This was an interesting column, published at the holiday season back in 2003. I’ll add in updates/commentary in italics in-line with the original text. Hope that’s clear!
The new year is always a good time to be thankful. In the US, we’ve got our political liberties, even if it’s easy to ignore the political aspects of free software and just assume that someone will always be willing to write it.
The biggest free software story this year was SCO’s legal crusade against Linux. The company formerly known as Caldera (as in “Caldera Linux”) now claims that somewhere within the Linux kernel is code improperly taken from the original UNIX kernel, which SCO owns. Which code? They won’t say. SCO is using the legal system to spread FUD and extort license fees from nervous Linux users.
I was surprised to discover that the SCO Group was still maintaining a website, because I’d thought they’d been ground into dust after their disastrous string of losing legal battles. Here’s the Wikipedia SCO Group entry, where you can read all the gory details; the bottom line is, Linux won, SCO lost.
Microsoft sure is an interesting company. How can software selling for hundreds of dollars in the US be sold profitably elsewhere for $40? That’s what happened when Thailand announced a $250 “people’s PC” running Linux. Windows and Office could have tripled the price tag, so what a pleasant surprise when Microsoft announced it would deliver Thai versions $40! Golly, I can’t wait for those discounts to make it here to the States!
Which reminds me of the recent “we’ll show you ours” sessions that Microsoft has been holding for Chinese experts to examine Windows source code. China is the world’s biggest undeveloped market, a hotbed of intellectual property piracy–and a growing center of free software use and development. Is China checking out Microsoft’s goodies to make sure there are no CIA backdoors, or to make sure they can put their own backdoors in?
This is so quaint: no one cares any more about Windows backdoors, but the government still would like to get a backdoor into the Internet. In Government Seeks Back Door Into All Our Communications, Seth Schoen writes about last week’s NY Times story about “a Federal government plan to put government-mandated back doors in all communications systems, including all encryption software.” at CommonDreams.org
According to the CIA World Factbook, Chinese per capita GDP in 2002 was about $4,400. I predict that in 2004 Microsoft will discover it can sell Chinese versions of Windows and Office for under $40 too.
In a widely reported story from 2007, Bill Gates was reported to have announced that a Windows/Office bundle for students would be sold in China for approximately $3; here’s one report: Microsoft Takes On Digital Divide with $3 Windows-Office Bundle. Those deals have yet to make it to the US, though.
Security and proprietary code may mix, but not well. Speaking out on how Windows-only networks represent a serious security threat cost respected security expert Daniel Geer his job when he co-authored the report “CyberInsecurity: The Cost of Monopoly“. Read the report; download and print it, just in case it disappears. Here’s the URL: http://www.ccianet.org/papers/cyberinsecurity.pdf. [NOTE: as predicted, that page is 404 and long gone, but the paper can be seen at Cryptome.org, at the link supplied].
To oversimplify, Geer et al state that a monoculture (e.g., the global network of Windows nodes) is susceptible to massive failure whenever a successful attack (e.g., NIMDA worm) is launched. In other words, if you’ve got nothing but sheep on a ranch the size of Texas, when anthrax breaks out you’re going to be neck-deep in a sea of dead sheep, which not only isn’t good for the sheep it’s bad for anyone within smelling distance of the ranch.
Microsoft is a big customer of Geer’s employer, @stake; Geer got the boot. Nice example, right? Geer is a star so he won’t be out of work long. But what if you’re Joe Sysadmin, are you going to risk it all to tell your boss that Windows-only is not just bad policy, it’s a huge security risk?
@stake was bought out by Symantec in 2004.
Finally, electronic voting. Since 2000, we discovered that it’s not just a matter of going to the polls on Election Day and pulling a lever, punching a card or marking a circle to have your vote count. Now the digital voting machine industry wants to sell us billions of dollars’ worth of “direct recording electronic” (DRV) voting systems (running Windows, of course!) that leave no auditable records, that use secret software to tally votes, and that can be tampered with undetectably.
This is a pretty sticky topic. Just Google “electronic voting problems” and you’ll see that these machines continue to cause problems all over the country and the world.
Surely it makes sense to give voters a printed receipt that they can check to verify their votes were cast–and recorded–properly. How much extra could it cost, and how much is it worth to us as citizens to know that our votes are tallied correctly? It makes business sense to keep track of every nickel, dime and dollar spent in a donut shop or drug store, which is why we get those nice printed receipts every time we buy anything. So why not when we vote? Whatever the cost, I’d consider it well spent, far more so than
In fact, there has been ongoing support for open source software development of open source digital voting systems. You can find out more at The Open Source Digital Voting Foundation (OSDV).
