07.23.10

Novell Too Busy (With Proprietary Software) to Promote OpenSUSE

Posted in GNU/Linux, Microsoft, Novell, OpenSUSE, Servers, SLES/SLED, Virtualisation at 10:21 am by Dr. Roy Schestowitz

Summary: Novell continues to show that it doesn’t care about OpenSUSE; instead, it’s focused on marketing Fog Computing, proprietary software, and the Microsoft-taxed SLES

EARLIER this week we noted that Novell had put Banshee (patent liability) inside OpenSUSE 11.3 and gave this release so little attention that it deserves to lose possession of OpenSUSE and its volunteer workforce. We have spent a few hours going through Novell news and Novell sites, but all we found from Novell is this lousy press release from last Thursday (July 15^th, 2010). That’s all the promotion Novell appears to have done for OpenSUSE. Typical.

Looking at some news sites, none of the major ones covered this release, but some medium-sized ones did [1, 2] and so did blogs, e.g. [1, 2], or something in between [1, 2, 3, 4]. Some sites posted pictures and shared advice (e.g. [1, 2]), but there was nothing in Novell’s PR blog about the release of OpenSUSE 11.3. Instead, Novell chose to cover Fog Computing/virtualisation [1, 2], which led to articles around this particular theme.

Liquor group Pernod Ricard Australia has emerged as one of the early local pioneers for Novell’s Cloud Manager, currently available in beta form, prior to the product’s formal launch slated for September.

The posts from Novell’s PR blog simply beg for the characterisation of Novell as a Fog Computing company [1, 2] and also in the press (more mainstream press) people may get the impression that Novell is still a purely proprietary software company. The company’s staff is quoted on these matters, sometimes in the context of security [1, 2], though not in the SUSE/Linux sense.

“The PR blog sticks to Gartner boosting, quite frankly as usual.”Novell’s PR blog continues to cover proprietary software like identity management, which was covered/publicised in Forbes. The PR blog sticks to Gartner boosting, quite frankly as usual.

GroupWise 8 Service Pack 2 is released, but there are many flaws in this piece of proprietary software [1, 2, 3] and others.

The point to get across here is that Novell did nothing to promote OpenSUSE, except that one press release. When it comes to SLE*, Novell is poaching Sun customers and SLES (not OpenSUSE) was mentioned in relation to IBM’s proprietary offerings — ones that may relate to those “Cloud Competence” announcements from IBM (also here):

IBM is working with a range of business partners across cloud management, security, software development and testing support. As a result, IBM can offer clients flexibility, scalability, enterprise-grade security and control for development and test on the IBM Cloud. By co-operating with Novell for example, IBM has SUSE Linux enterprise components available and can offer its enterprise customers a full range of Novell capabilities for smart development and workload testing services.

Novell helps IBM with Fog Computing in Ehningen, Germany and it also promotes Fog Computing in China by helping to create a “Cloud Computing Laboratory”.

This is not about Free software at all. SUSE is in fact not free either and it carries with it a Microsoft patent tax. Who would choose to train for SLES rather than RHEL, for example? Some people might. From the news:

The Novell Certified Linux Engineer (CLE) 11 practicum exam is now available. This hands on assessment, which costs $195, is based on SUSE Linux Enterprise Server 11 and can be taken by individuals who currently hold a Certified Linux Professional (CLP) 10 or 11 credential.

Novell is up for sale and Red Hat’s market cap is almost 3 times that of Novell. So why would anyone choose to bet one’s future on SUSE? It’s a lost cause. █

Permalink Leave Your Comment      Send this to a friend

Microsoft Hides Security Flaws, Then Brags About Transparency

Posted in Microsoft, Security, Windows at 8:10 am by Dr. Roy Schestowitz

Summary: Security news from Microsoft and the facts Microsoft carries on hiding

MICROSOFT’S practice of silent patching (fixing security bugs without ever telling anyone about it) does not prevent the company from lying about disclosure [1, 2] and even bragging about “transparency”. What a nerve they have when they produce reports that daemonise Red Hat based on incomplete data which Microsoft itself is knowingly hiding.

Today we look at some recent security problems, starting with one which was covered before:

Microsoft’s problems with Token Kidnapping [.pdf] on the Windows platform aren’t going away anytime soon.

“Microsoft gives up on Windows security flaw,” says the headline of another report.

DEVELOPER OF INSECURE SOFTWARE Microsoft has seemingly given up on finding a solution to a security vulnerability that takes advantage of the way Windows uses shortcuts.

As The INQUIRER reported on Monday, just about every operating system released by the Vole in the past decade is affected by the security flaw, which allows hackers to remotely execute code on Windows systems. Microsoft was relatively quick to admit to the problem, saying that the fault lies with the fact that “Windows incorrectly parses shortcuts”.

The risk was increased by removable and network storage mechanisms such as USB memory drives, which can be ‘autoplayed’ when connected. Due to a dodgy digital certificate in a driver, users would be none the wiser as control of their system was being outsourced to someone else.

From Slashdot (the summary):

Microsoft Has No Plans To Patch New Flaw

“Microsoft has acknowledged the vulnerability that the new malware Stuxnet uses to launch itself with .lnk files, but said it has no plans to patch the flaw right now. The company said the flaw affects most current versions of Windows, including Vista, Server 2008 and Windows 7 32- and 64-bit. Meanwhile, the digital certificate that belonging to Realtek Semiconductor that was used to sign a pair of drivers for the new Stuxnet rootkit has been revoked by VeriSign. The certificate was revoked Friday, several days after news broke about the existence of the new malware and the troubling existence of the signed drivers.”

Glyn Moody explains that “after all, with all the others [flaws], who will notice?”

Dell is now shipping computers with a hardware trojan that only affects Microsoft Windows. The New Scientist does not call out Windows, but the malware name is self explanatory.

Further information posted on Dell’s community forum reveals that the trojan in the affected motherboards is stored in onboard flash memory rather than firmware ROMs. And the malware at issue is called w32.spybot.worm, which normally spreads using file-sharing networks and an internet chat client.

Social networks are now being blamed for merely carrying messages that are used to control Microsoft Windows botnets. One should say “Windows botnet” and “Windows malware”, not just “malware”; these things are not universal. They specifically exploit Microsoft’s bad engineering. “Time to Get Rid of That Other OS,” argues Pogson.

The latest outrage is an attack that exploits another form of “autorun” for shortcuts/links on USB drives. That other OS lets the malware walk right in even if the user does not click on any of the links. That other OS tries to be so helpful…

The original article does name Windows as the problem (also in the headline).

Hackers have developed malware that spreads via USB sticks using a previously unknown security weakness involving Windows’ handling of shortcut files.

“Don’t Call the Police,” Pogson concludes.

There is no limit to how bad malware can be. It can range all the way from sending spam e-mail from your machines to selling all customer lists and sabotaging data by rot over a long period of time so that by the time you catch it weeks of work could go down the drain. The worst case is killing your operation through lawsuits charging negligence in allowing disaster to happen when reasonable people know you do not allow malware to run on your systems.

Running Windows is truly a liability. Windows was never designed to be secure. █

“There was no strategic direction from Bill and Ballmer about these two things. It was like, ‘Well we have these two things, DOS and Windows, and do we have to run on top of this new multitasking DOS? Are we running on top of DOS 3.0 and we just ignore those guys?’ That went on for a year, this lack of strategic direction. And we just made our own decisions.”

–Steve Wood, one of the first Microsoft developers

Permalink Leave Your Comment      Send this to a friend

Patents Roundup: Identifying Real Patent Foes and Conflicts of Interests

Posted in FSF, GNU/Linux, Law, Microsoft, Patents, Red Hat at 7:33 am by Dr. Roy Schestowitz

Summary: Patents are a double-edged sword that’s abused both by opponents of GNU/Linux and defenders of it; the patent trolls are the only small entities to benefit from patents (law firms aside)

WHEN it comes to software patents, Microsoft is the #1 enemy of GNU/Linux. People like Florian Müller would like to divert attention away from Microsoft (Müller has written many comments there to defend himself) and in response to the likes of them, Pogson writes a detailed rebuttal (which saves others from needing to do so).

I recently received a FUD post about four companies: IBM, RedHat, Google and Oracle. The FUD being sown was that these folks while pretending to be FLOSS supporters were actually crassly fighting open interoperability. The truth is much different.

IBM, Red Hat, Google and Oracle all have a misguided policy when it comes to software patents for reasons we explained before; but it hardly makes them a threat to GNU/Linux. We expect that the inclusion of Red Hat here would raise a brow, but we covered this subject in posts such as:

• Novell, Red Hat, and Software Patents: Strike II
• Red Hat Fights Fire with Fire
• Patents Roundup: Red Hat, Former USPTO Commissioner on Patent Demise, and WIPO Notes
• Patents Roundup: Red Hat Again; EPO and USPTO Debated
• The Other Side of Red Hat: Pieter Hintjens on AMQP and Patents
• How Red Hat Dodged a Novell-Like Microsoft Deal Despite Lobbying for Software Patents
• Red Hat, Microsoft, EU Lobbyists, and Software Patents
• A Glimpse Back at Red Hat’s and Novell’s Stance on Software Patents in 2005
• Red Hat and Software Patents (Video)

Mark Webbink, who used to work for Red Hat, is still taking an OIN-like approach whereby he chooses to live alongside software patents and defend Free software. It’s arguably impractical. In Red Hat’s site he has just published this article about Peer To Patent, which we last criticised when Peer To Patent Australia got announced.

The willingness to collaborate brought us free and open source software. Now we continue to see that willingness to collaborate permeate our government agencies. A prime example is the Peer To Patent program developed at New York Law School by Prof. Beth Noveck. First presented as an idea on her July 2005 blog Peer to Patent: A Modest Proposal, Peer To Patent has become an early success story in actively engaging the public to improve the quality of government decision making.

[...]

In addition to the U.S. pilot projects, IP Australia has run a Peer To Patent – Australia pilot project in conjunction with Queensland University of Technology with technology assistance from New York Law School. The results of that pilot are now being compiled, but it appears the results will be quite similar to those in the U.S. Later in 2010 the Institute of Intellectual Property in Japan plans to run a Peer To Patent pilot in conjunction with the Japan Patent Office.

Webbink is one of the legal types to whom software patent problems are potential business. That’s just being honest and looking at the vested interests. The SFLC may have similar interests which the FFII sometimes criticises it for.

As people may imagine, with the arrival of the Bilski decision came many self-promoting plugs that are concise summaries/analyses of the longer original text. We received such ‘plugs’ by E-mail and it turns out we were not alone:

as the decision came down Monday, The Prior Art’s inbox was filling up with e-mails from lawyers and law firm publicists offering expert commentary on what it all meant. (By the end, the number of pitches had hit nearly 40). One e-mail, from Goodwin Procter’s Stephen Schreiner, contained a statement that typified the joyous tone of the patent bar’s broader reaction. Schreiner said the Court had “launched the United States Patent System into the Information Age with the Bilski v. Kappos decision today….Rejecting the chorus from some demanding the Patent System be limited to Industrial Age technology, the Court answered with a flat ‘no,’ finding patents are available for software, business methods, medical diagnostic techniques, and other products of the Information Age.”

[...]

And what about those who sought an even more far-reaching change—the abolition of all software patents (of which it is estimated there are now more than 200,000)? The Bilski decision makes that dream look like one that may never come true. Some of the anti-software-patent activist groups are likely to refocus on educating Congress and the wider public about their cause rather than hoping for near-term court action.

“I’m not optimistic about it,” says Peter Brown, director of the Free Software Foundation. “At the end of the day, if this decision allows more abstract ideas to be patented, there’s going to be a hell of a lot more litigation.” Such pressure could ultimately lead the business community to push for more limits on patents. “Maybe the financial services industry will say, ‘Clearly, we’re not getting anywhere with the courts,’” Brown adds.

Brown is from the FSF. Unlike several other groups, the FSF makes no money from legal problems. That’s why we trust the FSF more than anyone else (e.g. OIN, SFLC, the academics behind Peer To Patent) when it comes to a conflict of interests-free stance on software patents.

“Sony is also a huge promoter of DRM and sponsor of the MAFIAA (RIAA|MPAA).”In other patent news, Sony is said to have just patented two-player 3-D technology, which sounds like a software patent. Slashdot has links to the filings and it has changed its headline to improve accuracy.

Sony is a big promoter of software patents, for obvious reasons. Sony is a massive company (almost twice the number of employees Microsoft has), so it can afford to waste time filing for patents. Sony is also a huge promoter of DRM and sponsor of the MAFIAA (RIAA|MPAA).

According to a new academic study, patents in general are bad for startups.

It seems that every week we hear about another patent lawsuit between tech companies claiming the exclusive rights to various technologies and methods. With large corporations like Apple, Google and Microsoft frequently defending patents in court, smaller companies may get the idea that patents are the best way to protect intellectual property. A recent survey from the University of California, Berkeley found that, in fact, the opposite trend is appearing among these types of companies. The largest reason? Cost.

We wrote about this yesterday and received the following good feedback from Jose_X, who argued: “The example above showing the small businesses being put out of business from patent threats shows why patent broad government subsidy hand-cuffing monopolies should never be applied to the medium and small groups (or at least not too harshly). Let the giants fight, but if some technology is within the development capabilities of small firms, then a monopoly or even just the threat of it by litigious entities is too stifling to many.

“We should not be creating tools (and artificial scarcity) by helping wealthy groups tax small groups or even put them out of business with these tools.

“We should not be creating tools (and artificial scarcity) by helping wealthy groups tax small groups or even put them out of business with these tools.”
      –Jose_X“One possibility for patent reform is to limit how any patent can be used on entities which have revenues/profits below a certain amount and are not mostly owned or controlled by another entity that itself might fail to qualify.

“An additional possibility is to outright prevent “information” or abstract patents. The SCOTUS has ruled this way over the years, but that hasn’t kept litigation down in the US. Congress should pass a clear law to remove “information” patents. The broad coverage possible from a patent (or from a broad copyright “derivative works” definition) is too far reaching and hence stifling unless it only affects a small number of groups that already have significant levers at their disposal.”

The only ‘startups’ that can benefit from patents are patent trolls, but they offer no value whatsoever to the industry. To expand on the new example which we gave yesterday, here is more press coverage:

• InNova accuses Apple, Google and RIM in patent infringement on the spam filtering technology
• Will Spam Filtering Lawsuit Impact Managed Services Providers?
• Apple in trouble over spam filtering
• Patent Holding Company Suit Against Entire Tech World Claims Infringement of Anti-Spam Patent
• InNova Patent Licensing LLC files infringement lawsuit against thirty-six companies over email spam patent
• Texas company says it owns patent to spam filtering, sues Google, Apple, Yahoo, Dell, AOL, IBM, 30 others
• Apple, Google, Yahoo and Others Slammed With Patent Lawsuit For ‘Spam Email Identification’
• Apple, Google, and Others Sued Over Spam Email
• Apple among 36 companies targeted in e-mail spam patent suit
• Apple, Google, Yahoo and Others Slammed With Patent Lawsuit For ‘Spam Email Identification’
• Patent troll sues Apple, Google, RIM over spam filtering

There is even a press release about it.

Other patent trolls like Spangenberg [1, 2, 3] are fortunate enough to receive press coverage. From the opening:

Erich Spangenberg makes a fortune suing major corporations for infringing on patents he owns. Is he exploiting a legal loophole or is he a modern-day Robin Hood? A look at one very unusual and vilified profession.

Calling it a “profession” is like characterising Bernard Madoff as a “professional”. █

Permalink 18 Comments      Send this to a friend

Companies and Intellectual Properties Registration Office (CIPRO) Helps Microsoft’s Monopoly

Posted in Africa, Free/Libre Software, GNU/Linux, Windows at 6:48 am by Dr. Roy Schestowitz

Summary: A government agency makes Microsoft even stronger, probably due to bad design by its staff

THE Companies and Intellectual Properties Registration Office in South Africa allegedly requires that people go to Microsoft, purchase a copy of their user-hostile software, and then access the CIPRO Web site to merely be treated like a worthy citizen:

So, if that is the case, then how come the Companies and Intellectual Properties Registration Office (CIPRO) demands that visitors use Internet Explorer when visiting the site? The site has this warning (in red):

“Customers must use Internet Explorer for any CIPRO transaction. To download it, click here.”

Why exactly users need Internet Explorer is not entirely clear because the site appears to still work even if you’re using another browser. There may well be sections of the site that don’t work unless you use Internet Explorer but they’re not immediately obvious.

Sadly, in Korea this is the reality in many government Web sites, but they are said to be changing this at the moment. In Korea, only old people may remember an Internet that works all right without Internet Explorer. CIPRO too should fix this as soon as possible. It helps hinder South Africa’s migration to GNU/Linux and/or Free software (i.e. independence) — a migration that Microsoft still actively derails. South Africa is up against more than just a simple company here. █

Permalink Leave Your Comment      Send this to a friend

Russia Keeps Working on GNU/Linux (and Fighting Against Microsoft Corruption)

Posted in Antitrust, Asia, Europe, GNU/Linux, Microsoft at 6:35 am by Dr. Roy Schestowitz

Summary: ALT Linux and ASPLinux continue to be developed, despite disruptions from Microsoft and its partners

A FEW days ago we revisited Microsoft's tricks in Russian schools and we also mentioned the fact that Russian spies may be working at Microsoft (while the Russian secret services get access to Vista 7 source code). Russia routinely takes legal action against Microsoft for its market abuses [1, 2, 3], so Microsoft relies on diplomacy.

According to this report, Russia is helping Mandriva, on which some of its systems are based and the plan for a GNU/Linux-based national operating system is still on.

Russia plans to create its own national operating system (OS), said Ilya Massukh, Deputy Minister of Telecommunications and Mass Communications of Russia, as reported by newspaper Vedomosti. The OS is going to be Linux-based. The working prototype of the OS shall be available by the end of 2011. The newspaper mentioned Russian software vendors ALT Linux and ASPLinux among potential developers of the Russian national OS.

Here is some of the latest information about a Microsoft employee who came to Redmond from Russia and got deported for allegedly spying. Will anyone trust Microsoft’s Fog Computing with sensitive data?

Karetnikov was arrested in June 28 in Seattle, and detained until his Tuesday hearing, which was held in New York.

Compared to the Russian mafia or the KGB, Microsoft is not much better. A European government delegate compared Microsoft methods to “Scientology cult”. █

Permalink Leave Your Comment      Send this to a friend

ABI Research on a Bright Future for Linux in Devices

Posted in Free/Libre Software, GNU/Linux at 6:08 am by Dr. Roy Schestowitz

Summary: Where devices are concerned, Linux is all over the place and it’s important to ensure that Microsoft does not tax Linux using software patents

ACCORDING TO ABI Research, Linux will dominate non-smartphone mobile sales.

ABI Research projects that by 2015, Linux-based operating systems, led by Android and Chrome OS, will represent 62 percent of the OSes shipping in all mobile devices aside from smartphones. The study also suggests that Linux offers a unifying advantage for mobile platforms, with a large number of upstream components that can be shared in addition to the Linux kernel.

Yesterday we wrote about a change in attitude towards GNU/Linux at ASUS (Eee Pad will reportedly run Android, not Vista 7). ASUS is now explaining the GNU/Linux situation and Acer is preparing Android tablets too. It is important to keep pressuring Google to keep Android free, as Motorola puts serious restrictions in it and several other companies pay Microsoft for Android (patent tax for alleged infringements in Linux). Don’t allow Microsoft to get rich from sales of Linux devices; it doesn’t deserve it. █

Permalink Leave Your Comment      Send this to a friend

Microsoft ‘Works’ in Techrights

Posted in Microsoft, Site News at 5:58 am by Dr. Roy Schestowitz

“Two Microsoft employees threatened to sue me if I wrote about their behavior online, so I not only wrote the story, I mailed each of them a personal copy.”

–Joe Barr

Summary: New visitor from Microsoft in one of the IRC channels of Techrights

OCCASIONALLY we have Microsoft employees entering our IRC channels, and rarely with a disclosure. Yesterday we had another such incident, which was not as hostile as others involving AstroTurf (TE) staff members who just smear this Web site (with no disclosures, as the hard part is exposing the fact and verifying that they are Microsoft employees/agents).

“Why is it that a Microsoft employee uses company resources/computers/affiliation (the FreeNode NAT says “microsoft”) to troll pro-Linux IRC fora?”As one ought to expect from our new resident Microsoft employee, there is Java/GPL bashing (and promotion of BSD-style licences at its expense). To quote one example : “You think stuff like BSD is too open? :p”

This was actually written during working hours in the UK (and the said person works for Microsoft UK). Why is it that a Microsoft employee uses company resources/computers/affiliation (the FreeNode NAT says “microsoft”) to troll pro-GNU/Linux IRC fora? Remember "Steve Barkto"? This practice is subversive. █

“Microsoft has announced the “Microsoft BlogStars” contest, to Hunts for Developer Bloggers in India. After feeling the power and increase of the Bloggers community in India, Microsoft tries to trap and hunt Bloggers in India to buildup the blogging community, for writing blog posts supporting towards Microsoft Technologies.”

– Microsoft Traps and Hunts for Bloggers in India !!

Permalink 2 Comments      Send this to a friend

Links 23/7/2010: Misc. News and BSD Talk

Posted in News Roundup at 5:24 am by Dr. Roy Schestowitz

Clip of the Day

Jason Dixon Closing Remarks of DCBSDCon – BSD is Still Dying

Permalink 5 Comments      Send this to a friend