It is not only Microsoft that is to blame for the creation of faulty software, said Chandra Mugunda, a software consultant with Dell Computer in Round Rock, Texas, who attended Valentine's presentation here.
"It's an industry-wide problem, it's not just a Microsoft problem," he said. "But they're the leaders, and they should take the lead to solve these problems"
Valentine, too, took the opportunity to point out the widespread bugs that have been discovered in competing operating products such as Linux and Unix.
"Every operating system out there is about equal in the number of vulnerabilities reported," he said. "We all suck."
However, the "Every operating system out there is about equal in the number of vulnerabilities reported" statement of Valentine's fails to take into consideration that in most cases Unix, open source and free licensed software has been designed from the outset with at least the issue of security in mind.. Whereas, some Microsoft systems such as their embedded scripting systems have not.
The result is that is far easier to exploit an easy, scriptable vulnerability in a Microsoft system, that has no patch for months, than to exploit a difficult, binary hole in a LInux/BSD system that has a patch within days.
As of 29 August 2002, there are currently 18 unpatched vulnerabilities in Microsoft's IE.
That allow Silent delivery and installation of an executable on a target computer,Arbitrary local file/folder deletion,Arbitrary local file reading,HTTPS spoofing - man-in-the-middle attacks,Elevating privileges, running script in the My Computer zone,stack and heap based buffer overflows, Denial Of Service, Overriding filetype handlers on local files,Reading cookies,Detect if a local file exists and read its size/date,Automatically opening IE + Executing attachment,Cross Site Scripting through non-HTTP ports.
Even with full access to the Mozilla source code, over the same time duration, only one single similar vulnerability was discovered in Mozilla. The fix was in the CVS source code within hours of the notifcation and new Mozilla binaries were avaliable within FOUR WORKING DAYS - Not MONTHS in the case of Microsoft's "Trustworthy" efforts.
Perl6 + Unicoded Operators = APL?
on
Ask Larry Wall
·
· Score: 2
In memory of the original python/perl parrot
Despite your major efforts at rationalization, Perl6 looks to be
just as, if not more complex than Perl5 when it comes to the
human readers interpretation of the meaning of the combinations of
punctuation marks, brackets, etc in Perl6 source code.
Why not just be done with the concept of multi-punctuation
operators and just map the each of the operators into one
of the many
single Unicode characters available. Imagine the money
the Perl institute could make from the sale of keyboards.
Samuel Plimsoll, M.P.
(1824-1898)
Samuel Plimsoll brought about one of the greatest shipping revolutions ever known by shocking the British nation into making reforms which have saved the lives of countless seamen. By the mid-1800's, the overloading of English ships had become a national problem. Plimsoll took up as a crusade the plan of James Hall to require that vessels bear a load line marking indicating when they were overloaded, hence ensuring the safety of crew and cargo. His violent speeches aroused the House of Commons; his book, Our Seamen, shocked the people at large into clamorous indignation. His book also earned him the hatred of many shipowners who set in train a series of legal battles against Plimsoll. Through this adversity and personal loss, Plimsoll clung doggedly to his facts. He fought to the point of utter exhaustion until finally, in 1876, Parliament was forced to pass the Unseaworthy Ships Bill into law, requiring that vessels bear the load line freeboard marking. It was soon known as the "Plimsoll Mark" and was eventually adopted by all maritime nations of the world.
The risks,issues and solutions for providing a more secure operating and application enviroment have been known for decades. Those who do not already comprehend the issues and are willing to learn, should take some time out to listen to some of the speeches at Dr. Dobbs Journal's Technetcast security archives, starting with Meeting Future Security Challenges by Dr. Blaine Burnam, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA)
The design and implementation of some applications and servers are just too unsafe to use in the "open ocean" of the internet.
Numerous security experts have railed against Microsoft's lack of
security, best summed up by Bruce Schneier Founder and CTO
Counterpane Internet Security, Inc who rightly stated...
Honestly, security experts don't pick on Microsoft because we have some fundamental dislike for the company. Indeed, Microsoft's poor products are one of the reasons we're in business. We pick on them because they've done more to harm Internet security than anyone else, because they repeatedly lie to the public about their products' security, and because they do everything they can to convince people that the problems lie anywhere but inside Microsoft. Microsoft treats security vulnerabilities as public relations problems. Until that changes, expect more of this kind of nonsense from Microsoft and its products. (Note to Gartner: The vulnerabilities will come, a couple of them a week, for years and years...until people stop looking for them. Waiting six months isn't going to make this OS safer.)
However Microsoft's products are not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as any other OS and vendor.
In a recent speech Fixing Network Security by Hacking the Business Climate Bruce Schneier claimed that for change to occur, the software industry must become libel for damages from "unsecure" software, however historically, this has not always been the case, since most businesses can insure against damages and pass the cost along to the consumer.
The Ford Pinto and more recently the Ford Explorer's tires are two examples of public and media pressure being more successful than just threat of lawsuits. Even so, eventually though public pressure the governments around the world have to step in and pass regulations that set up a minimum set of requirements an automobile has to meet to be deemed "road worthy". This includes crash testing as well as the inclusion of safety equipment on all models. The requirement are not constant and change to meet the expectations and demands of the public and lawmakers.
The onus is not only on the automotive industry itself but also on the users. Most countries require that all automobiles undergo regular inspection and maintain an up to date "Warrant of Fitness".
In the same way, if you want a secure IT infrastructure, eventually the software design, implementation and each deployment will have to undergo the same type of regulation and scrutiny.
OSDN/Slashdot being paid for feeding traffic?
on
The Almighty Buck
·
· Score: 2
Why the high proportion of stories linking to the New York Times website?
Very few linux or open source advocates boast that Linux based solutions are the best 100% of the time, however that does not mean that a Linux/Open source based solution CAN NEVER provide a substitute in the same application domain.
The kind of argument you present is nothing more than a blatent attempt to limit the domain were Linux is "acceptable" to use.
For medium to large organizations, Linux with KDE and/or GNOME is an execelent option in terms of Total Cost Of Ownership. The technology is certainly not the limiting factor.
Exactly when did PC based Desktop systems become the 'sacrosanct' sole domain of Microsoft?
72. Other hardware manufacturers have demonstrated similar fear of being seen as promoting Linux on the desktop, even as they embrace Linux in areas in which Microsoft does not compete. For example, in January of this year, I participated in a meeting in which Red Hat, IBM and Intel each gave presentations aimed at convincing news organization that, working together, we could deliver a Linux-based platform to which company could profitably port its popular financial services software. During Intel's pitch, however, the Intel representative projected a bizarre slide onto the screen it was the word desktop, with a red circle around it and a slash drawn through it.
73. The slide was bizarre for at least two reasons first, we were all there to convince news organization of the virtues of Linux; and second, we were pitching the company on Linux servers. The desktop remark was not only embarrassing, it was wholly gratuitous. Intel had gone to lengths to make clear to all that it had no interest whatsoever in supporting Linux on the desktop, a point that was irrelevant at best, and counterproductive at worst, while trying to close a major business deal. The slide appeared to be a
necessary component of their presentation about Linux; a protective shield if questioned about the relationship.
74. These incidents are particularly informative when one considers that Dell and Intel are multibillion-dollar companies and leaders in their industry. Such giants nevertheless appear to operate with a sensitivity to the possible Microsoft reaction. It is a problem that I have seen throughout the industry and with many customers. It is one that will prevent the preinstallation of Red Hat Linux on desktop computers a critical step in one day restoring the potential for real competition in the operating system market.
So the question arises, is you line of argument just another attempt to limit the domain of open source?
Actually a lot of people writing the software are employed to
provide software based solutions. Open source development and free
( GPL/LGPL ) licensing provide a very productive way of encoraging
participation in collaborative development. It can provide better
solutions to the use of proprietary close source packages.
90% of programmers don't work on creating shrink wrap software but on customising solutions for clients.
From a personal perspective it is far more intellectually
rewarding to the joint developer/user. You really can know
exactly how the damm thing works and you can in most cases fix or
adapt it to your own, your client or your employers needs. Do you
wish to live and work in an enviroment where every damm box has
the lable "No Serviceable Components Inside"?
As for free GPL/LGPL licensing; the reality of the current
employment market is that jobs come and go - BUT, you can take the
knowledge you have gain though developing and adapting free
licensed software and approach other users of that software for
either employment or as clients. You DONT have to "start from
scratch" with each job.
If you are a programmer, in the long run, the open source
free licensed software model makes it easier for you to remain
employed. Unless, that is, your sole career plan consists of being
employed by Microsoft.
Another question, how many of those programmers expect to use the
open source they contibute at their current and future places of
employment?
Dr. Blaine Burnham, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA), gives an keynote speech overview of current encryption and security technologies and outlines possible strategies for future defense.
Also you might wish to address the issue of Microsoft's disproportionately high number of open vulnerabilities in its Internet Explorer components. All of which where discovered without access to the source code.
Richard Purcell, Microsoft's director of corporate privacy, has recently stated that any major improvement in regard to the security of it's products may be at least "5, 10 years, maybe".
In fact, SuSE representatives confirmed that both the SuSE Personal and SuSE Professional releases would remain intact and would not fall under the UnitedLinux umbrella.
Speaking with Holger Dyroff, SuSE's U.S. Director of Sales, after the conference call, it was learned that while SuSE Personal and Professional would remain sepeate from UnitedLinux, because of SuSE's role as systems integrator of UnitedLinux's codebase, much of the same functionality in UnitedLinux would find its way back to SuSE's retail line-up. Dyroff speculated that the same would be true for Conectiva's retail offerings as well.
You can't issue a memo on Jan. 18 and, within two weeks or even two months, have introduced your entire product line that's consistent with that. Trustworthy computing, as I try to emphasize, is about process change, so that products can then be delivered as a result. And it's a very long-term vision -- 5, 10 years, maybe
Is it really going to be another 5 to 10 years before Microsoft's
products security becomes "Trustworthy"?
Also are you the same Alan
Solomon (Dr Solomon) interviewed in
UK's PC PRO Sep 2000?
"In the internet enabled age that's no
longer possible and solutions have to be instant, leaving little
time for testing the anti-virus code. That's why... I don't use
AV software -I havent for some years. My personal experience
to what can only be viewed as untested software is 'thanks but
no thanks.'"
The "Red Flag Law" which only allowed the car to travel 4 miles an hour on country roads and no more than 2 miles an hour in the city slowed travel. Also a man had to warn the approach of the car, by having a signal man walk ahead of the vehicle to signal its coming by swinging a red flag by day and a red lantern at night. This practice hindered the growth and development of the automobile further in England for at least 30 years.
So mayby this time we can learn from history, the CBDTPA,DMCA and ilk legisilation should be raising a few "red flags" before they can do as much damage.
With apologies to Dr "Suse", to the tune of "Green Eggs and Ham".
Linux can. Linux can.Use Linux
That Linux can! That Linux can! I do not like that Linux can!
Do you like open sourcing plan?
I do not like that Linux can. I do not like the open sourcing plan.
Would you like to free source share?
I would not like to free source share. I would not like it anywhere. I do not like open sourcing plan. I do not like that Linux can.
Would you like it very stable? Would you like it to enable?
I do not like it very stable. I do not like it to enable. I do not like to free source share. I do not like it anywhere. I do not like the open sourcing plan. I do not like that Linux can.
Would you use it in a X-Box? Would you use it if it ROCKS?
Not on X-box. Not if it rocks. Not if very stable. Not to enable. I would not let them free source share. I would not let them anywhere. I would not allow open sourcing plan. I do not like that Linux can.
Would you? Could you? In your biz? Use it! Use it! Here it is.
I would not, could not, in our biz.
You may like it. You will see. You may like it if it's free!
I would not, could not if it's free. Not in our biz! It should never be!
I do not like it on the X-box. I do not like it that it rocks. I do not like it amongst our biz. I do not like it that it is. I do not like they free source share. I do not like that anywhere. I do not like that Linux can. I do not like you Linux man!
service! service! service! service! Could you, would you, as a service?
Not as a service! Not if it's free! Not in my biz! Man! Let not it be! I would not, could not, on a X-box. I could not, would not, if it rocks. I will not use it if its stable. I will not use it even to enable. I will not let them free source share. I will not let them anywhere. I do not like open sourcing plan. I do not like that Linux can.
Say! if in copyleft? always free copyleft! Would you, could you, copyleft?
I would not, could not, in copyleft.
Would you, could you, why so nervous?
I would not, could not, I'm NOT nervous. Not as copyleft. Not as a service. Not in my biz. Not if it's free. I do not like that it can, you see. Not if it's stable. Not on X-box. Not to enable. Not if it rocks. I will not let them free source share. I do not like it anywhere!
You do not like open sourcing plan?
I do not like that Linux can.
Could you, would you use what we wrote?
I would not, could not, use what you wrote!
Would you, could you, to avoid your bloat?
I could not, would not, avoid bloat. I will not, will not, use what you wrote. I will not compete with them as a service. I will not because it makes us nervous. Not in our biz! Not if it's free! Not if it is! You let me be! I do not like it on the X-Box. I do not like it that it Rocks. I will not use it if it's stable. I do not like that it does enable. I do not like they free source share. I do not like it ANYWHERE
I do not like open sourcing plan!I do not like that, Linux can.
You do not like it. So you say. Try it! Try it! And you may. Try it and you may, I say.
Man! If you will let me be, I will try it. You will see.
Say! I like open sourcing plan! I do! I like that, Linux can! And I would use it because it's stable. And I could use it to enable...
And I could charge for providing a service. And I could copyleft without being nervous. And in my biz. And still source free. For you can still charge for a service fee!
So I will use it on the networked X-box. And I will promote it because it ROCKS. And I will use it because it's stable. And I will use it to enable.
And I will use it here and there.
Say! I can use it ANYWHERE!
I do so like open sourcing plan! Thank you! Thank you, Linux man!
By The Cat with the RedHat
How about an open source designed mining robot?
on
Open Source... Mining?
·
· Score: 3, Interesting
I have been trialing GCC 3.1 and the C++ compilation is a major improvement over past version of GCC. Being C based the GNOME 1.4 and GNOME 2 libraries and most applications compiles and runs without too much hassle. However
KDE 3.0.1 is somewhat more problematic, even when neither debugging support nor strict syntax checking is enabled..
This is not the fault of either the KDE or GCC developers. KDE was coded to support the "older" C++ style of pre GCC 2.9x and Microsoft's compilers and the GCC Team is following the new
C99 &
ISO 14882 C++ standards.
After kludgeing around the defects in the older GCC C++ template and library implementations, GCC 3.1 C++ is real joy to use. It makes it possible to
program C++ in a completely new styles, that IMO can be far more productive.
It is difficult layering one type of programing style over another, the older C++ style libraries certainly make Windows programing a pain.
Would it not be better to wait for the KDE team to port KDE to a pure GCC 3.1/ISO 14882 style?
At the very least the debugging support is required for
GCC's Profile Driven Optimizations which can greatly improve application performance.
GNOME 2.0 is due for release soon enough, at the very least the GNOME libraries and core should also be included at a United Linux "main component".
A basic rule of cryptography is to use published, public, algorithms and protocols. This principle was first stated in 1883 by Auguste Kerckhoffs: in a well-designed cryptographic system, only the key needs to be secret; there should be no secrecy in the algorithm. Modern cryptographers have embraced this principle, calling anything else "security by obscurity." Any system that tries to keep its algorithms secret for security reasons is quickly dismissed by the community, and referred to as "snake oil" or even worse. This is true for cryptography, but the general relationship between secrecy and security is more complicated than Kerckhoffs' Principle indicates....
Microsoft's position on GPL and LGPL licensing is even less sustainable after Microsoft's announcement that the next release of its Services For Unix (SFU) tool kit will be including Interix,
which includes a copy of the GPL licensed GNU GCC compiler toolset.
Microsoft's new trend of denying access to the GPL and LGPL license has the the potential for more damage to Microsoft customers than just the ability to use SAMBA servers.
To compile and distribute A CD-ROM containing a selection of high quality open source software for use on proprietary operating systems.
How viable will Microsoft's OSs be as host platform for theOpenCD,if Microsoft continue to restrict access to any GPL or LGPL product that provides any competition to Microsoft's own products?
The advocates for Microsoft's position in this thread are completely ignoring the actual question.
How can Microsoft use GPL licensed products, such as GNU GCC, for the express purpose of 'interoperating' with Unix and Linux systems and
at the same time deny everybody else the right to use GPL licensed products to interoperate with Microsoft's own products?
Note the second half of the question.
as for anthony_dipierro's comments.
If it was, then it would be immoral for RMS to use copyright against copyright.
Anthony, can you please explain exactly how the GPL license uses copyright against copyright?
... but the fact that they use GPLed products legally doesn't change that one way or the other.
The inclusion of GPL license code in Interix and SFU 3.0 runs counter to the rational Microsoft uses for the GPL and LGPL exclusion clauses in Microsoft's license agreements. Without such an "excuse", how can Microsoft deny everybody else the right to use GPL licensed products to interoperate with Microsoft's own products?
Once a "consortium", corporation or even an individual gains a dominant position in the marketplace, they are required not to abuse their dominant position to control or eliminate the competition.
They own the copyright to their products, so they make the rules.
Microsoft has marketed DOS,Win1/2/3.11,Win9X,WinME,Win2k and XP as general purpose operating systems for the use of not only Microsoft's own applications but also third party vendor's applications.
By restricting the class or terms that other vendors can develop competing products under, Microsoft is in serious breach of the entire intent of the Sherman Antitrust Act.
As for it being immoral, just look at number of clauses in the act which include the phrase "imprisonment not exceeding three years".
Those clauses are at the discretion of the court for good reason.
Slashdot Mirror
However, the "Every operating system out there is about equal in the number of vulnerabilities reported" statement of Valentine's fails to take into consideration that in most cases Unix, open source and free licensed software has been designed from the outset with at least the issue of security in mind.. Whereas, some Microsoft systems such as their embedded scripting systems have not.
The result is that is far easier to exploit an easy, scriptable vulnerability in a Microsoft system, that has no patch for months, than to exploit a difficult, binary hole in a LInux/BSD system that has a patch within days.
... could do.
That allow Silent delivery and installation of an executable on a target computer,Arbitrary local file/folder deletion,Arbitrary local file reading,HTTPS spoofing - man-in-the-middle attacks,Elevating privileges, running script in the My Computer zone,stack and heap based buffer overflows, Denial Of Service, Overriding filetype handlers on local files,Reading cookies,Detect if a local file exists and read its size/date,Automatically opening IE + Executing attachment,Cross Site Scripting through non-HTTP ports.
Even with full access to the Mozilla source code, over the same time duration, only one single similar vulnerability was discovered in Mozilla. The fix was in the CVS source code within hours of the notifcation and new Mozilla binaries were avaliable within FOUR WORKING DAYS - Not MONTHS in the case of Microsoft's "Trustworthy" efforts.
Despite your major efforts at rationalization, Perl6 looks to be just as, if not more complex than Perl5 when it comes to the human readers interpretation of the meaning of the combinations of punctuation marks, brackets, etc in Perl6 source code.
Why not just be done with the concept of multi-punctuation operators and just map the each of the operators into one of the many single Unicode characters available. Imagine the money the Perl institute could make from the sale of keyboards.
The risks,issues and solutions for providing a more secure operating and application enviroment have been known for decades. Those who do not already comprehend the issues and are willing to learn, should take some time out to listen to some of the speeches at Dr. Dobbs Journal's Technetcast security archives, starting with Meeting Future Security Challenges by Dr. Blaine Burnam, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA)
The design and implementation of some applications and servers are just too unsafe to use in the "open ocean" of the internet.
Numerous security experts have railed against Microsoft's lack of security, best summed up by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc who rightly stated ...
However Microsoft's products are not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as any other OS and vendor.
In a recent speech Fixing Network Security by Hacking the Business Climate Bruce Schneier claimed that for change to occur, the software industry must become libel for damages from "unsecure" software, however historically, this has not always been the case, since most businesses can insure against damages and pass the cost along to the consumer.
The Ford Pinto and more recently the Ford Explorer's tires are two examples of public and media pressure being more successful than just threat of lawsuits. Even so, eventually though public pressure the governments around the world have to step in and pass regulations that set up a minimum set of requirements an automobile has to meet to be deemed "road worthy". This includes crash testing as well as the inclusion of safety equipment on all models. The requirement are not constant and change to meet the expectations and demands of the public and lawmakers.
The onus is not only on the automotive industry itself but also on the users. Most countries require that all automobiles undergo regular inspection and maintain an up to date "Warrant of Fitness".
In the same way, if you want a secure IT infrastructure, eventually the software design, implementation and each deployment will have to undergo the same type of regulation and scrutiny.
Why the high proportion of stories linking to the New York Times website?
The kind of argument you present is nothing more than a blatent attempt to limit the domain were Linux is "acceptable" to use.
For medium to large organizations, Linux with KDE and/or GNOME is an execelent option in terms of Total Cost Of Ownership. The technology is certainly not the limiting factor.
Exactly when did PC based Desktop systems become the 'sacrosanct' sole domain of Microsoft?
Consider Michael Tiemann's testimony...
NAAG Homepage ; Microsoft Antitrust Case Documents ; Witness Direct Testimony Submitted to the Court ; Mar. 21, 2002, Michael Tiemann, Chief Technology Officer, Red Hat, Inc.
So the question arises, is you line of argument just another attempt to limit the domain of open source?
Actually a lot of people writing the software are employed to provide software based solutions. Open source development and free ( GPL/LGPL ) licensing provide a very productive way of encoraging participation in collaborative development. It can provide better solutions to the use of proprietary close source packages.
See Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers!
90% of programmers don't work on creating shrink wrap software but on customising solutions for clients.
From a personal perspective it is far more intellectually rewarding to the joint developer/user. You really can know exactly how the damm thing works and you can in most cases fix or adapt it to your own, your client or your employers needs. Do you wish to live and work in an enviroment where every damm box has the lable "No Serviceable Components Inside"?
As for free GPL/LGPL licensing; the reality of the current employment market is that jobs come and go - BUT, you can take the knowledge you have gain though developing and adapting free licensed software and approach other users of that software for either employment or as clients. You DONT have to "start from scratch" with each job.
If you are a programmer, in the long run, the open source free licensed software model makes it easier for you to remain employed. Unless, that is, your sole career plan consists of being employed by Microsoft.
Another question, how many of those programmers expect to use the open source they contibute at their current and future places of employment?
I wonder if he took into account the difference between remotely exploitable and locally explotable vulnerability?
I also wonder if he took into consideration the Window of Exposure between the discovery of the vulnerability and the release of the patch?
See Closing the Window of Exposure by Bruce Schneier , the security section of David Wheeler's "Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers! and also again visit the disproportionately high number of open vulnerabilities in its Internet Explorer.
Subject: "Opening the Open Source Debate"
Date: 31 May 2002 15:45:59 +1200
Some references you might wish to consider before publishing your article "Opening the Open Source Debate"
http://www.businesswire.com/cgi-bin/f_headline.cgi ?bw.053002/221502375
Bruce Schneier, one of the recognized leading expert on computer security on Kerckhoffs' Principle and Secrecy, Security, and Obscurity of software.
http://www.counterpane.com/crypto-gram-0205.html#1
Dr. Blaine Burnham, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA), gives an keynote speech overview of current encryption and security technologies and outlines possible strategies for future defense.
http://technetcast.ddj.com/tnc_play_stream.html?st ream_id=411
Also you might wish to address the issue of Microsoft's disproportionately high number of open vulnerabilities in its Internet Explorer components. All of which where discovered without access to the source code.
http://jscript.dk/unpatched/
Richard Purcell, Microsoft's director of corporate privacy, has recently stated that any major improvement in regard to the security of it's products may be at least "5, 10 years, maybe".
http://www.businessweek.com/technology/content/may 2002/tc20020523_6029.htm
As for the issue of Trojan horse injection into open source code, it is far from being an open source only issue.
http://www.eeggs.com/
Or were all the "Easter Eggs" currently found in Microsoft's products officially authorized?
If you are looking for a methodology for providing a suitably secure and hardened solution, start with a real world example.
http://www.openbsd.org/security.html
I welcome any open debate.
The Cat with the RedHat says : if Microsoft does not learn from this "story", other will reap clients from them, gladly.
To Quote Richard Purcell, Microsoft's director of corporate privacy
Is it really going to be another 5 to 10 years before Microsoft's products security becomes "Trustworthy"?
How come Linux, Free Software and Open Source advocates can provide answers to the "difficult" questions but Microsoft's advocates CANNOT?
Also are you the same Alan Solomon (Dr Solomon) interviewed in UK's PC PRO Sep 2000?
So mayby this time we can learn from history, the CBDTPA,DMCA and ilk legisilation should be raising a few "red flags" before they can do as much damage.
Yes it's original and please Consider it as public domain, adapt and redistribute at will. Attribute to "NZheretic" if you wish.
Linux can. Linux can .Use Linux
That Linux can! That Linux can! I do not like that Linux can!
Do you like open sourcing plan?
I do not like that Linux can. I do not like the open sourcing plan.
Would you like to free source share?
I would not like to free source share. I would not like it anywhere. I do not like open sourcing plan. I do not like that Linux can.
Would you like it very stable? Would you like it to enable?
I do not like it very stable. I do not like it to enable. I do not like to free source share. I do not like it anywhere. I do not like the open sourcing plan. I do not like that Linux can.
Would you use it in a X-Box? Would you use it if it ROCKS?
Not on X-box. Not if it rocks. Not if very stable. Not to enable. I would not let them free source share. I would not let them anywhere. I would not allow open sourcing plan. I do not like that Linux can.
Would you? Could you? In your biz? Use it! Use it! Here it is.
I would not, could not, in our biz.
You may like it. You will see. You may like it if it's free!
I would not, could not if it's free. Not in our biz! It should never be!
I do not like it on the X-box. I do not like it that it rocks. I do not like it amongst our biz. I do not like it that it is. I do not like they free source share. I do not like that anywhere. I do not like that Linux can. I do not like you Linux man!
service! service! service! service! Could you, would you, as a service?
Not as a service! Not if it's free! Not in my biz! Man! Let not it be! I would not, could not, on a X-box. I could not, would not, if it rocks. I will not use it if its stable. I will not use it even to enable. I will not let them free source share. I will not let them anywhere. I do not like open sourcing plan. I do not like that Linux can.
Say! if in copyleft? always free copyleft! Would you, could you, copyleft?
I would not, could not, in copyleft.
Would you, could you, why so nervous?
I would not, could not, I'm NOT nervous. Not as copyleft. Not as a service. Not in my biz. Not if it's free. I do not like that it can, you see. Not if it's stable. Not on X-box. Not to enable. Not if it rocks. I will not let them free source share. I do not like it anywhere!
You do not like open sourcing plan?
I do not like that Linux can.
Could you, would you use what we wrote?
I would not, could not, use what you wrote!
Would you, could you, to avoid your bloat?
I could not, would not, avoid bloat. I will not, will not, use what you wrote. I will not compete with them as a service. I will not because it makes us nervous. Not in our biz! Not if it's free! Not if it is! You let me be! I do not like it on the X-Box. I do not like it that it Rocks. I will not use it if it's stable. I do not like that it does enable. I do not like they free source share. I do not like it ANYWHERE I do not like open sourcing plan!I do not like that, Linux can.
You do not like it. So you say. Try it! Try it! And you may. Try it and you may, I say.
Man! If you will let me be, I will try it. You will see.
Say! I like open sourcing plan! I do! I like that, Linux can! And I would use it because it's stable. And I could use it to enable...
And I could charge for providing a service. And I could copyleft without being nervous. And in my biz. And still source free. For you can still charge for a service fee!
So I will use it on the networked X-box. And I will promote it because it ROCKS. And I will use it because it's stable. And I will use it to enable.
And I will use it here and there. Say! I can use it ANYWHERE!
I do so like open sourcing plan! Thank you! Thank you, Linux man!
By The Cat with the RedHat
For either deep sea or deep space based search, mine and recovery?
I have been trialing GCC 3.1 and the C++ compilation is a major improvement over past version of GCC. Being C based the GNOME 1.4 and GNOME 2 libraries and most applications compiles and runs without too much hassle. However KDE 3.0.1 is somewhat more problematic, even when neither debugging support nor strict syntax checking is enabled..
This is not the fault of either the KDE or GCC developers. KDE was coded to support the "older" C++ style of pre GCC 2.9x and Microsoft's compilers and the GCC Team is following the new C99 & ISO 14882 C++ standards.
After kludgeing around the defects in the older GCC C++ template and library implementations, GCC 3.1 C++ is real joy to use. It makes it possible to program C++ in a completely new styles, that IMO can be far more productive.
It is difficult layering one type of programing style over another, the older C++ style libraries certainly make Windows programing a pain.
Would it not be better to wait for the KDE team to port KDE to a pure GCC 3.1/ISO 14882 style?
At the very least the debugging support is required for GCC's Profile Driven Optimizations which can greatly improve application performance.
GNOME 2.0 is due for release soon enough, at the very least the GNOME libraries and core should also be included at a United Linux "main component".
20 May 2002: There are currently 13 unpatched vulnerabilities in Microsoft's Internet Explorer. The lack of source code access provides no real defense.
See the latest issue of Bruce Schneier's Crypto-gram Newsletter
Microsoft's position on GPL and LGPL licensing is even less sustainable after Microsoft's announcement that the next release of its Services For Unix (SFU) tool kit will be including Interix, which includes a copy of the GPL licensed GNU GCC compiler toolset.
Microsoft's new trend of denying access to the GPL and LGPL license has the the potential for more damage to Microsoft customers than just the ability to use SAMBA servers.
A new project The Open CD project, has the mission statement
To compile and distribute A CD-ROM containing a selection of high quality open source software for use on proprietary operating systems.
How viable will Microsoft's OSs be as host platform for theOpenCD,if Microsoft continue to restrict access to any GPL or LGPL product that provides any competition to Microsoft's own products?
Microsoft is effectively denying its users of Microsoft OSs access to competing products, which as I pointed out in the ask.slashdot forum, puts Microsoft in serous problems with the Antitrust laws.
Note the second half of the question.
as for anthony_dipierro's comments.
Anthony, can you please explain exactly how the GPL license uses copyright against copyright? Actual, IMO it does. As I have pointed out, Microsoft's exclusionary practices are in breach of the intent of the US Antitrust laws and the EU Commerce Commision are concerned over Microsoft's policy of discriminatory and selective disclosure on the basis of a "friend-enemy" scheme. Microsoft need to present very valid arguments to excuse their exclusionary practices.The inclusion of GPL license code in Interix and SFU 3.0 runs counter to the rational Microsoft uses for the GPL and LGPL exclusion clauses in Microsoft's license agreements. Without such an "excuse", how can Microsoft deny everybody else the right to use GPL licensed products to interoperate with Microsoft's own products?
Well actually there is such a requirement and in the USA, its called the Sherman Antitrust Act.
Once a "consortium", corporation or even an individual gains a dominant position in the marketplace, they are required not to abuse their dominant position to control or eliminate the competition.
Microsoft has marketed DOS,Win1/2/3.11,Win9X,WinME,Win2k and XP as general purpose operating systems for the use of not only Microsoft's own applications but also third party vendor's applications.
By restricting the class or terms that other vendors can develop competing products under, Microsoft is in serious breach of the entire intent of the Sherman Antitrust Act.
As for it being immoral, just look at number of clauses in the act which include the phrase "imprisonment not exceeding three years". Those clauses are at the discretion of the court for good reason.