handyfloss

I came across a blog post [es] talking about Windows 7, the planned sucessor of the current Windows Vista. The same can be found elsewhere, e.g. in Ars Technica.

The article summarized some features that Windows users would like to see in W7. You can also see a picture with the whole W7 wishlist. What struck me was that, although the Redmond giant tried its best to copy every single innovation from free software, they still missed important points that users value enough to make a wishlist out of them.

Some points in the list are new and exciting. Some others are everyday things for us free software users, and it’s so amazing that Windows still does not include them:

1. Request for an integrated font manager
   One of the problems of proprietary software: the pieces each programs uses (including fonts) are property of the maker, so sharing is largely hindered. In Debian we have things like Defoma, and font management is quite lean in any distro, anyway.
2. Explorer toggle button to quickly show/hide hidden files or system files
   Files starting with a dot are hidden in Linux. All file managers I know of have the hability to show/hide them with a click or a shortcut (Ctrl-H in Thunar and Nautilus, no default but configurable shortcut for Konqueror).
3. Network/Internet bandwidth monitor
   Most, if not all, docks/taskbars in FLOSS desktops (Xfce, GNOME, KDE…) have a widget for that.
4. DirectX update on Windows Update/Microsoft Update
   I use Debian, and it manages the installed software with APT (other distros have other systems). With it, I run “aptitude update” and it searches the online repositories for the last version of all the packages that exist in them. When I do “aptitude safe-upgrade“, it automatically upgrades all the packages for which there are updates, and notifies me if some upgrade requieres to install a new package (without upgrading it until I agree to install that new package). And it’s been like this for years.

5. Infinite desktop, virtual desktop idea
   Although it probably refers to zooming interfaces, Linux has had the idea of virtual desktops for years.
6. Profile data: Move locations of all user folders and data to another location
   This is trivial in Linux since the dawn of its times.

7. Option to “Reopen Closed tabs” in IE
   Firefox has this option through add-ons like Tab Mix plus. Not only that, but many other things are possible, like: periodic reloading of some or all tabs, closing all tabs but the current one, duplicating tabs (along with all their history), freezing tabs (so they can not be accidentally closed or moved away from), change the name of the tab…
8. Auto clean of Temp folders
   Temporary file management in Linux is flawless. I never saw a tmp location full because the system forgot to clean it.
9. Provide Manual Duplex Printing in Windows Pring Dialog
   It is really lame to need to ask the maker of a big, monolithic, OS for stupid changes like that. The printing dialogs should be made by the desktop environment (a small part of the OS), or the application, and it should communicate with the printing server (another smaaaaall part of the OS). Details like that one should be fixed by updates in only one/some small packages related to the desktop environment.
10. IE should have a close button on each tab
    See point 7.
11. Disk Manager needs to have the ability to expand partitions
    Tools like GParted make partition management a breeze. In Windows, you need commercial third party tools for that. Tough luck.
12. Image (ISO, BIN) support in Windows
    What? In Windows you can not mount ISO images as if they were actual filesystems? In Linux, you sure can.
13. Family license
    It must suck to buy a copy of the OS and being able to use it only in one PC. With Linux and free software, you obviously don’t have this problem, and you don’t need to go crying to your dealer for a more mercyfull license
14. No dialog should take keyboard focus away from what you are doing
    With all serious desktop environments, you can configure this behaviour, as well as if focus follows mouse, or if you have to click on a window to make it active and so on.
15. Patch operating system without having to reboot
    With Linux, you only need to reboot if you install a new kernel (you can’t use a different kerner without rebooting). For everything else, you don’t need to.
16. Add folder size to data displayed by Windows Explorer
    Wow, it must suck being stuck with a single choice for a file manager (or any other task), and not being able to configure stupid things like that to your liking. Another con of Windows, I guess.
17. Live CD or DVD to boot from to recover from a crash or virus that would allow to transfer files
    But there is a tool for that task on Windows! It is called “Linux Live CD”, and many distros have it. I have read that it is pretty popular among some Windows users: when their system is utterly destroyed, a Linux Live CD can save the precious data in their disks.
18. Disallow removable (USB/Firewire) drives to default to next available drive letter when the letter is already used by other network drives
    I know the issue of wanting to have permanent names for given devices, no matter what. The solution is called udev.
19. Windows Mail should be minimizable to the system tray
    I use KMail and it is. Probably Thunderbird is, too. By the way… ever guess how similar to the former two Windows Mail is (by the looks in the Wikipedia article)?
20. Command Prompt should be improved
    Hehehe. I have no words.
21. Integrated Anti-Virus
    What is a virus? Please explain, I’m an ignorant Debian user!
22. More desktop themes should be offered in the default installation of the next version of Windows
    I thought Windows users wanted consistency and simplicity, and everything to look the way uncle Microsoft wanted. In Linux, we have soooo much to choose from. You doubt it? Take a look at KDE-look.org, or Xfce-look.org.
23. IE direct download – do not download to temp folder
    With any free browser (e.g. Firefox) you can choose the default dir for the downloads, and you can choose for each download where to put it (if you don’t want it in the default folder). Is it not like that in IE?

Maybe some slipped through, but I’m too tired to be more throughout.

The following shows why crytograpy methods shoud be public. There is some common misconception, that assumes that the most secure crypto methods are “proprietary” or “secret” ones. This is a terrible error, since only knowing the “recipe” (the algorithms) behind a given method can assure us that it is actually robust.

The question can rise: how can a publicly known crytographic method be secure? By definition, everyone will know how it works! Not quite. The operation method can be known to all, and an eavesdroper could know what method we are using, but if the method is secure, the eavesdroper will not be able to decipher a given message. It might be tempting to think that if an eavesdroper doesn’t even know what encryption we are using, or she knows the “name”, but the method behind is secret, then the security of the message is increased. This is called security through obscurity, and is actually a very dangerous error, because it might lead us to be less exigent in the robustness of the encryption algorithm. A communication can only be considered secure if even knowing the encryption algorithm, an eavesdropper could not decrypt it.

To achieve this, it is vital that the encryption algorithm be publicly known, and rigorous tests applied. This is the case of the crypto standards of the North-American NIST. All the standards “accepted” by them have to be subject to open scrutiny, which happens to be a Good Thing(tm). You’ll see it if you read the following articles in The Register and Wired.

In summary: one of the components of cryptographic methods is random number generation. One of the ones approved this year by the NIST (called Dual_EC_DRBG), relied on a set of initial numbers to generate the “random” result (I’ll call this set P, public). This is normal, and correct. The problem comes from the fact that this set of numbers is apparently related to another (unknown) set of numbers (that I’ll call B, backdoor), knowledge of which could empower someone to break the resulting encryption. The way I understand it, is like having the known set of numbers P = (6,12,18,24,30), but then realizing that they are all built from the set B = (2,3). In the Dual_EC_DRBG method, some experts have realized that the set P is related to another set, but they still haven’t found what are the elements of B.

Now, the scary part is that (life’s full of casualities) the Dual_EC_DRBG was introduced in the standard proposed, and pushed, by the NSA of the USA, aka “the eavesdroppers of the world”. So I’ll invent a little fiction, with no relationship with the reality: imagine that a given government agency N of nation U takes a set of numbers B, and comes up with an encryption method M that produces the apparently innocent set P from it, and then M uses P to perform encryption. If the encryption method M becomes a standard, and people all around the world use it for anything from private e-mail to secure government or militar communications… guess who has a the key to read all these messages? (a backdoor).

Thanks $GOD, this is science fiction, is it not?

When we send e-mails (specially mass forwards) we might not be aware that on the other side of the wire there is some person that could be annoyed by some of our acts. We could help others behave nicely with us if we started behaving correctly with others. This post tries to help you with that.

All the following is my opinion, but I’m not asking you to do it because it’s my opinion. I think that, besides, it’s also sensible. Judge yourself.

Avoid HTML messages at all costs

In fact, only plain text e-mails should ever be sent (and anything else as an attachment). Sophocles, Shakespeare, Cervantes… they all used plain text, and managed to get their message through, didn’t they?

The reason to use plain text is dual. Firstly, it merely adds bloat. The e-mail will be unnecessarily fat, without adding the slightest actual content. Secondly, and maybe even more importantly, HTML is used in e-mails by spammers and crackers to force the receiver to execute unwanted actions, including: visiting unsolicited web pages, sending private data (as, e.g., the confirmation of the actual existence of the receiver, something very valuable for a spammer), and, if the HTML includes malicious Java, JavaScript or ActiveX code and the receiver is not correctly protected (*cough* Windows users *cough*), anything from crashing the mail client to setting your screen on fire and killing the little puppy you got yesterday.

For the second reason in the previous paragraph, any knowledgeable user will abhor receiving HTML e-mails (I do), and will have it completely deactivated (the mail client will not interpret the HTML code, and will display it literally instead, which is 100% safe, except if ugly symbols hurt your eyeballs). Thus, your pretty HTML message will not be correctly read by the receiver, and will at least charge him with the annoyance of either activating the HTML back, or reading the source code. And in this day and age, even allowing HTML e-mails in a per-sender basis is risky as can be, since anyone can forge anyone else’s e-mail address.

So, don’t ever send HTML messages, and also deactivate the rendering of HTML messages you receive altogether. The first thing will make your receivers happier, and the second one will keep you safer.

Use care if sending mass forwards

Can you name something more unpleasant than those silly mass forwards of 2MB PowerPoints with “witty” sentences, and almost always ending in “send it to 1000 friends or die a slow and painful death”?

For me, there are two kinds of forwards: the ones I name above, and the ones with funny, interesting and/or useful data. The first one: avoid them like the plague. Don’t ever send/answer/forward them. The only use they can have is negative: they clutter the net, they slow down the download of other (possibly important) e-mails for the receiver, they waste bandwidth and connection time for those who have either or both limited, and they don’t actually add anything to the life of the receiver, except anger towards a sob who pretends to be her “friend”, and then blackmails her to spread the same message or “suffer consequences”.

For the (veeery few) contents you want to spread to legitimately help/amuse/enlighten the receivers: choose a suitable format! If the content is a joke or similar, send it in plain text. It works all the same! Don’t send a huge PowerPoint just for the sake of it. If the content is a (presumably big) file (a movie file, a presentation that is amusing in itself, an article with images and links…), put it online and send a link instead! Sending just a link is much more comfortable for the receiver, since the size of the e-mail is tiny, and she can choose whether or not to download the file, after all. Not everyone has a personal web page, but at times it proves invaluable… look for online storage solutions, as there are many free ones.

Also take into account that mass forwards can be used by spammers to get a list of valid addresses to bomb with their mails. The more “evil” a spammer, the more friendly she’ll pretend to be, to be included in the more people’s distribution lists, so that she’ll be sent all their mass forwards, along with the addresses of maybe hundreds of victims.

To avoid that, try to send your forwards only to people you actually know, and think are not spammers. Even safer: DO NOT DISCLOSE the addresses of all the receivers of your e-mails to every other receiver. It’s easy: with any half-decent e-mail client (KMail, Thunderbird and even Outlook can) you can chose to make any receiver “To:”, “CC: or “BCC:” (“Para:”, “CC” and “CCO” in the Spanish version of Outlook Express). Send all your forwards with BCC to be on the safe side.

Trim the excess

Whenever you answer to or forward an e-mail, depending on the configuration of your e-mail client it will automatically attach the original message, quoted. Now, if the receiver answers to your answer, she’ll quote your text AND your quotation of her original message. Then you answer and… you get the picture: e-mails flying around with hundreds of lines that only add: a) superfluous size excess and b) confusion, since sometimes it is not easy to find exactly the new material (coloring quotations helps, though).

Quoting the e-mail we answer to can be useful, but when answering to an answer, be nice an take the ten seconds you need to properly delete what is not needed.

Also remember that blindly forwarding messages can make you disclose to third parties information that the original sender wanted just you to read. Watch out for that!

Don’t overspread e-mail addresses

Don’t make spammers’ day by providing them with your e-mail, much less with mine!

Spammers are out there, like the truth in The X-Files. They never sleep. They have no mercy. They will relentlessly go on an on, harvesting e-mail addresses to prey upon. You have to understand that the most valuable thing for a spammer is a list of valid e-mail addresses. Valid e-mails are those that will be actually read, or at least received.

The ways in which spammers build their lists include:

* Unprotected addresses publicly amenable on the Web
* Being included in a “mass forward” (see above)
* Random spam

Unprotected public addresses include valid e-mail addresses that appear literally in a web page, or sent to USENET or other discussion forums. For that reason, if you want to protect your address, while still making it possible for others to contact you, don’t ever put your address on the web like that:

myname@mydomain.com

Instead, put something like:

myname AT mydomain DOT com

or:

mynameIHATESPAMMERS@mydomain.com

Or any other combination that makes the literal e-mail completely invalid, but a human reader can realize how to handle to get the correct address. You have to understand that the spammers use robots to harvest e-mails from the web, that is, there are computer programs looking for e-mails, not human beings (even stretching the meaning of “human being” to include scum like spammers). An address that needs human “logic” to be read will not be parsed correctly by robots.

In that regard, beware that both “protected” addresses above are far from perfect. It’s trivial to write a robot program that translates every “AT” with an “@”, and any “DOT” with a “.”, and/or eliminates spaces, capital letters or words like “SPAMMER(S)” etc. So be colorful, and think like a robot can’t think :^)

A second approach to protecting your e-mail could be to use a specific anti-spam address. There are companies like Bluebottle who provide such a service. As you can see, the e-mail I provide in this Web site belongs to that category, and is a completely free account (they offer further services, that I do not need, for a fee).

These “anti-spam” e-mail accounts basically contact the sender each time they receive an e-mail. Then the sender has to perform some kind of basic action (click a button or similar) to assure that they are valid senders, and if they fail to, the e-mail is filtered. The validation action has the sole actual purpose of making sure that the sender is human. ANY human sender is let through, but the spam robots normally don’t have the wit to answer properly when prompted by the Bluebottle server. Yes, this might piss off the legitimate senders, because they are required to click a silly button before their message goes through. However, this is done only once. After the first authentication, all the e-mails coming from that address will be automatically accepted.

Being included in a mass forward is discussed above, and random spam messages are those offering medicines or pornography. If you answer to one of them, you might not get infected with a virus or anything, but the sender might secretly know that you actually exist (because she is notified when you answer or click the link), and remember: valid addresses are what spammers seek.

Actually it is two applications I want to highlight: Filelight and Baobab. Both are disk usage analyzers, the former for KDE (see Figure 1), and the latter for GNOME (see Figure 2).

Figure 1: Filelight (click to enlarge)

Figure 2: Baobab (click to enlarge)

A disk usage analyzer is a tool to conveniently find out how much hard disk space different directories and files are taking up. It combines the effectiveness of the Unix du (if you never used it, stop here and do a man du in your command line immediately. If you do not know what that “command line” thingie is, whip yourself in the back repeatedly), with the convenience of a visual clue of how large directories are compared to one another.

From the two DUAs I mention, I largely prefer Filelight, for some reasons:

1 – When I want to open a terminal in a location chosen from the DUA window, with Baobab it’s two clicks away: “Open file manager here”, then “Open terminal here” in the file manager. With Filelight, it’s just one click: “open terminal here”. Plus Filelight has a handy locator bar at the top, showing the full path to the current location (useful to copy-and-paste with the mouse to an already open terminal).

2 – Filelight shows directories up to individual files. Baobab just dirs.

3 – With Filelight, navigation up and down (and back and forward) in the dir tree is a breeze (web browser-style). With Baobab, it’s a pain.

4 – The presentation is similar, but the one of Filelight is slightly nicer, with more info when the mouse is hovered over the graph.

Probably Baobab can be easily made to behave like Filelight. I just tried them both, and liked the latter better on first sight. I tried Baobab first, and I found some things lacking. When I tried Filelight, five minutes later, I just thought “These are the details Baobab was missing!”

The setup

A colleague wanted to edit a video (actually, three) for a presentation she intended to make in a laptop with Windows Vista and MS Office 2007. The video was a WMV, and the required edition included removing fragments, changing the speed of one of the fragments (and join it back with the others), and adding a soundtrack.

The problem

She could not, for the life of her, edit the damned thing on a Windows computer.

The solution

Why, Free Software, of course.

The motivation of this post

To help dispell two ideas: that “Windows is easy”, and that “With Linux, you waste your time finding out how to do things”.

The story

Part I – Linux

OK, so I proposed her to use some Free Software called Avidemux. Our first problem was that apparently Avidemux was unable to cut the video in pieces (it crashed at the attempt). After much perusing, and using the humble file command, I found out the reason: the WMV had no playing FPS set. Players, like MPlayer would reproduce it by guessing 25 or 30 frames per second, but editors need a precise value to count on. I readily fixed it by reencoding the video to 25fps with MEncoder:

% mencoder in.wmv -ovc lavc -nosound -fps 25 -lavcopts vcodec=wmv1 -o out.avi

Once a proper FPS given, I used Avidemux to split the file. However, I encountered a second problem: I couldn’t split the file anywhere. I could only cut it at points 10 seconds appart. I had to sweat a bit more to fix that, but I also learned something more in the way. Most (all?) compressed video formats use at least two kinds of frames: normal frames and keyframes. The latter are the frames where any player can seek to in the video. According to the man page of MEncoder:

keyint
maximum interval between keyframes in frames (default: 250 or one keyframe every ten seconds in a 25fps movie. […] Keyframes are also needed for seeking, as seeking is only possible to a keyframe – but keyframes need more space than other frames, so larger numbers here mean slightly smaller files but less precise seeking. 0 is equivalent to 1, which makes every frame a keyframe. […]

So here you are: the problem was the default value of some variable called keyint. To make the video seekable to any frame (so it could be cut at any point), I set keyint to 1:

% mencoder in.wmv -ovc lavc -nosound -fps 25 -lavcopts vcodec=wmv1:keyint=1 -o out.avi

Once the movie was split into parts with Avidemux, and the unwanted parts were removed, the next step consisted on playing one fragment faster. The problem here is that I don’t know how to make a variable FPS video, so we had to make it so all the video played at the same FPS, but a part was faster. How? Removing frames, of course. I used MPlayer to deconstruct the relevant fragment into individual frames (in PNG format):

% mplayer -vo png:z=2 fragment

The command above generates a whole lot of 0000xxxxx.png files, with frames ordered by the number in the filename. Next, I deleted every second frame. How? With a stupid GUI I don’t know, but from the command line it is trivial:

% rm -f 00*[13579].png

Now, I just re-constructed the video with half the frames, to get an effectively double-speed video, with same FPS as original:

% mencoder "mf://*.png" -mf fps=25 -o output.avi -ovc lavc -lavcopts vcodec=wmv1

If I am allowed to say it, the effect is really great. You wouldn’t tell the sped-up video from the original, except from the increased play speed.

Using Avidemux for joining the video fragments was a breeze, and it could even be done from the command line:

% avidemux fragment1.avi --append fragment2.avi --append fragment3.avi --save total.avi --quit

The last (Linux) part consisted on adding a soundtrack, which Avidemux can do, from a MP3, WAV, or another video. This was easy.

Part II – Windows Vista

OK, the last Linux step consisted on reencoding the video in some format that Vista could read. This was no immediate task, but after some tests, we made it. Windows Media Player could reproduce the movie with no problem.

Finally, we opened the wonderful Office 2007 in the shiny and new Vista laptop, and created a PowerPoint slide to insert the video (the rest of the presentation was already done). Everything seemed to work, but when we played the presentation, we discovered that either the video or the sound could be played (depending on how we had encoded the video in Linux), but not both simultaneously. WMP would play the videos just fine, but the embedded player in PowerPoint would not… go figure why. After at least 3 crashes of Office (yes, Office crashes), some bitching because we could not make any sense of the new Office interface (we are experienced pre-Vista and Linux users, and Windows is for idiots, right? We must be idioter than average) having to stand the fact that the semitransparent border of a window refused to disappear when we closed it (so we kept working with a blue-greenish stripe across a part of the desktop), and one Windows reboot (yes, Vista still hangs from time to time), we managed to insert and play the darned video. How? We just inserted two videos: one for which only the audio was playing, and another one for which only the image was showing. We then make these two objects to kick off at the same time, et voila!. Not the cleanest of solutions, but with Windows “everything just works”, right?

The moral

The moral of the first step (the FPS not being set) was that I had to play around for a while with my Linux tools, but the culprit was MS, and their lousy WMV. I have never produced a video with no FPS (and all other necessary metadata) set, because my FLOSS tools do it automatically. Secondly, I didn’t waste my time. Thanks to the usefulness of the FLOSS tools, I ended up learning something about movies, FPSs, and that they are required. I also learned about key frames, and seeking and cuting video streams.

On the other hand, for a much simpler job, we spent relatively (and maybe absolutely) longer with Windows, and we did lose our time with it. The problems we encountered with Linux were difficulties of the situation itself: the original WMV was flawed, the AVI we created had too high an inter-keyframe interval… and the FLOSS tools we used helped us fix them and learn in the process. In the case of Windows, the task was so simple, and all the problems we met were created by Vista. We didn’t learn anything from all of our struggle, because we only struggled against Windows (the GUI, the crashes, how to encode the video in Linux so that Vista could read it, why the darned Office would not play the audio or the video), not our problem (editing and embedding the file). All the time was devoted to learning how to overcome the limitations and errors of our tool, not to how to use our tool to perform some task, learning about the task itself in the process. Thus, it was wasted time.

Sin más razón que alimentar mi ego, aquí copio y pego un par de comentarios míos en una noticia de Menéame (8 razones de un usuario de Windows para no cambiar a Linux).

Me gustan sobremanera los comentarios #19 y #20. Analizadlos con un poco de rigor: los Windowseros “talibanes” (y los Linuxeros críticos) critican Linux porque falta software comercial (juegos y otros) y drivers. Los Linuxeros “talibanes” (y los Windowseros críticos) critican Windows porque se cuelga, porque no es seguro, etc.

Si os dáis cuenta, las ventajas de Windows sobre Linux son ajenas a Windows, mientras las ventajas de Linux son intrínsecas a este. Es decir: mañana las compañías de soft podrían decidir sacar todos sus productos solo para Linux, y la ventaja de Windows se vendría abajo. Al revés, no hay manera en el mundo de que la ventaja de Linux se elimine, a menos que alguien reescriba Windows de cero y lo convierta en UNIX 2.0 o algo así.

Yo alucino con los argumentos pro-Windows de la gente. Tomemos uno muy recurrente en este hilo: MSN. La gente dice que no pueden/quieren dejar de usar Windows porque (entre otros motivos), quieren usar el cliente MSN. El problema no es la calidad técnica de dicho cliente o de su protocolo, porque hay otros protocolos y clientes mejores (eso nadie lo duda). El problema es que MSN tiene un protocolo privativo, que MS puede cambiar como y cuando quiera, y al ser una aplicación popular, la gente se ve obligada o bien a usar clones que por fuerza andarán más “atrás” en compatibilidad y cualidades que el cliente nativo, o a usar el cliente nativo en el OS nativo.

Reflexionemos: estamos diciendo que hay un protocolo inferior que nos obliga a usar un cliente concreto, y este a su vez nos obliga a usar un SO concreto. ¿Y esto es una razón a favor de usarlo? Para mí es una razón en contra de usarlo. ¿Qué garantía de calidad se puede exigir a un productor en un mercado cautivo? ¿Cómo puedo ser tan necio de regalar mi libertad a cierto proveedor, y usar el único producto del mercado que me exige exclusividad, cuando hay otros productos mejores, y que no me la exigen? Si hay un(os) protocolo(s) de mensajería que es(son) abierto(s), y tiene(n) mil clientes diferentes (por lo que puedo elegir cliente) de los cuales muchos son multiplataforma (y por tanto puedo elegir el SO), ¿no es esto, precisamente, una razón poderosa para usar ese protocolo, y no MSN?

Vivimos en un mundo de borregos.

My public Bluebottle e-mail account (isilanes@bluebottle.com) has stopped 5k spammers so far (since 05/31/2005).

Every e-mail sent to that e-mail is checked for a human sending it, and senders that correctly identify themselves are permitted through. Any other is filtered out to a “Pending” list. I periodically visit that list, and check the non-spamm ones (a few, if any). The rest is put in to a “Blocked” list, and any further e-mail from these senders is quietly dropped (any time I connect to Bluebottle I see a message saying “213 messages thrashed” or something like this, meaning that since the last visit, these many messages were received (and dropped) from the already Blocked addresses (I guess).

So it is this “Blocked” list that has reached a count of 5004 addresses on it. Obviously, many more spam messages were received (more than one from each address). My first spammer in Bluebottle:

Kendra L. Brown
4chien@abacom.com
05/31/2005

Long time no see, Kendra!

I read in The Register that a zero-day vulnerability has been reported in Oracle 10g databases. I am by no means an expert in databases (“not an expert”, wow, what an understatement! I’m an ignorant), but I have my small war against people who regard proprietary DBs such as Oracle or IBM DB2 as far above free software alternatives such as MySQL or PostgreSQL. To put an example company with HUGE databases, Google uses MySQL. Actually, I just found in the previous link this post in an ex-Google employee’s blog, and I plan to show it to any half-wit parroting the motto that “big commercial solutions” are by default better than “hobbyist things” like free software (specially for DBs).

So, when I read the Register headline, I immediately thought of writing a post on how “bad” Oracle was. However, after actually reading the (short) article, I decided to change the main point of the post. Actually, what this case shows is how “bad” depending on proprietary software is. Quoting the Register article:

Oracle has reportedly created a fix but is not willing to break its quarterly patch release cycle to issue an update. The database giant’s next update is schedule for 15 January. In the absence of a patch no ready workaround is available, iDefense reports.

Holy crap! Oracle acknowledges that the bug is there, that it is dangerous, and that they do have a fix, but they friggin’ don’t want to release it!. Just because “it doesn’t fit” in their well-laid plans! No need to say that with free software this can not happen: there is no reason to hold on on bugfixes. And even if there was, anyone can write a patch, and release it, so there is no vendor locking the users to it, and deciding what to release and when.

I have posted about an open letter François Bancilhon, CEO of Mandriva, wrote to Steve Ballmer, CEO of Microsoft.

Here I intend to give proper answer to some comments in the Mandriva blog page, mostly covering ethical and legal issues.

For a complete immersion on the subject, please read the whole letter. For a summary: the government of Nigeria decided to buy 17k computers. Mandriva and Microsoft made offers, and Mandriva won. After the computers being sent to Nigeria, the government of Nigeria contacted Mandriva and informed them that they’d pay the bill, but that they had changed their mind and would install Windows instead.

Now some comments in the Mandriva blog page, and my responses:

Charles said

November 1, 2007 at 3:03 pm

Would you entrust your country’s educational computer future to a company whose CEO writes whiny unprofessional conspiracy theories on his blog? I sure as hell wouldn’t.

Even if bribes were made (and I’m just saying hypothetically ‘if’), the reality is that for this to have happened somebody must have seen value in a Microsoft solution over your ware. It’s your fault for not being able to convince the customer otherwise, not Microsoft’s for behaving like a business.

Grow up.

1) The whole point is that with Mandriva the Nigerian government wouldn’t be “entrusting their country’s educational computer future” to anyone. It’s the other way around! No matter how stupid/lame/immoral/illegal Mandriva and its CEO are, once you make the Linux bet, you are free. You don’t depend on any single vendor for anything. I know it’s a complex concept for a slave-minded Windows user, but Linux is about Freedom. On the other hand, going for Windows implies entrusting yourself to a single company: Microsoft. Would you pledge obedience to an unethical, monopolistic, soulless, predatory and often illegal company? You are doing so by surrendering to MS. Besides, the CEO of Mandriva is not “whining”. He is caring. After all, they got the money, so, if money was his only concern, he’d be happy. But he is concerned about more things, which you seem to be impervious to: the fairness of the deal, the fulfillment of closed agreements, the access of Nigerian youth to Free Software, the respect of MS to anti-monopoly and fair market rules… The wise is pointing the sky, and you look at the finger instead.

2) It is not Mandriva’s “fault”, and MS did not “behave like a business”. If MS somehow bribed the Nigerian government, they’d be seriously breaking international law, violating the rules you rely on to believe you live in a democracy. Not “everything” is permitted in business. A monopolistic holding can not sell products below price (dumping) to eliminate the competitors. It is against law, and, if permitted, it totally damages the consumer in the long run. In the short run, the lower prices are a plus for the consumer, but once the competition is hampered, the company in the monopolistic position can continue abusing the market (raising the prices, lowering the quality, applying arbitrary limitations…).

sarek said,

November 5, 2007 at 3:46 pm

François,

What are you whining about. You have sold your PC you already have your money. If the Nigerians would say, we don’t want to pay for the software because we install Microsoft Windows i could understand your complaining. But you have deliverd your goods, and got payed. What is your problem, if the Nigerians want to convert the machines to a Sony Playstation, that is not you problem, it is their right because they have bought and payed for the goods. I can’t understand all those whining of Linux community against Microsoft, I use Linux myself and the company uses Windows. Linux is not heaven and Microsoft is not Hell. If you look at companies as Suse/Novell and Red Hat, it is no open source anymore (they are copieing the Microsoft marketing strategie).

François, stop whining and use a better sales team

3) Again, François is not complaining for money! He is speaking of fairness, justice, and even the good of the Nigerians themselves. Don’t you get it? Mandriva won the contract, because their offer was better. Any act whatsoever afterwards is a dirty trick (possibly illegal) to impose a worse product that had lost in fair competition. François is worried about Nigerians getting the worse product.

4) About Mandriva getting a better sales team… why should they? They freakin’ won the contract!! Their product is better, and their sales team did convince the Nigerian government. Where did Mandriva fail? They should have bribed the Nigerian government, I infer?

Steve said,

November 5, 2007 at 2:41 pm

Come on guys! Seriously, you wonder why the mass market isn’t taking on Linux in numbers? There’s a number of reasons, but comments like:

“I am proud to be a linux user and i’ll die as a linux user.”

“MS is like a drug dealer”

And then moaning about ethics. Come on – this is business.

5) No. François is not talking only about ethics. Bribing someone to dump the option that won in a public competition and choose the loser option is illegal and unfair. Besides, it is also unethic, and your lame ad hominem attack on Linux users doesn’t “prove” otherwise. What you accuse Linux users of is not unethic, and even if it were, it doesn’t disprove our arguments (read what an ad hominem is, please).

Maybe, just maybe Microsoft presented a really good business case, stating the TCO on a volume licence agreement compared to the Mandrivia option. The cost would be reduced due to the volume licence agreement anyway, and that also includes free technical support to MS.

6) This line of argumentation is irrelevant. Obviously MS might have a better offer than Mandriva. But the public competition was made just for that! Both Mandriva and MS made the offers they considered fit, and Mandriva won. How many times does this need to be said? Mandriva won the competition and MS lost it. If the Nigerian government changed their mind afterwards, it has nothing to do with MS’s merits, because such merits were judged in the public competition that Mandriva won.

Whilst Linux is a great platform, it’s still nowhere near Vista or XP level yet. Whilst Linux is free or very cheap this is OK – but if you compare Vista against Linux and remove the cost out of the equasion then the worlds most popular OS is probably going to win it.

7) You have obviously not used Linux much. The technical competition was lost for Windows long time ago. The only advantage of Windows is that it is more widely used and that more commercial software is made for it, and this generates a vendor lock-in effect. Both effects are external to Windows. Intrinsically, and leaving the price aside, Linux is miles ahead of MS Windows.

That’s just business, we’ve had the same thing happen to us (our company is a web development company. Got Phase 1 done, but support went as they got their system redone by a competitor before we even finished development) Get over it, stop whining like children and start working as a commerical entity rather than hobbyists.

8 ) This is not “business”, this is breaking the law (see point 2 above).

chineme said,

November 4, 2007 at 8:28 pm

I don’t understand what all this fuss is about,Someone buys a laptop or PC that comes pre-installed with windows (also paying for the software) then remove windows and install mandriva no one complains.

Then he do the opposite and everyone takes up arms.

9) You are wrong. If I buy a laptop privately, I can do with it whatever I see fit. But the Nigerian government bought 17k computers with public money. Whenever you do something like that, you have to make (if you live in a democracy) a public competition, to see which provider makes the best offer (to guarantee that public money is spent correctly). This competition was made, and Mandriva won. If, afterwards, and with no further public competition, the government decides otherwise, they are misusing the public funds.

Lets face it the Nigerian government wanted a good cheap hardware deal and they got it and they probably also got a good deal on OS from Microsft as well. So they went for it. What is this Francois complaining about? Wasnt he paid or did they violate a contract that he can sue them for? If they did he can go ahead ad sue and stop whinning.

10) See point 9 above.

Did he ever go to Nigeria to protect his investment? Or did he just read up all the drivel and nonsense about Nigeria being a corrupt country full of spammers like the rest of you and decide to stay away as far as possible.

11) No. What François did was to win the public competition with his better offer. Period. Mandriva’s offer was better, it won, and any other use of the Nigerian money is a misuse on the government’s side, and illegal actions from MS’s side depending on what they did to get the deal.

On spam: I recieve more spam on people trying to sell me viagra or sell me a home ownership loan or even winning a lottery than Nigerians trying to get me to move millions out of the country and I treat them all the same way: I trash them.

Lets concentrate on the real issue being poor marketing and follow up and leave Nigeria’s ethics or lack of it out of the issue

12) The “real issue” is not poor marketing. It is improper assignation of public funds. Read points 9 and 11 above.

Alex said,

November 3, 2007 at 5:46 pm

Dear François,
Your letter show ignorance on your part about black people in general and Nigerians in partucular. Nigerians may be poor now- but they are certainly not stupid!
Your assuption- even though you have dealt with nigerians is that they are ignorant about both business issue and they do not have they technical savvy to make their own decisions- it’s nothing but pure racism. Not racisim out of malice- you seem to demonstarte a sincere ignorance about the abilities of africans.

Incidentlly, only French young people spend more time in education than Nigerians in the whole world- you can check that out
Do you seriously Think Nigerians- some of the best educated people in in African , if not in the world are not clever enough to change from your OS to microsoft’s.

13) You are using a laughable straw man argument. François is not implying that Nigerians are stupid. He (if I understand correctly) is implying that a) MS behaved illegally, bribing the Nigerian government to make it choose an option that had lost in a fair and public competition, over the one that had won, and b) it might be a case of corruption in the Nigerian government side, by knowingly choosing the loser in the aforementioned competition, and hence misusing the public money assigned to buy computers. To “change their mind”, the Nigerian government would have had to repeat the public competition, so that MS could win in a second round.

As a person of Nigerian parentage, when i first read about your deal I was alamed about you supplying your OS to nigerian schools. From what I know about Nigerians everybody used microsoft anyway- Every Nigerian I know- including the teachers who would be using this machnines use microsoft.

The delivery of machine s that are rugged by your company is just the perfect thing for nigeria and her schools.
To me it sounds like the best business outcome- from the point of view of the customer.
They get rugged machines good for their situation, and an os they are used to

I think for once Nigerians have let common sence rather than money to prevail.
Maybe you should press our advantage that they loved your machines to keep your relationship with the Nigerian govermenmt going, so that you get more contracts from the country- Nigerian is a huge country with millions of young people eager to learn. A well considered stategy and long term view by your country in a frican may in the end popularise your OS there as well- believe me there are ways to beat microsoft in a country like nigeria- I mean software design wise

14) Getting computers with Windows is about the worst possible outcome for Nigeria. You say that Nigerians are eager to learn, but on the other hand you say that getting Windows is better, because they are used to it! Staying with the known “bad” thing, not to have to learn the new “good” thing is very bad politics for a developing country.

GvS said,

November 2, 2007 at 4:55 pm

Maybe because Mandriva is just one of 10.000 linux distro’s, and Windows is the defacto industry standard.

15) Windows being the de facto standard is really really bad for the computer users. What this means is that instead of software makers following the standards agreed upon by all agents (makers, users, governments…), it’s the other way around: users, governments and other companies have to follow the decisions of MS. Decisions that are taken to benefit only MS, regardless of how negative they might be for the users. Do you really think this situation is good for you?

If you are running a government, and you have to choose between:
a. A linux distro that my students have a 1% (a very very high estimate) of using in real life (that is working for a company)
b. A M$ solution, they will use in at least 50% (a very very low estimate) of the companies they will ever work for.
Now what do you choose to best prepare your students?

16) Your argument is that people shouldn’t use Linux because people don’t use Linux. Reread it, an realize what a nonsense it is! The correct reasoning is the following:

a) Windows binds you to a vendor (MS) / Linux doesn’t
b) Windows restricts your rights to use, modify and redistribute it / Linux doesn’t
c) Windows artificially restricts (DRM) what kind of media you can play on it / Linux doesn’t
d) Windows encourages you not to learn how the computer works / Linux does the opposite
e) Windows makes you dependent on proprietary formats / Linux doesn’t
f) Windows is bug ridden, unstable and subject to malware / The incidence of these is infinitely smaller in Linux
g) Windows encourages following the beaten path / Linux encourages finding your own way
h) Windows makes you fall in a dependency loop that is hard to get out of / Linux gives you freedom
i) Windows means more money to the already rich / Linux means more power to the user

Now, as a teacher in a developing country, eager to break the chains with the First World domination, to give the most freedom and power to your students, to educate them to learn, and not just repeat what others do without real knowledge… what would you choose to provide your students?

Anonymous said,

November 1, 2007 at 4:02 am

François,

Why are you assuming that Microsoft did something underhanded? It could very well be the case that a deal with Microsoft is more viable for the Nigerian goverment in the longer run –
– Their products are tried and trusted. Yours is still an unknown quantity.
– Their customer support is supposedly very good. How about yours?
– Maybe the TCO for Microsoft’s solution is lower than your solution.

I’m in no way taking sides. But you must be willing to accept the possibility that Microsoft could have presented a better long term deal for them.
-Anonymous

17) Did you actually read François’s post? MS lost the public competition. Mandriva won it. MS’s offer could have been better, but it actually wasn’t. Read point 6 above.

djbon2112 said,

November 2, 2007 at 11:37 am

Wow, more bitching from a Linux distro because Microsoft won a deal? Unheard-of!

18) Again the same nonsense! Microsoft LOST the deal. There was a public competition, and Mandriva won. Mandriva and MS had the opportunity to make their best offers, both did, and the government chose Madriva. MS didn’t win the deal: they bribed their way into it. Read points 2, 6 and 9 above, please.

Sorry, but Microsoft makes a better product. You know why? It doesn’t abuse my time.

I’ve tried to use Linux. I’ve tried Ubuntu, and Debian, and Fedora, and countless other distros (yours included) throughout the years. And every time, I’ve run into problems which are so simple to fix in Windows, but take HOURS of my time to attempt to fix in Linux. And I say “attempt”, because 90% of the time, the “solutions” don’t work, and I’ve wasted another hour of my life trying to make something simple (like, a Flash plug-in for Firefox in x64?, to name one of MANY!) work.

A friend of mine said, “Linux is only free if your time is worthless”. Microsoft products work easily, the first time, and don’t waste my life with trivial issues and setup. I can get a Windows Vista box up and surfing the internet, playing games, watching movies, doing ANYTHING you want, in under 2 hours. I’ll take a little “insecurity” (and Windows is only insecure if you’re an idiot) for that!

19) This rant is more tech-related than about the Mandriva vs. MS issue at hand. Anyway, I will comment something: your experience is anecdotal. Windows is easier than Linux if you are an expert in the former, and an ignorant in the latter. I have a long experience in both, and for me Linux is easier. When I an forced to use that pile of crap called Windows I keep finding that I don’t know how to do the simplest things. Maybe it’s because I am more used to Linux… so this proves my point. And there are a lot of things that are really simple in Linux, and are really annoying, or impossible to do in Windows.

You say that “Linux is only free if your time is worthless”. It’s a good point, but rather false. You are assuming that you already know how to use Windows, and that you have to learn how to use Linux. But if you know neither, learning Linux does not necessarily require more of your valuable time. Moreover, all the time I have spent figuring out how to do things in Linux was not wasted time for me. I learned a lot, not about Linux, but about how to do stuff, and how computers work, and how the Internet works, and about security, and about programming, and about an awful lot of things. Linux gave me the marvelous opportunity to learn a lot!

Update: Nigerian government moves back to Mandriva

I just changed the theme from Contempt to Andreas09. I will miss the custom header, and I liked the previous style just a little bit better than this one. But for me the former was too narrow. From time to time I write really long posts, and they look horrible if the text is not wide. I also want to be able to add pictures with the size I deem appropriate, not with a tiny size to fit in the narrow blog column. So, I will be sacrificing looks for the sake of readability.