Letters to the editor

more questions on the sco linux license

mr. riggott,
 
15/10/2003 and the end of scosource's introductory license pricing is
fast approaching. to date all i have is your word on the phone that the
sco linux license is not available in europe and that the introductory
pricing period will be extended for european linux users. while i have
no reason to mistrust you - you are very business-like and polite on
the phone - i would really appreciate an email from you confirming this.
 
at work we always encourage people to document things, "because you could
be hit by a bus tomorrow," and just last year one of our co-workers *was*
hit by a bus (though he was ok after a few weeks). but three months
from now i could be talking to sco about you saying that the intro
price would be held for european companies and they might reply that
you'd cashed in all your stock options and quit to live in warmer climes.
and while i'd be happy for your good fortune, where would i be? - a phone
conversation with a former employee and a new policy saying i had to
pay ¤5,000 for something that only seems to cost ¤1,800 at the moment?
that's less than ideal.
 
if such an email is not possible, and i understand that i am just one
customer among thousands, could you let me know if licenses ordered from
the sco usa number (1-800-726-8649) are valid here in ireland/europe?
if so i could just ring them and stop bothering you.
 
lastly, just a reminder about the description of what i'd be buying.
i'm sorry to be a pest about this but i hope you understand that i really
will need to see that before making a purchase. in addition i read in
the news that sco is not sending out copies of the license to customers.
you do understand that is completely unacceptable? you can't expect
me to make an ¤1,800 purchase w/o a description of what i am buying
AND w/o getting a license. if i spent my money like that, i'd be broke
from sending money to all those relatives of dictators i get email from.
 
if you could please pass that up the chain i would appreciate that.
 
thanks for your time,
 
kevin lyda
 
ps to save you some trouble, i've cc'd the irish linux users group as
    well as a few tech journalists so that you won't just be answering
    me but a large number of irish linux users. i'm sure it would be a
    waste of your time to answer the same questions over and over again,
    so i hope this helps.
 
--
kevin@ie.suberic.net i wouldn't mind what that says;
http://ie.suberic.net/~kevin/cgi-bin/blog paper never refused ink.

Comments (1 posted)

My linux servers are do *not* have tools on them

Leon brooks writes:
 
<lots snipped>
 
> Would you care to republish that article, noting that the attacks are
> on a statistically one-for-one basis despite the fact that the Linux
> servers are a more attractive target, often being loaded gunwhale-down
> with useful tools as they are?
 
My servers have not been breached to my knowledge and I can inform Leon
Brooks that they do not have tools on them. I specifically set up
servers with as minimal a system as possible---modulo what RH insists on
and my ability to trim that (e.g. using by building my own sendmail RPM
with drastically reduced dependencies).
 
Once I have done that software gets on the machine only by having a good
reason to do so. Openssh pretty qualifies automatically but nothing else
does---you only get apache if you can demonstrate a convincing case for
a webserver, for example. None the boxes have portmap (and thus no NFS
or other RPC based services), compilers, lp*, r*, telnet, gs, *TeX or
anything X11 related. Many have default deny IP tables rules in and out.
 
What amazes me is now well windows servers do, given then M$ insists
they have boatloads of software useless for web service and a dire
security record. Can script kiddies only cope with unix boxen? Are
people mad enough to assume that linux servers should not be protected
by firewalls?
 
I guess anyone who *does* configure a web server loaded with all sorts
of useful tools, and not behind a firewall, is probably not very
cluefull and probably unlikely to apply security updates. Thus their
boxen are probably wide open to all the exploits published within the
last year. There are no doubt enough script kiddies to ensure all these
insecure boxen are owned.

Comments (none posted)

Feedback: McNealy and Linux

> they need to outsource data centers or buy them ready-made with
> pre-assembled, preconfigured, standard systems.
 
Rough translation: "We'd much rather they were in our core market, not
doing their own thing for half the price. Linux is eating our lunch in
server space and that worries us, but we're aware that to say so will
only undermine our position faster."
 
> Best of all, Solaris is "indemnified" and runs no risk of being
> slammed with copyright suits like the SCO Group's against IBM
> Corp., McNealy said.
 
Of course it runs no risk - and neither does any other OS. The SCO Group
aren't committing barratry against an operating system, they're
committing it against a single company. You can't sue Linux, because
there is no overseeing corporation. You could only sue distributors,
and good luck getting at Mandrake, SuSE or anyone else not
headquartered in the litigation-happy USA.
 
TSG are also committing barratry against many Linux users, but that's
basically only in support of their main barratry against IBM. Even if a
miracle occurred (not all mircales are nice ones), justice were
travestied yet again, and they won an ability to charge licence fees,
because they won't show the code, the clock would start only a
reasonable time after the case was settled. Plenty of time to switch to
FreeBSD beforehand if an outcome that stupid looms, which should be
really, really streamlined by 2005. Debian has had a FreeBSD port for
years already, so a switch for Debian users would be pretty much
painless.
 
In so many ways, TSG's moves make no sense unless you follow the money
and discover Bill and Melinda Gates as directors of the companies
principally responsible for propping up SCOX shares despite the clear
pointlessness of their legal case.
 
Which companies in the world stand to benefit most from a slowdown of
Linux deployment? Microsoft and Sun. Which companies have paid Danegelt
to TSG? Microsoft and Sun. See, it's not so complicated after all.
 
IBM, SGI, Hewlett Paquard and so on have discovered that it's easier and
more effective to let other people willingly do most of the maintenance
and development for their hardware and system packages.
 
> McNealy called Linux hobbyists "jalopy-ists" who build systems
> piece by piece.
 
Well, you can do that if you want. Linux is all about choice.
 
However, most Linuces arrive pre-packed. Their packages and patches are
far easier to manage than Sun's.
 
> McNealy referred to a North American enterprise that has a
> "director of Linux kernel release engineering."
 
That would be Red Hat? (-:
 
Cheers; Leon
 
--
http://cyberknights.com.au/ Modern tools; traditional dedication
http://plug.linux.org.au/ Committee Member, Perth Linux User Group
http://slpwa.asn.au/ Committee Member, Linux Professionals WA
http://linux.org.au/ Committee Member, Linux Australia

Comments (1 posted)

Page editor: Jonathan Corbet