Bonum Certa Men Certa

Linux Foundation Apparently Celebrates Sysadmin Day With a Microsoft Windows Site!

“Greed is not a financial issue. It's a heart issue.”

--Andy Stanley



Summary: The Linux Foundation shows 'love' to actual GNU/Linux (the real thing) by apparently rejecting it and badmouthing it

WHEN selling the soul of Linux is more profitable than actually promoting this GPL-licensed kernel it's not hard to understand how the Linux Foundation turned from a supposed 'charity' to a massive enterprise and near-monopoly in that space (e.g. events/conferences).



They 'own' Linux.com. They control or manage the Linux trademark. So why would they link to anti-Linux stories (authored by "swapnilbhartiya" yesterday)? Because they just do and most of them don't even use Linux! As someone put it yesterday:

https://twitter.com/SleepyPenguin1/status/1151136661243228160

You go to Google, you look for "Linux" news, a site called Linux.com then shows up with anti-Linux material (this isn't about Linux but bad devices/users). Well done, Swapnil and Jim. The articles posted nowadays in Linux.com give room for concern. Misleadingly-titled FUD.

"You go to Google, you look for "Linux" news, a site called Linux.com then shows up with anti-Linux material (this isn't about Linux but bad devices/users)."We've meanwhile noticed lots of spammy blog posts (yesterday, Sysadmin Day) from the Linux Foundation in various "Linux" blogs. "Linux Security Blog" participated and "It's FOSS" did so too. Linux Journal said (in the headline) that "the Linux Foundation Is Having a Sysadmin Day Sale," adding a promotional link with what seems like tracking/referral code. But that in itself isn't the issue. It seems like the site in question uses Windows for the server, but we're not entirely sure. It's very well disguised (see IRC discussion at the bottom).

It would not be unprecedented for the Linux Foundation to use Windows; applicants apply for a job there using LinkedIn (Microsoft), as we've noted before and there's a lot of Microsoft stuff used by the Foundation's staff (see discussion below; I know this from my old interactions with Foundation staff). Over the past months I've had to resort to humour just to get the point across without offending the offenders, for example:

https://twitter.com/schestowitz/status/1151320656711233537

Yesterday I also noticed this text: "Have directly led revenue growth from $20MM to $50MM, from $80MM to $100MM..."

No, that's not the Foundation's chief Jim Zemlin (who sold out Linux... for his 'nonprofit' to make about $100,000,000 per year). That's what his wife's LinkedIn profile says. It's all about money and both strive to grow in just one respect: money! From 20 million to 100 million. What is being achieved? Nothing. A Windows-powered and Mac-powered 'Linux' Foundation (Linux only in name).

“Large corporations, of course, are blinded by greed. The laws under which they operate require it - their shareholders would revolt at anything less.”

--Aaron Swartz






schestowitzHelp needed! Am I crazy or is this site WINDOWS-powered? Help me out here, geeks... https://cloud.email.thelinuxfoundation.org/SysadmindaYJul 17 01:52
-TechrightsBot-tr/#techrights-cloud.email.thelinuxfoundation.org | NO TITLEJul 17 01:52
schestowitzmy initial tests say yesJul 17 01:52
schestowitzbased on more shallow testsJul 17 01:52
schestowitzI might publish "Celebrates Sysadmin Day With a Microsoft Windows Site!"Jul 17 01:52
schestowitzI mean, LF Celebrates Sysadmin Day With a Microsoft Windows Site!Jul 17 01:52
schestowitzbut I am not yet 100% sure it''s Windows at the back endJul 17 01:53
schestowitzcould be mod-speling [sic] in ApacheJul 17 01:53
schestowitzhttps://identity.linuxfoundation.org/checkout/540473Jul 17 01:54
-TechrightsBot-tr/#techrights- ( status 404 @ https://identity.linuxfoundation.org/checkout/540473 )Jul 17 01:54
schestowitzalso this..Jul 17 01:54
schestowitzhttps://identity.linuxfoundation.org/checkoUt/540473Jul 17 01:54
-TechrightsBot-tr/#techrights- ( status 404 @ https://identity.linuxfoundation.org/checkoUt/540473 )Jul 17 01:54
schestowitznote caseJul 17 01:54
schestowitzstill works with the token hereJul 17 01:54
schestowitzbloody hell!Jul 17 01:55
schestowitzLF.... you also apply for a job there using LinkedIn (Microsoft)Jul 17 01:55
XRevan86https://identity.linuxfoundation.org/checkoUt/540473 – VarnishJul 17 01:56
XRevan86The first link is served by something else. But it won't tell by which.Jul 17 01:57
schestowitzcan you check with me?Jul 17 01:57
schestowitzthis is importantJul 17 01:57
XRevan86It's not HTTP/2 capable.Jul 17 01:58
XRevan86https://cloud.email.thelinuxfoundation.org/Jul 17 01:59
-TechrightsBot-tr/#techrights- ( status 403 @ https://cloud.email.thelinuxfoundation.org/ )Jul 17 01:59
XRevan86The 403 page looks like something done by Apache TomcatJul 17 01:59
schestowitzI did the same thingJul 17 02:00
schestowitzwhy is the site case insensitive?Jul 17 02:00
schestowitzAlso, see page sourceJul 17 02:00
schestowitzlots of "MS" bitsJul 17 02:00
schestowitzI want to be 100% sure we don't get the story, if any at all, wrongJul 17 02:00
XRevan86schestowitz: Maybe they configured case-insensitive matchingJul 17 02:01
XRevan86It is peculiar.Jul 17 02:02
schestowitzno clues in http headers?Jul 17 02:03
schestowitzAges ago, more than 10 years, I had FF extensions for thatJul 17 02:03
schestowitzbefore Mozilla killed xulJul 17 02:03
XRevan86schestowitz: Not even a Server header.Jul 17 02:03
XRevan86schestowitz: Firefox's devtools can do the job.Jul 17 02:04
XRevan86but I test with curlJul 17 02:04
schestowitzany other tricks we can employ?Jul 17 02:04
schestowitzThis is a big deal if it turns out to be windowsJul 17 02:04
XRevan86If I had experience with Windows servers, maybe I'd know what to look for…Jul 17 02:04
XRevan86or with Java servers for that matter…Jul 17 02:05
XRevan86I know https://linux.org.ru/ is using Tomcat, and it is case-sensitive.Jul 17 02:05
-TechrightsBot-tr/#techrights-LINUX.ORG.RU — Русская информация об ОС LinuxJul 17 02:05
XRevan86https://www.linux.org.ru/gallery/ – GalleryJul 17 02:05
-TechrightsBot-tr/#techrights-www.linux.org.ru | ГалереяJul 17 02:05
XRevan86https://www.linux.org.ru/Gallery/ – 404Jul 17 02:05
-TechrightsBot-tr/#techrights- ( status 404 @ https://www.linux.org.ru/Gallery/ )Jul 17 02:05
XRevan86schestowitz: But maybe it is really mod_spelingJul 17 02:08
XRevan86and they then just turned off HTTP headers that give away configurationJul 17 02:08
XRevan86At least we know it's Java and not ASP.NETJul 17 02:09
schestowitzwhich domain?Jul 17 02:11
XRevan86cloud.email.thelinuxfoundation.orgJul 17 02:11
cubexyzcheck with netcraft?Jul 17 02:12
-viera/#techrights-Tux Machines: Proxmox VE 6.0 released! http://www.tuxmachines.org/node/125966 [https://pleroma.site/objects/f3b82e95-d9ea-42e1-b380-6be86812a61b]Jul 17 02:12
XRevan86cubexyz: Doesn't tell anything of interest.Jul 17 02:13
schestowitzI thought about itJul 17 02:13
schestowitzbut did not do itJul 17 02:13
schestowitzas I thought it might not even be on their radar yetJul 17 02:13
cubexyzmerely says "unknown"Jul 17 02:13
schestowitzseems like a new site or some internal "office" crapJul 17 02:13
schestowitzhow else can we test?Jul 17 02:14
schestowitzI don't want to get the story wrong, that's allJul 17 02:14
XRevan86> OS: F5 BIG-IPJul 17 02:14
XRevan86It did say that thoughJul 17 02:14
schestowitzas that can be used to discredit everything we ever said re LFJul 17 02:14
XRevan86How can it tell?Jul 17 02:14
cubexyzthere's wappalyzerJul 17 02:14
schestowitzcan you have a go at it?Jul 17 02:14
cubexyzsureJul 17 02:14
schestowitzMaybe they have the OS quite wellJul 17 02:14
schestowitzmind you, they use LOTS of MSFT internalluyJul 17 02:15
schestowitzI know this from their PR repJul 17 02:15
schestowitzbut demonstrating it, like link with proof, would help...Jul 17 02:15
cubexyzmysql, php, wordpress, OWL, bootstrap, jqueryJul 17 02:17
XRevan86cubexyz: I doubt thatJul 17 02:17
XRevan86there's no wordpress thereJul 17 02:17
-viera/#techrights-Tux Machines: Univention Corporate Server 4.4-1/Point Release UCS 4.4-1: performance improvements, app recommendations and UDM REST API Beta http://www.tuxmachines.org/node/125967 [https://pleroma.site/objects/94f199ef-a04b-473c-a4a1-288f05bf6166]Jul 17 02:18
schestowitzcubexyz: does not look like wordpressJul 17 02:19
schestowitzeven if you look at page sourceJul 17 02:19
schestowitzit looks like a really poorly-made CMS of some kindJul 17 02:19
schestowitzbut I want to know the USJul 17 02:20
XRevan86WordPress is PHP.Jul 17 02:20
schestowitzOSJul 17 02:20
cubexyzno idea, just saying what wappalyzer saysJul 17 02:20
XRevan86This is Java.Jul 17 02:20
schestowitzI imagine the CMS is proprietary anywayJul 17 02:20
schestowitzhttps://twitter.com/schestowitz/status/1151297943745568768Jul 17 02:21
-TechrightsBot-tr/#techrights-@schestowitz: We are the LINUX FOUNDATION We OWN Linux dot com! We link to anti -Linux stories Because we just do (and we don't e… https://t.co/UoJrMddR6KJul 17 02:21
-TechrightsBot-tr/#techrights-@schestowitz: We are the LINUX FOUNDATION We OWN Linux dot com! We link to anti -Linux stories Because we just do (and we don't e… https://t.co/UoJrMddR6KJul 17 02:21
schestowitzhttps://twitter.com/schestowitz/status/1150987858083295232Jul 17 02:21
-TechrightsBot-tr/#techrights-@schestowitz: "swapnilbhartiya" at #zemlinpac continues using the site LINUX dot com to promote #microsoft crap. [facepalm] https://t.co/BOIY5nmFWUJul 17 02:21
-TechrightsBot-tr/#techrights--> Aqua Security Launches Microsoft Azure Marketplace Private Offers | Linux.com | The source for Linux informationJul 17 02:21
XRevan86I don't think there's a way to tellJul 17 02:24
cubexyzthelinuxfoundation.org runs nginx on linuxJul 17 02:25
cubexyzaccording to netcraftJul 17 02:25
XRevan86Does plain Tomcat support "Content-Encoding: gzip"?Jul 17 02:25
schestowitzThat would make sense for the main siteJul 17 02:25
schestowitzbut for sales etc.Jul 17 02:25
schestowitznot sureJul 17 02:25
XRevan86And they're using AWSJul 17 02:27
schestowitzthat's not unusualJul 17 02:27
schestowitzwould be worse if they used MSAzureJul 17 02:28
XRevan86That'd make my dayJul 17 02:28
XRevan86Port scanning (nmap) revealed only that whoever configured cloud.email.thelinuxfoundation.org configured the firewall restrictivelyJul 17 02:29
XRevan86At least ICMP is openJul 17 02:30
XRevan8680, 113, 443, nothing elseJul 17 02:30
-viera/#techrights-Tux Machines: Network Security Toolkit 30-11210 http://www.tuxmachines.org/node/125968 [https://pleroma.site/objects/ec0ec5d4-88eb-4a05-9512-c9c86c76140a]Jul 17 02:31
XRevan86The main site has IPv6, cloud.email. doesn't.Jul 17 02:31
schestowitzI guess we still don't know what it runsJul 17 02:33
schestowitzand the checkout (identity) partJul 17 02:33
schestowitzthey got some company from the outside to do itJul 17 02:33
schestowitzand maybe it's not LinuxJul 17 02:33
XRevan86It's most likely Linux just because the odds are generally in that direction.Jul 17 02:34
XRevan86Who'd deploy a Java website on Windows? Some kind of insane Microsoft fan I guess. But then, why not ASP.NET?Jul 17 02:34
schestowitzdon't bet on kt!Jul 17 02:34
schestowitzit!Jul 17 02:34
schestowitzThis is the LFJul 17 02:34
XRevan86oh noJul 17 02:37
XRevan86I've checked nmap's capabilitiesJul 17 02:37
XRevan86-O: Enable OS detectionJul 17 02:37
XRevan86-sV: Probe open ports to determine service/version infoJul 17 02:37
XRevan86> 443/tcp open   ssl/upnp Microsoft IIS httpdJul 17 02:37
XRevan86Guess flipping whatJul 17 02:37
XRevan86> Running (JUST GUESSING): F5 Networks embedded (93%), F5 Networks TMOS 11.6.X (87%), OpenBSD 4.X (87%)Jul 17 02:38
XRevan86> OS CPE: cpe:/o:f5:tmos:11.6 cpe:/o:openbsd:openbsd:4.0Jul 17 02:38
XRevan86> Aggressive OS guesses: F5 BIG-IP Edge Gateway (93%), F5 BIG-IP Local Traffic Manager load balancer (TMOS 11.6) (87%), OpenBSD 4.0 (87%Jul 17 02:38
XRevan86Just like netcraft, it thinks it's most likely something from F5Jul 17 02:38
XRevan86but HTTP server probing gave a better ideaJul 17 02:39
XRevan86schestowitz: Good thing I didn't bet.Jul 17 02:39
XRevan86You seem speechless %)Jul 17 02:40
cubexyzisn't port 443 just HTTP over SSL... not necessarily M$ Jul 17 02:41
XRevan86cubexyz: That's "-sV: Probe open ports to determine service/version info"Jul 17 02:41
XRevan86that's its guessJul 17 02:42
cubexyzhmmm, yeah Jul 17 02:43
cubexyzdoesn't look goodJul 17 02:44
schestowitzmaybe I will publish IRC noted to accompany thisJul 17 02:44
schestowitz*IRC notesJul 17 02:44
schestowitzas we are not sureJul 17 02:44
schestowitzGet a load of this todayJul 17 02:44
schestowitzhttps://www.redhat.com/en/blog/microsoft-and-red-hat-inspiredJul 17 02:44
-TechrightsBot-tr/#techrights-www.redhat.com | Microsoft and Red Hat, inspiredJul 17 02:44
XRevan86schestowitz: The evidence is:Jul 17 02:45
XRevan861. case-insensitivity for no apparent reasonJul 17 02:45
XRevan862. nmap -sV cloud.email.thelinuxfoundation.org guesses HTTP is handled by "Microsoft IIS httpd"Jul 17 02:45
schestowitzI think it is probableJul 17 02:46
schestowitzas soon as I saw the site and then the structure (marketing cruft appended to URL)Jul 17 02:47
schestowitzThen I checked page sourceJul 17 02:47
schestowitzBeen there, seen that... red flagsJul 17 02:47
schestowitzAlso "cloud" Jul 17 02:47
schestowitzI know they used MS for office thingsJul 17 02:47
schestowitzlike in-office commsJul 17 02:47
schestowitzTheir PR reps used that to communicate with me ages agoJul 17 02:47
schestowitzDan Brown and others...Jul 17 02:48
XRevan86https://cloud.email.thelinuxfoundation.org/SYSADM~1/ well, at least this didn't work :DJul 17 02:49
-TechrightsBot-tr/#techrights- ( status 400 @ https://cloud.email.thelinuxfoundation.org/SYSADM~1/ )Jul 17 02:49
schestowitzjoke or some element of truth to it?Jul 17 02:50
cubexyzdidn't M$ give the win7 code to russia recently?Jul 17 02:50
schestowitzI get the jokeJul 17 02:50
cubexyzor not recently... it may have been a while agoJul 17 02:50
XRevan86https://github.com/irsdl/IIS-ShortName-Scanner some element of truth to itJul 17 02:51
-TechrightsBot-tr/#techrights-GitHub - irsdl/IIS-ShortName-Scanner: latest version of scanners for IIS short filename (8.3) disclosure vulnerabilityJul 17 02:51
XRevan86Tried using https://nmap.org/nsedoc/scripts/http-iis-short-name-brute.html, no effect.Jul 17 02:56
-TechrightsBot-tr/#techrights-nmap.org | http-iis-short-name-brute NSE ScriptJul 17 02:56
XRevan86StackOverflow isn't either.Jul 17 02:57
XRevan86nmap -sV detects Varnish on StackOverflowJul 17 02:59
XRevan86> via: 1.1 varnishJul 17 02:59
XRevan86I thought they're on Windows ServerJul 17 02:59
schestowitzno, not likelyJul 17 02:59
schestowitzthe (co)founder has some MSFT connectionsJul 17 02:59
schestowitzbooks etc.Jul 17 02:59
schestowitzCodingHorror guyJul 17 03:00
schestowitzthe site, however, isn't so... and he clarified to me he never worked for Microsoft directlyJul 17 03:00
XRevan86Wikipedia states that Stack Overflow is written in C#Jul 17 03:00
XRevan86Considering that .NET Core is a very new thing, it is most likely on Windows.Jul 17 03:01
XRevan86https://en.wikipedia.org/wiki/Stack_Overflow#TechnologyJul 17 03:01
-TechrightsBot-tr/#techrights-en.wikipedia.org | Stack Overflow - WikipediaJul 17 03:01
XRevan86I guess they have a separate server as a reverse proxy for security and reliability.Jul 17 03:01
XRevan86it is also case-insensitiveJul 17 03:03
XRevan86no Varnish will change that :)Jul 17 03:03
schestowitzthat's quite commonJul 17 03:03
XRevan86So yea, nmap detected it right.Jul 17 03:03
schestowitzonly hours ago at work I deat with Jul 17 03:03
XRevan86it figured it's Varnish, and it isJul 17 03:03
schestowitzapache behind nginx, on Ubuntu/DebianJul 17 03:04
schestowitzno varnishJul 17 03:04
schestowitznginx stuff as reverse proxy Jul 17 03:04
XRevan86schestowitz: Apache httpd is redundant in this case in most cases.Jul 17 03:04
schestowitzalso helps hide fro probers like nmapJul 17 03:04
XRevan86schestowitz: The Stack Overflow is different in that they have to get a separate server to do the job.Jul 17 03:05
XRevan86Because Varnish reportedly doesn't work on Windows.Jul 17 03:05
XRevan86* The Stack Overflow caseJul 17 03:05
XRevan86schestowitz: nginx in front of Apache httpd introduces almost no overhead.Jul 17 03:06
schestowitzyes, or a VMJul 17 03:06
schestowitzit does not have to run on the host/backendJul 17 03:06
XRevan86So… why wouldn't you, rightJul 17 03:06
schestowitzyou could even run it as a VM under WindowsJul 17 03:07
XRevan86schestowitz: True, but I doubt that's very efficient either.Jul 17 03:07
XRevan86It's a high-load website.Jul 17 03:08
-viera/#techrights-Tux Machines: Seven Concerns Open Source Should Worry About - Part 1 http://www.tuxmachines.org/node/125969 [https://pleroma.site/objects/387bf941-25b0-41b6-be31-c401127a895f]Jul 17 03:09
XRevan863. they don't bother this much on the main website to hide set-up informationJul 17 03:12
XRevan86Overall it looks like it was an outsource job, and no one cared enough to do it differently. But cared enough to cover the tracks a little bit.Jul 17 03:14
XRevan86If they really wanted to hide the fact that this is Windows, they'd reverse proxy it.Jul 17 03:15
XRevan86But I guess since it's likely not in their network (I didn't check), the overhead from proxying is unpleasant.Jul 17 03:16
-viera/#techrights-Tux Machines: Top 15 Best Forum Software For Linux in 2019 http://www.tuxmachines.org/node/125970 [https://pleroma.site/objects/f850f594-b34a-40fa-bf10-ee8544d1f956]Jul 17 03:18
schestowitzmight be worth checking host locationJul 17 03:24
schestowitzLF is in Portland IIRCJul 17 03:24
schestowitzif not SFJul 17 03:24
schestowitzI think it's ambiguous and some are 'home workers'Jul 17 03:24
schestowitzI'm pretty sure Jim Zemlin isSF-based, or somewhere near in CAJul 17 03:24

Comments

Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
 
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024