02.08.11
Posted in Debian, GNU/Linux, Security, Windows at 6:34 pm by Dr. Roy Schestowitz
Summary: Contrary to some malicious allegations, Microsoft remains the one copying security features from Linux, not the other way around
THE technology news sites have begun pushing the “USB” story, suggesting that inheriting Windows-like behaviour makes Linux less secure. There are rebuttals written about it and we may address them at a later stage. For the time being, let us recall the advantage GNU/Linux has not only when it comes to software centralisation in trusted repositories (which verifies safety and protects from malicious downloads from arbitrary sites). One of the big advantages of this approach is that using the same mechanism GNU/Linux keeps all the underlying software — not just the core of the operating system — up to date with security patches. Windows does not have that (Apple emulates this and Microsoft only expresses hopes to emulate that, just like it emulates sudo) and in fact one writer is now saying that “Microsoft has to open Windows Update to third-party developers”:
There’s a lot of confusion out there about when attacks against computers occur as a result of vulnerabilities in software as opposed to some other weakness, usually social engineering. Considerable progress has been made in protection against vulnerabilities on Windows, and we can make exploitation even harder if Microsoft can be talked into my scheme: open up Windows Update to third-party applications.
My own opinion is that social engineering is far more important than vulnerabilities and has been increasing in importance. One reason for this is that vulnerabilities are a harder target than they used to be, and that’s in large part because of the work Microsoft has done over the last 6 or 7 years.
Glyn Moody wrote about the William Hague confession which we mentioned the other day, arguing quite rightly that operating systems play a role here:
The key thing to notice is that the dangerous link that the UK government idiots clicked on downloaded to their PCs the Zeus trojan horse – a keylogger that only affects Windows (not that you’d ever guess that from the pathetic mainstream coverage of any Zeus infection). So if the UK government swapped out lots of those expensive and vulnerable Windows systems with low-cost and rather more secure GNU/Linux ones, we’d be spared most of the losses from those cyber-wallies, for almost no outlay.
But that would be too easy, efficient and intelligent – especially when there’s a baying pack of security companies who have the scent of those 650 million smackeroonies in their dilated nostrils. To avoid that threat of minimising the threat with such simple means, they’ll doubtless create a crescendo of FUD about the imminent “cyber-Armageddon” we all face if the UK government doesn’t throw buckets of dosh in their direction to “defend, delay, attack and manoeuvre in cyberspace”, as General Sir David Richards, chief of the defence staff, put it in the article quoted above (how on earth do you “manoeuvre in cyberspace”?)
The trouble is, no matter how much security firms claim their costly solutions are idiot-proof, they underestimate the cleverness of idiots – or the deep and intrinsic lack of security offered by a Microsoft monoculture, which is even more durable than that pesky “cyber” prefix….
On the very same day, Moody also shared a link to this curious PDF, suggesting that “Nearly 1/3 of internet users in the EU27 caught a computer virus” (Moody added: “no mention of Windows, just for a change”).
It was almost 3 years ago that we wrote about statistics suggesting 40% of Windows PCs had become zombies, whether the users know this or not. █
Permalink
Send this to a friend
08.11.10
Posted in Debian, GNU/Linux, Microsoft, Vista 7, Windows at 4:18 pm by Dr. Roy Schestowitz
Summary: GNU/Linux is patching flaws very quickly (almost immediately), whereas Microsoft hides flaws and patches them a long time after their discovery, sometime patching them secretly or only once attacks strike
Mr. Pogson has just found this news about a vulnerability that affects Vista 7 and all of its predecessors. It took Microsoft no less than about half a year to patch this vulnerability. Yes, check it out:
The software company on Tuesday released MS10-049 to kill the bug in Windows Server 2008, Windows 7 and 12 other versions of Windows that are still under support. The patch updates a part of the operating system known as SChannel, or Secure Channel, which is responsible for implementing SSL, which is also referred to as TLS, or transport layer security.
This patch Tuesday was the worst ever recorded (but Microsoft admits bluffing with the numbers, so it’s impossible to know for sure]).
Either way, compare that to the speed of Debian’s patch for the same issue:
I read that M$ has just patched SSL to comply with RFC5746, five months after Debian GNU/Linux did it… on 12 architectures and several versions. Who are you going to call when you need software for your IT system? Debian GNU/Linux!
Microsoft still promotes the mythology that half of Windows PCs are claimed to be zombies just because Windows is ubiquitous. Maybe it has a lot to do with Microsoft’s shoddy patching practices, not supposed “popularity” which Microsoft loves to rave about like a cheerleader. █
“The trouble with you, Andy [Hill, Microsoft developer], is you aren’t willing to listen to schedules. When I tell you what the schedule is, you try to twist my arm to sign up to a schedule that I don’t believe in. You learned that at the Steve Ballmer cheerleading school too, didn’t you? Well, he’s nuts, and so are you.”
–Microsoft manager
Permalink
Send this to a friend
05.14.10
Posted in Antitrust, Apple, Debian, Europe, GNU/Linux, Google, OIN, Patents at 3:16 am by Dr. Roy Schestowitz
Summary: Teams of embedded Debian users/developers may want a shield from software patents; Europe does nothing to stop software patenting; patent lawyers and the patents they crave prove harmful to development of “best” mobile phones
Benjamin Henrion (FFII) says that “EmDebian [is] considering joining the Open Invention Network,” based on this new message:
OIN is the open innovation network, a patent defence group set up in 2005 by IBM, phillips, Red Hat, Novell, NEC and Sony to create a patent pool for defending Linux.
They are now keen to have proper free-software people and projects join up, especially in the Embedded space which is shaping up for a big fight over the next few years as the incumbents realise Linux has eaten their businesses. This could easily get dirty (i.e. have incumbent vendors resort to their patent portfolios to hang on past their natural time – (in the way that SCO did, although they tried to use copyright rather than patents).
Henrion is trying to tell them that “collective patent pools and shields do not work against trolls” (with special exceptions [1, 2, 3, 4, 5, 6]).
Enlarged Board of Appeal (EBoA) Decision Loved by Patent Lawyers
Wednesday’s disappointment from the EBoA is already being covered all around Europe, especially by the legal 'industry'.
Patent attorneys seem pleased with the outcome, which lets them carry on doing what they did before, including the patenting of software using known loopholes.
To be honest, the decision was pretty much expected: the European Patent Office (EPO) has been taking a fairly consistent approach to computer-implemented inventions and has a growing body of learning materials on the subject.
Another ‘IP’ attorney says that “Enlarged Board of Appeal confirms approach to controversial software patents.” More from patent lawyers:
As many in the ‘FOSS’/anti-patent world would undoubtedly say, perhaps it is now time for the legislator to take over. However, I would have very serious doubts about whether it will be possible to come to any sort of agreement among the member states of either the EU or the EPC that would stand any chance of resolving the issue once and for all.
[...]
6. T 424/03, Microsoft does deviate from a view expressed in T 1173/97, IBM, concerning whether a claim to a program on a computer-readable medium necessarily avoids exclusion from patentability under Article 52(2) EPC. However this is a legitimate development of the case law and there is no divergence which would make the referral of this point to the Enlarged Board of Appeal by the President admissible.
Henrion has just uploaded this English version of the video depicting the European Parliament as it rejects the Software Patent Directive (also available in French/original). Here is an Ogg Theora version of this historical video.
It would be nice to have another such high-profile decision annulling all patents on software. In the United States, In Re Bilski will resume very shortly.
Phones a Patent Mess
“Complex Smartphones Are the Latest Patent Battleground,” exclaims Business Week. It seems like nothing but lawsuits is what patents brought to this lucrative section of the industry (where Linux grows fastest and Microsoft diminishes).
The patent wars are raging in the mobile device market, and they could result in rising costs for handset makers and higher gadget prices for wireless carriers and consumers. So far this year, Apple and HTC—two of the most innovative smartphone makers—have become embroiled in more patent-related litigation than in all of 2007, and they are on track to beat their own 2008 and 2009 records, according to Bloomberg data.
Wired Magazine has the following new article:
Investigation: Apple vs Nokia vs Google vs HTC vs RIM
[...]
The struggle that’s broken out between the tech giants has a certain irony; after all, the prizes they’re disputing — patents — were invented to accelerate and encourage invention, not hinder it. The concept is fairly straightforward: a patent is granted if an invention meets a number of requirements, the most essential being “novelty” and “usefulness”. Once granted, a patent typically gives the inventor a limited monopoly of a minimum of 20 years in which he alone can market the invention or license others to take up his protected work.
[...]
In their 2008 book Patent Failure, Bessen and fellow Boston University law professor Michael Meurer show that, since the late-90s, litigation costs for publicly traded companies (except in the case of pharmaceuticals) have consistently outweighed the profits that companies derived from patents. They show that in 1999 alone, $9.3 billion (£6bn) were made in profits from patents globally. Litigation costs alone, however, reached $16 billion (£10.5bn) for the US. In the last decade, this situation has deteriorated considerably: in 1999, there were 2,318 patent litigation lawsuits filed in the US. By 2008, that number had risen to 2,896.
Yesterday we mentioned the HTC vs Apple case. The New York Times has attempted to get a response from Apple but failed.
An Apple spokeswoman declined to comment.
Why didn’t HTC join the OIN and retaliate against Microsoft and Apple this way? Instead, it sold out to Microsoft and harmed the whole of Android in the process.
HTC is using just 5 patents. Had it joined the OIN, it would possibly have hundreds of infringing examples for a more effective artillery in this M.A.D. situation (TechDirt says that a “Patent Nuclear Response [Was] Launched” because it’s the best analogy).
According to the press release, HTC believes Apple infringes upon five of their patents. As to what they are, we don’t quite know. More on this as it develops.
“HTC files patent complaint against Apple, asks for ban on iPhone, iPad, and iPod,” says Engadget. That’s the ITC loophole which often gets abused.
Apple has other problems because of Adobe and invocation of “antitrust”.
Adobe has launched its latest salvo in an ongoing dispute with Apple.
The co-founders of Adobe have published an open letter in which they say that Apple threatens to “undermine the next chapter of the web”.
Actually, it is Adobe which undermines the next chapter of the Web. The Web is about web standards, not proprietary plugins. More companies also need to support Theora, which both Apple and Adobe are a threat to (see the posts below). █
Permalink
Send this to a friend
05.12.10
Posted in Debian, GNU/Linux, Google, HP, Microsoft, Servers, Windows at 9:56 am by Dr. Roy Schestowitz
Augusto Pinochet is a well-known example of coup d’état
Summary: By means of entryism, Microsoft increases influence inside HP, thus reducing the chance of Slate and Windows Home Server joining the list of dead products from Microsoft
IN THE PREVIOUS post we showed how HP was preparing to dump Vista 7, apparently only to replace it with a newly-acquired Linux-based operating system. It’s all just a rumour at the moment.
Mary Jo Foley asks the question, is “Microsoft and HP['s] Love on the rocks?”
Well, hardly.
Microsoft and HP collaborate in many ways and we have given many examples to that effect.
Vista 7, which is a hyped-up Vista with few improvements here and there, does not fulfill HP’s needs for tablets. Vista 7 is just not competitive enough and HP really hated Vista, based on E-mails from its management (unsealed around the Steve Ballmer deposition).
We are saddened but not surprised that HP has announced in a press release [1, 2] that it takes Microsoft staff to lead “Software and Solutions Business” — whatever that practically means.
This news was mostly covered by enthusiastic Microsoft boosters (for obvious reasons) and we found:
From the point of view of Free software and GNU/Linux, this is bad news. Microsoft’s Veghte very recently left the abusive company, right after meeting privately with Steve Ballmer. Amazon ought to serve as a cautionary lesson here. Amazon added Microsoft patent tax to Red Hat and Kindle’s implementation of Linux after hiring many executives from Microsoft, including one who joined the Kindle team just weeks before that notorious patent deal. Veghte could potentially put a Microsoft tax on WebOS just like in those predatory attempts against Android, which is also Linux based.
Veghte is not merely an innocent guy who spent a couple of years at Microsoft (like employees of companies that get acquired by Microsoft). He really grew up in this culture and in previous posts we gave examples of his role in antitrust violations:
Hewlett-Packard’s hiring of former Windows executive Bill Veghte, announced today, is another example of the computer maker’s potential to compete with its longtime partner, Microsoft, in the software business. The 20-year Microsoft veteran will lead HP’s software and services unit in his new role as an HP executive vice president.
Vice President, eh?
Speaking of seats being swapped, one reader told us that “[i]t’s time for the annual re-org to keep Nokia from getting competitive: Nokia has yet another corporate reorganization, this time they’ve put Anssi Vanjoki back in charge”
“It’s time for the annual re-org to keep Nokia from getting competitive…”
–Anonymous readerSee this page about Mary T. McDowell and recall how Nokia got ‘poisoned’ by Microsoft influence, later to sign Microsoft deals and play ball for software patents in Europe. A leopard like Veghte won’t change his spots overnight and not within a month, either. He spent two decades working alongside people like Steve Ballmer.
Now, lo and behold; in the past 2 weeks’ news we found this press release, titled “AMD Works with Microsoft and HP to Raise the Bar for 2P Price/Performance with Windows Server® 2008 R2″
Okay…
Let’s look further at the news.
How about “HP and Microsoft on Sex and the City 2″?
In the upcoming “Sex and the City” sequel, Carrie Bradshaw and her friends will carry Hewlett-Packard (HP) laptops that run Microsoft Windows.
Classy.
HP’s Debian-based home servers will hopefully not be neglected. Over the past week or two Microsoft has generated many headlines about Windows “home servers” (here is just one example), which are a technical disaster that falls short of Linux [1, 2] and usually relies on bundling from HP. Will HP call this bad product off and concentrate on Debian now that its “Software and Solutions Business” VP is a hardcore Microsoft executive?
Microsoft has seen many of its products dying recently, Forefront being one of the latest. It was only days beforehand that Microsoft still recommended it, so just because Microsoft raves about a beta of Home Server doesn’t mean it won’t be cancelled like Windows Essential Business Server for example. But with Veghte in charge? Not likely. █
Permalink
Send this to a friend
04.21.10
Posted in Corel, Deals, Debian, GNU/Linux, Microsoft, Scalix, Xandros at 4:09 am by Dr. Roy Schestowitz
Summary: “It should be widely known by now. No matter why, when and where, join MS and you will be dead.” –Abe
Richard Hillesley has just published “The lost world of the Xandros desktop,” which is an article that looks at Xandros’ past and present. To quote some bits from this long article:
The latest release of the Xandros Linux desktop edition was in June 2006, which is several lifetimes in the history of Linux. Is this the end of the line for the Xandros desktop?
[...]
The ‘patent covenant’ with Microsoft has had a detrimental effect on Xandros’ ongoing relationships with the Linux user and developer communities. Ostensibly the purpose of the deal with Microsoft was to license protocols to enable Xandros’ BridgeWays and Scalix products to work with Microsoft networks.
Actually, Scalix came later. Xandros bought Scalix in July 2007 (July 9th to be precise), whereas Xandros sold out to Microsoft on June 4th.
We have found some new comments on the subject, including one in Tux Machines:
Xandros propaganda for smartphones ? giving up on netbooks ?
Netbooks were born for children. But had a future for enterprise applications because of HDTV(broadcasting news or training film) 16:9 video format(DVD player format). So, Asus sold more XP(sp3). But for individuals, dual boot with Ubuntu maybe a choice, until Firefox shot itself in the foot(not flash9 compatible).
In the comment titled “Join MS”, Abe from Linux Today writes:
Those who forget history are bound to repeat it.
It should be widely known by now. No matter why, when and where, join MS and you will be dead.
Those who ignore the warnings can’t blame but themselves.
We have a detailed list of companies that lost their GNU/Linux focus after signing Microsoft deals. Xandros of one of those companies. It’s "Microsoft's touch of death". █
“I once preached peaceful coexistence with Windows. You may laugh at my expense — I deserve it.”
–Be’s CEO Jean-Louis Gassée
Permalink
Send this to a friend
04.09.10
Posted in Apple, Debian, GNU/Linux, Microsoft, Mono, Novell, Ubuntu at 7:57 am by Dr. Roy Schestowitz
Summary: Yet another distribution makes the decision to put Mono in the wastebasket; Apple keeps Microsoft’s and Novell’s MonoTouch out
LAST NIGHT we wrote about Netrunner, which removes Mono from Ubuntu GNU/Linux (Mint actually). Someone who read about Netrunner has told us that SchoolOS is also removing Mono. “See part A , toberemove section,” he told us. Another Ubuntu derivative that removed Mono was gNewSense [1, 2] (it later moved to Debian).
“Another Ubuntu derivative that removed Mono was gNewSense…”Who is left to support Mono? Surely not Fedora and Red Hat (the GNU/Linux leader). Even Apple is virtually blocking MonoTouch right now (for background about MonoTouch, see [1, 2, 3, 4, 5, 6]).
In other news, Ryan Paul, who is a longtime promoter of Mono and Moonlight, seems like the latest person to promote Microsoft’s ‘embrace’ of “Open Source” (for Windows only). He writes about CoApp [via Slashdot], which has so far been promoted by Microsoft boosters [1, 2]. Paul is an excellent journalist (we usually agree with him) and he is attempting to promote “Open Source” as a whole (regardless of the underlying platform), but as pointed out in the comments section, he spreads the misconcpetion (in the headline) that it’s about “development” rather than just installation for Windows.
Here at Techrights we consider CoApp to be a misguided idea that only empowers Microsoft. █
Permalink
Send this to a friend
03.03.10
Posted in Debian, Europe, Free/Libre Software, GNU/Linux, Microsoft, Office Suites, OpenDocument, OpenOffice at 6:18 am by Dr. Roy Schestowitz
Summary: More migrations to Free software are seen in Germany and setbacks are spotted elsewhere in Europe
OpenOffice.org continues to evolve under Oracle’s guard, which is good news. According to the following article, OpenOffice.org also continues to gain greater adoption in Germany. Here is Bull speaking about its migrations to OpenOffice.org. [English translation]
Insgesamt wurde weltweit auf mehr als 8.000 Arbeitsplätzen, davon 500 in Deutschland, das Lizenzkosten-freie Office-Paket installiert. Durch den konsequenten Einsatz von offenen Standards setzt Bull auf eine zukunftsfähige IT-Strategie, die die Abhängigkeit von kommerziellen Anwendungen und proprietären Standards verringert – getreu dem Firmen-Claim „Architect of an Open World™“.
That’s a lot more desktops running Free software and ODF. Bull has a customer base with more than 100,000 installations worldwide. There is also this new update about Munich’s migration to Debian GNU/Linux and ODF:
The consolidated IT of the city of Munich is reporting at CeBIT 2010 on converting their workstations to Linux and OpenOffice.
The migration to the free office package was finalized for Munich. All 15,000 office PCs of the city council will work on OpenOffice, under Linux or Windows. In the context of CeBIT Open Source, city experts and the DBI service will answer questions about the migration at booth F24. On display will be their Wollmux software tool for personalized templates and forms administration.
We wrote about Munich’s important migration (which Microsoft tried to derail) on numerous occasions before [1, 2].
The trickier part, as Holland shows us, is getting rid of proprietary lock-ins and never returning to them again. Here is what Glyn Moody wrote about “The Continuing Scandal of Vendor Lock-in“:
This is a strong argument for mandating open source/open standards solutions in the public sector: depending on “level playing fields” as Microsoft demands so vociferously is actually surrendering to the status quo because of the huge lock-in problem. The only way to get true equality of opportunity is to force people to move to open standards, and *then* let the market operate freely.
Moody has a new example of this Microsoft Office lock-in. He refers to the Microsoft-occupied Open University [1, 2, 3, 4, 5] which requests “application forms [for a CIO] only in .doc or .pdf…”
Speaking of lock-in, Pinguinpat has added to our Wiki this new page about how Microsoft is not only removing choice at the OEM level, but also goes further to rob taxpayers for increased lock-in:
Belgian tax money,
The Belgian national government is actually giving ‘less gifted’ people the opportunity to buy a computer to get access to the Internet.
Beautiful right? Well no: the minister in charge refuses to halt the cartel between Microsoft, computer manufacturers and vendors.
Getting a computer includes buying Microsoft software. So for every sold computer, Belgian tax money goes directly to Microsoft.
Minister Van Quickenborne minister ict – openVLD doesn’t seem to care. As usual Microsoft doesn’t need to take the law seriously.
It’s one thing when a private company decides to trade with an abusive monopoly but entirely another when government institutions do so at taxpayers’ expense and without their permission/approval. █
Permalink
Send this to a friend
01.14.10
Posted in Debian, GNU/Linux, Microsoft, Mono, Novell at 6:56 pm by Dr. Roy Schestowitz
Summary: MEPIS is listing Novell’s Mono among non-Free software, as it probably ought to
MEPIS is a popular GNU/Linux distribution which is built on top of KDE. The KDE 3.5-based build of SimplyMEPIS 8.0.15 is said to include Mono, but this is not correct (Distrolove is inaccurate).
Warren Woodford has announced the release of SimplyMEPIS8.0.15, a new update of the beginner-friendly distribution based on Debian’s stable branch.
What’s New in SimplyMEPIS 8.0.15 :
> Devian 5
> 2.6.27 Linux kernel
> OpenOffice.org 3.1.1
> Firefox 3.5.6
> BIND 9.6.1-P2
> Skype 2.1.0.47
> Mono 2.4.2.3
> you can play any audio/video files.
Having taken a look at the official press release, Mono seems like just an addon, which is advertised alongside the proprietary Skype. █
Permalink
Send this to a friend
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »
Content is available under CC-BY-SA