Yes, that's right -- the paper that's been compared to an undergraduate research paper, that's been called "poorly researched," that's mostly made up of mostly regurgitated old Microsoft positions, is now available for U.S. $5.95.
AdTI researcher Richard Sullivan notes, however, that there are "a number of places you can download the paper without paying for it." If you really need to see this final version, we'd recommend hunting out a free download site -- $5.95 is vastly overpriced.
Sullivan says the price is to pay for bandwidth costs -- AdTI wasn't expecting the kind of interest in this paper that it's received, he claims, even though the original press release for the paper was filled with inflammatory rhetoric about Open Source software used in government being a potential target for terrorists. Any press release mentioning terrorism in its headline these days, especially one making such a leap to link itself to terrorism, is begging for attention. It's worth noting that only three pages of the 18-page white paper deal with Open Source in government, and the potential for terrorism is barely hinted at.
This is the second version of the paper to be released on the Web. Last week, Linux and Main noted some of the differences between the two. We can't decide if this is ironic or just plain funny, but the first, rough-draft version of the paper -- which purports to raise Big Questions about Open Source security -- was accidentally released to the Web by AdTI's IT guy.
Maybe, just maybe, this little mishap might demonstrate that open code isn't the cause of most IT security problems. Let's call this category of security breach "operator error" -- which might be responsible for a heck of a lot more security problems than Open Source code.
"We're just journalists here," Sullivan explains sheepishly while trying to explain how a 2-month-old rough draft happened to make it to the Web without the authors' intervention. Which might beg the question, if you can't upload your own documents to the Web, are you qualified to pass yourself off as an Open Source security expert?
Note to the AdTI "journalists"-- there's this great little GPLed program out there called gFTP ...
The latest version of the study is mostly a grammar and spelling cleanup, Sullivan says, although Linux and Main noted at least one section was significantly rewritten. And on one of the first pages of the PDF I opened, I still noticed a couple of punctuation errors, but who's counting?
Most important is the message of the study, which is mostly well-worn, rehashed arguments from Microsoft and other critics of Open Source and the GPL.
For example, from the conclusions:
"The BSD license enables companies, independent developers and the academic community to fluidly exchange software source code ... GPL software is a different horse though ." This "BSD good, GPL bad" argument comes straight from Bill Gates' mouth.
"Proprietary developers cannot integrate GPL software into their binary files without then changing their own software license to the GPL." This sounds an awful lot like Microsoft CEO Steve Ballmer's "Linux is a cancer" comments from a year ago, although at the time, Ballmer seemed confused about what license Linux is under.
The GPL is a threat to intellectual property: "The GPL's resistance to commonplace exchange of open source and proprietary has the potential to negatively impact the research and development budgets of companies ... It stands to reason that if the ownership of intellectual property is affected, dollars spent on research and development would be at risk as well." There's nothing new here. Backers of the DMCA and other intellectual property expansionists have been making this argument for years.
Other assertions from the study:
- Reverse engineering, widely used by GPL fans, threatens intellectual property and the software industry. (Can we see some numbers?)
- If the incentive for developing complicated software changes, there might be a negative impact on the quality of software that's created. (And proprietary software is such a shining example of great quality.)
- Software companies should really consider the tradeoffs before using GPL software. (Yeah, and?)
So perhaps the nicest thing we can say about this white paper is that it does a somewhat adequate job of summarizing past criticisms of Open Source and Free Software. There's no evidence of original thought, and it can hardly live up to its claim of opening a debate over Open Source that's been going on for years. Perhaps a better title would be, "Rehashing the Open Source debate, at least the Microsoft side of it."
So save your $5.95 -- it's better spent on fast food.
