Sequels, it is said, often fail to live up to the original. So it may not
be entirely surprising that Eric Raymond's latest, Halloween XI
lacks some of the impact of its predecessors. There are no "smoking gun"
memos to dissect this time around; instead, Eric looks at Microsoft's
latest marketing techniques and redefines the free
software community in terms of a cold-war style confrontation with
Microsoft. This view of things is not likely to be helpful.
Eric's analysis of Microsoft's latest road show does have its good points.
The company, he notes, has dropped its discussion of "intellectual property
threats" posed by Linux and Microsoft's higher level of "innovation."
Instead, Microsoft is pushing total cost of ownership arguments and trying
to sell the idea that its "shared source" program is as good as truly free
software. The company's position does, indeed, appear to have shifted into
a more defensive mode.
But consider this quote:
Because coexistence is not a stable solution for them, it cannot be
for us either. We have to assume that Microsoft's long-term aim is
to crush our culture and drive us to extinction by whatever
combination of technical, economic, legal, and political means they
One can imagine several ways of characterizing the whole free software
movement. A couple of those might be:
- A group of software developers and users who are pooling their
effort to supply themselves with the best software they can create,
free of restrictions, obnoxious licensing, hidden "features," etc.
- A noble, if outgunned army, led by wizards, in an epic battle against
the dark forces of Mordor and the roving red eye of Steve Ballmer.
The truth of the matter is that we are not fighting a war. We are building
a set of tools which allow us to better run and control our lives, and,
with luck, having some fun in the process. Forcing our efforts into the
mold of a battle is not likely to help us in that process.
The competitive threats to Linux are relevant. In general, expanding the
user base of free software is a good thing; it causes a corresponding expansion of the
developer base and makes it more likely that we will encounter free
software in all aspects of our lives. Growing the user base means dealing
with competing forces which have their own ideas of how things should go.
That's capitalism. Certainly some people should be thinking about how to
make free software competitive; this task naturally falls on those working
to build businesses around free software.
There is also a definite legislative threat - as there is in many aspects
of our lives. This threat goes far beyond Microsoft, however. Software
patents, black-box voting systems, cryptography regulations, mandatory
digital rights management schemes, anti-circumvention laws, etc. are all
part of the fight for freedom which is as old as the human race. Focusing
on Microsoft as the Big Threat can only distract attention from the real
battle, in which Microsoft is only a part.
In that context, consider this quote:
The thing not to do is talk abstractions. FSF-style propaganda
about freedom or user's rights has its uses occasionally, but it
will register on this campaign's target audience of
bottom-line-fixated IT managers as irrelevant or nutty. And when
you look irrelevant or nutty, you hand Microsoft a victory.
If your focus is Microsoft, this advice may make some sense. But if your
goal is an "abstraction" like freedom from software patents, systems which
spy on you, etc., a focus on Microsoft seems short-sighted. Let the folks
at IBM, Novell, Red Hat, and so on talk to the bottom-line people; that's
their job. They should, while they are at it, be able to find ways of
selling freedom as well; that freedom is just as valuable to a large
corporation as to anybody else. The rest of us, meanwhile, can find better
things to do.
Microsoft can certainly be expected to attack us. It will fund
corporations which attempt to claim ownership of Linux via the courts. It
will fund "think tanks" to spread doubts - see this
impressive list of Microsoft-funded organizations which have published
attacks on free software. It will attempt to intimidate government
officials contemplating switching away from its products. But Microsoft is
a small piece of the problem, and the best way to fight it is the
production of more, better code. That approach, after all, has worked
pretty well so far.
As a postscript, it is worth noting that there are good things to be found
in the latest Halloween essay. In particular, Eric's advice to work to
increase the adoption of Linux inside governments makes a lot of sense. If
we can feed a government enough free software that it becomes addicted,
that government is more likely to think twice before passing laws which are
highly inimical to free software. Of course, that's "drug dealer" talk,
which we'll get to in the next article.
Comments (20 posted)
The recent reports
Microsoft has filed suit against Sérgio Amadeu, the president of the
Brazilian National Institute for Information Technology and a leader of
Brazil's move toward free software, have upset many in the community. This
suit looks very much like an attempt to intimidate a government which has
been making increasingly friendly noises about free software. A closer
look shows that, while this may be the case, there probably is not too much
to be concerned about here.
For the curious, Microsoft's complaint is available in PDF
format. That complaint comes down to the following: Mr. Amadeu
compared Microsoft's tactics to those of drug dealers, and Microsoft
doesn't like it. So Microsoft has filed a a "demand for explanation" aimed
at getting Mr. Amadeu to retract his statements, or, at least, to back them
up in court.
The "drug dealer" comment was, beyond doubt, over the top. Many public
statements made by Microsoft about free software are, beyond doubt, equally
over the top, as is Microsoft's reaction in this case. Microsoft seems
unlikely to get very far with this
particular complaint, especially in the face of public statements like:
As long as they are going to steal it, we want them to steal
ours. They'll get sort of addicted, and then we'll somehow figure
out how to collect sometime in the next decade .
(Bill Gates, 1998, quoted in News.com).
The most likely result of this action may well be to convince more
governmental employees that dealing with Microsoft is generally a bad
idea. This kind of ham-fisted attack seems unlikely to slow any
government's move toward Linux, though it may make the people involved
watch their words a little more carefully.
Comments (4 posted)
The Anti-Spam Technical Alliance is a consortium of large Internet service
providers, including Yahoo, Microsoft, EarthLink, American Online, and
others. This group has just announced
the publication of a set of guidelines intended to reduce the amount of
spam in circulation; the document is available in PDF format
These ISPs carry enough network traffic between them that it's worth
looking at their recommended policies. After all, if these carriers decide
to screw up the net, they could succeed in making a big mess for
The recommendations, unsurprisingly, are aimed primarily at ISPs. For the
most part, they are reasonably obvious stuff; they include:
- Close open relays. Most people who run mail systems will have done
this some time ago; anybody who doesn't finds it hard to send mail
after a short while. The guidelines also recommend tightening access
to open proxies.
- Shut down formmail.pl. It is hard to imagine that systems running
formmail are still out there, but they must be. The LWN web server
gets a handful of attempts to use formmail.pl (which has never been
installed there) every day.
- Detect and disconnect zombie systems. This clearly has to be done;
compromised systems are increasingly in demand as spam sources.
Detection of such systems should be relatively easy, most of the time;
one hopes, however, that ISPs will be careful when deciding just how
active they want to be when looking for compromised systems.
- Use authenticated email submission. The report also recommends
pushing customers over to the mail submission port
(port 587) for
feeding email into the system. Separating out the submission step,
again, allows for prior authentication. Of course, implicit in all of
this is the idea that ISP customers are not to be allowed to directly
send mail to remote systems.
- Put rate limits on outbound email traffic. Recommended limits are 150
recipients per hour, up to 500 recipients per day. This idea has all
kinds of problems, starting with the effect it will have on anybody
running a mailing list.
- Close down web redirector services. Evidently some redirection
services are open to anybody who wants to use them; putting redirected
URLs into spam helps make the message look more legitimate and hide
the ultimate destination.
- Set up and use spam reporting services.
There is also a set of recommendations for bulk mail senders, with ideas
like "do not harvest email addresses," avoid forged headers, and provide
clear opt-out instructions. The best recommendation, however (which would
be "cease and desist") is absent. The "recommendations for consumers"
section limits itself to suggesting the installation of firewalls and
In one sense, these guidelines are a step in the right direction. They are
an admission from a number of large ISPs that they must take responsibility
for spam originating on their networks. In the best possible scenario,
ISPs will take a higher level of interest in their contribution to the
problem and shut their spammers down. In the worst case, however, we could
see a significant reduction in what "normal users" are allowed to do on the
net, major hassles for anybody wanting to run mailing lists or handle their
own mail, and increasingly intrusive probes from ISPs which are ostensibly
intended to root out compromised systems - all with a wink to "legitimate"
bulk commercial emailers and no real reduction in spam volumes.
For now, at least, vast parts of the net are beyond the control of these
large ISPs. That puts a limit on their ability to make a significant dent
in the spam problem, but also in their ability to impose their own vision
of how the net should work. Limits of that sort can only be a good thing.
Comments (15 posted)
Page editor: Jonathan Corbet
Inside this week's LWN.net Weekly Edition
- Security: Long-lived security holes; New vulnerabilities in DHCP, rlpr, super, usermin, ...
- Kernel: DMA; Separating kernel source and object files; Reworking the wireless extensions; Kernel module debugging.
- Distributions: Asianux 1.0.
- Development: The New Age of Programming, new versions of ZODB, Sendmail,
Project/Open, POE, Wasabi, SiGeFi, gnome-games, LTK, ImageProcess,
Wine, TAP-plugins, OpenOffice.org, Mozilla, xtopdf, Conglomerate,
- Press: The Linux Killer, INDUCE Act, Dvorak on Linux, Nokia funds Mozilla,
DMCA challenges, Kommander review.
- Announcements: Lindows in retail, RHAT results, Sheme workshop material, Linucon,
OO.org conf, PHP Conf, Plone Conf, Planet Python.
- Letters: dzt; exmh.