Linux Swiss Cheese? Not Likely…

Linuxblog Editors Note: This article was written as a direct response to the report published by Security Innovation in March 2005 featured at various news sites.

It’s studies like the one discussed in this article that really hit nerves. Not for the reason that most people get upset about them…I hope people realize that there will always be FUD flowing from the patent pending FUD machines at M$ headquaters. One can only hope that as people become more and more computer savvy, that things will change in this respect. In the meantime, comments will flourish on subjects like this. But I’m not upset about this subject for the reasons that people think. I’m not an open source zealot proclaiming the GPL from the pulpit; rather, I am a supporter of Open Source, a user of Open Source, and a believer in Open Source. The reason this article makes my teeth gnash is the level of professionalism in the report it is discussing. What? Two Noted Doctors in the computer science field and a security author lack professionalism? You’re 100% right on that one. If they were professional, they would have made unbiased decisions AND stepped down if a conflict of interest existed. For more info, read on:

Let’s do a quick rundown of what the article is trying to say. Basically, the article states that there is something called “days of risk” that signify how many days an enterprise server has vulnerabilities that are unpatched. The study found that Microsoft 2003 server was only vulnerable for average of 30 days while Red Hat ELS 3 was open for 71 days. Considering the way in which vulnerabilities are addressed at Microsoft and their approach to solving said vulnerabilities this is highly unlikely. Let’s not worry about these ‘days of risk’ to begin with. Instead, let’s take a look at some interesting tidbits of information that one can find by reading the report and cross comparing it with a couple of websites.

Continue reading “Linux Swiss Cheese? Not Likely…”

OASIS & RAND…Danger Will Robinson! Danger!

Larry Rosen, an intellectual property attorney and open source advocate, has called to action all open source advocates to battle against patenting standards via a consortium called OASIS. OASIS is chock full of powerful members from businesses around the globe including friend of Linux IBM, HP, and foe of Linux Microsoft. So, what’s the deal with this? When I read the article, I didn’t really know what the heck these guys were talking about. So I went to the OASIS webpage to check out what all the hubbub was about.

What I found was similar to an old western movie. How so? You’ve got the sheriff and his posse rooting out any of the “bad guys” in various ways; first by deputizing anyone and everyone that can buy themselves in and secondly by making up any laws they want to and going out to enforce them. How is this? Let’s say that IBM and HP develop a standard together…for the sake of argument, let’s say that they have a new file format and they call it BVL. Ok, so BVL is a new cool format that allows RSS syndication of 3D images to be syndicated…(hypothetical here). They push this BVL format onto their little consortium OASIS and all of the members think it is just the cat’s pajamas.

They ratify and adopt this standard. They look at three IPR modes (Intellectual Property Rights) to release their BVL standard under…Reasonable And Non-Discriminatory (RAND),” “Royalty-Free (RF) on RAND Terms,” or “RF on Limited Terms”. In each instance, this standard would prevent open source from interacting with it.

Continue reading “OASIS & RAND…Danger Will Robinson! Danger!”

Why I Hate Mainstream

Linuxquestions.org has announced the winners of its members choice 2004 awards for Linux and open source. Upon hearing, I visited the site and slowly scrolled down the list nodding my head every so often, sometimes shaking my head where I disagree. Then I arrived at a category I actually know a little bit about…Live CD’s. Knoppix?!? Again!?!? Ok…let’s think this through. Perhaps it deserves it…afterall, X number of system admins swear by it. However, to me, this isn’t what a Live CD is about.

IMHO, a Live CD is about trying out Linux…not just rescue functions or data recovery. It’s about being able to run an entire operating system as read only from your CD-ROM. It’s about showing the power that Linux has. It’s about having an entire desktop with all the eye candy fixins in sub-5 minutes to attract new users. In a sense, it is a “try before you buy”…in this case download. It’s about detection, installation, configuration, and automation. While Knoppix does a good job on this…actually it wrote the book on it…there are those distributions out there that now PUMMEL Knoppix in detection. Two that come to mind are PCLinuxOS and MEPIS.

I figured that PCLinuxOS would be the major player at this years members choice award…mainly for the reason that it really advanced this year at distrowatch.com. In 2003, it was 44th. In 2004, it skyrocketed to 9th. That’s the fastest moving Linux distribution that is currently being tracked by Distrowatch. So, when I read Knoppix as the choice…I was surprised. Then I thought about it for a minute, isolated the real problem, and became a bit ticked off.

This isn’t about choice and it definately isn’t about a Live CD…it sure isn’t about the best. It’s about the most popular. Unfortunately, this is becoming the ‘in thing’ for open source. Linux has become chic. Well, maybe shabby chic. Nonetheless, Linux has arrived mainstream and brings entoe all of the things (good or bad) something that goes mainstream will bring with it.

Continue reading “Why I Hate Mainstream”

SUNny Days

Sun releases appx. 1600 patents to their new license scheme, CDDL, and declares them ‘open source’. But don’t be fooled…while this is a great thing for open source, it doesn’t mean Linux will benefit from this at all.

I’ve been fighting the urge to chip in my one and a half cents worth. I’ve been holding back, reading what analysts say. I’ve been perusing quotes from various PRs and company heads…reading, reading, reading. The thing that gets me about this is that IBM just opened up 500 of its licenses. Not to be outdone, Sun sweeps in and usurps the thunder.

That’s reminds me of a time when I was growing up. I remember when I got my first skateboard…a Lance Mountain Street with H-Street wheels and indy trucks…man that baby was sweet.? Not to be outdone, my neighbor had to pick up a Tony Hawk board with slimeball wheels and tracker trucks and all the fixins. Next to his board mine looked rather plain. I felt a bit left out at times, but there was no emotional scarring 🙂 IBM is fast becoming that left out kid, which truly is sad considering IBM is the largest patent holder in the world. I sure hope they don’t begin to feel left out and decide not to open source anything else.

Back to the subject at hand…the Sun peaked its head through the open sourced clouds, its body shrouded by a CDDL blanket…and all of us that have been frolicking in open source bliss atop of these open source clouds have taken notice. Then Sun dropped back through with OpenSolaris and Java bait rimming the small opening from which they came. The question that comes to my mind is…where are they going to get a community from?

I’ve talked this over on some different channels with quite a few different people. Most of them think that a community will spring up. I don’t doubt that at all. However, I don’t think this community will be very large at all. The reason?  Because of loyalty to the GPL. The CDDL is incompatible with the GPL and this will prevent it from ever crossing most functions into GPL’d code.? Thus far…albeit very early in the game…Sun has “an initial Open Solaris community of more than 100 people, from inside and outside the company, which it plans to expand”? (eweek article). 100 people? Come on! That’s it?? What the heck?!?!? I’d be worried if I was Sun. If January 31st, 2005 comes around and they don’t have more than 500 people in the community…I’d say they better toss in the old white towel on this movement because that community isn’t going to spontaneously generate.

Continue reading “SUNny Days”

Why Open Source Isn’t Succeeding…part II

*Editors note: The following sentence was removed from the first paragraph of #3:

“Even as recently as November 2004, there has been talk from the kernel developers about a fork in the kernel”

It was removed along with the link to an article from November 2004 due to it being an erroneous reference and based on comments taken out of context. However, I neglected to post that I had removed this sentence because I felt that it did little to support or not support the paragraph. I apologize to the readers of the blog for calling into issue my integrity.

Devnet



Some of you may have read my previous entry that sparked quite a bit of debate. Looking back on the content, I realize that the title of the entry could be misinterpreted as FUD or even trolling. Please understand that this wasn’t the intention. The entry simply addressed issues that I see inhibiting open source, specifically Linux, from fully succeeding (i.e. dominating both the server and desktop market for computers). I should have titled the article, “Why enterprise applications may kill open source”. But hindsight is 20/20 right? On request, I will clarify a few points for those that have asked it.

1. Enterprise companies and applications that take from open source CAN KILL open source.

There is a crossroads in today’s enterprise OS. Micro$oft has pushed back Longhorn and the next greatest server application. Companies have begun to wonder what they are going to do for server/desktop OS in the near future. Many are seeing their support for enterprise server applications such as NT 4.0 and Win2k dry up and blow away. Enter Linux. Affordable, stable, and now certified as a ready alternative to M$. So Enterprise Linux begins to flourish this year. Novell, Red Hat, TurboLinux, and others start to churn out a profit and go into the huge server market with actual products that can offer benefits to all. The problem is this…what happens if those companies pull the plug on their open source support? Would they? Wouldn’t they? Why should we count on them? Didn’t Lotus 1-2-3 and OS/2 count on Micro$oft to keep them in the loop as well? Is it really something the community should bet on? Will the community bet on it? I hope not. Will it crush the community entirely? No…but it could fork open source or even set it back quite a bit. Of course, no one can see into the future, but these are valid questions to consider when you bring enterprise applications and business into the open source mix. Most of this will probably mean nothing for the common desktop Linux user or even someone who uses one or two open source applications on their M$ desktop. So why discuss it? Hindsight is always 20/20 right? Why not make foresight 20/20?

2. What do you mean that these companies don’t give back to open source. After all, IBM gave X Million dollars of support back to the community and Sun released X # lines of code…

Yes, that is true. Money being given back to the community and code being released is a good thing. I hope it continues. If business enters the fray, can you really count on it? What if companies decide it isn’t such a good business idea anymore to give back to open source? Will we cry foul and expect them to listen? Instead of investing our support for these companies…I say we should invest our support for those distros and software that aren’t available for enterprise applications. The free as in beer stuff. You know, those that charge 10 bucks to help the author who’s taxed beyond his means and has taken out a mortgage on his home just to put out the last release. Those are the ones we should cheer…not corporations. If I were rallying behind a business when I began with open source in 1995 I would have gotten shunned out of every single BBS and channel I was on. When did it become cool to rally behind business?

A corporation that sells enterprise open source will try to advance it’s own means first and then that of the open source community that supports it. If the open source community gets trampled or the short end of the stick…so be it. If the corporation sees an opportunity to take more than it gives to open source…it will happen (and most likely has happened). Remember that all they have to do to get accepted back into the community is release another few lines of code or donate a fraction of their billion dollar profits…it’s all smiles and “welcome backs” after that.

The problem with business is that business as a whole is incompatible with the spirit of open source…which doesn’t mean they can’t help each other or coexist…it just makes for an unknown future. Right now, companies have found a comfortable balance with open source. This is proving a very rich environment that open source is flourishing in. If FUD isn’t just something spoken of but something that becomes a reality, then where will we be? How do we prevent it? By being aware that it is an issue and NOT putting all of our ducks into the proverbial enterprise application row.

3. What’s this about Linux forking?

Sometimes forks in major projects can be a blessing. Sometimes though, they can kill a project. So, it’s uncertain what would happen if Linux forked. If you’re thinking…hey, nothing in open source will fork…read this and reconsider things…it’s not an impossibility. The good part about a Linux kernel fork is that open source wouldn’t die. Linux might suffer quite a bit, or it might not…but open source Linux would survive. However, if Linux forked it would be used as a “I told you so” by so many FUD brewers (like your favorite and mine Redmond micro-brewery) and with this happening, overall support would most likely suffer. Of course, this is all speculation. It’s not something we should be afraid of. It’s something we should be INFORMED of. It’s not something that should be uncertain…it should be understood. It’s not something that should provide doubt for us…it should provide knowledge of the possibilities.

There is a possibility with businesses supporting Linux that Linux will fork because of decisions that the business makes. If something the community wants conflicts with what the business wants…what is the business going to go with? Will they remove their support when they decide that they’re going with what they want instead of the community? Will they put undue pressure on individual developers in order to sway the development in their direction? Who’s to say they won’t?

Rightly so, we can’t see the future and we can speculate all day long. But we can change our awareness now and we can adapt ourselves back into the original intention of FOSS instead of nipping at the coat tails of businesses and having misplaced alliances.

Continue reading “Why Open Source Isn’t Succeeding…part II”

Why Open Source Isn’t Succeeding

“It’s not the big that beats the small; it’s the fast that beats the slow.” Niklas Zennstrom

There was a time early in the dawn of computers where .edu’s and .orgs co-mingled ideas and thoughts via IRC and newsgroups in a conducive and non-proprietary way. The great ideas that were born from this still thrive today in the form of RFC’s, Internet Standards, Protocols, and other surges of genius that sprung from these beginnings.

Lately however, certain things have begun to become apparent. Proprietary software vendors have locked the advancement of technology. This is to be expected. The open source movement is in full swing to counteract that. The only problem with the open source movement is in trying to counteract this huge pendulum and swing it from closed source proprietary toward a multi-source, multi-national technological advancement (for the gain of mankind and not company kind). Instead, open source has begun to push the stone uphill on it’s own without assistance from the VERY companies that take from it.

The bottom line is that companies will take from open source without any inhibitions at all. But when it comes to defending that which they take, they shrivel into the shadows and hope no one notices them. Companies are not in symbiosis with open source…oh sure, some of them might be sympathetic to open source. As we’ve seen with the Linux Core Consortium, companies will pledge their favor but not their resources. But until ALL companies that take from open source give back through REAL support (financial or otherwise)…they’ll continue to be identified as an entity that takes from another without providing anything in return. The word for that is PARASITE.

Companies that take from open source without giving back are a parasite to open source; they are killing it from within. The bad part about this is that we are helping this parasite…even applauding what it is doing. Many of us cheer when company X converts 250 computers to Novell or RedHat…but that isn’t open source anymore! They’re companies who happen to use Linux…they’re just not pure open source no matter what their beginnings are or were. The support and recognition go to Novell and Redhat…the financial gain goes to those companies and not back into open source. Sure, they provide some packages and free-for-home-use downloads and other niceties to try and counteract things…but open source still loses. It loses because there are more takers than givers.

Open source advocates shouldn’t be cheering when company X converts 250 computers it has to Novell or Redhat because they’re just cheering for the company. Even when Linux becomes THE accepted alternative for business and enterprise applications we should refrain from cheering companies such as Redhat and Novell because the money they earn doens’t go back into open source…and the name they make for themselves…does nothing for open source. No matter how hard they try, they’ll always take more than they give.

Some of you might be saying, “But the simple fact is that when Company X converts to Linux, they are embracing Linux in general…not just the company that sells it. This means that they’ll open up more to open source programs such as OpenOffice and Firefox”. Perhaps. But I’d be more willing to believe that company X won’t do ANYTHING that the vendor who provided them with Linux advised against…especially if warranty and license prevent it. So if said Linux vendor who provided them with 250 Linux desktops decided they didn’t want Company X to use OpenOffice…that company wouldn’t use it. The power of choice has been removed.

Until companies aren’t afraid to offer FULL and unadulterated support for Linux (LSB 2.0 standard or the Linux Core Consortium) and free open source software, the open source movement will not succeed.

Creative Commons License
Except where otherwise noted, the content on this site is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.