ESR's Halloween XI -- Get the FUD

dave writes "In the newest Halloween Document (mirror), Eric Raymond analyzes Microsoft's 'Get The Facts' road show. The anti-Linux arguments they are using now -- and, even more, the arguments they're *not* using -- reveal how desperate Microsoft is getting. He explains why he thinks we need to focus more on government adoptions, and predicts serious ugliness during the next year."

The beauty of government adoption of open source

[tcopeland]

...is in the spinoff projects. For example, this open source Java memory profiler is a spinoff of the DARPA-supported COUGAAR agent framework.

And since both projects are hosted on a server running GForge, I can help improve GForge during working hours. Good times!

new name

[A_GREER]

In a quest for truth in advertising, it will now be called "Get the Spin"

As always

[swordboy]

Be sure to order your free evaluation kit. Lets slashdot this baby! It costs them a few bucks for every one. Get one for your mom!

Re:As always

[vk2]

No need to register.!!

Offer already expired.!! Don't waste your disposable email address.

From the linked page:
Offer good until June 1, 2004 or while supplies last.

Re:As always

[norculf]

You know if you use a real email address Microsoft might give you more free stuff in the future. No guarantees but it's happened before.

Re:As always

[greechneb]

I just ordered a copy yesterday, and I got a confirmation email saying it had shipped via 2nd day air. So they still had copies as of yesterday.

You're missing the point of gov't adoptions

[ShatteredDream]

If the DoD switches in near totality to OpenOffice, hundreds of corporations will switch too for the sake of compatability with their primary source of bread and butter. Microsoft is terrified at the idea of losing not just approximately 1-1.5 million defense desktops (not counting the other, smaller, departments) but the corporations that sell to them. A mass move to Linux, or better yet in 2 years, HaikuOS would be a disaster for Microsoft.

Re:You're missing the point of gov't adoptions

[The+Snowman]

If the DoD switches in near totality to OpenOffice, hundreds of corporations will switch too for the sake of compatability with their primary source of bread and butter. Microsoft is terrified at the idea of losing not just approximately 1-1.5 million defense desktops (not counting the other, smaller, departments) but the corporations that sell to them. A mass move to Linux, or better yet in 2 years, HaikuOS would be a disaster for Microsoft.

Good luck. The generals and admirals want their Exchange/Outlook combo and Active Directory. At least in the Air Force there is a huge push to make Outlook the standard with a truly global address book and all the stupid little "features" it adds that I just turn off because they are annoying. Sigh. This will be an uphill battle. I hope open source can make inroads into the U.S. government, especially the DOD, but it will be a battle fiercer than any we have fought.

Steve Ballmer spoke at a recent Air Force conference that I attended. He let us know that the U.S. Air Force is the single largest customer of Microsoft. Do you really think we can "just switch the whole DOD" that easily? The military/DOD is a huge customer for Microsoft and one they will not give up without an epic battle.

Re:You're missing the point of gov't adoptions

[Creepy+Crawler]

Exactly. Windows DOES NOT MATTER.

If the apps are the same acros platforms, the underlying doesnt matter, except for cost and stability.. Guess who wins out on that?

Re:You're missing the point of gov't adoptions

[lukewarmfusion]

Hopefully, OpenOffice will be accepted in major areas like that - because then it would help to polish up the software and close any gaps that might exist between OpenOffice and MSOffice.

Personally, I've been trying to switch but find little things that make it harder to do - incompatibilities with my clients, things that aren't as usable as I'd like, etc. Without getting too much into it, I just think that MSOffice has had the benefit of time (which has good and bad consequences).

Re:You're missing the point of gov't adoptions

[ldspartan]

imho, Outlook/Exchange's ability to handle meeting scheduling is a Big Freaking Deal. Of course, I'm just a college student working in IT, but I've never seen anything in the Free Software world that could compare to the power of Exchange for colloboration.

Am I wrong?

--
Phil

Re:You're missing the point of gov't adoptions

[southpolesammy]

Mass migration looms.
Big business senses problems,
Sticks finger in dike.

Re:You're missing the point of gov't adoptions

[Bob+of+Dole]

The military/DOD is a huge customer for Microsoft and one they will not give up without an epic battle.

Hopefully not literally.

Re:You're missing the point of gov't adoptions

[Creepy+Crawler]

Nice, but when govt has to pay 100$ per license in terms of thousands of computers, it starts to hurt budgets.

Knowing your baseline is now 0$ per OS (if you go with internal support.. who calls MS centers anyways), that gets you more customisation of your environment.

And the way Linux works, you can have a smart-card system of semi-dumb terminals that Sun employees have. And of couse, use the good ol' NSA Trusted Kernel, now in 2.6 verison of kernel by default.

Re:You're missing the point of gov't adoptions

[cayenne8]

"Good luck. The generals and admirals want their Exchange/Outlook combo and Active Directory. At least in the Air Force there is a huge push to make Outlook the standard with a truly global address book and all the stupid little "features" it adds that I just turn off because they are annoying. Sigh. This will be an uphill battle. I hope open source can make inroads into the U.S. government, especially the DOD, but it will be a battle fiercer than any we have fought."

Yup...and another problem I've seen first hand with this is NMCI.....the new Navy computer network forced down our throats by EDS. Aside from the cluster f*ck description of the system...it is near impossible to get any Open Source applications to be allowed on this network. It is locked down windoze....and you cannot run any programs/applications that are not approved. Trouble is...you have to be a company with $$'s to be able to submit your products for evaluation to NMCI for security tests...AND you have to pay for them yourself (the company does).

I fear this isn't quite much of an option for Linux and open source products in most cases.

It is getting harder and harder to keep the 'legacy' computer systems on our desks...that many admins actually have to use to connect to and admin our systems. Many have Linux as their OS of choice on these boxes....but, EDS is after blood to remove them....

Re:You're missing the point of gov't adoptions

You know what's Microsoft Achille's heal when it comes to DoD? IPv6 support! That's right.
The DoD mandates IPv6 since Oct. 2003 as they're going to switch their whole network to IPv6 between now and 2008. It is critical to them.
Now, Windows XP SP1 and Windows server 2003 both have IPv6, but it's not a proper dual stack implementation since an IPv6 socket can't connect to (or accept connections from) an IPv4 host. Which means porting Windows Apps to IPv6 is a total nightmare (unless they're written in Java of course, but that's another story).
Microsoft claims that they're going to have proper dual stack in Longhorn, but they've said that before so can you trust them on that? Also, won't that break compatibility with applications written for the current implementation?

Keep pressing that IPv6 button and you'll be amazed how weak MSFT story will become....

Re:You're missing the point of gov't adoptions

[Kiryat+Malachi]

If you have thousands of computers, your cost per license is *not* $100 for Windows.

My best guess is that the US gov't pays less than $25 per license. Probably around $10. The actual number depends on where the purchasing happens - the higher the level of purchasing, the higher the volume, the lower the per-license that can be negotiated. Also, remember that its the government, which means they likely receive a discount for that as well.

Re:You're missing the point of gov't adoptions

[Creepy+Crawler]

My god, you sound sooo much like a MS report shill.. Please, I'll enlighten you.

---You're leaving out the cost of additional internal support. You're forgetting that customization of your environment leads to additional hassles applying patches and upgrades. Finally, you're forgetting that switching hardware costs money.

Hmm, switching to Linux requires no hardware changes (except for some wacky modems and weird stuff). It runs on mnay more platforms than Windows EVER ran on (thinking of old Mips, Alpha, X86, hmmm days, forget that last one).

---Ask yourself this: On how many thousands of computers would I have to save $100 per license to pay for a small team of programmers with secret or better security clearances for three years? If you figure a small team is 5-6 programmers, it works out to around 20,000 computers.

You assume programmers. Oh, and I manage all my computers from a nice shell script. It updates them all at once, and can give basic commmandline prompt through ssh. And if you NEED clearance, you're doing megabucks of something. Might as well do it right anyways. You'll need those programmers on Windows OR Linux.

---On how many more thousands of computers would I have to save $100 per license to pay the additional sysadmins, QA, and help desk personnel? What about the project managers that coordinate all these efforts? What about the additional oversight and compliance officers that ensure all of these activities meet regulations and standards?

I can easily handle 5000 clients. Its the servers I tend to want more people on. Perhaps 1 person per 20 servers or so.. Depends how much uptime is worth. Im not quoting Windows numbers either.

----As you can see, it quickly gets to a point where using a free as in beer product and supporting yourself is more expensive than buying from a vendor and getting a support contract.

Funny. Now count how much downtime costs under windows. Now license costs. Now finding INTELLIGENT admins in the windows world (there's not many). There's a good chance if you hire a Linux admin, youre getting more intelligence, problem solving and generally more expertise.

----A small to medium size business may save some money, but once you grow past that, it just makes more sense to pay for support.

Yet more unfounded statements. Why not hire more intelligent people for IT staff. Yes, it costs more, but thats what IT is for... Reducing the amount of Downtime of network and services. IT is NOT for making money (unless youre a software dev)

Re:You're missing the point of gov't adoptions

[killjoe]

You talk as if exhchange and outlook were the only programs that do this.

Groupwise, notes, and oracle collaboration suite all have this capability and lots more. They even integrate with outlook for those generals who have trouble learning new software and tying their shoes.

As a bonus they all run on linux.

Why the US govt would patronize a corporation that it found guilty of predetory monopolistic practices is simply beyond me. Aren't there other corporations worthy of getting contracts from the US govt. Why is MS the little darling of the US govt while all other american companies are being snubbed?

Re:You're missing the point of gov't adoptions

[Kent+Recal]

So what is more dangerous.
Microsoft mindshare leaking into the DOD. Or the other way round?

Re:You're missing the point of gov't adoptions

[killjoe]

First of all it's not like the entire govt has one giant deal with MS. Each unit probably has their own contract. Secondly I don't know of any entity no matter how large paying $10.00. Thirdly MS has no real incentive to offer the US govt any kind of a discount because the US govt has already standardized on MS software and has no bargaining leverage.

Most likely they have a pretty high level select license which means they are paying somewhere around $40.00. They are also probably paying at least one full time equivalent employee to keeping in compliance. Once you add the overhead of accounting for all the "license points" it's probably back up to around $100.00.

Perfervid?

[burgburgburg]

Anyone who thinks I'm being perfervid

Main Entry: perfervid
Pronunciation: (")p&r-'f&r-v&d, 'p&r-
Function: adjective
Etymology: New Latin perfervidus, from Latin per- thoroughly + fervidus fervid
: marked by overwrought or exaggerated emotion : excessively fervent

Yes, that's exactly what I was going to say.

Re:Perfervid?

[NaugaHunter]

Why not? It's a perfectly cromulent word that embiggens his point.

Re:Perfervid?

[GPLDAN]

I thought I saw it on the front of an ATI video card box. "The Radeon is the best perfevid on the market!"

Re:Perfervid?

[cuzality]

Thought it was quite scrumtrilescent, myself.

Re:Say it ain't so!

[numbski]

"Free as in speech."

Linux IS free.

It's just not neccessarily "free as in beer". It may cost you some money, but you're free to do with it (to a degree) what you wish, so long as you contribute any changes back.

Over-simplified, sure. But go download the windows source code, add a few features to explorer (heck, squash some bugs and security flaws while you're in there), and re-release the source back out there with a Makefile.

Let's see how long until your pants are sued right off of your legs.

Too desperate

[KrisCowboy]

The "Get the Facts" series is one of the funniest things I've ever read, especially about linux. M$ is unable to digest the fact that more and more governments are going for F/OSS. With hardware becoming surprisingly cheaper(well, atleast for some governments), they are no longer willing to spend more money for software. Even some state governments are switching to linux. The time/money involved in training the staff to adopt to linux is better than sinking huge amounts into fighting viruses and frequent shutdowns.

Re:Too desperate

[goldspider]

OK, first of all, can we retire "M$" already? It's not clever anymore!!

To my main point, Microsoft isn't "afraid" or "desperate". Perhaps they've been a bit shallow on innovation of late, but they're not losing any significant market share. Most of these places that Slashdot often reports as "switching to Linux" are either switching from another *NIX, or are only considering Linux.

Microsoft may be running out of ideas (other than finding new ways to keep their stranglehold on the home PC user), but they are by no means desperate.

Re:Too desperate

[decipher_saint]

The time/money involved in training the staff to adopt to linux is better than sinking huge amounts into fighting viruses and frequent shutdowns.

You sir have never tried to train Gov't employees, I'd rather deal with the viruses...

On the other hand, if Governments (especially the United States Gov't) start using more OSS-based applications / operating systems there will probably be a marked increase in viruses / worms that affect those platforms. Well, other than infecting OSS with a mostly clueless user base.

P.S. I'm mostly joking about Gov't employees, there are quite a few adept Government people, but I'm sure even you guys know about the "lifers" who still pine for their typewriters...

Re:Too desperate

[IGnatius+T+Foobar]

The thing that's truly remarkable about non-US governments making the switch to Linux, is that they now consider independence from MS as an end in itself. Do you realize the implications of that? It means that they're thinking the way much of the existing Linux community does -- that even if Microsoft manages to fix the bugs in their software, even if they lower the price, even if they do all these things -- being locked-in to Microsoft is still a problem, and a problem that must be eliminated.

This is truly an important point.

Re:Too desperate

[jc42]

... they now consider independence from MS as an end in itself.

This isn't all that new a phenomenon. For some years, I've found that a simple way of ending most discussions of the subject with non-Americans (and some Americans ;-) is to ask "Do you want your data and communications controlled by a giant American corporation that doesn't have your interests at heart?" This cuts right to the heart of the matter, and often produces a quick change of topic.

Also, for much of the past couple years, I've been working on a project that amounts to getting a big European corporation (it doesn't much matter which one) from under the thumb of IBM. Several years ago, their management realized that their corporate data was in fact controlled by IBM, and they couldn't access it without IBM's cooperation. My job has amounted to "data raiding", extracting the data from their old computers by any means necessary and stuffing it into a flock of little linux (RedHat) boxes scattered around the Net. There has been much obstructionism in this task from IBM, whose people have been ordered to give us as little information about data formats as possible, consistent with their contracts of course. But they're losing the battle, because for their system to work at all, most of the data has to be exposed to the company and its customers at some point, and that's where we can intercept it and cache the information somewhere else. Thus, most customer information can be found by merely sending us a copy of the billing print files.

Much of our "sales" guys' argument is that we can't do to them what IBM did over the years. They have access to all the source, all the way down to the bottom. If they decide they don't like us, they can simply walk away from us, and they won't lose anything (except some capable consultants ;-).

One irony is that we've advised them a couple of times that IBM's linux workstations would in fact be very good machines for their purposes. But we also emphasize that ease of migration is important, and they should always be on the lookout for new suppliers.

You might think that there's another irony in the fact that this approach is being used by a group that is mostly Americans. But it's no irony at all, because many Americans are just as worried about IBM and Microsoft power. Any corporation with that much control over our information is a serious threat to society, regardless of where the borders may be drawn.

I just like to say "giant American corporation" to non-Americans because it gets the idea across better. There is a widespread perception in much of the world that the leaders in America have a very arrogant and possessive attitude towards the rest of the world. Many people view MS and IBM as much more threatening than a "local" corporation, irrational as such an attitude may be. But you can use this to get across the idea that they really should look at approaches that free them from domination by any such giant power center.

Re:Too desperate

[killjoe]

"I don't know about him/her, but I dislike it because it makes us look like shouty skiddies.."

You need not worry about that. Top level MS executives have called us terrorists, cancer, anti american, communists etc. Didn't seem to change peoples opinion of them much. They have lately taken to calling us thieves.

I think writing M$ pales in comparison to paying thinktanks to write deragetory articles or funding SCO to file lawsuits don't you?

Trust me "we" will never be able to match the vitriol MS (and their shills) spew every day.

Re:Halloween Documents?

[LO0G]

It appears that ESR has decided that instead of highlighting the memos behind the FUD that was the hallmark of the previous halloween analysises, he wants to go after the published FUD instead.

Personally I think while his points may be valid he just ruined the value of the Halloween series.

The Halloween series worked because it was criticism of real leaked Microsoft memos.

This so-called "Halloween" memo is just counter-fud.

Corrections in the ESR documents.

I just emailed ESR about the gross misreference to GNU/Linux as linux in his article.

Re:In case of slashdotting

Come on moderators, you moderated it to +4 without the server or the mirror showing any trouble. Don't make karma-whoring so easy!

We need more "freedom" emphasis

[bollow+(a)+NoLockIn]

Quote from the article:

Linux isn't free. Hello? If there is actually anyone still left on the planet who thinks the term free software was a good idea, I hope they're paying attention. Because what Microsoft is doing here is exploiting the old familiar gratis/libre ambiguity of the word free in yet another way. They're setting up for a claim that free software advocates are lying or deluded because Linux has a nonzero TCO. Therefore, goes the implication, you can't really trust them about that other freedom thing, can you?

Maybe we need a better / more effective / less easily confused way to talk about the "freedom" aspect. I'd be interested in constructive discussion of this. But there is a logical flaw in ESR's argument here. It's wrong to conclude that using the term "free software" is a bad idea just because MS tries to muddy the waters. MS may or may not succeed in making our current way of communicating the freedom aspect of Free Software less effective, but this is certainly not a reason to stop talking about "Free Foftware". Quite on the contrary, if after all their studying Microsoft is now trying to discredit the "freedom thing", isn't that an indication that emphasis on the freedom aspect is important, and should be increased rather than diminished!

Re:We need more "freedom" emphasis

[benhocking]

From the article:

Semantic warfare -- struggles over the meanings of words as proxies for political or market positions -- is just like other kinds of warfare; you want to fight it on the other guy's turf, not yours. Every minute we spend arguing with Microsoft flacks about what free means is a win for them and a lose for us.

From parent:

But there is a logical flaw in ESR's argument here. It's wrong to conclude that using the term "free software" is a bad idea just because MS tries to muddy the waters.

I don't believe that ESR is arguing that using the term "free software" is a bad idea, merely that we should be focusing on arguing how the term "shared source" is a misnomer, at least in the M$ case. I think their logic behind this is exquisite - the best defense is a good offense. Their arguments are so obviously flawed that we shouldn't focus on them, but rather focus on how bad their side of the story is. This automaticaaly makes the "free software" side of the story look that much better without re-iterating the M$ arguments at all.

Re:We need more "freedom" emphasis

[meganthom]

Personally, I think the ambiguity of the term "free software" may be a good thing. It really doesn't matter which definition of "free" runs through the mind of someone unfamiliar with open source software. Freedom has such a strong, positive connotation in our society that employing the adjective "free" to any product instantly makes it more attractive to us. Why would we want to change the wording just to avoid a desperate attack? Freedom: in my mind relating to both definitions:

"Live free or die"

"The best things in life are free"

If Microsoft wants to attack open source on the basis of semantics, that's all right with me. Certainly, we have better ways of supporting our cause than resorting to a vocabulary test.

Re:We need more "freedom" emphasis

[pete-classic]

Your beliefs aside, what ESR said was "If there is actually anyone still left on the planet who thinks the term free software was a good idea, I hope they're paying attention."

So I belive that ESR is arguing that the term Free Software is a bad idea. And I have a direct quote in support.

Did you notice that the grandparent gave this same quote?

-Peter

Re:The clueless userbase to propagates the worms.

[Creepy+Crawler]

Actually, Ive ran across 1 of them..

This "worm" was about 1 MB, self contained and ran quite fast.

The full intention of this worm was as an auto-hacker for linux machines. It used a IRC seession, DES encrypted and MD5 checksummed. Once 1 machine was infected, it would use a large library of exploits against other known linux machines (with use of nmap-like scans) and attempt to dupe it to others.

Ive been able to isolate it, but whatever the coders did with it, they made it into semi-encrypted spaghetti. Crashes damn near every debugger Ive tried. It's now a collection on one of my cd's now. "Strange and infectous stuf"

Re:The clueless userbase to propagates the worms.

[surreal-maitland]

true, but it may also be the case that linux is just more secure. we won't *really* know until linux acquires a large clueless userbase.

Apache runs on Windows

[ForsakenRegex]

I'm a bit surprised that ESR would point out the Apche vs. IIS differences when Microsoft could come back by pointing out you can always run Apache on Windows if you want to.

I'm sure MS would prefer you use IIS, but this seems an easily deflected statement. I'm positive that MS prefers you using Apache on Windows to you using Apache on Linux.

Re:Apache runs on Windows

[countach]

>I'm a bit surprised that ESR would point out the
>Apche vs. IIS differences when Microsoft could
>come back by pointing out you can always run
>Apache on Windows if you want to.

Irrelevant. The point is whether Open Source is a viable alternative or not. MS absolutely doesn't want you messing with Apache on any platform, because if all your apps are open source, you are no longer locked into Windows OS.

Re:Apache runs on Windows

[GileadGreene]

ESR was trying to show the contrast between open and closed development. It doesn't really matter what platform Apache runs on. What matters is that it is open, has a much larger market share than IIS, and is hacked less. That refutes Microsoft's attempts to paint open source software as inherently less secure.

Re:Apache runs on Windows

[swm]

I'm positive that MS prefers you using Apache on Windows to you using Apache on Linux.

Not necessarily.

If all your apps are portable across platforms, then the platform is reduced to a commodity, and you can choose the best one based on price/performance. This is not a place where Microsoft wants to be.

Microsoft would prefer that you didn't use Apache at all, but if you do use it, they might rather you ran it on a different platform, separated from Windows by an impenetrable wall of subtle but maddening incompatabilities (big-endian vs. little-endian, ASCII vs. EBCDIC, drive letters vs. mount points, findfirst/findnext vs. opendir/readdir, etc., etc.)

Hey, FUD-packer.

[numbski]

Let's pretend Linux DOES have that kind of userbase. You play the clueless user, I'll play the malicious h4xx0r.

I'm going to write up a painfullly malicious script that executes when you view an e-mail.

What, that's not possible? Okay...uh...

You're a pretty dumb user, and I'll name the file Brittney\ Spears\ Nekkid.jpg.sh.

So you double click the file, and it launches. You're a plain old user.

rm -rf /

Oops. Didn't work. Why not? No permissions.

rm -rf ~

Now that might, but I want to think that launching a shell script from an e-mail attachment has some sort of protections on linux. Right?

right?

Okay, so my argument is full of holes. Sue me. :P

Re:Hey, FUD-packer.

[Enry]

So what do the people start doing? Logging in as root. That's right, they will ignore the fact that we have users (like they do w/Windows, no one wants to be anything but the administrator) and they will run everything as root.

Uhm. OS X already does this. As a normal user, you don't have write access to larger parts of the filesystem. To install applications or update the system, you have to give a password, which is then sent to sudo.

Under Windows, there's no easy way to go from "joe user" to "super user", so everyone stays as "super user". Linux and OS X make it pretty easy for the user to upgrade their priveleges temporarily.

Re:Hey, FUD-packer.

[akedia]

Are you even aware how most Windows viruses work?

Most Windows viruses will just need to be executed by Joe Clueless Luser. Upon execution, they will exploit some aspect of Windows or Office or another userland program (such as an ActiveX exploit in Outlook Express, for example.) It can then gain superuser-level priveladges and do whatever destruction it wants to the system (remove core files, modify registry entries, install keyloggers, etc.)

Now, going back to your scenario, say we have Joe Clueless Luser in front of a Linux box, logged in as a regular system user. He opens your Brittney\ Spears\ Nekkid.jpg.sh e-mail attachment, which executes and runs a rootkit that exploits a local hole in GNU screen. Now the virus has root-level access to the system and begins wreaking havoc, installing ircds and backdoor FTP daemons. Now we're screwed.

As someone who is responsible for the security of several thousand computer systems every day (in a Windows/Linux/Solaris/Netware mixed environment), I can tell you that just protecting the users from their own stupidity is not going to keep you safe. Any hacker worth his or her salt will tell you that every system can be exploited and used to whatever potential you have in mind.

Re:Hey, FUD-packer.

[general_re]

Under Windows, there's no easy way to go from "joe user" to "super user"...

Sure there is, but few people take advantage of it or understand why it's a good idea - runas /user:user_name program_name, where user_name is the local administrator. Enter the password and away you go. If you have a proggy that you regularly need to run with admin privs, create a shortcut and pull up the properties sheet for the shortcut - check the box marked "Run as different user". Enter the username and pw when prompted, and away you go.

Anyway, the point is, people who are confused by this, who don't understand it and why it's not a good idea to not run as root all the time, they are not suddenly going to grok the mysteries of sudo when switching to some other OS. People who are clueless will not become clueful just by switching wallpapers on them - unless and until people are better educated in safe computing practices, nothing is really going to change.

Re:Hey, FUD-packer.

[Badanov]

Now, going back to your scenario, say we have Joe Clueless Luser in front of a Linux box, logged in as a regular system user. He opens your Brittney\ Spears\ Nekkid.jpg.sh e-mail attachment, which executes and runs a rootkit that exploits a local hole in GNU screen. Now the virus has root-level access to the system and begins wreaking havoc, installing ircds and backdoor FTP daemons. Now we're screwed.

You must be on crack.

How is this script going to launch if it is saved as read and write only as Linux/Unix OS's routinely handle such events? How is it going to initiate a daemon without being root? It can't execute, so it can't make a copy of itself: only the user can make that file executable and then any putative damage is restricted to the user's space, so it can't install, so it can't exploit anything.

And if you administer a Linux machine that permits users in your "Windows/Linux/Solaris/Netware" environment to allow scripts and executable to be set as executable automatically or casually as a user, you are a scary security administrator.

Yeesh

[Otter]

The first couple of "Halloween Documents" were genuinely interesting, but their value has been asymptotically approaching zero for a while, and this one (which has no original content and is basically Raymond's thoughts on something he read about on Slashdot) has now hit zero.

(Yeah, OK, that's probably not quite mathematically correct. Here's a proposition -- if you explain that zeta function story from last week, feel free to then go ahead and flame over "asymptotically".)

Re:Yeesh

[SuiteSisterMary]

Isn't it dishonest to use a title made famous by leaked internal memos to promote what is, when you get right down to it, a rant? Or, if you're being generous, an essay, maybe even a white paper?

M$ vs. Linux "Roadshow"

[BigBadBus]

A friend at work attended one of these Linux vs. M$ roadshows in the UK a few weeks back. These are the basic points:

The basic messages about selecting MS/Linux for a system are governed by the following:
- Don't change for the sake of it
- Take into account what your people know (e.g. Linux possibly better if you have lots of Unix people)
- Much of the cost saving of Linux over Unix comes from hardware - i.e. using Intel over mainframe/AIX/zSeries etc.
- OS/Platform is just a tool - choose the right one for the job
- MS/Linux TCO's are nearly always within 10% for most projects by the time all costs are accounted for (this was from an independent solutions provider)
- Don't just focus on TCO - look at ROI (return on investment)
- MS is pretty well zero-development (no code or scripting)
- The People and Processes are more important than the technical solution
- Check licensing model of any platform (will any Linux development become your IP, or will it be open)
- Linux still does not have a really good desktop and the office suites available are still lagging
- security issues such as virus updates and patch management are more of an administration issue than a platform one
- Easier porting J2EE->.Net than the other way round (i.e. MS ties you in worse!!!)

Re:M$ vs. Linux "Roadshow"

[Creepy+Crawler]

The basic messages about selecting MS/Linux for a system are governed by the following:

- Much of the cost saving of Linux over Unix comes from hardware - i.e. using Intel over mainframe/AIX/zSeries etc.

Wrong. Go buy a license for 100 mail users, or 50 MSSQL user licenses. OUCH. Now compare Postgres/MySQL or Sendmail/Qmail/god-knows-what-free-email-servers

- OS/Platform is just a tool - choose the right one for the job

Not quite. I get a bunch of apps with a linux install that windows doesnt see fit us have. Even compilers come free. Where's a free (stripped down) version of Visual Basic on Windows? You know, include a low VB 5 compiler for quick stuff..

- MS/Linux TCO's are nearly always within 10% for most projects by the time all costs are accounted for (this was from an independent solutions provider)

---As said by Independant firm who just got 50K from Microsoft.

- Don't just focus on TCO - look at ROI (return on investment)

Nope. ROI doesnt work in IT. IT is a loss leader to prevent bigger losses (downtime).

- MS is pretty well zero-development (no code or scripting)

Yep, and it it doesnt fit, you're screwed. Period.

- The People and Processes are more important than the technical solution

Ok, people are stupid. In Linux, you can people-proof more than you can in Windows. Easier to alias and block commands than it is to load some dumb "dont click here" windows program.

- Check licensing model of any platform (will any Linux development become your IP, or will it be open)

USING Linux is free with no strings attached. USING SOURCE code from GPL programs is where you get in trouble. However, using GCC to compile is fully legit.

- Linux still does not have a really good desktop and the office suites available are still lagging

Windows and everything teh sux0r. Face it, THIS IS AN OPINION. The statement is worthless.

- security issues such as virus updates and patch management are more of an administration issue than a platform one

They are? If I hear of root exploit, I take all harmed services down immediately, and patch one by one. I also give calls to the companies I work with. They agree that having a little bit of downtime is well worth the risk of not being auto-hacked.

- Easier porting J2EE->.Net than the other way round (i.e. MS ties you in worse!!!)

That's why you should use Java OR a server side program (who cares about OS then ;-)...

Re:M$ vs. Linux "Roadshow"

[Otter]

With the exception of "Check licensing model...", which is mostly FUD, that all seems rather sensible. Or am I missing something?

Re:M$ vs. Linux "Roadshow"

[Creepy+Crawler]

----Any company that relies on its employees to keep current with AntiVirus updates and patches is a fool. Hence such things MUST be an administration issue. The platform does not matter, patches etc still need to be applied.

Not quite. How about that small 4 person financial business... Are they suppsoed to know how to support their computers and network? Thats where I come in. I assess threats and judge how to exterminate them. And they dont want to buy new software every year, as it does cost a bunch. I can supply answers on how to avoid the upgrade merry-go-round.

----The bottom line? A computer is as secure as the person thats using/administering it, not matter what the O/S.

Wrong. Its only as secure as the admin admin'ning it AND the ceiling amount of security preseint on that platform. How do you turn off RPC on MS OS'es without killing the machine? I can turn off any service on Linux....

----I am NOT trying to spread Microsoft FUD; I am a linux advocate. I do believe, however, that linux advocates are going to have a shock when linux does reach 50% market penetration - yes viruses will be written, exploits will be used, people will install dumb shit on their computers and open the door for spyware. Linux is, after all, just another operating system. Its just as good as the person that secures it

I expect that too. Ive already seen XPI's for Mozilla that were trojans/spyware. However, if you can provide a clean way to reset (considering how easy it is for files to be overritten in Linux) like MS safe mode does, it's a lot easier on admin types. Or better yet, just pop a cd in the drive and let the system take cae of it for you. Stupid users have to be dealt with stupidly.

----A hell of a lot of people dont patch systems because doing so will break compatability between products. That mindset will still continue when working with linux and so systems will still go unpatched (along with other reasons such as under-funding, indifference, lack of time etc). I know this because my home gentoo box has a couple of vulnerabilities I need to sort out. But I havent.

Exactly.. Some cases happen where thats the case. However most programs that dont depend on certain kernel features WILL work almost regardles of environment. Ones that dont are statically compiled ;)

----I'm the kind of person that linux is going to have to deal with. I browse the web from root! Try explaining to your boss that, no, infact he cant do X because it violates the security policy, or that he has to change users to install stuff.

Ouch, you browse as root? Damn, go adduser and make an account ;P Just add a sudo entry for you (and of course, deny SU and sudo from unpriv'ed accounts). Wheel is on every other unix system... Too bad Linux'ers dont use it much.

They have done us a favour

[sheeny]

I firmly believe Microsoft have done us a favour.

"Windows vs Linux TCO..."

CIO, "Linux, what's Linux?"
Engineer, "Its that system I have been trying to tell you about that can save us time and money"
CIO, "Ok, tell me about it then"
10 Mins later...
"Ok do it, lets see how it goes."

End of Story. And even though the 'facts' are biased, lets hope most CIO's can consider both sides of the story:)

Re:WTF is FUD?

[lsoth]

Fear Uncertainty and Doubt

We're winning, people.

We're winning?

We're winning because MS isn't banging on about the same arguments year after year?

We're winning because MS is creating in the minds of the public a wide variety of flaws in the idea of open source?

We're winning because MS still has the same market share?

We're winning because we've driven out the smaller OS's without making a dent on MS?

We're winning because we still have ESR as our spokesperson?

Re:We're winning, people.

[Enry]

We're winning?

I think we are.

We're winning because MS isn't banging on about the same arguments year after year?

Sure. They're wasting resources trying to follow Linux. And refute what the project is about. And give massive discounts to companies that consider going to Linux. Any cut in revenue for MSFT I consider a good thing.

We're winning because MS is creating in the minds of the public a wide variety of flaws in the idea of open source?

Trying to. The simplistic reasoning that MSFT gives for not going to Linux can be easily refuted. I was given the "there's fewer viruses for Linux and MSFT because of usage". If that were the case, then Apache would have more vulnerabilities than IIS, right? Right??

We're winning because MS still has the same market share?

For desktops? Sure they do. Linux has a long way to go before it can pass the Non-tech-spouse test. For servers, that's harder to figure out. I can build one Linux box that handles e-mail while Windows needs 3 to do the same task. Does this mean that Windows has 3X the servers as Linux? Well yea, but what else does it say?

We're winning because we've driven out the smaller OS's without making a dent on MS?

No, but we've made other companies (Sun, IBM, SGI, HP) realize that they can either work with Linux to compete with MSFT, or go it alone. The UNIX wars showed that companies can't go it alone.

We're winning because we still have ESR as our spokesperson?

Ha. Uhm. Well. You got me there.

Re:The clueless userbase to propagates the worms.

[bob+dobalina]

Well spoken. The issue of "which platform is more stable, secure and usable" has less to do with the subtle genius of the design of linux and more to do with the fact that, currently, linux users are a self-selecting group of people who try to solve their own problems. If linux ever gets as popular as its proselytizers hope, they will have to deal with a whole new batch of users doing silly things, weakening security policies and allowing worm and virus writers a way in. Linux is not bugproof nor bulletproof, and certainly not foolproof.

I have to argue that, despite MS's other claims, I agree that TCO will be higher, primarily because most linux programs require a lot more user support than your average windows program, installed and patched with "software wizards". If you're a user installing openoffice and you don't have a certain library, or you have an outdated one, you're going to spend a lot of time learning about ldd and ldconfig. Personally I think the library linking issue is one of Linux's biggest achilles heels, despite a few relatively intelligent attempts to fix it.

I also think that the linux office products out there are simply substandard to Microsoft. That probably has to do with the fact that MS has been at that game for a long time. But nevertheless, linux office products like openoffice, while reasonable facsimiles, simply don't reach MS in terms of functionality and behavior. I spent four hours writing up a macro-enabled, data-validity-using spreadsheet for my company's linux users, while the identical spreadsheet in Excel took me about 45 minutes, and the linux version just didn't compare, and I'm not even a spreadsheet power user.

MS's dominance might be eroding, but it's not simply due to their being entrenched in the marketplace.

Microsoft are educating their users on our behalf

[epo001]

I was at the Edinburgh event last week and spoke to many Microsofties and to their corporate customers. The customers were quite cynical about Microsoft's motives but many of them said, in effect, they wouldn't have attended such an event if it hadn't been organised by Microsoft. Microsoft are panicing, time is on our side. Ed

Re:ESR, again.

[JohnTheFisherman]

What has ESR brought to the Open Source community?

Stunningly accurate predictions, like MS's monopoly collapsing in 2001, and Windows becoming obsolete when computer prices dipped below $350.

http://slashdot.org/article.pl?sid=00/12/13/2162 37 &mode=thread&tid=99
http://slashdot.org/article.p l?sid=02/02/28/132424 8&mode=thread&tid=163

He's got a knack for predicting the future. You can rest assured that MS really is getting *DESPERATE* now, especially now that they're obsolete and their monopoly had collapsed years ago. :)

Re:ESR, again.

[paul.dunne]

> Sorry there, but besides Fud, what has ESR brought to the Open
> Source community ?

Its name?

No.

[mfh]

> ...they weren't created for Linux (as it doesn't have the market share that Windows machines do) *and* because *currently* Linux doesn't have the clueless userbase that Windows does (I won't go into the discussion of management telling IT what to do and IT saying "yes sir" and not deploying patches).

No, you are wrong. The flawed security in Windows is a result of closed source. It has absolutely nothing to do with the knowledge level of the user base. Open Source means more eyes are fixed upon the project, following the bouncing ball, and that can only spell tight security for Open Source. Closed source has to compete with inner-office power struggles, funding diversions, corporate shenanigans, ad nauseum, and the user base remains clueless perhaps to how insecure their systems are, but that's not the point of it all. That's not why systems are being zombied. Spam, anyone?

Security is not compromised by the inept or idiotic, either, and any security system can be bypassed, so it must be about the will to do so, which *is* lacking in the Open Source community, for obvious reasons. Virus writers are actually intelligent people, with a wide variety of skills (read: m4dsk1llz), and they hate Microsoft, or they are bored, so they program destructively. There has to be something said about how corporations treat their programmers, in layoffs or forced overtime without pay, and this stress adds up to malicious rubuttals in the form of crushed company networks. Obviously not all viruses are written to get back at The Man, but many are. I may be an insensitive clod for pointing out how poorly us programmers are treated, but that truly is the reason malicious code is written -- because people simply don't like eachother, or they mistreat people who have a little knowledge and a lot of animosity piling up.

Re:No.

[The+Bungi]

That's just so fantastically bogus it's not even funny.

Even assuming that Linux is inherently safer than Windows (and I will not argue that point), you cannot just discount user stupidity like that and claim superiority because you think you can engineer a solution for it.

The current Windows worm du jour requires the user to open a ZIP archive and provide a password before extracting the executable.

A password.

If you think you're going to engineer away that with open source and still provide users with a decent computing experience, I have a bridge I'd like to sell you.

This whole "we're so much better than them because there are many eyes looking at the code blah blah" deal gets more tiresome every time I hear it. If it were true, open source software would have zero bugs. Zero vulnerabilities. It would be approaching 99% of perfection. And it's not. Aside from a few choice projects, it's not even beyond what commercial software provides.

I gotta wonder...

[foxtrot]

When you've got a market share that most companies in other sectors would kill for, you've got most of the Fortune 500 convinced they can't live without your product, and you make more money than you know what to do with-- I mean, you're Microsoft, fer cripe's sake-- how the heck do you get desperate?

-JDF

Re:I gotta wonder...

[Wyzard]

Simple: having all that, and realizing that it's all going to go away, and there's nothing you can do about it.

Microsoft survival

[nuggz]

MS can survive with Open Source. For all the bashing the slashdot crowd gives they aren't all that bad.

MS has made some nice stuff. They have some skilled people and good marketing. They just need to create value.

There have been some good things they have done.
MS Flight simulator, long history of an excellent product here.
Defined a standard window system, does anyone else remember back in the DOS days with a new GUI system for every app?
MS also did a good job with VB making it trivial to hack together a quick GUI app.

Um

[Requiem]

Can we stop giving a soapbox to a man who claims to channel Pan?

Until I realized, finally, belatedly, what had been happening to me. Until the Great God Pan reached out of my hindbrain and thundered "YOU!" And his gift is music and his chosen instruments the pipes and flutes. And his, too the power of joy; magic so strong that when it flowed out of me, even before I knew what I was doing, it amazed people into awe and incoherence and poetry.

That day I was reborn; from a skinny lame kid with a flute into a shaman and a vessel of the Goat-Foot God, the Piper at the Gates of Dawn, the Horned Lord. And the music was my first power, but not my last.

ESR is off the deep end.

Re:Um

[BenjyD]

How is that any more or less valid than any other religious belief? Should we ignore all Christian people because they believe someone walked on water? Or muslims because they do streching exercises every day as a form of prayer to their god?

Just because a religion sounds silly to you doesn't make it any less valid than any other religion.

Re:Um

[Requiem]

Yeah, but if a guy claims that he saw Jesus in his coffee that morning, I'm still going to look at him funny.

RMS addresses this issue...

[Brandon+Glass]

RMS addresses this issue in his speech given at Westminster University, entitled "The Danger of Software Patents". His opening line?

"You've probably heard of me in connection with free software, that's free as in freedom, it doesn't mean zero price..."

If RMS has to clarify this in a speech he's giving about something not directly related to the topic at hand, it's reasonable to assume that at least a few people were confused about the term. However, ESR and the Open Source crowd could easily develop similar problems if Microsoft targeted bringing their philosophy into disrepute by playing on the words "Open" and "source", for example, they might say "Open Source means that the source is open, that you can view it - you can do this just as easily with Microsoft's Shared Source license"...in the end, it's Microsoft who is spreading the Fear, Uncertainty and Doubt, and they will try and discredit their opposition in any way possible - no matter who that opposition is.

ESR on the attack again

[SWroclawski]

Linux isn't free. Hello? If there is actually anyone still left on the planet who thinks the term free software was a good idea, I hope they're paying attention.

Can't go one whole article without attacking the ideals of Free Software, can you?

No one thinks the term "Free Software" is a good one, the issue has always been that there's nothing better. I can't use Open Source since the term doesn't mean the same thing.

The only other term I can use is Digital Commons, but Digitial Commons is a larger movement than Free Software.

Anyway, ESR, you can't go one whole article without going on the attack against Free Software, can you? You can't accept that many of the ideals of Open Source haven't panned out, and that with the recent legal attacks, the commitement and idealism of Free Software is what's driving so many to resist so strongly.

You're using such similar tactics to MS that it's startling. At first you ignored Free Software- refused to talk about it in many articles. Then you attacked it. Now you make subtle arguments aginst it in each thing you put out.

If you really wanted a unified movement- you'd stop with the blatant attacks.

Terminology

[jdavidb]

I like the way Raymond asserts that arguing over the exact meaning of "free" in "free software" is meaningless, but then takes care to use the word "cracked" instead of "hacked" when referring to MS IIS websites. :)

Eschew Obfuscation!

[TBone]

Next time, in promulgating your esoteric cogitations, or articulating your superficial sentimentalities and amicable, philosophical or psychological observations, beware of platitudinous ponderosity. Let your conversational communications possess a clarified conciseness, a compacted comprehensibleness, coalescent consistency, and a concatenated cogency. Eschew all conglomerations of flatulent garrulity, jejune babblement, and asinine affectations.

Let your extemporaneous descantings and unpremeditated expatiations have intelligibility and veracious vivacity, without rodomontade or thrasonical bombast. Sedulously avoid all polysyllabic profundity, pompous prolixity, psittaceous vacuity ventriloquial verbosity, and vaniloquent vapidity. Shun double-entendres, prurient jocosity, and pestiferous profanity, obscurant or apparent!!

From Don't Use Big Words...

Re:The clueless userbase to propagates the worms.

[Creepy+Crawler]

Yep, tried to.

Ive ran all the common unpackers, and Tron against it. Tron gives "unknown packer" and some pack detecters just crash...

Ive tried hand decoding it (fun fun ;( ) but it seems to use some sort of the same encryption as AZPR's Zip password recovery. Has a executable stub, some code, then somehow the key itself is encrypted and only the password is the key..

Take a look at trying to crack AZPR.. Ill pay you 100$ if you can. AZPR password somehow has the key as part of the executable so when correct, it correctly decrypts the packed part. No softice or asm dumps can beat it. In my opinion, it seems to be the perfect packing setup.

Admittley its way over my head. I can do stuff like DDD debugging, or looking over deadlists (ala MS VC++ compiler errors and inline asm command switching). I just cant even comprehend what exacly its doing.

And yes, anonycoward, I am telling the truth. You actually think that there's no worms at all for Linux?

SNL Sketch

[Anonymous+Writer]

This "Get the Facts" tour sounds like a Jon Lovitz "liar" sketch on Saturday Night Live.

Re:Say it ain't so!

[captbob2002]

Support for MS products is not FREE either. Regardless of the platform support will be necessary - why do so many people forget this? It is not as if just anyone can set up a reliable, secure environment with no experience.

Re:ESR, again.

[RLiegh]

Oh, good Lord, you are sniffing glue, right? Microsoft is alive and well., and the only vanilla box you can get for below $350 is a used piece of shit that has Windows ME installed. Get out of your basement, your parents need the space.

Well, strictly looking for new and under $350, I found this at Walmart's site right off the bat. They also have a 2.4gzh one for $398.

I'm sure I could have found even better deals, but I don't really have a lot of time to spend looking (and I'm happy getting a used box from retrobox).

I made a little chart...

...to show who says what.

Stallman GNU/linux Free Software Bearded Chaotic Good
Linus linux Open Source(?) Unbearded True Neutral
Eric linux Open Source Hitler Mustache Chaotic Evil
Bruce P GNU/linux Free Software Beardless Lawful Good
Alan Cox GNU/lin(mostly) Free Software Mighty beard Chaotic Good

Re:I made a little chart...

[virid]

Also, what is the precise difference between "Bearded" and "Mighty Beard"? Stallman's beard maybe shorter than Cox but not by much...

Re:I made a little chart...

[Xpilot]

I would say Linus is Neutral Good. He is certainly on our side, even if he doesn't go on a ideology pitching frenzy.

Re:I made a little chart...

[Anthony+Boyd]

I agree with your suggestion that ESR should be Chaotic Neutral. My old DM's guide describes CN as self-interested, unpredictable, and hard to control. Very often, paranoid or crazy people. That sounds more accurate than Chaotic Evil, which implies the wholesale destruction of society and life as we know it.

But the grandparent, which suggested that Linus should be Neutral Good? Naaaah. Linus never ever takes sides. Even if he did take a side on some things, it would be a drop in the bucket. His neutrality is firmly established. He is on the side of technology, and doesn't sem to care about the implications of his work. I think calling Linus True Neutral is correct.

PS: Yay! I'm a D&D geek! There's probably a 24-hour cooling-off period after I post this, where my wife will refuse sex until I regain some sense of non-geekness. But for now, I revel in my pasty-skinned +1 alpha-dork glory!

Re:I made a little chart...

[ispeters]

This is hilarious.

One nitpick though. Regardless of whether or not you agree with RMS on the whole GNU/Linux thing, Linus doesn't even have to enter the debate most of the time because, AFAIK, he rarely bothers himself with the GNU part of GNU/Linux--he is, after all, the Benevolent Dictator For Life of the kernel, not the associated operating system. In other words, when Linus says "Linux" you can usually be sure that he's actually referring to the kernel, which RMS himself would (or should, if he's consistent, and I'd have to say he's consistent) refer to as Linux, not GNU/Linux. The reason for this ramble is that I wouldn't have put Linus in your chart, because he doesn't seem (to me) to talk about GNU/Linux very often, by any name.

Ian

Re:I made a little chart...

[pclminion]

And what, exactly, is the difference between "Unbearded" and "Beardless"

It's simple, really. If a person once had a beard, but now has none, he is "unbearded." You know, as in "Gahh! I got drunk and passed out and my friends unbearded me in my sleep!"

"Beardless" would indicate never having had a beard at all.

Software libre

[amightywind]

Hello? If there is actually anyone still left on the planet who thinks the term free software was a good idea, I hope they're paying attention. Because what Microsoft is doing here is exploiting the old familiar gratis/libre ambiguity of the word free in yet another way.

Raymond should be less glib and contrive a better argument against the term free software than mere coersion. I see no reason why Micro$oft's perverse attacks should affect my philosophy the freedom of ideas, or dictate which terms are acceptable in discussing it. In these dark days of ever expanding corporatism we need more discussion of freedom, not less.

Why did it do that?

[SuperKendall]

You're a pretty dumb user, and I'll name the file Brittney\ Spears\ Nekkid.jpg.sh.

So you double click the file, and it launches. You're a plain old user.

And just how did the file launch? It's not executable yet...

Re:ESR, again.

[Mr_Silver]

What has ESR brought to the Open Source community?

A few things although I agree with you that predicting the future is not his strong point.

Re:The clueless userbase to propagates the worms.

[Etyenne]

I have to argue that, despite MS's other claims, I agree that TCO will be higher, primarily because most linux programs require a lot more user support than your average windows program, installed and patched with "software wizards".

Could you explain to us how using "software wizards" instead of package manager (yum, apt, urpmi, whatever your distro is based on) and related GUI for software installation and patching could translate into TCO saving ? Remember, most software installation and patching is not being done by the end-user anyway, but by their IT departement.

I spent four hours writing up a macro-enabled, data-validity-using spreadsheet for my company's linux users, while the identical spreadsheet in Excel took me about 45 minutes, and the linux version just didn't compare, and I'm not even a spreadsheet power user.

If you would be equally proficient with both MS Office and OO.org, that would be telling something. However, I am pretty sure you are not. With that assumption, the only conclusion I can draw ATM is that using software you are not familiar with take more time, especially for advanced stuff like data validation. Duh.

It's not a war!

[Junks+Jerzey]

Remember how Linux advocates, real early on, used to love to quote Ghandi? You know, first they ignore you, then they laugh at you, then they fight you, then you've won? Well, it works both ways. Now we have both camps bitterly and intentionally fighting with each other. And what good does it do? If Linux--excuse me, I mean "open source in general" is so blindly superior to Windows in every single way, then that's it. It's over. The existing momentum will carry through and eventually the better solution wins. It's a quiet revolution. It isn't a niche loss, like laser discs or Betamax.

Now what should be worrying people like Mr. Raymond is that Linux-based desktops (which is what we're really talking about, not simply "open source"), is that Linux *isn't* so blindingly superior as to carry the day. Truthfully, I think this is the case. I've used UNIX, I like Linux, but we're essentially having a big battle of the old and huge operating systems here, and none of them is a revolution. None of them is so much better than all the others is wonderful and positive ways. (Mostly they're all negative: don't get virii, don't have to deal with Microsoft.) In fact, the entire concept of the big operating system is a relic. Does anyone argue about the OS in a digital camera? Or a Palm? Or a cell phone? No. And those are more akin to what an "OS" of the future needs to be: thin, small, and unobtrusive. We need the Commodore 64 of the next decade, not the next VAX.

Thanks for listening :)

Re:The clueless userbase to propagates the worms.

[Dayflowers]

I would be very much interested in seeing it. Could you email, or make it available through http/ftp/whatever?

I'm sure I'm not the only slashdottian interested in seeing something like this. :)

Re:ESR, again.

[mirko]

Not sure whether it has been posted here before but here's an interesting point of view on ESR : It's about things he claims and things he obviously has not done : "The Emperor Has No Clothes"

The gloves are off.

[Roskolnikov]

After Microsofts *successful* defence in the anti-trust suit it
appears as if they are on the attack again.

I recently had the chance to 'lunch' with a team of boiler room types on the topic of ' Interoperability, Integration, Extensibility'
subtitled 'Unix interoperability'

After enjoying a excellent meal at one of the better steak houses in town I began to notice that this 'meating' wasn't so much about working with Unix systems as it was about providing unix services from Windows servers; After being seeded with 'free' software (funny that, free tools just not free source) title:Windows Services for Unix 3.5 and looking closely I saw that they are now providing NFS, Syslog, NIS, DNS, Mail and a tool to 'port' your Unix 'legacy' (their words) apps to a modern OS.

What frightened me most was that my inclusion to this meeting was last minute and that my 'peers' didn't have a technical bone in em, they were all either Microsoft partners or middle to upper manglement types.

The last 'free' software I saw from Microsoft was IE, I wonder if this latest offering will have as profound an effect.

Re:The clueless userbase to propagates the worms.

[Idaho]

[Linux does not have many worms because..] it doesn't have the market share that Windows machines [have and] because *currently* Linux doesn't have the clueless userbase that Windows does.

So your point is.. what exactly? My point would be that *right now* you could use Linux and not have all of these problems *right at this moment*.

Whereas if you'd continue to use Windows you *do* have all these spyware and worm problems right at this moment.

Maybe in 5 years Linux will have many more (clueless) users, and also more problems like Windows currently has. That still leaves me with the period between now and 5 years in the future where I can just run it and see if the problems get worse. Whereas in Windows it's hell already so I don't need to wait 5 years to make up my mind about that.

Maybe in 5 years Microsoft will finally have their security act together and you could consider switching back if Linux really starts to suck by then. Not that I think this would happen, but by looking at it pragmatically this is what I'd say.

Re:ESR, again.

[sgtrock]

Re: the idiots who didn't recognize your article for what it was; a slam at ESR: I can't believe the number of people who read Slashdot who don't recognize sarcasm!

You're right, his ability to prognosticate is badly flawed when predicting end results. OTOH, I think he's been pretty accurate in how MS would fight the war, don't you? Go back and re-read the Halloween docs and you'll see what I mean.

Ooops.....

[JohnTheFisherman]

I forgot the close sarcasm tag. ;) ;) ;)

Re:ESR, again.

[paul.dunne]

Oh. So he didn't even do that. I stand corrected. Whatever; I use free
software anyway.

Re:I think you misunderstood me.

[The+Bungi]

Of course they are liable, but up to a point.

Microsoft has a consumer OS they're trying to secure. You have a server OS that you're trying to make usable as a workstation. You can argue endlessly about how each side could have done things differently, but most of the time most people who attack Microsoft because they're (in your words) "unable to write good code" also discount the fact that they have to deal with a huge user and legacy application base. They can't just change the default shell action of a VB script from "Run" to "Edit" (which pretty much eliminates script worms) without getting themselves into a hell of a bind. There is no easy solution. But the attitude from people like you is mostly "lock it down and let the user fight it". You won't sell a lot of anything like that, unfortunately. As long as open source continues to think of users as developers who don't mind opening a console and typing 'su' to get anything done Linux won't get far in the desktop.

The Apple comparison is dumb, as always. Just by virtue of sheer user base size.

You just wait until Linux gains some market share in the desktop thanks to IBM or Novell. The day some fuck starts sending tarballs with bash scripts that delete ~/ or zombie the box to send spam we'll have another chat. There's no need to run as root to do damage to a machine.

Something like Meeting Maker wd be cool

[garyebickford]

Meeting Maker is a commercial product that works quite well. I've often toyed with the idea of building an OS equivalent. That said, there've been quite a few web-based OS systems like this, but none of them seem to have become popular. For some reason, this particular question has not been a big itch for the OS community.

Collab.net, founded by OS gurus (from Apache IIRC), provides collaboration tools in use by "over 400,000 users", and I think has a free version.

Re:Something like Meeting Maker wd be cool

[Kiryat+Malachi]

Honestly, I think it's because getting a good calendaring/email solution together isn't a small task; its equivalent to writing a full-fledged office program. However, unlike an office program, it isn't very useful to the home user, pretty much solely useful for corporate users. As a result, there's not really an "itch" for most developers.

As to the other part of it - honestly, Outlook/Exchange is a pretty decent setup. Outlook as an email client is awful, but Outlook/Exchange as a group calendaring/room reservation/resource reservation setup (yes, we reserve a conference room by adding it to our meeting request on Outlook, and resources similarly for those that are tracked) is a decent solution. It would take a lot of work for an OS developer to come up with something as good, and the companies that most need that sort of solution (giant corporations; IBMs, Intels, Motorolas, Walmarts) are the ones who are most able to deal with both the cost of licenses.

Basically, the problem is that its a big problem that has no use for home users, and none of the big corporates has shown a desire to move away from the 'good enough' solution O/Ex provides.

Re:Something like Meeting Maker wd be cool

[Yakko]

While Meeting Maker doesn't integrate with Outhouse (an email client which, imho, needs to die), it DOES do one crucial thing: since it can run on at least Solaris and HP-UX, pure Unix users can keep track of their meetings along with Windows users.

Re:Something like Meeting Maker wd be cool

[rutledjw]

I'm anti-Outlook, but I agree on the meeting room and whatnot functionality. We also use it for reserving our performance test facility. Add it in a meeting request for as long as you like, and either the team lead or myself (PHB) will approve, disapprove, or adjust.

It's kind of a hack, but it is convenient...

And yes, the bloody e-mail client SUCKS SUCKS SUCKS. Our e-mail team wants us to forward SPAM to them so they can tweak the filter, BUT, if you do them Outlook will d/l images which tells the low-life spammers that I'm a real account. Brilliant...

Re:Something like Meeting Maker wd be cool

[belloc]

Our e-mail team wants us to forward SPAM to them so they can tweak the filter, BUT, if you do them Outlook will d/l images which tells the low-life spammers that I'm a real account.

See if you can get them to do what we do: have them create a folder under "Public Folders" called "Spam", and train the users to drag/drop their uncaught spam into there. No messy fowarding. Then get fetchmail to grab all of the messages from that public folder every night (you can connect via IMAP to public folders) into a dummy mailbox on your spam filter, and have a cron job run them through the bayesian engine (we use spamassassin, which comes with sa-learn for training the engine), original headers and all.

Note: we use Samsung Contact's (formerly HP Openmail, but much, much improved) groupware server instead of Exchange on the backend, but nothing in my spamfilter re-training setup is Samsung Contact-specific. AFAIK, it would work just the same with Exchange.

I'd be happy to discuss the details of this setup further with anyone who wants to know.

Belloc

Motivation for the anti-ESR movement

[ultrabot]

Sometimes I wonder how the anti-ESR zealots rationalize their actions. Are they jealous because he's so well known ("my program was much more difficult to write than fetchmail, why does nobody quote me"), angry because he has some controversial opinions on firearms, or what?

Apparently people like to cling to all the things they consider personality flaws like starving worms, using them at all opportunities to attack the persons other opinions and activities.

It kinda pisses me off to see valid Microsoft criticism from an Open Source evangelist being attacked just because some asshat takes ESR's hackers dictionary too seriously. Do you really think someone is just trapped in the shadow of ESR, mourning that if ESR was taken down just a notch, he could steal the limelight and rescue the true spirit of open source?

You guys should just pause for a while, and think whether petty arguing among ourselves is more important than the war of spin & fud between us and microsoft. Unless you are working for AdTI, of course - in that case I understand your motivations perfectly.

Grow up. Your mom still lives you more than she loves ESR, no need to feel all sad and droopy.

One problem in ESR's logic

[TomatoMan]

He writes:

Microsoft's underlying problem is that it employs about 22,000 programmers; the open-source community can easily muster ten times that number. That means the capability gap that has opened up between the open-source codebase and Windows is only going to get worse from Microsoft's point of view, not better.

The difference here is that as he says, Microsoft employs 22,000 programmers. If we assume these are full-time employees, then they're working 40 hours a week on whatever Microsoft wants. Do the 220,000 theorized open-source programmers have 40 hours a week to spend on co-ordinated open source projects?

If this wildly conjectured figure is true, it may be that the case that the number of "man-hours" availble in the two camps is comparable, if the open source coders can find an average of 4 hours a week to work on nonpaying projects. Counting heads doesn't make for a very useful comparison in this case, though, unless someone's going to hire the 220,000 to do open source work (and let me know if that's happening, because I'll show up for an application).

I don't think "we" should get too overconfident about the "capability gap." "We" certainly have fabulously talented coders, but Microsoft certainly does too, and never underestimate the power of a focused monolith. Could we get our army to proceed with even one-tenth of Microsoft's coordinated corporate project discipline? How much potentially productive time do open-source coders lose just bickering with each other in lengthy flamewars about what "free" means?

Re:WTF is FUD?

[squiggleslash]

FUD is a technique started by IBM in the sixties and seventies aimed at undermining their competitors. It stands for "Fear, Uncertainty, and Doubt". The idea is to sow these into the minds of potential customers. Instead of saying: "Our all-new ACME Widgetmaster 2000 has these fantastic features", or even "Our all-new ACME Widgetmaster 2000 has these fantastic features unlike our competitor", you say:

"Well, yes, I can understand you liking the new BlogsCo Gadgetwhiz 3000, but between you and I, I'm hearing a lot of problems about their reliability. I suspect it probably will not be on the market before 2008, assuming they don't go bankrupt beforehand."

You'll note nobody's competing on merits, it's essentially a slime campaign. Make the potential customer feel uncomfortable with the competitor, make the potential customer assume trouble is ahead if they go with that competitor.

You could argue that most political campaigns in the US are FUD campaigns.

Very disingenuous

[sethamin]

I think ESR is being really disingenuous here and not really addressing the meat of MS's points at all. I wouldn't call it FUD, but he's certainly missing the argument and just responding snidely to them.

1. Claim that linux isn't free.

ESR seems to think all MS is talking about here is that it isn't free because it "has a nonzero TCO." Sure, that's part of it, but I think the argument goes deeper. The point is that the majority of corporate customers are not going to just download a freely available distribution of Linux, because most enterprise customers NEED support. Therefore, they are going to buy a supported distribution from a major Linux vendor, and that most certainly costs money. In that case it's most certainly not free (as in beer), and while it is still free (as in speech), those companies are not going to really exercise that freedom because they can't just modify their distribution and still expect support from the vendor.

2. Pretend that Shared source is the same as Open Source.

ESR's basically just belittles this statement, but again, there's some truth behind it. If you consider a company as above, namely, that they have bought a Linux vendor's distribution with support and they are not going to modify that distribution and lose their support. At that point, what IS the difference between 'Shared Source' and 'Open Source'? Either way, they're only looking at the source code and not modifying it. The only real difference I can see is that with Open Source (or really, Free Software) they could try to create a patch and get it into a future release in the hope that their vendor will pick it up and support it. This is really only marginally better than relying on your commercial software vendor for new features, because you're still dependent on some external entity (in this case, your vendor) and their decision making process to get that feature.

Re:Very disingenuous

[irix]

If you consider a company as above, namely, that they have bought a Linux vendor's distribution with support and they are not going to modify that distribution and lose their support. At that point, what IS the difference between 'Shared Source' and 'Open Source'?

Well, one difference is that someone else can come along and support the Open Source product if the original vendor chooses not to do so.

Try that with code released under "Shared Source". Equating "Shared Source" with software libre is what it is disingenuous - it isn't the availability of source code that counts, it is what you can do with it.

You are right that this ESR piece is poorly written though. I'm not quite sure how one of his rants qualifies as a "Halloween document".

Define "We"

[ericlp]

He explains why he thinks we need to focus more on government adoptions, and predicts serious ugliness during the next year."

Lone Ranger: "We are surrounded by hundreds of fiece indians. What should we do my faithful companion?"

Tanto: "What do you mean 'we' pale face?"

ESR is just a zealot

[pandrijeczko]

IMHO, ESR makes one valid point and one only:

Writing code that doesn't suck always has to be our base-level and most important response

To put the Open Source movement in some kind of "battle" with Microsoft only serves to belittle what the F/OSS community does.

Let's put things a little into perspective:

1. A huge amount of OSS software runs on Windows also - Mozilla, GIMP, OpenOffice, etc. etc.

This means that whether you run Windows, Linux, BSD, whatever, you have a choice. You do not need to be tied into one of a few commercial software vendors for your applications. It also means that you have the opportunity to try out new applications at little risk and no cost - as a result, you get a comparitive benchmark and can make a decision for yourself whether a particular application you need is better served by a commercial or OSS application. End of story.

2. It's closed standards, not Microsoft, that's the problem.

Using a computer brings with it a responsibility - namely that you take charge of the data that you store on it. You decide how shareable that data is to be, you decide how portable it needs to be and you decide how deeply you lock it away from the eyes of others.

DRM and closed formats simply mean that you hand over that responsibility to a commercial organisation, nothing more. That means that they charge you for taking control of your data and, because they are interested in making a profit, will naturally try to charge you more as time goes on. When use of that DRM format becomes widespread, it becomes the norm and all of a sudden, everyone has had their responsibilities handed over to that organisation. This is the potential loss of personal freedom we must focus on not becoming reality.

Microsoft backs DRM heavily and it is that issue we should fight against because that's the only danger to Open Source - OSS and Microsoft can co-exist provided standards and formats remain open to all. If Microsoft cannot accept that, then that's their problem...

3. Users need to be educated to make a choice.

Spreading the word of Open Source & Linux is the only way forward because people then start to make choices for themselves as to what software best fulfills the job that they need to do, rather than simply just blindly consuming every piece of software Microsoft churns out. If the F/OSS community has no remit to "destroy Microsoft" then it can simply focus on creating good software and listening to the users of that software as to how to improve or change that it for the better.

For example, while I can work wonders with UNIX command line tools that can format text just about any way I want it, my teenage niece who does her homework in Word, Excel & Powerpoint is not suddenly going to get a knock on the door from her uncle armed with his Linux CD, just because he thinks "grep" and "sed" are better... Everyone has their own perceptions of what is usable.

The OSS community is doing what it should be doing right now - keep churning out the good software, not rising to Microsoft's little tantrums & letting the users know they have a choice.

ESR, a factual case is the best case.

[e.m.rainey]

There's lots of compelling arguments in your case here, but I think you could use some edits.

1.) " Like the dog that didn't bark in the night-time, these omissions are significant, because Microsoft marketing is thorough and ruthlessly opportunistic." The first part of this statement is rather confounding. I assume that you mean that that fact that they have dropped these arguments should be indicative of the thoroughness of the marketers.

2.) "Do I even need to point out that most of the factual claims are blatant lies brought to you by the same people who got caught faking video evidence in their Federal antitrust trial?". Unless you can show that the actual forger is at work here, refrain from painting all MS employees with the brush of a criminal. This only serves to undermine your objectivity.

3.) "Hammer them without mercy -- but do it in a quiet, reasonable voice and keep control of the terms of argument. " Do it "ruthlessly" perhaps? This also serves to undermine you credibility as it shows you too are playing the word game. Ruthless is a "charged word" even though it used to mean "without emotion" it implies some bitter, hateful vengence now. You used it to describe MS Marketing before but you don't use it now, but just be consistent. The rest of the statement is good though, stick to the facts and definitions, and keep the argument in your favor.

4.) "...higher Windows TCO is forever" Please quantify "higher" with a number.

5.) "Shared source is a poison pill." Shared Source may be a misnomer but calling it a "posion" pill is just imflamitory.

6.) "Can you explain why Windows IIS websites are cracked or defaced more often than Apache ones, despite the fact that IIS runs less than a third the number of sites Apache does?" Please quantify "more often". Also, attempt to separate this into 2 questions, as the answer will undoubtably be "Hackers hate Windows, hackers attack Windows" which will only be to their advantage because it implies that they are top dog. The top dog is perpetually being challenged. Saying that they are attacked often is handing them the opportunity to say that they are top dog.

Otherwise, this is good article and it's got some great questions for MS PR about the Shared Source == Open Source nonsense.

Re:ESR, a factual case is the best case.

[MECC]

Anyone know where to find stats on websites broken into? IIS .vs. Apache? After all just saying IIS has been broken into more often is fine, but its better to point to some kind of source.

Re:ESR, again.

[black+mariah]

sarcasm
n.

1. A cutting, often ironic remark intended to wound.
2. A form of wit that is marked by the use of sarcastic language and is intended to make its victim the butt of contempt or ridicule.
3. The use of sarcasm. See Synonyms at wit1.

Re:The clueless userbase to propagates the worms.

[Mirk]

I would be very much interested in seeing it. Could you email, or make it available through http/ftp/whatever?

I'd like to see it, too, please. I've set my root password to "querty". Please ssh onto my box and run this fascinating software so I can look into it.

ahem

[linuxislandsucks]

so what have you brought to CLosed source programming such as MS windows?

Did u bother to read ESR's project page listing his projects? NO?

Read before leaping..it might save a you a big first step into the boid

Re:The clueless userbase to propagates the worms.

[red+floyd]

I would say that Apache vs. IIS provides an interesting analogy.

Apache has a much larger base than IIS, yet most of the exploits are for IIS.

a few arguments for free software:

[ciaran_o_riordan]

Neither "Open Source" or "Free Software" contain a complete explanation of what they mean.

"Open Source" can be confused with viewable source. MS can compete against that.

"Free Software" can mean libre or gratis, MS can't compete with either of those meanings.

MS have marketing and business analysts thinking about things like this. They've chosen to say "open source" (and "Linux" for the OS). This should be enough to tell us that these terms are not what we should be using.

Winning depends on us being free to develop and distribute software for all useful purposes. The threats to us are in the form of taking away these freedoms (through DMCA, patents, and Paladium). It's never been about "open", it's about "free".

Re:Linux ISN'T free

[ari_j]

For complete freedom, you have to be willing to live with the consequences. In a society with free speech, some people may say things you don't like. In a society with freedom of privacy, some criminals may get away because of it. Code that is completely "free as in speech" can be used by others to compete against its original author. That's just the way it works.

Re:The clueless userbase to propagates the worms.

[Phragmen-Lindelof]

This is an interesting post. Since most companies like publicity, I wonder if the poster could give us the company name and examples of the web applications. We can then see how much better are the applications developed using "ASP.NET technology" and why "we continue to see gains on a daily basis."

Re:Say it ain't so!

[cascadefx]

We have a consultant on hand for our Linux stuff that we hand picked. Should we need to tap some extra knowledge, he has been great and can bring in others (on his ticket) if that firm is stumped. It works well.

my experience across 8 years has been that commercial support from a specific vendor can be hit or miss. Sometimes great (really great... Cisco comes to mind). Sometimes really really bad.

At my old job, they still had to hire independent consultants for some Microsoft tasks.

Re:Say it ain't so!

[Fulcrum+of+Evil]

Fine, but that's the sort of "free" that this particular audience is mainly concerned about - the corporate world does not generally set out to make a political statement via their choice of operating system, not at the expense of the bottom line.

Corporations cannot run their companies for free. Every bit of maintenance and operational activity costs money. The free as in speech aspect of OSS benefits them by offering choice: it's difficult to lock a company into an upgrade cycle (with its caascading effects) when that company can choose to continue using an old version indefinitely. You can't EOL an OSS product, and you can't hold them hostage with bugfixes.

Re:The clueless userbase to propagates the worms.

[Knuckles]

The well respected German computer magazine c't had a spreadsheet shootout a few weeks ago (issue 12/04). Overall, OO.org Calc came out head-to-head with Excel, with particular tasks being easier on one or the other.

yeah, yeah, yeah

[kardar]

I probably agree with most of what he says there, except for that

1) good code isn't propoganda
2) destroying Microsoft shouldn't be a goal
3) beggars can't be choosers - (I won't beg people to use Linux)

not to mention...

Using patents as anything other than a form of insurance or a form of fake currency is entirely unproductive and will only serve to reduce their value as a fake currency and as a modern-day form of insurance. Unless, of course, people would choose to use them for what they are meant to be used for...

The DMCA is going to be rewritten

Someone is going to take what this Halloween document says and twist it and try to prove that Linux is out to destroy proprietary software and your paycheck, which will generate more arguments back and forth.

Just because Red Hat might be right doesn't mean that they are the best choice in software for your organization.

Imagine a cool, calm, peaceful, beautiful, and very blue body of water - a fresh cool breeze blowing through your hair; the smell of flowers and other good-smelling things; the sounds of birds and leaves blowing in the breeze.

Microsoft is a company. What is a company but a collection of individuals. The problem is not Microsoft, the problem is individuals who work, used to work, know people who work, etc... at Microsoft. The same thing can be said for government. It's not Microsoft + the government out to destroy Linux, it's individuals + individuals being selfish, greedy and stupid.

The first thing that can be done is to show respect for Microsoft. Sure, Linux costs more, but IT'S BETTER. (which is true). Linux is more expensive because it's better. (it's actually less expensive). Now all the rich folks will want Linux because it's the "Cadillac" of operating systems. Microsoft gets Chevrolet status by their own request.

I recently though of an analogy after reading Stephen Hawking's book - it's about entropy, or the direction of time. Glasses fall off of tables and shatter, they don't pick themselves up from pieces on the floor and magically un-break themselves and fall "up" back on the table in one piece.

But God, or in this case, let's compare God to the public - to the individual who is observing what is going on, and making a decision, a judgement, as to which software solution is the best to buy.

Can God, or the observer, in this case, press "rewind", and have the glass re-assemble itself? If this is true, does it really matter who threw the first punch? For all anyone cares, they are just "fighting". It doesn't matter who started it.

Imagine a cool, calm, peaceful, beautiful, and very blue body of water - a fresh cool breeze blowing through your hair; the smell of flowers and other good-smelling things; the sounds of birds and leaves blowing in the breeze.

FREE in other languages

[Blahbbs]

I wonder if Linux/FOSS evangelism is much easier in non-English-speaking countries? I mean, most of the FUD and confusion in the US, UK, et al, seems to stem from the difference between free-as-in-speech and free-as-in-beer.

Maybe that's why Brazil and France (for example) are migrating to Linux/FOSS. After all, the French and Portuguese languages have different words for the two meanings of "free". It's probably easier to make the case for "free" software.

Re:The clueless userbase to propagates the worms.

[ejbst25]

Whew! Glad you mispelled qwerty or that would be totally insecure!

Sherlock Holmes

[bstadil]

Like the dog that didn't bark

Inspector Gregory:

"Is there any other point to which you would wish to draw my attention?"

Holmes: "To the curious incident of the dog in the night-time."

"The dog did nothing in the night-time."

"That was the curious incident," remarked Sherlock Holmes.

From "The Adventure of Silver Blaze" by Arthur Conan Doyle

Objective opinion

[coolsva]

Firstly, I fully support linux and what it stands for (free as in speach). However, this being slashdot, readers are usually predisposed against MS. So here are a few counterpoints

- Number of worms/security issues in Windows
Reminds me of the age old saying that rich people dont die of (NameYourDisease). It is not because they are a better breed, just that they have the means and money to get the cure. Poor people just can't. Most of the virus' and worms exist in windows environment because 1)it is more popular, so offers the biggest bang for the buck to the writers, and 2)windows machines are more likely to be used by novices and hence not well protected. Once Linux reaches the tipping point and we have more people buying walmart sold linux boxes, we will have simillar problems. perhaps a tad more, since not all average Joe's will fix their kernels/applications whereas MS is getting there by automatically performing windowsupdate
- Open source vs Shared Source
Open source is not really open in terms of who can contribute and what. There still exist certain people or groups (like linus for the kernel) who double check to make sure there are no malware introduced. I for one would definitely stay away from somebody offering a latest version of (NameYourAppHere) build offering special features. Of course, you can look at the linux/GNU sources, but I would rather have 'experts' certify applications as good before I use them. With MS, they are this expert and usually people trust them (they may make mistakes, but not deliberate malware attempts)
- Cost
The only advantage of GNU is the initial price (usually zero). Support, IT, maintenence etc still costs real money. Perhaps a tad more for linux since programmers/administrators are a bit more expensive (you can dispute, but look at any job board for the offered salaries for admins in these platforms). As a business model, GNU/free would find it very difficult to survive. I contribute to some open source projects in my free time since I get to pay my bills with the money earned with my paid job working on closed source. Once I dont have a job, chao open source development, I'd rather spend my efforts finding a job that pays me money. Working on open source projects is just a hobby for me and perhaps many others. I'm willing to let it 'cost' me something (time/money) but this cost needs to be underwritten with an income (derived from real paying activities)

I think MS is a necessary evil just as we needed an adversary during the cold war. Without one, we may become complacent and innovation may not continue at this speed.

Mod me down or believe what you want to believe. I believe I am the necessary evil in this discussion

Re:The clueless userbase to propagates the worms.

[poot_rootbeer]

the only conclusion I can draw ATM is that using software you are not familiar with take more time, especially for advanced stuff like data validation. Duh.

It's a wholly cromulent conclusion to draw, though.

An office that currently uses MS Windows and Office is going to incur larger migration and retraining costs if they migrate to Linux and OO.org than if they upgrade to the next MS versions.

Yes, a completely objective comparison would make sure that users had equivalent experience with both platforms prior to testing. But the real world isn't objective like that -- the laws of vendodynamics suggest that a company that licenses from a vendor will upgrade with that same vendor, unless acted upon by an outside force.

Linux advocates need to explain to companies, what is this outside force and why is it significant?

Aunt Tillie mods you down

[j1m+5n0w]

what has ESR brought to the Open Source community ?

The Jargon File comes to mind. I owe quite a bit of my knowledge of computer history to its print form, the New Hacker's Dictionary.

He also brought us the infamous Aunt Tillie Builds a Kernel lkml thread.

-jim

Re:Aunt Tillie mods you down

[phazethru]

But if nothing else, he is quotable. I specifically liked the "well-designed technology should allow people the luxury of ignorance." Because hell, they're going to be ignorant anyway.

Software should be treated like firearms. You should be allowed to shoot yourself in the foot, but only if you know how to remove the safety.

Re:Roadshows

[epo001]

The quick answer is that people known to Microsoft are invited, other people who stumble across the website or hear of the event from word of mouth ask for an invite.

I got an invite to the Edinburgh event by virtue of having attended an IBM vs Microsoft open-source debate a few months ago.

Tomorrow I am going to a Novell event touting their SuSE offerings.

I think we are seeing trial events in Europe (certainly in Britain) that are rehearsals for US events later in the year.

Re:The clueless userbase to propagates the worms.

[Kismet]

"If" Linux ever attains...

While you make a valid observation, you are talking about something that has not happened, and that you cannot prove will ever happen.

In an argument, the hypothetical must take back-seat to the reality of here-and-now.

TCO for MS systems must include the cost of viruses and other malware. Linux does not currently suffer from this problem. Maybe, at some future time, that will not be the case. However, we can't use the future as an argument because it hasn't happened yet.

Re:The clueless userbase to propagates the worms.

[bob+dobalina]

If you would be equally proficient with both MS Office and OO.org, that would be telling something. However, I am pretty sure you are not. With that assumption, the only conclusion I can draw ATM is that using software you are not familiar with take more time, especially for advanced stuff like data validation. Duh.

If anything, I am more proficient with openoffice because I use linux at work, OS X at home and I'm too cheap to shell for the MS version. Like I said, I'm not a spreadsheet guru, but after reading an excel book and searching online for what I wanted to do, I found it much easier to do it with Excel, and in some cases (as in setting a list context for cells) impossible in openoffice. But then, I'm sure this was painfully obvious to someone like you.

My point is that openoffice is not a precise clone of MS Office, and as a more astute reader pointed out, it's pretty rare to find someone equally adept at using the two application suites. There will always be retraining and migration costs.

Re:Please cite examples

[SWroclawski]

I don't know why I have to cite examples, but ESR has always been clever- he claims that Open Source is different than Free Software, less ideological, etc. Then he says all Free Software users should change the words they use:

We suggest that everywhere we as a culture have previously talked about "free software", the label should be changed to "open source". Open-source software. The open-source model. The open source culture. The Debian Open Source Guidelines. (In pitching this to the corporate world I'm also going to be invoking the idea of "peer review" a lot.)

http://www.catb.org/~esr/open-source.html

This was a long, long time ago.

Since then, his attacks have always been subtle. He attacks RMS openly, and in his Unix Philosophy book, he attacks Free Software as a bad way to get people involved.

But that's not all there is to it! You see- Open Source is born out of the idea of being apolitical.

This isn't about popularity alone. Popularity is nice, but rights are why those of us who use the term Free Software are so ferverent about it.

He dances around the issue by talking in third person here:

There was one exception: Richard Stallman and the Free Software Movement. "Open source" was explicitly intended to replace Stallman's preferred "free software" with a public label that was ideologically neutral, acceptable both to historically opposed groups like the BSD hackers and those who did not wish to take a position in the GPL/anti-GPL debate. Stallman flirted with adopting the term, then rejected it on the grounds that it failed to represent the moral position that was central to his thinking. The Free Software Movement has since insisted on its separateness from "open source", creating perhaps the most significant political fissure in the hacker culture of 2003.

http://www.faqs.org/docs/artu/ch02s03.html

Re:The beauty of government adoption of open sourc

[krgallagher]

From the original document:

"I also expect a serious effort, backed by several billion dollars in bribe money (oops, excuse me, campaign contributions), to get open-source software outlawed on some kind of theory that it aids terrorists."
"But in the next year, I think we need to focus more on government adoptions, in order to protect our political and legislative flanks."

We need to beat them to the punch. Open Source is a matter of national security! It only takes one back door in a closed source OS or application to put our nations security at risk. All applications critical to national security should be running on OS' where the people are able to read the source and thus be positive no terrorist has planted a back door.

Write your congressman! Now, before anyone else has a chance to beat you to it. Here are some important things to remeber when you are trying to influence government:

1. Email makes little impact. It is very easy to send a congressman email. As a result most congressmen are flooded with emails, and actually read very little of it. Send Snail Mail Instead!
2. One petition is the equivalent of only one letter. A lot of people will sign your petition just to get rid of you. Your congressman knows this. Therefore you petittion only counts for the person who mailed it in, not for every signer.
3. Form letters don't work. Congressmen do not open their own mail. A staffer opens it instead. If there are 300 copies of the same form letter, the congressman will only see one copy and be told that 300 copies came in. It just does not have the impact of 300 seperate letters with different wording making the same point.
4. Vote! I cannot stress this enough. The list of registered voters is public record and whether you voted in the last election is part of that record. If you are not a voter, your congressman does not care what you think. You will not vote for his opponent in the next election anyway.
5. Send Money. Yeah I know, It feels kind of dirty and you may not actually like your congressman. Still, Microsoft donates to both political parties and many individual politicians. We have to in some way counter this. Even a five dollar check will make an impression on the politician. It proves you are serious. An alternative to donations to the politician himself is a donation to his party. Just send a photocopy of the check to your congressman with your letter. Even better if he votes wrong, send him a photocopy of your donation to his opponent!

We have been lied to and misled. They have convinced us our vote does not count and we cannot make a difference. As a result we do not act. As long as we buy in to this and do not hold the goverment accountable, the government will not be accountable.

be serious

[Schlemphfer]

CIO, "Linux, what's Linux?"

Do you really think there's a CIO out there who hasn't yet heard of Linux? That's like suggesting that there's a CFO somewhere who's never heard of SAP or Peoplesoft.

CIOs may not use Linux, they may not even have any interest in using Linux, but by now certainly every CIO has at least heard of it and can probably describe Linux better than half the people on Slashdot.

Re:ESR, again.

[PhxBlue]

Sorry there, but besides Fud, what has ESR brought to the Open Source community ?

The aqueduct. . . and the sanitation! And the roads. . .

Focus on government adoption?

[mi]

It is error alone which needs the support of government. Truth can stand by itself.

Thomas Jefferson

Re:You're clueless--here's why

[Archie+Steel]

OK, I'm talking to a guy who will nitpick Google's 1% to death

Why do you feel the need to exaggerate to make a point? I didn't "nitpick" to death, I just noted that I don't feel that Google's Zeitgeist is an accurate representation of Market Share.

but then thinks it's perfectly OK throw out a number like "2.5%" with no source whatsoever and then claim it's "generally accepted"

Is IDC a good enough source for you? This , by Paul Thurrott no less, gives a 2.3% market share in 2002. Are you going to call IDC a dubious source, and Thurrott an irrational Linux zealot as well? Oh, and those are desktop figures, according to the article.

But wait a minute - it seems I was too conservative in my assessment: for 2003, IDC gives Linux on the desktop 2.8 percent, not 2.5!

You see, contrary to what your knee-jerk reaction has led you to believe, I didn't start by saying: "Google Zeitgeist puts Linux at 1%? That's way too low! I'm sure I can find reasons to justify my biased views!" What really happened is that I already knew that IDC and others put Linux at approximately 2.5% of the desktop market, so when I saw Google's figures I thought "Hmmm...there seems to be a discrepancy between Google's index, which does not profess to represent accurate market share figures, and the numbers of respected research firms. I wonder what could cause that difference..."

See the problem with your argument?? Maybe, just maybe, that's why people think you are an irrational zealot.

In light of this it seems you shouldn't be so quick in calling other people zealots. You'd look less like one yourself.

By the way, right now I'm a Windows user. So please, do suck on it.

Re:TCO

[codefool]

The higher TCO for Linux lies in people like yourself. As your comments demonstrate, you have a highly detailed understanding of Linux and its applications, and because of that knowledge and experience you keep things running smoothly. In your situation, the overall CTO to your company is limited pretty much to your salary and the electricity to run the boxes (and any service contracts, leases, etc.)

TCO also comes in the form of lost productivity as people learn to use the new OS, etc.