and authentication databases are designed to prevent. Go over to IBM's web site and read some redbooks on Kerberos architectures and DCE, think about what they are saying, and I think you will eventually realize that your concerns have been addressed for well over a decade.
You might also be thinking that I am advocating a web-wide security service, such as Microsoft tried to force on everyone. If so, your assumption is incorrect -- no one company should have that kind of power and responsibility.
I do not fail; I succeed at finding out what does not work.
First off they've grown through acquisition rather than innovation. That business model pretty much guarantees that they'll drop like a stone after their zenith. Additionally, their income follows a few quarters behind the hardware manufacturers which have not yet bottomed out.
Since they turned an $18 bn loss in 1998, they've been found guilty of breaking federal law, specifically by violating the Sherman Antitrust Act. On the side, they admitted to and removed at least one backdoor in their relseased binaries, and without a code audit there is no way to confirm or deny the precense or absence of more. Even if a government or large enough consortium of corporations were to pay a code audit , the existing code meets neither privacy nor security requirements needed inside the U.S. Outside the U.S., specifically in Europe, privacy standards are much higher and there is not much chance that these problems will be addressed in the near future. These are the result of design flaws not typos. Patches can't fix this, only a rewrite can.
So there's more to say regarding DRM, software subscription, further leveraging the desktop monopoly+DRM, undocumented APIs, OEM tricks, and last but not least perpetual lock-in from the MS-Word and MS-Excel file formats + DRM. So far, Germany, China, Peru, Venezuela, India, Norway, Finland, and others have expressed doubts as to the wisdom of trying such experimental technology, which of what little has been examined has been found wanting.
Also their desktop markets are saturated. In the office suite, MS-Word 2.0 for windows and MS-Word 5 for Macintosh were good enough. Folks grudgingly went along with the newer versions as long as times were good. The Windows product line has come to near its end - Win2000 is good enough and few customer have deep enough pockets nor are there enough big chumps to go for License 6.0 that sneaks in with WinXP. Macintosh OS X gives you most of the commercial desktop applications that you will need, plus you have the added stability and ease of maintenance.
In the server room, any one that can read English is sticking with one of the *NIXes.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.