de Tocqueville anti-GPL security white paper released   Monday June 10, 2002 - [ 01:49 PM GMT ] Topic - Security -  It's up at http://www.adti.net/html_files/defense/opensource_whitepaper.pdf. It's in PDF, of course. The Alexis de Tocqueville Institution takes on the GPL, copyleft and "the myth of a public software community."

	And it is a FUD-Fest..      (#15383) by Alex Bennee on 2002.06.10 9:19   | User Info | For a paper that is meant to promote security-through-obscurity vs open-source it sure spends a lot of its time railing against the GPL. "Although Stallman is a fallen hero in the open source world..." is probably over stating a bit. Sure rms may have disagreements with other open-source advocates but I don't think he now irrelevant (love or loath him). "Netscape was an aggressive firm. It endeavored to make its web browser the proprietary standard for web access..." is a little one sided. Granted proprietry tags in Netscape was a retrograde step but the paper paints Netscape as the only villan of the browser wars, one that has reformed since, unlike M$. And probably the most telling statement from its conclusions "Open source GPL use by government agencies could easily become a national security concern. Government use of software in the public domain is exceptionally risky." shows exactly where this report is coming from. I wonder who gets to write the first rebuttel :-) [ Reply to This | Parent ] poorly done research report; a waste of MS's money      (#15389) by Anonymous Reader on 2002.06.10 10:00 It contains simple errors like "FSF was founded in 1989." Most of what it says are "borrowed" from existing material available on the web. If Microsoft funded this "research", Microsoft clearly wasted its money. [ Reply to This | Parent ] Only relevant for the USA      (#15401) by gerardm on 2002.06.10 11:37   | User Info | When I read this piece, there is only one government. That is the government of the USA. When a government wants to benefit its programmers, its sysadmins, there is no reason to pay Microsoft Tax when they can be pays with the same money and write a GPL version of code that is required for that country. One size does not fit all it certainly doesn't benefit all [ Reply to This | Parent ] Absurd, ill-written, unprofessional junk      (#15405) by Anonymous Reader on 2002.06.10 11:51 The author seems to have no conception of the distinctions between 'commercial/uncommercial' and 'unfree/free', or between patents and copyrights. Viz this quote: "Without an incentive to create commercial software, filings for copyrights and patents would immediately decline." Like, duh! Is he arguing for software patents? Or for more GPL programmers to 'file for copyright'? Poor. [ Reply to This | Parent ] hmmmm      (#15409) by Anonymous Reader on 2002.06.10 12:10 It all about incentives baby...Open Source aligns the users incentives. If you know everyone else out there is looking at the code then you will make damn sure its wicked secure before you use it. Someone needs to inform these guys that the NSA has posted their own Security Enhanced Linux for the public the download and inspect. If its good enough for the premier spy agency in the US (and also the one with the most adept hackers) then it good enough for me. [ Reply to This | Parent ] Let's celebrate the release of this paper...      (#15411) by Anonymous Reader on 2002.06.10 12:17 with a mass relicensing of code to the GPL! If we are causing conservative think tanks to put together pathetic papers such as this, clearly we are having a real impact! [ Reply to This | Parent ] The paper was moved...      (#15419) by Anonymous Reader on 2002.06.10 12:48 The paper was moved to http://www.adti.net/html_files/defense/old_opensou rce_whitepaper.pdf . Good thing they allow directory listings on their server! (although I really have to wonder about the security implications...) [ Reply to This | Parent ] Poorly researched and ill-informed...      (#15449) by Anonymous Reader on 2002.06.10 15:14 ...are the politest things I can say about this. The author has transparently started with the objective of rubbishing the GPL - then crudely constructs "evidence" to support this rubbishing. It presents a world view that as a software developer I find difficult to recognise. It probably isn't worth spending much effort reading or responding to this. So I will just pick on one aspect which struck me as interesting: The complete omission of any reference to standards and specifications. In my world software systems are underpinned if not driven by standards and specifications. Many of these standards are open and freely available. Some are ad-hoc. But they are always there. Not so in Mr Brown's world. Everything is secret and proprietry. It is a given that for a piece of hardware, there will be no published specifications. The only way that a GPL driver for that hardware can be created is by reverse engineering the manufacturers own driver. Like wise there are no standards or even specifications for software systems. Everything is closed and therefore a GPL author must inevitably "steal" the creators "intellectual property".... Sigh. There is lots more to be criticised but the premises are so illogical and falacious that it is soul destroying even to have to start. Now I personally think that there is a role in the world for GPL, BSD and proprietry software licences. But this article neither makes the case for a multitude of licenses nor suceeds in saying why there is no place for the GPL (at least in any rational or credible way). I would really like to see IBM explaining why they endorse the GPL, as this paper is sure to get a lot of coverage in the media - especially if Microsoft have paid for the article as has been rumoured. [ Reply to This | Parent ] Funding source?      (#15453) by olsonco on 2002.06.10 15:28   | User Info | As soon as the source of the funding for the "study" is clarified, and it is clarified in such a way that I know that the study has not been obviously bought and paid for, I'll take the time to read this white paper. (See this article [newsforge.com] for the authors' stance on disclosing their funding sources.) Until such time, I will assume that "white paper" is a euphamism for "advertisement" at the Alexis de Tocqueville Institution. [ Reply to This | Parent ]