tag:blogger.com,1999:blog-37798047.post7571198324300192992..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: The Sins of the FSFDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-37798047.post-38653566572932825972009-08-27T23:02:18.632-04:002009-08-27T23:02:18.632-04:00You say that Microsoft's paid lobbying and Fre...You say that Microsoft's paid lobbying and Free Software's volunteer efforts are the same thing?<br /><br />LOL<br /><br />BTW, One Laptop Per Child and Sugar Labs are challenging Windows on the desktop. Contrary to the FSF's claims, Microsoft has not taken over or corrupted the project, nor has it succeeded in getting Windows on the OLPC XO into classrooms except where MS paid for everything.Edwardhttps://www.blogger.com/profile/06633859604713690091noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-2062046128501595762009-08-27T14:49:53.831-04:002009-08-27T14:49:53.831-04:00There are a lot of standards that make reality wor...<b>There are a lot of standards that make reality work properly. For example, housing standards make house safer and cheaper to build. Also, tou should look at the networking stack.</b><br /><br />You make the same mistake as the FSF, equating criticism of a standards group with criticism of standards themselves. That is the problem with standards groups: they hold themselves above criticism.<br /><br /><b>Without standards such as TCP/IP, you couldn't even post your blog.</b><br /><br />If the ISO standards process worked, I would be using the official ISO standards to post this blog (the "Open Systems Interconnect" standards or "OSI").<br /><br /><b>Yes, standards have become politicized as of late which is too bad. But that doesn't mean that all standards or the people who propose them are ignorant or bad.</b><br /><br />Nobody learns TCP/IP history. Standards have always been politicized, there is nothing special "of late". That's why the TCP/IP way of standardization is better than the ISO way: it's better at cutting through politics and dumb people.<br /><br /><b>I think you need to review your facts about items like ASLR.</b><br /><br />I doubt Microsoft invented any of the techniques they use; I would readily concede that all of them appeared as prototypes in Linux first. What makes Windows different is that they make these features work in practical shipping systems. NX shipped in XP SP2 before it shipped in Linux distros like Ubuntu. ASLR shipped in Vista before it shipped in Ubuntu.<br /><br />Most importantly, most open-source projects still do not follow "secure development" like Microsoft does.<br /><br />I'm not saying Windows is more secure than Linux. Security is about tradeoffs, and Windows chooses different tradeoffs (indeed, different Linux distros choose different tradeoffs). My point was simply that Windows has no inherent security weakness compared to Linux.<br /><br /><b>please cite your source</b><br /><br />Even citing sources, it's still conjecture. It's just that every market you look at besides the desktop, Microsoft is not the leader.<br /><br />This link talks about Linux vs. Windows share in the embedded market. Since embedded computers vastly outnumber desktops, but itself this should mean that more computers ship with Linux than Windows:<br />http://www.linuxfordevices.com/c/a/Linux-For-Devices-Articles/Snapshot-of-the-embedded-Linux-market-April-2007/<br /><br />This NetCraft survey of web servers shows Apache ahead of Microsoft:<br />www.netcraft.com/survey/<br /><br />This graph shows Windows mobile has 13% market share:<br />http://lowendmac.com/inews/09inews/inews0327/smartphone-os.gif<br /><br />It competes against iPhone (BSD-based), Palm's webOS (Linux-based), Android (Linux-based), Hiptop/Sidekick (BSD-based), and Symbian (soon-to-be-open-sourced).<br /><br />This blog estimates Microsoft shipped 200-million Windows licenses per year:<br />http://lowendmac.com/inews/09inews/inews0327/smartphone-os.gif<br /><br />This article claims that 3-billion ARM CPUs ship per year:<br />http://www.itexaminer.com/arm-talks-about-powerful-small-cpugpu.aspx<br /><br />Anywhere you look, the only place Microsoft dominates is the desktop.Robert Grahamhttps://www.blogger.com/profile/09879238874208877740noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-61430624943511468312009-08-27T09:49:47.615-04:002009-08-27T09:49:47.615-04:00I agree that the FSF "7 Sins" article is...I agree that the FSF "7 Sins" article is just a bad idea. It makes the FSF look petty. Kind of like a petulant child having a temper tantrum. However, your article isn't much better when it comes to the facts.<br /> <br />You seem to think that standards are put together by people who don't know anything about reality. There are a lot of standards that make reality work properly. For example, housing standards make house safer and cheaper to build. Also, tou should look at the networking stack. Without standards such as TCP/IP, you couldn't even post your blog. Yes, standards have become politicized as of late which is too bad. But that doesn't mean that all standards or the people who propose them are ignorant or bad.<br /><br />I think you need to review your facts about items like ASLR. Microsoft did not invent ASLR - the PaX project did created it (http://netsecurity.about.com/od/quicktips/qt/whatisaslr.htm). Linux has had a patch for ASLR since 2001 and was accepted into the mainline kernel as of June 2005.<br /><br />One final note. When you state something as fact such as "More computers ship with Linux (a "free" operating system) than Windows", please cite your source. Otherwise it it is just conjecture.Mikehttps://www.blogger.com/profile/14604925136774674156noreply@blogger.com