KDE 4.x, Why it is a complete mistake.

June 18th, 2009

I’m sure you have all heard people screaming at Microsoft for the User Interface and operational changes in Windows Vista.
KDE 4 is Windows Vista.
Changed look, feel and operation, JUST BECAUSE THEY COULD.
Users want their computers to have familiar look, feel and functionality. They do not want to WASTE time having to search for what they use because some dip-shit decided to change it around. Vista is going the way of Windows M.E., and KDE 4 should follow suit.

1) Dolphin File Manager, far less functional than Konqeror as such.

2) Dialog based application User Interface, This Particular stupidity is used extensively, by almost everyone not just the dip-shit KDE devs. The ONLY time a dialog based user interface is appropriate is WHEN THE APPLICATION IS BEING RUN ACROSS A NETWORK CONNECTION. If it is on the machine the user is at, then a dialog based user interface is an admission that the developer is to stupid to be allowed to live.

3) What the fuck is up with a “widget’ on the desktop to change desktop settings? The context menu entry is good enough, there is NO reason to REQUIRE some screen real-estate to be stolen by this fucking thing.

4) Why the hell would they think releasing something with less than 25% of the functionality of the previous versions of KDE was a good idea?

5) They seem to have fallen for that penultimate stupidity, Fancy GUI = BLOAT. The only thing to be said for a love of “eye candy” on the desktop, it tells us your mom needs to be smacked for not having an abortion before you were born.

All in all, any GNU/Linux Distribution that uses KDE 4 is telling their community that the community is to stupid to have any RIGHT to NOT spend more money on hardware. Just like any application written in Java or using the .NET framework, it is designed around the ultimate stupidity of “hardware is cheap”. This translates directly into: We are to cheap to pay our developers to write good code, instead, our customers are STUPID enough to spend $x for our program AND another $1,000.00 on HARDWARE to run it.

You know what? Every time that you buy a program that you need to buy more hardware to use, you confirm their low opinion of your intelligence. If you would just send them a comment: No Sale, the Hardware requirements are excessive. then they would stop using the hardware is cheap development model and you wouldn’t be throwing money away on hardware, instead of getting something else you really need. [ take a look at Chad Perrin's "Broken Windows" blog entry on Techrepublic for a good description of this issue. ]

Posted in General`, Software Development | No Comments »

Free Libre Open Source Software and the Law

March 31st, 2009

I was reading a blog entry about the Conficker.c worm last night and saw something in it that tweaked my interest.

I followed the links and checked this out. Yup, Conficker.c uses a brand spanking new encryption algorithm. This algorithm is so new it has yet to be implemented anywhere else. Though it is not the creation of the cyber terrorists that created Conficker.

Much worse than that. It is the work of a team led by a well known security professional. This team made one simple error. They forgot the legal issues around encryption technology and MADE THEIR SAMPLE IMPLEMENTATION AVAILABLE IN SOURCE CODE FORM. This error has been addressed, the source code is no longer available.

Why is this an error you might ask. Well, simply put, Encryption Technology is classified as weapons technology by EVERY Government in the world. As a weapons technology, distribution of it is very tightly controlled. The sample implementation of this new algorithm had no restrictions on accessing it.

Now, to be perfectly clear, I myself only use software that I can legally obtain the source code for. I take this to the point of I do NOT use software if it is a CLONE of proprietary software. [ Mono Project, Java, .NET bindings in gcc, beagle { built on a .NET implementation }, Flash content on websites, ... are not acceptable because the original is proprietary. ]

I have to ask the questions though.

Do F.L.O.S.S. developers have the responsibility of obeying their local laws that apply to their project?

Unequivocally, YES. Just because you are giving it away does not absolve you of your responsibility to obey the laws of your home.

Do they have the responsibility to KNOW the applicable laws?

Is it not commonly said “Ignorance of the law is no excuse”?

Should they be legally liable if their code is used for malicious purposes? [ the encryption tech in Conficker.c being an example ]

This is the sticky one, their responsibility for another person’s actions. Generally, the answer is no, they cannot be held responsible for what someone else does. The entire Arms Industry uses that to defend their right to make and sell weapons, even though the weapons are used to commit crimes.
When it comes to a worm that is as prolific as Conficker in all it’s variants, it isn’t so clear. Worms such as Conficker are effectively used for acts of terrorism. Since 9-11, the laws against such have been strengthened dramatically, making very likely that a F.L.O.S.S. developer could be held liable if their code is used.

What should be done if you are developing something that you want to release as F.L.O.S.S.?

Simply put, make sure your project is not in violation of any local laws, make sure it is legal for you to distribute it. If there are restrictions for distribution, do what is needed to follow them.

Due to the global nature of the F.L.O.S.S. community, each member of the team will have to look at their own local laws. The broader the team’s coverage of the world, the more laws that need to be followed for release. This same global nature has a benefit though, each team member can release locally, with NO VIOLATION on import/export regulations.

There is another interesting point I found in Micheal’s blog entry, Conficker has disabled notifications of activity by the anti malware tools on the systems it has infested. How did they perform this? They took notice of something Microsoft demonstrated. If the developers of the new encryption algorithm are liable for what their product has been used for, Microsoft must also be liable for having demonstrated how easily the security of their Windows product can be bypassed.

Posted in Internet Security, Software Development | 1 Comment »

Porting Software To GNU-Linux

March 17th, 2009

Basic Assumptions and Situations

Okay, you have a Commercial or Proprietary application that you want to port to GNU-Linux.
It works on MS Windows / Mac OSX.
You want to offer the application to GNU-Linux users regardless of which particular distribution they use.

What decisions are needed before starting?

1. Which distribution to use?

This is the first, and most important decision. With over 300 known variations of GNU-Linux out there, picking one is quite a task. Let’s look at the issue with the basic idea. If you pick a large, well known, distribution, you have accepted their particular vision of where GNU-Linux is going. Every distribution has customized the software / configuration, making some distributions completely incompatible with others.

I would recommend that you take the time to go a different route. If you use the “Linux From Scratch” book, and build yourself a system with these requirements:
a) Strictly Linux Standards Base compliant.
b) Minimalist GUI.
c) No customizations.

You will find that your application will work on most distributions without any issues. Those distributions it has issues with, well, if their developers had not ignored the LSB specification, the issues wouldn’t be there. It is the distributions problem to resolve not yours.

2. Which Widget set to use?

Yes, a choice of widget sets is an important one. Not every distribution will have every widget set, or even the same version available. If you pick a newer version and it isn’t supported on a distribution, then the application will not function.

My recommendation is to use WxWidgets. The development model of this widget set is to wrapper their code for ALL supported widget sets and OPERATING SYSTEMS. Yes, a single code base can be used for supporting all operating systems.

3. Code Standards, are they important?

Yes, by making sure that the code you use meets the strict specification for the Programming Language being used, you avoid operating system specific issues. This makes it far easier for having a fully cross platform application.

What benefit is there in following the recommendations made?

A simple answer, if you start by avoiding distribution specific customizations, and go with strictly standards compliant code, you make the support issues and costs minimal.

Complaint: The application doesn’t work on x distribution.
Answer: x distribution has customized their implementation and broken compliance with the standard, you need to take this issue to them.

By going with fully standards compliant code for both language and cross platform development, you have not only added GNU-Linux to the supported operating systems, you have added the 7 BSD operating systems, Sun’s Solaris, HPUX, IBM AIX

The more operating systems supported, the larger your client base can become.

By going with the most minimal system, you also avoid including requirements for applications that are desktop specific, enabling it to work with more environments.

Some of you readers may know I’m not a strong supporter of the LSB. I think it went beyond what a base standard should be. The “core specification” segment of the LSB is where they should have stopped for a true BASE standard. Though their insistence on making it a hardware dependent specification is also a mistake in my opinion. A base standard for an operating system that runs on any hardware it’s installed on needs to be hardware agnostic. With GNU-Linux, that hardware is anything above an Intel 80286 cpu system.

Posted in Software Development | No Comments »

I.T. Professionals: What are they, and how do they impact my business operations?

December 14th, 2008

Is your I.T. Department a “black box” to you? Do your eyes glaze over when your C.T.O. starts talking? You are not alone. The majority of the world is just like you. I have no intention of trying to explain I.T. so you understand the technology, you do not have the need to really understand it as someone in I.T. does, nor do you have the years to invest in learning it, you have enough to keep up with already. I hear comments quite often that Business Leaders, such as C.E.O.s, don’t seem to really understand their I.T. Department staffing needs, nor the budgeting needs of the department. Since Information Technology is still relatively new to the world, and it’s impact on business operations is constantly changing, this is not anything to be surprised at. Many people working in I.T. don’t really grasp this either. In the following paragraphs I will attempt to present a model that can be used by business leaders to understand their companies IT Department, and it’s impact on normal business operations in today’s workplace.

Information Technology has become the foundation of business operations in almost every industry, it is the tools used by every other department in the company. The I.T. Department is directly responsible for the effectiveness of every other department in the company, if it fails then you can’t make sales, products or provide service for your clients. My own business is an example of how dependent on Information Technology we have become, I own and operate a Website Hosting Business. The only department of my company not directly part of the I.T. Department is the Accounting Department, yet they are dependent on the I.T. department to be able to do their tasks.

In several recent discussions among I.T. Pros. a trend has shown itself, they are concerned with the “Qualifications Required” for new positions. It is literally impossible for any one person to be really competent in all the technologies being listed in employment opportunities postings. It is possible to be reasonably skilled in 5 distinct technologies, not the 15 being demanded in the postings. This is over and above the long time issue of postings wanting 15 years experience, in a technology that is only 5 years old. To get the best possible applicants for I.T. positions, get the C.T.O. / C.I.O. to write the posting and do not let the H.R. department change a single word of it.

The Human Resources Departments around the world have shown with impossible requirements in postings that they have no understanding of the I.T. Industry, so they really do need to be cut out of the loop when looking for I.T. staff. This really is only possible if you consider your I.T. Department as a subcontracted service.

I do not intend to imply that outsourcing your IT department is the best thing to do, in the majority of cases, this has been proven to be a mistake. It takes longer to get support staff on site to deal with a problem. We all know that down time in the network costs money, both in lost revenue and in man hours lost. In-house IT are there immediately when something does go wrong, this gets the system back up faster. I believe that it was a Gartner and Associates study that showed that 90% of companies that outsourced any part of their I.T. brought it back in-house as soon as they could. This included the Customer Support / Help Desk staffing.

If you are happy with your I.T. Department being a complete “black box” then I would recommend thinking of it as a subcontracted service. One that presents you will a bill to be paid no questions asked. If you would rather think of them as employees and have accountability to you, then you need some sort of model to use in dealing with them. My intention here is to try to give you such a model.

There is one area that almost everyone is familiar with on some level, which also happens to be a very good model for exactly what the personnel in any given I.T. department are. This area? Why, the Trades naturally. A collection of specialists who working together complete a “Project”.

Yes, Specialists. Your I.T. department is a collection of specialists, ranging from the foundation of your systems. ( The telephone and networking hardware ) to the computer programs running on the systems, to the help desk personnel keeping the rest of the company productive.

The people who designed and installed the basic infrastructure, the cables, network appliances, telephones, etc. are comparable to the Construction Industry’s Foundation Specialists. They built the foundation of the company’s I.T. infrastructure.

The D.B.A. ( Data Base Administrator ) is comparable to the Framers. They build the structure that supports the business operations.

The “Black Hat” or Security Officer is the LOCKSMITH of the I.T. Industry. Ignore this person’s recommendations at the peril of losing confidential information ( your Trade Secrets ).

The “lowly” Help Desk Personnel are the CUSTOMER SERVICE representatives for the IT Department to the rest of the company.

This collection of specialists help keep your company’s business operations running smoothly, it is in the business’ best interests to make sure they have the tools needed to do the job right.

In one respect, you do not want these staff to be to specialised. You do not want a D.B.A. that only knows M.S. SQL Server even if that is the software your company uses. If you are looking at making a change in software that would mean changing to or adding a different data base server, this over specialised person wouldn’t be able to work effectively with the new system as easily as someone less specialised. Also, if your staff are over specialised then they wouldn’t be able to make accurate assessments of new technologies that could reduce operating expenses for the company, the technology is outside their area of expertise.

I am considered a generalist in I.T. terms, because I have to keep current on more than one aspect of technology to be able to make good decisions for my business. Yet in reality I am a specialist in that I limit my technology implementations to only a few bits. I only use open source operating systems, and open source webserver, ftp server, email server and data base servers. I could not keep current on the technology if I added MS Server, IIS, Exchange, MS’ ASP and .NET framework to the list, there are not enough hours in the day for anyone to keep current on that number of items. Instead I use the software that has powered the majority of the Internet since it’s inception, and technologies that work seamlessly with them. When I need more information about a specific technology, I find someone who is a specialist on that particular technology and either pick their brains for the information I need, or hire them as a consultant to evaluate the implementation of that technology in my business.

That leads me to an important point, consultants.

Is hiring a consultant a good idea for your business? More often than not, yes it is, if they are a specialist on the particular subject you need looked at. They come in under contract and an N.D.A. to look at your operations and see if there is a better fit technologically for you. If there isn’t, they will often know a Consultant that could create one just for you. There is a flip side to this coin, in that hiring a consultant to evaluate implementing new technologies tells your I.T. staff that you do not respect their opinion, which is a morale destroying statement. I would only hire a consultant if the technology being evaluated is completely outside the I.T. staff’s knowledge base, such as switching from a windows shop to Mac or Linux or one of the many other operating systems, where all your IT staff only know Windows. The Consultant would be able to include the real costs of training your IT Department in the new technology with a realistic view of it.

Posted in General` | 1 Comment »

Do the Anti-malware Companies really want to stop the malware?

July 8th, 2008

Sadly, I will have to say that with ONE exception it is a no.

A simple test of their products that only one company passed.

I went looking for any home version of their products that would run on any operating system other than windows. After all, while the Macs, GNU-Linux, openBSD, freeBSD, netBSD, pcBSD, desktopBSD, Solaris, HP/UX, Aix … based systems cannot get damaged by the windows viruses, the people using them do send files to people using windows. Those files can contain malware, that the sender doesn’t know about. How could they know? it is next to impossible to find anti-malware software for home desktops, the most likely source for infected files to be transmitted to people on the vulnerable windows.

The options for Anti-virus for home users of these operating systes are two.

1) clam av, which unfortunately according to the latest testing results I know of, is only 43% effective.

2) AVG from Grisoft. They do have their proprietary, sale version only, software available for windows, macos and linux. They do have the avgfree for windows, but not for the other operating systems.

How did I run my little test? I contacted those AV companies that want people to contact them. [ no sign-up for membership / registration of product required to contact them, which is why Symantec / Norton weren't contacted. ]
McAfee never responed.

Comodo never responded.

AVG did, since I couldn’t find anything but windows links before contacting them.

Kaspersky did, when I complained they sent me a trial version link for windows and I don’t have windows. :D [ but Kaspersky's Linux version is the over-priced Corporate version, not a home system product so it's not actually one to be included as for home users. ]

Trend Micro, no way to cotact them via their website.

Since most of the AV companies have shown they want you to be at risk, if you are using windows, give your support to the one company that has shown they want to actually stop the malware completely. If you are running a Mac of Linux system, support responsible sofwtare companies that really do show they want to do the job right. The companies with all versions of their product available for more operating systems than windows.

Posted in General`, Software Development | 1 Comment »

Browser and Website Insecurity

May 27th, 2008

Are you concerned about default browser security settings?
You should be, since malicious code can be on ANY website you visit.

The sad truth is that very few websites are written with security of YOUR confidential information in mind. How can we tell this? It is actually easy.
Check the lower right hand corner of your browser window, is the padlock symbol locked, or open?
Odds are, it is open. That means that the website is not using the Secure Socket Layer to create an encrypted tunnel for all information passing between your computer and the server hosting the website. This enables anyone who has a packet sniffer to capture the entire data stream. Those intent on criminal activities have packet sniffers and actively look for information that should be kept confidential, like your user name and password. It is well known that 99% of people online use the same username and password for everything, so anyone will ill intent who gets such can then start accessing things like bank accounts, credit card accounts, etcetera.

What makes this lack of use of ssl in websites is the fact that EVERY browser ships with a list of trusted Certificate Authorities. Though, really, how well can you trust the word of a company that is only saying what they have BEEN PAID to say. After all, if a person is out to rip you off, they will rip you off, no matter what the Certificate Authority says about them, and that Certificate Authority is not responsible for your loss. I personally, delete the list of Certificate Authorities from my browsers, since it is the person or company whose website I am visiting that I trust, or not. It does NOT matter which CA has issued the certificate for the ssl connection, they have nothing to do with the business you are contemplating purchasing from.

The second issue is that EVERY browser is BY DEFAULT enabling things that weaken website security, and expose YOU, the end user / site visitor to having confidential information stolen. I am referring to the use of FLASH, Javascript and Activex on websites. Though Activex is only functional if you are using a Windows based computer, the huge market share Microsoft has means that it is an issue for most people. Clientside scripting exposes application logic to malicious people, making it easier for them to CRACK the website and gain illegal access to information stored on it. We can’t forget, all three of these technologies have the ability to write to the hard drive, this means they can save malicious code on your system. Activex is worse though, it is a SYSTEM level technology on Windows, which means it has System Administrator access. That is total access. The second half of this issue is that after they have written the website script to run on the clients system, the majority of website developers DO NOT bother to verify the information being submitted on the server before they process it. This means that malicious code embedded is executed by the server, possibly causing an exploit of the server in the process.

In essence, if any website that wants you to submit ANY information is not using ssl, then you should not submit any information to that website. If your BROWSER does not pop up a window about not knowing the Certificate Authority, then the people who wrote and configured the browser are TRYING to cause you harm.

That brings up the final point, message boxes or message bars. the two most popular browsers have both implemented the use of message bars across the top of the browser window. The silly thing is, that bar goes away in a few seconds, and is easily missed by the person using the computer. While message boxes get clicked away without being looked at, they still have a 50% effectiveness, while message bars can only have at most 25% effectiveness. So Microsoft’s Internet Explorer and Mozilla’s Firefox are BOTH trying to hide critical warnings from their users when they use the message bar instead of a message box.

To summarise, EVERY web browser is being sent out configured to ENABLE harm on their users from having a list of “Trusted” Certificate Authorities as well as from having client side scripting technologies enabled by default. Microsoft’s Internet Explorer and Mozilla’s Firefox being worse, in that they PURPOSELY try to hide critical security messages from you with those message bars. YOU, the END USER, need to start complaining to those responsible for these CRIMINAL acts if you really want to stop your confidential information from being exposed.

While I am slamming people for not using ssl on websites, I’ll accept the comments coming, from my own lack of ssl use here
, with only this comment on the subject:

You do not have to submit any information to this website to read it, and if in reading it you start thinking about what you can do to protect your information better, then it is worth it. I chose not to enable ssl because there is not requirement for ANY visitor to give me ANY information anywhere, unless they chose to make a comment. Then they need to give a user name, password and email address, yet after reading this post, I doubt anyone will do so lightly.

Posted in Internet Security, Software Development, Website Development, Website Security | 1 Comment »

Free Credit Reports …. Really?

May 14th, 2008

I have not looked at the Free Credit Report services offered in different countries, but the one I just saw for here in Canada is just plain wrong.

freecreditreportsincanada

A website offering this service to us Canadians. They REQUIRE that you give them your credit card information… well, ok, that will help to get credit rating. Hold it a second, the page to put the information about the credit card is on the HTTP protocol, not the secured HTTPS.

The Lawyer that owns the site obvious is a shady one, She is PROMOTING both Credit Card Fraud and Identity Theft.

Well, I blasted them directly calling them stupid thieves for not using ssl for handling credit card details.

Then I reported them to the Local RCMP Headquarters, for Montreal Quebec.

It’s only “free” for 7 days anyways, after that they charge you 29.95 a month. And the only way to avoid this recurring charge is to PHONE THEM, within that 7 day period.

so it isn’t free even if they don’t cost you EVERYTHING by their lack of security.

I bet that if you look at the other services you will find many, if not all, of these issues are there as well.

bunch of criminals they are.

here, the whois search results for the domain:

http://www.whois.net/whois_new.cgi?d=freecreditreportsincanada&tld=ca

Posted in General`, Internet Security, Website Security | 5 Comments »

Personal news update

April 8th, 2008

I have been busy for the last while, in getting everything set up to run my own web hosting business.

The url for this company is http://runic-hosting.com

because of server configuration changes for this new venture, I had to re-publish the entire history of the blog.

all trackbacks to specific entries have been broken because of this. :(

the change, and re-organization of the site also cost all the comments on posts. :(

Posted in General` | No Comments »

Proprietary Software Houses Support for Linux

April 8th, 2008

Why is this not happening?
Well, let’s see, right now they have 2 separate code bases for their applications, one for Windows and one for Macos. They do not want to add a third code base.

I can understand that, I wouldn’t want to have three times the workload to have my application run on three operating systems.

There is yet another issue though, and it’s one that would slip by most people.
It is that most Linux distributions have customized the FSH, making it harder for anyone to develop a distribution agnostic application than it should be.
Some distros implement the /srv folder tree. some don’t. Most implement the /media folder, which is confusing to MS people, since such a folder means to them STORE MEDIA FILES, LIKE AUDIO, IMAGES AND VIDEO HERE not storage media.

Maybe the Free Software Foundation should pull their heads out of THEIR asses and look at how the FSH drives software companies away from supporting GNU-Linux with it’s completely confusing use of folder names and dismal lack of detailed specifications for such items as codec storage. I have been discussing he location of video codecs on Mandriva 2008 64 bit with Mandriva, they have zero documentation on such information, and what little response I get from the forum admins ignore the reality of compiled in paths not existing insanity.
[ they keep telling me to use a path that does not exist, so would not be in the applications path data, the applications do not have the path option in the settings dialogues and refuse to tell me EXACTLY where they store codecs by default.]

But, the first point, multiple code bases and huge amounts of labour to support multiple operating systems. That is an entirely reasonable issue, until you look at one simple point:
There are no less than 3 widget sets that are cross platform.
1. Q.T. [ http://trolltech.com ]
2. G.T.K. [ http://www.gtk.org ]
3. WxWidgets. [ http://www.wxwidgets.org ]

Each of the three widget sets has it’s own unique drawbacks and benefits.

One of the biggest benefits to using GTK is it’s License:
Licensed under the GNU LGPL 2.1 allowing development of both free and proprietary software with GTK+ without any license fees or royalties.

The drawback is that anyone using Windows would have to get and install the gtk libraries to use the applications requiring it.

QT is the widget set used for the KDE often mentioned for Linux.It also happens to be the widget set used as the foundation for Delphi widgets originally. It is available under the GNU-GPL for non MS Windows systems, and a commercial license version for MS Windows systems. That Commercial License is also available for the non Windows systems.

Both of the above have the next issue in common, the original issue, a code base for each os to be supported required. They do not have tools that will handle creating the os specific code needed for your application.
[ the windows IDE will only handle Windows code etc. ]

WxWidgets gets rid of the multiple code base problem. It’s lacking in a few things, like a single IDE for all operating systems. It seems no-one has yet written a good IDE using WxWidgets ;)
and made it available for all operating systems. Code::Blocks is a wxwidgets based IDE, and is available for most operating systems, yet getting it to run on linux is a pain in the butt.
[ those distro centric customisations I mentioned above ]

With the single code base all os support of WxWidgets, there is one other issue, the widget set is bloated. They have their system create operating system specific calls for every os you chose to enable support for in the project code. Fortunately, the compiled binaries are stripped of code for other operating systems, so the “bloat” only exists in the source code and widget set. Since WxWidgets will use MFC widgets in a windows executable, Cocoa in OSX executable, GTK or QT in every other OS executable, the bloat never hits the end user product.

Ahh, just checked the other possible issue for WxWidgets, which is License issue. Here is what WxWidgets says:

wxWidgets is currently licensed under the “wxWindows Licence” pending approval of the “wxWidgets Licence” which will be identical apart from the name.

The wxWindows Licence is essentially the L-GPL (Library General Public Licence), with an exception stating that derived works in binary form may be distributed on the user’s own terms. This is a solution that satisfies those who wish to produce GPL’ed software using wxWidgets, and also those producing proprietary software.

So, other than the lack of a good, CROSS PLATFORM, IDE for working with WxWidgets, there is no reason not to use them for software development of cross platform applications.

What about Java for cross platform development?
Well, only if you are stupid is that an option.
I installed Sun’s Java to attend a webinar, it IMMEDIATELY caused a 50% reduction in system performance.
[ I removed Java, it's not acceptable to have that happen, specially on a dual core 2.4GHz 64 bit system. ]
Java is bloated in it’s design, and EVERY Java application is bloated because of the language failings.

Posted in Software Development | No Comments »

A missed question..

April 8th, 2008

In his security blog entry Bolted-on security features aren’t secure Chad Perrin missed one of the important implications of my own blog post: Microsoft breaking the law again?

If Microsoft uses the capability of sending data from any windows system to themselves without notification to the end user, without authorization by the end user, for the WGA/MGAprogram, where else are they using it?
Are they not most likely also using it to collect information they have no legal right to?

How many companies have Microsoft had windows send them client lists or accounting databases in this manner from?

I don’t really care if the WGA/MGA program collects and sends data to Microsoft, since I don’t use windows, or any other MS products, the problem of it being possible and the high probability that MS has used that elsewhere is what is the biggest issue. The issues Chad raises are all excellent ones, and ones that should be addressed by anyone looking at replacing any software, maybe hey will help to push people into moving away from MS based software.

[ Architects being the only industry screwed over and forced to use windows based software, since Autodesk is screwing them by only having the ubiquitous Autocad run on windows, even worse, it uses the .net framework, making it a guarantee that it will never run on anything but windows. ]

I’ve known Chad for a few years now, originally as apotheon on CNET’s TechRepublic. While we have our disagreements on some things, I generally find his opinion to be worth listening to.

Posted in Software Development | No Comments »

« Older Entries