Microsoft Proposes Cooperative Research With OSDL

turnitover writes "According to eWEEK.com, Microsoft has proposed to work with OSDL for a 'facts-based analysis of Linux and Windows.' Could this just be a case of the fox contracting security for the hen house?" Martin Taylor, Microsoft's general manager of platform strategy, declined to comment on the specifics of what was discussed when he met with OSDL's CEO Stuart Cohen, only to say that they met.

Never believe anything...

[Gaspo]

Otto von Bismarck once said, "Never believe anything in politics until it has been officially denied." Well, now Microsoft has officially denied that it hates Linux. I guess it's time to start believing, then.

Re:That's no moon!

First off, Linux FSs have ACL available and they are the same as Windows (but as in chairman gate's word, "we want to be equal, just more equal", eh comrade?). Most Linux rarely use ACL, since Unix style permission accomplish about 95% of ACLs work with ablout 10% of the hassle. But keep in mind, that is up to each distro to decide. After all that is freedom for you

MS is adding the same style unix permission, because people have not used ACLs. They are way too much work for all except the most secured of systems. And yes, MS's longhorn willfinally gain the simplicity such as sudo.

Nobody said that MS was trying to stop the projects only learn from them to better design their own products. IOW, they finally want to join the free market.

Re:That's no moon!

[sasha328]

I was reading that Longhorn will finally have GNU/Unix-like user permissions.
That's probably not the case. Windows ACL is much better than the "standard" unixy permissions, and much grainier. SELinux is trying to come close to what Windows already offers.
I am not trying to defend MS or anything, but a statement like that was clearly not thought through.
Anyway, my thoughts on such news is that MS now acknowledges that Linux is a genuine market player that they need to play nice with, much more so than they do with Apple for example.

This came up on Groklaw a few days ago

[Todd+Knarr]

It's telling that Microsoft were the ones who went to eWeek with the story, without consulting Cohen or asking for his OK on telling the world about the meeting. Since Microsoft were also the ones asking for the meeting in the first place, one has to wonder whether it was done solely to be able to place a piece like this?

Actually one doesn't have to wonder, knowing Redmond.

Re:That's no moon!

If you're really serious, here's how:

Yet another game that doesn't know how to store user's settings in their home directory? Sigh...

Option 1. Run the game's installer as Administrator, or as an Administrator-level user. Once installed, right-click the game's folder, and click the security tab. Add her user account, and select "Full Control" as her user's ACL.

You may also need to set permissions on the game's main registry key, usually installed into HKLM\Software. Find the key, right-click, click Permissions, and same drill as above beyond that.

Option 2. If it still doesn't work, create a shortcut that will start the game as a process owned by Administrator, or another admin-level account. Make sure the "RunAs" service is set to Automatically load in the Services applet, or else this won't work:

Create a shortcut that points to: runas /user:Administrator "C:\game\game.exe" /savecred

That would run the command as Administrator, and will save the password for all other runs after the initial run.

Option 3. Tell developers to stop treating Windows like it's 1995. Windows has multi-user support; make your applications and their installers aware of it.

Re:Don't be so sure

[Pastis]

Linus got shafted by that idiot that reverse-engineered the bitkeeper protocol and works with him.

• That idiot is behind samba
• reverse engineering bitkeeper is a big word. Look at what he did: http://lwn.net/Articles/132938/
• he merely was trying to get more information from the bitkeeper repository. He wasn't satisfied with the bitkeeper-to-cvs bridge that BitMover offered because it was losing information on its way. He assumed that the lost data was owned by the user, so that he had the right to get it. That may be against the license, but he didn't have to force to reverse engineer the protocol as the bitkeeper repository itself allowed to be cloned remotely using very simple commands.

Re:That's no moon!

ACL's! You must be a newbey to Unix/Linux because ACL's have been available in Unix since the mid/late 1980's (white papers came out in Unix conferences arround 1985). Not sure how long Linux has had them but BSD, HPUX and IRIX has had them from the late 1980's.

The reason why most people on *nix systems rarely use ACL's is because most users have no idea how to set and maintain them. If the System Admin has any sense he will pass responsibility to the people that want this. Now the fun starts! Those that want ACL's under *nix now don't want them since it can be quite alot of work (for them). In fact it can be quite awkward to get users to work with simple Unix group permissions (which still work well), once the requesters find out what is required from them.

MS Window users (if they have permission) normally have no idea about ACL's infact many NT Sys Admins who do know about them, duck and run for cover when they are asked to maintain ACL files.

So please don't think MS invented ACL's first they did not.

Re:That's no moon!

For the most part, you are restricted to what the GUI's author thought you might want to do. With the command line, I can write
programs to write and customise configurations (see cfengine). I've
adminned both "enterprise"-level Windows (MS Project Server) and highly available linux servers

Windows is an employment racket. It took all my time to keep an 8-server cluster (the necessity for an 8-server cluster is another rant) running ms project server, I can maintain 100+ linux boxes doing an incredibly diverse range of tasks (yes, including project management services) in the same time.

Re:You misunderstand the problem

[nicktripp]

Now, lets say that Microsoft hires 300 second tier Linux developers at 100k each plus benefits (lets say 130k to be conservative). This means that it is costing them nearly 10M dollars just to retain these people for a year.

I hate to be the one to nitpick but...

300 employees @ $130,000 per employee = $39,000,000

That's a little more than "nearly 10M dollars". Just saying.

Re:That's no moon!

[Spoing]

Using the GUI is brain dead...

This is a viewpoint I've always found kinda interesting.

You took the quote about GUIs entirely out of context.

He was referring to the tools Microsoft provided -- NOT GUIs in general. Specifically....

"Unfortunately the security tab of the NT4 explorer is completely unable to deal with access denied ACEs while the explorer of W2K rearranges the order of the ACEs before you can read them. Thank God, the sort order remains unchanged if one presses the Cancel button. ...

Again: This works for both, NT4 and W2K. Only the GUIs aren't able to deal with that order."

That's what he ment.

Very smart PR move for Microsoft

[Shaper_pmp]

Indeed - this is a very smart PR move for Microsoft.

They're calling out Linux in a public setting, and publically promising an end to FUD and biased studies. If OSDL doesn't take the bait, it looks like they're snubbing a perfectly fair (even friendly) offer, and the only conclusion people will jump to is that they're too scared to compete.

If OSDL agree and the study does take place we all know exactly what it'll say - Linux is better for servers, and Windows is better for end-users and enterprise desktops. Microsoft then get to crow loudly about how their end-user experience is provably better, Windows is more usable, and employee productivity is provably higher than on Linux.

At the same time they also ramp up their their multimillion dollar marketing efforts to executives (who are traditionally the major MS-fanboy stronghold anyway). They convince them that Exchange Server is something with which Linux can't compete (which, for a turn-key solution is pretty hard to refute). Bingo - executives buy Windows servers too (for Exchange), and end up consolidating on Windows on the front and back-ends.

Basically, (in my experience) execs have always been the stronghold of MS fanboyism - generally they need a good reason to change, but only an excuse to stay with Microsoft. This will give them a powerful argument against Linux on the client-side, and MS will provide them with the excuse they need (integrated solution, interoperates best with MS clients) to keep Windows on the server-sdie, too.

Re:That's no moon!

[Ngwenya]

That's probably not the case. Windows ACL is much better than the "standard" unixy permissions, and much grainier. SELinux is trying to come close to what Windows already offers.

Don't think so. SELinux is a MAC (mandatory access control) framework. ACLs - by their nature are a DAC (discretionary access control) mechanism. MAC and DAC work together - if DAC access succeeds, then MAC can still override it. The graininess of the access control has got nothing to do with it.

The point about MAC based systems is that they enforce system security policy between system subject, objects and actions. In other words, an SELinux policy can say "allow this program to perform only the following actions to this file, and no other". So that, even if a cracker compromises the app on the Linux box, he can't get the cracked app to execute other actions on that file, or even the permitted actions on another file.

I know that people have produced MAC enhancements for Windows in the past, but didn't think that type enforcement et al were present in standard Windows releases. However, I am willing to be informed otherwise

--Ng

Re:java?

[ltbarcly]

You don't understand "embrace, extend, extinguish".

If there is a standard, complience with that standard is what gives it value. If you and I agree on a standard for the FTP protocol, I can write a client and you can write the server. Then 'people' can use ftp with your server and my client to download files from websites.

However, let's say a company, call it Bugsoft, creates a 'File Trasfer Protocol + Bugsoft Enhancements". Since this company has millions of captive users, they ship "FTP + B" and make it the default for those millions of users. Now when one of those users tries to log in to your server which you wrote to the standard, it doesn't work. When someone tries to use my client to log into an "FTP + B" server, it doesn't work. Maybe it just fails, or maybe the features which make it worthwhile only work if you use a Bugsoft client and server. Those features are available on YOUR server and MY client, but they use a different mechanism as is laid out in the standard.

So you see, people will have no choice but to use Bugsoft's "FTP + B" because everybody else is. However, they didn't make it so you had to use their "FTP + B" so that they could make money on "FTP + B". They are afraid that if people can use my client on any operating system people will just use the OS that is most convienient. Bugsoft wants people to have to use BUG/OS to get work done. So they only realease "FTP + B" on BUG/OS, meaning that users of FREESTYLE/OS can't even FTP at all! Bugsoft has 'extended' FTP into a worthless standard, meanwhile causing two incompatible FTP's to exist, meanwhile making it artificially difficult to transfer files or use another operating system.

Notice that the type of license doesn't come to play in this AT ALL.

This is why once Free software becomes competative with Microsoft products developers should refuse to support any buggy microsoft products that aren't written strictly to the applicable standard. This will effectively force them to support standars OR suffer the same incompatabilities they forced on everyone else.

Fuck you, Microsoft.