There's yet another Microsoft-funded analyst study out there; this one,
done by VeriTest, compares deployment times for Microsoft Windows Small
Business Server and Red Hat Enterprise Linux. No doubt everybody will be
surprised to hear that the study (available in PDF
) concludes that Windows is better. Four tasks were set out:
install the system with basic services, set up performance monitoring and
reporting, set up an intranet web site, and configure the network for
remote management. Doing these tasks with Windows took, they say,
4 1/2 hours and 125 steps. Linux required 7 1/2 hours and 555
It is not hard to poke holes in the study, of course. Somehow it was
possible to set up an intranet server on Windows with zero steps - but it
still took seven minutes. Somehow the report didn't comment on the
discouraging time per step required to accomplish this task on Windows.
Errors made by the (Microsoft-hired) consultants performing the Linux
installation were counted as steps. Tasks like checking the system with
nmap were also counted. Setting up remote administration took 100 steps;
we could suggest a shorter way of doing that:
- Enable sshd.
The VeriTest people, instead, set out on a series of tasks involving
installing the kernel source, setting up PPTP, and carrying out several
tasks on the Windows client - all of which counted as steps, of course.
One could go on about this report for a long time; see, for example, the
letter from Leon Brooks on this week's Letters
The more interesting development, however, is that Forrester Research has,
after having Microsoft trumpet one of its studies, issued this statement
on the integrity of its reports.
Recently, in two isolated and unrelated cases, we conducted
privately sponsored studies for two vendor clients. We stand by the
integrity of both studies. However, we erred in allowing those
clients to publicize the research findings. In response to these
two isolated events, Forrester has taken immediate steps to tighten
our internal process and clarify our Integrity Policy. As part of
this clarification, the company will no longer accept projects that
involve paid-for, publicized product comparisons. This move
revalidates and strengthens Forrester's research integrity.
Forrester, in other words, is getting out of the analyst-for-hire FUD
business. Given that this business can only be lucrative, Forrester's
decision to leave it behind is worthy of note.
FUD-for-hire has long been an important business tool in the technology
world. Analysts have been happy to have the business, and they have been
able to live with the fact that their output always seems to support the
sponsor's agenda. Technical journalists have long liked these reports;
they can easily be cast into a story without requiring much in the way of
creative or critical thought. The whole system worked smoothly as a way of
shaping public perception of technology products.
Something has happened over the last decade or so, however. The net has
it easy for interested parties to rip apart biased or poorly-done studies.
And the rise
of free software has greatly increased the number of people who feel some
sort of ownership interest in the systems they use. As a result, anybody
publishing a report critical of free software had better be very sure of
his ground, because that report will be subjected to intense
scrutiny. Some of the people performing that scrutiny will know far more
about the subject manner than the analysts who wrote the text, and they
will not be afraid to say, in public, what they think. Shoddy research and
skewed studies do not fare well in the modern environment.
It has been noted for years that FUD attacks on Linux tend to backfire;
even Microsoft has commented on this
fact. The combination of the net and the Linux community has managed to
neutralize - or at least strongly diminish the effect of - FUD. Analyst
companies which are seen as taking part in outright FUD attempts have seen
their own credibility suffer; remember MindCraft? Now some analyst
companies, concerned about the perception of their integrity, are realizing
that the FUD business is a poor place to be in the long run. That is a
victory for the Linux community, and for the level of technology industry
discourse in general.
Comments (5 posted)
Bruce Perens was in Denver this week for IBM's Linux strategy briefing
and offered to speak to the Colorado Linux Users and Enthusiasts
(CLUE) Linux User Group the night before the IBM event.
The talk was billed as "The Future of GNU/Linux and Free Software," but
Perens talked a great deal about the history of free software as well.
After covering his history with Linux and the open source movement,
Perens turned to current events. He talked a little bit about how many
companies doing Linux-related business suffer from multiple personality
disorder. On the one hand companies like HP are looking to push Linux
and are trying to embrace Linux and do the right thing for the Linux
community. On the other hand, these companies have to maintain
relationships with companies like SCO and Microsoft and participate in
groups like CompTIA that actively
work against open source. Perens cautions the community to pay attention
to everything a company does, not just its support for open source.
We know that both Hewlett-Packard and the other members of CompTIA were
sponsors of the so-called Software Choice Initiative, which works
against open source. So, it's important to watch our friends.
Perens also noted that the next likely legal attack against open source
would be via software patents, and said he thinks its unlikely that
corporations like HP or IBM would help the community in that event.
Though Perens says he hasn't made up his mind yet, he indicated he was
thinking seriously about trying to form a community-driven answer to Red
Hat's enterprise products.
I'm wondering if it's time for a grass-roots enterprise Linux, and
the way I figured I would do this... is first of all take Debian,
why is there a Fedora
project when there's Debian, a ten-year-old project with all its
policies done...with over a thousand developers? That is what the
Fedora project should be. Take that, and get together the
community of enterprise users who depend on Linux and really want a
zero-cost enterprise distribution.
After the talk, we caught up with Bruce for a few minutes one-on-one
to ask about issues not covered during his talk, and to get further
information on the grass-roots enterprise Linux effort. The first
question was about the disagreement between the Free Software Foundation
and the Debian Project over the GNU Free Documentation License (FDL).
Perens has helped mediate between the groups, and says that they're on
their way to working it out.
I wanted to take the emotion out of the whole thing, and it looks like
we're succeeding at that. I'm not tremendously happy to have coverage of
Debian and FSF bickering, we have a lot more important things going on.
I think that it's going to take care of itself more or less now. You
probably will have some conference calls that are exciting... I'm not
asking either organization to compromise with each other, I'm asking
each organization to follow their own rules. I feel that it's not
permissible for Debian to compromise its ethos for FSF nor is it
permissible for the FSF to compromise its ethos for Debian and
resolution of this issue does not call for either.
Perens also clarified his thoughts on a possible "grass-roots"
enterprise-ready Linux distribution:
It's something I'm still thinking about. I think I will go ahead and do
a call for people to work on it. Obviously I'm open for people who want
to discuss it. The project is not yet announced. I really debated this
in my own head for weeks now, and part of the reason was that, I feel
that it's a big personal expense to me to do any large project. On the
other side every open source thing I've ever done has paid back much
more than I've put into it... I feel that I must participate because I'm
one of the few people in the community with the cachet to pull this off,
who can talk to all the people on the executive side and all the people
on the community side and has reasonable credibility with both of them.
That doesn't mean I have to run it, definitely doesn't mean I want to be
its CTO, it does mean I would be evangelizing it publically for quite
I'm thinking about whether it is time for the community... to provide
directly a Linux distro certified to LSB and to proprietary software
providers that are willing to do so, guaranteed to be free software and
free beer, free speech and free beer. A certified distribution that is
zero cost, free software... and I'm convinced that creating a Linux
distribution is a expense-sharing system rather than a profit-making
system, even Red Hat now admits this as they attempt to offload
production of their distribution to the community.
We also asked Perens how he felt about companies that use open source
software, but do not contribute substantially to the projects they use.
I have a scale for commercial collaborators with the community. It has
four points. It runs benefactor, partner, user, parasite. Benefactor:
NASA's a great example. They funded most of Linux's Ethernet drivers at
one time. At that time they were not able yet to make extensive use of
Linux, now they are. They put in more than they got out. Most companies
would not want to be benefactors, it looks bad to your stockholders.
Partner is what companies should be if they expect the cooperation of
the free software community. At Hewlett-Packard, we could not get them
to help us with the IA-64 kernel until we made the printers work. Very
good lesson for companies, we put out 60 printer drivers on Linux
because of that.
User is a company that makes use of Linux and open source that complies
with the licensing, but does not make any contribution unless they just
can't avoid it. The usual GPL. I put Linksys in the user category if
they finish resolving the issues they're working on with the FSF right
now. Linksys is a division of Cisco, a very big company, that's
Parasite, SCO comes to mind. They're making fraudulent claims to get
value out of the Linux and open source community by kiting their stock
and you can quote me on "fraudulent," "libelous," "slanderous," no
problem with that. Other parasites, well who sold Linksys and Cisco that
wireless access point? A chip company with a "B"... a number of
engineering companies that seem to be in Taiwan and Korea, transfered
intellectual property that was not theirs to Linksys and Cisco, in ways
that did not comply with the licensing, leaving these companies whose
goodwill we want out of compliance with our licenses and they don't know
how to resolve the problem. So I don't like it because those Taiwanese
or Korean companies made us enemies with Cisco when we want those guys
to put Linux in their next product, we just want them to comply with the
licenses and they should have been given full directions for doing so
when they bought those WAP designs.
Finally, we asked Perens if he had any thoughts on Eric Raymond's prediction
that Sun is doomed.
Yeah, I wish Eric hadn't written that, actually. At least not quite the
way he wrote it, because first of all not having worked at HP as I have,
Eric doesn't understand how long a company can run on a legacy product
which is an extremely long time. And, secondarily, I think Eric was
angered by things Sun has been saying about Linux not belonging in the
data center and Sun's explicit collaboration with SCO spreading FUD.
However, Sun also helps us. Remember what I said about corporate
multiple personality disorders. They've done $70 million dollar investment in
OpenOffice, and I don't see where it paid off for them. They bungled the
strategic aspect of it, they need help with it, but it was a very large
contribution to Linux and open source. So, first of all, Sun's not going
away, they're not dying. If anything, they'll be acquired. They're still
a company with some value, and obviously their price is becoming more
attractive. Who will acquire them? I think it's either Microsoft or IBM.
We thank Bruce for taking the time to talk with us.
Comments (27 posted)
The September 18 LWN Weekly Edition
"whose Internet is it?" in response to VeriSign's deployment of its
"SiteFinder" service. SiteFinder is an attempt to profit from mistyped
domain names; it is implemented as a set of wildcard entries in
which direct the user to VeriSign's paid
index pages. VeriSign's unilateral change broke a number of network
services, modified how DNS works with no input from anybody else involved,
and raised a great many privacy concerns. Nonetheless, VeriSign seemed
determined to weather the storm and keep its changes in place. That is not
a surprising position, given that the company expected SiteFinder to
generate a revenue stream in the millions of dollars.
Among other things, VeriSign had ignored a request from the Internet
Corporation for Assigned Names and Numbers (ICANN) to suspend the service.
It would seem, however, that ICANN is not entirely without clout - or
value. On October 3, ICANN sent a
more strongly written letter to VeriSign:
In addition, our review of the .com and .net registry agreements
between ICANN and VeriSign leads us to the conclusion that
VeriSign's unilateral and unannounced changes to the
operation of the .com and .net Top Level Domains are not consistent
with material provisions of both agreements....
Given these conclusions, please consider this a formal demand to
return the operation of the .com and .net domains to their state
before the 15 September changes, pending further technical,
operational and legal evaluation. A failure to comply with this
demand will require ICANN to take the steps necessary under those
agreements to compel compliance with them.
In response, VeriSign grumbled a little, then removed its wildcard entries
and turned off the service. However, anybody who thinks that VeriSign has seen the
light and realized that, as the steward of a public resource, it needs to
act in a more responsible manner would be well advised to read this column by Mark
McLaughlin, a VeriSign VP.
ICANN appears to have bought into claims that the Internet has
broken or will break. Anyone who has used it in the last three
weeks knows that claim to be false. More likely, ICANN caved under
the pressure from some in the Internet community for whom this is a
technology-religion issue about whether the Internet should be used
for these purposes.
The company also had some strong words at the special ICANN
meeting held on October 7. Among other things, it said that it
may have other surprises to spring on the net in the future. VeriSign, in
other words, is absolutely unrepentant. This company's
history suggests that it will not give up on the SiteFinder idea anytime
soon. At the moment, it appears that the net's governance mechanisms have
brought about the right result. But it would be a mistake to assume that
this particular episode is over.
Comments (5 posted)
Many people have wondered how it could be that SCO's stock price continues
to increase even as the company's claims are publicly torn to pieces. A
partial answer to that question came to light this week, in the form of this
. It would seem that Royce & Associates, the manager of
the "Royce Technology Value Fund," now owns over 1.4 million shares of
SCO. That is, as it turns out, over 10% of all the outstanding shares in
the company, and almost 20% of the shares in active circulation. For
whatever reason, Royce has made a huge bet on SCO, and has managed to keep
the price high in the process.
This fund is managed by Jonathan Cohen; some information about Mr. Cohen
and SCO can be found on this
page. Among other things, he has been talking up SCO stock in a number
of forums; see, for example, this
posting on MSN/CNBC. "Cohen said the company's stock has done
well this year on the back of solid fundamentals. It has an enormous base
of intellectual property rights, he added." Solid fundamentals
Meanwhile, more documents on the IBM case, and, in particular, the
pre-trial discovery process have come to light; they can be found on the
always useful Groklaw
site. There's some fun stuff there. Consider the following from
"Exhibit E," SCO's response to IBM's discovery demands:
Please identify, with specificity (by product, file, and line of
code, where appropriate) all of the alleged trade secrets and any
confidential or proprietary information that plaintiff alleges or
contends IBM misappropriated or misused...
...SCO notes that discovery has just begin and it has not yet
received responsive discovery from IBM that would allow it to fully
answer this question because part of this information is peculiarly
within the knowledge of IBM.
SCO responds to a number of questions in this way. One way of translating
this response into English would be something like "we don't know, we were
hoping IBM would tell us." It is hard to imagine a judge being impressed.
IBM also asked for information on "any person on whom plaintiff intends to
rely as a witness, declarant, or affiant in this action." SCO's response
was "None at this time." Could the company really have no witnesses at
IBM has filed a motion with the court attempting to compel SCO to back up
its claims. The company has also asked for an oral argument before the
judge on the issue.
Good cause for oral argument exists because of the nature of the
discovery issued upon SCO and the significance of its refusal to
respond. SCO has the burden to prove the existence of a trade
secret or misappropriation by IBM of confidential or proprietary
information, and there is no presumption in SCO's favor in this
regard... As a result, SCO's apparent inability to respond to
IBM's interrogatories as required under the Federal Rules of Civil
Procedure has potentially outcome determinative consequences.
In other words, if SCO can't back up its charges, it's time to call the
show over. Nobody ever thought IBM's lawyers would make it easy for
Finally, Drew Streib is still trying to buy an
SCO "Linux license," but still has not succeeded. "I can't
believe that a sales force is this incompetent, or instead of that
possibility, that SCO could be so blatantly outright in their lying
about license availability." SCO also continues to state that it
will not be sending out invoices because the "response has been adequate."
One might conclude that the company is having second thoughts about its
Comments (1 posted)
It has been the better part of a year since we first started taking
externally written articles for LWN. That effort has had its ups and
downs, but, overall, we have been pleased with the result. Externally
contributed material has allowed us to bring new content and viewpoints
to LWN. We have convinced ourselves that we can bring in more content and
maintain the quality of our publication.
So, the time has come to expand our external author program. Writing for
LWN will not be easy; as editors, we are fussy and difficult to please.
And it certainly will not be a path to riches, or even away from the day
job. But it is a way to get your byline out there and help us make a
better LWN. If you think you might be interested, please take a moment to
look at our author guide. If you're
still interested afterward, we would like to hear from you.
Comments (none posted)
Page editor: Jonathan Corbet
Inside this week's LWN.net Weekly Edition
- Security: EFF on trusted computing; new vulnerability in cfengine.
- Kernel: Kernel tree survey; Relayfs; kobject hotplug operations.
- Distributions: A Feature Tour of New Distribution Releases, New - Linux Router Project, Phlak and Snootix
- Development: The Linux Brochure Project,
new versions of Purify, Bricolage, HarvestMan, Xen, WaveSurfer,
Conglomerate, the GIMP, Epiphany, SBCL, Python, GDB, Leo.
- Press: Replacing Linux init, Sun's future, Lessig on proprietary technology,
Verisign fends off critics, SCO PR director interview.
- Announcements: IBM brings Linux to Britain and Russia, SuSE Standard Server 8,
Lightweight Languages 2003 CFP, Linux.Conf.Au 2004 schedule.
- Letters: VeriTest study.