User: Password:
|
|
Subscribe / Log in / New account

LWN.net Weekly Edition for June 24, 2004

On dealing with Microsoft

Sequels, it is said, often fail to live up to the original. So it may not be entirely surprising that Eric Raymond's latest, Halloween XI, lacks some of the impact of its predecessors. There are no "smoking gun" memos to dissect this time around; instead, Eric looks at Microsoft's latest marketing techniques and redefines the free software community in terms of a cold-war style confrontation with Microsoft. This view of things is not likely to be helpful.

Eric's analysis of Microsoft's latest road show does have its good points. The company, he notes, has dropped its discussion of "intellectual property threats" posed by Linux and Microsoft's higher level of "innovation." Instead, Microsoft is pushing total cost of ownership arguments and trying to sell the idea that its "shared source" program is as good as truly free software. The company's position does, indeed, appear to have shifted into a more defensive mode.

But consider this quote:

Because coexistence is not a stable solution for them, it cannot be for us either. We have to assume that Microsoft's long-term aim is to crush our culture and drive us to extinction by whatever combination of technical, economic, legal, and political means they can muster.

One can imagine several ways of characterizing the whole free software movement. A couple of those might be:

  • A group of software developers and users who are pooling their effort to supply themselves with the best software they can create, free of restrictions, obnoxious licensing, hidden "features," etc.

  • A noble, if outgunned army, led by wizards, in an epic battle against the dark forces of Mordor and the roving red eye of Steve Ballmer.

The truth of the matter is that we are not fighting a war. We are building a set of tools which allow us to better run and control our lives, and, with luck, having some fun in the process. Forcing our efforts into the mold of a battle is not likely to help us in that process.

The competitive threats to Linux are relevant. In general, expanding the user base of free software is a good thing; it causes a corresponding expansion of the developer base and makes it more likely that we will encounter free software in all aspects of our lives. Growing the user base means dealing with competing forces which have their own ideas of how things should go. That's capitalism. Certainly some people should be thinking about how to make free software competitive; this task naturally falls on those working to build businesses around free software.

There is also a definite legislative threat - as there is in many aspects of our lives. This threat goes far beyond Microsoft, however. Software patents, black-box voting systems, cryptography regulations, mandatory digital rights management schemes, anti-circumvention laws, etc. are all part of the fight for freedom which is as old as the human race. Focusing on Microsoft as the Big Threat can only distract attention from the real battle, in which Microsoft is only a part.

In that context, consider this quote:

The thing not to do is talk abstractions. FSF-style propaganda about freedom or user's rights has its uses occasionally, but it will register on this campaign's target audience of bottom-line-fixated IT managers as irrelevant or nutty. And when you look irrelevant or nutty, you hand Microsoft a victory.

If your focus is Microsoft, this advice may make some sense. But if your goal is an "abstraction" like freedom from software patents, systems which spy on you, etc., a focus on Microsoft seems short-sighted. Let the folks at IBM, Novell, Red Hat, and so on talk to the bottom-line people; that's their job. They should, while they are at it, be able to find ways of selling freedom as well; that freedom is just as valuable to a large corporation as to anybody else. The rest of us, meanwhile, can find better things to do.

Microsoft can certainly be expected to attack us. It will fund corporations which attempt to claim ownership of Linux via the courts. It will fund "think tanks" to spread doubts - see this impressive list of Microsoft-funded organizations which have published attacks on free software. It will attempt to intimidate government officials contemplating switching away from its products. But Microsoft is a small piece of the problem, and the best way to fight it is the production of more, better code. That approach, after all, has worked pretty well so far.

As a postscript, it is worth noting that there are good things to be found in the latest Halloween essay. In particular, Eric's advice to work to increase the adoption of Linux inside governments makes a lot of sense. If we can feed a government enough free software that it becomes addicted, that government is more likely to think twice before passing laws which are highly inimical to free software. Of course, that's "drug dealer" talk, which we'll get to in the next article.

Comments (20 posted)

A legal attack in Brazil

The recent reports that Microsoft has filed suit against Sérgio Amadeu, the president of the Brazilian National Institute for Information Technology and a leader of Brazil's move toward free software, have upset many in the community. This suit looks very much like an attempt to intimidate a government which has been making increasingly friendly noises about free software. A closer look shows that, while this may be the case, there probably is not too much to be concerned about here.

For the curious, Microsoft's complaint is available in PDF format. That complaint comes down to the following: Mr. Amadeu compared Microsoft's tactics to those of drug dealers, and Microsoft doesn't like it. So Microsoft has filed a a "demand for explanation" aimed at getting Mr. Amadeu to retract his statements, or, at least, to back them up in court.

The "drug dealer" comment was, beyond doubt, over the top. Many public statements made by Microsoft about free software are, beyond doubt, equally over the top, as is Microsoft's reaction in this case. Microsoft seems unlikely to get very far with this particular complaint, especially in the face of public statements like:

As long as they are going to steal it, we want them to steal ours. They'll get sort of addicted, and then we'll somehow figure out how to collect sometime in the next decade .

(Bill Gates, 1998, quoted in News.com). The most likely result of this action may well be to convince more governmental employees that dealing with Microsoft is generally a bad idea. This kind of ham-fisted attack seems unlikely to slow any government's move toward Linux, though it may make the people involved watch their words a little more carefully.

Comments (4 posted)

Large ISPs ponder spam

The Anti-Spam Technical Alliance is a consortium of large Internet service providers, including Yahoo, Microsoft, EarthLink, American Online, and others. This group has just announced the publication of a set of guidelines intended to reduce the amount of spam in circulation; the document is available in PDF format. These ISPs carry enough network traffic between them that it's worth looking at their recommended policies. After all, if these carriers decide to screw up the net, they could succeed in making a big mess for everybody.

The recommendations, unsurprisingly, are aimed primarily at ISPs. For the most part, they are reasonably obvious stuff; they include:

  • Close open relays. Most people who run mail systems will have done this some time ago; anybody who doesn't finds it hard to send mail after a short while. The guidelines also recommend tightening access to open proxies.

  • Shut down formmail.pl. It is hard to imagine that systems running formmail are still out there, but they must be. The LWN web server gets a handful of attempts to use formmail.pl (which has never been installed there) every day.

  • Detect and disconnect zombie systems. This clearly has to be done; compromised systems are increasingly in demand as spam sources. Detection of such systems should be relatively easy, most of the time; one hopes, however, that ISPs will be careful when deciding just how active they want to be when looking for compromised systems.

  • Use authenticated email submission. The report also recommends pushing customers over to the mail submission port (port 587) for feeding email into the system. Separating out the submission step, again, allows for prior authentication. Of course, implicit in all of this is the idea that ISP customers are not to be allowed to directly send mail to remote systems.

  • Put rate limits on outbound email traffic. Recommended limits are 150 recipients per hour, up to 500 recipients per day. This idea has all kinds of problems, starting with the effect it will have on anybody running a mailing list.

  • Close down web redirector services. Evidently some redirection services are open to anybody who wants to use them; putting redirected URLs into spam helps make the message look more legitimate and hide the ultimate destination.

  • Set up and use spam reporting services.

There is also a set of recommendations for bulk mail senders, with ideas like "do not harvest email addresses," avoid forged headers, and provide clear opt-out instructions. The best recommendation, however (which would be "cease and desist") is absent. The "recommendations for consumers" section limits itself to suggesting the installation of firewalls and anti-virus software.

In one sense, these guidelines are a step in the right direction. They are an admission from a number of large ISPs that they must take responsibility for spam originating on their networks. In the best possible scenario, ISPs will take a higher level of interest in their contribution to the problem and shut their spammers down. In the worst case, however, we could see a significant reduction in what "normal users" are allowed to do on the net, major hassles for anybody wanting to run mailing lists or handle their own mail, and increasingly intrusive probes from ISPs which are ostensibly intended to root out compromised systems - all with a wink to "legitimate" bulk commercial emailers and no real reduction in spam volumes.

For now, at least, vast parts of the net are beyond the control of these large ISPs. That puts a limit on their ability to make a significant dent in the spam problem, but also in their ability to impose their own vision of how the net should work. Limits of that sort can only be a good thing.

Comments (15 posted)

Page editor: Jonathan Corbet

Inside this week's LWN.net Weekly Edition

  • Security: Long-lived security holes; New vulnerabilities in DHCP, rlpr, super, usermin, ...
  • Kernel: DMA; Separating kernel source and object files; Reworking the wireless extensions; Kernel module debugging.
  • Distributions: Asianux 1.0.
  • Development: The New Age of Programming, new versions of ZODB, Sendmail, Project/Open, POE, Wasabi, SiGeFi, gnome-games, LTK, ImageProcess, Wine, TAP-plugins, OpenOffice.org, Mozilla, xtopdf, Conglomerate, Eclipse.
  • Press: The Linux Killer, INDUCE Act, Dvorak on Linux, Nokia funds Mozilla, DMCA challenges, Kommander review.
  • Announcements: Lindows in retail, RHAT results, Sheme workshop material, Linucon, OO.org conf, PHP Conf, Plone Conf, Planet Python.
  • Letters: dzt; exmh.
Next page: Security>>

Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds