Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Microsoft vs. Slashdot Update 411

I spent some of yesterday and part of today (Saturday) on the phone with our law firm's intellectual property specialist dicussing Microsoft's attempt to get us to remove reader posts about Kerberos. We're lucky to have a lawyer who "gets it." We're also lucky to have gotten some very favorable press about all of this.

But, sadly, I can't really tell you much more right now than "we're still working on it" for two reasons:

  • We're exploring a lot of angles and doing a lot of research, and in order to maintain attorney-client privilege we must keep all discussions with our lawyer *extremely* private.
  • Microsoft's legal people (obviously) read Slashdot.
I have scanned every single reader post on this subject, and some of them have contained *very* helpful suggestions. It hurts me not to be able to share more, especially with those of you who have given us useful advice.

Meanwhile,'s management has been totally supportive. Our President, Bruce Twickler, deserves special thanks for his staunch backing and general coolheadedness. And our VP of Corporate Communications, Janet Holian, has done an excellent job of getting information out to other media while letting us work (comparatively) undisturbed.

There are also rays of light from the other end. I've gotten a small but steady trickle of e-mailed support messages from Microsoft workers who are embarrassed by their employer's actions both in rudely extending Kerberos and their attempt to "publish" their proprietary Kerberos extensions while still trying to keep them hidden behind a non-disclosure agreement.

Please bear in mind that many Microsoft employees are perfectly nice people. For all we know, the nice people at Microsoft may yet persuade the not-so-nice ones that there are times when it's better to work with others to establish industry-wide standards than it is to act as if the freedom to innovate belongs only to Microsoft.

(Special message to nice Microsoft people: Here's a quote you may wish to call to your bosses' attention:
"...Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments." If they ask where you got these words, please refer them to this page.)

Anyway, once again, please accept my personal apology for not being able to share more information with you right now. This is an uncomfortable situation for everyone involved, and we hope that Microsoft chooses to give this story a happy ending as soon as possible.

- Robin "roblimo" Miller

This discussion has been archived. No new comments can be posted.

Microsoft vs. Slashdot Update

Comments Filter:
  • How about taking a publicly available protocol (Kerberos) designed for multi-vendor inter-operability (and was developed with the help of U.S. taxpayer dollars), adding a tiny extension to Kerberos and calling on the same government whose taxpayers helped pay for its development to punish anyone who has the nerve to reverse-engineer and use it without shelling out big bucks for a Win2000 server license? Do you think that's OK?

    I was ambivalent about breaking up M$, but after learning more details about the Kerberos fiasco, I'm leaning in favor of breaking up M$ into tiny little bits.
  • by Anonymous Coward on Saturday May 13, 2000 @12:26PM (#1074676)
    It is often easier to villify an entire organization and all those associated with it rather than take the time to reason out the inner divisions that most likely exist. Thank you for acknowledging those that are trying to take the empire down from the inside :)
  • > By being the company with the most power in its market,
    > it has no choice but to exercise that power

    Oh puh-LEEZE. Having power does not mean you have to use it. Else we'd all be radioactive dust -- both the United States and the Soviet Union had the power to nuke us all until we glowed in the dark, and never used it.

    Presumably the powers that be at Microsoft are human beings. (Unless Microsoft Research has in fact created an AI that is simulating the Bill'n'Balmer show for us!). If they are human beings, then they possess free will. If they possess free will, then they have a choice as to whether they use what power they possess. To say that they do not is to put human beings into the same class as sheep dogs, who are victims of their genetics (they have no choice as to whether they will herd sheep -- put a city-bred sheep dog into a pasture full of sheep, and he will herd them!).

    Frankly, I have no respect for those who claim that they're not responsible for their own actions because "something else made me do it". I have no respect for the murderer who claims "my abusive mom and dad made me do it", and I have no respect for corporate executives who claim that acting ethically is not an option because "the corporate environment doesn't work like that." Are you a human being? Or are you a sheep dog? Sheesh.


  • Yes, Microsoft employees are propogandized by their employer and generally believe their employer's bullshit about "Microsoft innovation" and "our job is to change the world". In that respect, Microsoft is like a Borg collective, whose members all share a common belief in the general rightness of what they are doing. But as for the working conditions part...from everything I've been told by former Microsoft employees, the working conditions are generally pretty reasonable. As you'd expect, since most of Microsoft's full-time employees (as vs. the PermaTemps) are now in their thirties -- yeah, they were hired right out of college, but that was 10 years ago!


  • Was that really a copyright issue though? Can the US government even own a copyright? I may be wrong on this, but I thought the government wasn't allowed to hold copyright on anything. They're allowed to have secrets, but that's a different issue than copyright.

  • >taking on Microsoft and perhaps Microsoft miscalculated that VA mgmt
    >would cave and pull the posts rather than risk an expensive and
    >disruptive legal battle.

    This is exactly what most likely happened. Remember when Mircosoft basically went around stealing the WWW addresses of Windows users web pages? Since nearly all these guys caved in to Mircosoft, Microsoft most likely thought they could pull similar stunts on the non-microsoft user base.
  • by jd ( 1658 ) <> on Saturday May 13, 2000 @06:05PM (#1074698) Homepage Journal
    The more that's posted on the Microsoft attitude, the less that's said about the DDOS attack, and the less Microsoft talks about either, the more sure I am that Microsoft employees either perpetrated the attack or were otherwise involved in it.

    Why's that? Because if I was in charge of a major computer company found guilty of hostile, dominating abuse of the computer market, and if my major critic had gone public with a legal notice they would probably ignore, and if that same critic had suffered a devastating DDOS attack shortly afterwards, I'd want to get some distance between myself and them.

    Microsoft's amazing and eerie silence is suspicious. In the DVD case, the MPAA has placed web page upon web page, documenting their argument and why they should win. In the DOJ case, Microsoft did the same. In the Slashdot case? ...Nothing.

    This isn't natural for a major corporation. Corporations thrive on publicity, Microsoft more than most. Trampling their enemies into the ground should be good for a few column inches, or at least a headline on MSNBC. At the very least, some kind of official dissociation with the DDOS, lest suspicions be raised.

    But, no. That Slashdot has lawyers involved in the DDOS case (at least, that's how I would interpret the article) reinforces my suspicion that there is a string possibility that the attack COULD have come from Microsoft or a subsidury. Probably not on direct orders - too easily traced - but more likely by an unspoken agreement and suitable compensation or, at the very least, a blind eye and some accidental deletions from the system logs.

    In short, Slashdot might never make it to court. If I'm not just being paranoid & overly imaginative, Microsoft may have turned militant. And that may spell trouble. An organisation with more loose change than the US Government has reserves is a tough opponent at the best of times. If it has decided to play rough and turn to dirtier tactics, we could see some "leaning" on Slashdot's provider, "accidents" causing cable breaks, or other unfortunate events.

    (I'm glad Microsoft isn't an Israeli company. Otherwise, I'd advise CT and Rob to avoid anyone carrying an umbrella, for a while. Some tactics are definitely dirtier than others.)

    As for a "distributed" Slashdot, that might not be such a bad idea. If all the databases could be kept in sync, with delays Since the Slash code is now open, I'm going to have a sit-down to see if I can think how this could be done. I'm sure others will be, too. The sooner load-balancing exists, regardless, the better. It'll keep equiptment costs down, and allow CT to make use of older servers, rather than having to retire them.

  • Thanks, Robin, for being so steafastly honest with us. I am amazed at the whole Andover crew for handling this fiasco in such a calm and thoughful way. Don't feel bad for not being able to divulge more details of your legal deliberations; we understand the sensitivity of the situations, and we trust that you will reveal them as soon as you can. Since Andover bought Slashdot, its behavior and yours behavior have never led us to believe otherwise.

    Another thing: I can't speak for the rest of Slashdot's readership, but I won't fault you if you back down from this legal challenge. What Microsoft is doing is reprehensible, but Microsoft's actions will not be the subject of this trial. The subject will be copyright violation by Andover, and I don't think the courts will be sympathetic. It would be far better to settle in this case, and then sue Microsoft for this hypocritical attempt to strangle open standards, than to bring up all those issues on the defensive. I hope you can find legal grounds to do the former.

    Good luck. Are greatest hopes are with you. Just please don't do anything rash; don't go down in a flame of glory. We want Slashdot to be around for a long, long time, and we don't want to see VA in financial trouble for funding this legal battle. Slashdot is of more use as a living advocate than as a dead martyr.

    Well, there are my words of advice (legally uninformed, I'm afraid) and encouragement. I figure you can use all the encouragement you can get. Good luck. I trust you to do the right thing.

    Vovida, OS VoIP
    Beer recipe: free! #Source
    Cold pints: $2 #Product

  • It appears as though the editors of slashdot feel that license agreements in general are ridiculous.

    I assume this also includes the GPL.
  • I can remember when none of this mattered in the old slashdot days, when you said what you wanted when you wanted. Now lawyers are involved and the whole works, it's a lot different.

    Scott Miga
  • With that maturity, I doubt it. Let's grow up.

    Scott Miga
  • Microsoft may have been masters of spin in the past, but the past has caught up with them. Nowadays you can't look at an online news site without seeing details of Microsoft's dirty tricks and shabby dealings. Microsoft's PR ability stemmed from their control of the market and their ability to destroy anyone who slighted them. In the wake of the antitrust case, it's going to be hard for anybody to trust a word of what Microsoft says.

    Look at the press on this incident so far; most, if not all, of it recognises what a thuggish dirty trick this is. There is very little sympathy left for Microsoft.
  • The other arguments, while sound under current law, would probably never stand up to a constitutional challenge. Considering how valuable DMCA coverage is to MS, I doubt they would ever do to much to risk a real challenge to it.

    Though, if it came to that, there'd be a lot of other parties joining forces with Microsoft. Our old friends the MPAA and RIAA, to name two, would definitely want to defend the DMCA. You might even see bitter enemies of Microsoft from the software industry putting their differences aside and join the effort.
  • I think what you're quoting is patent law, not copyright law. The two are quite different.
  • by Genom ( 3868 )
    AFAIK, noone "censors" OOG -- unless you're calling peer-moderation censorship (which it's not). You can still see all posts by setting your threshold lower.

    I could be wrong.

  • Slashdot is the worst pile of a web site I have ever seen.

    Don't web surf much, do you?

    There are tens of millions of web sites out there, most of which have much lower quality, smaller audiences, and less content than Slashdot.

    Oh... but you didn't mean "worst" == "lowest quality", did you? You mean "worst" == "most thousands of readers who think you trolls are childish idiots, and tell you so."

    Anyone want to speculate what damages Microsoft will ask for?

    Sure: Slashdot will remove the one or two posts that were verbatim copies of the pseudo-kerberos spec, will stand firm on the rest, and Microsoft will back down rather than incur more horrible PR.

    Wow, you guys lost a lot of money in the past few months eh?

    No, they didn't. Anyone with any sense knew that the RHAT, LNUX, and ANDN stock prices were a bubble, and sold what they could at the top of the bubble to fad speculators. As for those principal shareholders who couldn't sell without losing control of the company, their stock prices are still trading higher than their first indicated IPO price.

    Microsoft is valued at 100 times you losers.

    And by emotionally attaching yourself to their financial success you somehow shield your ego from your own personal and social failures?

    That's just my theory; otherwise I don't see how that sentence was relevant. In theory the judge doesn't ask both parties how much their market value is before making a decision.

    MSFT could aquire LNUX 100 times over if they wanted to but they dont.

    No, they couldn't. They could afford to acquire LNUX, and could make a private offer the same way they tried to buy They could not acquire VA Linux for the same reason they couldn't acquire because the owners wouldn't sell to Microsoft.


    I know in my heart that you're just trolling and trying to bait people like me... but part of me fears you're serious. If so, I would suggest that you step away from the computer, and attempt a long period of social interaction. Try to make a friend, or even a girlfriend (but don't tell her that you are a "troll" or that your name is "Dr Kool"). Try to avoid screaming angrily about things that don't concern you, and instead avoid things like "Linux" that seem to be stress factors for you. You'll be happier, and live longer.

    Oh, and if you moderate this down, it will be proof that you nazis are trying to stop the flow of information.

    You seem to be unclear on the concept of "moderation", the English language, or both. First of all, you continue to use the pronoun "you" even though the audience you are apparantly addressing has changed from the Slashdot employees to the moderators (current moderators? all past moderators? do you understand the difference?). Secondly, you seem to be unaware that "moderating down" a post does not stop any information; even posts moderated to -1, or even those that the Slashdot employees have moderated lower in the past, are still accessable by anyone who desires to read them. Ironically, that universal accessibility is what Microsoft wants to prevent, not Slashdot.

    I really hope some trained psychologist takes a look through Slashdot archives someday. There are a plethora of angry, immature individuals like yourself here with a long record of antisocial behavior that is analogous to the real juvenile delinquency increasing around the nation.

    But enough feeding the trolls. I suspect you've already been moderated down as you should have been (and as I probably should be, unless "Funny" or "Insightful" cancels out "Offtopic"), and nobody will ever read this. There's just something about that combination of stupidity and arrogance that tweaks a nerve in me.
  • by drix ( 4602 ) on Saturday May 13, 2000 @01:23PM (#1074716) Homepage
    Freenet [] is what you want...

  • Look at it this way. What is Microsoft's greatest asset other than its brand? Its people. The engineers who work there.

    How does Microsoft keep them there? Stock options, mostly. The pay is decent, but the main draw is a chunk of the company that is always going up.

    What happens when the stock is wounded? People leave. As simple as that. There are tons of other companies out there who would love to have Microsoft's talent (and yes, even though they make a lot of shitty products, the engineers are usually not to blame in the end). By wounding their stock price, you deal a blow far greater than a perceived drop in faith in Microsoft's stock.

    - Jeff A. Campbell
    - VelociNews ( [])
  • > If it removes the copyrighted post but not the
    others it could lose any claim to common carrier status, thus making it legally responsible for anything posted.

    I keep seeing this meme, and I disagree with it.

    I'm reasonably familiar with the terms of Cubby v. Compuserve, and Stratton-Oakmont v. Prodigy, the two cases usually cited in this vein, and I don't believe that either of them could be used as precedent in an action against Slashdot for removing the posting of MS' copyrighted data.

    "Responding to a court order" != "exercising editorial control", which was the issue on point in those two cases. Even more importantly, neither of those cases made it past district court, so while notice of them might be taken by a judge in the West, they are not controlling precedent, anyway.

    Oh, and one other thing: it is my understanding that to claim trade secret status for information, you have to take *vigorous steps* to protect them, like signed contracts with the people you release them to. The click-through license Microsoft used, especially since it is so easily circumventable, almost certainly would not qualify.

    That's what I think, but maybe it's just me.

    So many things are just me [].

    -- jra
  • Maybe the answer is for a few people to read the spec, remember it, and write a new version *in their own words*. This wouldn't violate Microsoft's copyright (AFAIK; IANAL) and I don't imagine it would be possible for MS to get it banned on the grounds of being a 'trade secret'.

    If somebody who has never seen Microsoft's original document nor even read the EULA they imposed on it wrote an extension to Samba (or whatever) to handle the new protocols, that would be a clean-room implementation and I imagine they'd be in the clear legally.
  • Thanks for actually looking into standing up to them - most people have neither the resources, will, or wherewithall to do so. Secondly, I agree completely - Microsoft by and far consists of computer geeks, just like us. It is management you must be wary of.

    Third, should slashdot decide the odds are legally against them on this and back down, I won't fault you for it - you gave it a good, hard look. Last, while you are fighting censorship against you, don't forget that it is a two-sided sword - do not censor people here on slashdot, lest ye be considered hypocritical.

  • by Accipiter ( 8228 ) on Saturday May 13, 2000 @12:42PM (#1074728)
    There's one last point about Kerberos that's worth addressing: why did Microsoft bother with it? In previous versions of Windows NT, network authentication was handled by NTLM. Why make a change? How is Kerberos better than NTLM?

    There are several answers. First, as you've already seen, Kerberos provides several features that aren't available in NTLM. Delegation and mutual authentication are both available with Kerberos, but neither is possible with NTLM today. Also, Kerberos is typically faster than NTLM, since each NTLM client authentication requires a server to contact a domain controller. In Kerberos, by contrast, a client can supply the same ticket over and over, and the server can use just that ticket to authenticate the user. There's no need for the server to contact a domain controller each time a user needs to be authenticated. And finally, Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments.

    Any way you look it, Kerberos qualifies as progress. It's nice to see this powerful, secure, but long-neglected protocol move into the limelight. After years of languishing in relative obscurity, Kerberos is about to go mainstream.

    This is from the above referenced URL at msj/0899/kerberos/kerberostop.htm. [] Let's take a look, shall we?

    Kerberos is a multivendor standard, so it allows secure interoperability and the potential for single sign-on between the Microsoft world and other vendor environments.

    Actually, from what I've seen, The Microsoft 'version' of Kerberos doesn't allow interoperability "between" Microsoft and other only allows operability from Microsoft OUT to other vendors, and not IN. (This was plugged into their crappy 'enhancements' to Kerberos.)

    After years of languishing in relative obscurity, Kerberos is about to go mainstream.

    What? There are two points to be made here. 1.) Kerberos was never really in obscurity. It was a widely used protocol, and was CREATED for the purpose of authentication. NTLM was a piece of crap, and Microsoft admits that now. 2.) Because Kerberos is being woven into Windows, THAT makes it mainstream? Oh please, give me a break. What's funny, is that Microsoft states that "Any way you look at it, Kerberos qualifies as progress.", yet their implementation (If you can call it that) takes a step backward by locking out functionality. Progress? Nah...

    -- Give him Head? Be a Beacon?

  • It's probably more accurate to say that the government is an agent of the companies. Certainly, using dollars to buy votes is the most effective way to win elections in America, so money is power over politics, and the only entities able to give virtually unlimited monies to candidates are corporate bodies or the interest groups funded by them.

    Incidentally, anyone who doesn't like the above paragraph can help change its truth value by

    • always voting
    • rejecting any overmarketed candidate out of hand as corrupt (inasmuch as this is possible)
    • educating oneself on issues from mainstream, niche and foreign media as well as direct evidence -- IOW, not blindly trusting the media machine run by the same people who back candidates.

    Ever the rabble-rowser...

  • Slashdot has also been the recipient of multiple DDoS attacks in the last few days. THis is the main reason for the problems.
  • Do you relaize that only a very few of allll of the comments posted have anything to do with the full code for the specification?? eveything else is simply in regards to it, or how to get it...

    And that is the scary part, because to even think of forcing the removal of content like that is a broad overinterpretation fo the DMCA and a blatant attack on free speach.

    Read the comments they listed.. then see if you feel the same.
  • Richard Stallman had some good things to say about copyrights in general in the May issue of Technogloy Reveiw.

    The article is on page 32 title Freedom - or Copyright?

    Some good quotes:

    "Once upon a time, in the age of the printing press, an industrial regulation was established for the business of writing and publishing. It was called copyright. Copyright's purpose was to encourage the publication of a diversity of written works. Copyrights method was to make publishers get permission from authors to reprint recent writings."

    Times have changed, and now copyright is the bludgening tool used by large corporations to control information in a way most profitable and advantageous to them. Microsoft has taken this to an art.

    With new powers to enforce and further restrict users of copyrioghted works and not the intedned publishers of copyright we are now entering a new era of repression and control by these large greedy entities.

    Take a deep breath and look at the changes over the last 100 years or so.. Microsoft is undeniably abusing the DMCA and copyright to prevent the dissemination of information they would prefer to keep secret for technical advantage over competitors.


    This should not be tolerated, and the DMCA should be challenged, perhaps even to the supreme court, as it has proven to be the most powerful threat to freedom in recent years...

    just my 0.02$
  • Amen brother! I cant beleive microsoft would censor their 'extensions' to kerberos and encroach on such a standard protocol and attempt to censor with legal abuses.

    Uh.. That is what you meant, right?
  • To be sure, Slashdot's confrontation with M$ would have proceeded on the dead tree medium sooner or later, and the exchange of paper wouldn't have changed very much about the essential issues. But Roblimo could have bought himself a couple days to cool heads at Slashdot and talk to the lawyers, while the M$ lawyers would have been essentially idle, sitting expectantly in front of their Outlook clients and gradually losing their patience.

    Hopefully, in the meanwhile, someone will send them a few love letters!!!!

    Here's my mirror []

  • by FigWig ( 10981 ) on Saturday May 13, 2000 @03:07PM (#1074738) Homepage
    There seems to be a lot of misunderstanding on this topic on both sides. I've read responses on several weblogs and many Here's my take on what happened: MS makes a legal change to a publicly useable standard. MS clients can log in using standard Kerberos servers, but standard clients cannot get MS authentification. People get pissed and accuse MS of monopolistic practices. MS gets a ton of heat from press and public, so it decides to release the spec, but as a trade secret. Anyone with a clue about what a trade secret is would have to suspect that either MS's lawyers are incompetent, or they were trying to taint the field so no one could legally implement MS's version without breaking the law. I believe IBM did the same with the PC BIOS standard and Compaq looked long and hard to find untainted engineers.

    Now the spec was posted ONCE on slashdot, along with several posts explaining a standard way of opening self-extracting exe's. MS demands the removal of the copyrighted post, as well as the ones explaining how to open the exe and some that only refer to legal consequences of the spec's release.

    Now slashdot must decide what to do. If it removes the copyrighted post but not the others it could lose any claim to common carrier status, thus making it legally responsible for anything posted. If it removes the other posts it would open the floodgates for other companies to have any post removed that they don't like.

    Trade secrets are meant to protect companies from employees giving away internal documents or signing an NDA and then blabbing. It does not stop reverse engineering. MS has tried to manipulate a trade secret into a patent: "We'll tell everyone about it but not let anyone implement it!" It doesn't work that way. Trade secrets must be vigorously guarded to remain trade secrets. It is getting a bit fuzzy with the Internet because judges don't want people stealing secrets and posting it on a newsgroup in order to instantly invalidate the trade secret status, although that did happen in a Scientology case.

    For corporate apologists out there, MS's EULA is fundamentally different than the GPL. The GPL gives the licensee certain rights & responsibilities regarding redistribution of a work. MS's EULA tries to stop you from discussing the facts of the contents. Copyright only covers a specific expression. I could rewrite a book, copying the plot, and it would be legal. The GPL doesn't stop you from discussing the algorithms contained, or even from implementing said algorithms. MS tried to overstep copyright law and trade secret law, and now it's getting what it deserves.

    If I was MS I would have just sat on the spec and not released it at all. The small clamor was nothing like this and it would have died down. I think the Samba guys are skilled enough to reverse engineer without MS's document.

    Thanks for reading, I could go on a bit about the DMCA and IP law, but I won't.
  • Your reasoning about intellectual property is wrong in the sense that without the state, or to be more precise, without the law there is no such thing as property period.

    I think you misunderstood the original comment. In the post to which you reply the poster said that without the state there would be no such thing as intellectual property. In a completely lawless society you could still guard your plot of land, your chache of food (or weapons) and thus maintain it as your property. No such possiblity exists within the realm of ideas or thought, nor should it.

    I agree with some of what you say, but must express both disdain and lack of empathy with respect to your ability, grudging or otherwise, to admire those policy makers at MS and elsewhere who pervert the law and the democratic institutions of our country in order to establish their own little feifdoms. These people are mounting an active assault on nearly all of our basic rights, and doing so quite successfully. In so doing they are tearing at the basic fiber and social contract which holds our society and our democratic institutions together. This threatens all of us, whether or not we have a particular interest in the subject at hand (Microsoft's unwarrent attempt to silence criticism on slashdot).

    I would go further and offer another point with respect intellectual property priveleges: Just as communism could not flurish in a world of scarcity, so to will capitalism fail in a world of natural abundance (which is a perfect description of both the intellectual and digital worlds). I suspect that ongoing attempts to extend the capitalist paradigm beyond its functional parameters and create synthetic scarcity at the point of a gun in areas such as ideas and digital information will result in laws and public policy which will make communist Russia appear liberal in comparison. It is an ugly future, and we are sprinting in its direction with nary a critical thought.

    To feel anything other than the greatest contempt and antithapy for those who actively orchastrate such trends in this direction is IMHO both appalling and indefensible.
  • "Responding to a court order" != "exercising editorial control", which was the issue on point in those two cases.

    This is very true. However, a threatening letter from Microsoft Legal Thugs does not equal a court order either. For this reason, it is critical that slashdot not remove any posts until and unless so ordered by a court of law! Contrary to Microsoft's opinion of itself, it is not a court of law. Such power still resides, for the moment, in the Judicial, not the Corporate, branch of government.
  • Bill Gates has often dismissed his wealth, calling it infinite in practical terms since he'd never be able to spend it all... While I think Microsoft or any other company needs to be taken back a notch whenever the company transgresses the larger good, I do not think that stock price is a good target.

    What you're forgetting is that Bill Gates no longer holds an absolute majority of Microsoft shares - in fact he's dropped down to somewhere around 15%. This would make it quite easy for an organized group of irate shareholders to remove him. That might be a very wise thing to do from the point of view of preserving shareholder value, since Bill is obviously doing his level best to drive the company into the ground right now, with a monumental set of strategic, legal, and public relations blunders. So, yes, the value of Microsoft's stock does matter a lot to people how are in a position to take effective action, and for this reason anything that hurts the stock price hurts Bill Gates too.

    Let's face it - who is the real bad actor here? It's not Microsoft per se - it's Bill himself, and a small cabal of top managers. How many here would be prepared to bury the hatchet if Bill and his henchmen were really-gone, and not just pretend-gone?
  • It's not (most of the time) our managers who do nasty things like send out cease-and-desist letters or require massive EULAs. It's the lawyers...

    Bill Neukom is a top executive at Microsoft. Bill Gate's dad is a lawyer, and I could swear Bill Gates thinks he's a lawyer from the way he acts. These are the guys that are doing the damage.
  • "Oh yes they do, if their use of the field and non-disclosure of relevant technical details... "

    Well, yes, the DOJ may force them to release it. But that's a special case; exempting direct government involvement under the Sherman Act, what they've done is not illegal.

    Illegal is illegal, whether the government takes specific action or not. You're confusing "illegal" with "getting caught".
  • by SurfsUp ( 11523 ) on Saturday May 13, 2000 @05:52PM (#1074745)
    The Kerberos spec includes empty fields for vendor use. Microsoft used one of these fields; they have no obligation to make info on their use of it public.

    Oh yes they do, if their use of the field and non-disclosure of relevant technical details could be seen as part of an illegal product tie, or an attempt by a monopoly to extend its monopoly into a new market, or a strategem motivated more by a wish to harm competition rather than to benefit customers.

    Yes, it's against the spirit of cooperation...

    It's against more than that: it's also against ethics, against the interests of their customers, against the interests of consumers in general and finally, against the law (my opinion).
  • It's worth fighting because before the DMCA, only a Court could go around ordering people to remove stuff.

    Before the DMCA, the worst-case scenario would be that MS would take /. to court and force them to remove the posts.

    The whole *point* of copyright law is to protect the financial interests of the owner. If I write a book, only I am have a *right* to profit off of it. MicroSoft isn't selling their specs, they're giving them away. Nor is /. charging to view the comments. Neither side is losing any money over this. Before the DMCA, a Court (and only a Court) could have ordered the posts removed, and only after due process. Now, thanks to the DMCA, /. can be held financially liable and is presumed guilty simply because MS said so.

    I think /. should fight this in court. They should expect to lose and have to remove the copyrighted material (but not the links or WinZip suggestions), but they also stand a chance to strike down the DMCA and its chilling effects on freedom of speech and perversion of burden of proof.
  • Nice conspiricy theory, but referencing the "Samba" comment (#86), was just a screw-up on the MS Lawyer's part. Comment #87 [] had the full text of the MS document.

    Standard disclaimer, but I don't think a judge would throw out the case because of a minor error like that.
  • I'm sure some of you aren't browsing at -1, but this AC brings up a very good point:

    "...I strongly support the idea of moderators not being able to see who posted a message. Imagine the difference that would occur if moderators moderated based soley on the content of a post."

    This is how moderation should occur. That way people get fair moderation, no bitchslappings will occur, and life is generally made a lot better for everyone.

    Please take the time to consider this. Thank you.

  • Earlier today, when I had trouble with accessing slashdot, I killed my cookie and remade it... Fixed my problems...
  • I'm sorry about your stock prices, but you knew the risk when you signed up with that marketing and litigation company that occationally puts out poor software on the side.

    Cheer up, man. It'll get better. I'm sure your company will get through this PR nightmare it created.


  • Microsoft says that it is using Kerberos, which is a PUBLISHED standard - open. By nature, an Open Standard means that your implementation works with my implementation - if not, somethings not open. Thus:

    1. As an implementation of an open standard, thier Kerberos will work with anyone elses standard implementation. Since they've called it Kerberos, if it doesn't work, we can do what's necessary to fix it, no?

    2. If this is not the case, then it's not really Kerberos, and Microsoft has all those packages of Win2k out there with little white lies on them - grounds for charging them with false or misleading advertising.

    Either way, they're sunk. They should just shut up, submit thier extentions to the IEEE, and move on.
    They should also take an anti-arrogance course. Putzes.
  • by Black Parrot ( 19622 ) on Saturday May 13, 2000 @06:05PM (#1074768)
    > I've always felt very strongly about this: Sending any kind of legal communication over an insecure medium such as email is intolerable, and there is no reason at all for the receiver to acknowledge its existence

    I agree, at least in general principle.

    > But Roblimo could have bought himself a couple days to cool heads at Slashdot and talk to the lawyers

    Someone in another thread suggested that /. should make a big PR issue out of it in hopes of kicking MS in the yarbles.

    Actually, I think the /. crew and their advisors probably figured that out the first day. Their post of the exchange was probably a sincere attempt at the "open source legal defence" we have discussed here before, but it was undoubtedly also a PR move. And it seems to be working very well, to the extent that the geek nation is up in arms over it and several mainstream tech sites have also been covering it, and not always with a spin that puts MS in a good light. (Even if they don't support /. on the copyright issues, they can hardly avoid mentioning what a crock MS's extension and packaging of the information was.)

    Frankly, I think /. has done incalculable harm to MS over the past couple of years. Every move MS makes, every statement they make to justify themselves, is ripped to shreds here, and the media are watching. Gone are the days when you could publish rigged benchmarketing, lie in your press releases, claim 'innovation' for recycling an ancient idea, or deliberately break a protocol, and hope that none but the elite of the technical elite would know about it. Now that EotTE only has to come here and make a single explanatory post, and the whole world finds out about the mendacity. The paid-by-advertising print media are no longer the gatekeepers of the truth.

    I suspect that Jeremy and the other domain gurus who so often show up here at precisely the right moment do not spend all their time browsing /.. Rather, they are probably running ripper scripts that alert them when their domain of expertise comes up for discussion on /., and when it does, they zoom in "like yellowjackets on dog exhaust" to dispel the bullshit and send the MS spin itself spinning out of control in unplanned directions. (Figure 1: Insert image of Dizzy Darth spinning away in his fighter.)

    It's the internet, and not least the sites like /., that have changed MS from being the master of FUD and the god of PR into a bumbling oaf that alternates between stepping in it and shooting off the stinky foot. The media has, by and large, turned against them, and you, cousins, deserve part of the credit. Every time your MS-niggling post gets moderated up to (Score: 5, Funny), you've pushed another pin in.

    As I hope to do with my new .sig:
  • by Black Parrot ( 19622 ) on Saturday May 13, 2000 @05:36PM (#1074769)
    > I have to admit, I also wonder about the intelligence involved in putting up confidential material on the Web and then getting their knickers in a twist when it's spilled to the masses.

    I suspect that, among other motives, MS is hoping to establish a precedent for "clickwrap" to be a valid mechanism for a binding NDA, in addition to being a mere EULA.

  • by Ralph Wiggam ( 22354 ) on Saturday May 13, 2000 @12:44PM (#1074771) Homepage
    I know I'm probably not the first person to think of this, but I want to post it anyway:

    Even thought Slashdot/Andover is obviously on the side of right here, you may well lose a long and protracted legal battle. Andover IPO money is great, but Microsoft has misplaced more cash than that. Lawyers cost money and good lawyers cost a LOT of money.

    My suggestion- kick them in the PR department. MS has been hit with a tsunami of bad press lately with DOJ rulings, security holes, and general bastardness. Reporters would love to follow those stories up with "Microsoft subverts standards and strongarms little guys". What Roblimo and the crew need to do is run to every media outlet that will listen to them. Also, strike while the iron is hot. The top of the list needs to be The Wall Street Journal. If Monday's front page includes a story about this situation, it would be very damaging. If one mutual fund manager reads about this and says to himself "These are the actions of a company grasping at straws to keep themselves on top of an industry" and sells a ton of MSFT, it's going to put a dent into the net worth of every honcho in Redmond.
    Bottom line: Roblimo needs to make this into a battle that Microsoft has no interest in continuing.

    Keep fighting the good fight.

  • by Dacta ( 24628 )

    I can't understand why MS is doing this. Lets assume the the most likely scenerio happens, and Slashdot is forced to remove the actual copyrighted material but is allowed to keep the "How to get the specs without seeing the licence agreement" posts.

    What has MS achieved? Copyright isn't like a trademark - it can't be dilluted by not defending it (At least, I don't think so).

    Unless this really is an anti-SAMBA thing, I can't see why MS would do this. The SAMBA consipiracy theory (for those who haven't heard it) goes, briefly: MS make the specs freely available, but forbid implementation from them. Then, even if the SAMBA team implements the MS Kerboes protocol, they can't prove that it was clean room reverse-engineered because the specs were so freely available.

    If this theory is correct (which I'm not sure I believe), then we must consider the possibility that agents of MS posted at least some of those posts. They would have known the the SAMBA team would have read it. Of course, it would have been much simpler to post the specs anonymously on the SAMBA mailing list saying somethign like "I'm a k00l hacker who got these specs from MS". The they could have claimed that all the SAMBA team had seen the (illegaly obtained) specs and therefor could not clean-room reverse engineer them.

    No, I don't really believe this, but I honestly can't see any other even sligtly rational explaination for why MS would do this. All it is going to achieve for them is a lot of attention being focused on their "Embrace & Extend" policies, which I would not have thought they would want right now.

    If anyone else has any other rational explainations, please post them. (And no, I don't believe the "Their lawyers thought it was a good idea" story either.)

    Maybe it really is an "Anti Open-Source" tactic. Perhaps soon we will see those supposed "Hidden-API's" that IIS uses to perform so well posted with a similar licence, so the MS can guarantee that Apache will never be able to use them.

    I guess it could be called the old Poison Api-le trick. (Okay, it's not funny, but it would be a great headline, wouldn't it?)

  • The flipside is that sometimes the poster is relevant. For example, if we had another thread about Quake 1 GPL fun, a post from a genuine John Carmack explaining life would be worth rather more than one from me seeing how well I could start a rumour - not that I do such things, honest ;)

    Normally, moderation shouldn't be affected by the poster. But every now and then, it's relevant. I understand the sentiment but I'd rather see it reflected in moderator guidelines and pulled out more by M2.
  • by delmoi ( 26744 ) on Saturday May 13, 2000 @03:02PM (#1074778) Homepage
    It is often easier to vilify an entire organization and all those associated with it rather than take the time to reason out the inner divisions that most likely exist.

    It's an interesting question, actually as to whether you should do that or not. On the one hand, a lot of the people there have only a small responsibility for what there doing, unfortunately, that is still a small responsibility. Vilifying an entire organization may be an overstep, but on the other hand it isn't.

    The reason is that people in the organization do the same thing. Everyone in Microsoft can say, "I'm not responsible, I'm just doing a little, I'm just following directions" A person in an evil organization feels no guilt, no one there does. So the organization itself doesn't.

    Take as example Nazi Germany (not that I'm comparing M$ to The Nazi party, or BillG to Hitler). Everyone there was able to slug off personal responsibility for there actions, it was the organization, not them. But in the end, their efforts led to the death of millions of people. Similarly, everyone at M$ must have some culpability. Ether that, or no one does, and the organization can continue to operate without a conscious.

    Everyone at microsoft bares some responsiblity for this, wether they agree with it or not.
  • The Wall Street Journal is probably not going to criticize a big company, even in an unbiased news report. And the editorial staff, all arch-corporate conservative as it is, would NEVER print something even slightly suggested that the free market activity of a company would be wrong.
  • I more meant the editorial page. The bussiness news in WSJ is second to none.
  • by ibbey ( 27873 ) on Saturday May 13, 2000 @06:43PM (#1074783) Homepage
    Microsoft's amazing and eerie silence is suspicious. In the DVD case, the MPAA has placed web page upon web page, documenting their argument and why they should win. In the DOJ case, Microsoft did the same. In the Slashdot case? ...Nothing.

    This isn't natural for a major corporation. Corporations thrive on publicity, Microsoft more than most. Trampling their enemies into the ground should be good for a few column inches, or at least a headline on MSNBC. At the very least, some kind of official dissociation with the DDOS, lest suspicions be raised.

    Sorry, but your paranoia is showing... First, corporations thrive on GOOD publicity. There's an old adage that there's no such thing as bad publicity, but in MS's case and at the present time, it just ain't true. So far, MS has done amazingly well in the court of public opinion. They've managed to keep the majority of the public unaware of their dirty tricks & by playing themselves up as the victim, they've come up on top. Now, this story comes out & they're the obvious bad guy. They're scared.

    Second, this is all fresh. Did the MPAA have their website up the day the first legal papers were sent? Of course not. They publicly responded, but only after allowing enough time to figure out what they're official, public stance would be. MS sent the threat because they assumed that /. would be good little kids & remove the naughty posts. They assumed that they would immediately comply & that nothing further would be heard of it. Of course /. aren't little kids who can just be randomly threatened & immediately back down. In fact /. is a cocky brat with a big bankroll & he's just looking for a fight. (I mean that in a GOOD way!) MS probably will respond, but they need to confer with the lawyers, & since this happened late in the week, I realistically wouldn't have expected anything by now anyway.

    As far as the DDoS, MS probably never will comment. Why should their PR flacks waste their time on such absurd notions. (Even if they did perpetate it, which I personally doubt, as far as they're concerned it remains an absurd notion until there's evidence to the contrary.)
  • What is Godwins law?

    Hey Rob, Thanks for that tarball!
  • With regard to stock price, you are right. It wouldn't really matter to Bill Gates if MS' stock price dropped to $1.50 per share on Monday. He's got accountants diversifying his wealth, making sure that he won't go broke.

    Actually, it would matter. He wouldn't go broke, but think about it. If M$ goes to $1.50/share, somebody's going to scoop them up right quick, if only to dismantle them.

    I doubt that Bill Gates wants to be working for Microsoft, a subsidiary of IBM...

  • Windows scares me. Windows in the Navy scares me even more. Destroyers are fine, but I don't want to step foot on a minesweeper anymore. If it crashes, the Blue Screen of Death has sharks in it.
  • If so then I don't think this is the way to do it. MS have pitched this issue on plain copyright law, where they are (sorry everyone) squarely in the right. They wrote the Kerberos extensions spec, and they own the copyright. Anyone who makes unauthorised duplications is therefore in the wrong.

    On trade secret law their position is much less firm. A judge might allow their claim that something can be made public to anyone who bothers to look but still be called "secret", but I rather doubt it. Therefore this is not the place where the software industry is going to make a stand for UCITA. Too much risk of losing. If you want a test case you make it out of cast iron, with yourselves unambiguously in the role of goodies. Make it a software pirate with stacks of copied CDs in a police raid, and have the evidence for wrongdoing rest on a clickthrough license. Don't do a David vs Goliath act, because the judge is apt to side with David.


  • I suspect that, among other motives, MS is hoping to establish a precedent for "clickwrap" to be a valid mechanism for a binding NDA, in addition to being a mere EULA. Hardly likely. There are so many other, far less invidious, ways for Microsoft to accomplish this, and there is little question (and ample precedent) as to whether one can create a "binding NDA" merely by including a document indicating the matter is, in fact, a secret. There is ample precedent that a EULA is a binding agreement. If true, there would be no question under the contract law of most states that NDA-like provisions would be enforceable. Even if they were not enforceable as contracts, the trade secret law of most states (particularly those that follow the Restatement or the Uniform Trade Secret Act) do not require an agreement or even a written agreement to create enforceable obligations not to use or disclose. In short,
  • I understand your difficulty acknowledging contributions, and how this pains you. Post rating points, posted comments or email are obviously out.

    But maybe your lawyers will let you say "thank you" by dropping a some unexpected karma points on useful posters. I presume most of them are not AC's. AFAIK, only the poster sees karma when they go to their user page. I go there to check follow-ups to my posts.
  • It's the only thing she's ever used, so she takes the crashes as part of daily life on computers.
    In one breath, you say that you haven't seen a good explanation of why MS sucks...and in the next, you say this.

    I say you answered your own question.

    Yes, Microsoft does the job for an incredibly large number of people, and for them, it does it well. I've had to tell my mother far too many times, though, that the innumerable flukes on her computer are because "that's just the way it is" to give MS any respect.

  • On the copyright law: not necessarily, as the recent Linux Journal
    article argued. US law allows that free speech can override
    copyright. In the words of that article:

    • In U.S. law, it is a well-established tradition that the
      rights of copyright holders are not absolute, and that occasionally
      they must take a back seat to broader considerations of public
      welfare. This is precisely the line of thinking that holds the
      publishers of the Pentagon Papers, secret U.S. Defense Department
      papers regarding the Vietnam conflict, immune to prosecution under
      U.S. copyright law. Had the publication of the Pentagon Papers been
      suppressed, the U.S. presence in Vietnam may have been prolonged, and
      thousands more would have died in a war that, the Papers conceded,
      could not possibly be won.
  • I invoke Godwin -- you brought up the Nazis, this thread has officially died. Next! :)

    I mean yeah, it's tempting to compare an evil dictatorship to a greedy monopoly, but consider the scales here: hundreds of millions screwed on their desktops every day vs. perhaps 10 million dead in the Holocaust. It's a tempting analogy, but really isn't fair to compare much of anything to it, realistically...

  • I also liked how at the top of the article, he takes a snipe at NTLM -- words to the effect of "NT LAN Manager, giving you an idea how old that is", then a paragraph later talks about the 20 or so year history of Kerberos. Uhh... I'm not nearly as much of an expert in these matters as a lot of you are, but I thought NT was a product of the 90s -- nevermind that component of it -- and I thought the 90s came after the 80s. So -- what's the point he's making? Old is bad but older is good? I don't get it.

    That's one thing, as a semi-tangent, that bothers me about all the sniping about the 'freedom to innovate' nonsense. The marketeers are trying to get people to believe that New Is Good, without realizing that Old Is Proven. High tech stuff moves at a fast pace, yes, but a reliable old standard (like, say, TCP/IP) doesn't really have a shelf life. The fact that MS is adopting this 'old' standard is an implicit acceptance of that fact. Like Bruce Schnier [sp?] writes in his Crypto-gram newsletter, cryptography is damned hard to do by yourself in isolation; it's far better to go with open, tested protocols & standards rather than in-house. Yip all you want about your "innovations", but foisting off the Next Big Thing isn't nearly as useful to the world as coming up with open, tested, and useful tools.

    Yet Once Again, Microsoft is moving forward here, but they're doing it on the backs of those that have gone before them. I'd hardly call that innovative behavior.

  • This is really a side issue to much more important topic, but I've always felt very strongly about this: Sending any kind of legal communication over an insecure medium such as email is intolerable, and there is no reason at all for the receiver to acknowledge its existence. If you send an email, it may or may not arrive on the other end; how can you ever know that it hasn't fallen into the bit bucket? Only if the recipient sends a reply (and even then, you can't be sure if it was really from the recipient).

    Moreover, how can you know that an email is really from somebody in someone's legal department? Just because they say so? How many Slashdotter's know how to forge an email so that it looks like it came from a M$ lawyer?

    My advice is: Set up your email client so that it does not honor requests for receipts, at least not automatically; and if you receive a legal threat by email, delete it securely, using something like the PGP wipe feature, and forget about it. Of course, you might be tempted to save a copy, but if you're ever asked about that under oath, you'll have to admit you have it and produce it, or risk an obstruction charge. Proceed at your own risk.

    (I suppose you are obstructing if you claim never to have received the mail, but if you're really careful about secure deletion, such a charge can never be proved.)

    If your antagonists really want to sue you that badly, they'll get around to certified snail mail soon enough. But let 'em sweat it out waiting for a reply and wondering what the hell's taking so long.

    To be sure, Slashdot's confrontation with M$ would have proceeded on the dead tree medium sooner or later, and the exchange of paper wouldn't have changed very much about the essential issues. But Roblimo could have bought himself a couple days to cool heads at Slashdot and talk to the lawyers, while the M$ lawyers would have been essentially idle, sitting expectantly in front of their Outlook clients and gradually losing their patience.
  • by hbo ( 62590 ) on Sunday May 14, 2000 @12:06AM (#1074835) Homepage

    Well, that's the conspiricy theory in a nutshell. The fact that Samba team members signed the original posting [] that made it clear they had at least read the EULA makes it that much more plausable,

    Like most conspiricy theories, this one gathers seemingly contradictory facts together in a framework that seems to resolve the contradictions. The punchline of this theory is that Microsoft has devised a fiendishly clever plan to legally sabotage one of the leading open source projects in order to ensure the hegemony of Windows. It goes without saying that this coda plays well with the /. community. I endorsed this theory myself in my comment on the original story. []

    Over the past several days I've had a chance to read more about this melodrama and think a bit about what I've read. One thing in particular bothers me about the tidy theory of Microsoft's evil machinations. As a earlier comment in this thread [] points out, Microsoft is not assured of prevailing in any court case that might result from this brouhaha. This would surely have occured to a nameless evil redmondian puppet master smart enough to predict the reaction to the "release" of the Kerberos extensions. What's at stake for Microsoft if it loses a court case over this issue? Control of the Kerberos extensions that the whole conspiricy was supposed to ensure.

    On the other hand, the comments of nice Microsoft employee #1 [] and nice Microsoft employee #2 [] ring true with my experience of large organizations. They tend to work at cross-purposes and to speak with more than one voice. Now, I am not a Microsoft lackey, and I personally hope the antitrust case gets fast-tracked to the Supreme Court where every iota of the USDOJ's proposed remedies gets implemented. Nonetheless, I now think something like the following scenario may be closer to the truth:

    • Microsoft designs Kerberos extensions both to "embrace and extend" the protocol, and to make it work better in Win2K.
    • Microsoft catches heck from the community for designing proprietary extensions to an open protocol
    • Well meaning engineers, perhaps supported by PR people, push to publish the extensions.
    • Knee-jerk responses from the legal department and upper management result in the stupid "auto-EULA" packaging.
    • Nobody technical enough to understand how WinZip works is consulted in designing the packaging. Well meaning engineers aren't volunteering anything.

    Both theories are speculative, and ultimatly irrelevant to /.'s position in all this. I add my voice to the encouragement expressed by most to continue fighting Microsoft's heavy-handed attempts at censorship. Partly because of this issue, I donated $150.00 to the EFF. [] I encourage everyone with the means to click here [] to join this valuable organization.

    "Even if you are on the right track, you'll
    get run over if you just sit there." Will Rogers

  • You know the story.... IANAL

    This seems like a bad idea. Everyone should get themselves a copy, but do not post it! had a big enough problem right now dealing with Microsoft, and this might be taken as a hostile move if this goes to court. Let the lawyers work without outside complications. If MS wins, then it might be a good idea, although posting it on Slashdot could show a willful disregard for the ruling by the Judge. Maybe it could be posted to relevant news groups. Let's wait while professionals think this through, MS may still back down.

  • So apparently "nice" means "agree with everything I do and say." I've spent my time at Microsoft. I won't use the term "nice," since it apparently means something different to you than it does to me, but the people I worked with there were honest, hard-working, well-intentioned and good at what they did. They did not set policy. They honestly felt that what they were doing was good for Joe Computer User, good for the company, good for their families and good for themselves. None of the people I worked with had anything to do with the MS Kerberos authentication, but if they did, it probably never would have occurred to them that they were doing anything bad or even out of the ordinary. They just don't think the same way you do.

    As for your not working for Microsoft because you think they're Evil, good for you. I admire people who stand up for their principles. But please don't be too surprised if there are those who don't share your principles, don't live by them, and don't understand why you do.
  • I would agree that your rather silly post was insightful (some moderator thought so) if it weren't for the avoidance of truth:

    This isn't an issue about "software" its an issue about an implementation (via software, yes) of an <em>open protocol</em>. The open protocol in question is Kerberos. Feel free to visit the <a href=">IETF</a> and look up the RFCs on Kerberos.

    Because Microsoft made non-standard extensions to it, they have caused it to "not be Kerberos" as one poster so kindly said. They thus should either change the name to "NT authentication that looks a lot like Kerberos but isn't" or release the specs to their extension for free re-use, just like the spec they took 99% of in the first place.

    Yes, if Microsoft had invented this (like NT authentication), they would retain Copyright on it and I would agree to that. This is not the case.
  • I realize that Slashdot/Andover have a lot of legal issues here, and it is a position that I would hate to be in.

    However, if things work out it could lead to some very eye opening experiences.

    First off from a technical stand point. I am very excited that the Kerberos issue is now a public issue. I realize that there is a lot of smart people within Microsoft (I know a lot of nice MS people). There are also a lot of *evil* people that seem to get promoted and talk about their freedom to "innovate" (which up until now they have failed to do.

    The issue with Kerberos is important because they broke an *Open* standard and made the diff proprietary. It might be interesting to add a licensing clause to Open Standard licensing agreements, "if you break it, you must republish the diff and a reason why you wanted to break it". This would be a GPL clause for an Open Standard.

    The second is UCITA and the freedom of speech issue. Obviously if Microsoft wanted the freedom to innovate they would have published the diff to their changes to Kerberos so that we could help them improve the code and give them *public* feedback. But no. They would rather take away our freedoms so that they can maintain their monopoly based on the *old* rules.

    The other issue is that companies in general can just be really *thick* headed and need public exposure when they do stupid evil things. There are *nice* people within every company, fighting against the stupid/evil ones. I do this in my day job some times. This type of public information helps give the nice/smart ones ammunition against the evil ones.

    Anyway. In general I think that MS is an evil company and deserve everything they get.

    - burtonator
  • I'd be surprised if there is anymore PR over this other than the obligatory salon and wired articles, and a couple more I can't remember. Sorry but this will never make it into TWSJ, and if it did expcet a watered-down low on tech details article that is better off not being there.

    Unfortunatly, the public has this, "MS is evil, but what can you do" attitude and really doesn't care. I can't imagine a great amount of people getting up over arms about click-throughs and open standards. Expect andover to remove the initial post and be done with it.
  • I see two issues here.
    1. Microsoft owns the copyright on the single comment posted
    I agree that they should have the right to request that a web site take down the copyrighted material.
    2. Does Microsoft actually own the copyright on the document?
    I don't believe they have the right to copyright a slight modification of an industry standard protocall, especially when they limit functionality and don't extend it, and just handing it out on the web is not anyway to keep a trade secret.

    Now, by releasing the source in a "protected" form, they prevent any one from reverse-engineering it legally and have the option to prosecute when somebody comes out with a product that can hook into it, such as Samba.
    seems like a load of shit to me
  • by reptilian ( 75755 ) on Saturday May 13, 2000 @01:19PM (#1074852)
    I apologize if this doesn't sound very coherent, as I'm having a bad day.

    With strict copyright laws, congress is indirectly legislating censorship of the people. By strengthening copyright, companies are able to use legal means to censor anyone they wish, be it other companies, competitors, or consumers. While congress wasn't actively attempting to legislate censorship, inadvertantly they have, to the advantage of corporations who it can now be argued are agents of the government.

    That last statement might seem a little strange, so bear with me. It is in the best interests of the government for its companies to do well, to strengthen the economy and keep it strong. They are essentially employing the companies to remain profitable, which they do by censoring others using copyright laws.

    Anyway, I'm not against intellectual property; what I *AM* against is congress' obsession with 'protecting' the rights of corporations regardless of the consequences on people's rights. I don't have a problem with copyright per se, but excessive protection of intellectual property is in my opinion unconstitutional: laws passed for a purpose that is not censorhip, and inadvertantly cause censorhip, *are* unconstitutional. The courts have ruled this way before. Government mandated "ratings" on speech are a form of censorship, and aren't tolerated, so it shouldn't be much of a stretch to say government delegated protections on property that promote censorhip are too unconstitutional.
  • Even after all the hot water the boys in Redmond have been in recently, why do they STILL persist in engaging in various types of manipulation of questionable legality?

    Requesting that your copyrighted work isn't copied and posted all over a public forum without your permission is "manipulation of questionable legality"? Being banned from selling bootlegs of a movie outside the theater is "of questionable legality"?

    OK, asking that the posts about using Winzip to open the file be removed is questionable. But many of their claims make perfect sense.

  • by fougasse ( 79656 ) on Saturday May 13, 2000 @05:13PM (#1074862)
    That legalese bullshit is meaningless.

    So anything that is distributed for free can automatically be redistributed? This would mean that it would be possible to record a TV show and then rebroadcast it yourself. This would mean that you can copy articles from your local free weekly newspaper and put them on the Internet at will. This would, essentially, be a complete perversion of the copyright system and would encourage people to charge money for things (if they didn't, they wouldn't get copyright protection).

  • by fougasse ( 79656 ) on Saturday May 13, 2000 @02:02PM (#1074863)
    First, we're not dealing with reverse-engineering here. I'm not sure of the legality here, but it certainly should be legal. We're dealing with copying a copyrighted document.

    The Kerberos spec includes empty fields for vendor use. Microsoft used one of these fields; they have no obligation to make info on their use of it public. Yes, it's against the spirit of cooperation, but did you honestly think that Microsoft was a believer in cooperation? I don't think that it's a good or smart move by Microsoft, but in comparison it's not all that evil. It's similar to taking BSD-licensed software and releasing a proprietary modified binary of it. Not great, but not satanic.

    Anyway, whether or not what Microsoft did is compatible with open-source ideals has nothing to do with reproducing it illegally. If I believe in open source and get my hands on the MS Office source code, I can't distribute the source code openly. Or, conversely, if I believe in closed source, I can't sell binary-only copies of modified GPL software.

  • On behalf of all Slashdot readers, I wish you good luck, and I hope that you beat those a$$holes.

    If you lose, I'll boycott Microsoft for eternity. And, if you win... I think I will anyway. :)

    Please keep us updated!
  • by MattXVI ( 82494 ) on Saturday May 13, 2000 @04:20PM (#1074869) Homepage
    It's funny that you mention that, since the Wall Street Journal has been as critical of Microsoft recently as it has of the DOJ. The Wall Street Journal doesn't pull any punches when it comes to unfair business practices. What would be their motive, anyway? Mindless corporate ass-kissing certainly doesn't sell any papers. And Microsoft isn't always a poster child for the efficiency of free markets. The WSJ knows this, and seems perfectly fair in their coverage, at least to me.

    "When I'm singing a ballad and a pair of underwear lands on my head, I hate that. It really kills the mood."

  • by ras ( 84108 ) <> on Saturday May 13, 2000 @06:39PM (#1074873) Homepage
    When I first heard that Microsoft picked a fight with one of the most popular eZines I found it difficult to believe. The timing was odd, to say the least. But I came across two posts; one from The Register, and a slashdot comment then between made it all make sense. This is what The Register said:
    "The threat Microsoft perceives isn't from Kerberos itself, but from the progress achieved by the Samba developers. The latest goal for Samba's developers is to replace Windows servers as Primary Domain Controllers capable of serving Windows 2000 clients. Equally, Microsoft wants to make its Windows servers compulsory in a Kerberos environment where Windows 2000 clients are involved, and it sees an opportunity to leverage that client base."
    The slashdot comment said that one of original comments singled out by the lawyers could not of possibly violated anything. This is the original comment:
    "What happens to the people that implement it (ie. the Samba guys) even if they obtain the information without intentionally breaking the license. Are they exposing themselves to expensive litigation? Are they endangering the project?"
    The link between the two comments is Samba. One says Samba is the primary threat. The second ask what effect does all this have on Samba. I don't know, but I would dearly love to find out. My guess is that Microsoft is trying to stop Samba from emulating their version of Kerberos. They already know that it will be reverse engineered - so the question becomes how do you stop it. Simple. Publish the spec and say in your EULA:
    "the Specification is provided ... for the sole purpose of reviewing the Specification for security analysis ... Microsoft does not grant you any right to implement this Specification"
    Now any attempt at reverse engineering the protocol can be attacked by saying "you did not reverse engineer it - you used our spec which is in the public domain". This would be very difficult (read expensive) to defend. In short it allows them to use the DMCA as a weapon against Samba. Finally, you have to make sure the people at Samba, and indeed any body else who might have plans for reverse engineering it, are aware of what Microsoft has in store for them. This is not a trivial task as Microsoft lawyers don't usually spend their days mingling with free software types. Enter Slashdot. And I think we would all agree Slashdot has done a wonderful job for them so far.
  • Bill Gates has often dismissed his wealth, calling it infinite in practical terms since he'd never be able to spend it all. He also points out that it's only when you take these paper stock options and multiply it out, that you get this huge scary number. He could lose 80% of all his "net worth" tomorrow and still not have a change in his standard of living.

    While I think Microsoft or any other company needs to be taken back a notch whenever the company transgresses the larger good, I do not think that stock price is a good target.

    I've worked for several good companies. I've worked for several bad companies. I know that there are hundreds, thousands, even millions of people who are working, ethically, in companies of all flavors. Affecting their net worth by 80% downward means that ramen noodles and broth is for dinner.

    Everyone who invests knows that there's a time to leave a stock. If I thought that the majority of Microsoft was doing the wrong thing, I'd sell, not sell out. Those who invest their paychecks into their employers' ESPPs and 401k's, well, they want their company to succeed. "Roblimo" was right, there are a lot of very good people at Microsoft. They pay local taxes, they start non-profit organizations to support their communities, they spend NASDAQ:MSFT short-term and long-term capital gains on their fellow Seattlite and American friends and families.

    Lastly, many current advice-givers see NASDAQ:MSFT as a "buy," because it's got lots of products coming up, it's a political, financial and technical leader (whether you like it or not), and it's near its 52-week low.

  • Slashdot announces FBCN, the Freedom To Break Copyrights Network.

    It is a network of people and rich open source companies who are going to fight all common sense and insist that law is not law if it applies to anything related to software. Members have been overheard saying "free speech" and "first post".

    To quote from the FBCN website:

    "The FBCN is a non-partisan, grassroots network of citizens and businesses who have a stake in the success of breaking copyrights and the true way. The FBCN will help you stay up to date on critical developments in RMS law. Sign up for a free (as in speech not beer) e-newsletter, tell us your thoughts, take action and stay informed. It's how you can make a difference! Fight the law!"

    The FBCN can be found at
  • by Tailchaser ( 86476 ) on Saturday May 13, 2000 @12:34PM (#1074885)
    Even after all the hot water the boys in Redmond have been in recently, why do they STILL persist in engaging in various types of manipulation of questionable legality? One would think they would think twice and three times about any moves they would make at this point.

    I have to admit, I also wonder about the intelligence involved in putting up confidential material on the Web and then getting their knickers in a twist when it's spilled to the masses. Besides, this is basic 'trade secret' law. If you don't want it on the front page of the Sunday paper, DON'T put it on the Web, encrypted or not! If this was really a 'trade secret' (as opposed to simple 'intellectual property'), then don't they have the responsibility not to hang it out in the wind for all and sundry? Seems to me, they were setting themselves up for this one.

  • by friartux ( 89443 ) on Saturday May 13, 2000 @05:46PM (#1074892)
    [The Congress shall have power] To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries; -- United States Constitution, Article I, Section 8.

    Think long and hard. Does the Microsoft "extension" to Kerberos merit such coverage?

    Does a change to an open, public standard which benefits only its pervertor, merit any protection whatsoever by this clause? If not, does any power which Congress has under the Constitution enable such protection? Do the laws even apply?

    I'm not a lawyer, but I'd love to see an answer from one :-)

  • I used to take a very laissez-faire attitude towards MS, but this has changed my mind.

    It is now quite clear to me that the arrogance of this company knows absolutely no bounds, and deserves whatever it gets.


  • Anyway, whether or not what Microsoft did is compatible with open-source ideals has nothing to do with reproducing it illegally. If I believe in open source and get my hands on the MS Office source code, I can't distribute the source code openly. Or, conversely, if I believe in closed source, I can't sell binary-only copies of modified GPL software.

    Don't forget that they also wanted slashdot to remove some comments that just contained links or instructions. Those comments should be protected as free speech. As for the ones that actually posted the whole document, slashdot should not remove those unless ordered to do so by the courts.

  • by Nicholas Vining ( 104178 ) on Saturday May 13, 2000 @12:19PM (#1074915)
    A thought. You may wish to get in touch with the American Civil Liberties Union, if you haven't already; also, possibly the EFF. Both are excellent organizations who spend a lot of time dealing with this sort of stuff, and can also probably recommend additional routes and options (while you're thinking)

    We're all behind you, guys. Keep us posted.


  • O.K, i want people to understand whats happening before i see any more posts that state "The posts contained copyright information so Microsoft are right"

    Yes, some of the posts did contain information copied directly from the Microsoft document. This is wrong, it clearly violates copyright law. This is also not the problem.

    The list of posts Microsoft suplied included a number of posts that gave some simple instructions that basically said you could avoid the EULA by using a standard ZIP utility such as WinZIP. Other posts gave links to sites where the document could be downloaded without having to go throught the EULA.

    If you think real hard now, you can see that the posts that Microsoft are asking to be removed do not infringe on Microsofts copyright. The other posts are in fact covered by the freedom of speech and freedom of expresion. Microsoft have no right to challenge the legality of these posts.

    This is why Microsoft is so utterly morally wrong in it's request to censor Slashdot.
  • ... who complained when /. got bought by Andover, this should go to show you that it's not necessarily a bad thing. Had they not been, the resources most likely wouldn't be there to fight MS, and we'd probably have to just give in.

    Way to go, guys. Keep fighting this.

    -- Dr. Eldarion --
    It's not what it is, it's something else.
  • Can we please refrain from the "on behalf of all Slashdot readers" crap? I can't see how you can possibly think that you speak for all slashdot readers. You don't. I for one, think that there are a few of those posts that deserve to be taken down. If you'll refer back to the original story, another poster made the same assinine comment that he was speaking for all slashdot readers, and he got a number of responses assuring him that he wasn't. Making generalizations like you just did serves no purpose other than making you look like an ass.
  • by medicthree ( 125112 ) on Saturday May 13, 2000 @12:38PM (#1074939) Homepage
    Just so you know, it's no longer 'alleged.' He didn't give much info, but roblimo confirmed the rumors here [].
  • Which means, in effect, that the DMCA can be used to accidentally censor stuff that doesn't even pretend to violate it.

    There goes any pretense of "constitutionality" in that bill.

    (Here's a hint, Kongre$$: any bill prompted by a vocal minority lobby, and containing a four-letter acronym (COPA, DMCA), probably is gonna get thrown out by the Supreme Court. Know why? Because you're 535 of the country's most stupid, ignorant, greedy, hypocritical and unethical people, that's why!

    I suggest that we of the /. community look into exactly which legislators passed these despicable bills and do everything we can to prevent their re-election.

  • Your sig, "Plagiarism is necessary. Progress demands it.", is quite appropriate for this thread. Did you pick it out for this occasion or is it just a lucky coincidence? :)
  • by Gogl ( 125883 ) on Saturday May 13, 2000 @01:45PM (#1074945) Journal

    Well I'll tell you why they're still trying:

    Yes, it's true that us geeks and most other people who know much about computers have a relatively low opinion of Microsoft. Yes, we likely have the mass of evidence on our side, like the fact that MS products generally suck, and the fact that the only thing they've innovated in MS Bob (I've actually looked into that. MS-DOS was bought, Windows was stolen/copied, and before each of the MS Office programs there were already word processors, spreadsheeters, and presentation programs. Before IE was Netscape, etc...).

    But here's the problem: a lot of the world DOESN'T know or agree with all of this. You might ask why. Well here's why: we take the fact that Microsoft is so evil as such an obvious thing that we rant and rave about it, make all sorts of assumptions that may be largely true but are nonetheless assumptions. And whenever anybody other then our little group sees these rants, it discredits us rather then discrediting MS.

    I have been involved in this whole net and computer community thing for quite some time, and I have yet to seen a rational, sane explanation of why MS sucks. Honest to god. Period.

    I'll give you a case in point: I have a friend, who will go unnamed, who is relatively smart and such, and knows a thing or two about computers. This friend of mine has the natural AOL-hating gene that most everybody has, and is really no idiot. And they see absolutely no reason to abandon Microsoft and Windows, etc.

    Why? Well the answer is simple: from my friends perspective, MS does what she needs. It's the only thing she's ever used, so she takes the crashes as part of daily life on computers. She has seen and heard rants about MS sucking and Linux being a better alternative to Windows, and doesn't buy them because they ARE so ranty.

    So what do we need to do? We need to allow the rest of the world to realize that MS isn't that great, and we need to do it in a sane, un-ranty way. How? I don't know. But I need to go anyway, and thanks for reading this long post.

  • by KiboMaster ( 129566 ) on Saturday May 13, 2000 @12:52PM (#1074949) Homepage
    I've been away for a while and havn't had much time to read slashdot. I'm just catching up on what's going on with Microsoft vs. Slashdot.

    I read the Washington Post [] article a few minutes ago and e-mailed this letter to the editor:

    I am writing this in response to your recent article Microsoft, Slashdot exchange volleys []

    As a very active Slashdot user I take offense to your calling Slashdot a "online clubhouse for Microsoft haters" I do think that the majority of Slashdot users dislike Microsoft however, I'd like to believe that most of Slashdot's user base don't go around spouting anti-Microsoft sentiment. There are a few users who do go around spreading Microsoft hatred, but most of those are moderated down because of flamebait. Most people take up a devil's advocate position on anything Microsoft related.

    Even though I think Microsoft is a Monopoly and has set the computer industry back several years. I still believe they have the right to exist. We cannot deny them that right.

    A quote that I see quite often in Slashdotter's posts is: "I may not agree with what you say, but I will defend you till death for your right to say it."

    Slashdot is a diverse on-line community, made up of people from many different backgrounds. Every user has his or her own opinion on Microsoft or any number of subjects discussed on Slashdot.

  • "Please bear in mind that many Microsoft employees are perfectly nice people. For all we know, the nice people at Microsoft may yet persuade the not-so-nice ones that there are times when it's better to work with others to establish industry-wide standards than it is to act as if the freedom to innovate belongs only to Microsoft."

    I particularly enjoyed this statement. It's nice to see that Microsoft's employees aren't being demonized here. Yes kids, all Microsoft employees aren't evil. I went to the Redmond campus last summer when I was visiting a relative who works for Microsoft, and the employees there are indeed down-to-earth nice people. A lot of the employees there do have opinions which differ from Microsoft's corporate opinions (I saw one guy with a stuffed Tux in his office!). Hell, a few of their engineers even invited me to play some Midtown Madness with them.

    As for the Microsoft v. Slashdot madness, I do agree that Microsoft is going a bit overboard with this lawsuit, but hopefully it will let Slashdot know that they should be more careful in the future with such posts. Like it or not kids, there's laws we have to follow, no matter how much they suck.

    Me? I just hope Emmett doesn't turn himself into Jon Katz II. The last thing we need is another Jon Katz :)

    raunchola (at) hushmail (dot) com
  • While I will agree with you that most Microsquish employees are probably ok folks, I will disagree with you as to their culpability in this. When you work for, or own stock in a company that is devoid of morals and honor, you help further the ends of that company and are guilty of those qualities yourself. The exception to this is only if you are actively trying to change the behaviour of that company. The defence of "I was only a small guy in a big machine and I was just following orders when I gassed those folks" has been ruled to be a non-defence. The only thing that will make the "evil empire" come to its senses is a loss of its human capital and an erosion of its market value. If you disagree with the the stand that Microsoft has taken, then please don't
    • work for them
    • own their stock
    • use their products

    It is not always the easiest thing to do, but a moral rather than expedient stand is time well spent.

  • There is a great post on the copyright issue here []. It explains how free speech rights overcome Microsoft's specious copyright argument. It even uses a legal precedent from Soviet-era U.S. politics.

    And, there is an interpretation of the Microsoft kerberos specification here [] -- does not use any material on which Microsoft can claim copyright, much like DeCSS. This is the version people should link to and post around the web. Very nice.
  • by gunner800 ( 142959 ) on Saturday May 13, 2000 @06:36PM (#1074995) Homepage
    I for one have carefully avoided jumping to conclusions. But if I had to wager, I'd bet that the DDoS attack was done by some punk who wanted to scare us into thinking that Microsoft did it.

    I've noticed a conspicious lack of information from the Slashdot staff about the attack. I assume they are investigating it, with the best help good will can buy. If MS is responsible, then the appropriate charges will be filed.

    Also, realize that Microsoft will be monitoring Slashdot closely for a while (whether or not MS is responsible for the attack), and anything you say could end up in court documents or press releases as a "typical example of the anti-Microsoft nature of Slashdot". So maybe when we spout our usual anti-MS rhetoric, we should try to write intelligently. (Not to imply that your post in unintelligent)

    ...or maybe Slashdot did post a story about the attack, and Slashdot got Slashdotted...

    (Who else caught the obscure poison umbrella reference?)

    Dammit, my mom is not a Karma whore!

  • by gunner800 ( 142959 ) on Saturday May 13, 2000 @12:28PM (#1074996) Homepage
    I hate to be pessimistic, but...

    Quick, somebody adapt the gnutella serverless network to a Slashdot-esque forum, just in case MS takes this to court and wins.

    We could even have a wall-of-shame with the IP #s of trolls...

    Dammit, my mom is not a Karma whore!

  • by Trollusk ( 145659 ) on Saturday May 13, 2000 @01:19PM (#1074997) Homepage
    As one of those MS employees bothered by my employer's tactics in this whole ugly mess, I just wanted to throw in my two bits on why MS does dumb, heavy-handed stuff like this. It's not (most of the time) our managers who do nasty things like send out cease-and-desist letters or require massive EULAs. It's the lawyers, with their paranoid attitudes about the various kinds of trouble, real and phantom, they see us getting into if this-that-or-the-other loophole isn't closed and sealed up tight. The DOJ trial doesn't help matters: the lawyers can say "look what happened when you didn't listen to us last time!" and as a result, people are reluctant to stand up to the advice from Legal when that advice is along the lines of "you'll be at risk unless you treat this material as proprietary."

    As for Kerberos, I don't know the details, but I'd guess it's very unlikely that Gates and Ballmer sat in a room cackling somewhere and decided to make a non-interoperable version. MS is too big and -- gasp -- has too many autonomous units doing their own thing for that image of complete totalitarian control to have all that much truth to it.

    Personally, I work for a pretty damn ethical group. Where there are standards or standards drafts, we adhere to them. It's only where there aren't standards already coming along in the pipeline that we go our own way.

  • by gilroy ( 155262 ) on Saturday May 13, 2000 @07:51PM (#1075016) Homepage Journal
    Quoth the poster:
    Look, this guy has perfected the "click-through" license for slashdot posts. By merely moderating the post, you agree to the content! He/she is obviously a UCITA supporter. :)

    (PS: Did you notice that, per usual format, the license is all in caps?)

  • I think this says it all about the company you work for.

    OSS projects have been able to gain a foothold in many server applications because of the wide utility of highly commoditized, simple protocols. By extending these protocols and developing new protocols, we can deny OSS projects entry into the market.

    - From the Halloween Document(this was written by a Microsoft employee, in case you didn't know). Microsoft management sitting in a room cackling somewhere deciding to make a non-interoperable version.

    True to form, this is precisely what they did with kerberos. Since you are not familiar with the kerberos fiasco, I'll explain. Microsoft took an open source authentication protocol, kerberos, and designed it into Windows 2000. They did so because kerberos was superior to NTLM, the authentican protocol used in NT4. They then "embraced and extended" the kerberos protocol. In simple terms, if I have a Linux server and Windows 2000 desktops, I cannot authenticate myself by logging into the Linux server using kerberos. To be authenticated to access resources on the Windows 2000 desktops, I must go through a Windows 2000 server. Microsoft embraced and extended the kerberos protocol specifically to force people to buy a Windows 2000 server.

    Even worse, they released the specification in such a manner that everyone would see it, but, due to their copyright, no one would be able to legally design a workaround for the Win2K restriction. When someone published the MS protocol on slashdot they demanded slashdot take it down. Make no mistake, Microsoft is dead serious about making their version of kerberos incompatible with the others. Of course Win2K computers can access Unix or Linux services quite nicely, and why not, the protocols are open. Its just the other way around that doesn't work.

    Does it need to be said again? OK, here goes: Microsoft management sitting in a room cackling somewhere, deciding to make a non-interoperable version. I realize Microsoft has some ethical employees. Unfortunately, the unethical ones ruin it for all of you.

  • >> Authentication is such a small, small part of the Windows 2000 Professional/Server relationship. Without Windows 2000 Server and Active Directory, you lose a HUGE amount of corporate managability such as Group Policies and the likes. Simply being able to authenticate to a Linux box is a fairly small bonus.

    Actually, I was talking about authenticating from a Linux box. Since Linux is open source, Windows doesn't have any problem authenticating to it. However, there are lots of environments that use Unix servers and Windows desktops, and a Unix server cant use kerberos to provide authentication for accessing files from Win2K desktops.

    Don't forget, Linux has LDAP, and that the most widely accepted model for networking is the internet protocols. By insisting on proprietary protocols, rather than participating in the development of standard protocols that every computer company needs to use, they are only continuing to generate bad publicity for themselves, causing more people to turn to Linux, and turning away from the Microsoft platform. Networking is technical, but its also social. Piss enough people off and watch that MS stock contiune to drop.

    Don't get me wrong, Microsoft's implementation of Kerberos should allow your scenario to work but I don't think it was done this way explictly to prevent 3rd party authentication mechanisms.

    Then why did they release the code in such a way as to prevent Samba from being able to make a workaround? The Samba team would write a workaround in a heartbeat if Microsoft didn't forbid this in their EULA. With this kerberos stunt, they are proving that the DOJ was right and that they really need to have their power limited. Its simply not ethical for MS to take an open source protocol and use it to deny services to open source operating systems.
  • by EricEldred ( 175470 ) on Saturday May 13, 2000 @02:43PM (#1075048) Homepage

    Actually, one of the posts very blatantly violates Microsoft's copyright.

    Actually, it is an interesting legal question as to whether this is true, and I hope it is addressed by a judge. I hope the poster of the entire document steps forward and appeals any decision to remove that post, and fights in court (with our help) this blatant censorship attempt.

    It is not illegal to distribute a copy of a copyrighted document if the license that comes with the document specifically allows this (as, for example, the GPL does, and, furthermore, the EULA here does, for purposes of security analysis).

    Next, it is not clear whether the alleged copyright is of a PUBLISHED work or an UNPUBLISHED work. The treatment of each is different under the law (the former is allowed more fair use). The letter from Microsoft does not clarify this point, but one might infer from the document itself that it claims to contain trade secrets and thus is UNPUBLISHED, while the fact that it is openly available on the web would indicate that it is a PUBLISHED work. I hope that a judge will find that Microsoft intended this work as unpublished, but because of poor legal advice, posted it as published, and therefore the DMCA does not apply.

    Next, it is not clear just what Microsoft claims is covered by its alleged copyright. If it is the Kerberos spec itself, that is copyright MIT, and any later changes to the spec are not necessarily covered by copyright unless they are sufficiently original creative expressions. The document itself only contains arbitrary API data and references to mathematical algorithms--can they truly be protected? Can Microsoft enforce a patent on cascading style sheets if it participates in standards setting with other corporations on this very subject? It is possible that this case might have to be joined with the antitrust case under expedited review so a new remedy is found before appeal of the antitrust case.

    Copyright is not an absolute natural right. It has to give way in cases where it is abused by monopolists convicted of antitrust offenses--and guess who that might be here? Kerberos is an open standard that Microsoft appears to be trying to take over for its own monopoly purposes of excluding competition in the network server market. Any attempts to privatize this open standard can been seen as monopolistic and thus not covered by standard intellectual property claims.

    If you agree that posters to /. have the right to discuss this whole affair, how is it possible to exclude them from discussing the very document itself and referring to it? And what better way is there, than to post the entire document, or to make a deep link directly to it?

    Consider that if Microsoft prevails here, /. will have to monitor all postings and censor them. And /. might have to abolish anonymous postings to comply with Microsoft's demands. Such actions would definitely impede free speech on /. and impose on our First Amendment rights. A judge needs to consider these points under heightened First Amendment scrutiny and not just accept Microsoft's prima facie claim of copyright under the DMCA. (If she does, then the DMCA itself might be overturned.)

"The number of Unix installations has grown to 10, with more expected." -- The Unix Programmer's Manual, 2nd Edition, June, 1972