Oracle Announces Immediate Availability of the Ellinux Kernel
Bogus press release, for IMMEDIATE RELEASE
LONDON, England 20-JAN-2008 03:42 AM — Oracle has formally announced that it is no longer willing to become dependent on third parties. As such, the company has made the decision to fork the Linux kernel and have it optimized for better database performance and adapted to more restrictive licenses. “I am very pleased to share my kernel with a group of trusted partners,” said the company’s CEO, Larry Ellison. “I could not let my ego be deflated by allowing a guy from Finland to maintain control and therefore Ellinux was born,” he continued.
Oracle’s acquisition of Hyperion in March 2007 and BEA Systems only days ago provides more pieces with which Oracle hopes to compete against other software giants. The latter acquisition is bound to have a project renamed BEAllison and its new headquarters will be based in a yacht somewhere in the Pacific Ocean. Oracle’s CEO previously commented on this decision, adding that its purpose was to ensure that Paul Allen’s yacht does not remain larger than his private one. Insinuation that this decision was related to Ellison’s self-esteemed were dismissed by analysts at IDC, which is a pay-to-say analyst firm whose prime investor is Larry Ellison.
For the full report, please contact Mister Black at IDC, firstname.lastname@example.org
Oracle (NASDAQ: ORCL) is the world’s largest enterprise software company. For more information about Oracle visit our Web site at http://www.oracle.com.
Oracle is registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
Shares of Oracle rose 13.4% just minutes after this historical announcement. Linus Torvalds was not available for comment at the time of publishing.
Send this to a friend
Thousands of comments on OOXML, which Microsoft and its partners apparently try to hide and make unavailable (or too cumbersome for many to access for further scrutiny), were put here, but bandwidth has apprently just run out.
“This is absolutely unacceptable. It’s outrageous, scandalous even.”Little time is left before the BRM begins and it seems more and more obvious by the day that Microsoft hopes to be the supervisor, the moderator, the voter, the maintainer, and the gatekeeper. This is absolutely unacceptable. It’s outrageous, scandalous even. Who can possibly approve such sociopathic behaviour in a process that was supposed to involve gentlemen?
This OOXML fiasco is far from the first. We could truly learn a lesson from Windows-only graphics. Remember OpenGL, the ‘ODF of graphics’?
Small comment again. Got into a discussion over OpenGL. Now, as I’ve posted before, I hold that DirectX is a dead format. It’s a proprietary API that locks developers out of the maximum number of systems they can publish on.
The second is… Microsoft. What makes this even more odd is that I know that unlike Nintendo, Microsoft used to be part of the OpenGL Architecture Review Board. So…
The next time someone says to you that Microsoft supports open Standards… point out that Microsoft left OpenGL in 2003… and hasn’t made any effort to rejoin.
Microsoft is still hoping to escape into the horizon with its so-called ‘ISO standard’, which it then will work on and extend in isolation, just as Brian Jones pretty much predicted. If there are lessons to be learned which pertain to labour, complexity and cost, it’s in OpenGL and DirectX. Try approaching NVIdia and ATI/AMD engineers who need to support two APIs rather than one universal API. █
Send this to a friend
Open… for interpretation
By this stage, many people have possibly forgotten the Burton Group-Microsoft stunt. It isn’t the latest one though. As the following short article indicates, Microsoft’s claim that OOXML has opened up further (as once requested) is nothing but another stunt.
One has to wonder where Microsoft thinks it’s going to find anyone competent who’s willing to write open source BSD licenced code that can only benefit the Vole [Microsoft] itself, without any compensation except a promise not to get sued.
Sam Hiser actually predicted something of this kind about 4 months ago when we corresponded. He said that Microsoft would let some binaries go at the last minute in order to give its little standardisation-by-corporation campaign a much-needed boost.
Meanwhile, in Denmark, Microsoft’s spin doctors continue to upset, as the following meeting minutes reveal:
We didn’t discuss why the OSP isn’t enough but [Microsoft's] Chris did a lot of work criticizing Andy Updegrove for his articles against Microsoft. Well, in another audience that might work.
I criticized Microsoft of taking the fast track route when it was later discovered that the specification was not at all qualified for that route. A document is not ready for a fast track, when so many faults and errors can be found. ECMA didn’t do their job. Chris some kind of agreed (!) with me and said that the route was chosen after recommendation from ECMA.
I am beginning to understand why Microsoft is still claiming to be open. Basically it’s a matter of how we interpret the one word open. Microsoft think that XML alone makes the standard open. I use another definition. The process has to be open and transparent and the organization must be protected from being hijacked by a singe vendor. I don’t think he [Chris Capossela] agreed or even commented on that.
It sure seems like Microsoft is aware of its sins. It hasn’t any defense for it, either. Rest assured, it will strive to rewrite history when the whole thing is over. Fortunately, we have plenty of stories documented — and they ain’t going away any time soon! █
Send this to a friend
Somebody, stop this train! It’s insanity.
Microsoft Proxies in Malaysia
Last week we put together a fairly comprehensive report which contains links to articles about the developments in Malaysia. There is a great deal of manipulation by Microsoft over there because the country has already chosen OpenDocument format.
Microsoft lobbying in Malaysia is far from new, but the following article sheds some light on its extent.
While the battle between proponents of ODF and OOXML rages on, Microsoft is making some headway persuading several strategic organisations in Malaysia to adopt OOXML.
Microsoft is hoping to have industry partners apply pressure to officials. This is very typical and we saw this in Croatia just a couple of days ago. It’s another class of proxy strategies, of which there are plenty. Examples also include the use of partner analysts as mouthpieces (e.g. Burton, IDC).
Since Malaysia is discussed here, it is also worth bringing back the story about a national disaster (2004 tsunami) where Microsoft's poor file formats prevented access to vital data. In other words, formats were a matter of life and death. And that’s just one example among others and there is a good video about this.
To say more about preservation, here is a one-hour presentation on this topic. Additionally, the following new paper explains preservation in the context of the Web. Here is its abstract: [via Andy Updegrove]
There are innumerable departmental, community, and personal web sites worthy of long-term preservation but proportionally fewer archivists available to properly prepare and process such sites. We propose a simple model for such everyday web sites which takes advantage of the web server itself to help prepare the site’s resources for preservation. This is accomplished by having metadata utilities analyze the resource at the time of dissemination. The web server responds to the archiving repository crawler by sending both the resource and the just-in-time generated metadata as a straight-forward XML-formatted response. We call this complex object (resource + metadata) a CRATE. In this paper we discuss modoai, the web server module we developed to support this approach, and we describe the process of harvesting preservation-ready resources using this technique.
OOXML is Binary!
ECMA, a Microsoft middleman, tries to hide this. Microsoft tries very hard never to talk about this. But we shouldn’t be naive or passive. OOXML still contains operating system-dependent binaries.
In short it means ECMA finds Open XML shall remain an incomplete specified and inconsistent format. Some elements are still (in the spec undocumented) binary. It is hard to understand why DEVMODE structures cannot be transformed to XML for consistency reasons. Ah! “High-fidelity” of course which means everything but in particular that your XML format is a projection of the binary format, also by some referred to as a “dump” of the old legacy format. Even more fidelity is guaranteed when you just take the binary. In wonder why the drafters of the format started this WordprocessingML and didn’t add support for the highest fidelity of the doc format inside the open packaging zip container.
Surely, our grandchildren will never find a way to figure out what undocumented series of zeros and ones actually mean and how they should be treated in order to retrieve important old documents. Who is ECMA kidding? If OOXML ever passes at ISO, this will be a first-class fiasco and a total mockery of international standards. █
Send this to a friend
“…we should take the lead in establishing a common approach to UI and to interoperability (of which OLE is only a part). Our efforts to date are focussed too much on our own apps, and only incidentally on the rest of the industry. We want to own these standards, so we should not participate in standards groups. Rather, we should call ‘to me’ to the industry and set a standard that works now and is for everyone’s benefit. We are large enough that this can work.”
–Internal document, Microsoft [compressed PDF]
Applications do not define standards and standards are not made of applications. This is probably crystal-clear, but many attempts are made to portray OpenOffice.org as the embodiment of ODF, which it is not. This happens to be far from the first time that Microsoft systematically spreads lies about OpenOffice.org, which puts at risk Microsoft's biggest cash cow. We will give an example of such lies at the bottom of this post.
Meanwhile, pleasant news is arriving from the OpenOffice.org team, which put together a schedule for the next major release. The Wiki which talks about the dates appears to be dysfunctional at the moment, so here is a rough copy.
• release candidate for all languages: July 25th, 2008, begin of TCM testing
• Product release: September 2nd, 2008 or OOoCon 2008 mid September.008-01-13/
Free Software Magazine has just published an article that takes a look at the most recent version of OpenOffice.org. It tries to validate the suitability of OpenOffice.org for a business.
To continue my look at how non-profits and the free software community can engage, I’ve decided to look at some popular free software products and see how well they fit the need of an average charity—namely my employer.
It is worth adding that an ODF-friendly office suite, derived from OpenOffice.org, is soon to arrive Apple’s platform as well. [via Bob Sutor]
IBM will release Lotus Notes and its Lotus Symphony productivity package, a free alternative to the documents and other software in Microsoft Office, for Apple’s Macintosh computers.
So far, Apple has proven and demonstrated a level of support for ODF. IBM and various versions of OpenOffice.org for Mac (NeoOffice, plus a native version on its way) are just a few among others.
Returning to the point made earlier, remember not to trust what people tell you about OpenOffice.org’s abilities and performance. There is a tremendous amount of FUD making the rounds, especially in unmoderated forums where no fact-checking is involved. Here is a new benchmark that falsifies some ugly myths about OpenOffice.org. Mind this bit:
Therefore, do not fall for the statement that OpenOffice.org is more bloated. Those statements either stem from ignorance or are FUD. Both are dangerous.
This whole post may seem somewhat promotional, but it is not. It is merely motivated by recent developments — and especially the anticipation surrounding version 3. █
Send this to a friend
“We do NOT want to ship the ’standard’ with Windows because we want to make the native APIs more attractive. We want to evolve the standard APIs rapidly, and not have ISVs [independent software vendors] spending time on something that is cross-platform. “
–Chairman Bill Gates (CEO at the time)
The previous post covered some of the latest news about software patents. More on this fiasco can be found here. We said we would return to the possible issues with the Mandriva-Turbolinux collaboration (Manbo), if there are any at all (we never suggested this. but Groklaw did).
Here is what Mandriva’s CEO had to say in response to those who are worried.
Our recent announcement concerning the creation of a joint lab with Turbolinux has generated some controversy. Even PJ, from Groklaw, a site we like very much at Mandriva, showed some concerns and signaled her intention to stop using our Distro.
He alleviates many of the doubts, which is reassuring. It gives a cozy feeling, but be sure to see Brian Proffitt’s skepticism, as well. He actually corresponded with Mandriva’s CEO.
I wrote back: “I’m trying to understand how logistically this will work. Is there some sort of ‘clean room’ in place to keep Mandriva developers from seeing any Turbolinux code that might fall under the alleged Microsoft patents or any code that Microsoft may have directly contributed to Turbolinux?”
“The 10 or so engineers working in Manbo Labs have no access to any of the Turbo technology that is not is the lab scope. And everything in that scope is GPL,” Banchilon replied.
Not content with explaining it just to me, Banchilon reiterated these technical aspects, with more detail, on the Mandriva blog today. Specifically, he indicated what the scope of Manbo Labs would be:
- The scope of work is about 100 low-level RPMs, all in GPL
- Product will be available for public release under GPL
- Development is public, made on our Cooker environment and associates the community
Is that enough to assuage the fears of the community? Hopefully so. I think the two companies need to help each other technically and it sounds as if Mandriva is taking care not to get involved in Microsoft’s shenanigans.
It’s a matter to trust. Mandriva has not compromised their values before, and I think that’s earned them the benefit of the doubt.
The Mandriva situation came about at roughly the same time as the JVC-Microsoft patent deal. They were announced almost simultaneously. Sadly enough, some other sources are still spreading doubt and create unnecessary drama. Microsoft’s Bink, for example, writes about Microsoft’s average of 250 patents per month:
However, the company [Microsoft] also begun a broad intellectual property licensing push several years ago, under which it licenses technology to many companies big and small. The company has signed a slew of patent cross licensing deals since then, the most recent being Tuesday’s deal with Japan’s JVC.
Trolling through filings can offer a glimpse of where a company is headed, but as with Apple’s closely watched patent filings, seeing something in a patent application is far from a guarantee of what will eventually ship.
What was more annoying is shrewdly-crafted disinformation/FUD from InformationWeek’s Paul McDougal, which resulted in headlines like this one: Microsoft profits from Linux again, easier than improving Windows Vista
While that may be true, the above statement is made in reference to the JVC deal, despite the fact that there is no evidence of Linux being involved. Over the line? Well, we looked at JVC before. Judge for yourselves and do not rely on fear mongers. █
Send this to a friend
“Software patents continue to chill adoption of innovations. Fight the corresponding legislation at every opportunity.”
–Ben Finney, 18 Jan 2008
The quote above was extracted from a mind-boggling Debian thread which relates to another recent one from the Fedora project. Software patents are having a terrible effect that already changes some GNU/Linux distributions. This means that products have beneficial ingredients castrated, not to mention financial aspects of harm, as explained by the following new article.
The $250 million Vonage burned through as a result of the patent lawsuit brought by Verizon et al provides yet another example of why patents for business processes implemented on computers (a.k.a. software patents) deserve to die. Verizon’s two successful “name translation” patents negate an open standard assembled by Cisco, Microsoft, IBM, Intel and Vocaltec via the VoIP Forum during 1996. The threat of patent litigation cleared the landscape of independent VoIP companies the VoIP Forum sought to make possible.
The telecom example which is used above includes a description about the difficulty in obtaining evidence of prior art. This is costly. It’s far from over in that sector because Verizon now proceeds to suing Cox.
Now Verizon is going after Cox, which has more than 2.1 million IP telephony customers.
Other than a reform, what can possibly end this madness in the United States? Microsoft’s patent deal with Novell has already had a chilling effect on the sharing of code (we will return to the Mandriva-Turbolinux situation shortly). On the bright side of things, the GPLv3, which addresses some of those patent-related issues (‘protection’ by association), continues to gain ground. Palamida indicates that over 1,500 projects have already adopted this new licence, which now boasts some big names like Trolltech.
Over the past week we have passed the 1.5k milestone. Within just over 6 months, 1535 projects have adopted the GPL v3, which is a growth of 56 GPL v3 projects over the last week.
The more predatory patent troll become, the more projects we are likely to see adopting this new licence. █
Send this to a friend
If you say it often enough, people will believe it
We have developed a habit of keeping track of analysts who are obviously paid or compensated for serving corporate agenda (e.g. [1, 2, 3]). This is very relevant in light of the recent OOXML propaganda that came from IDC and the Burton Group.
Here is another fine example from the news. We wish to debunk the said analysts using compelling evidence and fact. One of the predications which certain people made is this:
5. Windows Vista will be secure
Analysts were: Wrong
When Windows Vista was launched, Microsoft platforms group vice president, Jim Allchin, described a platform where its “safety and security” will be the “overriding features” for which most people will want Windows Vista.
Analysts from Gartner and the Enderle Group further touted Vista’s security features, highlighting in particular its spyware-fighting prowess.
Enderle and Gartner have been caught many times before. The former is a one-man, attention-seeking ‘consultancy’ whose major client is Microsoft. The latter, Gartner, is funded by Bill Gates and plenty of its revenue stream comes from work it does for Microsoft. Jim Allchin, by the way, escaped Microsoft as soon as Windows Vista was released. It truly make you wonder, does it not?
The people above claimed that Vista will be secure, but let us take a look at some headlines which cover separate incidents that occurred in the past year (sorted reverse chronologically for the most part).
The latest round of patches revealed that Vista could be hijacked by merely sending a packet to it.
Microsoft’s first set of security bulletins for 2008 may be slim, but will include a fix for a critical vulnerability in XP and Vista.
More information about this incident can be found here.
One of the updates is considered critical for Windows Vista and XP users because the flaw it fixes could be used by attackers to install unauthorized software on a victim’s computer.
As we showed before, especially when Microsoft’s Jeff Jones was lying to the public, Microsoft redefines and reinvents the science of security in attempt to show that Windows is more secure. Seconia was accused of playing similar games just days ago. Here is what needs to be pointed out:
1. Critical Vulnerability in Microsoft Metrics
For Microsoft this makes sense because these fixes get the benefit of a full test pass which is much more robust for a service pack or major release than it is for a security update.
2. Skeletons in Microsoft’s Patch Day closet
This is the first time I’ve seen Microsoft prominently admit to silently fixing vulnerabilities in its bulletins — a controversial practice that effectively reduces the number of publicly documented bug fixes (for those keeping count) and affects patch management/deployment decisions.
3. Beware of undisclosed Microsoft patches
Forget for a moment whether Microsoft is throwing off patch counts that Microsoft brass use to compare its security record with those of its competitors. What do you think of Redmond’s silent patching practice?
4. Microsoft is Counting Bugs Again
Sorry, but Microsoft’s self-evaluating security counting isn’t really a good accounting.
The point: Don’t count on security flaw counting. The real flaw is the counting.
Getting back to Vista, let us look at some of the flaws we have seen:
1. Microsoft fixes 11 flaws in 7 patches; 5 affect Windows Vista
Microsoft on Tuesday released its December 2007 security bulletin, which includes seven updates: three are designated as critical by the software giant and four are deemed important.
2. December 2007′s Patch Tuesday’s Going to Be Big – Really Big
A Trio of Critical Patches
First up is a remote code execution patch for DirectX versions 7.0 (Windows 2000) through 10.0 (Windows Vista).
3. Security hole in MS-Windows Vista on Thanksgiving
Microsoft, although late, but did acknowledge that it is a flaw even in the latest OS (Vista) which should have been fixed long back.
4. Thirty-Six Updates Later—and Counting
Over the Thanksgiving holiday, I refreshed one of my Windows Vista test machines. Oh my, there were so many Windows Updates.
5. Vista security threats to rise in 2008: McAfee
Microsoft’s Windows Vista operating system will face increasing security threats, according to McAfee Avert Labs predictions for top 10 security threats in 2008.
6. Microsoft issues 6 ‘critical’ patches
The updates affect many versions of Windows, Server and Office software — including Windows XP and Windows Vista — and are meant to prevent hackers from breaking into Web surfers’ computers using specially crafted Web pages.
7. Buffer the Overflow Slayer v. the ActiveX Files [Vista included]
The vulnerability was discovered by Krystian Kloskowski and is rated “highly critical” in this posting on Secunia. It’s also discussed here on the US-Cert website. Proof-of-concept code can be found on MilW0rm here.
8. Microsoft plans six critical patches
At least one of the critical vulnerabilities involves Internet Explorer 7 and Windows Vista, both of which were conceived under new and highly vaunted development rigors designed to produce more secure products.
9. Patch Tuesday: Critical IE, Vista patches on deck
Of the four criticals, two will include high-severity patches for Windows Vista. The bulletin rated ?moderate? only affects Vista.
10. June Patch Tuesday to deliver Vista fixes and more
Four of this month’s bulletins are labelled ‘critical’ and relate to vulnerabilities that may allow remote code execution.
11. Microsoft Plugs Critical Vista Hole
Microsoft has just patched another critical hole in Vista that it knew about as long ago as last Christmas. The delay was similar to its lag in patching the serious (and heavily targeted) animated-cursor flaw I told you about last month.
12. Microsoft Patches Not One, But Three Vista Holes
Microsoft today released an update for the recently popular ‘animated cursor’ vulnerability. The update was originally scheduled for April 10th, but due to recent exploits, was rushed out today. The update wasn’t just for this one vulnerability though, in Vista, it addressed two others, and in all covered seven vulnerabilities in Vista, XP and 2000.
13. Windows Vista’s Built-in Rootkit
This poor implementation of the permissions structure can be exploited by malware to make files that are undetectable to Anti-Virus products.
14. More Windows cursor patch trouble [Vista included again]
A new issue with the fix has also come up. Some customers have experienced trouble when printing from SQL Reporting Services to a Printer Command Language (PCL) printer, Microsoft said.
15. Windows cursor patch causing trouble
Installing Microsoft’s Tuesday patch for a “critical” Windows vulnerability is causing trouble for some users.
16. MS Patch Tuesday: Vista dinged again
For the second time this month, Microsoft has shipped a security bulletin with patches for a “critical” Vista vulnerability that puts millions of users at risk of code execution attacks.
17. Security Researchers Say Windows .ANI Problem Surfaced Two Years Ago
Security researchers say the Windows .ANI bug that has been plaguing users for the past week first surfaced — and was patched — in early 2005.
18. Week in review: Cursing Windows’ cursor flaw
The software giant broke with its monthly patch cycle to fix a bug that cybercrooks had been using since last week to attack Windows PCs, including those running Vista.
19. ANI takers for Asus website virus?
Asus.com.tw, the website of Taiwanese motherboard maker Asustek, has been spraying visitors with the .ANI virus, security software makers confirmed today.
20. Will Next Tuesday’s 3 Updates Effect Vista?
I would suspect that one will be a patch for the Windows MessageBox exploit, so Vista should get it. Might another be for the Vista ‘Timer/2099 Crack’? I wouldn’t consider it critical, but Microsoft probably does.
21. Windows Vista now has its first exploit spotted in the public
Security experts have confirmed that a proof of concept code for an unpatched vulnerability in Windows Vista has been released on the internet.
There were warning signs in advance. Windows Vista was not made to have a considerable impact, security-wise, but hype was a key driver. It happens to be the same case with DirectX 10, whose hype was generated by faking images which create a false perception that it is a big jump compared to DirectX 9 (that is another shocking story about deception, but it’s worth a separate post). Here are some more articles of interest:
1. Windows Vista: It’s More Secure, We Promise
Well, allow me to take a moment to remind everyone of something that you might not remember – XP was also touted as being ultra secure. Seriously, can anyone honestly look themselves in the mirror and say this is the gospel truth? You have got to be kidding me. Similar to XP, Microsoft promises to have the most secure Windows version to date yet again.
2. Cisco exec: Windows Vista is scary
“Parts of Vista scare me,” Gleichauf said at the Gartner Security Summit here on Monday. “Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It’s always a struggle in security, trying to build for what you don’t know.”
3. Symantec Finds Flaws In Vista’s Network Stack
Researchers with Symantec’s advanced threat team poked through Vista’s new network stack in several recent builds of the still-under-construction operating system, and found several bugs — some of which have been fixed, including a few in Monday’s release — as well as broader evidence that the rewrite of the networking code could easily lead to problems.
Among Newsham’s and Hoagland’s conclusions: “The amount of new code present in Windows Vista provides many opportunities for new defects.”
“It’s true that some of the things we found were ‘low-hanging fruit,’ and that some are getting fixed in later builds,” said Friedrichs. “But that begs the question of what else is in there?”
With so many incidents out there, there remains this Big Lie that Vista is secure. Paid analysts do not help here. █
Send this to a friend