Linux isn't free. Hello? If there is actually anyone still left on the planet
who thinks the term free software was a good idea, I hope they're paying
attention. Because what Microsoft is doing here is exploiting the old familiar
gratis/libre ambiguity of the word free in yet another way. They're setting up
for a claim that free software advocates are lying or deluded because Linux has
a nonzero TCO. Therefore, goes the implication, you can't really trust them
about that other freedom thing, can you?
Maybe we
need a better / more effective / less easily confused way to talk about the
"freedom" aspect. I'd be interested in constructive discussion of this. But
there is a logical flaw in ESR's argument here. It's wrong to conclude that using the term "free
software" is a bad idea just because MS tries to muddy the waters. MS may or may not succeed in making our current way of communicating the freedom aspect of Free Software less effective, but this is certainly not a reason to stop
talking about "Free Foftware". Quite on the contrary, if after all their
studying Microsoft is now trying to discredit the "freedom thing", isn't that
an indication that emphasis on the freedom aspect is important, and should be
increased rather than diminished!
The real problem is not that Discovery is not worth the time and money spent, but that it becomes worthless if the patches created are not applied.
Even if only a small percentage of computer users apply security patches, there is still the benefit of building up a knowledge base about security vulnerabilities. The blackhats are building up such knowledge anyway, we can't prevent that. But the "good side" needs to also build up this knowledge, otherwise the blackhats would soon be so much more knowledgable and skilled than the whitehats that it becomes impossible to set up any machine in a reasonably secure manner.
In an ideal world, where no-one would think about doing anything nasty, there'd be no need for anyone to study security, look for problems, write proof-of-concept exploits, etc.
However, the real world is not like that. There are nasty people (inviduals as well as organized criminal groups). We can't stop them from studying security and, as long as there are serious securtiy problems, these people will find some of them and use them to do whatever evil deeds they want to do commit (like turning PCs of innocent people into spam-spewing zombies, credit card fraud, etc etc.)
The only way to effectively counteract this is to bring problems into the light. Without security research by "whitehats" (people who look for vulnerabilities but don't use them without prior authorization from whoever is in charge of the vulnerable computer system), only the "bad guys" (blackhats) would have any in-depth knowledge of security issues. There'd be no hope of making systems secure if only the bad guys have the knowledge that matters!
Slashdot Mirror
My gut feeling is:
Linux isn't free. Hello? If there is actually anyone still left on the planet who thinks the term free software was a good idea, I hope they're paying attention. Because what Microsoft is doing here is exploiting the old familiar gratis/libre ambiguity of the word free in yet another way. They're setting up for a claim that free software advocates are lying or deluded because Linux has a nonzero TCO. Therefore, goes the implication, you can't really trust them about that other freedom thing, can you?
Maybe we need a better / more effective / less easily confused way to talk about the "freedom" aspect. I'd be interested in constructive discussion of this. But there is a logical flaw in ESR's argument here. It's wrong to conclude that using the term "free software" is a bad idea just because MS tries to muddy the waters. MS may or may not succeed in making our current way of communicating the freedom aspect of Free Software less effective, but this is certainly not a reason to stop talking about "Free Foftware". Quite on the contrary, if after all their studying Microsoft is now trying to discredit the "freedom thing", isn't that an indication that emphasis on the freedom aspect is important, and should be increased rather than diminished!
Even if only a small percentage of computer users apply security patches, there is still the benefit of building up a knowledge base about security vulnerabilities. The blackhats are building up such knowledge anyway, we can't prevent that. But the "good side" needs to also build up this knowledge, otherwise the blackhats would soon be so much more knowledgable and skilled than the whitehats that it becomes impossible to set up any machine in a reasonably secure manner.
However, the real world is not like that. There are nasty people (inviduals as well as organized criminal groups). We can't stop them from studying security and, as long as there are serious securtiy problems, these people will find some of them and use them to do whatever evil deeds they want to do commit (like turning PCs of innocent people into spam-spewing zombies, credit card fraud, etc etc.)
The only way to effectively counteract this is to bring problems into the light. Without security research by "whitehats" (people who look for vulnerabilities but don't use them without prior authorization from whoever is in charge of the vulnerable computer system), only the "bad guys" (blackhats) would have any in-depth knowledge of security issues. There'd be no hope of making systems secure if only the bad guys have the knowledge that matters!