Today's IBM (Red Hat) Isn't the Company That Fought a Microsoft-Sponsored SCO in Court
Many people still credit IBM - not Novell - for the destruction of the SCO case, funded in part by Microsoft in order to harass Linux distributors and tarnish the reputation (or perceived legal "safety") of Linux. Groklaw has been offline for several months [1, 2] and it doesn't look like it's coming back, so let's refresh our memory. Seeing that some people use the SCO case for "goodwill" (after IBM took RHEL proprietary, only a few years after it had taken over Red Hat and gutted it), a sobering look at our crude reality seems warranted, even timely.
As shown above (new screenshots), IBM no longer sees Microsoft as a rival. That's a problem. IBM today isn't the same IBM we saw and supported 2 decades ago (it was promoting OpenDocument Format, an actual open standard that begets independence from Microsoft). The name of the company is the same; the people are not.
An associate explained that "IBM is infiltrated to the point they are promoting and trying to use Microsoft Entra (formerly Azure Active Directory, a proprietary ripoff of Kerberos)." Why does IBM not promote an alternative to it? It certainly can:
Remember where Ted Ts'o used to work:
Things have gotten unnecessarily complicated since those days. Ts'o resisted Microsoft Trojan horses like exFAT, even in public. Linux already has many of its own file systems; Ts'o works on the main one/s and this may be "one of the several reasons Microsofters have a go at Ted [Ts'o] from time to time," our associate explained. Here's another reminder:
"There used to be a good writeup of the EEE perpetrated by Microsoft on Kerberos the search engine results are full of Microsoft spam and revisionism on that topic," we're told.
This is from 2000, published by Robin "Roblimo" Miller before Slashdot became Bill Gates publisher: (the person that the site portrayed as a cyborg is now 'boss')
I spent some of yesterday and part of today (Saturday) on the phone with our law firm's intellectual property specialist dicussing Microsoft's attempt to get us to remove reader posts about Kerberos. We're lucky to have a lawyer who "gets it." We're also lucky to have gotten some very favorable press about all of this.But, sadly, I can't really tell you much more right now than "we're still working on it" for two reasons:
- We're exploring a lot of angles and doing a lot of research, and in order to maintain attorney-client privilege we must keep all discussions with our lawyer *extremely* private.
- Microsoft's legal people (obviously) read Slashdot.
I have scanned every single reader post on this subject, and some of them have contained *very* helpful suggestions. It hurts me not to be able to share more, especially with those of you who have given us useful advice.
Meanwhile, Andover.net's management has been totally supportive. Our President, Bruce Twickler, deserves special thanks for his staunch backing and general coolheadedness. And our VP of Corporate Communications, Janet Holian, has done an excellent job of getting information out to other media while letting us work (comparatively) undisturbed.
There are also rays of light from the other end. I've gotten a small but steady trickle of e-mailed support messages from Microsoft workers who are embarrassed by their employer's actions both in rudely extending Kerberos and their attempt to "publish" their proprietary Kerberos extensions while still trying to keep them hidden behind a non-disclosure agreement.
Please bear in mind that many Microsoft employees are perfectly nice people. For all we know, the nice people at Microsoft may yet persuade the not-so-nice ones that there are times when it's better to work with others to establish industry-wide standards than it is to act as if the freedom to innovate belongs only to Microsoft.
(Special message to nice Microsoft people: Here's a quote you may wish to call to your bosses' attention:"...Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments." If they ask where you got these words, please refer them to this Microsoft.com page.)Anyway, once again, please accept my personal apology for not being able to share more information with you right now. This is an uncomfortable situation for everyone involved, and we hope that Microsoft chooses to give this story a happy ending as soon as possible.
- Robin "roblimo" Miller
Robin "Roblimo" Miller later wrote about Microsoft's censorship expedition and we need to preserve it in case Gates and Microsoft kill the site for good:
Our friends at Microsoft are upset about some of the readers' comments attached to the story, Kerberos, PACs And Microsoft's Dirty Tricks (posted on May 2), and would like us to remove those comments from Slashdot. We are not happy about this, to say the least. But instead of reflexively going into rant mode, we are calmly posting the full text of the e-mail we got from Microsoft, along with our initial response to it, so that you can see what news and community Web sites like Slashdot are up against now that the DMCA has become law. We are talking to our lawyers, of course, but we would also like your suggestions on how we should handle this situation.From: "J.K. Weston"
To: "'dns_admin@andover.net'"
"'dns_tech@andover.net'"
Subject: Notice of Copyright Infringement under the Digitial Millennium Copyright Act
Date: Wed, 10 May 2000 07:08:49 -0700
X-Mailer: Internet Mail Service (5.5.2651.58)Andover Advanced Technologies
Andover.Net
50 Nagog Park
Acton, MA 01720
Phone: (978) 635-5300
Fax: (978) 635-5326
Email: dns_admin@andover.net; dns_tech@andover.netDear Internet Service Provider:
We understand that your website, http://www.slashdot.org, is a popular site for developers to discuss topical issues of interest. In that vein, it has come to our attention that there have been numerous posts of concern related to Microsoft's copyrighted work entitled "Microsoft Authorization Data Specification v. 1.0 for Microsoft Windows 2000 Operating Systems" and we would appreciate your posting this email to the site to help relay our position to your users.
This notice is being sent under the provisions, and following the guidelines, of the Digital Millennium Copyright Act of 1998 (DMCA).
Included on http://www.slashdot.org are comments that now appear in your Archives, which include unauthorized reproductions of Microsoft's copyrighted work entitled "Microsoft Authorization Data Specification v.1.0 for Microsoft Windows 2000 Operating Systems" (hereafter "Specification"). In addition, some comments include links to unauthorized reproductions of the Specification, and some comments contain instructions on how to circumvent the End User License Agreement that is presented as part of the download for accessing the Specification.
Although not intended to be an exhaustive representation, the specific comments below, categorized by corresponding activities, are examples of the misuse of Microsoft's proprietary information:
Comments Containing A Copy of the Specification:
"by Anonymous Coward on Tuesday, May 02, @03:37PM EST (#197)"
"by BlueUnderwear on Tuesday, May 02, @04:09PM EST (#239)"
"by BlueUnderwear on Tuesday, May 02, @04:15PM EST (#248)"
"by smartin on Tuesday, May 02, @02:20PM EST (#86)"
Comments Containing Links to Internet Sites with Unauthorized Copies of the Specification:
"by ka9dgx on Tuesday May 02, @2:52PM EST (#133)"
Comments Containing Instructions on How to Bypass the End User License Agreement and Extract the Specification:
"by myconid (my S conid@ P toge A the M r.net) on Tuesday May 02, @07:27PM EST (#362)"
"by markb on Tuesday May 02, @05:47PM EST (#321)"
"by Sami (respect.my@authorita-dot-net) on Tuesday May 02, @01:47PM EST (#19)"
"by iCEBalM (icebalm@[NOSPAM]bigfoot.com) on Tuesday May 02, @01:52PM EST (#33)"
"by Jonny Royale (moc.mocten.xi@notners) on Tuesday, May 02, @01:59PM EST (#51)"
"by rcw-work (rcw@d.e.b.i.a.n.org.without.dots) on Tuesday, May 02, @07:12PM EST (#353)"
Under the provisions of the DMCA, we expect that having been duly notified of this case of blatant copyright violation, Andover will remove the above referenced comments from its servers and forward our complaint to the owner of the referenced comments.
This email notification is a statement made under penalty of perjury that we are the copyright owner of the referenced Specification, that we are acting in good faith, and that the above-referenced comments, as part of http://www.slashdot.org, is posting proprietary material without express written permission.
We request immediate action to remove the cited violations from Andover's servers, in accordance with the provisions of the Digital Millennium Copyright Act of 1998.
This email is not intended to waive any of our other rights and remedies.
Please confirm your receipt of this request by responding to this email. Also, confirm the status of this request either via email or via the following contact mechanisms:
By mail:
J.K. Weston, Designated Agent
Microsoft Corporation
One Microsoft Way, 114/2314
Redmond, WA 98052
By phone:
(425) 703-5529
By email: jkweston@microsoft.com
---------------------------
To: J.K. Weston"
From: Robin Miller
Subject: Notice of Copyright Infringement under the Digital Millennium Copyright Act
Dear J. K. Weston:
Per your request, we are posting your e-mail on this subject on Slashdot.org to help you relay your position to our users.
The balance of your e-mail's content is somewhat puzzling to us. I'm sure you agree that freedom of speech is at least as important a principle under American law as the freedom to innovate, so I'm sure that you personally, and Microsoft corporately, will understand our hesitation to engage in censorship.
Indeed, after reflecting on the nature of freedom for a little while, you may wish to withdraw your request that we remove readers' comments from Slashdot. Please realize that if we censor our readers's posts because they contain ideas Microsoft does not wish to have made public, we may set an unhealthy precedent for other online news outlets and online service providers, including those owned in whole or in part by Microsoft itself.
Meanwhile, in case Microsoft does not decide to have a happy change of heart and support a free and open Internet (which would certainly be in everyone's best interest), we have sought advice both from our attorneys and from our readers about what, if anything, we should do next.
Please expect a formal reply to your request that we censor our readers' comments, which we allow them to post on Slashdot as freely as Microsoft allows user-generated content to be sent through Hotmail and through chat facilities and discussion groups hosted on MSN.com servers, as soon as we receive wise counsel not only from our attorneys, but also from concerned members of the Slashdot community and other interested parties.
Sincerely,
- Robin "roblimo" Miller
Editor-in-Chief,
Andover.net
And here comes Theodore Ts'o again:
Chris DiBona wrote to us with something that Ted and Jeremy (Samba Boys) wrote: "Microsoft, after getting beat up in the press for making propietary extensions to the Kerberos protocol, has released the specifications on the web -- but in order to get it, you have to run a Windows .exe file which forces you agree to a click-through license agreement where you agree to treat it as a trade secret, before it will give you the .pdf file. Who would have thought that you could publish a trade secret on the web?" Read more from the Samba Team below.The critical part of the license states:
This is course is a very clever way to pretend to distribute the spec, whilst making it completely impossible to implement in competiting implementations which implements their propietary protocol extensions --- extensions to a protocol which was originally published by the Kerberos team as an Open Standard in the IETF. This completely defeats the IETF's interoperability goals, and helps Microsoft leverge their desktop monopoly into the server market.
- "b. The Specification is confidential information and a trade secret of Microsoft. Therefore, you may not disclose the Specification to anyone else (except as specifically allowed below), and you must take reasonable security precautions, at least as great as the precautions you take to protect your own confidential information, to keep the Specification confidential. If you are an entity, you may disclose the Specification to your full-time employees on a need to know basis, provided that you have executed appropriate written agreements with your employees sufficient to enable you to comply with the terms of this Agreement.
The one good thing about Microsoft having pulled this dirty trick is that it makes their propietary intentions about the Windows 2000 PDC clear as day. I doubt anyone else could come up with a charitable explanation for what they've done. What a better example of Microsoft's "embrace, extend, and engulf" business model!
Jeremy Allison,
Samba Team.Theodore Ts'o,
(former) Kerberos Development Lead "
"Microsoft's skill at using its Windows monopoly to kill competitors is legendary, and now Kerberos seems to be the next target," Joe Barr wrote. "Joe was great, but died suddenly," an associate recalls. "Theodore Ts'o was once Kerberos Development Lead. However the really damning articles are scrubbed from the indexes and from Wikipedia references..."
Well, Microsoft sponsors (bribes [1, 2, 3]) and controls a lot of Wikipedia, typically by proxy.
Bruce Schneier wrote:
Microsoft bypassed the IETF in this process (there's a procedure you're supposed follow if you want to enhance, deviate from, or modify an IETF standard).On the surface, this is just nasty business practices. If you're a company that has invested in a UNIX-based Kerberos authentication system and you want to support Windows 2000 desktops, your only real option is to buy a Windows 2000 Kerberos server and pay for the integration. I'm sure this is what Microsoft wants.
My worry is more about the security. Protocols are very fragile; we've learned that time and time again. You can't just make changes to a security protocol and assume the changed protocol will be secure. Microsoft has taken the Kerberos protocol -- a published protocol that has gone through over a decade of peer review -- and has made changes in it that affect security. Even worse, they have made those changes in secret and have not released the details to the world.
Don't be fooled. The Kerberos in Windows 2000 is not Kerberos. It does not conform to the Kerberos standard. It is Kerberos-like, but we don't know how secure it is.
Not much has changed since then, except propaganda campaigns like "Microsoft loves [to attack] Linux". They even misuse the brand "Linux" this year. They also try to rewrite history, editing Wikipedia while old articles go offline and perish from memory... with an older generation literally dying, to be replaced by "generation app" (the LLM chatbots are based on what's left, e.g. Microsoft-controlled (edited by Waggener Edstrom) Wikipedia articles and Microsoft-censored Reddit). The associate asked, "did the EFF weigh in? ACLU was quiet."
Maybe they focused on a stolen election at the time (when voting machines started to manipulate outcomes).
"It's been a trend in business for 20+ years to eliminate your strong points and compete depending on your weakest weaknesses to somehow prevail," the associate continued. "I guess that ideology or whatever it is has now percolated up to the top of IBM. Remember the previous crop actually knew how to make money and saw Linux for the money spinner it is [1-3]. The current crop is not just turning its nose up at easy money but actively dismantling the company's future abilities to bring in revenue."
Readers can go back and open or "link to the old posts about IBM recovering their $1 billion investment in Linux inside of 9 months," the associate concluded.
IBM is nowadays in a state of rapid disintegration; nonstop layoffs are like an open wound that keeps bleeding "expensive" (read: technical and proficient) staff. The longer it goes on, the harder it'll be to retain or attract trailblazers who can put IBM back on the correct course. The latest interviews with the CEO are just a sea of mindless buzzwords. They don't have any real strategy anymore. They simply try to 'monetise' what's left by fooling shareholders and shelling all the assets out (sellout). █
______