[The learning curve after switching to another OS is] the main barrier for business acceptance of Linux.
I'd have to disagree. If that were the case, then we'd see the same reluctance by business for switching from MacOS to Windows or from UNIX to Windows. You'd also see a similar reluctance for a change which affects the UI (requires retraining) but does not affect the underlying operating system, such as a change from VUE to CDE, or from Windows 3.1 (DOS) to Windows 95.
But I have seen all of the above happen, and happen without reluctance (by the administration, that is), and in some cases happen routinely.
But the change (in a business setting, at least) is always in the direction of whatever platform or OS is already entrenched in the IS organization. This is less true in academic settings (for example) where individual freedom is more highly respected, or where the IS organization exercises less than dictatorial control over which platform(s) will be supported.
...anytime my girlfriend drags me to the "natural foods" store there's always a large amount of suv's and other gas guzzlers in the parking lot.
That's because she's dragging you to a store for people who want to look like (maybe "feel like" would be more appropriate) they are concerned about the environment, health concious, etc. (Or, if you prefer: "tree-hugging-commie-liberal-pussies")
Look in the phone book under "Food Co-Op's" and you'll find a "natural foods" store where the food is real, where the slick suited marketers fear to venture, where the prices are half, and where the closeest thing to an SUV in the parking lot is the '79 International Harvester Scout which looks like it's been to Peru and back primarily because it has.
What was that? You want I should get back on topic? Well, alright...
So much of the "business world" which Linux is accused of being unable to conquor is focused on selling. But, like in the Co-Op story above, there is much of this world where the act of "selling" is an unwanted intrusion. I'd list things like email (as opposed to SPAM), Christmas (as opposed to Christmas Shopping) as among that set. Linux was released to the free software movement because, acording it Linus, he didn't care about "selling" anyone on Linux.
To anyone trying in the business of selling, the whole concept of trying to sell free software is as much an enigma as trying to conceptualize the "weight" of the color blue.
So much of the world makes it's choice of what to buy based on what it is sold. I'm guilty. Business know this, and focus a great deal of effort on convincing people to buy what they otherwise wouldn't. That's what marketers do.
The fact that Linux isn't marketed, (at least not very well) is one of the reasons I use it. When I'm using my computer, I want to select the tool based on what's going to work best for me, not on what's going to be most profitable for some software development company. In some cases, I'd go so far as to say that the act of marketing a product should be read as an admission that the product is inferior. In any case, it's a sign of a company spending less money on development than they could have (or charging more for the product than they have to) to cover the marketing costs.
<obligatory anti-M$ rant>
It's also why I get concerned about the Microsoft Monopoly. Here we have a case where not only is the company marketing their wares to me, (through all the traditional, and in some cases illegal, marketing techniques) they're using their operating system to market their wares to me (through network effects, proprietary file formats, and bundling).
</obligatory anti-M$ rant>
To anyone who is using Linux because it's "cool", your presence is welcome; feel free to stick around for as long as you remain interested. And when you choose to move on to some other "cool" thing, you'll be missed, but your departure won't be unexpected. There are others of us who use Linux because we can, or maybe because we can't help ourselves. We will still be here using and developing Linux, in spite of what the glossy magazines say. And it's this core which Microsoft (rightly, IMHO) brands as a cancer which will (long term eventually) destroy the software (sales) industry.
Both Steve Balmer and Richard Stallman understand this; they see eye-to-eye from different sides of the window.
I'm just saying I would not be surprised if XP was better than Linux in alot of aspects for embedded systems, since MS has focused alot more effort towards it.
I can't say I agree with this, can't offer any evidence to confirm or deny it, but for the sake of this argument I'll presume it to be true.
It's unusual for any corporation to "stumble about in the dark" when approaching any development such as Microsoft would have to do to create a product like an embeddable XP. I would expect Microsoft to be as good or better than most at doing this.
But in order to achieve such a goal, Microsoft would first have to set that goal as their target. That realization leads me to question what goal Microsoft set out to accomplish with an embeddable WindowsXP, even before I ask how well they performed in achieving this goal.
Whatever goal they selected, you can rest assured it is Microsoft's goal; and this was part-and-parcel of Lineo's response.
When you develop an embedded solution using a Microsoft (or some other corporation's) preformed solution, part of your development expense, part of your efficiency cost, will be spent to achieve Microsoft's (or whatever other company's) goals, and to an extent proportional to usage of their preformed solution. You can avoid this cost entirely by using no one's development kit (doing it all by yourself) or you can incurr as much as (but no more than) you need by using a Linux-based embedded package. But if you choose to use Microsoft's embedded XP solution, you get the whole ball of wax (and incur all of the associated cost) regardless of how small a portion of that you actually need.
The efforts that Microsoft has focused on this have been focused only on providing what they thought was most important. There was, I'd imagine, a concious effort to avoid stumbling around outside of the scope. This is good news for you if the embedded product you're developing is neatly in line with what Microsoft has produced, (but you'd better watch out: it would seem Microsoft is in a better position to produce this device that you are yourself) but means that the Microsoft solution will be sub-optimul if you're trying to stray far from what Microsoft considers relevant and important.
But that's why your building an embedded product in the first place, no?
Alternately, there are plenty of Linux developers stumbling around in the dark (no offense intended) outside the mainstream of where Microsoft thinks things are headed. Heck, some of us are here because Microsoft thinks it's outside the mainstream. If you're using a Linux-based solution, you're much more likely to run into some embedded zealot who's already solved your problem, itching to actually be paid to work on the stuff he's already developing, or willing to give you his full attention.
You won't get that from Microsoft, not because they do want to, but because they're not in that business.
Do you want to strike fear into the heart of the MPAA? How about this strategy:
Buy the protected CD.
Open it, pop it into your computer.
Then, when it doesn't play,
return the computer.
I'm willing to bet the RIAA has already forcast how much "bad disk" returns are going to cost them; I'll also wager they neglected to consider the costs of a class action lawsuit from every CD-ROM manufacturer and computer maker who loses business because the computer purchaser was expecting it to be able to play CD's.
They may have just stabbed an ally in the back. It will be interesting to see how they back this one out...
Should I even bother pointing out to you (and the 10,000 other clueless commontators) that the disk will be labeled as copy protected?
On the other hand, I'll predict that one of the unintended side effects of this will be to make Joe Public less trustful of high technology. I can imagine comments like "Do you remember the good old days when you just bought a CD, popped it into the player and listened to music? Nowadays you have to check the 'compatible model' list and make sure your BIOS is up to date, and agree to the Listening EULA..." Strangely, the music industry has taken the lessons of the computer industry to heart. How long before we see "Tech Support: Audio CD's" as a job classification on Monster.com?
This could work out great for the music industry; imagine if you had to buy three different $500 CD systems for your Stereo Component system; one to play CD's from each of the three major labels? Of course, with each years new format, you'd have to keep upgrading your player to handle the new content protection format, which gives them a chance to sell you all of the CD's you bought last year again in the new format for the new player.
And, as people become less trusting of the technology, and sales continue to fall off, the music industry can cite this as a sure sign than piracy has taken over the industry.
I've tried to keep an open mind, and I used to accept this stuff from the RIAA (et. al.) as long as it was clearly labeled, but now I'm not so sure which team to side with. This affects more than just copyrighted music, more than just the music industry. Neither the music industry nor the MP3 pirates will be losing much under this new program; the losers will be the technologically illiterate; the precise market where the music industry is expecting to garner the lion's share of their profits.
That's always been my rule to identify a company that's gotten too big; when they stop growing at the expense of their competition, and start growing at the expense of their customers.
This is one of the few cases where I'm actually glad to be half-deaf.
Re:XP? Wouldn't Linux be just as easy?
on
al Qaeda Hacks XP?
·
· Score: 2, Insightful
wouldn't it be just as easy to plant "trojans, trapdoors, and bugs" in Linux?"
Probably not into the kernel itself, as changes there are carefully thought-out. Think of the kernel as the crown jewels. But then again you wouldn't need to get it into the kernel.
As you move a proposed exploit away from the kernel and into more remote areas, you both increase your chances of being able to slip an exploit past the code owners, and reduce the number of people likely to deploy it. Reducing this to absurdium, you could create a full root exploit and "get it past the code owners" with 100% probability by starting your own project. But then again, you'd likely only wind up exploiting your own machine.
Heck, if you managed to get an exploit into a certain incremental release of the kernel (2.3.14, for example) you'd still only get a fraction of the Linux users (not everyone downloads and applies each new kernel release) and once the exploit was discovered and publicized, it would likely be patched out of existence much quicker than it's Windows counterpart.
Then there's the whole "many eyes" problem. In a closed source situation, you can assess exactly who the code reviewer will be, what their weaknesses (and concerns) are likely to be, and hide in those shadows (or avoid sensitive areas.) You also have the benefit of knowing the exact compiler which will be used, what the compile environment and options will be, what test cases will be run, etc. In an open source setting, any proposed patch is likely to generate a hundred complaints about what it breaks (or slows down) from a hundred different people you never even knew were using that code compiling it on a hundred different compilers (some of which were written by their users) and porting it to a hundred (well, maybe ten) different hardware platforms. And that's even if you aren't trying to slip in a trojan. And fully half of those people will know more about that particular software than you do.
it's unlikely that anything like that would be able to get through.
Agreed. That would not be the vector. Too difficult, and too risky.
Instead, an insider would identify likely targets (network stack, email integration, etc) and search for pre-existing vulnerabilities. Access to the internal problem reporting system would be very helpful in this. It would not only allow such an insider to locate exploitable code quickly, but also to easily assess the impact, size of the penetratable installed base, and probability that the exploit will soon be patched.
It's the same problem open source projects face; as predicted, closing the source only make it a little harder to find the problems and a lot harder to fix them.
The main difference (open vs. closed source) lies in the fix process. For a commercial company to provide a fix, it must go through the same rigorous (if any) peer reviews and packaging that the original release faced (otherwise the patches can become the exploit vector). This also makes it easier for an insider to decide which exploits are not going to get fixed (generally all priority 1's will be fixed before any but the incidental priority 2's) and which systems are still vulnerable (patch_level<=17) whereas in open source, vulnerabilities are fixed according to the designer's pride (unaffected by budgetary cycles) and patched on various systems at various different times.
Integrating everything together reduces the technical support headache for Microsoft. If it reduces the time for a tech support call, that's money saved, either for Microsoft for warranty support or the user if he or she is buying by-the-incident support services, or for the IT department if it provides its own support. Fewer variables.
Either he doesn't get it, or I dont. If it's me, somebody please set me straight.
The vast majority of Windows licenses are sold to OEM's. The OEM versions of Windows defer all warranty support back onto the OEM. It costs Microsoft nothing either way in this respect.
Retail sales of Windows are warranted by Microsoft, but this is a minor component. An argument could be made that better software reduces their tech-support exposure during the warranted period (for some fraction of their customers who would actually ask for tech support), but since it would also sabotage future sales after the warranted period (for the much larger fraction of their customers whom they can be expecting to upgrade) I'd argue this still weighs in favor of releasing poor quality software.
Enterprise sales (to corporate IT departments) actually benefit from "technical support headaches". As anyone who's spent much time in a corporate tech-support setting will tell you, buggy software:
Increases job security for everyone in the support organization, by maintaining visibility (think about the Maytag repairman) and corporate relevance.
Helps the CTO build a large empire, and increase his power base and scope of decision making authority
Helps individual techs justify additional certifications and training expense (resume' building)
And trying to characterize Microsoft's per-incident support charges as some sort of loss-leader just flies over my head. Microsoft is under no obligation to offer this service; they can discontinue it at any time. The fact that they do not is proof of the aggregate value of this service to their organization.
A good designer interested in "fewer variables" will design the machine as a set of discrete components, where problems can be quickly isolated to the unit level, where individual units can be tested in isolation, and replaced with new identical units (to isolate problems at the unit level) or with functionally equivalent units of unique construction and manufacture (to isolate common-mode problems affecting all units of a given design.)
Such a design would, for example, allow a tech to rapidly and cleanly rip out IE and replace it with Netscape to isolate browser problems, like an auto mechanic replacing the master cylinder to diagnose a problem in the brakes.
This is precisely opposite to what Microsoft was accused of doing, and was the focus of the anti-compettitive behavior from the original trial.
Methinks he needs to adjust his views. Microsoft, because they are a profit-oriented corporation, and because of their monopoly status, has no reason to make the software more secure, easier to troubleshoot, easier to maintain, easier to integrate with other products, or easier to replace with a competitors products.
Farming is their optimal strategy: as the incumbent, and posessor of the monopoly, they can define what computing is and garner the profits from known and conquored business much more effectively than they can compete with the Hunters trying to redefine the territory.
Compare this to the goals of free software and open source advocates:
functions exposed (source available)
secure against unauthorized functions (security oriented)
small, tight, clean tools (function specific)
seemless integration between tools (pipes)
which have only been made possible because its development was undertaken outside of the profit-oriented development marketplace.
What monopoly has a balance-sheet incentive for producing a quality product? And what for-profit corporation has any incentive which is not balance-sheet oriented?
If you want my support as the only person not selected, in part, by Microsoft, and representing computer users in this bargain, you'll need to demonstrate a solid understanding of this reality.
In a word, yes.
If you think this is a troll, take this little test...
You have just found out that Your Favorite Operating System, which you run on Your Computer, has a vulnerability which you consider important enough to do something about.
Do you:
Locate and apply the appropriate patches for Your Favorite Operating System, and make whatever other changes are necessary to mitigate the situation.
Learn more about Your Favorite Operating System so that you'll be even better able to assess these threats and prevent vulnerabilities in the future.
Lose interest, and just continue running Your Favorite Operating System, vulnerabilities and all, and go back to reading Slashdot, surfing the web, etc.
Get fed-up, say "This is the last straw!" and abandon Your Favorite Operating System, replacing it (and all of the applications, data files, and procedures which depend upon it) with Some Other Operating System which you may have heard about.
We can all see ourselves or think of others who would react in any (or perhaps all) of the first three ways, all ow which favor the incumbent. I can't think of anyone who would respond similarly to the last, which is the only one which would topple the status quo. With the exception of a few individuals who are charged with setting the strategic computing direction for large organizations, (that is, in a position to dictate what other people will run on their computers) security holes tend to reinforce the market position of the incumbent. And the harder it is to fix, the more time your customers spend with your product (increasing your mindshare) and the less likely it is that the hole will be patched, meaning you'll have another chance in the future to grab their attention again...
So, if you're charged with selecting a strategy to promote your operating system, your obvious tactics are:
Focus your energies on those few people who set the computing direction for major corporations.
(IFF you are the incumbent) Don't worry about security, because as long as you have a majority share of the market any security hole will only increase your mindshare. And mindshare is what it's all about.
Want to know how to apply this to Free Software, Open Source, and Linux?
Code, if you can. (and can do it well)
Document, if you can. (and can do it well)
Report bugs, if you can. (and can do it well)
But most importantly, Use it.
By just using the software, you create a habitat for the evolution of the software. If something works well, praise it. If something sucks, say so. The habitat for evolution is the key to success for both proprietary and free software. The key advantage that free software has over proprietary software lies in:
the ability to try to be all things to all people. Most of these will fail, but the ones that don't will be spot on.
the knowledge that no one is going to get fired or lose their job for producing something that no one wants. That's an incredibly liberating feeling for a software designer.
If Microsoft appears to be getting stronger, it's only because they're retreating back onto their own territory.
I sometimes phone the office, to check my voicemail or talk to the boss. Should I call the phone company and have my personal phone line converted over into a business line?
Today, it's about playing M$ games or not. Big Deal, right?
Someday you'll understand.
It might be on Tax day, when you realize that you can "choose" to pay your taxes on line (for free, and get your return quickly) using Passport, or you can "choose" to pay the filing fee and wait six months for the return, but not use Passport.
It might be on Election Day, when you can "choose" to vote electronically, from your desktop, and for the Incumbent Party using Passport, or you can "choose" to take time off from work, stand in line at the polling place (in the bad neighbor hood, in the rain) and vote anonymously for the party of your choice.
It might be when you take your car in for an oil change, and "choose" to pay with your Passport-linked credit card, knowing full well that the next time you go on-line every pop-up add will tell you about the neat accessories available for your "2004 Dreadnought SUV" (except for tinted windows, 'cause you already got those) or how 'old' a car with 21,294.6 miles is...
Perhaps Graduation day, when you realize that without a Passport, your shcool won't make a transcript available on-line to potential employers. Of course they can still request one by mail, but that may take up to six weeks, and the job offer may not wait that long...
.
That's what 'monopoly' means, really. It means a condition exists under which a choice which you would otherwise have (or expect to have) does not exist.
Monopolies in themselves are not absolutely bad. In some cases they are naturally occuring, in others they are necessary and beneficial.
But in cases where a company (which, by definition, exists only to make a profit for it's shareholders) can leverage a monopoly to their own benefit and in a way which could destroy the checks and balances we've carefully constructed in other areas, there is due cause to be concerned.
And when that company has a history of abusing prior monopoly advantage, the cause for concern is even more justified.
And when that company can exercise "root access" control of the computers we are expecting to be serving us and making decisions which should only consider the costs and benefits to us, and won't allow us to even look at the source code to verify that our personal information isn't being sent against our will, it becomes a critical concern.
.
Did you really think Microsoft would come right out and say "we're doing this to remain profitable, and we don't care how many other business we have to bankrupt to do it?" Of course not. This is just about games. It's always just about games, right up until it isnt.
Would you be willing to buy a DVD player which includes WMP technology, but doesn't say so on the box?
(Heck, you'd probably pay extra for it!)
Closed source is not about profit, it's about control.
So, who "owns" your computer. (or DVD player)
...one could simply make their works public domain...
No, you can't! That's one of the most non-intuitive parts of the DMCA which many peope don't get.
If you create a work (you are the copyright owner) and release it CSS encrypted on a DVD, you lose a portion of your copyright-granted control over that work. Specifically, you can no longer just turn it loose to the public domain because anyone who would want to view, or copy, or derive from your work must buy a CSS license, and must agree to the terms
of that license. And you (as the copyright owner) have no control over what that license allows the purchaser to do.
The CSS license currently says (and the Law backs them up) that you can't make a copy of the work, even if you have otherwise been granted the right to do so by the copyright owner.
So who cares? It's not like a lot of people are creating a lot of copyrighted works in an encrypted format that you have to have a license to decrypt, right?
Think again. How much of your copyrighted material exists in a proprietary file format for which you must purchase a license to decode it?
Got any Word documents? or PowerPoint charts? or FrameMaker documents?
If the courts rule that a proprietary file format "effectively controls access to" the copyrighted material contained within, then programs like Star Office will be as illegal to make or posess as DeCSS is today.
An opinion is as inert as an email message; it takes a willing host to translate the opinion into action.
It is impostant to study the opinions of madmen, if for no other reason than to help us recognise the opinion of a madman when we hear it. To refuse to give action to the opinion of a madman is just and proper, but to refuse to even hear it denigrates ourselves. And besides, how can you even disagree with an opinion before you've heard it?
There are those alive today who still believe that Linus is a madman. History will show us whether we are right or wrong.
[I]magine Mircrosoft owned private school systems.... teaching a Microsoft curriculum...
If programming a computer is equivalent to teaching it, isn't that exactly what any proprietary software vendor aims to do? Imagine a world where any computer running corporate-produced software is at least partially engaged in making the corporation more profitable?
And would that corporation's shareholders demand anything less?
I wonder how long it will take before Bush and crew realize that the collapse in the Tech sector is due, in large part, to geeks being on collective, unorganized strike?
If you've ever watched a Master Craftsman (Norm Abram springs to mind) do his stuff you'll notice the strong preference for lots of specialized tools, some of which might appear to be identical to the untrained eye.
I saw one of the New Yankee Workshop series where he uses no less than 5 drivers with slightly different bits to accomplish a task. With proper bits, I could have accomplished the same thing with just one driver, but changing bits between steps would have added an hour to the project.
This is also why many power users prefer the UNIX-style "large collection of simple tools" (sed, awk, grep, etc) over single do-it-all applications like MSWord (or even Perl) which add unnecessary weight and complexity.
Then again, the "397 Tools In One" Fix-O-Matic (TM) seems to always sell well with the consumer types who are more interested in feeling productive than in being productive.
Another one of those little engineering principles of life...
Any computer, of whatever arbitrary technology or expense, will only allow you to do 80% of what you want it to do.
The other 20% is composed of things you never dreamed were possible until you upgraded to the system under inspection.
It follows the same reasoning that no mater how much disk space you add, you'll always run out within a few months.
In this equation, the people are the constant; the provision of greater resources encourages the demand for even greater resources.
Which is why IT departments that try to decrease cost and increase efficiency by replacing obsolete models with the latest and greatest new ones invariably wind up (to their utter bafflement) increasing cost and decreasing efficiency.
If you hired private security guards for your house, and the FBI showed up with a warrant to search the place, would you expect them to turn away the FBI?
Your argument fails for at least two reasons:
1. You presuppose that I am a US resident, or otherwise
leagally obligated to submit to a lawful search
by the FBI
2. You predictate that the search is warranted.
Should the security guard step out of the way if
I am not a US resident? What if I am, but the
FBI shows up without a warrant?
Both of these two conditions are things which a piece of
anti-viral software has no way of checking; your
solution would have the AV software presume that
the search is justified even in cases where it is not.
(Much better to have the AV software detect Magic
Lantern, report the detection, remove the trojan,
then silently start up its own embedded keystroke
logger. That way, the trojan IS detected and removed,
the system is in exactly the same state it was
in before, yet the keystroke logging is performed
anyway.)
All copyright law changes made in my
lifetime, nearly all copyright law changes ever, have been expansions
of copyright law - if it's a compromise, it's an extraordinarily
one-sided one. (I suppose you could a describe a mugging as a
compromise between the mugger and the little old lady over rights to
her purse.) Copyright law is more accurately described as a compromise
between copyright holders and copyright holders. Other descriptions
are both inaccurate and do a disservice to efforts to reform the laws.
Either I have misunderstood what you have said (most likely) or you have little understanding of the idea behind copyright law.
Copyright law is (in most, some would argue all, cases) the only thing which
prevents you from making a copy of another person's intellectual property.
It presupposes that you accept the concept of "intellectual property" as valid.
Why would you want to accept the concept of intellectual property; the concept that someone else "owns" an idea, and has property rights to it?
You accept it because of the benefit it brings to you to do so. Or at least you do if you're smart.
The idea behind copyright law is that we agree as a society that
the benefit we derive from having Authors and Inventors share their ideas
is worth more than the cost of granting to them a limited
monopoly of control over the use of those works.
If you feel that this deal is no longer working to your benefit, you can agitate for a renegotiation. If we as a society
feel the same way, then we should re-write the terms of that deal.
We should all understand that whenever the terms of this deal
are changed, either to the benefit of the Authors and Inventors, or to the
benefit of the public, these changes will have repercussions.
I agree with you; since the establishment of copyright law in the United States, the terms of this
agreement have consistently been re-adjusted in favor of the Authors and Inventory.
(Or rather, in favor of the publishers. Was that intentional?)
Perhaps there is a need to re-evaluate the terms of this agreement once more.
Perhaps we need a Federal oversight comittee to manage the
national Intellectual Property and Copyright issues for the benefit
of the society in the same manner that the Federal Reserve
system manages the money supply for the general benefit of the society?
That's why I route all of my one-click purchases through
a router in Delaware; it's not me making the purchase,
the computer is making it on my behalf from a state
which would not require me to pay a sales tax if I were
doing it myself.
Kinda like Bush Senior claimimg to be a Resident of Texas
(no state Income tax) for the duration of the 12 years he was
in Washington working in the Oval Office.
The were, for all practical purposes,
"ordinary <sysAdmins>." <Robert Morris, Jr.> was an "ordinary <sysAdmin>." How
do you tell the "ordinary <sysAdmin>" from the "evil <computer hackers>?"
I'm not saying that Federalization is the answer, or even that I'm
opposed to CCPs in general, but <computers> are not the place for <shell scripts>.
<BOFH's> with the <perl>, maybe. But even in the right
hands, <shell scripts> on <computers> are orders of magnitude more
dangerous--for all of us--than they are elsewhere. If "ordinary
<sysAdmins>" have to defend <their runlevels> on <computers>, they can do it with
their <emacs editor>, and the best we can do is make sure that the potential
<crackers> are forced to face them on even terms.
Slashdot Mirror
I'd have to disagree. If that were the case, then we'd see the same reluctance by business for switching from MacOS to Windows or from UNIX to Windows. You'd also see a similar reluctance for a change which affects the UI (requires retraining) but does not affect the underlying operating system, such as a change from VUE to CDE, or from Windows 3.1 (DOS) to Windows 95.
But I have seen all of the above happen, and happen without reluctance (by the administration, that is), and in some cases happen routinely.
But the change (in a business setting, at least) is always in the direction of whatever platform or OS is already entrenched in the IS organization. This is less true in academic settings (for example) where individual freedom is more highly respected, or where the IS organization exercises less than dictatorial control over which platform(s) will be supported.
That's because she's dragging you to a store for people who want to look like (maybe "feel like" would be more appropriate) they are concerned about the environment, health concious, etc. (Or, if you prefer: "tree-hugging-commie-liberal-pussies")
Look in the phone book under "Food Co-Op's" and you'll find a "natural foods" store where the food is real, where the slick suited marketers fear to venture, where the prices are half, and where the closeest thing to an SUV in the parking lot is the '79 International Harvester Scout which looks like it's been to Peru and back primarily because it has.
What was that? You want I should get back on topic? Well, alright...
So much of the "business world" which Linux is accused of being unable to conquor is focused on selling. But, like in the Co-Op story above, there is much of this world where the act of "selling" is an unwanted intrusion. I'd list things like email (as opposed to SPAM), Christmas (as opposed to Christmas Shopping) as among that set. Linux was released to the free software movement because, acording it Linus, he didn't care about "selling" anyone on Linux.
To anyone trying in the business of selling, the whole concept of trying to sell free software is as much an enigma as trying to conceptualize the "weight" of the color blue.
So much of the world makes it's choice of what to buy based on what it is sold. I'm guilty. Business know this, and focus a great deal of effort on convincing people to buy what they otherwise wouldn't. That's what marketers do.
The fact that Linux isn't marketed, (at least not very well) is one of the reasons I use it. When I'm using my computer, I want to select the tool based on what's going to work best for me, not on what's going to be most profitable for some software development company. In some cases, I'd go so far as to say that the act of marketing a product should be read as an admission that the product is inferior. In any case, it's a sign of a company spending less money on development than they could have (or charging more for the product than they have to) to cover the marketing costs.
<obligatory anti-M$ rant>
It's also why I get concerned about the Microsoft Monopoly. Here we have a case where not only is the company marketing their wares to me, (through all the traditional, and in some cases illegal, marketing techniques) they're using their operating system to market their wares to me (through network effects, proprietary file formats, and bundling).
</obligatory anti-M$ rant>
To anyone who is using Linux because it's "cool", your presence is welcome; feel free to stick around for as long as you remain interested. And when you choose to move on to some other "cool" thing, you'll be missed, but your departure won't be unexpected. There are others of us who use Linux because we can, or maybe because we can't help ourselves. We will still be here using and developing Linux, in spite of what the glossy magazines say. And it's this core which Microsoft (rightly, IMHO) brands as a cancer which will (long term eventually) destroy the software (sales) industry.
Both Steve Balmer and Richard Stallman understand this; they see eye-to-eye from different sides of the window.
I can't say I agree with this, can't offer any evidence to confirm or deny it, but for the sake of this argument I'll presume it to be true.
It's unusual for any corporation to "stumble about in the dark" when approaching any development such as Microsoft would have to do to create a product like an embeddable XP. I would expect Microsoft to be as good or better than most at doing this.
But in order to achieve such a goal, Microsoft would first have to set that goal as their target. That realization leads me to question what goal Microsoft set out to accomplish with an embeddable WindowsXP, even before I ask how well they performed in achieving this goal.
Whatever goal they selected, you can rest assured it is Microsoft's goal; and this was part-and-parcel of Lineo's response.
When you develop an embedded solution using a Microsoft (or some other corporation's) preformed solution, part of your development expense, part of your efficiency cost, will be spent to achieve Microsoft's (or whatever other company's) goals, and to an extent proportional to usage of their preformed solution. You can avoid this cost entirely by using no one's development kit (doing it all by yourself) or you can incurr as much as (but no more than) you need by using a Linux-based embedded package. But if you choose to use Microsoft's embedded XP solution, you get the whole ball of wax (and incur all of the associated cost) regardless of how small a portion of that you actually need.
The efforts that Microsoft has focused on this have been focused only on providing what they thought was most important. There was, I'd imagine, a concious effort to avoid stumbling around outside of the scope. This is good news for you if the embedded product you're developing is neatly in line with what Microsoft has produced, (but you'd better watch out: it would seem Microsoft is in a better position to produce this device that you are yourself) but means that the Microsoft solution will be sub-optimul if you're trying to stray far from what Microsoft considers relevant and important.
But that's why your building an embedded product in the first place, no?
Alternately, there are plenty of Linux developers stumbling around in the dark (no offense intended) outside the mainstream of where Microsoft thinks things are headed. Heck, some of us are here because Microsoft thinks it's outside the mainstream. If you're using a Linux-based solution, you're much more likely to run into some embedded zealot who's already solved your problem, itching to actually be paid to work on the stuff he's already developing, or willing to give you his full attention.
You won't get that from Microsoft, not because they do want to, but because they're not in that business.
I'm willing to bet the RIAA has already forcast how much "bad disk" returns are going to cost them; I'll also wager they neglected to consider the costs of a class action lawsuit from every CD-ROM manufacturer and computer maker who loses business because the computer purchaser was expecting it to be able to play CD's.
They may have just stabbed an ally in the back. It will be interesting to see how they back this one out...
Should I even bother pointing out to you (and the 10,000 other clueless commontators) that the disk will be labeled as copy protected?
On the other hand, I'll predict that one of the unintended side effects of this will be to make Joe Public less trustful of high technology. I can imagine comments like "Do you remember the good old days when you just bought a CD, popped it into the player and listened to music? Nowadays you have to check the 'compatible model' list and make sure your BIOS is up to date, and agree to the Listening EULA..." Strangely, the music industry has taken the lessons of the computer industry to heart. How long before we see "Tech Support: Audio CD's" as a job classification on Monster.com?
This could work out great for the music industry; imagine if you had to buy three different $500 CD systems for your Stereo Component system; one to play CD's from each of the three major labels? Of course, with each years new format, you'd have to keep upgrading your player to handle the new content protection format, which gives them a chance to sell you all of the CD's you bought last year again in the new format for the new player.
And, as people become less trusting of the technology, and sales continue to fall off, the music industry can cite this as a sure sign than piracy has taken over the industry.
I've tried to keep an open mind, and I used to accept this stuff from the RIAA (et. al.) as long as it was clearly labeled, but now I'm not so sure which team to side with. This affects more than just copyrighted music, more than just the music industry. Neither the music industry nor the MP3 pirates will be losing much under this new program; the losers will be the technologically illiterate; the precise market where the music industry is expecting to garner the lion's share of their profits.
That's always been my rule to identify a company that's gotten too big; when they stop growing at the expense of their competition, and start growing at the expense of their customers.
This is one of the few cases where I'm actually glad to be half-deaf.
Probably not into the kernel itself, as changes there are carefully thought-out. Think of the kernel as the crown jewels. But then again you wouldn't need to get it into the kernel.
As you move a proposed exploit away from the kernel and into more remote areas, you both increase your chances of being able to slip an exploit past the code owners, and reduce the number of people likely to deploy it. Reducing this to absurdium, you could create a full root exploit and "get it past the code owners" with 100% probability by starting your own project. But then again, you'd likely only wind up exploiting your own machine.
Heck, if you managed to get an exploit into a certain incremental release of the kernel (2.3.14, for example) you'd still only get a fraction of the Linux users (not everyone downloads and applies each new kernel release) and once the exploit was discovered and publicized, it would likely be patched out of existence much quicker than it's Windows counterpart.
Then there's the whole "many eyes" problem. In a closed source situation, you can assess exactly who the code reviewer will be, what their weaknesses (and concerns) are likely to be, and hide in those shadows (or avoid sensitive areas.) You also have the benefit of knowing the exact compiler which will be used, what the compile environment and options will be, what test cases will be run, etc.
In an open source setting, any proposed patch is likely to generate a hundred complaints about what it breaks (or slows down) from a hundred different people you never even knew were using that code compiling it on a hundred different compilers (some of which were written by their users) and porting it to a hundred (well, maybe ten) different hardware platforms. And that's even if you aren't trying to slip in a trojan. And fully half of those people will know more about that particular software than you do.
Agreed. That would not be the vector. Too difficult, and too risky.
Instead, an insider would identify likely targets (network stack, email integration, etc) and search for pre-existing vulnerabilities. Access to the internal problem reporting system would be very helpful in this. It would not only allow such an insider to locate exploitable code quickly, but also to easily assess the impact, size of the penetratable installed base, and probability that the exploit will soon be patched.
It's the same problem open source projects face; as predicted, closing the source only make it a little harder to find the problems and a lot harder to fix them.
The main difference (open vs. closed source) lies in the fix process. For a commercial company to provide a fix, it must go through the same rigorous (if any) peer reviews and packaging that the original release faced (otherwise the patches can become the exploit vector). This also makes it easier for an insider to decide which exploits are not going to get fixed (generally all priority 1's will be fixed before any but the incidental priority 2's) and which systems are still vulnerable (patch_level<=17) whereas in open source, vulnerabilities are fixed according to the designer's pride (unaffected by budgetary cycles) and patched on various systems at various different times.
Either he doesn't get it, or I dont. If it's me, somebody please set me straight.
The vast majority of Windows licenses are sold to OEM's. The OEM versions of Windows defer all warranty support back onto the OEM. It costs Microsoft nothing either way in this respect.
Retail sales of Windows are warranted by Microsoft, but this is a minor component. An argument could be made that better software reduces their tech-support exposure during the warranted period (for some fraction of their customers who would actually ask for tech support), but since it would also sabotage future sales after the warranted period (for the much larger fraction of their customers whom they can be expecting to upgrade) I'd argue this still weighs in favor of releasing poor quality software.
Enterprise sales (to corporate IT departments) actually benefit from "technical support headaches". As anyone who's spent much time in a corporate tech-support setting will tell you, buggy software:
Increases job security for everyone in the support organization, by maintaining visibility (think about the Maytag repairman) and corporate relevance.
Helps the CTO build a large empire, and increase his power base and scope of decision making authority
Helps individual techs justify additional certifications and training expense (resume' building)
And trying to characterize Microsoft's per-incident support charges as some sort of loss-leader just flies over my head. Microsoft is under no obligation to offer this service; they can discontinue it at any time. The fact that they do not is proof of the aggregate value of this service to their organization.
A good designer interested in "fewer variables" will design the machine as a set of discrete components, where problems can be quickly isolated to the unit level, where individual units can be tested in isolation, and replaced with new identical units (to isolate problems at the unit level) or with functionally equivalent units of unique construction and manufacture (to isolate common-mode problems affecting all units of a given design.)
Such a design would, for example, allow a tech to rapidly and cleanly rip out IE and replace it with Netscape to isolate browser problems, like an auto mechanic replacing the master cylinder to diagnose a problem in the brakes.
This is precisely opposite to what Microsoft was accused of doing, and was the focus of the anti-compettitive behavior from the original trial.
Methinks he needs to adjust his views. Microsoft, because they are a profit-oriented corporation, and because of their monopoly status, has no reason to make the software more secure, easier to troubleshoot, easier to maintain, easier to integrate with other products, or easier to replace with a competitors products.
Farming is their optimal strategy: as the incumbent, and posessor of the monopoly, they can define what computing is and garner the profits from known and conquored business much more effectively than they can compete with the Hunters trying to redefine the territory.
Compare this to the goals of free software and open source advocates:
functions exposed (source available)
secure against unauthorized functions (security oriented)
small, tight, clean tools (function specific)
seemless integration between tools (pipes)
which have only been made possible because its development was undertaken outside of the profit-oriented development marketplace.
What monopoly has a balance-sheet incentive for producing a quality product? And what for-profit corporation has any incentive which is not balance-sheet oriented?
If you want my support as the only person not selected, in part, by Microsoft, and representing computer users in this bargain, you'll need to demonstrate a solid understanding of this reality.
In a word, yes.
If you think this is a troll, take this little test...
You have just found out that Your Favorite Operating System, which you run on Your Computer, has a vulnerability which you consider important enough to do something about.
Do you:
Locate and apply the appropriate patches for Your Favorite Operating System, and make whatever other changes are necessary to mitigate the situation.
Learn more about Your Favorite Operating System so that you'll be even better able to assess these threats and prevent vulnerabilities in the future.
Lose interest, and just continue running Your Favorite Operating System, vulnerabilities and all, and go back to reading Slashdot, surfing the web, etc.
Get fed-up, say "This is the last straw!" and abandon Your Favorite Operating System, replacing it (and all of the applications, data files, and procedures which depend upon it) with Some Other Operating System which you may have heard about.
We can all see ourselves or think of others who would react in any (or perhaps all) of the first three ways, all ow which favor the incumbent. I can't think of anyone who would respond similarly to the last, which is the only one which would topple the status quo. With the exception of a few individuals who are charged with setting the strategic computing direction for large organizations, (that is, in a position to dictate what other people will run on their computers) security holes tend to reinforce the market position of the incumbent. And the harder it is to fix, the more time your customers spend with your product (increasing your mindshare) and the less likely it is that the hole will be patched, meaning you'll have another chance in the future to grab their attention again...
So, if you're charged with selecting a strategy to promote your operating system, your obvious tactics are:
Focus your energies on those few people who set the computing direction for major corporations.
(IFF you are the incumbent) Don't worry about security, because as long as you have a majority share of the market any security hole will only increase your mindshare. And mindshare is what it's all about.
Want to know how to apply this to Free Software, Open Source, and Linux?
Code, if you can. (and can do it well)
Document, if you can. (and can do it well)
Report bugs, if you can. (and can do it well)
But most importantly, Use it.
By just using the software, you create a habitat for the evolution of the software. If something works well, praise it. If something sucks, say so. The habitat for evolution is the key to success for both proprietary and free software. The key advantage that free software has over proprietary software lies in:
the ability to try to be all things to all people. Most of these will fail, but the ones that don't will be spot on.
the knowledge that no one is going to get fired or lose their job for producing something that no one wants. That's an incredibly liberating feeling for a software designer.
If Microsoft appears to be getting stronger, it's only because they're retreating back onto their own territory.
I sometimes phone the office, to check my voicemail or talk to the boss. Should I call the phone company and have my personal phone line converted over into a business line?
Today, it's about playing M$ games or not. Big Deal, right?
Someday you'll understand.
It might be on Tax day, when you realize that you can "choose" to pay your taxes on line (for free, and get your return quickly) using Passport, or you can "choose" to pay the filing fee and wait six months for the return, but not use Passport.
It might be on Election Day, when you can "choose" to vote electronically, from your desktop, and for the Incumbent Party using Passport, or you can "choose" to take time off from work, stand in line at the polling place (in the bad neighbor hood, in the rain) and vote anonymously for the party of your choice.
It might be when you take your car in for an oil change, and "choose" to pay with your Passport-linked credit card, knowing full well that the next time you go on-line every pop-up add will tell you about the neat accessories available for your "2004 Dreadnought SUV" (except for tinted windows, 'cause you already got those) or how 'old' a car with 21,294.6 miles is...
Perhaps Graduation day, when you realize that without a Passport, your shcool won't make a transcript available on-line to potential employers. Of course they can still request one by mail, but that may take up to six weeks, and the job offer may not wait that long...
.
That's what 'monopoly' means, really. It means a condition exists under which a choice which you would otherwise have (or expect to have) does not exist.
Monopolies in themselves are not absolutely bad. In some cases they are naturally occuring, in others they are necessary and beneficial.
But in cases where a company (which, by definition, exists only to make a profit for it's shareholders) can leverage a monopoly to their own benefit and in a way which could destroy the checks and balances we've carefully constructed in other areas, there is due cause to be concerned.
And when that company has a history of abusing prior monopoly advantage, the cause for concern is even more justified.
And when that company can exercise "root access" control of the computers we are expecting to be serving us and making decisions which should only consider the costs and benefits to us, and won't allow us to even look at the source code to verify that our personal information isn't being sent against our will, it becomes a critical concern.
.
Did you really think Microsoft would come right out and say "we're doing this to remain profitable, and we don't care how many other business we have to bankrupt to do it?" Of course not. This is just about games. It's always just about games, right up until it isnt.
Would you be willing to buy a DVD player which includes WMP technology, but doesn't say so on the box?
(Heck, you'd probably pay extra for it!)
Closed source is not about profit, it's about control.
So, who "owns" your computer. (or DVD player)
No, you can't! That's one of the most non-intuitive parts of the DMCA which many peope don't get.
If you create a work (you are the copyright owner) and release it CSS encrypted on a DVD, you lose a portion of your copyright-granted control over that work. Specifically, you can no longer just turn it loose to the public domain because anyone who would want to view, or copy, or derive from your work must buy a CSS license, and must agree to the terms
of that license. And you (as the copyright owner) have no control over what that license allows the purchaser to do.
The CSS license currently says (and the Law backs them up) that you can't make a copy of the work, even if you have otherwise been granted the right to do so by the copyright owner.
So who cares? It's not like a lot of people are creating a lot of copyrighted works in an encrypted format that you have to have a license to decrypt, right?
Think again. How much of your copyrighted material exists in a proprietary file format for which you must purchase a license to decode it?
Got any Word documents? or PowerPoint charts? or FrameMaker documents?
If the courts rule that a proprietary file format "effectively controls access to" the copyrighted material contained within, then programs like Star Office will be as illegal to make or posess as DeCSS is today.
Please explain how an opinion can be "dangerous"?
An opinion is as inert as an email message; it takes a willing host to translate the opinion into action.
It is impostant to study the opinions of madmen, if for no other reason than to help us recognise the opinion of a madman when we hear it. To refuse to give action to the opinion of a madman is just and proper, but to refuse to even hear it denigrates ourselves. And besides, how can you even disagree with an opinion before you've heard it?
There are those alive today who still believe that Linus is a madman. History will show us whether we are right or wrong.
If programming a computer is equivalent to teaching it, isn't that exactly what any proprietary software vendor aims to do? Imagine a world where any computer running corporate-produced software is at least partially engaged in making the corporation more profitable?
And would that corporation's shareholders demand anything less?
I wonder how long it will take before Bush and crew realize that the collapse in the Tech sector is due, in large part, to geeks being on collective, unorganized strike?
If you've ever watched a Master Craftsman (Norm Abram springs to mind) do his stuff you'll notice the strong preference for lots of specialized tools, some of which might appear to be identical to the untrained eye.
I saw one of the New Yankee Workshop series where he uses no less than 5 drivers with slightly different bits to accomplish a task. With proper bits, I could have accomplished the same thing with just one driver, but changing bits between steps would have added an hour to the project.
This is also why many power users prefer the UNIX-style "large collection of simple tools" (sed, awk, grep, etc) over single do-it-all applications like MSWord (or even Perl) which add unnecessary weight and complexity.
Then again, the "397 Tools In One" Fix-O-Matic (TM) seems to always sell well with the consumer types who are more interested in feeling productive than in being productive.
I guess we know which type you are.
Another one of those little engineering principles of life...
Any computer, of whatever arbitrary technology or expense, will only allow you to do 80% of what you want it to do.
The other 20% is composed of things you never dreamed were possible until you upgraded to the system under inspection.
It follows the same reasoning that no mater how much disk space you add, you'll always run out within a few months.
In this equation, the people are the constant; the provision of greater resources encourages the demand for even greater resources.
Which is why IT departments that try to decrease cost and increase efficiency by replacing obsolete models with the latest and greatest new ones invariably wind up (to their utter bafflement) increasing cost and decreasing efficiency.
Your argument fails for at least two reasons:
1. You presuppose that I am a US resident, or otherwise
leagally obligated to submit to a lawful search
by the FBI
2. You predictate that the search is warranted.
Should the security guard step out of the way if
I am not a US resident? What if I am, but the
FBI shows up without a warrant?
Both of these two conditions are things which a piece of
anti-viral software has no way of checking; your
solution would have the AV software presume that
the search is justified even in cases where it is not.
(Much better to have the AV software detect Magic
Lantern, report the detection, remove the trojan,
then silently start up its own embedded keystroke
logger. That way, the trojan IS detected and removed,
the system is in exactly the same state it was
in before, yet the keystroke logging is performed
anyway.)
Either I have misunderstood what you have said (most likely) or you have little understanding of the idea behind copyright law.
Copyright law is (in most, some would argue all, cases) the only thing which
prevents you from making a copy of another person's intellectual property.
It presupposes that you accept the concept of "intellectual property" as valid.
Why would you want to accept the concept of intellectual property; the concept that someone else "owns" an idea, and has property rights to it?
You accept it because of the benefit it brings to you to do so. Or at least you do if you're smart.
The idea behind copyright law is that we agree as a society that
the benefit we derive from having Authors and Inventors share their ideas
is worth more than the cost of granting to them a limited
monopoly of control over the use of those works.
If you feel that this deal is no longer working to your benefit, you can agitate for a renegotiation. If we as a society
feel the same way, then we should re-write the terms of that deal.
We should all understand that whenever the terms of this deal
are changed, either to the benefit of the Authors and Inventors, or to the
benefit of the public, these changes will have repercussions.
I agree with you; since the establishment of copyright law in the United States, the terms of this
agreement have consistently been re-adjusted in favor of the Authors and Inventory.
(Or rather, in favor of the publishers. Was that intentional?)
Perhaps there is a need to re-evaluate the terms of this agreement once more.
Perhaps we need a Federal oversight comittee to manage the
national Intellectual Property and Copyright issues for the benefit
of the society in the same manner that the Federal Reserve
system manages the money supply for the general benefit of the society?
That's why I route all of my one-click purchases through
a router in Delaware; it's not me making the purchase,
the computer is making it on my behalf from a state
which would not require me to pay a sales tax if I were
doing it myself.
Kinda like Bush Senior claimimg to be a Resident of Texas
(no state Income tax) for the duration of the 12 years he was
in Washington working in the Oval Office.
Don't worry. Just log out, take another hit of Soma
and go back to sleep.
As Tim Berners-Lee was once quoted as saying, "The
paranoids are always the first to suspect..."
The were, for all practical purposes,
"ordinary <sysAdmins>." <Robert Morris, Jr.> was an "ordinary <sysAdmin>." How
do you tell the "ordinary <sysAdmin>" from the "evil <computer hackers>?"
I'm not saying that Federalization is the answer, or even that I'm
opposed to CCPs in general, but <computers> are not the place for <shell scripts>.
<BOFH's> with the <perl>, maybe. But even in the right
hands, <shell scripts> on <computers> are orders of magnitude more
dangerous--for all of us--than they are elsewhere. If "ordinary
<sysAdmins>" have to defend <their runlevels> on <computers>, they can do it with
their <emacs editor>, and the best we can do is make sure that the potential
<crackers> are forced to face them on even terms.
No, it's like a Ford dealer not letting you in to buy parts for your Ford because you happen to be driving a Saturn at the time.