Slashdot Log In
Microsoft vs. Slashdot Update
from the headaches-and-more-headaches dept.
But, sadly, I can't really tell you much more right now than "we're still working on it" for two reasons:
- We're exploring a lot of angles and doing a lot of research, and in order to maintain attorney-client privilege we must keep all discussions with our lawyer *extremely* private.
- Microsoft's legal people (obviously) read Slashdot.
Meanwhile, Andover.net's management has been totally supportive. Our President, Bruce Twickler, deserves special thanks for his staunch backing and general coolheadedness. And our VP of Corporate Communications, Janet Holian, has done an excellent job of getting information out to other media while letting us work (comparatively) undisturbed.
There are also rays of light from the other end. I've gotten a small but steady trickle of e-mailed support messages from Microsoft workers who are embarrassed by their employer's actions both in rudely extending Kerberos and their attempt to "publish" their proprietary Kerberos extensions while still trying to keep them hidden behind a non-disclosure agreement.
Please bear in mind that many Microsoft employees are perfectly nice people. For all we know, the nice people at Microsoft may yet persuade the not-so-nice ones that there are times when it's better to work with others to establish industry-wide standards than it is to act as if the freedom to innovate belongs only to Microsoft.
(Special message to nice Microsoft people: Here's a quote you may wish to call to your bosses' attention:"...Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments." If they ask where you got these words, please refer them to this Microsoft.com page.)
Anyway, once again, please accept my personal apology for not being able to share more information with you right now. This is an uncomfortable situation for everyone involved, and we hope that Microsoft chooses to give this story a happy ending as soon as possible.
- Robin "roblimo" Miller
Well Said (Score:5)
An important consideration (Score:3)
Why's that? Because if I was in charge of a major computer company found guilty of hostile, dominating abuse of the computer market, and if my major critic had gone public with a legal notice they would probably ignore, and if that same critic had suffered a devastating DDOS attack shortly afterwards, I'd want to get some distance between myself and them.
Microsoft's amazing and eerie silence is suspicious. In the DVD case, the MPAA has placed web page upon web page, documenting their argument and why they should win. In the DOJ case, Microsoft did the same. In the Slashdot case? ...Nothing.
This isn't natural for a major corporation. Corporations thrive on publicity, Microsoft more than most. Trampling their enemies into the ground should be good for a few column inches, or at least a headline on MSNBC. At the very least, some kind of official dissociation with the DDOS, lest suspicions be raised.
But, no. That Slashdot has lawyers involved in the DDOS case (at least, that's how I would interpret the article) reinforces my suspicion that there is a string possibility that the attack COULD have come from Microsoft or a subsidury. Probably not on direct orders - too easily traced - but more likely by an unspoken agreement and suitable compensation or, at the very least, a blind eye and some accidental deletions from the system logs.
In short, Slashdot might never make it to court. If I'm not just being paranoid & overly imaginative, Microsoft may have turned militant. And that may spell trouble. An organisation with more loose change than the US Government has reserves is a tough opponent at the best of times. If it has decided to play rough and turn to dirtier tactics, we could see some "leaning" on Slashdot's provider, "accidents" causing cable breaks, or other unfortunate events.
(I'm glad Microsoft isn't an Israeli company. Otherwise, I'd advise CT and Rob to avoid anyone carrying an umbrella, for a while. Some tactics are definitely dirtier than others.)
As for a "distributed" Slashdot, that might not be such a bad idea. If all the databases could be kept in sync, with delays Since the Slash code is now open, I'm going to have a sit-down to see if I can think how this could be done. I'm sure others will be, too. The sooner load-balancing exists, regardless, the better. It'll keep equiptment costs down, and allow CT to make use of older servers, rather than having to retire them.
Re:I hope Microsoft sues you fools (Score:3)
Don't web surf much, do you?
There are tens of millions of web sites out there, most of which have much lower quality, smaller audiences, and less content than Slashdot.
Oh... but you didn't mean "worst" == "lowest quality", did you? You mean "worst" == "most thousands of readers who think you trolls are childish idiots, and tell you so."
Anyone want to speculate what damages Microsoft will ask for?
Sure: Slashdot will remove the one or two posts that were verbatim copies of the pseudo-kerberos spec, will stand firm on the rest, and Microsoft will back down rather than incur more horrible PR.
Wow, you guys lost a lot of money in the past few months eh?
No, they didn't. Anyone with any sense knew that the RHAT, LNUX, and ANDN stock prices were a bubble, and sold what they could at the top of the bubble to fad speculators. As for those principal shareholders who couldn't sell without losing control of the company, their stock prices are still trading higher than their first indicated IPO price.
Microsoft is valued at 100 times you losers.
And by emotionally attaching yourself to their financial success you somehow shield your ego from your own personal and social failures?
That's just my theory; otherwise I don't see how that sentence was relevant. In theory the judge doesn't ask both parties how much their market value is before making a decision.
MSFT could aquire LNUX 100 times over if they wanted to but they dont.
No, they couldn't. They could afford to acquire LNUX, and could make a private offer the same way they tried to buy linux.com. They could not acquire VA Linux for the same reason they couldn't acquire linux.com: because the owners wouldn't sell to Microsoft.
BECAUSE LINUX SUCKS AND SO DOES SLASHDOT!
I know in my heart that you're just trolling and trying to bait people like me... but part of me fears you're serious. If so, I would suggest that you step away from the computer, and attempt a long period of social interaction. Try to make a friend, or even a girlfriend (but don't tell her that you are a "troll" or that your name is "Dr Kool"). Try to avoid screaming angrily about things that don't concern you, and instead avoid things like "Linux" that seem to be stress factors for you. You'll be happier, and live longer.
Oh, and if you moderate this down, it will be proof that you nazis are trying to stop the flow of information.
You seem to be unclear on the concept of "moderation", the English language, or both. First of all, you continue to use the pronoun "you" even though the audience you are apparantly addressing has changed from the Slashdot employees to the moderators (current moderators? all past moderators? do you understand the difference?). Secondly, you seem to be unaware that "moderating down" a post does not stop any information; even posts moderated to -1, or even those that the Slashdot employees have moderated lower in the past, are still accessable by anyone who desires to read them. Ironically, that universal accessibility is what Microsoft wants to prevent, not Slashdot.
I really hope some trained psychologist takes a look through Slashdot archives someday. There are a plethora of angry, immature individuals like yourself here with a long record of antisocial behavior that is analogous to the real juvenile delinquency increasing around the nation.
But enough feeding the trolls. I suspect you've already been moderated down as you should have been (and as I probably should be, unless "Funny" or "Insightful" cancels out "Offtopic"), and nobody will ever read this. There's just something about that combination of stupidity and arrogance that tweaks a nerve in me.
Re:Just in Case (Score:3)
--
Re:Net Worth of the 'Honchos' is of little concern (Score:5)
How does Microsoft keep them there? Stock options, mostly. The pay is decent, but the main draw is a chunk of the company that is always going up.
What happens when the stock is wounded? People leave. As simple as that. There are tons of other companies out there who would love to have Microsoft's talent (and yes, even though they make a lot of shitty products, the engineers are usually not to blame in the end). By wounding their stock price, you deal a blow far greater than a perceived drop in faith in Microsoft's stock.
- Jeff A. Campbell
- VelociNews (http://www.velocinews.com [velocinews.com])
All Funny Quotes from the same section... (Score:5)
There are several answers. First, as you've already seen, Kerberos provides several features that aren't available in NTLM. Delegation and mutual authentication are both available with Kerberos, but neither is possible with NTLM today. Also, Kerberos is typically faster than NTLM, since each NTLM client authentication requires a server to contact a domain controller. In Kerberos, by contrast, a client can supply the same ticket over and over, and the server can use just that ticket to authenticate the user. There's no need for the server to contact a domain controller each time a user needs to be authenticated. And finally, Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments.
Any way you look it, Kerberos qualifies as progress. It's nice to see this powerful, secure, but long-neglected protocol move into the limelight. After years of languishing in relative obscurity, Kerberos is about to go mainstream.
This is from the above referenced URL at http://www.microsoft.com/msj/defaulttop.asp?page=
Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments.
Actually, from what I've seen, The Microsoft 'version' of Kerberos doesn't allow interoperability "between" Microsoft and other vendors....it only allows operability from Microsoft OUT to other vendors, and not IN. (This was plugged into their crappy 'enhancements' to Kerberos.)
After years of languishing in relative obscurity, Kerberos is about to go mainstream.
What? There are two points to be made here. 1.) Kerberos was never really in obscurity. It was a widely used protocol, and was CREATED for the purpose of authentication. NTLM was a piece of crap, and Microsoft admits that now. 2.) Because Kerberos is being woven into Windows, THAT makes it mainstream? Oh please, give me a break. What's funny, is that Microsoft states that "Any way you look at it, Kerberos qualifies as progress.", yet their implementation (If you can call it that) takes a step backward by locking out functionality. Progress? Nah...
-- Give him Head? Be a Beacon?
Re:Never answer email containing legal threats (Score:4)
Hopefully, in the meanwhile, someone will send them a few love letters!!!!
--
Here's my mirror [respublica.fr]
Misunderstanding (Score:3)
Now the spec was posted ONCE on slashdot, along with several posts explaining a standard way of opening self-extracting exe's. MS demands the removal of the copyrighted post, as well as the ones explaining how to open the exe and some that only refer to legal consequences of the spec's release.
Now slashdot must decide what to do. If it removes the copyrighted post but not the others it could lose any claim to common carrier status, thus making it legally responsible for anything posted. If it removes the other posts it would open the floodgates for other companies to have any post removed that they don't like.
Trade secrets are meant to protect companies from employees giving away internal documents or signing an NDA and then blabbing. It does not stop reverse engineering. MS has tried to manipulate a trade secret into a patent: "We'll tell everyone about it but not let anyone implement it!" It doesn't work that way. Trade secrets must be vigorously guarded to remain trade secrets. It is getting a bit fuzzy with the Internet because judges don't want people stealing secrets and posting it on a newsgroup in order to instantly invalidate the trade secret status, although that did happen in a Scientology case.
For corporate apologists out there, MS's EULA is fundamentally different than the GPL. The GPL gives the licensee certain rights & responsibilities regarding redistribution of a work. MS's EULA tries to stop you from discussing the facts of the contents. Copyright only covers a specific expression. I could rewrite a book, copying the plot, and it would be legal. The GPL doesn't stop you from discussing the algorithms contained, or even from implementing said algorithms. MS tried to overstep copyright law and trade secret law, and now it's getting what it deserves.
If I was MS I would have just sat on the spec and not released it at all. The small clamor was nothing like this and it would have died down. I think the Samba guys are skilled enough to reverse engineer without MS's document.
Thanks for reading, I could go on a bit about the DMCA and IP law, but I won't.
Re:Amazing that Microsoft is STILL trying... (Score:3)
Oh yes they do, if their use of the field and non-disclosure of relevant technical details could be seen as part of an illegal product tie, or an attempt by a monopoly to extend its monopoly into a new market, or a strategem motivated more by a wish to harm competition rather than to benefit customers.
Yes, it's against the spirit of cooperation...
It's against more than that: it's also against ethics, against the interests of their customers, against the interests of consumers in general and finally, against the law (my opinion).
--
Re:Never answer email containing legal threats (Score:3)
I agree, at least in general principle.
> But Roblimo could have bought himself a couple days to cool heads at Slashdot and talk to the lawyers
Someone in another thread suggested that
Actually, I think the
Frankly, I think
I suspect that Jeremy and the other domain gurus who so often show up here at precisely the right moment do not spend all their time browsing
It's the internet, and not least the sites like
As I hope to do with my new
--
Re:Amazing that Microsoft is STILL trying... (Score:5)
I suspect that, among other motives, MS is hoping to establish a precedent for "clickwrap" to be a valid mechanism for a binding NDA, in addition to being a mere EULA.
--
Semi-dirty tricks to consider (Score:5)
Even thought Slashdot/Andover is obviously on the side of right here, you may well lose a long and protracted legal battle. Andover IPO money is great, but Microsoft has misplaced more cash than that. Lawyers cost money and good lawyers cost a LOT of money.
My suggestion- kick them in the PR department. MS has been hit with a tsunami of bad press lately with DOJ rulings, security holes, and general bastardness. Reporters would love to follow those stories up with "Microsoft subverts standards and strongarms little guys". What Roblimo and the crew need to do is run to every media outlet that will listen to them. Also, strike while the iron is hot. The top of the list needs to be The Wall Street Journal. If Monday's front page includes a story about this situation, it would be very damaging. If one mutual fund manager reads about this and says to himself "These are the actions of a company grasping at straws to keep themselves on top of an industry" and sells a ton of MSFT, it's going to put a dent into the net worth of every honcho in Redmond.
Bottom line: Roblimo needs to make this into a battle that Microsoft has no interest in continuing.
Keep fighting the good fight.
-B
Human Organization. (Score:4)
It's an interesting question, actually as to whether you should do that or not. On the one hand, a lot of the people there have only a small responsibility for what there doing, unfortunately, that is still a small responsibility. Vilifying an entire organization may be an overstep, but on the other hand it isn't.
The reason is that people in the organization do the same thing. Everyone in Microsoft can say, "I'm not responsible, I'm just doing a little, I'm just following directions" A person in an evil organization feels no guilt, no one there does. So the organization itself doesn't.
Take as example Nazi Germany (not that I'm comparing M$ to The Nazi party, or BillG to Hitler). Everyone there was able to slug off personal responsibility for there actions, it was the organization, not them. But in the end, their efforts led to the death of millions of people. Similarly, everyone at M$ must have some culpability. Ether that, or no one does, and the organization can continue to operate without a conscious.
Everyone at microsoft bares some responsiblity for this, wether they agree with it or not.
Re:An important consideration (Score:3)
This isn't natural for a major corporation. Corporations thrive on publicity, Microsoft more than most. Trampling their enemies into the ground should be good for a few column inches, or at least a headline on MSNBC. At the very least, some kind of official dissociation with the DDOS, lest suspicions be raised.
Sorry, but your paranoia is showing... First, corporations thrive on GOOD publicity. There's an old adage that there's no such thing as bad publicity, but in MS's case and at the present time, it just ain't true. So far, MS has done amazingly well in the court of public opinion. They've managed to keep the majority of the public unaware of their dirty tricks & by playing themselves up as the victim, they've come up on top. Now, this story comes out & they're the obvious bad guy. They're scared.
Second, this is all fresh. Did the MPAA have their website up the day the first legal papers were sent? Of course not. They publicly responded, but only after allowing enough time to figure out what they're official, public stance would be. MS sent the threat because they assumed that
As far as the DDoS, MS probably never will comment. Why should their PR flacks waste their time on such absurd notions. (Even if they did perpetate it, which I personally doubt, as far as they're concerned it remains an absurd notion until there's evidence to the contrary.)
Re:Microsoft Stock Controlled by Small Faction... (Score:3)
Re:All Funny Quotes from the same section... (Score:3)
That's one thing, as a semi-tangent, that bothers me about all the sniping about the 'freedom to innovate' nonsense. The marketeers are trying to get people to believe that New Is Good, without realizing that Old Is Proven. High tech stuff moves at a fast pace, yes, but a reliable old standard (like, say, TCP/IP) doesn't really have a shelf life. The fact that MS is adopting this 'old' standard is an implicit acceptance of that fact. Like Bruce Schnier [sp?] writes in his Crypto-gram newsletter, cryptography is damned hard to do by yourself in isolation; it's far better to go with open, tested protocols & standards rather than in-house. Yip all you want about your "innovations", but foisting off the Next Big Thing isn't nearly as useful to the world as coming up with open, tested, and useful tools.
Yet Once Again, Microsoft is moving forward here, but they're doing it on the backs of those that have gone before them. I'd hardly call that innovative behavior.
Never answer email containing legal threats (Score:3)
Moreover, how can you know that an email is really from somebody in someone's legal department? Just because they say so? How many Slashdotter's know how to forge an email so that it looks like it came from a M$ lawyer?
My advice is: Set up your email client so that it does not honor requests for receipts, at least not automatically; and if you receive a legal threat by email, delete it securely, using something like the PGP wipe feature, and forget about it. Of course, you might be tempted to save a copy, but if you're ever asked about that under oath, you'll have to admit you have it and produce it, or risk an obstruction charge. Proceed at your own risk.
(I suppose you are obstructing if you claim never to have received the mail, but if you're really careful about secure deletion, such a charge can never be proved.)
If your antagonists really want to sue you that badly, they'll get around to certified snail mail soon enough. But let 'em sweat it out waiting for a reply and wondering what the hell's taking so long.
To be sure, Slashdot's confrontation with M$ would have proceeded on the dead tree medium sooner or later, and the exchange of paper wouldn't have changed very much about the essential issues. But Roblimo could have bought himself a couple days to cool heads at Slashdot and talk to the lawyers, while the M$ lawyers would have been essentially idle, sitting expectantly in front of their Outlook clients and gradually losing their patience.
Re:What is M$ goal? (Score:3)
Well, that's the conspiricy theory in a nutshell. The fact that Samba team members signed the original posting [slashdot.org] that made it clear they had at least read the EULA makes it that much more plausable,
Like most conspiricy theories, this one gathers seemingly contradictory facts together in a framework that seems to resolve the contradictions. The punchline of this theory is that Microsoft has devised a fiendishly clever plan to legally sabotage one of the leading open source projects in order to ensure the hegemony of Windows. It goes without saying that this coda plays well with the
Over the past several days I've had a chance to read more about this melodrama and think a bit about what I've read. One thing in particular bothers me about the tidy theory of Microsoft's evil machinations. As a earlier comment in this thread [slashdot.org] points out, Microsoft is not assured of prevailing in any court case that might result from this brouhaha. This would surely have occured to a nameless evil redmondian puppet master smart enough to predict the reaction to the "release" of the Kerberos extensions. What's at stake for Microsoft if it loses a court case over this issue? Control of the Kerberos extensions that the whole conspiricy was supposed to ensure.
On the other hand, the comments of nice Microsoft employee #1 [slashdot.org] and nice Microsoft employee #2 [slashdot.org] ring true with my experience of large organizations. They tend to work at cross-purposes and to speak with more than one voice. Now, I am not a Microsoft lackey, and I personally hope the antitrust case gets fast-tracked to the Supreme Court where every iota of the USDOJ's proposed remedies gets implemented. Nonetheless, I now think something like the following scenario may be closer to the truth:
Both theories are speculative, and ultimatly irrelevant to
"Even if you are on the right track, you'll
get run over if you just sit there." Will Rogers
Copyright *is* a free speech issue (Score:5)
With strict copyright laws, congress is indirectly legislating censorship of the people. By strengthening copyright, companies are able to use legal means to censor anyone they wish, be it other companies, competitors, or consumers. While congress wasn't actively attempting to legislate censorship, inadvertantly they have, to the advantage of corporations who it can now be argued are agents of the government.
That last statement might seem a little strange, so bear with me. It is in the best interests of the government for its companies to do well, to strengthen the economy and keep it strong. They are essentially employing the companies to remain profitable, which they do by censoring others using copyright laws.
Anyway, I'm not against intellectual property; what I *AM* against is congress' obsession with 'protecting' the rights of corporations regardless of the consequences on people's rights. I don't have a problem with copyright per se, but excessive protection of intellectual property is in my opinion unconstitutional: laws passed for a purpose that is not censorhip, and inadvertantly cause censorhip, *are* unconstitutional. The courts have ruled this way before. Government mandated "ratings" on speech are a form of censorship, and aren't tolerated, so it shouldn't be much of a stretch to say government delegated protections on property that promote censorhip are too unconstitutional.
Re:Stuff that copyright up YOUR ASS (Score:4)
So anything that is distributed for free can automatically be redistributed? This would mean that it would be possible to record a TV show and then rebroadcast it yourself. This would mean that you can copy articles from your local free weekly newspaper and put them on the Internet at will. This would, essentially, be a complete perversion of the copyright system and would encourage people to charge money for things (if they didn't, they wouldn't get copyright protection).
Re:Amazing that Microsoft is STILL trying... (Score:5)
The Kerberos spec includes empty fields for vendor use. Microsoft used one of these fields; they have no obligation to make info on their use of it public. Yes, it's against the spirit of cooperation, but did you honestly think that Microsoft was a believer in cooperation? I don't think that it's a good or smart move by Microsoft, but in comparison it's not all that evil. It's similar to taking BSD-licensed software and releasing a proprietary modified binary of it. Not great, but not satanic.
Anyway, whether or not what Microsoft did is compatible with open-source ideals has nothing to do with reproducing it illegally. If I believe in open source and get my hands on the MS Office source code, I can't distribute the source code openly. Or, conversely, if I believe in closed source, I can't sell binary-only copies of modified GPL software.
Re:Semi-dirty tricks to consider (Score:3)
"When I'm singing a ballad and a pair of underwear lands on my head, I hate that. It really kills the mood."
What is M$ goal? (Score:5)
Amazing that Microsoft is STILL trying... (Score:5)
I have to admit, I also wonder about the intelligence involved in putting up confidential material on the Web and then getting their knickers in a twist when it's spilled to the masses. Besides, this is basic 'trade secret' law. If you don't want it on the front page of the Sunday paper, DON'T put it on the Web, encrypted or not! If this was really a 'trade secret' (as opposed to simple 'intellectual property'), then don't they have the responsibility not to hang it out in the wind for all and sundry? Seems to me, they were setting themselves up for this one.
--TC
Copyright may not apply (Score:4)
Think long and hard. Does the Microsoft "extension" to Kerberos merit such coverage?
Does a change to an open, public standard which benefits only its pervertor, merit any protection whatsoever by this clause? If not, does any power which Congress has under the Constitution enable such protection? Do the laws even apply?
I'm not a lawyer, but I'd love to see an answer from one :-)