Posted on 07/25/2003 7:16:17 PM PDT by HAL9000
The continued adoption of Linux by large enterprise in the face of SCO's legal threats is not surprising, said Yankee Group analyst Laura DiDio. "I don't think many of them thought of it as a big threat, I think they viewed it as a mosquito at a picnic -- a sort of gnat buzzing around."Despite legal threats from SCO Group, Linux use by large enterprises is growing, according to a survey by network security company Netcraft. The firm's survey shows Linux growth in the Web server sector, which has long been one of the open source OS's strongest markets.
The list of large enterprise sites that have migrated to Linux in the last two months includes Royal Sun Alliance, Deutsche Bank, SunGard, and Schwab. Linux saw a net gain of 100 sites among the 24,000 Web sites run by 1,500 large companies in this period, according to Netcraft.
Netcraft data even shows that the White House site is powered by Apache on Linux, though this appears to have been set up prior to the SCO suit.
The continued adoption of Linux by large enterprise in the face of SCO's legal threats is not surprising, said Yankee Group analyst Laura DiDio. "I don't think many of them thought of it as a big threat, I think they viewed it as a mosquito at a picnic -- a sort of gnat buzzing around."
However, "I think that's going to change as the months go on," she told NewsFactor.
Warning Letter
In May, SCO sent letters to 1500 of the largest companies globally warning them of the legal risks involved in running Linux. Although SCO did not make the identities of these companies public, Netcraft noted that it is "likely that the list of companies that received letters from SCO is quite similar to the list of sites we use to study enterprises' web site technology choices."
Some analysts speculate that SCO's legal action will slow enterprise Linux adoption among enterprises, both large and small. Meta Group analyst Thomas Murphy told NewsFactor that "If SCO has the intellectual property rights, then they're going to be the license holder, and any Linux distribution would pick up a fee, potentially, from SCO for every single copy."
Given that one of Linux's biggest advantages is that it is lower cost than proprietary software, this added fee "would be detrimental," to Linux adoption, Murphy said.
Reasons for Continued Growth
Explaining the apparent paradox of continued Linux growth in the face of potential legal action, Netcraft said that "It may well be that although SCO has generated an enormous amount of attention from the media and Linux evangelists, it does not presently have the attention of IT practitioners in large companies."
Netcraft listed a variety of additional possible explanations for Linux's increased growth despite legal threats: Companies realize the costs of migrating from Linux to FreeBSD at a later date, if needed, would be small, and they may feel the chance of a SCO victory is remote.
Relying On IBM
These large companies figure that "it will be years before this gets to court, they'll probably settle, IBM says 'don't worry,'" DiDio said.
However, "IBM had better step up to the plate and start saying whether or not they will indemnify their customers, and if so, to what extent," she said. SCO has filed a $3 billion lawsuit against IBM, alleging that IBM misapropriated SCO's Unix intellectual property, using it to increase Linux's capabilities.
Though IBM has denied SCO's charge, IBM should indemnify their customers anyway, DiDio said. "Microsoft has a great indemnification clause in their contract that they put in back in April," she noted.
That IBM has yet to offer their customers such an indemnification is troubling, DiDio said. "That fact that they're not doing it, and that they're not saying what they're going to do, I find that silence really ominous."
Some Move To Windows
Although Linux saw a net gain, "it is by no means one way traffic," Netcraft said. Of the 24,000 enterprise sites included in the survey, in the past twelve months over 1600 have changed operating systems.
Indeed, some firms have migrated to Windows. Examples of these firms are Valaro Energy, National Service Industries and Colt. Cadbury Schweppes has tried all three operating systems in last two years, and it currently runs on Windows 2000.
True, but it also has to do with the fact that they immediately trust and in some cases execute code or data downloaded from anywhere, without even asking the user.
Wordperfect, Quattro Pro, the Lotus SmartSuite office package, and OpenOffice do not have these vulnerabilities, period. Netscape Mail, Pegasus, the Bat, etc. do not have these vulnerabilities either.
How do you explain that? HINT: it is a question of bad design vs. good design.
Alter the correct settings and this will not happen.
That's because they have Royalty there. We don't have Royalty here.
Replace the defective gas tank on your Ford Pinto that was installed by the manufacturer and the explosions will not occur.
Further, that the code is published means that everyone is free to audit it, including the NSA (which produced its own set of patches for Linux and ended up doing their own Linux distribution and made it freely available).
If the WH were using Windows XP, they would not have the ability to view the source code, and under US law could not decompile it to assure themselves it was working correctly.
Your entire post is basically incorrect.
You say "security through obscurity is a bad idea." No it's not, it the basis of the entire "classification" system of the US Government. I know because I have worked there.
You bring up the NSA Linux, but failed to provide the hyperlink. As soon as you provide it, I will use, cut copy and paste right from it and post back on here where it says it is NOT a security solution for Linux.
The White House very well could request to review the source of XP, which they may or may not have done. If I had to guess, and based on some of what I do know about interoperation, they probably already do have at least access to it whether they ever explicitly asked for it or not.
Ah but the fatal flaw to your argument is you never know if you have more crackers looking at it than "fixers". Not to mention the crackers get immediate source code access to any patch as soon as it is released, explaining exactly what the "fixers" did to try to correct the problem.
It was based on Unix, that was developed by ATT Labs. There are now questions as to whether Linux may be an illegal replica, and that it subsequently stole market share from UNIX.
UNIX is primarily server technology, although many years ago it provided 'terminal' like access for most of the end users. There are some UNIX workstations, but they are typically used by software programmer types to compile applications hosted on UNIX servers.
But Linux has something that UNIX hasn't been able to market well yet, and that is the ability to run on Intel chips and motherboards, although it hasn't yet made much progress into the desktop market because of it's clumsy (immature) interface and lack of accross the board applications.
For that reason, Linux has made most of it's gains devouring the UNIX server market instead of the desktop market dominated by M$ which offers near 100% compatibility with user applications such as games and other peripheral devices. Once UNIX property owners SCO started seeing this errosion of their market, the started investigating Linux, and found the stolen code.
At least that is my understanding.
The site www.whitehouse.gov is running Apache on Linux.
Disturbing? It's just an operating system. FreeRepublic runs on Apache/Linux also. Personally, I think Linux is American as apple pie.
Somehow I doubt it's running on Red Flag. Any takers on which Linux distro? SuSE, Red Hat, Debian, Slackware?
A virus can cause up to 6 or 8 hours of work to be lost in re-installing or re-configuring the OS and the applications.
A trojan or backdoor program can spread to all the other machines on the LAN, costing untold amounts to fix and compromising security including personal information of employees and trade secrets, which once disclosed cannot be made trade secrets again.
If you truly don't grasp the parallel between a defectively designed auto and a defective software design, I feel sorry for you.
You could lay out every single security system used at Fort Knox and let people download the blueprints over the Net, and Fort Knox would be no less secure than it is today. Fort Knox's location is known to anyone who cares to look at a map.
Security through obscurity would posit that Fort Knox' location would not be generally known, and depend on that to provide protection.
If the person in charge of security at Fort Knox or anywhere else does not assume that an attacker already knows every routine and alarm system, and have a plan to still be secure, he is derelict in his duty and should be removed.
I get the feeling we are talking at cross purposes because the term "security through obscurity" means a specific thing when talking about computer security, and you are thinking of some other situation involving obscurity.
Sorry, it's not. It was originally developed in Finland by Linus Torvalds, the son of a well-known communist.
Somehow I doubt it's (the White House) running on Red Flag.
Well let's hope it's not Red Flag, but even if it's not, they still have the same open source parent code, which is free for anyone on the internet to download and examine the source code text base for security flaws.
Thankfully it only seems to be a public site, and not any sort of intranet (which I highly doubt has very much Linux on it at all).
The map location of "fort knox" seems to be a very strange and unrelated example. But to use your 'map' example, could you please tell me the exact location of "Area 51", and are you allowed to access it?
No, because you do not have sufficent "classification" such as is required to view information that has been branded "sensitive" "secret" "top secret" etc.
Security through obscurity is the basis of almost ALL security. If you don't believe it, please post your name, SSN, birthdate and largest bank account details for us right now how about.
:-)
Okay, that part of the synopsis could have been better. I'll try again - SCO is suing IBM for $1 billion and demanding that AIX sales cease, alleging that IBM improperly transferred SCO's intellectual property from AIX to Linux.
"Second, SCO is also threatening all Linux users in general not only for whatever code IBM may have put there, but what other UNIX licensees or other former ATT programmers may have contributed as well as have been found through examination of the mailist files as well as confirmed in the source code."
That is their allegation, but contrary to your assertion, it has not been independently "confirmed".
"Also, SCO has offered anyone the right to view samples of their evidence, and many have including Ms. Didio who recently appeared in an article on EE Times that like many we are currently seeing seemed to add validity to SCO's claims."
Ms. Didio signed a draconian non-disclosure agreement with SCO in order to view two blocks of code, up to 80 lines, that looked similar to her. But as Robert X. Cringely points out - SCO, Not IBM, May Have Put Unix Code Into Linux. Furthermore, SCO itself distributed Linux under the usual GPL licensing terms that allow many other distributors to incorporate the code in their products.
One other point I should have added - SCO is represented by David Boies, the lawyer who lost Al Gore's case in the 2000 presidential election, and is currenlty charged with ethical violations by the Florida Bar in the matter of a client whom he was having a "personal relationship" with.
By the way, if you're going to insinuate that the White House is using an operating system from Communist China, why not go all the way and paste Dubya's head on your Red Star Penguin? Send it to Tblshow, he'll love it. Perhaps you'd like to add a Hammer and Sickle to the Free Republic logo as well.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.