Language Selection

English French German Italian Portuguese Spanish

Is Microsoft really any more trustworthy?

Filed under
Microsoft

Lately, Microsoft has been trying really, really hard to appear as open source’s best friend. All I can say is: “With friends like these, who needs enemies?”

Microsoft has been making all these wonderful promises of opening up APIs and protocols. The company just forgot to mention that it is only obeying the orders of the European Union court system.

If someone stole from you, and the courts ordered them to pay you back, how would you feel about them holding a self-serving press conference to tell you how generous they are? Or, as Michael Tiemann, head of the Open Source Initiative and a Red Hat executive, put it in an OSI blog posting on March 30th, Microsoft’s new weapon against open source: stupidity.

You see some people still believe that Microsoft offering patented protocols under “reasonable and non-discriminatory terms,” or “for free for noncommercial use without fear of lawsuits” is somehow some kind of olive branch to the open-source community.

More Here

Also from SJVN:

I couldn't make it to OSCON last week in Portland, OR, but I have read the announcements that Sam Ramji, the director of Microsoft's Open Source Software Lab, made at this open-source software show. They were the friendliest things I've ever seen come out of Microsoft towards open source.

The first announcement, that Microsoft was contributing a patch to ADOdb, a PHP database access interface, wasn't that big a deal. It is, after all, self-serving. Microsoft's contribution will enable people to use its own SQL Server instead of MySQL or PostgreSQL with PHP programs. Yawn. Nothing new here.

The second announcement, that Microsoft was placing its Communications Protocol Program under its Open Specification Promise, and clarified that developer could use the communication protocols to build open-source software for commercial use, sounded much more important than it really is. You see the European Union courts ordered Microsoft to open those protocols up. Samba and the SFLC (Software Freedom Law Center) hammered out an agreement late last year that spelled out how the protocols could be used while avoiding Microsoft patents.

Could Microsoft actually be getting an open-source clue?




More in Tux Machines

Games: Ostriv, Back to Bed, EVERSPACE, Hiveswap: Act 1

Openwashing and Microsoft FUD

BlueBorne Vulnerability Is Patched in All Supported Ubuntu Releases, Update Now

Canonical released today new kernel updates for all of its supported Ubuntu Linux releases, patching recently discovered security vulnerabilities, including the infamous BlueBorne that exposes billions of Bluetooth devices. The BlueBorne vulnerability (CVE-2017-1000251) appears to affect all supported Ubuntu versions, including Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus) up to 16.04.3, Ubuntu 14.04 LTS (Trusty Tahr) up to 14.04.5, and Ubuntu 12.04 LTS (Precise Pangolin) up to 12.04.5. Read more

Security: Updates, 2017 Linux Security Summit, Software Updates for Embedded Linux and More

  • Security updates for Tuesday
  • The 2017 Linux Security Summit
    The past Thursday and Friday was the 2017 Linux Security Summit, and once again I think it was a great success. A round of thanks to James Morris for leading the effort, the program committee for selecting a solid set of talks (we saw a big increase in submissions this year), the presenters, the attendees, the Linux Foundation, and our sponsor - thank you all! Unfortunately we don't have recordings of the talks, but I've included my notes on each of the presentations below. I've also included links to the slides, but not all of the slides were available at the time of writing; check the LSS 2017 slide archive for updates.
  • Key Considerations for Software Updates for Embedded Linux and IoT
    The Mirai botnet attack that enslaved poorly secured connected embedded devices is yet another tangible example of the importance of security before bringing your embedded devices online. A new strain of Mirai has caused network outages to about a million Deutsche Telekom customers due to poorly secured routers. Many of these embedded devices run a variant of embedded Linux; typically, the distribution size is around 16MB today. Unfortunately, the Linux kernel, although very widely used, is far from immune to critical security vulnerabilities as well. In fact, in a presentation at Linux Security Summit 2016, Kees Cook highlighted two examples of critical security vulnerabilities in the Linux kernel: one being present in kernel versions from 2.6.1 all the way to 3.15, the other from 3.4 to 3.14. He also showed that a myriad of high severity vulnerabilities are continuously being found and addressed—more than 30 in his data set.
  • APNIC-sponsored proposal could vastly improve DNS resilience against DDoS