Sunday, July 29, 2007

New virus worth $80bn to EC economies

Hi. I'm a virus writer. This is the first time I write something on the Internet, so I'm a little nervous. I thank Mr. Beez for allowing me to do so. Thank you, Mr. Beez! Well, I'm not so much as a virus writer, I'm more of a script kiddy. I like disrupting PC's, just like Mr. Microsoft. I heard that Mr. Microsoft has been in a little trouble lately with his Vista thing, but now it is alright, I think. He will be shipping his Vista thing in a few months now.

Yes, yes, Mr. Beez, I'll come to the point. Well, the reason Mr. Beez asked me to write this is that I have done in one night, what Mr. Microsoft couldn't do in five years. In essence, my little virus installs an Aerobic Vista look on every XP computer it infects. Of course, I didn't write that myself (like Mr. Microsoft), but I borrowed some code somewhere else.

A less favorable side effect is, that it slows the computer down and uses more memory. Just like Mr. Microsoft! Of course, it is not nice to write a virus that does nothing bad at all, so I added some code that will slow down or stop the fan <chuckle> <chuckle>!! So everybody will need to buy a new PC! Like Mr. Microsoft! No, I didn't write that myself.. But Mr. Microsoft doesn't have it. It has only this aerobic thingy. There's nothing in the virus that boosts your productivity. That wouldn't be fair to Mr. Microsoft.

In my most conservative estimate, it will infect about sixty million PC's in Europe over the next three months. That is twice as much as Vista in a quarter of the time. That will generate $80 billion in the EC due to "cascading economic benefits" from increased employment and taxes, creating a stronger economic base. That's not bad for one night work, isn't it, Mr. Beez?

I've already written EU competition commissioner Neelie Kroes complaining that delays to my virus (e.g. by virus scanners) could harm European competitiveness. That's logical, isn't it? We would have a head start. It will take the United States at least half a year to catch up! And the process is completely automated on top of that! It won't even cost you a penny!

Of course, writing a virus is still punishable by law. I've already talked to Chris Heaton-Harris and Roger Helmer (both MEP) to lift that legal restriction, just like Mrs. Microsoft-Ballmer (I didn't know he was married). Although she got just a little fine, I think. We will continue these talks at my next address:

68 Hornby Road
L9 3DF United Kingdom

What did you say, Mr. Beez, I got some names wrong? Well, that happens to you all the time, doesn't it?

Every dictator fears revolution

Recently, a few misguided people published their rants on the internet. Like Iain Ferguson of ZDNet Australia. Most of these people aren't developers or have used anything else than their good old Windows. They are invited to cool Microsoft parties, where they drink an expensive Bordeaux of the sixties and are entertained by the best artists. I've been to these parties too and it is not that hard to feel important when you're there. Especially when you're not much to begin with.

The Open Source community does not throw parties like that. You even got to pay for your own beer and the best entertainment you will get is people showing of the last version of their software. Which is not very interesting when you're not developing yourself and even more when it is a CLI application.

So when you got to choose your friends, it is not too hard, ain't it? You got to take those 1000-dollar suits with lots of money and their carefully articulated PR-mumbo jumbo more serious than a bunch of badly shaven T-shirt and torn jeans wearing kids. Even more when these kids are insulting your best friends and are naively giving away their stuff, hurting their business. There got to be a way to protect the world from these rascals, isn't it? Let's try "intellectual property" or "patents" or "DRM" or "DCMA". Any which way but loose. Don't these kids know they're destroying their own future? Doesn't anyone fancy a job he's got paid for?

So, shut up until you know what you're talking about! So very sad, so misguided.. I have been in this business for over 20 years and a developer for even longer. I think I know what I'm talking about. I've always gotten paid for what I do. And like everyone else, I'm also a user. And that is where this story starts..

Like everyone else, I've been using Microsoft products for fifteen years, both privately and professionally. I've always been appalled by their quality. Even to this day, I am unable to get any marginally complicated Access application stable. Which Microsoft admits: don't write any serious application in Access! Professionally, I have turned to PHP and a bunch of other Open Source tools to create applications that simply work. All the time.

And it doesn't stop there. Recently, Microsoft admitted that their key asset, the Windows operating system, is so flawed that their have to rebuild it from scratch: Windows Vista. I am not a religious fanatic. Quite the contrary: the Dutch are very practical people. Whatever works goes. Given all the information, it is quite a sign of religious fanatism to stay with Microsoft. Microsoft isn't a software developer, it is a money making machine, just like MacDonalds isn't here to cure obesity.

I've started with Linux in 2000. First in a dual-boot configuration, now exclusively. I've haven't had even the minutest problem. Is it a wonder I've become enthousiastic? I've been able to introduce Open Source at work too. I've been able to develop solutions that simply work for a fraction of the cost. Solutions that are easy to install, maintain and have a very low downtime. I could never have done that with proprietary solutions.

I've been developing Open Source solutions since 1996. Simply because I wanted to return something to the community that gave me that much. I've modified other Open Source programs I downloaded and returned those modifications to the original authors, so others could benefit. Others modified my programs and I still thank them for that. Schools are using my compiler to teach kids how to program. I'm pretty confident my compiler has few bugs, because contrary to my paid hours, I have the time to tune and improve on my programs. First, because I take great pride in what I can do and second because I simply have the time to do so. Time to market isn't an issue.

Linus once said, "the difference between commercial programs and Open Source is that the latter is created with love". That's why the stuff is that good. That's why the stuff will always be better and less bug-ridden than commercial software. Independant research has proven that much already. So, let's get real: it is not about the quality of the software.

Let's analyse the interests here. If you want the truth, just follow the money. If you touch commercial software, you touch their business, which easily translates into stockholders and money. If you touch Open Source software, you touch the community. It becomes much more personal here. A good software developer is an artisan, someone who takes prides in his craftmansship. It has nothing to do with religious fanatism, it is personal pride. It is the thing you made with your bare hands.

In the old days disciples had to make a masterpiece to become a master. They weren't really paid for that, it was just a proof of what they could do. There was a part of their soul in that piece. Our modern Open Source community is made of people like that.

Another point is that they were once users themselves. You don't scratch when you don't have an itch. But Windows was such an itch, so they created Linux. Word was such an itch, so they created Abiword. Visual Studio C was such an itch, so they created GCC. Users that take the course of history into their own hands are revolutionaries, that's true. But those who fear a revolution are usually the dictators.

Iain Ferguson was never someone like that. Those who can do it. Those who can't become editors who visit Microsoft parties and network with the suits. They don't see the grannies who paid 500 bucks for a computer and see it crashing in their face all the time. They don't see the real users for whom programs are tools they need every day and rely on them. I and others see that all the time.

I don't care if I hurt the business of your drunk, 1000-dollar suit, so called "friends", Iain. I don't care if you tell me to shut up, Iain, because I will say the same to you. Shut up, until you know what you're talking about. And I promise you: if you stop calling me a religious zealot, I will not say again that you're a incompetent freeloader. Please note, there are quite tasty vins de pays too.

[Ed: readers are kindly requested to read this blog too]

GNU and communism - labelling for the dumb and the dumber

The most intelligent label I ever saw was on a railway station in Woerden. It was upside down. All commuters turned their head to see was was written. It said "This label is upside down", which was completely correct.

When I made my way outside, I saw the same label again. This time it was instantly readable. And then it dawned on me. The label was still correct. Positioned this way, it had lost all its purpose. The only way it had any effect was when people were forced to turn their head. So, whatever it's position the label was always correct. I've never seen a label like this again.

Labels are easy. When you put them on a jar, you instantly have an idea what is inside, whether it is correct or not. Labels are a fine thing for jokers. They can make you put salt in your coffee or make you smoke oregano (if you happen to live in Holland).

Labels are also dangerous. If you think a jar contains salt and you put arsenic to your boiling pasta you can kill someone. Labels are fine for criminals too if you come to think of it.

Labels can also spread fear. Labels like "arsenic" can make you avoid a harmless jar of salt, simply because you think it is going to kill you if you use it. Most people do not have a lab at home to test it. Others will simply throw the jar away, because it is too much trouble to test it and a pack of salt is quite cheap. They have other things on their mind or simply don't want to take any chances.

In short, labels are a shortcut to thinking. Like any instrument, they can be quite useful. However, in the hands of a criminal they can be a disaster.

Warmongers and propaganda secretaries use labels as well. 'Jewish conspiracy' was enough to get you to the concentration camps in Nazi Germany. 'Nazi' was enough to send you to the goelag in the former USSR. 'Communist' was a free ticket to destroy someones life in USA of the fifties. Yell 'Microsoft' and you will have the attention of any OSS proponent. If someone starts throwing labels you are sure they want to get their point across no matter what.

The idea is simple: throw a label first and people will start to overlook any flaws in their arguments afterwards. The label is enough.

Having lived in Europe all my life, the word 'communist' will not ring any alarm bells with me. Almost every student in Europe has flirted with socialism or any other left wing movement at one time or another. I've visited a lot of 'socialist republics' before the wall fell. Socialism (in any form or shape) was a part of my study in those days, just like capitalism. So I think that I know a little bit of what I'm talking about.

What I regularly see on the internet is that people who don't have a clue of what 'communism' is about start throwing labels in order to cloud the minds of ordinary men. They've never visited a 'communist' country, spoken to a 'communist' or read a book on 'communism'.

First, 'communism' is a word that is exclusively used by 'non-communist' countries. 'Communist' countries don't call themselves 'communist', because that concept is excusively used to indicate a perfect socialist state. The 'communists' paradise, so to say. A clear indication that someone who uses that word is out to confuse you. Mohit Joshi is such a man.

In his article he again tries to place Open Source into the 'communist' leage. And although he writes a lot, his reasoning is seriously flawed. The techniques he uses are familiar. Joseph Goebbels was a master in mixing facts and half-truths in order to persuade the public to make the wrong conclusions.

First flaw: " History has repeatedly shown that these things are best left to market forces – which is one of the biggest democratic forces." As a matter of fact quite the contrary is the case. Let's examine the case of "Standard Oil". I've taken this from the Wikipedia, according to Mohit Joshi probably a 'communist propaganda site', but if he's not happy with the text, I promise you we won't send him to the goelag, but let him simply correct any misrepresented facts.

"Standard Oil's quasi-monopolistic position had been established through aggressively anti-competitive business practices, including a systematic program of purchasing competitors or running them out of business by any means necessary, legal or otherwise."

Hmm, sounds familiar, huh? I can't put my finger on it, but it makes me think of a certain software giant. Anyway, I think there are few people that consider price fixing, bid rigging, and market allocation schemes "one of the biggest democratic forces".

Later on he argue: "So had any of these vendors seriously considered marketing UNIX at a commodity price, there would have been no Linux." Well, Linux comes with a GNU license, which (according to Mohit Joshi) is anti-democratic ('communist', so not a 'democratic' market force). However, if the Open Source Movement "was born out of necessity to create efficient software", which one was more democratic to your taste? In one single line he also denies Microsoft the argument, that Open Source "stiffles innovation".

Mohit Joshi also shows again and again that he doesn't have a clue, because Open Source and GNU are two different movements and he keeps mixing them up all the time. Ask Richard Stallman!

Second flaw: "GNU GPL became the most popular license because of whole freedom philosophy woven around it (read GNU Philosophy)." I don't think so. Most developers are no lawyers and have neither the time nor the knowledge to put together a decent license. Other Open Source projects do, like Apache, Mozilla, Sun, etc. As a free software developer I chose the LGPL, because I want improvements of my library to come back to me, so others may benefit too. Still, my library has been used in at least two commercial products. If you don't like that, you can still use the BSD license (also considered Open Source). Microsoft used it in their products, but the world never saw any improvements. So if you name your chapter "The Great Software Robbery", make sure you point at the right villains!

He also forgets to mention that GNU is a license. If you don't agree to the license, then don't use the software! Did I forget to mention that I have not agreed to Microsoft EULA several times, without ever getting a refund? If you name your chapter "The Great Software Robbery", make sure you point at the right villains!

Third flaw: " It [FSF] fails to acknowledge requirements of different sections of society." Again, not all Open Software is GNU. Second, the GNU license offers more options to users that proprietary software. You can change it, recompile it, adapt it, even sell it, whatever you want. That is more freedom than proprietary software usually offers. True, not everyone will use it, but if you want to, you can.

I could also argue here that proprietary software fails to acknowledge requirements of different sections of society, simply because I cannot change it, recompile it, adapt it or sell it. That would hardly make software companies 'communist', would it?

Fourth flaw: "The GNU philosophy (and GPL – Its mode of implementation), put forward by Richard Stallman has a very stark resemblance to communism. It may be thought of as its virtual avatar. To find why, read on." Then the poor man fails to deliver. He jerks a quote from Subhasish Ghosh completely out of its context, simply because it has the name "Marx" in it. In that article Subhasish Ghosh argues that not everyone will use the freedoms the GNU license grants - which is true. But it's hardly a proof that GNU equals 'communism'.

The conclusion is even more baffling: "So due to this incorrect model of co-operation put forth by FSF, small-time and low budget developers, who do not have adequate resources, often end up using GNU GPL. They are subsequently forced to give up one thing that could have stopped their project from being low budget, their intellectual property rights, now forfeited by the GPL virus."

First, by using the GPL license, you do not transfer your rights to the FSF. You haven't given up any property rights as well. Proof? MySQL and Trolltech offer both commercial licenses as well as GPL licenses. Second, nobody forces anybody to use the GPL. Like I said before, one can choose from over 60 different Open Source licenses.

But it gets even better! Mohit Joshi turns out to be a communist himself: "Therefore it is very likely that some other person possessing these [vendor] skills will reap benefits without ever bothering to pay the programmer who has no intellectual rights. Thus maybe few smart individuals may benefit but a large section of society will find itself helpless."

My dear Mohit Joshi, that happens when you work for a company like Microsoft! After a full day of work you go home with a measely salary (a fraction of the benefits) and you've given up all your intellectual rights! Since the company has a monopoly on production resources, they get richer and the programmers get poorer. That's why 'communism' was invented by Marx in the first case!

Finally, he claims that "(..) they [FSF] are using litigation not technology to make a profession obsolete." Okay, first they were "born out of necessity to create efficient software" (which in his view isn't technology??), then they are "subsequently forcing programmers to give up (..) their intellectual property rights" and now they're "using litigation to make a profession obsolete". If that isn't the reasoning of a sick mind, what is?

And even if all that is true, we're all still living in a democracy that treats people like grown ups, making their own choices and having their own responsibilities. No programmer will ever be "enslaved", because it is always the "responsibility of programmers to upgrade their skills according to new environment."

I can only give you one advice if this becomes true: "The collaboration and sharing without monetary compensation will not aid in globalization but rather communism". Get out while you can. Don't become a programmer. Try baking bread. Bakers never get out of style.

Who understands the OSS community?

There are only a few ways to make me mad. Personal attack isn't one of them. You can call me geek (which I certainly am), madman (true, I don't have any political or diplomatic skills), fanatic (guilty where OSS is concerned), sexist (and proud of it, just kidding ;-) or anything else and I won't even blink. But attack my work and the wrath of the Nerd will descend on you.

Whether it concerns a private project or a professional project, it doesn't matter. I take pride in my skills and I'm perfectly aware of what is only a few pages of code to me, is a tool others have to work with every day. I find that a great responsibility and after 20 years in this line of work I'm absolutely aware of that fact.

And I know that I'm not the only one. There are a lot of OSS programmers that feel the very same way. We might not always agree on certain (technical) issues, but we are proud of our work. That is a big difference with the code slaves that work for closed source companies. They have very little influence on the work that they do, give up their intellectual rights the moment they lift their fingers from the keys and get badly paid. And when closed source program is horribly made, the true artisan in us is disgusted.

When you're doing a OSS project, you do it because you like it. Because you have an itch to scratch. And if your humble project is of any use to the outside world, you're are emotionally involved to say the least.

There is no central OSS or Linux company. What we usually call "Linux" is actually a bunch of loosely connected OSS projects. There is no board, no CEO, no stock holders, no PR department and you don't have to apply for a job. If you want to work, go ahead, start right away, we're happy to see you. Maybe you will acquire some status over time, but there is no promotion. Let alone a raise.

I won't argue that the OSS community is a good representation of the population, or even of those working in the IT industry, but it is a very mixed crowd of people to say the least.

I recently reread a previous blog of mine and thought I had been a bit harsh to Iain Ferguson. Iain, I humbly and truely apologize. But I remember very well why he drove me this mad. And he is not the only one. What drives me really mad is that these editors obviously haven't any clue how to address the community.

What do you expect what happens if you write stuff like that, Iain and Simon? That there will be a board meeting? That we will issue a press statement? That all of a sudden the community will change its corporate strategy? We have none of those things! It just feels like a personal attack on the things we do and love. "Gosh, why do we get flamed each and every time? Duh??" What feeling do you get when you read a quote like that? That it is said by a clueless moron? Well, that is the impression that you make.

Jim Morrison once said "You can't petition the Lord with prayer". To paraphrase that it I'd like to say "You can't address the OSS community", because it is much too varied to be addressed. Let's assume that 10,000 people of that community are reading your column and you're flamed by the 1% idiots that are obviously there. One hundred flames is quite a lot, true. Next time you write a column saying that all the good people that work on OSS are all "bigots", "zealots" and should "shut up", "take a back seat" or otherwise disappear from the window. Like there is a CEO that will issue a memo saying that all employees should refrain from all public comments. What do you expect? More flames, because it is not nice to be insulted.

Now I've read Iain's column again I'm catching his drift, but it is so badly put to words that he should seriously contemplate if he is the right man for the job. For instance, he could have considered to investigate what the OSS community is all about. He could have addressed the subject that corporate CEO's don't understand how to communicate with the community either. Ok, I'll tell this once more, so you editors are all gonna get it: WE ARE NOT A COMPANY, SO DON'T ADDRESS US LIKE ONE!

If you get flamed, get over it. We all face that music, even amoung ourselves. You're not talking to a PR department. Please, make these CIO's understand that if you want something done, contribute, we're not changing direction just because some hotshot tells us to. If you want a Windows version, make a port. If you want a Swahili translation, make one. Even Linus once admitted he doesn't have a clue where he is going, he just goes with the flow.

Instead of flaming us in your blogs and columns, play by our rules and help those clueless CIO's understand they have some learning to do. Because they have. CIO's still think we are a bunch of crazy programmers, artists and translators working for free. Wrong. We just have a different currency. The currency is contribution and involvement. You can't just stay on the receiving end and make demands. What are you, a bunch of corporate freeloaders? ;-) Where are the millions of lines of good "internal" projects that are left on the shelves for one reason or another?

I assure you, if you highlight these points you will still get flames, but less. The first step in diplomacy is understanding. "We" don't have to understand anything. "We" will just continue doing what we're good at, which is making programs, either for ourselves or the whole world. "We" don't need ignorant, pedantic editors telling what "we" got to do, think or write. "We" won't change our ways. "We" use Linux and know what it is all about and why "we" use it and continue to use it. And if you step on our pet project or insult us, "we" will continue to react. Because "we" are only passionately doing what "we" do best. That is to serve ourselves and all others who take an interest in it.

So, now I've said it. I honestly hope you understand. I've made the first step, not "we". Where we (you and I) go from here is a choice I leave to you.

The ethics of Open Source FUD

When I was a kid, I was bullied by the son of the headmaster. My notes were perfect and although I never bragged about them, he thought I had to be learned a lesson. After all, he was the son of the headmaster, wasn't he? Of course, I tried to reason with him, explaining that these actions were inappropriate and futile. Unable to call in a higher authority, I began to master the art of self defense and it didn't take too long or I was able to beat the cr*p out of him. So I did. I haven't resorted to violence in almost thirty years, because I still believe that diplomacy is the way to resolve conflicts and violence is in essence primitive and barbaric.

I don't have to argue here that the FOSS community has been the victim of FUD tactics a number of times. To name a few myths: no support, open to attack, unprofessional, viral licenses and so on. Each and every time the community has answered in a appropriate, accurate and responsible way. But how effective has that been? Well, not. We're fighting it every day.

The main problem are the media, the large 'professional' websites. These are the websites managers read. And what do they read there? "Is Linux ready for the desktop?" or worse: "Linux is not ready for the desktop".

Long haired College Dropout and Self-Confessed Hippie Hacker Wants to Create a Communist IT Landscape and Destroy a National Industry

And not your average blogger, but editors. Guys, if this had been the fifties, we'd all be shaking hands with Senator McCarthy and his committee for 'Unamerican activities'.

Our response is usually on Groklaw, LXer, and LinuxToday, to name a few. Those people don't read what is posted there, so they never read our response. We all agree to some extent that we've professionally countered all arguments and we're very satisfied about ourselves, but our message doesn't come across.

All we've accomplished so far with our 'measured responses' is that we've moved from "religious zealots" via "flaming Linux bigots" to "Open Source advocates". There are still lots of 'editors' who claim that it is impossible to publish any story about Open Source (read: a bunch of FUD) without getting flamed to death (read: getting comments). If that isn't FUD in itself, I don't know. And pointing the finger to a group doesn't make it any less personal. Note 'they' didn't have any problem to make it personal. Remember what has been written about Richard Stallman and in particular about Pamela Jones of Groklaw. Those accusations weren't even true.

Obviously, reacting in a professional and responsible way doesn't get us any prime time. I make an offer to any editor that is afraid to do a FOSS story. Select a well-received article that responds to yours from any of our major websites and publish it in its entirety – not just a link. Give us a fighting chance to react. There are so many well-researched and well-written articles on the web, exposing the vulnerabilities of Windows, the 'Get the facts' campaign, the 'dangers' of Open Source licenses, etc. Why do these need to remain hidden in the bowels of the Google cache. Why are these not of 'general interest' or 'suited for a large public'?

And give us some acceptable editors. Why does Neil McAllister do "Open Source" at InfoWorld, for Pete's sake? Why can eWeek have his Steven J. Vaughan-Nichols, and not ZDNet, for instance. IMHO, if it needs a little FUD to achieve that, I'm happy to pay the price. But this imbalance in news coverage must be fixed, one way or another.

The FUD doesn't seem to stop and it doesn't stop at these so-called 'professional' websites. In the previous blog, I've shown you how closed-source companies try to tighten their grip on the press even further. The bullying goes on, and although subtle and hidden from the public eye, we haven't seen anything yet. I'm deeply concerned about this and the effects it might have for our community and our projects.

DC Parris wrote: "The other thing is that I'm not sure we (our community) should stoop to the level of others, i.e., spreading FUD about them just because they spread FUD about us. I strive to achieve a higher level than that". It may surprise you, but I agree with him. We have our ethics. If we find a bug or a vulnerability, we fix it instead of lying about it. We listen to our users and try our very best to accommodate their enhancement requests. We don't make the easy choices, but try to make the best ones. We will not obfuscate our programs, change our protocols or patent our inventions. And we will certainly not go closed source!

And even if we do write 'Open Source FUD' every now and then, are we really that bad? Of course, I can only speak for myself, but I challenge everyone to read my recent blogs and find any misrepresented facts. I like to think of myself as an integer person, who gives a great deal of thought before he makes a decision or writes a line. I always check at least two independent sources before I use any information and when I can, I provide the links. I don't manipulate results and I certainly don't lie. Everyone can and may comment (even anonymously), the comments become visible right away, I don't edit them (apart from inappropriate language) and I don't remove them. I can't say all websites have the same policy.

We are always defending ourselves, reacting to the attack of others. We're in our stronghold, on siege. In military science, that is not a favorable position. For almost fifty years the Soviet Union and the United States had a massive amount of nuclear firepower pointed at each other. Still, no shot was fired during that period. It was a MAD situation, but it worked. MAD means "Mutual Assured Destruction" and that is exactly what is was. Nobody moved, because they all were afraid of retaliation.

We've been nuked for years now by lawyers, spin-doctors, publicity moguls and politicians. And you still want me to play mr. Nice Guy?

Three reasons NOT to use Gnome

I've always been a proponent of choice. Maybe it has to do with my biology study, I don't know. Variation makes a population stronger and resilient. A few days ago, I wrote an article on comp.lang.forth, passionately arguing that the ANS Forth standard should allow even more diversity in architectures, command sets and design objectives. That's why I like Open Source. Whatever you're looking for, somebody has done it. If not, you can always start a new project.

So, it is only logical that there is a large variety of desktop environments and window managers. Even more than you can imagine. One of my favorite Linux magazines, the German "Linux User" has a monthly section dedicated to it. Although I don't have any intention to change my desktop, it is nice to see what people come up with. Some solutions I find even tempting.

One of the better qualities of the Open Source community is mutual respect. Developers make different choices, but they usually show understanding for the choices others have made. One of the characteristics of respect is honesty. You don't spread any FUD to harm your opponent or his product. That is why "Three reasons to use Gnome" shocked me.

I don't object to the article itself; Sal Cangeloso is free to use what ever he wants and list his reasons for using it. But he is not free to spread FUD and use some very questionable arguments. I've used KDE from the first moment I installed Linux and I've never been disappointed. I've even used it on a 166 MHz, 32 MB Pentium II. Sure, it wasn't a speed demon, but I've used the machine for 18 months at a stretch. I like my KDE and when you look at the comments this dubious article received, I'm not the only one.

I've always had the idea that this whole KDE vs. Gnome thing has been kept alive by Gnome proponents (see the last paragraph). I can imagine why. Somebody starts a desktop environment based on non-free software. A year later, in 1997, you found a project with the aim to create an entirely free desktop. After three years, you find that you've done it all for nothing, because somebody changed the licensing. What a bummer! What now?

Okay, you start a project called Mono to give it a boost, based on a totally nonfree architecture (sic) - designed and promoted by a company I choose not to mention. It's still not working. Even worse, the father of the single piece of software that started it all says in public that "your whole mentality is a disease" and your baby will only be used "by idiots". On top of all the guy who gave your favorite desktop environment the long awaited recognition becomes the first patron of KDE. Apart from driving off a cliff, what can you do. Easy, let's do what the professionals do. Spread FUD.

First of all, SuSE has always defaulted to KDE until it was bought by Novell. Novell also bought Ximian. Right, that company was founded and owned by the guy who wrote both Gnome and Mono, Miguel de Icaza. It is safe to say that this choice was made for political and not technical reasons.

Second, Gnome is far from "lightweight" as these figures will show you. Personally, I find Gnome sluggish and not quite as snappy and responsive as KDE. That is quite understandable if you know how Gnome came to be. The Gimp Tool Kit was originally developed to make GIMP, a Photoshop clone – not to build an entire desktop on top of it. It has the most horrible API you've ever seen. KDE has one of the most well designed APIs I've ever seen. Absolutely no comparison.

Third, I absolutely prefer most of the KDE applications to their Gnome counterparts. If you've ever worked with LyX, you'll never go back to Open Office Writer again – except for compatibility reasons concerning an Office suite whose name I choose not to mention. Konquerer is the fastest browser around – with the possible exception of Dillo. Bluefish or Quanta? Don't give it a second thought - Bluefish even lacks a preview or help feature. I prefer Kmail over Evolution, because the latter resembles a PIM whose name I choose not to mention. Krita is quickly becoming the image editor of choice. And Koffice is a better suite than the bunch of unrelated applications like Gnumeric and Abiword that form the "Gnome office" suite. Not to mention that "Gnome office" is lacking a Kexi equivalent. I have to admit I really like Dia, though!

Finally, Sal Cangeloso resorts to the ever lasting Gnome FUD trump card, licensing. Okay, I'll repeat it here for the very last time: since September 2000 KDE is 100% GPL. No "licensing issues" at all. The next one who tries that trick gets his lights punched out.

I really don't care which window manager you use. I really don't care what desktop environment you use. But you should not reward a project that has and keeps on spreading FUD just to force its eternal nemesis out of the market. If you want a sluggish memory hog that leaves you no choice unless you happen to like XML hacking, be my guest. But note that when there is no KDE anymore, you will be left with no choice at all - except of course with what the good Gnome people think is good for you – welcome to the cathedral!

Note that there are a lot of people that are very passionate where KDE is concerned. Why? Because it is their tool of choice and they use it every day. Some have used Gnome for a while and switched. For some, KDE is too heavy (e.g. DSL, Puppy Linux) and they were happy to see that there are alternatives - the bazaar. That is what Open Source is all about. And don't you forget it.

The unknown soldiers of KDE and Gnome

When World War I was over, millions had died and large parts of southern Belgium and Northern France had been turned into a a grim wasteland. World War II didn't prove to be much better. Japan had suffered two nuclear bombs and some of the most beautiful European cities were gone. Millions had died. It is easy to blame the Germans or the Japanese, but it is only now that we are willing to listen to the stories ordinary civilians of these countries have to tell. No life was left untouched.

In the aftermath of the recent KDE-Gnome war I have spent several hours writing articles I never intended to write. If I had wanted to write about the KDE-Gnome controversy, I would have done so long ago. I did not draw first blood. But when I write an article I do not take prisoners. The only thing I can blame myself is that I did not properly investigate self-proclaimed editor Sal Cangeloso. Yes, again an "editor" who spreads FUD. Who behaves like a little boy breaking a window and running away as fast as he can. If you want to react to his article you can only comment on it by becoming a member of his largely uninteresting forums or writing an email if you happen to find this page.

This war was so ugly, that Brian Proffitt, managing editor of "Linux Today" decided to comment on it. I agree with most of it. "It seems that you can't post an article about either desktop, however benign, without some yokel using the opportunity to flame the other environment", he writes. Well Brian, compare this one to this one. I suspect that the first one triggered Sal to write his article. Can you tell the difference?

The first one mainly concentrates on why he likes KDE. The second one concentrates on why you should avoid KDE. Sal is not stupid. His article is well written. He writes with authority as if he doesn't need to prove his claims. That makes him more dangerous than your casual troll. Like so many he doesn't seem to get it into his head that Linux is fundamentally different from other Operating Systems. He dreams of the cathedral and thought he could force it this way. Well, not on my watch, buddy. Two can play that game.

Many wonder why there even is a controversy between both environments. There are many competing projects in the FOSS world and almost none has resulted in this kind of rivalry. It started with KDE using a proprietary toolkit. That was wrong by any measure, and it triggered the start of the Gnome project. KDE had a headstart and Gnome the moral higher ground. All that changed when Qt became a GPL licensed product. And then Stallman made a fatal error. In the final paragraph of his comment on the recent developments he commanded his troops into the trenches. Like in World War I, they are still there. Any random shot starts a massive shelling.

Others have fueled this controversy, like Torvalds. Calling millions of Gnome users idiots is not the smartest thing to do. The generals started it, the generals should end it. Stallman should stop dreaming of a single GNU application stack. A cathedral is a cathedral, no matter how "democratic" it is. Commercial vendors like Novell should refrain from choosing defaults. None of the desktop environments will disappear on short term and trying to influence the choice users make will only fuel this war. In this respect, I think that Mark Shuttleworth has got it right. Finally, both projects should start to work closer together. I still dream of a Kimp and a Gonqueror.

What really has to stop is the licensing FUD around Qt and KDE. Qt is GPL and not LGPL, just the way Stallman likes it. If it had been the other way around, the same people would probably argue that you can use Qt to create non-free software. It's the world upside down. I think it would help if either Stallman or the Gnome project would take a stand here, so this argument is invalidated once and for all.

One thing that this war has learned me is that the smartest people of all are the "civilians", our users. They just use a mixture of what is there and don't understand what the fuss is all about. They happily shop in the giant bazaar for whatever they need. I remember I was like that once. I had switched from Windows to Linux and bought a commercial VCD player because there was no free one available. Stallman? Who is Stallman? I wanna watch my videos!

It were these users who made it clear, that I should write this article. Of course, there were the usual mental cases, I had to remove some profanity from a comment or two, but most were quite reasonable. Even if we happen to occupy different trenches. In some way, it remembered me of a story of World War I were French and German soldiers left their trenches on Christmas day to play a game of soccer.

Some had even taken the trouble to read my introduction, instead of jumping right away to the spicy stuff. I don't need Gnome dead, I just need a living and thriving KDE. I fully agree with Brian Proffitt in that respect. I repeat it one more time, I really don't care what you're running as long as I don't have to run it. I have to use Windows every working day of my life, thank you. And the Gnome people have enabled me to run some of their applications on that desktop, thank you too! KDE could do better in that respect.

Okay, whatever you think of me, I have taken my responsibility and made my final comment on this issue. I challenge all the players I mentioned in this article to do the same. Because what has happened in the end? We've soiled KDEs 10th anniversary and probably not a single user has changed his desktop. If we could only agree that the bazaar is a good thing, I think we might be getting somewhere.

So get out of the trenches, guys. I feel like playing a game of soccer. Yes, yesterday my bullets were flying over your head and my best friend was shot. But we could agree on not firing today. I do not regret pulling the trigger and I don't think you do. It may be too early for excuses, but maybe one day we find we've forgotten why we were fighting anyway.

Some will interpret a call for peace as a sign of weakness. Well, you're free to try. I still got a few nukes ready to fire. I did install SuSE 7.3 on a Dyme 166 MHz machine with 32 MB installed and I used KDE 2.2 from July 2003 to December 2004 to write my documents, develop my compiler and browse the web. When I get bored during the holidays I might boot the beast and take a few pictures if you want to. And after 25 years in this business I certainly know how to format a floppy. I don't like FUD and I don't like lies. It may be a character flaw of mine.

Einstein once said that "I do not know how the Third World War will be fought, but World War IV will be fought with sticks and stones". So, before you start to flame me again ask yourself one question: is it the right thing to do. Personally, I'd rather finish the documentation on my compiler, which is long overdue, than to spend my time writing articles like this. I think that is a better way to serve the community and certainly more productive.

I can say all the Gnome users and developers I've enraged with my article only this: you felt the same way as I did and that is all I wanted. We share that experience and by knowing this, we might be able to learn something. I have and I hope you do.

P.S. When I was spellchecking this article, Open Office highlighted "Cangeloso". I pressed "Always ignore". So should you.

Hasta la Vista, part 1: Microsofts final death march

Poor Bill Gates. The world will remember him as the richest man in the world and the founder of Microsoft, but he will never achieve the same statue as his arch rivals Steve Jobs and Steve Wozniak (aka "the Woz").

The younger generation may not know the latter, but Steve Wozniak was the technical wizard that put Apple on the map. He only needed six chips to control a floppy disk, where others needed twenty. With the words: "It was only two chips. I didn't know if people would use it." he added hi-res graphics to the Apple ][. BTW, he also designed the interpreter Calvin. Needless to say, this man gets the utmost respect from us nerds.

Unfortunately, Bill Gates is not a wizard. Even worse, he is a bad programmer. When Martin Eller, a Microsoft programmer, found an error in the flood fill routine of the MS-Basic interpreter, he exclaimed "Which moron wrote this brainless sh*t?" only to find out it was Gates himself who wrote the "brainless sh*t". I think it is safe to say that Bill Gates is hardly the technical wizard he would so much like to be.

The keyword of Steve Jobs life is "next". Steve always knew what was coming next. It was no surprise to me that when he founded a new company and consequently built a computer, he called them both "NEXT". Steve may not have invented everything himself, but he always seemed to know what was "hot" and what was not. In the seventies, the microcomputer was hot. In the eighties, the graphical user interface was hot. In the nineties, Unix was hot. In the beginning of the next millennium, digital music was hot. Even if you don't like Steve Jobs at all, you can't say he doesn't have a keen eye for trends.

Bill Gates track record is pretty bleak, compared to Steve Jobs. While Jobs and Wozniak were building their Apples, Bill Gates was writing punched paper roll Basic programs for the flopped Altair microcomputer in a shabby motel in Albuquerque. When the world was clicking away on its Mac, Microsoft brought you MS-DOS 3.3. It didn't even fully use the Intel 80286 microprocessors of the time. When Martin Eller said to Gates that he should not ignore the small bandwidth available in 1995, Gates had no idea what he was talking about. "Er.. er.." was all he could utter. Again, Gates has good business instincts, but he is no visionary. He may have written "The road ahead", but unfortunately for him the rest of the world headed in a completely different direction, hence a second edition to correct a few errors Mr. Gates made (like completely ignoring the Internet). But what do you expect from somebody who thought you would never need more than 640 KB memory?

One notorious proof that Bill Gates has it wrong time and time again, are the "death marches". According to Cinepad (which hosts an entire MS-vocabulary), a death march is: "The long, lingering final countdown to a ship date, involving 16-25-hour days, catnaps on couches, and plenty of 'flat food' (food, mostly from vending machines, that you can slip under people's doors so they can keep working)". In 2001 Microsoft made a documentary film celebrating the creation of Windows XP. Allchin, vice president of Microsoft, previewed the film and ordered it to be burned. Filming at the Microsoft campus is like filming in a slaughterhouse. You may like the meat, but you don't have to know how it is made. Death marches simply aren't pretty.

In effect, death marches are a necessary evil for Microsoft to catch up and keep in business. The first death march was in 1984, when Microsoft desperately tried to keep up with the revolutionary Macintosh of Apple. And don't get me wrong, some of Microsofts programmers are pretty smart. The first and never released version of Windows used the technically superior "pre-emptive multitasking". Bill Gates didn't have a clue of what that meant. He just wanted a Macintosh clone and he wanted it now. He didn't want proportional scroll bars, because the Mac didn't have them. He didn't want drag-and-drop functionality because the Mac didn't have it. Can you image what Windows 1.0 could have been if the team had had their way? But they dumped all the code they had written so far and used "cooperative multitasking" instead, which has been responsible for millions of computer crashes and freezes. It set the team back for a year.

Windows 1.0 was too little, too late. Macintosh had set the standard for GUI based desktops. Consequently, Windows 2.0 was a flop. So was Windows/286. Meanwhile, everybody was waiting for the coming of OS/2. Then came Windows 3.0. And it came big time. It was a hit. We would never hear from OS/2 again.

What few people knew is that Windows 3.0 was a very ugly hack, put together by David Weise. What he did was basically very simple: he ran Windows in a debugger to find out which parts didn't run in protected mode and then fixed it – line by line. At that time the Windows code was already hundreds of thousands of lines. In the end, he had done it. The first time it "ran", it crashed. This is what Microsoft calls a "Zero Bug Release" (not, as you might suspect, a version of a software product that's error-free, but (in an Orwellian twist) a release with the major bugs eliminated, retaining plenty of less significant problems).

Windows seemed unstoppable, especially when Windows 3.1 and Windows 3.11 emerged. Win32s was a library that enabled 32 bit programs to run under these GUI shells, but Microsoft was still far from a 32 bit Operating System. Fortunately Dave Cutler and his team were in for something new. It was obvious that he didn't want to make a PC Operating System, they were in for something far bigger. Something that could take Unix – Cutlers eternal nemesis – head on. In short, he rebuilt VMS. There are several articles on the Internet on the technical similarities between VMS and WNT. And if you don't believe that one, shift the letters that make up WNT one position to the left. Well, in short Microsoft paid Digital Equipment $150 million in compensation for using portions of an old Digital OS in WNT.

Cutler would let nothing stand in the way of realizing his design and often clashed with his programmers, senior Microsoft management, and even Gates himself. Gates needed a vehicle that would further Microsoft's marketing strategies, rather than a robust OS. The success of Windows made Microsoft change its strategy, so the NT programmers were forced to upgrade the 16 bits Windows API to what is now called the Win32 API instead of making a clean and fresh 32 bits API. Of course much of the eventual coding on NT was done by Microsoft engineers, so in the end the quality of NT's final code wasn't even in the same league as VMS.

It is no accident that Microsoft coding has such a bad rep. The choices that are made at Microsoft are deliberate. A few examples. Jon Ross accidentally left a bug in SimCity for Windows 3.0 where he read memory that he had just freed. It worked fine on Windows 3.x. On beta versions of Windows 95, SimCity wasn't working in testing. Microsoft tracked down the bug and added specific code to Windows 95 that looks for SimCity. If it finds SimCity running, it runs the memory allocator in a special mode that doesn't free memory right away. Note that they probably didn't make those provisions just for SimCity, but for other programs too. Why? Simply because the merchantability of Windows is more important than technical excellence and a clean design. You can imagine how much room that leaves for bugs and malicious code.

Microsoft is also known for its bloatware. That is intentional too. Joel Spolsky, a former Microsoft employee explains: "In 1993, given the cost of hard drives in those days, Microsoft Excel 5.0 took up about $36 worth of hard drive space. In 2000, given the cost of hard drives in 2000, Microsoft Excel 2000 takes up about $1.03 in hard drive space. (..) In fact there are lots of great reasons for bloatware. For one, if programmers don't have to worry about how large their code is, they can ship it sooner. And that means you get more features, and features make your life better (when you use them) and don't usually hurt (when you don't). If your software vendor stops, before shipping, and spends two months squeezing the code down to make it 50% smaller, the net benefit to you is going to be imperceptible. Maybe, just maybe, if you tend to keep your hard drive full, that's one more Duran Duran MP3 you can download. But the loss to you of waiting an extra two months for the new version is perceptible, and the loss to the software company that has to give up two months of sales is even worse".

Of course, this way of working simply couldn't continue. This had to go wrong one time. I don't mean the viruses, the spyware or the overall security (or lack of it). Microsoft tolerates the bugs riddling the software, since problems can always be patched over. However, with each patch and enhancement, it becomes harder to strap new features onto the software, since new code can affect everything else in unpredictable ways. In short, the software becomes unmaintainable. And Vista reached that point.

In an article, originally featured at (which has mysteriously disappeared a short while later) and the (paid) online version of Wall Street Journal, David Richards describes what happened. Jim Allchin personally broke the bad news to Bill Gates. "It's not going to work," he told Gates in the chairman's office. "Vista is so complex its writers will never be able to make it run properly". He showed Gates a map of how Windows' pieces fit together. It was 2.75 meters tall and 3.75 meters wide and looked like a haphazard train map with hundreds of tracks crisscrossing each other. Of course, Windows could be designed so that Microsoft could easily plug in or pull out new features without disrupting the whole system, but it would have to throw out years of computer code and start out with a fresh base. Vista would have to be simple. Yeah, right.. And pigs do fly!

In the next part of this series, I will focus on the problems that plagued Vista later on and some rather disturbing details around Windows security.


Barbarians led by Bill Gates
- 1998, Jennifer Edstrom/Marlin Eller

Hasta la Vista, part 2: MSFT Titanic

In the first part of this series, I mentioned how Jim Allchin came in, saved the day and everything was hunky dory again. Wrong. The story that "Windows was broken" came out in September, 2005. The same month a blog was published about the up and coming reorganization of Microsoft, stating that is was "just shuffling the chairs on the deck of the Titanic".

Obviously, Jim's leadership was not shared by everyone. Business Week wrote: "Now much of the sharpest criticism comes from within. Dozens of current and former employees are criticizing (..) the way the company operates internally. This spring two researchers sent Chairman William H. Gates III a memo in which they wrote: 'Everyone sees a crisis is imminent' (..) More than 100 former Microsofties now work for Google, and dozens of others have scattered elsewhere. (..) There's no doubt that Microsoft is losing some of its most creative managers, marketers, and software developers". A few quotes from these blogs:

"The only news is that Jim's retirement is official. Big deal. I thought Microsoft had some new found love of accountability. Why is Jim still allowed to work and get compensated like a king? Didn't he oversee the most poorly run software engineering project in the entire history of Microsoft?"

"Jim's continued participation in managing Vista just really doesn't make sense to me but I guess it's some kind of face-saving move vs. a public chewing out based on what happened with OS formerly known as Longhorn."

"Does anyone remember Cairo? It was the first pie in the sky project spearheaded by Jim. It was a multi-year disaster. Finally it was canceled, and then to my amazement, Jim was promoted to a VP! Longhorn is a repeat, only an order of magnitude larger, and with a familiar refrain: no accountability!"

"Yeah, [Jim Allchin] is sure doing such a good job getting Longhorn out the door in less than five years. People get degrees in college in less time it's taken to ship this thing. The project has become the illustrative epitome of everything wrong with MSFT."

And what about this 12+ years Microsoft employee:

"The company hasn't done well lately. Why? For the last seven years there has been an major disconnect between what the top brass says and what the middle layer does. Anyone else familiar with this?
  1. Go to meeting with Jim, find myself nodding in complete agreement with what he says, leave with renewed hope and energy;
  2. Attempt to implement the ideas discussed at the meeting and pursue the goals that Jim laid out;
  3. Argue with PM organization and PUM/GM;
  4. Realize middle management doesn't support what Jim told me to do;
  5. Drink heavily."

Six months later, the programmers seem to have come close to a mutiny, saying "Fire the leadership now!", saying "People need to be fired and moved out of Microsoft today. Where's the freakin' accountability"? Two days later, they evidently got their way: "According to numerous reports, Microsoft is getting ready to shake up the management team in its Windows Division (..) the Windows Division is full of the last vestiges of 'the bad, old Microsoft. This can't happen quickly enough.'" One day later, David Richards reports: "Up to 60% of the code in the new consumer version of Microsoft new Vista operating system is set to be rewritten as the Company 'scrambles' to fix internal problems a Microsoft insider has confirmed to SHN. (..) Microsoft has also admitted that it has major problems in it's Windows division and has has immediately initiated a total restructure of the division, a move that comes after a costly delay in rolling out its Vista program. (..) An internal memo written by Kevin Johnson the Co-President of the Windows division has revealed the changes that the Windows division faces: 'As part of the next step of Jim's transition, we discussed when it was appropriate to move his direct reports to me, and decided that this organization change was the right time.'"

Less than three months later, Bill Gates decides to resign. Even more features are scrapped in a desperate attempt to hit the release date, since even Gartner expects it to slip again. Now even the major networks are beginning to pick up the problems at Microsoft, like ABC ("What's wrong with Microsoft") and CNN ("A reality check for Vista"). Especially the latter uses amazingly harsh words: "Will Vista Premium be worth the extra cost? Essentially, the features you get with the more expensive version are better security, a prettier user interface, and the audio-video software formerly found in Microsoft's Media Center edition of Windows XP. That doesn't seem like a lot for five years' work (..) So here's a modest proposal: Boycott Vista."

Rats are leaving the sinking ship (the Titanic)? It seems like it. Even in Microsoft friendly waters, the cannons are fired: "So, why is the year-old Mac OS X Tiger so much better than Windows Vista, which Microsoft won't even ship before January 2007? It isn't that Apple has put more effort into its operating system; (..) I've come to believe that Microsoft has lost touch with its user base." and "I’m hoping that this feature [UAC] will work much more smoothly in future beta versions. If it doesn’t, the UAC team had better be prepared for some caustic reviews". Needless to say, that in unfriendly waters, Microsoft is butchered: "Putting aside all issues of Linux being more secure than Windows, and Vista lacking almost every significant feature it was supposed to include, just looking at the dollars and cents, just looking at getting office work done, SLED, the Linux desktop, is unquestionably the better choice over Vista".

You may or may not like Linux, but I promise you that the next guy who has the guts to publish an article like "Is Linux ready for the desktop?", I'll personally come over and punch his lights out! You say Aero, we got Xgl. You say WinFS, we got Beagle. You say Monad, we got plenty of those!

.NET was introduced as 'the next millenium platform', however Vista isn't built with it: "Microsoft appears to have concentrated their development effort in Vista on native code development. (..) Vista has no services implemented in .NET and Windows Explorer does not host the runtime, which means that the Vista desktop shell is not based on the .NET runtime. (..) I can say with confidence that this represents the limit of .NET usage in Vista: the release version will make no more use of .NET. Microsoft have retreated significantly from this position. (..) I cannot stress how significant this retreat is. Microsoft have so little confidence in their own application framework that they will not use it even in their own managed applications. My conclusion is that Microsoft has lost its confidence in .NET."

It seems that this decision came from, yes, again Jim Allchin: "However, if .NET is not where people think it should have been by now (replacing native code), this is definitely not Jim's fault, but the .NET guys. There are still so many issues that have to be addressed before we can replace the old Win32 API, that the conservative approach of Jim was the exact right thing to do." and "If Jim does not want to ship .NET framework on low end versions of Vista, do you think he is free to make that decision?"

So, those of you who still think Microsoft will pull it off easily, are you still that convinced? Microsoft is seeking help with Xen, an Open Source company. Is that still as reassuring? Note that Microsoft's legal problems aren't finished either. The third world and especially China are moving more and more towards Open Source. What if the EU decides that computers may no longer be sold with an Operating System preinstalled, then what? Then consumers will see the 70 bucks that they pay for that cr*p.

IBM went down when they introduced their PS/2 line of products. It should have been their finest hour. Microsoft may share the same fate. It will certainly not be the end of the giant, but it will be the end of a reign of terror. Still not convinced? I will give a Microsoft employee the last word:

"It scares me that this is what Linux does today, it’s free. Open Office is free. I can do anything on the 'free' platform that I can do on Windows. Eventually it will be like an old sweater that I am comfy with. Wait 10 years and watch as these folks graduate and move into positions of influence. Its no longer a hard migration issue – that generation will be comfy with Linux and it will be the kind of decision (if not easier) that was made when corporations moved from OS/2 or DOS to Windows. No need to train.. What the hell is Windows anyway? I truly believe that was a big factor that drove our platform; we were able to get the stuff for almost free. Give it away to students.."

Microsoft giving their stuff away for free. That's sheer panic. Famous last words. Yes, I lied ;-)

Microsoft can be trusted: NOT!

How do you know you've written a good blog? Well of course, a high number of comments and talkbacks are a nice indication, but it only means that many people like what you've written. "News story of the day" is nice too, but that is still not what I want. No, I know I've written a good blog when I keep on adding links. That means to me that I'm really on to something.

The kinds of blog that interest me less are those where I keep on flogging dumb or corrupt editors. And there are just too many of them. One reader of my blogs suggested we should create a "Razzy Award" for worst editor of the year. My nominee of the week is Neil McAllister, given his line of recent articles with Microsoft FUD ridden titles like:
  1. Open source is entangled in .Net
  2. Open source needs a profit motive
  3. Forget about open source at Apple
  4. Can't open source and Microsoft just get along?
Fortunately, DC Parris saved me by writing a better article than I could ever have done. You are dumb if you still don't catch the drift of the FOSS community. We are not swallowing our pride, we are not taking backseats and we won't stop doing what we've been doing so far. You're corrupt if you're letting yourself be used by the Dark Force to spread FUD disguised as editorials.

Speaking of the Dark Force, it seems that Neil is really hooked on satanic stuff (this is his homepage). Note that these 'Black Metal' guys are not your average metal fan: they burn churches, promote suicide, and are generally racist and anti-Christian! Well, I must admit, his personal ideas are ideologically very close to those of the FOSS community! NOT!

Corruption of computer magazines? Far-fetched? I don't think so. Correction. I know it is not far-fetched. If you happen to live in Europe, you may have seen many computer magazines this summer that included the Microsoft Office 2007 test suite on CD. You may have bought such a magazine and wondered why they were so friendly to Microsoft.

Well, that is not an accident. Those magazines signed an agreement, that they would offer their articles to Microsoft for "proof reading and comment". And in order to make these stupid editors understand what they should write, Microsoft sends them a "manual for editors" so they can produce "allowed contents". If Microsoft proposes any "changes" concerning "incorrect information on the product", those editors should "cooperate" with the software giant. It stresses that it just wants to "avoid misrepresentation of Microsoft and/or its products". Needless to say, that Microsoft will not allow any other software on the free CD, let alone abominations like Open Office.

"You're kidding me". No I'm not kidding you. This is the company that recently stated that they are "people (..) with unwavering integrity", and a "collective commitment to ethical business practices". "These Standards of Business Conduct provide information (..) to help you make good, informed business decisions". Emphasis added.

That was even too much for "Computerbild", part of the (sic) right wing Springer concern. The editors didn't sign the contact and consequently didn't bring the Office 2007 CD. Instead, they made the scandal public. "This agreement is a huge intervention in the editorial freedom." said Hans-Martin Burr, editor in chief "It's like signing the death sentence of independent journalism".

I must say, I've been researching my "Hasta la Vista" series for almost a year now, and only too many links have disappeared from the web. You will say that is not unusual. True. But especially where large, online magazines are concerned, you'd expect the oldest articles to disappear first. Untrue. Even some individual pages have been altered, some comments withdrawn or modified. I don't have any real proof for this – I really have to stress this – but it is suspicious to say the least.

I've been forced to delve into Google's cache in order to retrieve some articles or fragments of articles. Nowadays, I copy the entire article and its link in order to be safe. I'm convinced these are no incidents or coincidences. May be one time a Microsoft employee will come forward and confirm this story. "You can fool some people all the time, you can fool all the people for some time, but you cannot fool all the people all the time." Abraham Lincoln said and I still believe that to be true.

Another reader wondered whether I got paid for writing blogs like this. No, I do not get paid. This is right from the heart. If somebody offers me money to write a blog one time or another, I probably stop writing at all, do the final payments on my mortgage and retire. Yeah, Neil – my dear anti-Christ – you were so right: Microsoft can be trusted.. NOT! Excuse all the blood. ;-)

Update: Before I can continue this blog, I have to make a confession. I am and have been a fan of the Doors since 1990. The Doors was a band in the nineteen-sixties, notorious for their inappropriate behavior and language on and off stage. Jim Morrison was arrested on stage in New Haven for foul language which he had directed toward police at the concert. The most infamous incident occurred at the March 1, 1969 Dinner Key Auditorium concert in Miami, Florida. Morrison allegedly exposed himself during the performance. He was accused of lewd and lascivious behavior, indecent exposure, open profanity and drunkenness, and consequently trialled and convicted.

I regret to say, that I have been unable to disassociate my private life sufficiently from their cultural and philosophical heritage. On more than one occasion I have been under the influence of alcoholic beverages, used controlled substances (although I didn't inhale) and have had sexual relationships with women that were not my spouse (I never was married).

It was wrong. It constituted a critical lapse in judgment and a personal failure on my part for which I am solely and completely responsible. And so I ask you to repair the fabric of our mutual cause, and to return our attention to all the challenges and all the promise of Free and Open Source Software. I hope this will encourage others to come forward and distance themselves from their questionable musical taste. I know for instance, that L. is a big fan of Abba and R. likes to listen to 'The Village People' from time to time.

Just kiddin', but I think you all know what I'm talking about. I know I've touched a nerve that seemingly nobody ever touched before and I have to address it.

Epilogue: It has now been several years since I wrote this post and I have to say that I wouldn't use the same tactics again. I feel now that straight ad hominem attacks like this are counter productive - although I have to admit it was a lot of fun at the time. I can't undo what I've done, except publicly offer my excuses to the parties involved. I still feel that researching a person can be useful, but completely unrelated facts should not be part of the story.

Microsofts Genuine Advantage

A lot of managers are afraid to use Open Source Software, because it doesn't come with any support. Of course that isn't true. It is a classical piece of FUD. And then again, how much is support worth?

I've been able to introduce several pieces of Open Source Software to the company I work for and we haven't needed any support so far. It just works. And if you want to, there are plenty of big companies that do offer support, like Red Hat, Novell and IBM.

On the other hand, I've had many experiences with 'professional' support in a professional environment and they weren't always very good. More and more MCSE's, less and less resolution.

But that is B2B support. An Innocent Consumer may get considerably less latitude as is illustrated by this (fictional, but inspired on real events) day at Microsoft Support:

MS:Microsoft Support. Good morning, sir. Can I help you.
IC:I have a problem. My computer has halted with a message.
MS:What's the message, sir.
IC:ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102; Microsoft Windows is Not Present
MS:May I have your product key, sir.
IC:[gives completely valid product key]
MS:I'm sorry, sir. That is not a valid product key.
IC:But I bought it at Amazon! And it was shipped with Federal Express.
MS:I'm sorry, sir. It is a counterfeit copy.
IC:I don't understand..
MS:I'm sorry, sir.
IC:Is there anything you can do for me?
MS:You could contact Amazon, sir. Or..
IC:Or what?
MS:You could send us the CD's, sir.
We will verify authenticity for you.
IC:That would be great! When will I have them back?
MS:We just verify authenticity, sir. We won't return them.
IC:Even if it is a genuine copy?
MS:Even if it a genuine copy, sir.
MS:I'm sorry, sir. Have a nice day. [click]

MS:Microsoft Support. Good morning, sir.
Can I help you.
IC:Windows displays some strange message on my screen.
MS:What's the message, sir.
IC:ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102; Microsoft Windows is Not Present
MS:May I have your product key, sir.
IC:[gives completely valid product key]
MS:Ok, sir. Can you please reboot your PC?
IC:Will that solve the problem?
MS:Please reboot your PC, sir.
IC:Ok, ok, wait a minute.
MS:Please call us again if you eXPerience any more problems. Have a nice day, sir. [click]

MS:Microsoft Support. Good morning, sir. Can I help you.
IC:Hi, it's me again. I still got the same error.
MS:What's the error, sir.
IC:ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102; Microsoft Windows is Not Present
MS:May I have your product key, sir.
IC:[gives completely valid product key]
MS:I'm afraid you'll have to reinstall Windows, sir.
IC:Really? That takes forever. Is there any other way?
MS:No, sir. I'm afraid not. Have a nice day. [click]

MS:Microsoft Support. Good morning, sir. Can I help you.
IC:I reinstalled Windows and I still got the same message box!!
MS:What does the box say, sir.
IC:ReadStringFromInf: UpdSpGetLineText failed: 0xe0000102; Microsoft Windows is Not Present
MS:May I have your product key, sir.
IC:[gives completely valid product key]
MS:That will be fixed in the next release, sir.
IC:The next release? When will that be?
MS:Vista will be released January 2007, sir.
IC:Can I get an update?
MS:No sir, not for a OEM version.
IC:And how much will it cost me to get this new release?
MS:$199 for Windows Vista Home Basic, sir. Do you want to pay with Visa, Mastercard, Diners, etc.
IC:I can order right now?
MS:No sir, we have to charge you $350 for this call.
IC:I don't get any free support?
MS:No sir, not after sixty days and only if it concerns a bug in our software.
IC:This isn't a bug?
MS:No sir, it's a critical security update issue.
IC:[murmurs a credit card number]
MS:Thank you sir, for calling Microsoft support. Have a nice day! [click]

Hasta la Vista, part 3: Of Windows security and other oxy-morons

If you happen to be a regular reader of my blog you know I have this thing with editors, especially when they are reporting on IT developments (a subject I know a thing or two about). The point is, I find most of them either too dumb or too corrupt. I've also reported on the ethics of Open Source FUD, and compared to the ethics editors should follow, I'm not even doing too bad:
  • Test the accuracy of information from all sources and exercise care to avoid inadvertent error. Deliberate distortion is never permissible.
  • Distinguish between advocacy and news reporting.
  • Distinguish news from advertising and shun hybrids that blur the lines between the two.

Why do you give Microsoft a platform to spread its FUD? Why are you guys deliberately spreading FUD? Where is the independent research journalism you were so proud of in the past? Are you really thinking you're objectively reporting about the world around you and what is actually happening there?
  • Support the open exchange of views, even views they find repugnant.
  • Tell the story of the diversity and magnitude of the human experience boldly, even when it is unpopular to do so.
  • Give voice to the voiceless; official and unofficial sources of information can be equally valid.
  • Diligently seek out subjects of news stories to give them the opportunity to respond to allegations of wrongdoing.
We're already happy when some comments make it past the moderator. Hardly ever an editor – or any other IT journalist for that matter – asks an Open Source proponent for comment. You just pickup the press releases – or worse: download them, so you don't have to type them in – and copy them to your word processor. I must admit, it saves a lot of time, but whether that is true journalism remains to be seen.

Exhibit one. Where was the news coverage of Linux in 1999? Most people – including me – were still thinking it was an experimental, command line driven system. I was considering a Windows NT system when I bought a German magazine and found out Linux was a perfect replacement of Windows 3.11. I installed it February 2000 and after a few months I booted Windows 3.11 perhaps once a week to play a DOS game or scan a picture. A real history of "telling the story of the diversity" and "giving a voice to the voiceless", huh?

Exhibit two. Linux coverage in the Netherlands has been abysmal, to say the least. Most Dutch magazines don't seem to see the difference between "Freeware" and "Open Source", although they acknowledge there is something out there that is called "Shareware". The only Linux question you'll ever see is "How do I uninstall Linux", and the only Linux articles that are published carry headlines like "Is Linux after all these years still not ready for the desktop"? Main argument: "Most people use Windows", which is true and if you won't do your duty as a journalist, it will stay that way.

Of those magazines, Computer!Totaal really isn't the worst. They even know there is something out there called Open Source and every once in a while they do report on how to use Linux to set up some kind of server. Some editors are willing to discuss matters in length with you, which is a good thing. However, the editorial of the September issue is one of the worst I've seen in a long, long time.

José Pauty, argued that buying a safe computer makes no sense. People are just too stupid for such devices. They visit fishing sites, click on every attachment, install ActiveX components. Secure computers are a waste of money.

And that calls himself – in order to avoid prejudice, I hope it is a guy - an editor. It is a excellent example of how some editors can spin out of control and write pure nonsense if they are not subjected to a proper peer review. Think about it: you don't need to buy a decent lock since you always open up when the doorbell rings. Better, why buy a door at all? All houses are vulnerable anyway. Hey, in most cases people even know their assailant. The only way you can secure your house is to wall yourself in. Security? Better save yourself the money! It can't be done!

Still, I can laugh about such ignorance, until blatant lies pop up. Linux just seems more secure, because there are so few of them. That is FUD. And if you're a competent editor, you know it is FUD. Why? Well, when it comes to web servers, the biggest target is Apache, the Internet's server of choice, even after attempts of Microsoft to bring its share down. Attacks on Apache are nevertheless far fewer in number, and cause less damage. And in some case Apache-related attacks have the most serious effect on Windows machines. Attacks are of course aimed at Windows because of the numbers of users, but its design makes it a much easier target, and much easier for an attack to wreak havoc. Windows' widespread (and often unnecessary) use of features such as RPC meanwhile adds vulnerabilities that really need not be there. Linux's design is not vulnerable in the same ways, and no matter how successful it eventually becomes it simply cannot experience attacks to similar levels, inflicting similar levels of damage, to Windows.

Why is Windows so vulnerable? There are several reasons for that. First, Windows has long been hampered by its origin as a single-user system. Windows was originally designed to allow both users and applications free access to the entire system, which means anyone could tamper with a critical system program or file. That means viruses, Trojans, spyware and other malware can do that too. Windows Server 2003 makes some more progress toward true multi-user capabilities, but even Windows Server 2003 hasn't escaped all of the leftover single-user security holes. That's why Windows Server 2003 has to turn off many browser capabilities (such as ActiveX, scripting, etc.) by default.

Second, Windows is monolithic by design, not modular like Linux and OS/X. These architectural models have very deep security implications, one being that a monolithic system tends to make security vulnerabilities more critical than they need to be, since every flaw in a piece of the system is exposed through all of the services and applications that depend on that piece. E.g. when Microsoft integrated Internet Explorer into the operating system, Microsoft created a system where any flaw in Internet Explorer could expose your Windows desktop to risks that go far beyond what you do with your browser. A single flaw in Internet Explorer is therefore exposed in countless other applications, many of which may use Internet Explorer in a way that is not obvious to the user.

If you are a Windows user and you're reading this using Internet Explorer, I can only advise you one thing: go to the nearest Firefox distribution point, get the 5 MB package, install it and come back. Still reading this? Getting a bit red in the face? Think I'm unfair? Well, I challenge you to copy a few credit card numbers to your clipboard. It would be very nice if you'd add some PIN codes too. I'm doing this too on my Linux/Firefox workstation, don't worry. It won't infect your Windows installation in any way, it just shows how information can leak out - and it works with other information too, not just credit card numbers. Now click this link. Still so happy with Windows and Internet Explorer? Still think I'm unfair? Here is how it works. And note this is only one of Internet Explorers vulnerabilities.

And last, but not least, because of the horrible quality of coding at Microsoft itself. This blog really shocked a few people when it came out. And don't think Vista will do much better. Apart from being nagged by UAC popups, it will only get worse since Microsoft has decided security cannot be left to third parties. Well, that feels good, being totally dependent on Microsoft for your digital security..

Some Windows zealots boast that Windows has C2 level security, but what few people know is that this is only valid in a standalone configuration – yes, that means no network – and no floppy. Microsoft acknowledges this on their site, but hides the actual information in an executable or buries you in a lot of information. It bashes Novell, lists C2 requirements extensively, only to say in the middle of a paragraph that "this means that the evaluation of Windows NT Server as a standalone system (..) is complete, and that the evaluation of the networking functions (..) is still in process".

Ok, let's wrap it up. I think it is clear by now that Windows security was primarily designed for a single user, stand alone Operating System. For a long time Microsoft focused on selling software, as much as possible and as fast as possible. Proper design and good coding had to take a backseat. Instead of fixing these fundamental problems, Microsoft has continued to add kludges, which in essence don't solve anything. It was not until after several attacks had decimated Windows installations that Bill Gates declared that security was the topmost priority.

That was January 2002. And what did Microsoft do after these disasters? Did they scramble and fix the problem? No, they spread more FUD, and more FUD and still more FUD. Up to this day. And the big news sites sat up and barked happily along when Microsoft issued another boring, FUD-ridden press release instead of doing what they should be doing and do some proper research of their own.

We've come full circle here. In the next and final part of this series I'll be delving in the dark, murky dungeons of Windows backdoors. Don't believe they are there? I'd be most surprised if they weren't there and so will you.