decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books
Your contributions keep Groklaw going.
To donate to Groklaw 2.0:

Groklaw Gear

Click here to send an email to the editor of this weblog.


To read comments to this article, go here
To Trust Or Not To Trust, That is the Question
Wednesday, May 04 2005 @ 12:08 AM EDT

Here's a study in contrasts. First, from the proprietary world, we have an article on ZDNET about the Federation Against Software Theft (FAST) which is telling companies their IT staff can't be trusted. They say they need to be monitored to make sure they don't download software on to company computers:

FAST said that directors should be aware that their company's Internet activity could be being monitored by FAST itself, and any employee who downloads software illegally could make them personally liable for copyright infringement.

“All too often IT policy enforcement and management is left solely to the IT department, in the belief that when IT staff say that correct licences are in place, they are," said John Lovelock, director general at FAST. "But directors must not allow themselves to be fobbed off by IT staff as they can also be the culprits. Company directors need to have a firm grip on their technically able IT staff.”

So, more bullying from the software police. And just in case company directors don't get "a firm grip on their technically able IT staff", FAST is watching and will hold companies responsible for any IT staff misdeeds. What kind of world is that?

In contrast, you could join the Free World of software, where software is meant to be shared and nobody is monitoring anybody for a living. You do have to abide by the licenses, but they are not hard to abide by. Notice the contrast in this charming story about the Linux Kernel Archives. It's all volunteers, donating their time and expertise, and sometimes their equipment too. Thank you, HP, for donating new servers:

In a recent announcement to the Linux Kernel Mailing List, H. Peter Anvin detailed a recent upgrade of the infrastructure behind kernel.org. The new servers were donated by Hewlett-Packard, and are each quad Opterons with 24 gigabytes of RAM and 10 terabytes of disk space.Internet Systems Consortium, Inc. donates the bandwidth in the form of two independent gigabit-connected datacenters, PAIX Palo Alto ande200paul in San Francisco. H. Peter Anvin, Nathan Laredo, and Kees Cook all donate time to maintain the archives

It's a different mind set. And yet, the Linux cash cow sprang from it.

One thing Stallman was right about: licenses like the GPL which foster cooperation do impact what kind of a person you end up being and what kind of world we live in. It also can affect your business life, because you need to ask yourself: do I really want to spend time and resources on license upgrades, checking, monitoring, getting a tight grip on my IT staff, etc.? Or do I want to concentrate on my core business?

Not having to worry about such things isn't the only benefit to openness. SANS has just published its new list of Top 20 Most Critical New Vulnerabilities, and again Microsoft predominates. Business Week explains how a vulnerability makes it to the SANS top 20 list:

In selecting the top vulnerabilities, SANS uses five criteria: The problem must affect a large number of users. It must remain unpatched on a substantial number of systems. It must allow the takeover of a computer by an unauthorized remote user. There must be enough information about the flaw available on the Internet to let attackers exploit it. And it must have been discovered or first patched during the first three months of the year.

To no one's surprise, Microsoft's (MSFT ) Windows operating system and its components lead the list . . .

There are only two that could can affect a GNU/Linux user that I could see, and only if they use software that isn't integral to Linux. The two are a multiple media player bug that affects Linux Real Player 10 (along with Windows and Macs) and a Computer Associates License Manager bug. Neither was born in GNU/Linux, you might say. By that I mean, the Real Player problem affects you if you use Linux RealPlayer 10. There are many other media players in the GNU/Linux world. The CA bug affects the following: "All CA products that use the vulnerable CA License Package on AIX, DEC, HP-UX, Linux Intel, Linux s/390, Solaris, Windows and Apple Mac OSs are affected." So that one isn't Linux-specific in any way. But look at the extensive Microsoft list. It's simply amazing. I can't help but ask, why is anyone still using IE? And where in the world does Microsoft find folks willing to tell us with a straight face that Linux is less secure than Windows?


  View Printable Version


Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )