Google Desktop is now available for Linux

June 28, 2007 Leave a comment

At the Linux Foundation Collaboration Summit, it was alluded to by a few Googlers that more Google Linux apps were coming “real soon now”. Making good on that quickly, Google just released the Google Desktop for Linux. While it is a native app, it’s not Open Source. It would be interesting to see a side-by-side comparison of this and Beagle (which I admit to not using). It’s good to see that, unlike in many cases, the Linux version looks to be an exact feature match with the Windows and OS X versions. At this point I think SketchUp and Notifier are the only two Google apps left without some kind of Linux version available.

–jeremy

Filed under Google, Linux, Linux Foundation, Open Source

Windows Vista – 6 Month Vulnerability Report

June 22, 2007 1 Comment

Jeff Jones, a Security Strategy Director in Microsoft’s Trustworthy Computing group, recently posted a 6 Month Vulnerability Report that compares Windows Vista, Windows XP, RHEL WS 4, Ubuntu 6.06 LTS, Novell SLED 10 and Apple OS X 10.4. Jeff has pointed out his potential bias, so I won’t even get into that angle. This report indeed does a better job than some from a methodology standpoint. For instance, he didn’t simply compare a default RHEL install, which includes a full Office suite and a whole host of apps not found in a default Windows install, with a default Windows install. He attempted to rip out the packages from the Linux installs that he perceived as being extra functionality when compared to a Windows install. This gives a much better baseline.

I’d like to simply offer a couple items that I think make reports like these a bit misleading. First, there is no standard definition of what a “Critical” or “High” security level is. It’s usually up to the vendor. It’s therefore possible that some vendors would rate nearly identical vulnerabilities with different severities. Second (and more importantly), we’re of course only looking at reported vulnerabilities here. Due to the Open Source nature of Linux, it’s much more likely that vulnerabilities will be discovered, reported and addressed. I’d contend that there are many more unreported vulnerabilities (which can be and in fact are still exploited) in proprietary software. If done again, another component I’d like to see added is average time to fix from time of first report. I’d be remiss if I didn’t point out that there are points that can easily be made for the flip side of the coin. The obvious one is that with a much larger install base, many more people will be targeting XP and Vista than other operating systems. In the end, statistics can almost always be made to say whatever you’d like.

–jeremy

Filed under Linux, Microsoft, Open Source

Will The Real Open Source CRM Please Stand Up?

June 21, 2007 1 Comment

Michael has addressed an issue that has been stewing for a while (and one I have covered on this blog quite a bit). From his post:

Dana Blankenhorn’s story How far can open source CRM get? has finally pushed me to respond to the many people who have asked “When is the OSI going to stand up to companies who are flagrantly abusing the term ‘open source’?” The answer is: starting today.

I am not going to start by flaming Dana. As President of the Open Source Initiative, I feel a certain amount of responsibility for stewardship of the open source brand, including both the promotion of the brand as well as the protection of the brand. The topic of “what is really open source and what is not?” has been simmering for quite some time. And until last year the question was trivial to answer, and the answer provided a trivial fix. But things have changed, and its time to regain our turf.

He continues:

So here’s what I propose: let’s all agree–vendors, press, analysts, and others who identify themselves as community members–to use the term ‘open source’ to refer to software licensed under an OSI-approved license. If no company can be successful by selling a CRM solution licensed under an OSI-approved license, then OSI (and the open source movement) should take the heat for promoting a model that is not sustainable in a free market economy. We can treat that case as a bug, and together we can work (with many eyes) to discern what it is about the existing open source definition or open source licenses made CRM a failure when so many other applications are flourishing. But just because a CEO thinks his company will be more successful by promoting proprietary software as open source doesn’t teach anything about the true value of open source. Hey–if people want to try something that’s not open source, great! But let them call it something else, as Microsoft has done with Shared Source. We should never put the customer in a position where they cannot trust the term open source to mean anything because some company and their investors would rather make a quick buck than an honest one, or because they believe more strongly in their own story than the story we’ve been creating together for the past twenty years. We are better than that. We have been successful over the past twenty years because we have been better than that. We have built a well-deserved reputation, and we shouldn’t allow others to trade the reputation we earned for a few pieces of silver.

Open Source has grown up. Now it is time for us to stand up. I believe that when we do, the vendors who ignore our norms will suddenly recognize that they really do need to make a choice: to label their software correctly and honestly, or to license it with an OSI-approved license that matches their open source label. And when they choose the latter, I’ll give them a shout out, as history shows.

Please join me, stand up, and make your voice heard–enough is enough.

I think most of us in the community agree that some companies are completely and utterly abusing the words Open Source. I’d guess some of it is intentional and some of it is not. In both cases though, it hurts us all. It creates confusion, mistrust and more. However, with the proliferation of companies that are absolutely not proprietary but also not quite OSD-level, I think it’s in the OSI’s best interest to come up with a taxonomy that properly addresses the issue. Without that, you’re telling some very well meaning companies that do a lot of good for the greater OSS community to go away. While I (and, of course many of you) believe strongly in Open Source it is still a bit of a leap of faith for many (and one need look no further than threads like this to see how much confusion and misunderstanding is still out there). Once a proper taxonomy is in place I think action should be both swift and comprehensive. Companies on the fringe can be made aware of the new taxonomy and where they fall. At that point the only violators left will be of the intentional and malicious sort, so they can be dealt with in a harsh way with little chance of collateral damage.

Open Source. Those two words mean so much. It’s important we protect them. It’s also important that protection comes in a way that’s congruent with the community spirit.

–jeremy

Filed under Open Source, OSI

More Microsoft Patent Dealings

June 19, 2007 Leave a comment

So, Linspire is the latest company to sign a patent deal with Microsoft. They’ve even managed to wrangle some additional items they claim are not in the other deals:

Linspire Inc. has announced an agreement to license voice-enabled instant messaging, Windows Media 10 CODECs, and TrueType font technologies from Microsoft for its Linux distribution. Additionally, Microsoft will offer protection to Linspire customers against possible violations of Microsoft patents by Linux.

In his June 14 weekly Linspire Letter, Linspire CEO Kevin Carmony stated, “This agreement will offer several advantages to Linspire Linux users not found anywhere else, such as Windows Media 10 support, genuine Microsoft TrueType fonts, Microsoft patent coverage, improved interoperability with Microsoft Windows computers, and so on.”

Linspire has always been more willing than most to include proprietary codecs and drivers, so this is no surprise. While I may not agree with their stance, I do think they are legitimately trying to improve the desktop Linux experience, and you can’t fault them for that (or at least I don’t). I do find it odd that they’d choose to have a demonstrably inferior product in Live Search be the default, but I digress. What’s troubling once again is the inclusion of dubious patent protection. Now, Linspire (nee Lindows) and Microsoft have a tumultuous history. In that vein, this post has some interesting tidbits.

We now have three Linux distributions wrapped up in this patent debate. It was speculated that Mandriva may be next. Based on the profile of the latest two companies, it seemed a logical guess if you had to make one. It’s good to see that they have gone on the record saying that it’s not going to happen. Red Hat already rejected the idea and Mark made his feelings very clear in this post:

There’s a rumour circulating that Ubuntu is in discussions with Microsoft aimed at an agreement along the lines they have concluded recently with Linspire, Xandros, Novell etc. Unfortunately, some speculation in the media (thoroughly and elegantly debunked in the blogosphere but not before the damage was done) posited that “Ubuntu might be next”.

For the record, let me state my position, and I think this is also roughly the position of Canonical and the Ubuntu Community Council though I haven’t caucused with the CC on this specifically.

We have declined to discuss any agreement with Microsoft under the threat of unspecified patent infringements.

Allegations of “infringement of unspecified patents” carry no weight whatsoever. We don’t think they have any legal merit, and they are no incentive for us to work with Microsoft on any of the wonderful things we could do together. A promise by Microsoft not to sue for infringement of unspecified patents has no value at all and is not worth paying for. It does not protect users from the real risk of a patent suit from a pure-IP-holder (Microsoft itself is regularly found to violate such patents and regularly settles such suits). People who pay protection money for that promise are likely living in a false sense of security.

I welcome Microsoft’s stated commitment to interoperability between Linux and the Windows world – and believe Ubuntu will benefit fully from any investment made in that regard by Microsoft and its new partners, as that code will no doubt be free software and will no doubt be included in Ubuntu.

He also goes on to state why he dislikes OOXML.

With regard to open standards on document formats, I have no confidence in Microsoft’s OpenXML specification to deliver a vibrant, competitive and healthy market of multiple implementations. I don’t believe that the specifications are good enough, nor that Microsoft will hold itself to the specification when it does not suit the company to do so. There is currently one implementation of the specification, and as far as I’m aware, Microsoft hasn’t even certified that their own Office12 completely implements OpenXML, or that OpenXML completely defines Office12’s behavior. The Open Document Format (ODF) specification is a much better, much cleaner and widely implemented specification that is already a global standard. I would invite Microsoft to participate in the OASIS Open Document Format working group, and to ensure that the existing import and export filters for Office12 to Open Document Format are improved and available as a standard option. Microsoft is already, I think, a member of OASIS. This would be a far more constructive open standard approach than OpenXML, which is merely a vague codification of current practice by one vendor.

The speculation as to what Microsoft’s end goals are with this remain all over the map. I maintain they themselves may not even be sure yet. One might think they are trying to fracture the Linux market – a sort of divide and conquer. As long as Ubuntu and Red Hat remain on the other side, however, that plan isn’t going to work. The only real loser in that scenario would potentially be Novell. It’s clear that smaller, desktop oriented companies are their current sweet spot, which says a lot in my opinion. Not sure where this is all going, but it’s getting more interesting to watch by the day. Stay tuned.

–jeremy

Filed under Linux, Microsoft, MSFT, Novell, ODF, Red Hat, Ubuntu

Update: Free Ubuntu Live Conference Pass

June 19, 2007 Leave a comment

A follow up to this post. I’m happy to announce that a winner has been selected and Benanzo will be receiving a gratis pass to Ubuntu Live via O’Reilly Media compliments of LinuxQuestions.org. A big thanks to O’Reilly for allowing us to do this. See you in Portland.

–jeremy

Filed under Linux, LinuxQuestions.org, Ubuntu

Future of Enterprise Linux kernels

June 19, 2007 Leave a comment

Greg K-H discusses the current state of Enterprise Linux kernels. This is a topic that was discussed at length at the LF Collaboration Summit and is one of those issues that has a whole host of pros and cons on all sides. It’s easy to point out the flaws with the current setup, but very difficult to come up with a system that doesn’t have different, but just as serious, flaws. Greg gives a a great synopsis of the current situation and it’s telling that even the Novell/SuSE kernel team doesn’t agree fully on the issue. This is something I think is critical to the future success of Linux. I don’t have any direct suggestions at the moment, but it’s a topic I think needs as much exposure as possible.

–jeremy

Filed under Linux, Linux Foundation, Open Source

Linux leaders plot counterattack on Microsoft

June 15, 2007 Leave a comment

This is from an article recently posted to Reuters about the Linux Foundation Collaboration Summit:

Dressed in the alternative software movement’s casual uniform of T-shirts and jeans, the group is coming to grips with internal divisions that sap at its success — Linux is now used to power desktop computers, major Web sites, mobile phones — since rival factions often create very similar products.

But as many of the world’s top tech companies and corporate customers demand ever more from Linux, open source devotees still fight among themselves with the fervor of a tiny monastic order seeking to root out theological error in their midst.

“Guys: Be seekers of truth, not finders of contradiction,” Jim Zemlin, executive director of the Linux Foundation, organizer of the event, only half-jokingly told the 150 attendees of what is billed their “Collaboration Summit.”

Collectively, the group is militantly opposed to Microsoft, which some attending the summit openly refer to as “the enemy.”

The thing I really don’t like about the article is the headline. It’s an attention grabber, meant to pull in readers. But, the fact is that nothing could be further from the truth. Having attended the event I can say the the subject of Microsoft was barely even broached. In fact, one of the panels included some of the best Open Source lawyers on the planet. The likes of Andrew Updegrove, Karen Copenhaver and Mark Radcliffe. The audience could ask this ridiculously prodigious group any questions they wanted. The recent Microsoft patent deals were not brought up a single time to my recollection. This summit was about how to better work together within our community, how to collaborate with each others in ways that make sense, how to improve freedom and how to build the absolute best products and services in the world. That’s a change from some events in the past, where it was about Microsoft. It’s good to see we’ve moved on to more important things. Yes, some people do disagree on some things. We’re able to rationally discuss those points as a community though, and through it all that makes us stronger. If 100% of the people in your organization agree on everything, you’re either not doing anything interesting or people are just scared to speak up. Both are bad.

–jeremy

Filed under Linux, Linux Foundation, Microsoft, MSFT, Open Source

Linux Foundation Collaboration Summit Update

June 13, 2007 Leave a comment

It’s lunchtime at the summit and I have enough time for a quick update. First, a big thanks should go to Google. They are treating us extremely well and it’s fantastic that they do things like this. The last time I was at the GOOG campus was just pre-IPO, and a lot has changed to say the least. The SGI sign is even gone now :)

The conversation so far has been both interesting and very real. To me, those are key components of collaboration, which is what this summit is supposed to be about. Mark had it right when he said that the people in this room agree on far more than they disagree on. In the middle of a flame war, that’s sometime easy to forget.

A couple highlights from the discussion (kudos to the Linux Foundation for explicitly stating that the first day here is 100% bloggable):

* The crowd here is extremely varied with almost all major groups including vendors, coders, hackers, community, users, ISV’s and more represented.
* A data point I wasn’t aware of: somewhere around 1/4-1/3 of the actual Linux kernel code is in fact licensed as “GPLv2 or later”. This has some interesting implications.
* Some day, a dual GPLv2/GPLv3 Linux kernel may be theoretically possible. A GPLv3-only version will not happen.
* Both the GPLv3 discussion and the ATI/nVidia discussion is wearing a bit thin on many people…
* One reason companies like Motorola are so interested in mobile Linux (which is going to be absolutely huge from the looks of things) is that they have some measure of control over the platform. When you get a tome from the carriers stating what you must conform to if you want to run hardware on their network, having access to the code on your phone isn’t a luxury… it’s a business differentiator.
* For mobile Linux to really gain traction, it needs to be a consistent platform. If it’s not, content partners won’t be able to make the business case to support it. (ie. They want to support “mobile Linux” for their apps and content, not have to support each and every phone/carrier combo which run slightly different Linux variants individually)
* It would be a boon if bug reporting was easier, especially with regard to better communication and process flow between distros and upstream (confederation was mentioned).

A lot more was discussed, but alas…lunch it over. Should have another update at some point.

–jeremy

Filed under Google, Linux, Linux Foundation, Open Source

Linux Foundation Collaboration Summit

June 12, 2007 Leave a comment

I take off for the Linux Foundation Collaboration Summit in about an hour. Really looking forward to the event. If you’re staying at the Wild Palms and would like to meet for a drink/chat tonight, I should be at the hotel by about 9PM. Feel free to send me an email while I’m in the air.

–jeremy

Filed under Google, Linux, Open Source

Linus on GPLv3

June 12, 2007 Leave a comment

Linus made a couple interesting comments on LKML a few days ago regarding the GPLv3:

I was impressed in the sense that it was a hell of a lot better than the disaster that were the earlier drafts.

I still think GPLv2 is simply the better license.

I consider dual-licensing unlikely (and technically quite hard), but at least _possible_ in theory. I have yet to see any actual *reasons* for licensing under the GPLv3, though. All I’ve heard are shrill voices about “tivoization” (which I expressly think is ok) and panicked worries about Novell-MS (which seems way overblown, and quite frankly, the argument seems to not so much be about the Novell deal, as about an excuse to push the GPLv3).

and

Btw, if Sun really _is_ going to release OpenSolaris under GPLv3, that _may_ be a good reason. I don’t think the GPLv3 is as good a license as v2, but on the other hand, I’m pragmatic, and if we can avoid having two kernels with two different licenses and the friction that causes, I at least see the _reason_ for GPLv3. As it is, I don’t really see a reason at all.

I personally doubt it will happen, but hey, I didn’t really expect them to open-source Java either(*), so it’s not like I’m infallible in my predictions.

If you’ve been following this you’ll notice that Linus’ opinion of the GPLv3 has gotten slightly more positive with each draft, which is a good indicator that the FSF really has been proactively responding to criticisms and valid objections. I’d guess that the definitive addition of Apache compatibility will lead to some additional adoption (which is my guess on why they added it in the end). Linus is pragmatic as usual in his above comment about OpenSolaris. If Sun does indeed release it under the GPLv3 and Linux is able to follow, that would be a huge win for both. There’s a ton of innovation on both sides that would finally be able to flow back and forth. Whether that will happen remains to be seen, but at least now it’s a possibility.

–jeremy

Filed under FSF, GPL, GPLv3, Linux, Open Source

Older posts

Newer posts