[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Linux-aus] Flame Of The Week: John Parkinson on CIO.com



John Parkinson wrote the article, Tim Horgan is CIO's Webmaster, Vice 
President of Technology and Executive Director, Christopher Koch is 
Senior Editor of CIO (other pages report his address as ckoch@cio.com 
but I got no bounce).

For your amusement:

----------  Forward; originally to John & CIO  ----------

Subject: PLEASE do some real research before sounding off!
Date: Thu, 3 Jul 2003 18:17
From: Leon Brooks <leon@cyberknights.com.au>
To: john.parkinson@cgey.com
Cc: thorgan@cio.com, koch@cio.com, letters@lwn.net

Dear John

Quoting http://www.cio.com/archive/070103/et_pundit.html -

> Second, a lot of the intellectual property in Linux is actually
> owned by companies that never officially agreed to make it
> available under an open-source license.

I'd like to see it named. If it is *ever* named, I can promise you it
will be replaced with dizzying speed. The SCO Group (TSG, they are not
The Santa Cruz Operation) won't tell us which of the IP they claim as
their own supposedly is contained in Linux.

Mind you, TSG are claiming that everything since Babbage and Lovelace
is conceptually included in their flavour of UNIX, which they have
some licencing rights to (no patents, no trademark rights, and no
official copyrights) and therefore they own everyone's OS, even
Microsoft's.

Please, since you're obviously clear on what IP is involved, identify
it for us so that we can wash our hands of it!

We play our cards with an open hand, John Parkinson. Everybody can see
everything on our table. It makes no sense at all for us to steal code
from anybody, because we know that it's out there for them to see,
inspect, cross-reference, search, compare.

If TSG had any real evidence of plagiarism, they need only show it to
us and it's gone, rewritten in a flash. The fact that they have so
totally sanitised the handful of "evidence" so far seen (under NDA)
that it can't possibly be identified among the 3 or 4 million lines of
code in Linux speaks volumes for the weakness of their case.

I would expect TSG to sue people, and so should you - *if* you had done
any serious research. Darl McBride has a history of being a suer, and
The Canopy Group (the effective owners of TSG) are long-time suers too.
If not Linux companies, then someone else.

Their barratry is against IBM alone, not any other Linux company or
user, and it's over contractual limitations, not over patents or
copyrights. TSG are disputing software that they never wrote.

> But there are others, including Microsoft, that could do the same
> if they chose.

Yes, Microsoft are certainly at liberty to sue - but over what?

Microsoft's NT-series code-base is derived from MICA, a Vax/VMS variant
so totally different to Linux even before it became MS-Windows that it
would be much easier to write a new component from scratch than to try
bending MS-Windows code to fit Linux. MS-Windows is alien to everything
else. Linux, OS X, BeOS, Irix, FreeBSD all have more practices in
common between them than MS-Windows has with anything else.

It's worth noting that VMS features military-grade security which can
be enabled with very little effort, but MS-Windows NT and derivatives
are notorious for their lack of security (to say nothing of MS-Windows
9X). Many of my own customers asked me to install Linux for them
specifically because they knew it was more secure and robust than the
MS-Windows systems they had previously been using.

> Open-source software is free in the sense of "free speech"
> (which carries with it the connotations of certain rights
> and obligations), not "free ride" (which implies something
> for nothing).

It can be both. The whole concept of price is a bit outdated when
applied to Free/Open Source Software (FOSS). Someone who writes and
releases FOSS can be "paid" in fame, in people improving his/her
software for free, in people writing and improving related software for
free, in work that was previously unavailable, in many ways.

For the company employing FOSS, the up-front cost can make a
significant difference, and despite the many other advantages of FOSS
it is often cited as the primary reason for adoption. But the real
advantages of FOSS lie elsewhere, and the bigger ones are implicit in
not being owned by a company. Microsoft's software, for example, can
never enjoy these benefits to the same degree.

When a Microsoft employee writes software, it is Microsoft's software,
not his/her own. When a FOSS programmer writes software, (s)he owns it.
This one factor makes an enormous difference to the quality of product
and responsiveness of support as viewed by the end user.

When a program is FOSS, somebody else can audit it for security flaws
or useability, and change things to see what effect it has. This is
much more effective than a company doing its own auditing, since the
auditor brings very little of the author's corporate culture to the
table with them; they test things in different and unexpected ways and
so find more flaws.

When a program is FOSS, the authors are not as isolated from the end
users as they are in a corporation. The feedback loop is so tight that
it squeaks. When their program fails, the authors hear about it
directly. They are often able to ask detailed questions on the spot
that an ex-waiter with a tech-support knowledge base would never even
think of.

When a program is FOSS, there's no doubt or prevarication about how it
achieves any particular task. As well as debug-and-trace on a program
that you're trying to get interoperating with it, you have complete
access to the FOSS program for step-by-step and fine-grained diagnoses.
And of course no point in mystery protocols or proprietary barnacles
like lumps of binary amid one's XML.

If you want to learn about how a program, process or protocol works,
you have a working practical real-world example before you to tweak
and prod to your heart's content.

Nobody can force you to upgrade a FOSS program or accept new,
intrusive, insecure, unstable or dangerous features of it; the same
cannot be said of software with something to hide.

There are many, many ways besides the obvious ones in which FOSS saves
you money, not just up front but also in TCO. Many of the TCO studies
that I've seen do not even address these, yet time and time again I've
seen an attribute peculiar to FOSS save an office several thousand
dollars in consultancy time in ways that secret software could not.

> By my count, Red Hat issued more critical patches to its Linux
> distribution in 2002 than did Microsoft for the Windows 2000
> Server.

Which of RedHat's many Linux distributions? Did you remember to also
count the patches for MS-SQL Server, MS-Office, MS-Exchange,
MS-Outlook, Microsoft's games and so on?

Most modern Linux distributions include at least two each of SQL
database servers, web servers, FTP servers, full-strength mail transfer
agents, office suites, web browsers, email clients, instant messenger
clients, multimedia players, integrated development environments, the
list is endless. If Microsoft sold a CAD package, we'd even have
something to compare patches with against with QCAD and friends.

>From Microsoft, you get Windows, from Linux distributors, you get a
full house. If you're going to compare, it must be on an
apples-to-apples basis.

> The most successful open-source movement prior to Linux was the
> hacker movement

That statement is without rational meaning. There was no "hacker
movement".

People swapped recipes long before Richard Stallman was born; his GNU
tools long predate Linux (many of them predate the GNU Manifesto you
mention) and were in their time wildly successful.

You mean "crackers" anyway, not "hackers". A cracker is malicious and
destructive, a hacker is benign and constructive. Many crackers claim
to be hackers, but they're mere wannabees.

Hardware hackers basically invented computers, built the working
implementations that led to what you sit in front of today. All
crackers really do is write viruses, boast, and destroy stuff.

Crackers are not predisposed to opening their sources, and often
entertain themselves by burying unannounced back-doors in the
closed-source "root kits" that they do release. Back Orifice, for
example, is not Open Source.

> not exactly the kind of folks that corporate decision-makers
> want associated with their platform software

What you have done here is create that association ex nihilo. Without
careless, destructive and purportedly authoritative statements along
these lines, no other association between crackers and the people
making quality FOSS code exists or can exist.

Have a look at the list of authors that contribute to a typical FOSS
project: engineers, IT managers, scientists, system administrators.
They are talented, constructive people. They exemplify the *enemies* of
the destructive people you here claim sit in their places.

Do you get both fresh water and salt from the same spring? Do car
thieves suddenly turn around to tune your car, add a towbar and fix any
scratches for free?

To say that your assertion insults me as a FOSS developer is a gross
understatement.

> Some of these folks (reportedly from the fringes of the
> open-source community) surfaced last week and shut down the
> SCO website with a targeted denial-of-service attack that
> used knowledge of Linux's innerworkings to improve its
> effectiveness.

And your evidence for that is...? Who reported that? Wouldn't it make
more sense to assume that the attackers were black-hats glad to feel
justified in doing something destructive?

If you're going to badmouth people, John, at least have enough sense to
be able to defend yourself against the libel charges when they arrive.

> Is open source mature yet? Probably not-but it's certainly
> getting closer.

This statement is completely meaningless without comparison, and mostly
meaningless with it. And do you use the software you damn with mixed
praise? Would you really know what it's like?

Is KMail more mature than virus-flypaper MS-Outlook? Yes. Is PostFix
more mature than resource-hog management-nightmare MS-Exchange? Yes. Is
Linux more mature than lets-shove-everything-in-slash-etc SCO? Yes. Is
The GIMP more mature than PhotoShop? No, but it can do things that
PhotoShop can't. Is Apache more mature than IIS? Yes. Is OpenOffice.org
more mature than MS-Office? That depends on what you're doing with it.

Software will never be "mature." There will always be more things you
can do with it, more areas it can include and which it will be
immature.

You should be asking questions like "Is a FOSS product available to do
X which is at least as functional, secure and reliable as its secret
counterparts?"

How does FOSS stack up on those terms? Web server? Check. FTP server?
Check. SQL database? Check. File server? Check. Office suite? Check.
Operating system? Check. VPN technology? Check. Mail application?
Check. Web browser? Check. CD/DVD burner? Check. Development suite?
Check. Sound editor? Check. Clustering? Check. Network management?
Check. And so on. Pick a topic.

Many of those are wildly more successful than most privately held
counterparts, and/or have two or more candidates for the slot.

For examples: Linux is pushing for the top seats in clustered
computing, the same Linux that runs your workstation and maybe your
router. The only other systems which seriously compete with it in the
supercomputer arena are purpose-built Unices. Microsoft competes in
TPC benchmarks only by using machines with twice the horsepower.
Apache powers more than twice as many websites as IIS. Yes, "and so
on".

> Encouraging independent developers is an important part of the
> innovation process in the software industry; and widely shared,
> adequately protected intellectual property is a powerful
> incentive for innovation.

You're describing the GPL. It encourages independent development by
adequately protecting the intellectual property of FOSS developers
against poaching, and innovation by providing enough prerequisites that
each innovator doesn't have to re-invent the wheel by themselves.

But your article doesn't encourage independent development, it actively
discourages it by undermining confidence in the very breed of software
which is presently undergoing the most innovation.

The bottom line is that the "issues" you raise are all phantoms, mostly
wrong and often insulting. If you were trying to write a balanced
article, you failed. If you were trying to cast destructive doubt upon
Linux, you succeeded.

Naysayers will be pointing to your article for years to come, not
because they think it is in any way fair or balanced but because of the
fear-inducing assertions in it.

I'd very much appreciate you publishing a retraction.

Cheers; Leon

-------------------------------------------------------

-- 
http://cyberknights.com.au/     Modern tools; traditional dedication
http://plug.linux.org.au/       Committee Member, Perth Linux User Group
http://slpwa.asn.au/            Committee Member, Linux Professionals WA
http://linux.org.au/            Committee Member, Linux Australia