Bonum Certa Men Certa

Orwellian EIF, Fake Open Source, and Security Implications

George Orwell
Open is close enough



Summary: The manipulation of Europe's interoperability framework (by Microsoft lobbyists and others) is made more visible; other news of relevance

Yesterday we wrote about the European Interoperability Framework (EIF), which Microsoft front groups were leaning on [1, 2, 3] until "open" almost came to mean "proprietary" and "patent-encumbered". The original analysis has received a lot of response; for instance, Neko Nata compares this to Microsoft's corruption of ISO and Bob Robertson quotes Orwell as follows: "Languages evolve, sometimes faster than others." In ComputerWorld UK, E.T. Anderson compares it to "War is peace".



Here is new coverage from The Register:

The European Union has long promoted open source software, but it seems that years of expensive lobbying by big software companies has finally worn down the bureaucrats' resistance.

The latest version of the European Interoperability Framework - which aims to offer governments and businesses guidance on using open source software - has substantially weakened its definition of what open source is. This follows years of lobbying by the BSA, representing multinational, and substantially closed-source, companies.


Ars Technica covers this too:

The EIF's new definition of openness is also troubling. The text no longer explicitly requires that patents on standards be made available under royalty-free terms. Royalty-free patent grants are important because they ensure that open source implementations of the standard can be created without serious intellectual property impediments. The new draft attempts to address that same issue, but does so poorly—it requires that the standard be possible to implement "under different software development approaches" and indicates that open source software is an example of one such approach.

The ambiguity is potentially problematic. There are some cases where standards are provided under terms that make it technically possible to create open source implementations but with significant impediments that inhibit broad downstream redistribution or make it practically unfeasible. An arrangement like the controversial deal between Microsoft and Novell is arguably an example.


Yes, part of Microsoft's plan is to use patent deals (like that of Microsoft and Novell) to eliminate the Freedom of free software and to make it expensive. Steve Ballmer said at the beginning of 2007: "The deal that we announced at the end of last year with Novell I consider to be very important. It demonstrated clearly the value of intellectual property even in the Open Source world. I would not anticipate that we make a huge additional revenue stream from our Novell deal, but I do think it clearly establishes that Open Source is not free and Open Source will have to respect intellectual property rights of others just as any other competitor will."

The FSFE's founder, Georg Greve, became aware of this EIF subversion and he immediately responded. Deep inside he is not a fan of Microsoft's behaviour; just days ago he wrote: "Unethical, appaling and disgusting: #FamilyGuy corrupted by #Microsoft http://is.gd/4G5QH, a clear violation of http://is.gd/4G5Sh, it seems"

One of our readers gave us input by mail, referring specifically to the news about Skype playing similar tricks with "open source" and interoperability (David Gerard compares it to Helix at Real). According to SJVN, Skype is not going Open Source any time soon. Well, not yet anyway.

The basis for this? Some correspondence between Skype technical support and a Mandriva Linux user (Skype supports generally older versions of Debian, Fedora, openSUSE, and Ubuntu). In it, the French-speaking Skype technical support rep said that it's possible that the final version of Skype for Linux will be open source.

That wasn't much, but it did hint that it might be possible that Skype was going to at least make its Linux client open-source. I decided it was worth my time to look further.

I gave Skype a call in Luxembourg. A Skype public relations spokesperson quickly replied: "We appreciate our user community's enthusiasm and realize this is something they have been wanting for a while. We realize the potential of the open-source community and believe that making Skype for Linux an open source application will help to speed up its development and enhance its compatibility with different versions of Linux. While it is our goal to make Skype for Linux source code available to the community in the near future, we are not at a point to disclose an exact release date yet."


Our reader explains: "It seems Skype is joining the effort to mislead the public about openness and to try cash in on the need for FOSS while not actually providing it." A sort of retraction has just been posted.

Our reader continues as follows: "It would be great if it were true that Skype really released an open source package, but like most things that are too good to be true, it isn't true. The new Skype will be neither open source nor open standards. It will contain a blob and still use that same tired old insecure, proprietary protocol instead of SIP."

He then cites the original story about EIF being subverted by Microsoft and its allies. "This comes at a time where the word, and advantages, of 'open' are under attack even in the EU," he explains. He adds some links for perspective:

"You'd think that with recent news

Der Spiegel: Mossad hacked Syrian computer to uncover nuclear site

"...and with not so recent news

US software 'blew up Russian gas pipeline'The Farewell Dossier[ISN] Interview: Theo de Raadt of OpenBSD

"...and with downright old news

David A. Wheeler’s Page on Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers

"...and with just plain ancient news

Reflections on Trusting Trust

"...that jobs, economies and sometimes lives are at stake."

This leads to another important issue which is cost/debt, not just death.

We previously wrote about Windows malware at NASA facilities that are located in space [1, 2]. They foolishly relied on Microsoft Windows and another reader of ours wrote about "anti virus software on the ISS" in light of this new interview:

Have you ever had hackers infiltrating the ISS systems?

"The software we use to interface with the ground is just a file transfer back and forth, and it would be a very difficult thing to do. The chances of someone hacking up into the station is pretty much non-existent and it has never happened. Even if they could, the laptops themselves do not have a critical function like life support. There is a set of laptops that do provide the crew with cautions and warnings, but from a daily standpoint the astronauts really don't use them -- the ground monitors everything for them."


"This is 2009," says our reader, "we should all be going round in flying cars, yet even NASA can't protect itself from Microsoft Viruses... From the tone of the questions, it's even considered normal to get 'viruses'."

Even Microsoft is finally admitting the scale of the Windows worms epidemic, soon using "malware" to encourage people to pay more to Microsoft.

Microsoft blames malware on illegally copied software



[...]

Jeff Williams, the principal group program manager for the Microsoft Malware Protection Center claims there is a link between use of illegally copied software and malware infection rates.


They are just trying to upsell "licensed" Windows and charge for it in places where Microsoft does not really mind counterfeiting because it is used as a weapon against GNU/Linux adoption.

Our reader Ryan (fourth one mentioned in this post) sent us a pointer to this new Microsoft patch, which he summarises as "new IE patch patches the last patch." Yes, Microsoft can't even get its patches to work right the first time. It usually means that the code is messy and thus hard to maintain (modify reliably). Ryan also points out that T-Mobile is suffering another major outage following the Sidekick fiasco that we wrote about in:



The next post will look at more distortion of openness, in the context of document formats.

Comments

Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
 
GNOME GUADEC 2022 & Debian Albanian women trafficked to Mexico?
Reprinted with permission from the Free Software Fellowship
Sainsbury's: It Takes Us Up to Two Days to Respond to Customers Upon Escalation (and Sometimes Even More Than Two Days)
It not only does groceries but also many other things, even banking
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day