While there is doubtlessly reasons for all the licenses you mention, they are not all now currently OSI certified or "Free."
1. The license of Qmail is not a free software or an OSI Certified license because it mostly prohibits the distribution of modified versions.
2. Aladdin, too, does not fit license because it does not allow charging for distribution, and largely prohibits simply packaging software licensed under it with anything for which a charge is made.
3. Only the "new" BSD license is considered Free/Open Source
7. None of the no commercial use variants are free/open source, as they discrimiante against fields of endeavor.
Microsoft's current inability to handle security issues is much more persuasive. Linux advocates should focus on that.
Only if they want to continue to be several steps behind. Most still consider the security to be "good enough." Indeed, the "good enough" argument makes it very difficult to win most arguments on the technical merits of Linux over MS. MS is also making very public moves to improve the security of Windows. You really do have to attack their model & try to force a paradigm shift, rather than to highlight some issues that will eventually be resolved.
Suddenly we have a body claiming to be in control of the freedom to generate licenses!
No--generate any license you wish. We have a body owning the right to call something "OSI Certified." We've had that body for a long time. It has helped set standards and criteria & prevents bad licenses from getting very far in the community. It also helps cut down on the confusion of having too many license (though, according to the article, not enouch).
I heard the speech, Martin Fink said it was his opinion that there were too many licenses and not OSI's opinion. I don't remember him saying that OSI would do this, but as a member of the board of OSDL he would be asking them to do so.
A LOT of people agree with him. CAI's Greenblatt (with the choice quote about three licenses) and John Swainson (who says his three would be the GPL, the LGPL, and one with commercial restrictions), and Novell chief executive Jack Messman. Also Columbia law professor Eben Moglen (legal counsel for the Free Software Foundation that oversees the GPL). The writing is on the wall that SOME change must be made.
I think the article explains it better than either of the articles posted above.
That article is 6 months old....See this article or others from google news--he is gaining converts.
Even OSI is giving lip service. From TFA:
For his part, OSI's Nelson said that he is still studying the issue. The OSI could set tougher standards for approving open-source licenses to discourage groups from creating their own....
One idea that Nelson has considered is to have a tiered system of open-source license certifications. A "gold" license would apply to the top four or five licenses that are used in the great majority of open-source projects, he said, and a "silver" license would those that are used by fewer projects, such as the Apache Software License.
I actually think that the XServe returns quite a bit for what you pay them. You can DIY for perhaps 1/4 of the price & a lot of time & some cursing. If you want a cheaper solution, I have been fairly happy with a recent purchase from eRacks. If you want something a little more end, get a SNAP serve or something similar. Or, get a couple of those 1 TB external disks & use software RAID 1.
Yes--the major Linux vendors tend to compile most apps without Kerberos. I suppose to minimize dependencies & to prevent security holes from un(under?)-used featuers.
pam-krb is usually available enough & consquently (with the kerberized services on windows) I have seen a lot of kerberized samba deployments. Fewer kerberized OpenSSH/OpenLDAP servers. Institutions that use kerberized end-user apps (UW's pine email client, Evolution, etc.) do seem to be more likely to have kerberized servers too. I don't know if this is due to savvy admins or end-users who WANT to use kerberos clamoring for it.
I know about those, but they are not exactly impressive or widely deployed (at least, that's my perception) in comparison to the other achievements of the open source community.
OpenSSH is VERY impressive & is VERY widely deployed. Samba and OpenLDAP certainly have high deployment as well. I suppose a more interesting question would be to ask what impressive, wideley deployed software should have Kerberos but doesn't currently...
Tunneling over SSL/SSH is far from a complete solution, because it leaves authorization up to the developer.
BZZT... primary feature is a trio of functions, the AAA as it used to be called in Cisco materials: authentication, authorization, and access.
First of all, I never said that AD was ONLY an LDAP implementation. Second of all, I said you needed samba & other services to replace AD & that it wouldn't be 1:1. Finally, manyothersagree that a HUGE part of AD is the LDAP implementation.
Hell--they even chose to call it active directory!
In short primary != only & I never said that it was.
I disagree that few *nix apps take advantage of Kerberos. Indeed, Samba and OpenLDAP, both mentioend here, do. OpenSSH, Cyrus IMAP, Netatalk, fetchmail, and many popular others do too. But you are right that it is far from universally implemented & many now choose to just run most traffic over SSL instead.
My two cents on what you didn't ask about: I, like you, am impressed that you basically get kerb for free for most traffic from a windows server. However, I hate MS for the way they did this. They use non-standard, undocumented features that prevent non-MS systems from actually being interoperable with them. Even the MIT Kerberos team has accused them of trying to embrace & extinguish. I suspect that some (though certainly not all) of the lack of Kerberos on *NIX has to do with this.
I hear the AD to OpenLDAP thing all the time, and it pisses me right off...nothing is uglyer to an AD administrator then the mess that is the Kerberos/OpenLDAP/Samba mudheap that sort-of delivers something sort of similar, but really doesn't. Even the IDEALX stuff linked to elsewhere doesn't really make the grade. For all its warts, AD is actually pretty admin friendly, and what is more, many organisations have spent lots of money to get to AD in the first place.
Yes--MS's products on the backend are generally more integradted and feature-rich. Rather than replacing PDCs/AD boxes with Samba/LDAP boxes, it probably makes much more sense to using these to expand your current infrastructure or to embrace it in the beginning. ANY LDAP-server (be it OpenLDAP or Active Directory) used as authentication, domain controlling, etc. seems hackish to me. While not perfect, Samba/OpenLDAP/IDEALX really is a capable solution that many find to be good enough in many ways & better in others (particularly the (f/F)reeness). I have seen it deployed with success in both small and medium-scale infrastructures & have seen it used as a supporting player in alrger infrastructures.
I think you might be mistaken, but would welcome a link to where you heard this. As of early this month, Novell even had to assure customers that it wouldn't be abandoing Groupwise support due to their increased marketing of OpenExchange. I think they are serious about OpenExchange and Evolution!
It is open source and runs on your *nix servers. SUSE's pricing is MUCH lower than MS's pricing. You can use the same backend for free without SUSE support if you use OPEN-XCHANGE. The reason I chose to link to the former is that it is more likely it would be chosen by companies who had enough to afford MS Exchange.
AD to OpenLDAP doesn't go, because OpenLDAP is just a directory protocol -- I wish people would start to understand that. There is no directly usable management interface, no business logic, no nothing. It is just a protocol....
Active Directory's primary feature is that it is an LDAP implementation. Also, OpenLDAP is an open source implementation of LDAP--not the protocol itself. The compination of OpenLDAP and SAMBA can deliver a lot of the backend functionality of Active Directory, but you are correct that they aren't a 1:1 replacement. Of all the examples of transitioning, that he gave in the post, this was the most accurate & he probably shouldn't be jumped on it because of this. I agree that the "NTFS to Samba" thing was quite ridiculous & is probably what motivated your post.
I have migrated to FreeBSD/Linux backed servers. The first key is to do it incrementally--migrate piece-by-piece.
(such as Active Directory to Open LDAP,
LDAP is so useful, that you might as well start here. Remember that LDAP is a multipurpose directory. If you want to replace AD authentication and a windows PDC, IDEALX has written some nice perl scripts and a tutorial on how to do this with OpenLDAP and Samba.
Exchange Server to Sendmail
If you want to replace Exchange Server, use Openexchange. If you want to replace only your MTA, consider using postfix. On the server end, this isn't a ton of work. But you will likely have to change the way clients are connecting to your server & also what they can do with it. Sendmail/postfix will probably not be enough for you...
and NTFS to Samba)
NTFS is a local file system. Samba is an open source SMB server/client. Big difference. See IDEALX for good Samba deployment.
A few names which Microsoft may be using could include: Windows XP Shi**tee Edition, Windows XP No Media Player Here Edition, Windows XP The EU Sucks Edition, and
Windows XP Buy XP Pro Instead of This Since They Are Both Worth The Same Price Edition.
I must purchase XP workstations for our facility. I would jump on getting only the features of XP Pro that I need & not getting those that I don't for a reduced cost in a heartbeat. Depending on the savings, I might even use it on more workstations than I currently do. But why not just get XP Pro & choose not to install the media components if they cost the same? XP Pro will have the media components if you ever need them, but you aren't forced to install them. Furthermore, with wider deployment, support/upgrades are likely to be cleaner. How does this product have any value?
Students are perceived by some administrations as a "product," and if the university makes a good product, then others will go to that university. All with the ultimate goals that donations and prestige will follow.
This seems fine. But then they should strive to maximize the quality and rate of good students leaving the University. Phone service is required to speak with both collaborators and with vendors. It is against a University's interest to price it outside of the reach of students & they have little excuse to do so if they're making a buck on it to boot. Similar statements good be made for many of the business services Universities price outrageously. One could easily make the argument that some should be run at a loss--as the cost of producing good students and good research.
What the Washington Post article also hints at, is possible tuition hikes due to the landlines dropped so quickly. "Six or seven years ago, telephones on campus were a cash cow,"
As it is, they many universities still overcharge for land-lines. The department I worked in has begun cutting service from under-used department phones, including ones they installed in rooms to have phone conferences. They are also looking (only somewhat seriously) into ways to have grad students share phones across different offices.
Why can't Universities run more programs at or near cost, rather than try to bilk as much money as possible out of people?
The passphrase FAQ is a useful resource. I refer anyone new to GnuPG to it. Particularly useful is their advice on choosing a passphrase:
The answer depends on how secure your passphrase needs to be. Start with a normal phrase and then with a bit of random help, distort it. Make a nonsense phrase by changing words. Remember to switch the sentence structure around in a random fashion. Add a few random words or characters to enhance the security. The goal is to create something you can remember and last as long as a brute force attack on the IDEA key.
The phrase, "my unbreakable super pass phrase can't be beat", is weak by itself. So what if we change it some? "mile unbraking stupor past froze can tent bee beets" is all well and good except that in an attack, a homophone dictionary may be used. On the other hand, in one pass we have a nonsense phrase that has a different structure and words that don't quite logically connect. Add several random characters to make it impossible to guess by any means other than brute force and you are done. The phrase is fairly easy to remember because you used a normal phrase to construct it. If you forget the actual phrase you will probably be able to reconstruct it. Being human, we tend to do things the same in a predictable manner.
For more security, you can generate fully random phrases or character sequences. This will take time and may be difficult to remember. Your level of security is easy to control by limiting the key length. One nearly foolproof method is Diceware
Hotmail works for me in Firefox on win32, OS X, Linux, and FreeBSD. Using Opera on all of the same platforms, I could not use the new delete messages feature that is touched on in the article:
You say you believe in interoperability. Why does the Hotmail service deny Opera access to the same scripts as Microsoft's own browser? As a result, Opera users can't delete junk mail.
Even with cost as a factor...the transition to OpenOffice, the support of OpenOffice and the maintenance of OpenOffice all cost money.
As do the support and maintenance of MS Office. Retraining for switches might be a significant one-time cost, but then again there has also been historically signicant costs because MS Office has often been a vector for viruses and worms.
Does anyone have a link to a reliable study that compares the maintenance cost of OpenOffice with MS Office?
There are literally a ton of total cost of ownership studies out there. Some favor staying with MS. Others don't. It is complicated to accurately calculate. But most find the annual cost of running F/OSS is less than commercial software, not counting the transition costs. The real question then is how long you have to use a product that switching to it makes sense.
The fact that Microsoft cowtows to tactics like this by lowering their prices gives legitimacy to OpenOffice.org. If MS didn't view F/OSS as a viable thread, they wouldn't lower prices--they'd pull strong-arm tactics and say "yeah--good luck with that. When your migration fails, you can come back and give us the same deal as we are proposing now."
Lowering prices not only validates OO.o as a useable alternative, but also proves that F/OSS is a truly disruptive technology--MS can't get away with charging what they want to anymore.
If Windows needs fewer patches, why don't they offer disclosure of known but unpatched bugs? We've seen several stories of MS not fixing poor implementations after researches have disclosed. What other bugs does MS not find a sufficient business reason to fix?
If they really had a case, I'd at least expect to hear more numbers in their favor. We patch X% of bugs in Y days. Fewer than Z% of our bugs are reopened. The number of bugs that could allow for Administrator/root access in the default install was N.
Any company who uses private issue tracking will always have an easier time criticizing those who use public issue tracking than vice versa.
Filing fees vary greatly. In Chicago, it would cost about $75 to file this claim. In other districts, I've seen it be less than $20.
When you win, many courts also order interest start accruing on what is owed you. Chicago has a 9% APY. If the company isn't going to go bankrupt (and, in this case, the seller is a very large company), they will usually pay you off immediately, lest they suffer these penalties. Collecting from businesses isn't bad, but you are right that it can get tricky. While you can and should file a small claim & represent yourself, you might want to retain an attorney to help you actually get the money if you have problems.
The most effective way to make a BBB complaint is to contact the local BBB for whatever city/township/county the company headquarters are in. And that's the rub. Some are poor, some are quite good. I have seen some complaints get less attention than yours got--no acknowlegement of receipt until it was sent many, many times. But most BBBs are much better & do try to use their limited budgets to help consumers.
It is worth the time to submit a complaint--the complaint will at least go into a file & consumers do, occasionally, inspect the track-record of a company before they do business with them.
Furthermore, it doesn't take much effort. As I said, you could usually recycle the same complaint letter to multiple agencies. Even if you get stuck with a regional BBB that does nothing, perhaps the same letter sent to the attorney general will get results. At the very least, the company who is screwing you will usually be told who you are complaining to. If you complain to only one organization & they find that organization to be ineffective & don't think anything bad will come from your complaint, they may ignore you. They start paying attention when you complain to more organizations that can do real harm to their business.
Slashdot Mirror
Isn't this basically the LGPL?
While there is doubtlessly reasons for all the licenses you mention, they are not all now currently OSI certified or "Free."
1. The license of Qmail is not a free software or an OSI Certified license because it mostly prohibits the distribution of modified versions.
2. Aladdin, too, does not fit license because it does not allow charging for distribution, and largely prohibits simply packaging software licensed under it with anything for which a charge is made.
3. Only the "new" BSD license is considered Free/Open Source
7. None of the no commercial use variants are free/open source, as they discrimiante against fields of endeavor.
That article is 6 months old....See this article or others from google news--he is gaining converts.
Even OSI is giving lip service. From TFA:
I actually think that the XServe returns quite a bit for what you pay them. You can DIY for perhaps 1/4 of the price & a lot of time & some cursing. If you want a cheaper solution, I have been fairly happy with a recent purchase from eRacks. If you want something a little more end, get a SNAP serve or something similar. Or, get a couple of those 1 TB external disks & use software RAID 1.
My apologies for the misunderstanding.
Yes--the major Linux vendors tend to compile most apps without Kerberos. I suppose to minimize dependencies & to prevent security holes from un(under?)-used featuers.
pam-krb is usually available enough & consquently (with the kerberized services on windows) I have seen a lot of kerberized samba deployments. Fewer kerberized OpenSSH/OpenLDAP servers. Institutions that use kerberized end-user apps (UW's pine email client, Evolution, etc.) do seem to be more likely to have kerberized servers too. I don't know if this is due to savvy admins or end-users who WANT to use kerberos clamoring for it.
Hell--they even chose to call it active directory!
In short primary != only & I never said that it was.
I disagree that few *nix apps take advantage of Kerberos. Indeed, Samba and OpenLDAP, both mentioend here, do. OpenSSH, Cyrus IMAP, Netatalk, fetchmail, and many popular others do too. But you are right that it is far from universally implemented & many now choose to just run most traffic over SSL instead.
My two cents on what you didn't ask about: I, like you, am impressed that you basically get kerb for free for most traffic from a windows server. However, I hate MS for the way they did this. They use non-standard, undocumented features that prevent non-MS systems from actually being interoperable with them. Even the MIT Kerberos team has accused them of trying to embrace & extinguish. I suspect that some (though certainly not all) of the lack of Kerberos on *NIX has to do with this.
I think you might be mistaken, but would welcome a link to where you heard this. As of early this month, Novell even had to assure customers that it wouldn't be abandoing Groupwise support due to their increased marketing of OpenExchange. I think they are serious about OpenExchange and Evolution!
It is open source and runs on your *nix servers. SUSE's pricing is MUCH lower than MS's pricing. You can use the same backend for free without SUSE support if you use OPEN-XCHANGE. The reason I chose to link to the former is that it is more likely it would be chosen by companies who had enough to afford MS Exchange.
LDAP is so useful, that you might as well start here. Remember that LDAP is a multipurpose directory. If you want to replace AD authentication and a windows PDC, IDEALX has written some nice perl scripts and a tutorial on how to do this with OpenLDAP and Samba.
If you want to replace Exchange Server, use Openexchange. If you want to replace only your MTA, consider using postfix. On the server end, this isn't a ton of work. But you will likely have to change the way clients are connecting to your server & also what they can do with it. Sendmail/postfix will probably not be enough for you...
NTFS is a local file system. Samba is an open source SMB server/client. Big difference. See IDEALX for good Samba deployment.
I must purchase XP workstations for our facility. I would jump on getting only the features of XP Pro that I need & not getting those that I don't for a reduced cost in a heartbeat. Depending on the savings, I might even use it on more workstations than I currently do. But why not just get XP Pro & choose not to install the media components if they cost the same? XP Pro will have the media components if you ever need them, but you aren't forced to install them. Furthermore, with wider deployment, support/upgrades are likely to be cleaner. How does this product have any value?
Why can't Universities run more programs at or near cost, rather than try to bilk as much money as possible out of people?
The fact that Microsoft cowtows to tactics like this by lowering their prices gives legitimacy to OpenOffice.org. If MS didn't view F/OSS as a viable thread, they wouldn't lower prices--they'd pull strong-arm tactics and say "yeah--good luck with that. When your migration fails, you can come back and give us the same deal as we are proposing now."
Lowering prices not only validates OO.o as a useable alternative, but also proves that F/OSS is a truly disruptive technology--MS can't get away with charging what they want to anymore.
If Windows needs fewer patches, why don't they offer disclosure of known but unpatched bugs? We've seen several stories of MS not fixing poor implementations after researches have disclosed. What other bugs does MS not find a sufficient business reason to fix?
If they really had a case, I'd at least expect to hear more numbers in their favor. We patch X% of bugs in Y days. Fewer than Z% of our bugs are reopened. The number of bugs that could allow for Administrator/root access in the default install was N.
Any company who uses private issue tracking will always have an easier time criticizing those who use public issue tracking than vice versa.
Filing fees vary greatly. In Chicago, it would cost about $75 to file this claim. In other districts, I've seen it be less than $20.
When you win, many courts also order interest start accruing on what is owed you. Chicago has a 9% APY. If the company isn't going to go bankrupt (and, in this case, the seller is a very large company), they will usually pay you off immediately, lest they suffer these penalties. Collecting from businesses isn't bad, but you are right that it can get tricky. While you can and should file a small claim & represent yourself, you might want to retain an attorney to help you actually get the money if you have problems.
The most effective way to make a BBB complaint is to contact the local BBB for whatever city/township/county the company headquarters are in. And that's the rub. Some are poor, some are quite good. I have seen some complaints get less attention than yours got--no acknowlegement of receipt until it was sent many, many times. But most BBBs are much better & do try to use their limited budgets to help consumers.
It is worth the time to submit a complaint--the complaint will at least go into a file & consumers do, occasionally, inspect the track-record of a company before they do business with them.
Furthermore, it doesn't take much effort. As I said, you could usually recycle the same complaint letter to multiple agencies. Even if you get stuck with a regional BBB that does nothing, perhaps the same letter sent to the attorney general will get results. At the very least, the company who is screwing you will usually be told who you are complaining to. If you complain to only one organization & they find that organization to be ineffective & don't think anything bad will come from your complaint, they may ignore you. They start paying attention when you complain to more organizations that can do real harm to their business.