Today is...
Friday, February 24, 2017
Welcome to Control.com, the global online
community of automation professionals.
Featured Video...
Featured Video
A demonstration of EtherCAT control of linear motors using the CTC EtherCAT master.
Our Advertisers
Help keep our servers running...
Patronize our advertisers!
Visit our Post Archive
Windows XP, Anyone?
Are you considering upgrading to XP despite the noxious End User License Agreement and higher prices?
By Jake Brodsky on 20 June, 2002 - 11:47 am

As seen in many other forums, the end user license agreements (EULA) from Microsoft are getting a lot more cumbersome, expensive, and difficult to read. Microsoft Software is not the cheap operating system it once was.

The questions I have for this group:

Are you still recommending Microsoft Operating systems for use in your projects? If so, have you changed your policies on what applications you recommend thier products for? If you aren't recommending Microsoft, what alternatives are you proposing?

On a side note: is anyone concerned about how tightly standards such as OPC are tied to Microsoft platforms? Are there any emerging alternative standards?

By Michael R. Batchelor on 22 June, 2002 - 1:47 pm

Well, CORBA isn't tied to Microsoft, and it's freely available.
It's just no as popular as the DCOM which underlies OPC. I can't think of any technical reason that an OPC-like standard couldn't work with CORBA underneath. And there is no reason CORBA can't work on Windows. It's just that nobody does it.

MB

By Chiron Consulting on 24 June, 2002 - 5:53 pm

> And there is no reason CORBA can't
> work on Windows. It's just that nobody does it.

Sure they do. The following are all portable CORBA-compliant ORBs that run on Windows (as well as other OS's):

TAO ( "http://www.cs.wustl.edu/~schmidt/TAO.html"://http://www.cs.wustl.edu/~schmidt/TAO.html )
ORBacus ( "http://www.iona.com/products/orbacus_home.htm":http://www.iona.com/products/orbacus_home.htm )
eORB ( "http://www.vertel.com/products/eorb_c.asp":http://www.vertel.com/products/eorb_c.asp )
Orbit ("http://www.labs.redhat.com/orbit/":http://www.labs.redhat.com/orbit/ )
Borland's VisiBroker ( "http://www.highlander.com/products/index.html":http://www.highlander.com/products/index.html )

eORB and VisiBroker are commercial; the others are Open Source. And there are others.

But Michael makes a valid point when he says that CORBA isn't as popular (i.e. widely used) as DCOM. And "nobody does it" does apply to the
observation that there's no OPC-like standard built on top of CORBA. But there's no reason there can't be.

Greg Goodman
Chiron Consulting

By Ralph Mackiewicz on 25 June, 2002 - 2:24 pm

> Well, CORBA isn't tied to Microsoft, and it's freely available.
> It's just no as popular as the DCOM which underlies OPC. I can't
> think of any technical reason that an OPC-like standard couldn't
> work with CORBA underneath. And there is no reason CORBA can't
> work on Windows. It's just that nobody does it.

The Object Management Group has developed such a standard. Its called: Data Access for Industrial Systems (or DAIS). You can get a copy of this specification via the web at:

"http://cgi.omg.org/docs/dtc/01-07-03.pdf":http://cgi.omg.org/docs/dtc/01-07-03.pdf

It is modeled after OPC but the interface is platform independent.

Products are available.

Regards,
Ralph Mackiewicz
SISCO, Inc.

By Curt Wuollet on 24 June, 2002 - 10:00 am

HI Jake
There are no alternatives supported by the big automation vendors. How could one possibly reccommend an alternative? And this _is_ my pet peeve amd a major liability for the whole automation community.

Because they have no real choice, they are bound to whatever Microsoft does as far as licensing and forced obsolecense. Dependence on COM/DCOM and OPC tend to reinforce this but since there is really no choice in your tools, databases, etc., many folks don't see this as a problem.

If there were choice, it would tend to favor cross platform standards and you can't have that, it must be MS or nothing or the Redmond gang retaliates and makes your pricing non-competitive.

I don't think this will change until people start seeing how bad for business and risky having no alternatives really are. It may not even happen then as there are, no doubt, exclusive licensing agreements between these corporations and Microsoft that prohibit selling anything else

> On a side note: is anyone concerned about how tightly standards such as
> OPC are tied to Microsoft platforms? Are there any emerging alternative
> standards?

Alternative object brokers, etc. are merely wishful thinking as long as the companies are in bed with Bill G. Microsoft now specifically forbids using anything open with it's software.
The only way would be to provide a completely seperate system from top to bottom with no MS involved. That is what we are trying to do with the MAT/LinuxPLC project. I still need convincing that these general class mechinisms are the way to do things in automation but at least we can
use Corba or lightweight alternatives.

Regards
cww

By Michael Griffin on 24 June, 2002 - 5:15 pm

On June 20, 2002 05:15 pm, Jake Brodsky wrote:
<clip>
> Are you still recommending Microsoft Operating systems for use in your projects? If so, have you changed your policies on what applications you recommend thier products for? If you aren't recommending Microsoft, what alternatives are you proposing?<
<clip>

We don't specify an operating system. If the designer proposes to use Windows we do specify what version of that to use, but we don't specify using Windows.
Our decision on this was based on the belief that it is ridiculous to make a
fundamental design decision such as this without taking its impact on the overall system design into account. Windows is simply too specialised and inflexible to be used in all applications.
We would expect the system designer to propose an operating system which was suited to the application, and to take complete responsibility for this choice. We would review this part of the proposal the same as we would any other component in the system. The software itself isn't going to "wear out", so it doesn't present the same sort of spare parts issues that valves or relays do.

************************
Michael Griffin
London, Ont. Canada
************************

By Davis Gentry on 25 June, 2002 - 2:37 pm

Michael Griffin wrote:
> The software itself isn't going to "wear out",
> so it doesn't present the same sort of spare parts
> issues that valves or relays do.

I would take issue with this statement. While the
operating system itself (whichever you should choose) will never "wear out" the hardware attached to the system will. Let us assume that you put together an HMI system with a Matrox video frame grabber card back in 1994. You may well have chosen Windows 3.1 as the operating system (I am not arguing for or against any
Windows system here - just pointing it out as a very possible choice) - yesterday your frame grabber went bye-bye, and today you discover that you cannot under any circumstances purchase one with Win 3.1 drivers. So you look to upgrade your operating system, and find that you now need all new hardware. Then you find out that the HMI software you used back in 1994 will not run under any current operating system. And that the
custom code which used the frame grabber for defect detection is going to have to be completely
re-written. So the $275 replacement of a simple frame grabber is now going to cost you $15k worth of hardware, software, development, and integration time, and that your machine is going to be down for four to six weeks.

At no point in the original design process did anyone make any bad decisions, and the systems were obviously adequately implemented (they've been running 8 years now). In spite of that you have to go to management and explain all of this and they are not happy. I used a frame grabber as an example, but it could just as easily have been a modem or ethernet card, or a video card (the ones I have seen the most problems with).

This issue is in no way seen only with PCs. Try
getting a PLC-2 system up and running after major
problems today. It's worse with PCs, however, because of the accelerated life cycles in consumer goods, and the problem has gotten much worse since PCs became a ubiquitous item in American homes.

There are companies which rescue old cards and sell them to people like us who are in the position of having to choose between shutting down a production line and purchasing a ten year old card to replace the one that just blew.

Anyone out there have a long term solution for this problem? I don't know of one yet.

Davis Gentry
Application Engineer
Delta Tau Data Systems

By Michael Griffin on 27 June, 2002 - 3:00 pm

On June 24, 2002 04:22 pm, Davis Gentry wrote:
> --- Michael Griffin wrote:
> > The software itself isn't going to "wear out", so it doesn't present the same sort of spare parts issues that valves or relays do.

Davis Gentry:
> I would take issue with this statement. While the operating system itself (whichever you should choose) will never "wear out" the hardware attached to the system will.
<clip>

Well yes, the hardware will wear out - I never said it wouldn't. The software isn't wearing out though so I need to stock spare hardware, not
spare software.

> and today you discover that you cannot under any circumstances purchase one with Win 3.1 drivers. So you look to upgrade your operating system, and find that you now need all new hardware. Then you find out that the HMI software you used back in 1994 will not run under any current operating system. And that the custom code which used the frame grabber for defect detection is going to have to be completely re-written.
<clip>

I am familiar with this situation. We have some test systems which were designed about 8 or 9 years ago. The boards are obsolete, and using the
replacement products for them will require re-writing the software. The original software was written in 'C', it used LabWindows for DOS to create the user interface, and DOS 6.2 as an operating system. I am looking at implementing the same test method in new software, new computer hardware, and new boards.

This isn't an urgent project as nothing is down and we still have spare parts. However, I am aware of what you are referring to. I have noticed though that the turn over in data aquisition boards is at a much slower rate than for the computer hardware and operating systems. Generally, I am quite pleased with the long term availability and support of hardware we had from
National Instruments.

Note though, that we are still using the same software today that we used originally. The software isn't wearing out - the hardware is (actually may - the data aquisition boards are holding up very well, unlike the computers).
However yes, new boards means new drivers which means new application software which means new development software, etc.

I would consider an 8 year (or more) turn over period to be acceptable for this class of equipment though. A one year turn over (as postulated in the original question) would not be.

I am by the way, considering using Borland Delphi/Kylix as the new development software for this project. I don't know if this is practical in this application, but the fact that it is intended as a cross development system for both Windows and Linux is rather attractive. This may allow us to more easily hedge our bets when it comes to selecting an operating system.

--

************************
Michael Griffin
London, Ont. Canada
************************

By Jiri Baum on 29 June, 2002 - 11:32 am

A partial solution would be to demand the source for *all* parts of the system, which would minimize the amount of re-development. You'd still have to back-port the new drivers to the old OS, reintegrate and retest, but it should come to much less work/cost than upgrading everything.


Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Jiri Baum on 25 June, 2002 - 5:44 pm

Michael Griffin:
> The software itself isn't going to "wear out", so it doesn't present
> the same sort of spare parts issues that valves or relays do.

Unless it's leased or requires activation after hardware replacement. In either case, the vendor may refuse to renew / not exist down the track.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Vladimir E. Zyubin on 28 June, 2002 - 10:09 am

MS try to turn the community to new model of software selling. MS try to legalize the "endless upgrades policy". Policy of total dependence of users from MS. Serious users understand the danger and many of them reject the XP... I very frequently meet such statements in forums. No need to say I personally do not plan to use XP in
any circumstances and more and more closely look at Linux. (sometimes we use NT for UI on a separate process-independant computer)

By Curt Wuollet on 29 June, 2002 - 3:23 pm

HI Vladimir

That doesn't bother me so much, after all that's what Microsoft does. The part that saddens me and makes it sickening, is that people will meekly bend over and let them do it as long as they don't have to learn anything new.

Regards

cww

By Vladimir E. Zyubin on 1 July, 2002 - 12:06 pm

Hello Curt,
Yes. There is a story about a man who goes to buy a rope when he see that all around him plan to hang. Mainstream. There is the believe that mainsteam is the right and safety decision... because the croud is right. Complex question, but not in the case when the croud is a flock leaded by the herd instinct provoked with the mass media, ads.

Regards, Vladimir

By Curt Wuollet on 29 June, 2002 - 3:22 pm

And I might add the the full solution would have been to use OSS in the first place and archive the drivers you use as they are upgraded and ported to new kernels. That's what I've been doing. Lately, the V4L (Video for Linux) is a normal part of the distribution and it just works.

Regards

cww

By Michael Griffin on 2 July, 2002 - 3:17 pm

On June 24, 2002 05:08 pm, Jiri Baum wrote:
>Michael Griffin:
>> The software itself isn't going to "wear out", so it doesn't present
>> the same sort of spare parts issues that valves or relays do.

Mr. Baum replied:
>Unless it's leased or requires activation after hardware replacement.
>In either case, the vendor may refuse to renew / not exist down the
>track.
<clip>

Consider this however in the context of what else I said:
"We would expect the system designer to propose an operating system which was suited to the application, and to take complete responsibility for this choice. We would review this part of the proposal the same as we would any other component in the system."

An operating system which was "suited to the application" (or at least any of the typical applications I am familiar with) should not be subject to these problems. This is a piece of production machinery
- not something that sits on someone's desk.
If in the course of reviewing a proposal where we asked someone to "take complete responsibility" for selecting an operating system, and they selected something which presented these difficulties, we would have to conclude that this person did not know what they were doing. This is why the operating system would need to be reviewed "the same as ... any other component in the system."

The reason why I pointed out that the software isn't going to wear out, is that if someone proposed using an operating system which we didn't already use, we wouldn't dismiss it soley for that reason. It's not like a valve, or a PLC where we would have to stock extras on the shelf for when it wears out or breaks.
Instead we would have to review questions such as "how do you back it up?", "what happens when I need to replace hardware?", "is it compatable with our preferred computer hardware?", etc. If we got reasonable answers to these questions, we would give it serious consideration.

As a customer, we need to be careful that we don't specify something that can't meet our expectations. The consequences of specifying a particular operating system aren't necessarily obvious at first glance. We don't want to find ourselves compromising on the capabilities of a system for the sake of an operating system that we weren't particularly attached to to begin with.

************************
Michael Griffin
London, Ont. Canada
************************

By Jiri Baum on 8 July, 2002 - 11:35 am

Michael Griffin:
...
> An operating system which was "suited to the application" (or at least
> any of the typical applications I am familiar with) should not be
> subject to these problems. This is a piece of production machinery -
> not something that sits on someone's desk.

> If in the course of reviewing a proposal where we asked someone to
> "take complete responsibility" for selecting an operating system, and
> they selected something which presented these difficulties, we would
> have to conclude that this person did not know what they were doing.

Which would have to mean that anyone that recommends Windows XP doesn't know what they're doing; and as MS phase out other versions, anyone that recommends MS doesn't know what they're doing (if they ever did).

> The reason why I pointed out that the software isn't going to wear
> out, is that if someone proposed using an operating system which we
> didn't already use, we wouldn't dismiss it soley for that reason.

Right. No worries.


Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Michael Griffin on 9 July, 2002 - 4:22 pm

On July 2, 2002 09:20 pm, Jiri Baum wrote:

<clip>
(My original statements were quoted)
> > If in the course of reviewing a proposal where we asked someone to
> > "take complete responsibility" for selecting an operating system, and
> > they selected something which presented these difficulties, we would
> > have to conclude that this person did not know what they were doing.
>
(Mr. Baum replied)
> Which would have to mean that anyone that recommends Windows XP doesn't
> know what they're doing; and as MS phase out other versions, anyone that
> recommends MS doesn't know what they're doing (if they ever did).

I will qualify my own statement (in the first paragraph) by saying that this opinion applies to systems which:
a) are directly integrated into a production line,
b) contain various data aquisition and other special boards,
c) must maintain operation with minimal down time.

That is, this describes production systems such as automated test systems, or computerised control systems in "standard" OEM machines. These systems are very expensive to shut down, and solutions such as hot-backups or a quick swap of the entire computer are not realistic.

Non-critical computer SCADA and MMI systems may not have these same restrictions. I won't try to voice an opinion on these types of systems as I don't have enough operational experience with them to judge.

Given the above qualifying statements, I would be a bit hesitant in saying "anyone that recommends Windows XP doesn't know what they're doing". I would say rather that they would have to be prepared to make a very strong case in
favour of it before I would be convinced.
I would not however be overly surprised if the person recommending the Windows XP operating system did in fact not know what they were doing when it came to OS problems. Windows is a very complex operating system, and there are very few people anywhere who really know much about it. There are unfortunately, quite a few people who know just enough about it to be
dangerous.

************************
Michael Griffin
London, Ont. Canada
************************

By Curt Wuollet on 11 July, 2002 - 11:11 am

More distressing is that many people don't even know there are more viable alternatives. These are the same folks who believe PC _hardware_ is unreliable because it crashes all the time.

Regards

cww
--
Free Tools!
Machine Automation Tools (LinuxPLC) Free, Truly Open & Publicly Owned Industrial Automation Software For Linux. mat.sourceforge.net.
Day Job: Heartland Engineering, Automation & ATE for Automotive Rebuilders.
Consultancy: Wide Open Technologies: Moving Business & Automation to Linux.

By Brian E Boothe on 24 June, 2002 - 4:57 pm

XP IS SPYWARE, GET AWAY!!!! ILL STAY W/ 2000 thanks...

Who are you worried is spying on you?

Every Windows system gives the network administrator spying rights on anyhting you do or store on the computer you use. Thats a big part of what SMS is. But when you use a computer and network belonging to someone else, you have to abide by the rules of the owner.

I really suspect you think XP is some big spy thing for MS, and probably thats in some small way true. But, so what?

Going only as far as WINDOWS 2000 is our
recommendation. A major drawdack of WINDOWS
XP (so I have heard), is that each time it
needs to be reinstalled, you just can't do
it yourself, but must get a new authorization
number from MICROSOFT.
I know of one firm that specifically chose
not to offer WINDOWS XP on its computers because
of that - makes prototyping impossible.

By Alex Pavloff on 5 September, 2002 - 2:37 pm

> Going only as far as WINDOWS 2000 is our
>recommendation. A major drawdack of WINDOWS
>XP (so I have heard), is that each time it
>needs to be reinstalled, you just can't do
>it yourself, but must get a new authorization
>number from MICROSOFT.

What you have heard is inaccurate.

Windows Product Activation requires that a PC running Windows XP to be "activated" within 10 days of installation before it shuts down. Replacing enough hardware components will also require a reactivation, which can be done over the internet or by calling Microsoft up.

> I know of one firm that specifically chose
>not to offer WINDOWS XP on its computers because
>of that - makes prototyping impossible.

If you don't need to activate, you have ten days before you system stays in its "activate me or I will do no more" mode. A similar system also exists for Office XP.

Alex Pavloff
Software Engineer
Eason Technology

By Michael Griffin on 11 September, 2002 - 3:39 pm

On September 5, 2002, Alex Pavloff replied:
> What you have heard is inaccurate.
>
> Windows Product Activation requires that a PC running Windows XP to be
> "activated" within 10 days of installation before it shuts down.
> Replacing enough hardware components will also require a reactivation,
> which can be done over the internet or by calling Microsoft up.

Isn't that essentially what Mr. Ng said? You put things a bit more precisely, but the gist of it was there.

This WPA may not be a big problem in an office environment, but it sounds like a nasty can of worms on the production line (we've discussed this subject before). At this time I wouldn't be willing to touch it either for any applications I am familiar with. We have enough software problems with our PC systems as it is without adding any more.

Since the licensing policy for versions of XP without WPA doesn't allow you to transfer a license to a third party, there doesn't seem to be a good way for a small company to use these versions of XP either as part of a system which they would sell to a customer. The problems are legal, rather than technical.

You could of course simply ignore the license policy, but I would recommend looking for other solutions before doing that. Microsoft may eventually change their licence policy to deal with this problem, but I don't see why they would bother. The industrial market is too small to mattered to them.

We discussed this problem a while ago, and at the time nobody had a solution. If anyone has come up with one since, I am sure quite a few people would appreciate hearing about it.

************************
Michael Griffin
London, Ont. Canada
************************

By Alex Pavloff on 11 September, 2002 - 3:40 pm

Mr Griffin wrote:
> Isn't that essentially what Mr. Ng said? You put things a bit more
>precisely, but the gist of it was there.

Mr Ng said prototyping was impossible. In fact, prototyping is the one thing that will work -- as you point out, running a line off Windows XP is
something completely different for both technical and licensing issues.

Alex Pavloff
Software Engineer
Eason Technology

By Ranjan Acharya on 13 September, 2002 - 4:01 pm

I still do not see an easy solution to when we (for example) make up ten clients, before we just made one machine work and used Ghost or DriveImage
to the other 9. We then shipped them off without even cracking the plastic wrap on nine out of ten of the NT or 2000 packages.

Now because of the hardware hash, we have to authorise each system.

The customer cannot just use our handy restore CD in the middle of the night. They have to call us in. Great news.

RA

By Brian Martinicky on 16 September, 2002 - 1:35 pm

Hi Ranjan,
Don't forget about Volume License versions of XP. If you plan an deploying more than 5 XP systems over time, a single volume license key can be used to activate multiple VL versions of XP. In this case, the "normal" activation mechanism discussed to date is not relevant.

Regards,
Brian Martinicky
Manager, Software Development
Automation Intellegence, Inc.
Duluth, GA USA

By Ranjan Acharya on 18 September, 2002 - 12:38 pm

Unfortunately, this excellent suggestion does not typically work. We get most boxes from customers the with individual licences already activated or
at least waiting for activation (the good old hologram sticker on the side of the box has the licence number on it). We then have to individually set up each machine.

All our large customers have some sort of leasing PC / Server supplier even for their shop floor systems. We don't supply the boxes or OSs anymore. We supply the added value. We are still stuck with more work to get that added
value.

RA

By Anthony Kerstens on 19 September, 2002 - 3:46 pm

More work. More work. More work.
It's more billable time. (yeah!!!!)

Anyway, isn't that sort of grunt work usually passed off to low-paid co-op students who could benefit from the experience (if only to learn that they don't like it - huge grin).

Anthony Kerstens P.Eng.

By Martinicky, Brian on 19 September, 2002 - 3:48 pm

Hi Ranjan,

It's an interesting puzzle, but perhaps part of your value-add is to put a VL version of XP on the boxes you receive from your customers. However, I would expect that you, like I, would rather not have to raise my costs by paying MS twice for a single running instance of an OS.

On another note, it seems as though a paper-thin barrier separates a retail XP install requiring activation, and the VL version that does not. Put
another way, a retail license has been paid for already, so where is the harm in 'converting' it to a VL license. Since MS has already received the
price of the retail license, and you can have a VL version and key, I am wondering if the only thing that is missing to make every body happier is some formal mechanism to make this conversion...

Regards,
Brian

By Michael Griffin on 18 September, 2002 - 3:47 pm

On September 16, 2002 12:45 pm, Brian Martinicky wrote:
<clip>
> Hi Ranjan,
> Don't forget about Volume License versions of XP. If you plan an
> deploying more than 5 XP systems over time, a single volume license key
> can be used to activate multiple VL versions of XP. In this case, the
> "normal" activation mechanism discussed to date is not relevant.
<clip>

This does not help the problem pointed out by Mr. Acharya. I do not believe that what you have suggested is permitted under Microsoft's licensing policy. This may therefor be illegal and be considered software piracy.

When I last investigated this matter, the volume license may only be applied to PCs which remain in the possession of the company which purchased the license. You are not permitted to sell these PCs to someone else, either alone or as part of a system.
The "volume license" is just a lower volume version of the "corporate license", which is the version which large companies purchase from Microsoft for computers which are used within the same company. It essentially has no
copy protection system. This is the basis of a number of the "pirate" versions of Windows XP which are widely available.

For PCs which are to be sold to a customer by a small integrator as part of a system, I don't believe there is any legal alternative to the WPA if you intend to use Windows XP. If the WPA looks to be unsuitable for what you want to do, then you may need to consider using another operating system.

************************
Michael Griffin
London, Ont. Canada
************************

By Michael Griffin on 17 September, 2002 - 1:16 pm

What is even worse is when you have a spare removable hard drive made up, ready to plug into any of several different identical machines (this is much quicker than a restore CD). As far as Windows XP is concerned, you've changed all the hardware.

Or another case is when you have to do a software upgrade to the application by swapping the removable hard drive. The equipment is simply not available for the time required to perform an installation on line. How do you "lock" the software to the hardware when the hardware isn't available to you during installation?

The basic problem seems to be that the authorisation system is intended for systems with lower levels of reliability and availability than is typically required in industry. This doesn't mean the system is *bad* in itself, it's just that it was never intended for use outside of home entertainment or small business (larger businesses have alternative licenses available to
them). The "problem" may be not so much with the software, as it is with people who are trying to use it for something it is unsuitable for.

The most serious problems are not with computers used to run engineering software (e.g. PLC programming software, CAD, etc.). These are similar to office applications.
Rather, the most serious problem is with computers which will form part of the finished system (test systems, MMI systems, SCADA, soft logic systems, etc.). These systems require higher degrees of reliability.
However, these systems typically run one (or a few) specialised, dedicated applications. This narrower scope makes it somewhat more feasible to try to avoid the WPA altogether by using alternative operating systems.

It is certainly something to think about.

************************
Michael Griffin
London, Ont. Canada
************************

By Bob Peterson on 18 September, 2002 - 4:19 pm

I wonder if it would be possible to run RSView, Wonderware, or IFix on a Lindows platform????

Bob Peterson

Thomas Ng:
> >A major drawdack of WINDOWS XP (so I have heard), is that each time
> it needs to be reinstalled, you just can't do it yourself, but must
> get a new authorization number from MICROSOFT.

Alex Pavloff:
> What you have heard is inaccurate.

> Windows Product Activation requires that a PC running Windows XP to be
> "activated" within 10 days of installation before it shuts down.

Which is what he said. You need help from MS. Having 10 days grace is nice, but OTOH taking advantage of it means a separate field trip.

Jiri

By Vladimir E. Zyubin on 12 September, 2002 - 10:35 am

Hello List,

And I have heard the next bad news is -- according to the new version of EULA, MS has rights to change the program codes via internet without any request and any notice...

So, XP is absolutely unecceptable for automation tasks. Ever HMI-applications should be migrated away from this ugly platform.

--
Best regards,
Vladimir mailto:zyubin@iae.nsk.su

By Curt Wuollet on 16 September, 2002 - 1:38 pm

I only wish that people would consider this unacceptable. But nothing can possibly interfere with using whatever MS puts in a box no matter what the consequences. Everybody will simply bend
over and take it. And it will be decreed that this is not only acceptable for automation, but its a very good thing! And shortly thereafter, the trade rags will be full of glossy ads shilling it as a feature. It'll be sold to management, of course. All they need is a sharp bussword for it. I base this on past experience with rationalizing the world's least reliable series of operating systems as ideal for automation. And the touting of Microsoft's
exemplary security as being essential for automation. Propa^h^h^h^h^hMarketing can completely spin this around in the minds of nearly everyone with excellent success. Almost 95% success.

Why else would MS be the only platform offered or supported?

Regards

cww

By Peter Whalley on 17 September, 2002 - 4:01 pm

Hi All,

This may sound like a problem but consider it from the point of view of the average user.

They simply want their software to be updated automatically without having to think about it. They want security patches automatically installed as soon as they become available. Yes it would be nice if Microsoft produced perfect software that didn't need patches but we live in the real world and that's not going to happen. (BTW Redhat issue patches to Linux all the time
and have a fairly automated automatic update installation system to handle them.)

Automated updates are in the best interests of the average user, Microsoft, IT administrators and the world in general. It's in everybodies best interests for Internet connected computers to have the latest security patches installed as soon as they are released and with a minimum of trouble.

So Microsoft (like other companies such as AOL and Symantec) incorporate automatic update software. But what happens when one of their millions of customers doesn't like it and decides to sue them for updating the software without authorisation. They can point to the EUA and say it was part of agreeing to use the software. It keeps their lawyers (and their shareholders) happy.

IA users either don't connect their systems to the Internet, disable the feature or live with it. I can't see Microsoft taking you to court for
failing to allow them to update the software automatically.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia

e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Vladimir E. Zyubin on 19 September, 2002 - 12:04 pm

Hello List,

The problem is in the attempt of MS to _legitimize_ control of users' software... IMO, it is absolutely unacceptable for automation.

... and I do not mention the more bad things: a) total legitimate control over users MS achives via the EULA, b) new commercial concept - software
lease... c) legitimation of "infinite software changes" concept.

MS tryes to change legitamacy space... MS designs World Of E-Totalitarianism. (off-topic, of course) :-x

--
Best regards,
Vladimir E. Zyubin
mailto:zyubin@iae.nsk.su

Hmmm... A complete and total abrigation of security and privacy is in the best interest of the consumer and the world. Do you really believe that? Why don't you give me a login on your business systems for an hour or two with carte blanche and I'll see if I can change your mind. And I'm a lot more trustworthy than Microsoft.
I'd just embarrass you. :^) I'd sooner let Osama bin Laden hack my system than Bill Gates.

That has to be the most outragious thing I've heard this month. Again, the "Big Lie" so vast, it's hard to realize let alone refute.

Regards

cww

By Peter Whalley on 23 September, 2002 - 11:14 am

Hi Curt,

I already let Microsoft and Symantec automatically update my systems. I have no problem with this. I don't offer carte blanche however. It's because I do this that I have some hope of keeping the real hackers out. (This is not a challenge to the hackers - I know my systems aren't perfect).

I'm not suggesting that IA systems should be updated this way. Just the average home and small business systems. IA people should be knowledgeable enough to turn off the automatic updates if they don't want them. We can't however assume that the average home user is knowledgeable enought to turn automatic updates on, so the default for a system intended to be sold to these types of users must be to enable the feature as default.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Curt Wuollet on 25 September, 2002 - 9:26 am

Hi Peter

That's certainly making the best of a very bad situation, but the implications of allowing unfettered access to private systems, far outweigh any possible benefits IMHO. With this
arrangement and the secrecy of closed source, they could be doing absolutely anything, especially with the unsuspecting home user. To have a monopoly and this kind of power,
especially since they've shown that they will abuse it with the document fingerprinting scandal, etc. is simply a very bad and very dangerous idea. It is not the right way to handle the problem, but is extremely fortuitous for Microsoft. Not in their wildest dreams could you get people to allow you complete and total control of all their information. And the
ability to hold the Sword of Damacles over their heads. Pay up or else. My point is, what price will people pay, simply to avoid learning something new? Doesn't their privacy and the
security of their data have any value? This "solution" makes their systems utterly insecure, rather than more secure. And it gives MS more power and control than most would ever
willingly grant to anyone, _if_ they were paying attention. I liken it to the Stockholm Syndrome, or putting a frog in a pot of cold water and turning on the heat. As long as the change is slow enough, you can boil the frog without any
struggle. Project this onto your house, your car, or any more tangible posession. Would you allow this? How is MS that special or valuable to you? Home users can plead ignorance, but can you honestly say you can protect your customer's and
your owner's assets? Honestly?

It's this inexplicable adoration of convicted criminals that intrigues me. It's not unprecedented in history, but the consequences have been universally bad.

Regards

cww

I agree with most of this and I say that MS is a monopoly and needs to be regualted for the good of the country as well as the world.

I know, I know, there is linux, but I have dealt with unix based systems before and I really do not want to go back there.

By George Robertson on 1 October, 2002 - 2:43 pm

Good heavens! Regulated? That would just take it from bad to worse. It just needs COMPETITORS!

If people could make money selling Linux, it might have already become dominant. Capitalism, creativity, and invention are what we need. The
government doesn't create or fix anything!

George G. Robertson, P.E.
Manager of Engineering
Saulsbury E & C
grobertson@si-tx.com
(915) 366-4252

By Curt Wuollet on 7 October, 2002 - 9:01 am

Hi George

I quite agree. Except that I simply can't see the
difference in making money between Linux and Windows. Most people who make money with Windows don't make money selling Windows itself. It's already over priced and often provided by the customer, with the computer, etc. All the profitability is in services around the OS or software for the OS. With the possible exception of support, which is a big item for Windows, why wouldn't the picture be the same? Or, even better as the total cost would be less? That is of course if we could get vendors to port to Linux. I keep hearing that you can't make money with
Linux and an analysis of where people make money
simply doesn't support this. I don't think anyone
but Microsoft makes a lot of money selling MS stuff.

Regards

cww

By Vladimir E. Zyubin on 19 September, 2002 - 12:17 pm

Hello Peter,

Nuance is the following:
Upgrades in automation decrease time of availability.

...and the down time of control system can be much longer than the download time from MS site.
(also there are very bad cases/application when the upgrades lead to techno-disaster)

From this point of view the new MS policy is acceptable only for non-critical, e.g., home-game applications... for tasks with admissible downtime up to a day...

(IMO, the policy is not acceptable for home computers from "orwellistic" security point of view, but it is another story)

--
Best regards,
Vladimir E. Zyubin
mailto:zyubin@iae.nsk.su

By Bob Peterson on 2 October, 2002 - 2:46 pm

Earlier this morning my automatic windows update (W2000) flashed and indicated an update was available. As is usual in such cases, I told it
to go ahead. It did its thing and told me it needed to reboot. I closed everything down, and rebooted. Four times in a row I got a blue
screen of death followed by a cryptic notice the winlogin had failed, then it would crash and I would get some kind of warning from the BIOS that some kind of failure had occured follwed by a reboot.

I eventually turned the power off and allowed it to reboot from a power off, which seemed to resolve the problem.

Not the kind of thing I want to happen out on the factory floor, where an operator might not realize that cycling the power was a viable option.

Bob Peterson

Bob;

I'd bet you just received the latest MS JVM patch.
I've never heard anyone having BIOS issues with JVM, but I guess anything's possible!!
Thankfully the re-boot repaired what ever was tied in knots.

I'd rather the plant floor computer not suffer the same issues you experienced, but then again, I can't see why a plant floor machine would
be tied directly to the internet, or if it is, why AU would be enabled for any reason.

Mark Hill
Microsoft Windows XP Associate Expert

By Mark Liszewski on 6 October, 2002 - 4:21 pm

Mark,
There are many reasons why a plant floor machine may be tied directly to the internet: remote monitoring, alarming, paging, remote gateway, etc.

The whole point is, why would you want MS to perform what ever updates they wanted without the individual setting up the control/monitoring having any control over what the OS (via MS) wants to do?

Not to mention the over bloated (code wise) way the OS was written. If you have to go with any MS OS, stick with the simpler versions like Win98.....simpler is better, and you would think they would have most of teh bugs ironed out by now.

Obviously, I'm not impressed with XP.

IMO
Mark Liszewski
ZTR Controls

P.S. I had the same issue while installing SP3 on Win2k.......except nothing short of formatting the drive helped.......great job Microsoft!

Peter Whalley:
> This may sound like a problem but consider it from the point of view
> of the average user.

The average user will turn on Windows Update, which doesn't need these draconian terms. It just needs a clear statement of its purpose (like, say, a descriptive name, which it does have).

The advanced user will decide whether or not to turn on Windows Update, depending on the circumstances, which again doesn't need these draconian terms (and in fact is rather hindered by them).

> So Microsoft (like other companies such as AOL and Symantec)
> incorporate automatic update software. But what happens when one of
> their millions of customers doesn't like it and decides to sue them
> for updating the software without authorisation. They can point to the
> EUA and say it was part of agreeing to use the software. It keeps
> their lawyers (and their shareholders) happy.

If that's what they meant, that's what they would've said.

Also, this interpretation is at odds with the first reported instance, which was in the context of DRM (Digital Rights Management). It does not make much sense to make DRM updates optional.

> IA users either don't connect their systems to the Internet, disable
> the feature or live with it.

The feature cannot be "disabled", as it's a non-optional part of the EULA. (Presumably one could ask a court to cross it out, but afaik nobody's tried that yet.)

> I can't see Microsoft taking you to court for
failing to allow them to
> update the software automatically.

You know what? I can. Only on my paranoid days, but I can. Part of all this is about DRM - failing to allow them to update it is an attempt at copyright protection circumvention. Like I said - on my paranoid days.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

What's really interesting here is that unannounced entry and mucking about by any other party is unquestionably a criminal action. Yet, when MS proposes it as a condition of using their
software, suddenly the clouds are parted, the light of day shines in and it's good for the user and the world at large. Moreover, it's a benevolent act, to save the world from the crap foisted on them in the first place and the blissful ignorance of users who actually believe the marketing.

For my part, I'd treat it as any other cracking attempt. And, if the truth be known (unlikely, considering the source) I'll bet it has a lot more to do with the self-help clauses in UCITA and the like than any higher ideals of service.
And, anyone who has experienced a few of their service packs would be flat out of their mind to allow them to mess with a working system across the net. As a professional system administrator, there is absolutely zero probability I'd allow that. I trust RedHat a lot more, and they wouldn't
get in either. It's insane to even consider it. You'ld have to take the machine down, overwrite the disks and reload everything to be sure of an uncompromised system. And then you should be fired for knowingly sharing company data with Microsoft.

Regards

cww

By Peter Whalley on 19 September, 2002 - 5:44 pm

Hi Jiri,

Personally I'm wouldn't trust the "average user" at home with a broadband internet connection to turn on some feature. Millions of such users may
well not turn on the feature and will then be hacked and will be used to launch distributed denial of service attacks. I don't have to be very paranoid at all to consider this to be highly likely.

It wouldn't surprise me if in a few years time the Department of Homeland Security decides they want to make it mandatory for software providers to incorporate automatic updating because of the security risk associated with not having it.

Certainly you can't turn off the EULA but you can turn off the feature so that it doesn't happen if you don't want it. For Microsoft to enforce the
requirement they would need to force all XP users to connect to the Internet and I can't see that happening.

I also understand may IT departments aren't allowing their users to install SP1 for XP until after they have completed testing it. I can't see
Microsoft going out and suing them for failing to install it.

On the other hand I read a report from SANS today advising users in this position to install Steve Gibson's quick fix for the serious XP
vulnerability (see "http://grc.com/xpdite/xpdite.htm":http://grc.com/xpdite/xpdite.htm ) that was mentioned on the list a few days ago.

This is a good illustration of the dicotomy we face. We need to install security fixes ASAP but we also need to test updates for compatibility.
Just goes to highlight the inherent dangers with connecting SCADA systems to the Internet.

BTW, for those that haven't see it,
"http://www.computerworld.com/governmenttopics/government/policy/story/0,10801,74077,00.html":http://www.computerworld.com/governmenttopics/government/policy/story/0,10801,74077,00.html is an interesting story about the need to develop better security for SCADA systems.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

Peter Whalley:
> Personally I'm wouldn't trust the "average user" at home with a
> broadband internet connection to turn on some feature.

A dialog box during installation defaulting to `yes' should be both sufficient and likely to be left `yes'. For that matter, rephrasing the EULA so that it explicitly refers to `Windows Update' would do.

> It wouldn't surprise me if in a few years time the Department of
> Homeland Security decides they want to make it mandatory for software
> providers to incorporate automatic updating because of the security
> risk associated with not having it.

Yeah - or, for that matter, the RIAA. (Or whoever's looking after the industry's interest under whatever DRM scheme they come up with.)

> Certainly you can't turn of the EULA but you can turn off the feature
> so that it doesn't happen if you don't want it.

Well, you can turn off *one* of the features that do this.

> This is a good illustration of the dicotomy we face. We need to
> install security fixes ASAP but we also need to test updates for
> compatibility. Just goes to highlight the inherent dangers with
> connecting SCADA systems to the Internet.

Actually, it goes to highlight the inherent dangers of not having a decent security policy both for the OS and for the applications, but
that's a separate story.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Michael Griffin on 19 September, 2002 - 12:24 pm

On September 17, 2002 02:37 pm, Peter Whalley wrote:
<clip>
> This may sound like a problem but consider it from the point of view of
> the average user.
<clip>

The problem with that argument is that this mailing list isn't composed of "average users". It is composed of people who are using software for the very unaverage purpose of industrial automation. We need to look at the problem from that perspective.

> But what happens when one of their millions
> of customers doesn't like it and decides to sue them for updating the
> software without authorisation. They can point to the EUA and say it
> was part of agreeing to use the software. It keeps their lawyers (and
> their shareholders) happy.

The reason why the customer may be unhappy is that Microsoft admits in the end user agreement that some of your existing software may no longer run after they quietly download their patch. If the result of this is that your plant no longer runs, then you can see why people would get rather excited over this prospect.

We repeatedly see discussed here the need to prevent unauthorised personnel on the night shift from loading video games onto the SCADA system. Now some clown on the other side of the earth is going to force feed multimedia patches into this self-same SCADA system - andwe "agreed" to it!

> IA users either don't connect their systems to the Internet, disable the
> feature or live with it.

You left out option 4 - don't use Windows XP for anything that really matters.

> I can't see Microsoft taking you to court for
> failing to allow them to update the software automatically.
<clip>

However, I certainly wouldn't want to suggest that anyone deprive Microsoft of their contractual rights. If you feel you cannot abide by the conditions they have set out in the license, then you are obligated to return their
property to them. In other words, saying that you don't think they'll sue you isn't a very useful answer.

--

************************
Michael Griffin
London, Ont. Canada
************************

By Peter Whalley on 23 September, 2002 - 2:19 pm

Hi Michael,

I'm afraid I have no expectation that Microsoft is going to design XP specfically to suit the needs of IA users and not the vast bulk of it's
customers. XP is designed for home and office applications not IA specifically. Sure we need to be aware of what it does and to know how to turn off the feature if we don't want it but its presumptions in the extreme to imagine that Microsoft is going to design XP specifically to
suit us.

By all means we need to discuss the implications for IA of XP having this feature and many may decide not to use XP. I don't use XP either. What I'm saying is that automatic updates are a good idea for the vast bulk of Microsoft's customers and that we get a benefit if those customers use it because we are less likely to be subject to denial of service attacks originating from their computers and the economies of our countries are
made more robust because millions of computers are better protected from cyber terrorism.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Peter Whalley on 23 September, 2002 - 12:30 pm

Hi Michael,

I'm afraid I have no expectation that Microsoft is going to design XP specfically to suit the needs of IA users and not the vast bulk of it's
customers. XP is designed for home and office applications not IA specifically. Sure we need to be aware of what it does and to know how to turn off the feature if we don't want it but its presumptions in the extreme to imagine that Microsoft is going to design XP specifically to
suit us.

By all means we need to discuss the implications for IA of XP having this feature and many may decide not to use XP. I don't use XP either. What I'm saying is that automatic updates are a good idea for the vast bulk of Microsoft's customers and that we get a benefit if those customers use it because we are less likely to be subject to denial of service attacks originating from their computers and the economies of our countries are
made more robust because millions of computers are better protected from cyber terrorism.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Vladimir E. Zyubin on 24 September, 2002 - 1:53 pm

Hello Michael,

[...]
LM> The reason why the customer may be unhappy is that Microsoft admits in
LM> the end user agreement that some of your existing software may no longer
LM> run after they quietly download their patch. If the result of this is
LM> that
LM> your plant no longer runs, then you can see why people would get rather
LM> excited over this prospect.
[...]

The following question appears in my head after your words:

What do the XP-users plan to do when MS cancels to support the XP? Who will generate the authorization keys? Who will rewrite the software in order to port it on new MS OS - devil knows the name... MS produces a new OS every 2 years!

(IMO, it looks like a train of extortions... and the main motive of the new MS policy is to legalize the situation... to switch the extortions from the "per 2 year" base to the "per a month" base)

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

By Michael Griffin on 30 September, 2002 - 6:24 am

Vladimir E. Zyubin wrote:
<clip>
> The following question appears in my head after your words:
>
> What do the XP-users plan to do when MS cancels to support the XP? Who
> will generate the authorization keys? Who will rewrite the
> software in order to port it on new MS OS - devil knows the name... MS
> produces a new OS every 2 years!
<clip>

The DR system can be thought of as a copy protection system for data files. There is a utility which can be used to transfer the various "keys" to a new computer.

I agree though that I wouldn't be willing to use it for any data which I wanted to keep over the long term. I have a book on Russia which was printed 150 years ago, but is still quite readable today. I doubt the Microsoft DR
system will prove to be quite that durable.

************************
Michael Griffin
London, Ont. Canada
************************

By Vladimir E. Zyubin on 4 October, 2002 - 5:48 pm

Hello List,

Monday, September 30, 2002, 1:00:44 AM, Michael Griffin wrote:

LM> On September 24, 2002 01:29 pm, Vladimir E. Zyubin wrote:
LM> <clip>
>> The following question appears in my head after your words:
>>
>> What do the XP-users plan to do when MS cancels to support the XP? Who
>> will generate the authorization keys? Who will rewrite the
>> software in order to port it on new MS OS - devil knows the name... MS
>> produces a new OS every 2 years!
LM> <clip>

LM> The DR system can be thought of as a copy protection system for
LM> data files. There is a utility which can be used to transfer the various
LM> "keys" to a new computer.

I speak about the reactivation code that is needed to reactivate Windows when it frozen because of reinstallation or a "substantial" change of harware. Where I can get it if the OS support will be canceled?

LM> I agree though that I wouldn't be willing to use it for any data
LM> which I wanted to keep over the long term. I have a book on Russia which was
LM> printed 150 years ago, but is still quite readable today. I doubt the
LM> Microsoft DR system will prove to be quite that durable.

Do you you speak about hackers? I speak about legal use of software in legal control systems... the avilability of the cracking means... I
know about it... but the way is not accaptable for the systems I design...

BTW, I heard according to statistics the most hack-crack-oriented nations are Israeli (concentration) and the USA (amount)...

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

By Michael Griffin on 8 October, 2002 - 2:44 pm

On October 3, 2002 04:54 pm, Vladimir E. Zyubin wrote:
<clip>
> I speak about the reactivation code that is needed to reactivate Windows
> when it frozen because of reinstallation or a "substantial" change of
> harware. Where I can get it if the OS support will be canceled?
<clip>

There's two issues here. One is the re-activation code for Windows XP with WPA (product activation). Microsoft has not decided yet what they will do when they terminate Windows XP. They have several options, including either issuing an update which disables the WPA system (no more need to re-activate), or to tell their customers to upgrade to whatever their current operating system is. Microsoft will make up their minds when the time comes.

The other issue involves the Microsoft DRM (digital rights management) system. This will control the use of data which could easily include things like graphic symbols or CAD blocks.
Your data could include things which you have created yourself, mixed with items (symbols, graphics) you obtained from someone else. It may in fact consist entirely of different arrangements of components provided by a third
party. This may include things like drawings of your equipment or system documentation.

We are used to the idea of software becoming unusable because of OS compatability problems, but now data can suffer from the same problems. We are used to being able to in most cases convert (import) data files to new formats if we switch to different software.
If the data is protected by a DRM system however, you may no longer have that option because the original software it was created with won't allow this. Your data files could be locked in by a system which Microsoft will claim to be unbreakable. If someone does break it, then Microsoft will download a patch into your computer to prevent you from taking advantage of
this.

If that particular vendor dropped that product line, or went out of business, your data could become completely unusable and beyond any hope of recovery. This is a very serious technical and business risk which people must keep firmly in mind when evaluating future software.

************************
Michael Griffin
London, Ont. Canada
************************

Vladimir;

Your statement is partially correct, but you have the option of turning off this "Windows Update" feature.


Mark Hill
Windows XP Associate Expert
Expert Zone - www.microsoft.com/WindowsXP/ExpertZone

Vladimir E. Zyubin:
> > And I have heard the next bad news is -- according to the new
> > version of EULA, MS has rights to change the program codes via
> > internet without any request and any notice...

Mark Hill:
> Your statement is partially correct, but you have the option of
> turning off this "Windows Update" feature.

Except Vladimir was not talking about "Windows Update" - which is fine - but about the Windows EULA, at least some versions of which purport to
grant Microsoft the right to provide upgrades with no further consent and little further notice. The EULA cannot be turned off as you suggest.

"http://www.theregister.co.uk/content/4/25956.html":http://www.theregister.co.uk/content/4/25956.html (Media Player security patch)

"http://www.theregister.co.uk/content/4/26517.html":http://www.theregister.co.uk/content/4/26517.html (XP SP1, 2000 SP3)


Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

Jiri Baum said:
>>Except Vladimir was not talking about "Windows Update" -
>>which is fine - but about the Windows EULA, at least some
>>versions of which purport to grant Microsoft the right to
>>provide upgrades with no further consent and little further
>>notice. The EULA cannot be turned off as you suggest.
>>
>>http://www.theregister.co.uk/content/4/25956.html
>>(Media Player security patch)
>>
>>http://www.theregister.co.uk/content/4/26517.html
>>(XP SP1, 2000 SP3)

I find it rather humorous that the Microsoft bashers always seem to reference the Register, as if it were a reputable, unbias news source. Such references do nothing but damage any credibility there may be to your argument.

Vladimir E. Zyubin said:
>> And I have heard the next bad news is -- according to the new
>> version of EULA, MS has rights to change the program codes via
>> internet without any request and any notice...

The actual text of this part of the the Windows XP SP1 EULA is:

* Internet-Based Services Components. The SOFTWARE contains
components that enable and facilitate the use of certain
Internet-based services. You acknowledge and agree that
MS, Microsoft Corporation or their subsidiaries may
automatically check the version of the SOFTWARE and/or
its components that you are utilizing and may provide
upgrades or supplements to the SOFTWARE that may be
automatically downloaded to your COMPUTER.

To hear from BOTH sides of the story, read the following article:

"http://www.infoworld.com/articles/op/xml/02/02/11/020211opfoster.xml":http://www.infoworld.com/articles/op/xml/02/02/11/020211opfoster.xml
(note, a credible news source)

Microsoft's response to the criticism is down 7 or 8 paragraphs. Basically the Microsoft response is that they are legally required to provide notification, since users have the -option- of having all updates downloaded and applied automatically. They also have the option to disable automatic updates.

My take is, if you're that worried about auto-update or Microsoft accessing your computer then don't use it. Most of you who responded on this thread are already using Linux anyway...

Jeff

By Michael Griffin on 20 September, 2002 - 10:09 am

On September 18, 2002 01:42 pm, Jeff Dean wrote:
<clip>
> I find it rather humorous that the Microsoft bashers always seem to
> reference the Register, as if it were a reputable, unbias news source.
> Such references do nothing but damage any credibility there may be to
> your argument.
<clip>
<clip>
> To hear from BOTH sides of the story, read the following article:
>
> http://www.infoworld.com/articles/op/xml/02/02/11/020211opfoster.xml
> (note, a credible news source)
>
> My take is, if you're that worried about auto-update or Microsoft
> accessing your computer then don't use it. Most of you who responded on
> this thread are already using Linux anyway...
<clip>

I followed your link and read the article you suggested. If you read it carefully enough, it seems to imply a situation which is even worse than that which was reported in "The Register" (see previous messages for that link).

If you read what Microsoft has to say - well there's a lot of words there, but they really didn't say much. They even admitted that there are a lot of implications about their new system they haven't told people about yet.

They are a bit vague on the new "security component" updating, but it seems to be something which is entirely separate from their "WIndows Auto-Update". The type of "security" they are talking about by the way, is not intended to
protect your computer from viruses and hackers. It is "security" which is intended to limit what you can do with your computer (even if you have
administrator priviledges).

One of the things they did manage to say though was (this is a quote from Microsoft):

"If the user elects not to update the security component, he or she will be unable to play content protected by our DRM from that point forward, although content previously obtained would still be usable."

What exactly does that mean? It sounds like there is a lot more going on than just "you didn't get the upgrade". How are they preventing downloads from being usable if they didn't actually change anything on your computer? After all, existing data files stored elsewhere didn't miraculously change to a new version just because Microsoft came out with a software upgrade. They
seem to be saying that they are doing something to prevent you from using hacked versions of certain data files. What kind of side effects can this have? Things seem to be so interdependent with Windows that otherwise unrelated things often affect one another.

You've said that you feel this article is credible and balanced. OK, I will accept your judgement on that. However, this is what it has to say:

"But if it is indeed Microsoft's intent to continue giving users the right to decline downloads, why has the company written its XP agreements to force users to explicitly surrender that right? Are customers supposed to ignore what the licenses say and just hope Microsoft won't ever do what the terms say it can do?"

Isn't this what people here have been saying? If you intended to reassure people like me with this sort of information, I can tell you that all you are doing is making us more worried.
I'm not an expert on WIndows XP, and I don't want to be either. I just want to be able to get the job done without having to worry about this sort of rubbish. An operating system is supposed to be there to support the application software, not to become a hurdle which must be leaped on a continuing basis. The ideal operating system should be one which you don't even notice is there.

************************
Michael Griffin
London, Ont. Canada
************************

In response to my message, Michael Griffin said (minus some clippage):
> > To hear from BOTH sides of the story, read the following article:
> >
> > http://www.infoworld.com/articles/op/xml/02/02/11/020211opfoster.xml
> > (note, a credible news source)
>I followed your link and read the article you suggested. If you read
>it carefully enough, it seems to imply a situation which is even worse
>than that which was reported in "The Register" (see previous messages
>for that link).

Worse is not how I would describe it. Different than The Register reports, but not worse.

>If you read what Microsoft has to say - well there's a lot of words
there,
>but they really didn't say much. They even admitted that there are a
lot
>of implications about their new system they haven't told people about
yet.

I don't see where Microsoft admitted that. Nor do I see anything "new" about any of these update procedures the EULA statement refers to.

>They are a bit vague on the new "security component" updating, but it
seems
>to be something which is entirely separate from their "WIndows
Auto-Update".

Yes, it is. It's been part of Windows Media Player for over a year now. (maybe longer) Would you be surprise to know that Real has similar
update procedures? Try to play a .rm file created with a newer or different codec and Real will download the update for you too.

>The type of "security" they are talking about by the way, is not
intended to
>protect your computer from viruses and hackers. It is "security" which
is
>intended to limit what you can do with your computer (even if you have
>administrator priviledges).

I will not participate in a protracted Digital Rights Management debate. Suffice to say, people who don't own the legal right to play music and
video files or run software should not be able to do so. I'm not for giving up "fair use," but there is no mention of "fair use" in the law
itself -- but in court rulings. If you're worried about DRM, Microsoft should not be the target of your concern. Your senators and congressmen
are in the best position to effect "fair use" protections.

>One of the things they did manage to say though was (this is a quote
from Microsoft):
>
>"If the user elects not to update the security component, he or she
will be unable
>to play content protected by our DRM from that point forward, although
content
>previously obtained would still be usable."
>
>What exactly does that mean? It sounds like there is a lot more going
on than just
>"you didn't get the upgrade".

That sounds exactly like what's going on. Just like you can't open a Word 2002 document in Word 97, don't expect to open a document protected
by a new version of the "security component" if you have an old one, or don't have the software at all.

>How are they preventing downloads from being usable if they didn't
actually change
>anything on your computer?

PDF files are useless if you don't have Acrobat installed. So is Microsoft preventing you from using downloaded files because you don't
have the software?

>After all, existing data files stored elsewhere didn't miraculously
change to a new
>version just because Microsoft came out with a software upgrade. They
seem to be
>saying that they are doing something to prevent you from using hacked
versions of
>certain data files.

This is a bad thing? I avoid using all hacked files for obvious reasons.

>You've said that you feel this article is credible and balanced.
>OK, I will accept your judgement on that. However, this is what
>it has to say:

I prefer a balanced article, especially when the result is still mud in Microsoft's eye.

>"But if it is indeed Microsoft's intent to continue giving users the
right
>to decline downloads, why has the company written its XP agreements to
force
>users to explicitly surrender that right? Are customers supposed to
ignore
>what the licenses say and just hope Microsoft won't ever do what the
terms
>say it can do?"
>
>Isn't this what people here have been saying? If you intended to
reassure
>people like me with this sort of information, I can tell you that all
you
>are doing is making us more worried.

I must say, my goal was not to reassure anyone. While I openly use and vocally support Microsoft and Microsoft's products, everyone is free to
judge for themselves. I believe that there is no possibility of Microsoft updating software on my computer without my knowledge. I firmly believe they are not out to get me.

>I'm not an expert on WIndows XP, and I don't want to be either. I just
want
>to be able to get the job done without having to worry about this sort
of
>rubbish. An operating system is supposed to be there to support the
application
>software, not to become a hurdle which must be leaped on a continuing
basis.
>The ideal operating system should be one which you don't even notice is
there.

Then don't worry about this rubbish. I sure don't.

Jeff

By Michael Griffin on 27 September, 2002 - 6:44 pm

On September 23, 2002 03:02 pm, Jeff Dean wrote:
<clip>
> I will not participate in a protracted Digital Rights Management debate.
> Suffice to say, people who don't own the legal right to play music and
> video files or run software should not be able to do so.
<clip>

I have no interest in downloading music, whether hacked or not. My interest was in what the behavioural characteristics revealed about how the software works. This is essentially all we have to go by since there is no detailed
technical description of the system from Microsoft.

> I must say, my goal was not to reassure anyone. While I openly use and
> vocally support Microsoft and Microsoft's products, everyone is free to
> judge for themselves. I believe that there is no possibility of
> Microsoft updating software on my computer without my knowledge. I
> firmly believe they are not out to get me.

I did some research on the internet to see if I could find a better explanation of this system. There is nothing which describes the innards, but there were some articles which described the effects on the user in more detail.

The "security" updates which Microsoft is referring to are not connected in any way with "security" which protects your computer from
viruses or hackers. Rather, it is "security" for Microsoft's new "Digital Rights" (DR) software. The DR software is a major new product line for
Microsoft. They hope to sell it as a service to companies who will distribute entertainment (music, movies, electronic books, etc.) via the internet. One of the things which makes Windows so valuable to Microsoft is that they can use it to entrench their new products like this one.

The "security" features which are concerning so many people here have several objectives. Firstly, it allows someone (theoretically the "content provider") to disable selected DR type data files remotely. That is, the
files can be rendered unusable after they are already on your hard drive.
Secondly, they are intended to allow Microsoft to patch any holes in their DR software after the software has already been delivered. This is intended to assure the companies which license the DR system from Microsoft that any security holes which are found later in the system can still be plugged.

An important point to note though is that while you may be offered a choice of whether you want an update when they become available, you don't really have a choice. If you say "no", then you may *still* get a software update downloaded into your computer anyway. This means that if the security system in the DR software doesn't work well enough, they can change it later.
This is why Microsoft has changed their software license. You "agreed" to let them do this. You also "agreed" that it was OK if any of these patches caused any of your other software to stop working. There are (or at least can be) patches loaded onto your computer whether you want them or not.

The above is a very brief overview of the situation. However, my concern is whether any of this may have undesirable side effects on industrial automation systems, not whether it is desirable in the context of what Microsoft actually designed their operating system for. If any of this causes problems for people who are using Windows XP for purposes which it was not
designed for, then there is no reason why Microsoft should feel compelled to do anything about it.

************************
Michael Griffin
London, Ont. Canada ************************

By Jay Kirsch on 2 October, 2002 - 6:49 pm

> Michael Griffin wrote:
> An important point to note though is that while you may be offered
> a choice of whether you want an update when they become available,
> you don't really have a choice. If you say "no", then you may
> *still* get a software update downloaded into your computer
> anyway. This means that if the security system in the DR software
> doesn't work well enough, they can change it later.

My understanding of DRM updates is similar. When you download a program that plays DRM secured content from MS or any other vendor, MS will send you any DRM updates that relate to this program
regardless of how you have configured your XP update mode. DRM updates are outside of the scope of the WinXP update mode. Since you would download this type of program manually, the update mode setting is mute anyway.

What I do not know is whether or not WinXP, when it is connected to the Internet, will poll Redmond for more DRM security updates after a
content player and the related DRM updates have been initially downloaded and installed. The EULA is not clear about this and neither is the
technical information on MS's DRM page. By installing an update to the Windows Media Player you must agree to accept automatic DRM updates
though. "http://www.newscientist.com/news/news.jsp?id=ns99992483";:http://www.newscientist.com/news/news.jsp?id=ns99992483 If DRM performs any kind of unsolicited update to a WinXP computer running an
automation application, that would be a problem. Even if this is not happening now, it will. Future Windows releases that include Palladium
will continuosly interact with content and application vendors. Palladium technology is not mentioned in the WinXP EULA.

see
"http://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp":http://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp

and

"http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html":http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

Does any of this matter in automation applications ? If you do not install the Windows Media Player or any other DRM enabled content player it would seem to be irrelevant. (Some HMI packages do use the Windows Media Player, however). If your automation computer is not connected to the Internet, other than through a VPN, none of this matters for now.

DRM is presently all about music and movies, but Palladium is about licencing and configuration management. If the makers of Windows based automation software follow in the Palladium direction I expect they will loose customers. I cannot even imagine the mess that would be made by Wonderware or USData tossing an update onto my SCADA system central computer in the middle of the night.

JK

By Michael Griffin on 7 October, 2002 - 2:38 pm

On October 2, 2002 05:45 pm, Jay Kirsch wrote:
<clip>
> Does any of this matter in automation applications ? If you do not
> install the Windows Media Player or any other DRM enabled content player
> it would seem to be irrelevant. (Some HMI packages do use the Windows
> Media Player, however). If your automation computer is not connected to
> the Internet, other than through a VPN, none of this matters for now.

I would speculate that Microsoft server software will in future have a back door through all the firewalls, etc. to allow DRM and Palladium related verification stuff to pass through to the various copyright holders. In
future, there may be no such thing as a computer which isn't networked to the outside world in some fashion. This is just speculation of course, but it seems quite possible.

> DRM is presently all about music and movies, but Palladium is
> about licencing and configuration management. If the makers of
> Windows based automation software follow in the Palladium direction I
> expect they will loose customers. I cannot even imagine
> the mess that would be made by Wonderware or USData tossing an update
> onto my SCADA system central computer in the middle of the night.
<clip>

This is getting a bit off the original topic, but it does have business related implications. I think it is quite possible, likely even, that automation and CAD software vendors will use DRM and Palladium to enforce
software licenses.
They might let you download the actual software for free from their web site (eliminating distribution costs, and distributors), but then charge you (by the minute, or tag, or whatever is suitable) for actually using it. You could work on your project off-line, but then have to connect up to the
internet and pay the accumulated fee to get the project files you have worked on released to where you can apply them.
The same could apply to CAD blocks or MMI and SCADA graphic symbol libraries. You may have to pay a regular "rent" to use someone's pump symbol on your MMI screen.

************************
Michael Griffin
London, Ont. Canada
************************

Jeff Dean
> I find it rather humorous that the Microsoft bashers always seem to
> reference the Register, as if it were a reputable, unbias news source.
...
> To hear from BOTH sides of the story, read the following article:

> http://www.infoworld.com/articles/op/xml/02/02/11/020211opfoster.xml
> (note, a credible news source)

Sure, no worries. To quote the closing paragraph of that article:

Well, swell. But if it is indeed Microsoft's intent to continue
giving users the right to decline downloads, why has the company
written its XP agreements to force users to explicitly surrender
that right? Are customers supposed to ignore what the licenses say
and just hope Microsoft won't ever do what the terms say it can
do? That's not a concept that will make anyone other than Bill
Gates feel very secure.

Which is what I said.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

Jiri;

As you are well aware, the EULA is an agreement between the MS and you, in which MS reserves the rights to update your machine with the latest
and greatest fix. It DOES NOT state that you must let them push these fixes onto your machine.

Turn off automatic update and these statements in the EULA are a moot point.

Would you rather MS ignored these issues ??

Mark Hill
Microsoft XP Associate Expert

By Ranjan Acharya on 23 September, 2002 - 1:41 am

Mark,

I do not care about update. Most of my customers would never connect to the Internet.

Will ignoring or turning off Windows Update help me with this too?

It is 02h00m your customer is in the middle of nowhere at a wood pulp factory. The Windows XP SCADA box died and the back-up is busted too (told ya' you should have used Win2000 or Linux). You quickly talked them through restoring from a Ghost or DriveImage to the plug-in spare hard drive back-up what next? Does it work? This customer, like many, does not understand what to do with PCs. I am under the distinct impression that some sort of
authorisation is required from Redmond if XP thinks that you have been tinkling around (guilty until proven innocent, after all).

I think that Microsoft want to make computers like TVs. You buy them, they break (a little sooner for PCs) and then you toss them away. That just does not fit with the tinkerers in automatia land.

RA

Ranjan:

In response to your concerns about "Restoring From An Image", there has never been a need to re-activate as long as the image was created on the same computer. (at least in any of my installations and restores.) If there have been major hardware changes (and no images were created to reflect these changes,) then it MIGHT be necessary to re-activate.

Mark Hill
Windows XP Associate Expert

Mark Hill:
> As you are well aware, the EULA is an agreement between the MS and
> you, in which MS reserves the rights to update your machine with the
> latest and greatest fix.

Precisely.

> It DOES NOT state that you must let them push these fixes onto your
> machine.

No, it just states that I'm agreeing to them doing so.

> Turn off automatic update and these statements in the EULA are a moot
> point.

Not really - since there's no legal connection between the EULA statements and the automatic update setting, I cannot rely on it for things like statutory confidentiality requirements.

And from a practical point of view, it's quite possible they'll decide in the future to have optional updates, which can be turned off, and
security updates which can't.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Vladimir E. Zyubin on 17 September, 2002 - 3:57 pm

Hello Mark,

Maybe... till the next update or just a service-pack of the Windows eliminates the feature.

IMO, every homo sapiens ought to leave the platform... A-S-A-P. The direction MS leads the community is clear enough... Orwell wrote the story.

BTW, is it correct, in November we will have to say good bye to Win 2000?

--
Best regards,
Vladimir mailto:zyubin@iae.nsk.su

Anthropology, literature, commerce, computer science, and your opinion all in one short sentence. You are my leader !

Jay Kirsch

Vladimir;

Thanks for our reply.

As Peter Whalley wrote in a post a few minutes ago ....

"Automated updates are in the best interests of the average user, Microsoft, IT administrators and the world in general. It's in everybody's best interests for Internet connected computers to have the latest security patches installed as soon as they are released and with a minimum of trouble.

So Microsoft (like other companies such as AOL and Symantec) incorporate automatic update software. But what happens when one of their millions of customers doesn't like it and decides to sue them for updating the software without authorization. They can point to the EUA and say it was part of agreeing to use the software. It keeps their lawyers (and their shareholders) happy." (Well Said Peter !!)

MS isn't trying to force updates onto the IT community, they're trying to keep my clients XP boxes from being bombarded by the latest offering
produced by your friendly internet hacker.

I applaud MS for helping me keep my clients machines updated with the latest SP, patch or fix.
Otherwise I'd be visiting my clients every month or two installing the latest.
FYI .... I have the update feature turned off on all my clients machines. When I notice a SP or patch or fix that directly affects their machines,
I send them a quick email note suggesting they install it. This way I can service clients all over the world without leaving my desk.

One more comment .... WIN2K will be around (and supported) for a LONG time !!

Mark Hill
Microsoft XP Associate Expert

By Mark Blunier on 23 September, 2002 - 1:25 am

> "Automated updates are in the best interests of the average user,
> Microsoft, IT administrators and the world in general. It's in
> everybody's best interests for Internet connected computers
> to have the
> latest security patches installed as soon as they are
> released and with
> a minimum of trouble.

No, it isn't. Many systems are behind firewalls and block access to the ports that may be vulnerable to exploits. While it would be nice to get the update, if your system is not use media player, for example, getting the automatic update to fix it, isn't a benefit. but if it
breaks the system, the EULA says too bad so sad, glad I'm not you.

> So Microsoft (like other companies such as AOL and Symantec)
> incorporate
> automatic update software. But what happens when one of their millions
> of customers doesn't like it and decides to sue them for updating the
> software without authorization. They can point to the EUA and
> say it was
> part of agreeing to use the software. It keeps their lawyers
> (and their
> shareholders) happy." (Well Said Peter !!)

Yep. MS breaks something, they do look to them to fix it, or pay for the damage or lost production. They are looking of the MS interests, not yours.

> MS isn't trying to force updates onto the IT community, they're trying
> to keep my clients XP boxes from being bombarded by the
> latest offering
> produced by your friendly internet hacker.

On the contrary, they are trying to force update on the IT community. If you read the EULA again, it does not say they will only provide security bug fixes, they can install software updates, something of a much larger scope

> I applaud MS for helping me keep my clients machines updated with the
> latest SP, patch or fix.
> Otherwise I'd be visiting my clients every month or two installing the
> latest.
> FYI .... I have the update feature turned off on all my clients
> machines.

What? After explaining why you think automatic updates are so great, and why we gladly grant MS our rights, you don't use it? Why not?

Mark Blunier
Any opinions expressed in this message are not necessarily those of the company.

By Peter Whalley on 24 September, 2002 - 2:24 pm

Hi Mark,

The average user went down to their local computer store and bought a PC for their kids to do their homework on. Then they got a broadband Internet connection for the PC so the kids could download music and videos. Do you really think they are going to configure their firewall to block these ports. Do you trust them to.

I'm talking about the average XP user not the average IA user or even the average IT system manager. When I read the computer adds in my local paper all of PCs come with XP pre-installed. This is and the average office user
(in both big and small companies) is Microsofts market. Its not IA. If we want to use XP we need to learn how to live with it. If we don't think we can live with these features then we don't use XP or figure out ways to work around them.

It seems ironic to me that when Microsoft shipped NT with minimum levels of security enabled people critisised them for not taking security seriously
because many users would not think about turning on higher levels of security. Now that they do something that enhances the security of the
average PC in the hands of non technical users they get criticised again.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Joe Jansen/ENGR/HQ/KEMET/US on 26 September, 2002 - 5:25 pm

Peter,

I think that in the conext of the Automation List tho, nobody is arguing the value of XP in general. The over-riding question is: Does XP belong in any sort of IA applications? I would emphatically vote no.

Having decided that, now we need to decide what we are to use in it's place. For now, Windows 2000 is filling the spot. However, unless things
change, we as a group are going to have to face the facts that 2000 isn't going to be supported forever (or past 2003, from the sounds of it), and we need to get the vendors like WW to port to an alternative platform.

Not that I expect it to happen, mind you, but that is what we need if we are going to keep our systems secure.

--Joe Jansen

By Peter Whalley on 6 October, 2002 - 10:05 am

Hi Joe,

Good question and certainly a very relevant one to the list. It seems that at present a fair bit of work (maybe the majority) is going into
understanding how to make Win2000 a secure environment. This includes both training cources and defining standard configuration settings. It may well be that the weight of pressure from both government and major commercial users will force Microsoft to continue to provide some continued support for Win2000 at least as far as these types of users are concerned.

Small organisations without the same commercial clout may however be left out in the cold.

Maybe it's something to write to your congressperson about. That Microsoft should be "encouraged" to continue to support and make Win2000 available for critical infrastructure users who are individually small parts of the
market but who do have critical security needs that are not going to be met by Windows XP.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Mark Blunier on 26 September, 2002 - 4:08 pm

> It seems ironic to me that when Microsoft shipped NT with
> minimum levels
> of security enabled people critisised them for not taking security
> seriously because many users would not think about turning on higher
> levels of security. Now that they do something that enhances the
> security of the average PC in the hands of non technical
> users they get criticised again.
>
You've missed the point of the thread. It is not that MS providing security enhancements is a bad thing, its the End User License Agreement (EULA) that one is forced to accept to take the fix, which then gives MS the authority to change anything on the system that they want. If people on this list are so blind as to not see this and its implications, it isn't surprising that the US lawmakers and judges are also blind to MS practices. It is a bad harbinger for the future.

Mark Blunier
Any opinions expressed in this message are not necessarily those of the company.

By Peter Whalley on 6 October, 2002 - 10:58 am

Hi Mark,

Your assertion that the EULA forces users to take the fix is highly contentious but unlikely to be resolved until their is some case law in place (which may never happen). Personally I don't read the EULA that way but then I'm not a lawyer.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Greg Goodman on 9 October, 2002 - 2:41 pm

It doesn't really matter how you or I read the EULA. It only matters how Microsoft reads it. I think the point of this thread is that, as written, the License leaves a lot of room for doubt about what Microsoft intends to do with / to / for machines running Windows XP. Absent further explanation from Microsoft or actual instances of unwanted (and supposedly user-disabled) updates, it's impossible for us to know. And, as you say, without a court case, we don't know how it will actually wash out.

Given the ambiguity in the EULA, widespread distrust of Microsoft's motives and methods, many people's negative prior experience with Microsoft updates and Service Packs, and the potential negative consequences of the worst-case reading of the EULA, I can certainly understand people's reluctance to put XP on the plant floor.

Regards,

Greg Goodman

By Peter Whalley on 15 October, 2002 - 6:33 pm

Hi Greg,

If you have an Internet connected XP machine and turn off automatic updates but later find that they have been occuring regardless then you may well be outraged particularly if Microsoft then claimed that you had agreed that they could do that. If this possiblity worries you then install a firewall that blocks access to Microsoft sites (I've seen this done) or don't use XP.

If you didn't connect the machine to the Internet (or block access as above) and some months later a Micrososft lawyer arrived on your doorstep with a writ alleging that you had violated the EULA by failing to make it possible for Micrososft to install updates you would also be outraged but
ultimately this would have to be determined in a court (provided you had deep enough pockets) and would depend on how the judge or jury reads the
EULA. I can't see this happening personally.

For what it's worth, I don't specify XP for automation projects either but concerns about automatic updates is not at the top of my list for not doing so. But if a Client was insistent about using XP I'd like to have some stronger arguments against it or at least some better ideas on how to avoid the problems.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Blunier, Mark on 9 October, 2002 - 4:28 pm

Hi Peter

> Your assertion that the EULA forces users to take the fix is highly
> contentious but unlikely to be resolved until their is some
> case law in place(which may never happen).

You read that backwards. You are forced to take the EULA if you choose to take the fix.

Mark

By Curt Wuollet on 26 September, 2002 - 4:14 pm

Hi Peter

The criticism is not because Microsoft did something to enhance their security. Heaven forbid that we should criticize them for trying to
turn the tide around. The criticism is that, what they did is like fixing a leaky boat by drilling holes in the bottom to let the water out. You go from a situation where your box is hacked occasionally to a situation where it is hacked regularly as well. This also has the side effect that no one knows exactly what state the box is in. And if something all of a sudden doesn't work, the likelyhood of finding out what did it becomes somewhat remote. Which means the only cost effective solution is to start over, which kinda defeats the purpose. It's great that they are finally turning their attention to security. This is just a very dubious way to achieve that.
Their diddling with the box presents a greater risk than the virus of the week. It can be argued that what is done can be undone, but if you can't find and fix it in an hour, they're gonna bring you the CD's.

Regards

cww

You don't improve security by making sure the back door is ALWAYS open!

By Michael Griffin on 1 October, 2002 - 10:21 am

On September 26, 2002 04:12 pm, Curt Wuollet wrote:
<clip>
> The criticism is not because Microsoft did something to enhance their
> security. Heaven forbid that we should criticize them for trying to
> turn the tide around. The criticism is that, what they did is like
> fixing a leaky boat by drilling holes in the bottom to let the water
> out. You go from a situation where your box is hacked occasionally
> to a situation where it is hacked regularly as well.
<clip>

There are two completely separate and unrelated types of security involved which people are confounding, and which is causing much confusion in this debate. One type of security is provided by the "Windows Update". This provides security to you and your computer against hackers and viruses when these updates fix security holes. This type of security is not new, nor
unique to Windows XP.

The other type of security is for the DRM (digital rights management) system which is relatively new, and has been the subject of debate. These updates provide security for *Microsoft*, not security for you. This prevents a user of the computer from taking advantage of bugs or shortcomings in the DRM system to use DRM files in a manner which was not authorised by Microsoft or one of their licencees. These updates are NOT intended to provide security to
you against hackers or viruses.
The concern has been that is the DRM system may offer a possible back door into a computer which could disable your application software as an unintended side-effect. It is generally believed that regardless of what
choices may be offered on your screen, at least some DRM updates are NOT optional. There is also some concern that this back door may now or in the
future extend through whatever firewalls or other systems you may have if your entire system comes from Microsoft as an integrated network.

I think the fact that these are two separate systems we are talking about needs to be kept in mind if the technical debate is to be useful.


************************
Michael Griffin
London, Ont. Canada
************************

By Curt Wuollet on 7 October, 2002 - 1:02 pm

I don't think we can suppose that either doesn't
provide backdoors. For that matter, there is no
reason any service pack or installable from MS
couldn't be full of unbidden "features" I agree
that the sticking point is that now they claim the right to legally use the backdoors for good
or evil as _they_ see fit. That is what is new. I guess that makes them "no knock" front doors. And judging from UCITA and other supported efforts, their idea of digital rights management includes locking out content or even killing your system if there is a dispute. In summary, there is no reason to believe that they have ever lacked the capability to do what they wish with your system. Now they demand that you agree to it. The other security issues regarding third parties are simply a constant background noise. But aren't they being used as justification, which leads to the confusion?

It has been mentioned that I don't have a dog in this fight since it's unlikely that I will subserve the monopoly. MS users willingly, if
unknowingly, submit to this abuse. Few look past
their problem to another certain effect of the
lofty and benevolent goals of DRM. Unless I am
a Windows owner, current and in good standing,
none of this content will be available to me. This is whether I agree with DRM or not. And moves are afoot to actually build this into the
hardware so it requires "proper" software to run. Of course, that means MS approved software. And obviously, DRM must extend to the Internet. I'm not making this up, I can supply docs. I doubt that any OSS can be delivered with this patented, copyrighted and licensed technology. That's why I'm concerned with the rights of Windows users. You should be too, unless you think an _absolute_ monopoly is a good thing. Even if you don't want to use anything else, I think you'll agree that it should be possible.

Regards

cww

By Peter Whalley on 6 October, 2002 - 10:11 am

Hi Curt,

My argument was that the approach taken in WinXP was appropriate for the average XP user as I've defined them. For large corporate users, IA users
and anyone else using XP for critical applications I certainly don't consider automatic updating to be appropriate and expect they would turn the feature off and would know how to turn it off.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Curt Wuollet on 9 October, 2002 - 3:40 pm

Which brings us back to the updates that aren't
discretionary. Actually, the wreckage this engenders isn't even the point. It's the control issue. Whose computer is it anyway? I should be able to buy the product and use it, (within the law) as I d*mn well please. If you look at the big picture, with UCITA and palladium, and .NET and the covert intent of DRM, (I don't argue with the overt intent) 95% of the computers in the world and all the data they generate, will be under the direct control of an adjudged monopoly. Along with this are the investments they are making to control content and media. It is a very
nebulous effort, but taken together, all the bits and pieces make what the DOJ was worried about look like Sunday School. Of course, it could all be simply coincidental. Reading the EULAs would never lead one to conclude that MS wants to control what you do. :^) To me it looks like the final solution to the customer loyalty problem. Of course, I could be wrong. But what if I'm not? It's just too much power in the hands of
one entity, regardless of if it's great for Joe Sixpack. Many objective observers and foriegn governments are getting uneasy, looking at escape routes and passing legislation. That should be a clue.

Regards

cww

By Peter Whalley on 16 October, 2002 - 4:34 pm

Hi curt,

Can you provide some examples of updates which aren't discretionary. I'm not aware of any but then I don't buy the story that the EULA creates a
legal obligation on the user to install updates even if they don't want to.

If you want to play a music file and need to download an update to MediaPlayer to do so then you either accept the down load or forgo the
ability to play the file. It's your choice.

From my understanding of Automatic Update, it's not actually fully automatic. The user is offered the update and then has to confirm their wish to have it installed. Your still ultimately in control.

I think their is also some confusion about what it means to buy software. What you buy is a license to use the software in accordance with the terms of the software license. Try buying a video from a retail store and then showing it in public. That breaches the terms of the license. Their are many other similar license restrictions that apply to all types of "software" including books, music CDs etc.

Either Microsoft is breaking the law or their not. If their not but you don't like the law as it currently stands then by all means lobby to have it changed.

Personally I do have some sympathy for changing the law to limit what Microsoft can do. As I understand it the US legal system has determined
that Microsoft has a monopoly on PC operating systems. Given that, I do believe it appropriate to provide a degree of special regulation of
Microsoft. This has been done before where monopolies have been found to exist.

One of the things that does worry me about XP is that it seems to be designed to send reports back to Microsoft relating to what the users do on
their computers. As an example this report:

"http://www.infosatellite.com/news/2002/02/h230202mediaplayer_detection.html":http://www.infosatellite.com/news/2002/02/h230202mediaplayer_detection.html

suggest that:

"..Microsoft has finally admitted that Windows Media Player 8, the standard media player shipped with Windows XP, surveys users and sends information back to Microsoft's servers.
Every time users use their CDs or DVDs, their actions are recorded into a small file that periodically is transmitted over the Internet to Microsoft.."

I've seen other reports suggesting that XP sends data back to Microsft whenever you undertake a search. Perhaps some current XP users might be
able to check their gateway logs and confirm if this is still happening.

Personally I would certainly find that something to worry about.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Michael Griffin on 19 October, 2002 - 12:06 pm

On October 11, 2002 03:09 pm, Peter Whalley wrote:
<clip>
> As I understand it, even in the case of DRM, you can decline the
> upgrades to WMP and forego the ability to play the file (music, video or
> whatever). It's your choice. But this only effects new files and not
> content that has previously been downloaded and played.
<clip>

I believe the MIcrosoft DRM system includes the ability to "revoke" existing
protected content on your computer. A list of "revoked" content can be remotely downloaded to the DRM system in your computer. This applies to content you have already downloaded and may be using.
For example if the graphic symbols in your SCADA system were somehow protected by the Microsoft DRM system, the ability to use them could be turned off remotely by the holder of the digital rights after the SCADA system was already in service. Your SCADA system wouldn't work anymore. However, you of course agreed that was OK when you accepted the license agreement for Windows XP.

************************
Michael Griffin
London, Ont. Canada
************************

By Curt Wuollet on 20 October, 2002 - 5:10 pm

Hi Peter.

On October 16, 2002, Peter Whalley wrote:
> Hi curt,
>
> Can you provide some examples of updates which aren't discretionary. I'm
> not aware of any but then I don't buy the story that the EULA creates a
> legal obligation on the user to install updates even if they don't want
> to.

I'm afraid not. I don't own any MS software. I do recall
non-discretionary tracking numbers embedded in Word documents and several customers have complained of their Windows boxes "phoning home" and then there was the whole Processor Serial number debacle. I wouldn't expect them to advertise this "feature". Inclusion in the EULA should be enough warning. The Back Orifice incident and others suggest it's silly to assume they can't and making you agree to it makes it really silly to assume they won't. Why open that can of worms unless you're goin fishing?

> If you want to play a music file and need to download an update to
> MediaPlayer to do so then you either accept the down load or forgo the
> ability to play the file. It's your choice.
>
> From my understanding of Automatic Update, it's not actually fully
> automatic. The user is offered the update and then has to confirm their
> wish to have it installed. Your still ultimately in control.
>
> I think their is also some confusion about what it means to buy
> software. What you buy is a license to use the software in accordance
> with the terms of the software license. Try buying a video from a retail
> store and then showing it in public. That breaches the terms of the
> license. Their are many other similar license restrictions that apply to
> all types of "software" including books, music CDs etc.
>
> Either Microsoft is breaking the law or their not. If their not but you
> don't like the law as it currently stands then by all means lobby to
> have it changed.

Let's see, I got about $40.00, they've got about $40 Billion. Game Over.

> Personally I do have some sympathy for changing the law to limit what
> Microsoft can do. As I understand it the US legal system has determined
> that Microsoft has a monopoly on PC operating systems. Given that, I do
> believe it appropriate to provide a degree of special regulation of
> Microsoft. This has been done before where monopolies have been found to
> exist.

I don't believe the government can/will do anything meaningful, too many congresscritters are beholden to Microsoft.and their influence is too omnipotent. MS is out of control, plain and simple. It's up to "We the people".to dismantle the monopoly that we've built. I'm doing my part.

> One of the things that does worry me about XP is that it seems to be
> designed to send reports back to Microsoft relating to what the users do
> on their computers. As an example this report:
>
"http://www.infosatellite.com/news/2002/02/h230202mediaplayer_detection.html":http://www.infosatellite.com/news/2002/02/h230202mediaplayer_detection.html
>
> suggest that:
>
> "..Microsoft has finally admitted that Windows Media Player 8, the
> standard media player shipped with Windows XP, surveys users and sends
> information back to Microsoft's servers.
> Every time users use their CDs or DVDs, their actions are recorded into
> a small file that periodically is transmitted over the Internet to
> Microsoft.."

That's the least of your worries. Why would they limit themselves to that? How would you know? There's a vast amount of money to be made with this intelligence. What would it be worth to your competitors?

> I've seen other reports suggesting that XP sends data back to Microsft
> whenever you undertake a search. Perhaps some current XP users might be
> able to check their gateway logs and confirm if this is still happening.
>
> Personally I would certainly find that something to worry about.

Personally, I find such ethical bankruptcy sufficient cause to use Linux exclusively. I can do that. Others are less fortunate but, I expect they'll learn. Perhaps the hard way.

Regards

cww
--
Free Tools!
Machine Automation Tools (LinuxPLC) Free, Truly Open & Publicly Owned
Industrial Automation Software For Linux. mat.sourceforge.net.
Day Job: None, are you interested?
Consultancy: Wide Open Technologies: Moving Business & Automation to Linux.

By Blunier, Mark on 21 October, 2002 - 2:01 pm

> Can you provide some examples of updates which aren't
> discretionary. I'm
> not aware of any but then I don't buy the story that the EULA
> creates a
> legal obligation on the user to install updates even if they
> don't want to.

It doesn't say that you have to, it says that they can. I don't like using analogies, but I'll try it anyway.

Let's say Fred has a house that has old wiring. It works fine for the most part, but the fuses blow once in a while, and they are a nuisance. Fred gets an electrician to install a new circuit panel with modern circuit breakers. But the electrician won't install the new panel until Fred agree that the electrician will be able to enter Fred's house to install any upgrades that he wants to give you. Fred agrees, as you want to have the new circuit breakers installed, and
he usually keeps the doors locked when he's not around. 2 months later the electrician tells Fred he can install GFI circuit breakers which
will make the home safer. Fred decides that he doesn't want them, so he doesn't ask the electrician to install them. A week later, Fred
comes home and finds that they have been installed anyway. Fred didn't even know that the electrician had left a window unlatched and could
get to the circuit panels. Fred wasn't charged you for the new GFI breakers, but he's still pissed that he lost a freezer full of meat when the new GFI circuit breaker tripped on his old freezer. He tells the electrician that he had no business changing the breakers, he wants
the old ones back, and he owes Fred for the spoiled meat. The electrician says tough, you signed the contract, and by doing so, authorized the electrician to make the change. Upset that Fred does not know how to change back to the old breakers, he buys a new freezer that doesn't
trip the GFIs.

The EULA does not say that they will be updating your system without your regrets, but they can update your system without your request.

> Either Microsoft is breaking the law or their not. If their
> not but you
> don't like the law as it currently stands then by all means lobby to
> have it changed.

If Microsoft changed your system without you giving them permission, that would be breaking the law. By you agreeing to the EULA, they can make changes to your system, and they would be breaking the law. That's the point we are trying to make.

> Personally I do have some sympathy for changing the law to limit what
> Microsoft can do. As I understand it the US legal system has
> determined
> that Microsoft has a monopoly on PC operating systems. Given
> that, I do
> believe it appropriate to provide a degree of special regulation of
> Microsoft. This has been done before where monopolies have
> been found to exist.

Agreed.

> One of the things that does worry me about XP is that it seems to be
> designed to send reports back to Microsoft relating to what
> the users do
> on their computers. As an example this report:
> http://www.infosatellite.com/news/2002/02/h230202mediaplayer_detection.html
>
> suggest that:
>
> "..Microsoft has finally admitted that Windows Media Player 8, the
> standard media player shipped with Windows XP, surveys users and sends
> information back to Microsoft's servers.
> Every time users use their CDs or DVDs, their actions are
> recorded into
> a small file that periodically is transmitted over the Internet to
> Microsoft.."
>
> I've seen other reports suggesting that XP sends data back to Microsft
> whenever you undertake a search. Perhaps some current XP
> users might be
> able to check their gateway logs and confirm if this is still
> happening.
>
> Personally I would certainly find that something to worry about.

Now you're starting to see why many of us don't trust Microsoft.

Mark Blunier
Any opinions expressed in this message are not necessarily those of the company.

Peter Whalley:
> My argument was that the approach taken in WinXP was appropriate for
> the average XP user as I've defined them. For large corporate users,
> IA users and anyone else using XP for critical applications I
> certainly don't consider automatic updating to be appropriate and
> expect they would turn the feature off and would know how to turn it
> off.

It's in the EULA - there's no way to turn it off.

"You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer."

Even if, in practice, disabling Automatic Updates turns this off (and I've never heard that claimed by a reliable source - anyone have a reference?), that doesn't help you much, because the EULA presumably takes priority over whatever advice you download off their website.

Of course, as far as I know, MS has never seriously claimed Windows to be suitable for connection to the Internet, so perhaps the above is somewhat moot...

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Peter Whalley on 11 October, 2002 - 3:11 pm

Hi Jiri,

According to the instructions at
"http://www.theeldergeek.com/automatic_updates.htm":http://www.theeldergeek.com/automatic_updates.htm the Windows XP Automatic Update Wizard includes 3 setup options:

1. down load updates automatically and then ask if they should be installed

2. ask if the update should be downloaded and then ask again if they should be installed

3. disable automatic updates

In both 1 and 2 the updates are not installed until the users agrees. The article also indicates that their is an option to back out of the update if it causes problems.

As I understand it, even in the case of DRM, you can decline the upgrades to WMP and forego the ability to play the file (music, video or whatever). It's your choice. But this only effects new files and not content that has
previously been downloaded and played.

Regards::

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Vladimir E. Zyubin on 17 October, 2002 - 12:43 pm

Hello Peter,

Unconvincing argument... The difference between EULA and a specific "how-to" instruction is more than obvious.

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

Jiri (and anyone else concerned about WinXP's Automatic Updates) .......

I'm currently running another version of Windows so I can't really check this for sure, but I believe the following instructions will stop your
XP platform from attempting to perform AU's, regardless of who's logged onto the computer .......

Of course you'll need Admin rights to perform this feat ......

>From the "Run" window enter "gpedit.msc" and the "Group Policy Object
Editor" will appear.
Navigate to "Computer Configuration\Administrative Templates\Windows
Components\Windows Update" Right click on "Configure Automatic Updates"
in the right pane and select "Properties" Select "Disabled" then press
"OK"

<MS Quote>.........
Specifies whether this computer will receive security updates and other important downloads through the Windows automatic updating service.

This setting lets you specify if automatic updates are enabled on this computer. If the service is enabled, you must select one of the three options in the Group Policy Setting:

2 = Notify before downloading any updates and notify again before installing them

When Windows finds updates that apply to this computer, an icon appears in the status area with a message that updates are ready to be
downloaded. Clicking the icon or message provides the option to select the specific updates to download. Windows then downloads the selected
updates in the background. When the download is complete, the icon appears in the status area again, with notification that the updates are
ready to be installed. Clicking the icon or message provides the option to select which updates to install.

3 = (Default setting) Download the updates automatically and notify when they are ready to be installed

Windows finds updates that apply to your computer and downloads these updates in the background (the user is not notified or interrupted
during this process). When the download is complete, the icon appears in the status area, with notification that the updates are ready to be
installed. Clicking the icon or message provides the option to select which updates to install.

4 = Automatically download updates and install them on the schedule specified below

Specify the schedule using the options in the Group Policy Setting. If no schedule is specified, the default schedule for all installations will be everyday at 3:00 AM. If any of the updates require a restart to complete the installation, Windows will restart the computer
automatically. (If a user is logged on to the computer when Windows is ready to restart, the user will be notified and given the option to
delay the restart.)

To use this setting, click Enabled, and then select one of the options (2, 3, or 4). If you select 4, you can set a recurring schedule (if no
schedule is specified, all installations will occur everyday at 3:00 AM).

If the status is set to Enabled, Windows recognizes when this computer is online and uses its Internet connection to search the Windows Update Web site for updates that apply to this computer.

If the status is set to Disabled, any updates that are available on the Windows Update Web site must be downloaded and installed manually by
going to http://windowsupdate.microsoft.com."

If the status is set to Not Configured, use of Automatic Updates is not specified at the Group Policy level. However, an administrator can still
configure Automatic Updates through Control Panel. </MS Quote>

Hope this helps

Mark Hill - WinXP "Associate Expert"

By Vladimir E. Zyubin on 21 October, 2002 - 12:04 pm

Hi Mark,

In order to achieve understanding, It would be better to explane, what is strange reason MS insert the strings about the changes in the EULA?

Is there any hidden key in the "Run" window to discard the MS condition in the EULA?

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

I certainly did not complain about the level of NT security, and you haven't shown that any of the people on this thread griping about XP did either. Granted, Microsoft has to look at the user base as somewhat of a homogenous whole.

I wouldn't say that requiring me to agree that, without any further consent on my part, Bill G's intern can break my existing software without civil or criminal liability is "enhancing security". Rather, the exact opposite. Anyone accesses my computer without my consent, its a violation of my constitutionally guaranteed property rights, and is all the more egregious if
it is someone with whom I have a business relationship.

Peter Whalley wrote:

>It seems ironic to me that when Microsoft shipped NT with minimum levels of security enabled people critisised them for not taking security seriously because many users would not think about turning on higher levels of security. Now that they do something that enhances the
security of the average PC in the hands of non technical users they get criticised again.<

By Joe Jansen/ENGR/HQ/KEMET/US on 23 September, 2002 - 1:36 am

Mark Hill:
>>>>>
I applaud MS for helping me keep my clients machines updated with the latest SP, patch or fix. Otherwise I'd be visiting my clients every month or two installing the
latest. FYI .... I have the update feature turned off on all my clients machines. When I notice a SP or patch or fix that directly affects their machines, I send them a quick email note suggesting they install it. This way I
can service clients all over the world without leaving my desk.
<<<<<

you are saying on the one hand that they are helping you with this and preventing monthly trips all over the place, But in the next sentence, you state that you have this option disabled? How is this feature relevant to saving you all this time if it is turned off?

The last paragraph above states that you send emails advising that people update their system when you see that a patch has been released that affects them... Why can't that be done without automatic updates?

>>>>>
But what happens when one of their millions of customers doesn't like it and decides to sue them for updating the
software without authorization. They can point to the EUA and say it was part of agreeing to use the software. It keeps their lawyers (and their shareholders) happy." (Well Said Peter !!)
<<<<<

I take that to mean that you don't feel that you should actually have control of the system that you are responsible for then? How can I put this simply? I do not, under any circumstances, in any event, on no way,
shape, or form, want microsoft to push down an update to media player, that includes a change to a .dll file that is linked to by a visualization package in my scada software that causes one of the screens in my scada to freeze up when it tries to play some stupid little animation that the machine builder put in, thus causing the operator to not have the screen updates when the process goes out of range, which causes a heat exchanger
to boil off, destroying the heater coils, and hopefully not causing the tank to overpressurize and burst, injuring or killing someone.

If I am going to be held responsible for the damaged equipment, and possibly someone getting killed, the last thing I want is some worthless update being shoved down my throat that puts the system out from under my absolute, explicit, and dictatorial control. That is the bottom line. I would suggest that if anyone here is responsible for equipment that could cause injury or death, and they do not have absolute final control of every line of code in that system, they are exposing themselves to a level
of risk that would border on being irresponsible. I am not saying that they have to have access to source code for the SLC 500 ladder interpreter or anything silly like that, but you very well should have control over when that or *ANY* code is changed.

Whether or not you uncheck a box, if you tell MS that you agree to let them do it, they are going to take advantage of that at some point. Whether you are willing to expose yourself to that is up to you.

-Joe Jansen

By Vladimir E. Zyubin on 23 September, 2002 - 12:46 pm

Hello Mark,

Mark Hill wrote:
[...]
LM> MS isn't trying to force updates onto the IT community, they're trying
LM> to keep my clients XP boxes from being bombarded by the latest offering
LM> produced by your friendly internet hacker.

Why MS does not update NT for the USB? Why? Why does MS cancel to support NT? The answer is obvious! Why MS constantly changes formats in
MS Office, Word, etc.? Please do not tell me tales about progress... there was no any proncipial innovation since 1995.

LM> I applaud MS for helping me keep my clients machines updated with the
LM> latest SP, patch or fix.
LM> Otherwise I'd be visiting my clients every month or two installing the
LM> latest. [...]

There is no need to reflect it in the EULA. The secure acceptable way is to write a program-"Updater"... so, you (as a supporter) can install it on your clients' PCs.

The words in the EULA is an atempt to lock-in the users, obviously.

LM> One more comment .... WIN2K will be around (and supported) for a LONG
LM> time !!

Win-95 was around for a long time, as well as Win-98 was, as well as Win NT was, as well as Win MilleNium, as well as Win 2000... :-) I must
confess, history makes me feel scepsis when I hear encouraging words from MS.

LM> Vladimir E. Zyubin wrote:
[...]
>>BTW, is it correct, in November we will have to say good bye to Win 2000?

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

Mark Hill:
> One more comment .... WIN2K will be around (and supported) for a LONG
> time !!

To be precise, it will enter the `Extended Phase' as of March 31 2003, though it'll still be available through all channels until March 31 2004
(presumably as a special exception).

The guidelines would seem to indicate that it'll become `Non-supported' at that point, with the remaining minimal support and availability being
subject to termination on 12 months' notice, but Microsoft only seems to be listing actual dates through to the end of December 2003.

"http://www.microsoft.com/windows/lifecycle.mspx":http://www.microsoft.com/windows/lifecycle.mspx
"http://www.microsoft.com/windows/lifecyclefaq.mspx":http://www.microsoft.com/windows/lifecyclefaq.mspx

Whether one and a half years is a ``LONG time !!'' or not obviously depends on what one intends to do with it.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Rokicki, Andrew on 25 September, 2002 - 9:24 am

Who cares.
You want to use XP etc. use it.
This is like arguing what is better meters-feet, centimeters-inches etc.
(please do not respond about these systems.)
I don't want to use Microsoft products, so I don't.
Linux turned out to be much better solutions for us.
I know it is hard to let go off the mouse and actually use keyboard to do things, so what I like what I do and I like leaning new things.
Windows is an excellent system and has its place, when you use it you know what you are getting into.
When you use Windows products you know about licensing issues/support.
I am not sure if I can get DOS 3.1. But I know I can download version 1.0 of Linux if I need to.

By Vladimir E. Zyubin on 25 September, 2002 - 5:17 pm

Hello Jiri,

Support... The most unpleasent thing we faced with is the problem to purchase legal copies of Windows NT (we use it for a HMI that does not have special secure requirements)...

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

By Bob Peterson on 16 September, 2002 - 1:52 pm

Just in case you don't have enough other problems to worry about supposedly there is a huge security hole in Windows XP. The problem is described here.

"http://grc.com/intro.htm":http://grc.com/intro.htm

Bob Peterson

By Joe Jansen/ENGR/HQ/KEMET/US on 21 September, 2002 - 2:02 pm

Which begs the question:

What if your system has to be certified with FDA? (pharm. and food come to mind.) When MS downloads an "update", do regulations require that the system be re-certified? By definition, the code base that is running in the machine has changed. I am sure MS will try to find a way to
circumvent this, but when lawsuits start flying around, FDA may want to know why the software was changed and not recertified. All it takes is a change to some obscure .dll that your scada package links to, and you can be sure that MS has disclaimed any responsibility for making changes to your system without your knowledge.

--Joe Jansen

By Linnell, Tim on 24 September, 2002 - 4:15 pm

This is turning into a bit of a paranoid feeding frenzy. Can I point out that:

1) No-one is obliged to connect a PC on a production line or in a certified environment to the Internet. Indeed, if you do, you probably
run greater risks than the Microsoft Department of Evil.

2) No-one is obliged to use XP. As far as I know Win2000 doesn't require the same licensing terms, and is a better choice anyway. XP is supposed to be a mass market consumer O/S. As others have pointed out, O/S update is a useful feature in such environments, particularly when plugging
security holes. It is not appropriate in the commercial world, in general, and so will not be deployed.

3) Automation (or indeed general commercial use of PCs where IT depts certify OS levels) is a significant market for Microsoft. They will be
aware of the problems automatic update can cause, and will, I suspect, be working to obviate them.

4) Anyone relying on XP, or Win2000 at a single point of failure in safety critical situations is wrong to do so. This is not Microsoft specific -
anyone relying on Linux in safety critical situations is wrong too: the plant must have independant watchdog devices to shut down if danger is detected (this is the great problem with PC based control in general).

5) It is genuinely scandalous to compare Microsoft commercial practices with Osama Bin Laden hacking into a computer. Sorry Curt, but you have lost track of reality if you truly believe that.

Like I said a few months ago - proponents of Open Source would be better served arguing their case on the relative merits of their products rather than indulging in silly FUD and scare tactics and intimations that Microsoft is plotting to destroy the world. It isn't.

Cheers

Tim

By Curt Wuollet on 27 September, 2002 - 4:51 pm

Hi Tim

List Manager wrote:
> ------------ Forwarded Message ------------
> From: Linnell, Tim
>
> This is turning into a bit of a paranoid feeding frenzy. Can I point out
> that:
>
> 1) No-one is obliged to connect a PC on a production line or in a
> certified environment to the Internet. Indeed, if you do, you probably
> run greater risks than the Microsoft Department of Evil.

We agree on the first point anyway.

> 2) No-one is obliged to use XP. As far as I know Win2000 doesn't require
> the same licensing terms, and is a better choice anyway. XP is supposed
> to be a mass market consumer O/S. As others have pointed out, O/S update
> is a useful feature in such environments, particularly when plugging
> security holes. It is not appropriate in the commercial world, in
> general, and so will not be deployed.

This is simply not true. If the automation vendors choose to release their tools on XP, you are pretty much compelled to use it. If we had
a choice of the OS to work with, we wouldn't be having this chat. And the vendors have shown a preference for the "consumer" versions of MS
operating systems regardless of how appropriate they are. My choice, of course, would be none of the above, which would eliminate the consumer vs commercial issue altogether, along with most of the other problems being discussed.

> 3) Automation (or indeed general commercial use of PCs where IT depts
> certify OS levels) is a significant market for Microsoft. They will be
> aware of the problems automatic update can cause, and will, I suspect,
> be working to obviate them.

Huh? From what I've seen they are pretty egalitarian in whose problems they ignore.

> 4) Anyone relying on XP, or Win2000 at a single point of failure in
> safety critical situations is wrong to do so. This is not Microsoft
> specific - anyone relying on Linux in safety critical situations is
> wrong too: the plant must have independant watchdog devices to shut down
> if danger is detected (this is the great problem with PC based control
> in general).

This is a topic for another day, but I know which I'd rather have running my Iron Lung.

> 5) It is genuinely scandalous to compare Microsoft commercial practices
> with Osama Bin Laden hacking into a computer. Sorry Curt, but you have
> lost track of reality if you truly believe that.

Both are convicted criminals whose crimes involve damaging people. Since both practices are the focus of federal prosecution, I stand ready to apologize to whoever's conviction is overturned . It is scandalous to keep insisting that Microsoft can be trusted when they have been proven to be abusing a monopoly. That would seem to be a breach of trust. It's like selling Enron stock to folks simply because they haven't been paying attention.

> Like I said a few months ago - proponents of Open Source would be better
> served arguing their case on the relative merits of their products
> rather than indulging in silly FUD and scare tactics and intimations
> that Microsoft is plotting to destroy the world. It isn't.

I agree, they have absolutely no intention of destroying the world. That would be counterproductive. There's far too much money to be made when they control it. And I apologize for the discomfort that discussions of morals and ethics cause some MS business partners. I am glad, at least, that they are still bothered. Why is that?

Regards

cww

By Linnell, Tim on 2 October, 2002 - 6:40 pm

Sheer madness. If you genuinely equate an organisation that kills thousands of people by flying planes into buildings with a company of which the worst that can be said is that it has attempted to dominate the software applications marketplace by not fully documenting O/S APIs so their own software runs better and dumping Internet client software to promote takeup of server side technology, then I regret to say that you forfeit any right to be taken seriously. However passionately you feel about Open Source, its takeup is hardly a matter of life and death.

This whole thread has been an exercise in silly FUD and scare tactics. Your comparison is an extreme example. Thanks to the person who posted the actual EULA, which I think demonstrates this clearly.

Tim

Absolutely correct Tim.

I've visited the MS campus in Redmond on a number of occasions and I see no evidence of Osama Bin Laden lurking in the hallways.

This thread is evidence that there are two trains of though. Those who consider Microsoft to be the "Evil Empire", and those who consider MS to
be an example of commercialism at it's best.

Given the direction that MS has taken over these many years, I wonder how many in this group would not have followed the same path?

What exactly has MS done other than become the worlds most successful commercial enterprise?
After all, isn't the goal of every company to create the best product in the world, have their products installed in every household on the
planet, and protect their investments to ensure longevity?

End Users have the option of purchasing any product they choose. It appears they've chosen.

Mark

PS .... I still consider QNX to be the most powerful OS on the planet !!

By Richard Higginbotham on 10 October, 2002 - 4:30 pm

Mark Hill wrote:
> Absolutely correct Tim.
>
> I've visited the MS campus in Redmond on a number of
> occasions and I see
> no evidence of Osama Bin Laden lurking in the hallways.

Such comments are in bad taste. I don't mean to single you out, I'm just saying I think we've taken this far enough in a *public, professional* forum. If you live on the other side of the country or in another country it might be far enough removed that you see no problems with it. But as this list is not restricted by geographic location (including New York for example), I think we should all refrain from such comments (most of which are merely to inflame the other side). Just let that dog lie.

> This thread is evidence that there are two trains of though. Those who
> consider Microsoft to be the "Evil Empire", and those who consider MS to
> be an example of commercialism at it's best.

No theres not only 2 sides, theres a wealth of opinions in between, they just don't yell the loudest. We all have topics that we are passionate about, but thats a poor reason to make any decision. I think OSS is the coolest thing since sliced bread, but I would only hurt myself if I refused to listen to any other opinions or ways of doing things.

Regards,
Richard Higginbotham
(speaking for me)

>> > I've visited the MS campus in Redmond on a number of
>> > occasions and I see no evidence of Osama Bin Laden
>> > lurking in the hallways.
>>
>>Such comments are in bad taste. I don't mean to single
>>you out, I'm just saying I think we've taken this far
>>enough in a *public, professional* forum.

The entire Bin Laden thread in this conversation is based on one of the worst analogies and least thought through comparisons I've ever heard in my life. It was stated in incredibly poor taste with the clear intent of inflaming and injuring without regard for the audience. It is very fair to attack opposing views based on merit and facts, but making such comparisons is the worst form of zealotry. The comment may have been made in haste or in the heat of the moment, but then it was restated it days later. That absolutely disgusts me.

I hope that the person who made the comment would apologize to the list, but I'm not holding my breath.

Jeff

I apologize for suggesting that I hadn't seen Bin Laden in the MS campus, but I didn't make this initial comparison.

Someone prior to me suggested he be compared to MS.

Mark Hill

By Curt Wuollet on 21 October, 2002 - 2:18 pm

Hi Jeff

On the contrary, I have not hesitated to make a public apology when I've been wrong. My implication, while perhaps graphic, was that Bill Gates is a greater threat to our personal rights and security. Recent revelations tend to support this and I stand by that implication. I do regret that particular comparison as many have not
considered the particular context in which it was made. I will endeavor to pick less controversial, but equally illustrative personalities to compare our native, would be, dictators with. I simply can't think of any acceptable ones at the moment. To those who were offended outside my intended scope, please accept my apologies and bear in mind
that I mean well and am merely relating my analysis of the concerted intent of all the nebulous, incremental, seemingly unrelated small encroachments on our rights and liberty. Try as I might, I fail to see any that are good for us as
opposed to Microsoft.

Regards

cww

By Anthony Kerstens on 10 October, 2002 - 4:33 pm

"End Users have the option of purchasing any product they choose.
It appears they've chosen."
??????????????????????????????????????

No. Emphatically NO. The products that I like have withered and died, unable to compete with Microsoft. I used to love Word Perfect, Quattro, and OS2. Where are they now?

Microsoft has maintained their profitability at the expense of my being able to use products that I prefer. I spent good money on Word Perfect, Quattro, and OS2. Now, to remain on par with everyone else and to be able to use my industrial software, I'm inextricably tied the perpetual money sinkhole that is Microsoft compatibility.

Hell, I was even tempted to try Corel's rendition of Word Perfect for Linux, but I didn't dare because I suspected I would be wasting my money. LOOK what happened to that product, and Corel for that matter.

Anthony Kerstens P.Eng.

By Curt Wuollet on 16 October, 2002 - 10:33 am

Hi Anthony
Exactly, and I wouldn't feel bad about not buying the Corel Suite. WP7, which I liked a lot, was a native port as close as I can tell. It was fast, and pretty good for a first port. The next effort was a Windows product (they were "saved" by MS) and made to kinda work with Linux. I tried it, it was very forgettable. They also coincidentally got out of the Linux business. Even though Corel Linux was quite well thought of, especially by Windows users. Hmmmm......

I think MS just kept them around so they can point to their "competition". It wouldn't do to have none when you're engaged in monopoly litigation.

Regards
cww

>> >"End Users have the option of purchasing any product they
>> >choose. It appears they've chosen."
>>??????????????????????????????????????
>>
>>No. Emphatically NO. The products that I like have withered and
>>died, unable to compete with Microsoft. I used to love Word
>>Perfect, Quattro, and OS2. Where are they now?

I'm sorry for your loss, but when end users choose, often times the competition does disappear.

OS/2 sucked for developers. Presentation Manager had an incredibly incomplete and bug ridden GUI API. It never ran Windows better than Windows. It never ran DOS better than DOS. And frequently, it ran OS/2 native apps poorly.

Jeff Dean

By Ralph Mackiewicz on 19 October, 2002 - 1:15 pm

You can't win for losing. Both WordPerfect and QuattroPro are available from Corel. There is StarOffice from Sun. SmartSuite from Lotus/IBM. OpenOffice for free with source code. Except for
SmartSuite, these also run on non-MS platforms. The choices are there, the market is aware, but the buyer won't spend the money. Who is making these choices wither? (assuming that they are withering). Look in a mirror.

Regards,
Ralph Mackiewicz
SISCO, Inc.

By Curt Wuollet on 22 October, 2002 - 4:28 pm

And it's not quite that simple. No matter how good the programming is in competing products, no matter how well they run, even if they are absolutely perfect in their own right, Microsoft controls how well they will work with the other 90+ of the world, and they jigger this with every release. That's what monopoly power is about.
This is one of the most aggravating aspects because people never blame MS for this, they simply declare the competition to be inferior. They can, and have, even rigged the OS so
competing products choke. Again, the competition is "inferior". No competitor has ever been able to compete on a level playing field. Yet here we have people saying there were choices and MS won fair and square. Even with there finally being a choice of an OS that MS can't control, the
secret APIs and assorted other "innovations" still make even the finest competitive product "inferior" when it has to work with Microsoft products. The effect is such that you can really only fairly judge competing products by themselves, on Linux, with cooperating peers. They do a lot better when tested this way. Tested
fairly, Samba on Linux, for example, is a better Windows file server than NT. Making comparisons between MS and anything else on Windows is
watching a game where the "fix" is in so the outcome is known.

Regards

cww

By George \(Jim\) Hebbard on 25 October, 2002 - 9:11 am

Curt Wuollet wrote:
><snip> Microsoft controls how well they will work
>with the other 90+ of the world, and they jigger this
>with every release. That's what monopoly power is about.

This thread has been going on too long. While I agree (mostly) with Curt, it's more sour grapes than constructive information.

It's difficult to avoid the flavor of a jihad when discussing operating systems. However, it's true that many who read this list do not know what
a TRS-80 is nor what was lost when Kildall overpriced the 16 bit version of CP/M. (The whole industry has suffered from the lack of file and record locking under DOS).

I watched Excel chase Quattro for many years until giving up in pain. The one clear point is that Microsoft products are a whole lot better because of the competition they faced.

Is Linux better than Windows 2000 Pro? The true answer is sometimes and for some people. Is XP better? Apparently only from a marketing standpoint for Microsoft.

So where does this leave us? It leaves us with a solid need for good information and non-emotional posts that >inform< rather than proselytize,
because >we< are often the leaders pulling IT in new directions, and we had better get our stories straight. That is the value of this list-server
from Control.com, for whom my hat is off with great respect for the effort.

=>Jim<=

By Anthony Kerstens on 23 October, 2002 - 11:13 am

> >"End Users have the option of purchasing any product they choose. It
> > appears they've chosen."

> ... The choices are
> there, the market is aware, but the buyer won't spend the money. Who is
> making these choices wither? (assuming that they are withering). Look in
> a mirror.

Ralph,

Well, OS/2 certainly withered and died, didn't it. Obviously, it's not me making the choices, is it? If I started using Corel just because I felt like it, I would still have to keep a Microsoft operating system to do things like run RSLogix, or for that matter, upgrade to the latest version of Wordperfect.

Of course, there's the question of why Rockwell and others are developing for Microsoft to begin with? Let me conjecture that at the very least they saw how the market was and made their choice. If the market was as it used to be, they
might well offer their suite of products for multiple operating systems. For that matter, perhaps someone in the know could offer-up why USData, who used to offer Factorylink in multiple operating systems including Unix and OS/2, is now touting Microsoft .Net?

I understand what you're saying, and yes, I understand how the market works. The market is not perfect. Not everyone participating in the market can afford the luxury of making choices based on what they would like. And not everone
in the market is going to investigate their software options when they can go out and buy a pre-configured system. Certainly, most end-users don't realise there's another option beside Microsoft. For example, although Dell does sell Linux, up front they only offer XP.

Maybe Corel and Redhat need to launch an awareness campaign to compete with Microsoft, but do they have the resouces to do that? Maybe computer suppliers needs to offer systems with choices up front, but wouldn't that simply confuse their average customer?

The bottom line is the market is imperfect, and my software and operating system choices remain at the discretion of others.

Anthony Kerstens P.Eng.

By Curt Wuollet on 9 October, 2002 - 3:12 pm

Hi Tim

List Manager wrote:
> ------------ Forwarded Message ------------
> From: Linnell, Tim
>
>>>5) It is genuinely scandalous to compare Microsoft commercial
> practices
>>>with Osama Bin Laden hacking into a computer. Sorry Curt, but you
>>>have lost track of reality if you truly believe that.
>>
>>Both are convicted criminals whose crimes involve damaging people.
>>Since both practices are the focus of federal prosecution, I stand
>>ready to apologize to whoever's conviction is overturned . It is
>>scandalous to keep insisting that Microsoft can be trusted when
>>they have been proven to be abusing a monopoly. That would seem to be a
>>breach of trust. It's like selling Enron stock to folks simply because
>>they haven't been paying attention.
>
> Sheer madness. If you genuinely equate an organisation that kills
> thousands of people by flying planes into buildings with a company of
> which the worst that can be said is that it has attempted to dominate
> the software applications marketplace by not fully documenting O/S APIs
> so their own software runs better and dumping Internet client software
> to promote takeup of server side technology,

I would agree if that was the worst that could be said of them. And I didn't compare them except that I'd rather have OBL hacking my computer, and the fact that both are guilty of federal crimes that have done massive damage. Others have added the madness. Please cite any untruth regarding MS, I'm mot worried about slandering OBL. Are you saying that if OBL had done what he'd done in a business context that would be less of a crime? Or that MS is only doing what is in the suit?

then I regret to say that
> you forfeit any right to be taken seriously. However passionately you
> feel about Open Source, its takeup is hardly a matter of life and death.

Are the billions of dollars involved in exclusive licensing deals, the enormous cost of the virus of the week, the cost of downtime and the
obvious restriction of trade simply OK?

> This whole thread has been an exercise in silly FUD and scare tactics.

Again, please point out any untruths and please debunk any FUD. People like to simply ignore that things like UCITA, Palladium, TCPA, the EULA's, and the host of other things going on in the big picture have a dark side. These combined with monopoly power can simply and legally, exclude all competition and grant nearly absolute control of anything you do with a computer to Microsoft.
I suppose that's clever and excellent business and should be commended. Those of us on the dirty end of the stick don't think so. But in the end, it's not my dollars they're after. How do you
suppose anyone could ever calculate the damage done? That is, once they realize there is real damage being done. Not that they'll be able to do anything about it. People are getting a clue, I hope it's soon enough. Other countries are way ahead of us on this. It must be their imagination too.

> Your comparison is an extreme example.

To the extent that you misinterpret my example, yes.

Thanks to the person who posted
> the actual EULA, which I think demonstrates this clearly.

And thanks for the still free internet where alternative
voices can be heard. For a little while yet. I'll be locked
out of the MSInternet if it comes to pass

Regards

cww

Joe Jansen/ENGR/HQ/KEMET/US:
> What if your system has to be certified with FDA? (pharm. and food
> come to mind.) When MS downloads an "update", do regulations require
> that the system be re-certified?

Technically, yes, that's a problem. (It's probably a problem even if the machine isn't connected to the network, simply on account of the EULA.)

In practice, it's not important: one does not connect a critical machine to a public network when the machine doesn't have any certified security (Windows had a certified security rating once, but it was: (a) different version, no longer supported, (b) with the network not connected, and (c) only C2 anyway).

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

>>Windows had a certified security rating once, but it
>>was: (a) different version, no longer supported, (
>>b) with the network not connected, and (c) only C2
>>anyway).

The US Government (who created and certified "C2" security in Windows NT 3.5 and 4.0) and other governments changed it's security rating system
in 1998. The new system is called the "Common Criteria for Information Technology Security Evaluation (CCITSE)."

Windows 2000 is currently undergoing the rigorous review to achieve certification comparable to C2 as a distributed operating system (connected to a network). Windows XP has also started this process.

To read more about CCISTE see:
"http://niap.nist.gov/howabout.html":http://niap.nist.gov/howabout.html

To see other CCISTE certified operating systems see:
"http://niap.nist.gov/cc-scheme/ValidatedProducts.html#operatingsystem":http://niap.nist.gov/cc-scheme/ValidatedProducts.html#operatingsystem

To read Microsoft's explanation see:
"http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/secureev.asp";:http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/secureev.asp

The truth, the whole truth, and nothing but the truth,

Jeff

By Joe Jansen/ENGR/HQ/KEMET/US on 29 September, 2002 - 1:07 pm

The quotes on their website seem to contradict what Brian Valentine, Senior VP of Windows Development team states. According to Mr. Valentine, "Our products just aren't engineered for security". In contrast, the website claims that it was built to be secure.... Given the rash of security problems, if Windows makes it through the testing, I would question the veracity of the test.

Oh, and for the curious, I got the quote from infoworld, specifically:

"http://www.infoworld.com/articles/hn/xml/02/09/05/020905hnmssecure.xml":http://www.infoworld.com/articles/hn/xml/02/09/05/020905hnmssecure.xml

Enjoy!

--Joe Jansen

Joe Jansen:
> Given the rash of security problems, if Windows makes it through the
> testing, I would question the veracity of the test.

That's needlessly harsh, Joe. Many of the security problems are coding errors, typically buffer overruns, which only play a minor role in CAPP to begin with. The most publicised ones are intrusions over a public network, which is not covered at all (assumption A.PEER, network under
one management). Some of them are exacerbated by lax patching, which again is not covered (A.NO_EVIL_ADM, admin not careless).

The fact of the matter is that CAPP is not all that much security.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

Jiri Baum:
> >>Windows had a certified security rating once, but it was: (a)
> >>different version, no longer supported, (b) with the network not
> >>connected, and (c) only C2 anyway).

Jeff Dean:
> The US Government (who created and certified "C2" security in Windows
> NT 3.5 and 4.0)

Ah, sorry about that, I was not aware of the NT 4.0 certification - NT 4.0 is still supported until mid-2003. Not particularly long as far as
automation goes, but my point (a) was incorrect.

> and other governments changed it's security rating system in 1998. The
> new system is called the "Common Criteria for Information Technology
> Security Evaluation (CCITSE)."

Yeah, I can never remember the new acronym, and it's a much more complex system. That makes it more flexible, of course, but also harder to
remember and keep track of.

> Windows 2000 is currently undergoing the rigorous review to achieve
> certification comparable to C2 as a distributed operating system
> (connected to a network). Windows XP has also started this process.

Right, that will - when finished - deal with point (b). It does nothing for point (c).

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Curt Wuollet on 3 October, 2002 - 11:49 am

And the same politics stopped the NSA's work on
Linux, guess who was complaining? It's the best
certification money can buy! Just one more
exclusionary tactic.

Regards

cww

Jeff Dean wrote:
>
>>>Windows had a certified security rating once, but it
>>>was: (a) different version, no longer supported, (
>>>b) with the network not connected, and (c) only C2
>>>anyway).
>>
>
> The US Government (who created and certified "C2" security in Windows NT
> 3.5 and 4.0) and other governments changed it's security rating system
> in 1998. The new system is called the "Common Criteria for Information
> Technology Security Evaluation (CCITSE)."
>
> Windows 2000 is currently undergoing the rigorous review to achieve
> certification comparable to C2 as a distributed operating system
> (connected to a network). Windows XP has also started this process.
>
> To read more about CCISTE see:
> http://niap.nist.gov/howabout.html
>
> To see other CCISTE certified operating systems see:
> http://niap.nist.gov/cc-scheme/ValidatedProducts.html#operatingsystem
>
> To read Microsoft's explanation see:
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
> ity/prodtech/secureev.asp
>
> The truth, the whole truth, and nothing but the truth,
> Jeff

You're right, Curt. If it negatively effects Linux, it must be Microsoft playing politics. When Microsoft speaks, the US government quivers and shakes in fear of the evil empire. Hahaha... Sorry... Someone pick me up off the floor. :)

You failed to mention that the NSA is still funding security research for Linux with RedHat and Network Associates. Interestingly, the US
government is also working with Apple (among other vendors) to create a secure version of FreeBSD.

The point is, the NSA won't be doing the work themselves, but the federal government is still heavily involved in funding open source R&D.
I'm going to go out on a limb and suggest that this is on par with the lack of NSA developers working in Redmond. It is not the Federal Governments role to endorse any particular vendor or solution, but very important for them to continue funding basic computer science research.

Jeff

By Curt Wuollet on 11 October, 2002 - 11:19 am

Laugh if you want, the publicly stated reason was
due to complaints from Microsoft. It's hard to
ridicule facts. And if they've got the influence
to cow the DOJ, I think it's safe to say they can
more or less dictate policy. The government as
a whole doesn't shake and quiver, but a lot of
congressmen dance to the music. Anyone who tries
to pass off UCITA as being in the interest of their constituents could name that tune. That's how it's done. It's much easier than intimidation.

Regards

cww

By Ralph Mackiewicz on 9 October, 2002 - 3:08 pm

I'm fairly confident that anybody on this list that would actually describe publicly what the NSA is doing doesn't know what the NSA is doing. They could have a 1000 people working on Linux and outside of those 1000 people nobody is likely to know. And that is how it should be. There may have been some public declarations but I, for one,
wouldn't believe anything that is publicly stated about what the NSA is or isn't doing.

Ironically, if the government would have simply avoided filing its politically motivated anti-trust suit against MS in the first place they would have remained naive as to the ways of Washington and it would have been a whole lot easier for the feds to migrate to Linux. Ever since the government went after MS they are now more active in the lobbying arena then ever. It will be more difficult for the goverment to do anything to change their usage of MS products now
with that $39 Billion in cash greasing the greedy palms of the US Congress. It is sad that politics today is really dysfunctional. It should be obvious to everyone by now that Linux is a signficant factor in the market and that its usage and influence will continue to grow over time. The best thing that could happen to Linux is for the government to stay out of it. The political situation will only allow the government to do something after the rest of us have embraced it for the right business reasons instead of for political reasons.

Regards,
Ralph Mackiewicz
SISCO, Inc.

----------- Confidentiality ---------------
The message above is confidential information and should not
be read by anybody. If you happen to see any of the text
associated with this message please have your brain erased
of all memory of this message at your local Recall outlet
at your earliest convenience. Failure to abide by these
requirements may result in unpleasant memories.
----------------------------------------------------

By Curt Wuollet on 14 October, 2002 - 3:42 pm

Hi Ralph,
I quite agree with most of your points. Now, in the reality of the conviction and remedy phase, the most reliable and most cost effective solution would be for the government simply to remove MS from their approved vendor list until such time as they change their ways. None of the top proposed remedies is even arguably enforceable with a scofflaw company that has the will, the resources and the intent to evade, ignore and delay. We've already seen that. This would also guarantee that there is a viable market for alternatives, which would restore balance quickly and put MS in the position of _having_ to play with everyone else. It would also put the burden on the convicted, rather than the taxpayers.

Regards
cww

By Higginbotham Ricky on 16 October, 2002 - 9:23 am

Hi Ralph,

> From: Ralph Mackiewicz
>
> > And the same politics stopped the NSA's work on Linux, guess who was
> > complaining? It's the best certification money can buy!
> Just one more
> > exclusionary tactic.
>
> I'm fairly confident that anybody on this list that would actually
> describe publicly what the NSA is doing doesn't know what the NSA is
> doing. They could have a 1000 people working on Linux and outside of
> those 1000 people nobody is likely to know. And that is how it should
> be. There may have been some public declarations but I, for one,
> wouldn't believe anything that is publicly stated about what
> the NSA is
> or isn't doing.
>
> Ironically, if the government would have simply avoided filing its
> politically motivated anti-trust suit against MS in the first
> place they
> would have remained naive as to the ways of Washington and it
> would have
> been a whole lot easier for the feds to migrate to Linux.
> Ever since the
> government went after MS they are now more active in the
> lobbying arena
> then ever. It will be more difficult for the

I think its a fallacy to assume that government intervention is always bad for the market place (nor always good). Businesses and "Business people" will push the limits of legality and prudent judgement if left unchecked (witness Enron, etc.). Not all of them, but enough of them to be a detriment to society. Goverment may be a chainsaw instead of a surgical blade, but sometimes its better to just amputate the limb.

> goverment to do anything to change their usage of MS products now
> with that $39 Billion in cash greasing the greedy palms of the US
> Congress. It is sad that politics today is really dysfunctional. It
> should be obvious to everyone by now that Linux is a signficant
> factor in the market and that its usage and influence will continue to
> grow over time. The best thing that could happen to Linux is for the
> government to stay out of it. The political situation will only allow
> the government to do something after the rest of us have
> embraced it for the right business reasons instead of for political
> reasons.

Unfortunately, politics is already a tool being used by "the other side". From Miscrosoft to the RIAA. Its critically important that the OSS embraces that (political involvement) as the future. It doesn't do you any good to be great at writing *illegal* software.

Regards,
Richard Higginbotham

> Regards,
> Ralph Mackiewicz
> SISCO, Inc.

If I had to choose between Bill Gates meddling with my computer over the Internet or Osama bin Laden flying a Boeing 747 into it, I'd pick the former.

There are some posts back there which had some actual technical information stating that remote updates can be disabled on WinXP. (I'd prefer this were the default setting.) What is this thread really about now ?

Jay Kirsch

The argument whether or not this setting over-rides the EULA. Far too many people suspect it does not, including the `fair and balanced'
article someone was trying to hit me over the head with.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Martinicky, Brian on 26 September, 2002 - 5:17 pm

Then unless any attorneys are contributing to this thread, what we really have here is a bunch of engineers spinning their wheels trying to think like lawyers. Never a good thing...

Regards,
Brian

By Michael Griffin on 1 October, 2002 - 11:05 am

On the other hand, if you think you would get a clear and unambiguous answer from a lawyer, then I think you are in for a bit of a shock when you do talk to one. All they could give you is an "opinion" of what a judge might say.

************************
Michael Griffin
London, Ont. Canada
************************

By Joe Jansen/ENGR/HQ/KEMET/US on 6 October, 2002 - 4:08 pm

I think the confusion may not be entirely coincidental. By calling them "security updates", users are more likely to agree to having the DRM (Digital Restriction Mechanism) updates automaticaly installed. All it takes, according to a previous posting of parts of the EULA, is to download a driver to play a audio or video file, and you implicitely agree to having these updates downloaded forever.

Obviously, then, is the need to keep these players off of any production equipment. That would clear any of this up. Except that media player is "integrated" into windows, and cannot be removed. The "tool" that MS released to "remove" components in "compliance" with the DOJ proposal doesn't actually remove anything. All it does is take them off the menu's. From what I have heard (I don't use XP, so I can't say first hand), WMP and IE are still used as default after they are "removed".

Therefore, taking the media players off isn't a real option, is it?

So it comes down to making sure that no operator ever plays an audio or video file ever on a production machine. According to the EULA, the
operator, by playing the file, is granted decision making authority for your entire company with respect to agreeing to have the DRM updates
shoved down. I believe I addressed the "don't put it on a network" objections in a previous posting. I don't know about anyone else, but I
am not comfortable giving my weekend night shift operators that level of decision making authority for any of the plants.

This does not address, of course, the fact that windows was already found to have at least one backdoor in place (something a while back about NSA access and european gov'ts throwing a fit about finding it. Anyone else remember that?). It does not address what else might be updated "for your convenience" while the DRM downloads take place. Bob Peterson posted his experience with Win2000 updates locking up his system on another thread. I had the same problem on my Dell Laptop, but our IT guy luckily had a copy of SP2 burned to a CD. Imagine if the update occured automatically "for the users convenience". Maybe I am wrong, but if you try to push the ease of use for a PC down to the level of a television, you will end up with something that has the functional ability of a television. PC's are sometimes complicated machines. They are designed to be able to perform
difficult tasks. You either need to make the commitment to learn how to use it properly, or don't use it.

--Joe Jansen

>>This does not address, of course, the fact that windows was already found to have at least one backdoor in place (something a while back about NSA access and european gov'ts throwing a fit about finding it. Anyone else remember that?).>>

Give me a break! You state that as if it's fact and can be proved. Try venturing off Slashdot for a while to get the news...

"www.cnn.com/TECH/computing/9909/13/backdoor.idg/":http://www.cnn.com/TECH/computing/9909/13/backdoor.idg/

"www.usatoday.com/life/cyber/tech/ctg035.htm":http://www.usatoday.com/life/cyber/tech/ctg035.htm

"ntbugtraq.ntadvice.com/default.asp?sid=1&pid=47&aid=52":http://ntbugtraq.ntadvice.com/default.asp?sid=1&pid=47&aid=52

The FUD in here is really getting deep.

Jeff

By Bob Peterson on 10 October, 2002 - 4:22 pm

> http://www.cnn.com/TECH/computing/9909/13/backdoor.idg/
>
> http://www.usatoday.com/life/cyber/tech/ctg035.htm
>
> http://ntbugtraq.ntadvice.com/default.asp?sid=1&pid=47&aid=52

And you actually believe the MS story that this is about recovering from an Earthquake?

OTOH-anyone stupid enough to rely on the Windows crypto system for anything that needed serious security deserves to be hacked.

Bob Peterson

By Curt Wuollet on 16 October, 2002 - 10:28 am

Hi Bob
Unfortunately, many people who should know better do rely on MS crypto. Including all but the most secretive parts of the government. I do agree with the articles in that I can't see MS even screwing with keys. They have access to the plaintext and the machine and nobody can watch them.

They wouldn't need a key unless something was encrypted/decrypted outside the box. Why use the window when the door's open? Just tee the input/output of the crypto functions. And I'm sure they'd never make a deal with their largest, most loyal, customer :^)

Regards
cww

>>And you actually believe the MS story that this
>>is about recovering from an Earthquake?

Yes, I believe the MS explanation. It requires grasping at fewer straws than some hack who finds a variable name with a convenient name to support some inane conspiracy theory.

Jeff

By Vladimir E. Zyubin on 21 October, 2002 - 10:16 am

I am sorry, what an inane conspiracy theory?

EULA in pure English says - MS may change the codes in your PC.

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

By Peter Whalley on 23 October, 2002 - 2:36 pm

Vladimir,

"may change" does not necessary mean that they "will" change the codes or that they "must be allowed" to change the codes or that you "grant them the right" to change the codes regardless of your wishes. It could quite
reasonably mean that they are advising you that such a thing "could" happen under certain circumstances. The consipiracy theorist will of course interpret in the worst way but that does not make them right.

As I understand the law, (and I'm not a lawyer) in a contract where wording is ambiguous, the party that didn't write the words has the ability to ask for them to be interpreted in the way which most favours them.

This combined with comments from Microsoft that it is not their intention to force users to install upgrades against their wishes and the fact they provide the facility to turn off automatic upgrades leads me to conclude that it is neither Microsofts intention nor their right under the terms of the EULA to force users to install upgrades. Others interpret the EULA
differently but I think as a minimum there exists uncertainty not the clear cut interpretation some would argue.

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

Peter Whalley:
> "may change" does not necessary mean that they "will" change the codes

Actually, while the licence does say "may ... check" and "may provide upgrades", it also says they "*will* be ... downloaded" (emphasis mine).

To quote the EULA: """You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components
that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer."""

> The consipiracy theorist will of course interpret in the worst way but
> that does not make them right.

If your goal is to CYA (or simply to provide a reliable solution), it's probably a good idea to be pretty paranoid about things.

> This combined with comments from Microsoft that it is not their
> intention to force users to install upgrades against their wishes and
> the fact they provide the facility to turn off automatic upgrades

These things would probably help a lot, but I'm not a lawyer either.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Vladimir E. Zyubin on 5 November, 2002 - 4:23 pm

No needs to be a lawer in our case.

....I am afraid I must dissapoint you - in our case the word "may" means "will" and nothing more.

And I beleave you when you are saying "I'm not a lawyer", so I expect you will beleave me that I am not a conspiracy theorist...

(...though I agree with you there is a food for thought for the men that interesting in national security questions around the world ;-) not only
in Australia and Europe, but in the USA as well)

--
Best regards.
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

> From: Vladimir E. Zyubin
> ....I am afraid I must dissapoint you - in our case the word "may" means
> "will" and nothing more.

Cool ! We are now free to make a word mean whatever we feel like it should mean. I'll be stoked the next time one of those Publisher's
Clearinghouse letters comes in the mail announcing that I "may" have won a million bucks.

>From http://www.control.com/1026152593/index_html :

"It is just violation of the identity principle.
(the requirements that any correct term shell not allow double meanings).
The identity principle is one of the base methodology principles of
science and logic."

The author of this forgot to mention "MiSREP": the Microsoft Reason Exclusion Principle. The theory behind this principle is way over my head, but its effect is easy to see: any general discussion about Windows runs on forever, without a sustained connection to reality.

JK

By Vladimir E. Zyubin on 5 November, 2002 - 4:47 pm

Hello Jay,

Collins English Dictionary I open states that the word "may" (only as a verb) has ten meanings... but I can not catch the problem with the understanding in our case...

When an End-User signs the EULA it means the End-User is in agreement that MS _will_ change his soft. I am sorry, but it is very strange I have to chew this triviality for somebody...

--
Best regards.
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

By Joe Jansen/ENGR/HQ/KEMET/US on 11 October, 2002 - 4:09 pm

Sorry, my mistake. I had not heard how that issue had ended. I will retract my statement quoted below.

I was amused by part of the cnn article, however, that states:

''That it allows the NSA to load unauthorized security services, compromise your operating system -- that's nonsense,'' said Schneier, who
runs Counterpane Internet Security Inc. ''The NSA can already do that, and it has nothing to do with this.''

I feel better now, I guess......

Although in fairness, they can most likely do the same with any OS.

--Joe Jansen

By Curt Wuollet on 19 October, 2002 - 12:29 pm

Hi All

Don't have much time on Mondays (job hunting) but I thought I'd share some interesting research I've come across on the general discussion.

"http://www.linuxdevices.com/articles/AT7225637142.html":http://www.linuxdevices.com/articles/AT7225637142.html

"http://www.internetnews.com/ent-news/article.php/1378731":http://www.internetnews.com/ent-news/article.php/1378731

Apparently, others recognize the exciting potential.

Regards

cww

Joe Jansen:
> I think the confusion may not be entirely coincidental. By calling
> them "security updates", users are more likely to agree to having the
> DRM (Digital Restriction Mechanism)

Actually, "Digital Rights Management", but your expansion makes just as much sense :-)

> updates automaticaly installed. All it takes, according to a previous
> posting of parts of the EULA, is to download a driver to play a audio
> or video file, and you implicitely agree to having these updates
> downloaded forever.

Actually, it's now rolled into SP1 for XP (and SP3 for W2000), so you don't even have to do that. Convenience plus!

> So it comes down to making sure that no operator ever plays an audio
> or video file ever on a production machine.

Like training videos, for instance.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Vladimir E. Zyubin on 1 October, 2002 - 11:21 am

In any case, try to think is better than do not try to think...
Lets be a bit more constructive and not say rash words...
A list of fears was stated in the thread... I personally see, it is a list of common fears. Great!

And if we dare to click the "Yes, agreed" button without a visitation of legal advice office then we all are slightly lawyers... ;-)

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

> The argument whether or not this setting over-rides the EULA. Far too
> many people suspect it does not, including the `fair and balanced'
> article someone was trying to hit me over the head with.
>
> Jiri

I don't think it helps to "suspect" anything or to read the opinions of others on this matter when you can just read the EULA directly.

Below are the references that I found in the WinXP EULA about the update features. Notice the phases "If you choose..." and "...,if you elect...". I do not see any statement mandating the use of Internet updates or that you must ever connect your computer up to the Internet at all.

The first paragraph is about games; nothing at all to do with present automation concerns.

The second paragraph says that security updates will be downloaded in conjunction with downloading a license that permits the playing of
secure content. This is not about general network security, it is about the security of copy protected works. After downloading such
an application, there is no requirement to stay connected to the Internet or to go back on the Internet later for more security updates.

Again, this is not relevant to automation. Why is it there ? MS does not want to be sued by content providers for security glitches in MS's DRM software that might allow this content to be illegally duplicated.

Jay Kirsch

"* Internet Gaming/Update Features. If you choose to utilize the Internet gaming or update features within the Product, it is necessary to use certain computer system, hardware, and software information to implement the features. By using these features, you explicitly authorize Microsoft or its designated agent to access
and utilize the necessary information for Internet gaming and/or updating purposes. Microsoft may use this information solely to improve our products or to provide customized services or technologies to you. Microsoft
may disclose this information to others, but not in a form that personally identifies you."

and

"* Security Updates. Content providers are using the digital rights management technology ("Microsoft DRM") contained in this Product to protect the integrity of their content
("Secure Content") so that their intellectual property, including copyright, in such content is not misappropriated. Owners of such Secure Content ("Secure Content Owners") may, from
time to time, request Microsoft to provide security related updates to the Microsoft DRM components of the Product ("Security Updates") that may affect your ability to copy, display and/or play Secure Content through Microsoft software or third party applications that
utilize Microsoft DRM. You therefore agree that, if you elect to download a license from the Internet which enables your use of Secure Content, Microsoft may, in conjunction with such license, also download onto your computer such Security Updates that a Secure Content Owner has requested that Microsoft distribute. Microsoft
will not retrieve any personally identifiable
information, or any other information, from your computer by downloading such Security Updates."

By Donald Pittendrigh on 8 October, 2002 - 6:32 am

Hi All
I am rather inclined to believe whether you choose or not, and whether you believe or not, and also whther you use WinXP or not, your operating system version is probably being checked already anyway. I also believe when you download hotfixes from whatever source and when you utilise service packs, you upgrade or change components of windows of which 99% of us have either no knowledge or possibility of auditing, i.e. you are being controlled anyway, internet or not, like it or no. Simple solution is to get rid of all MS operating systems, if you are tough enough.

Regards
Donald Pittendrigh

>> Notice the phases "If you choose..." and "...,if you elect...". I do not see any statement mandating the use of Internet updates or that you must ever connect your computer up to the Internet at all.>>

By Curt Wuollet on 13 October, 2002 - 11:22 am

Aye, and there's the rub. In our context (largely PLCs in automation) you have to be more than tough, you would have to reverse engineer and rewrite all your tools to run on Linux. That's why Mark's "people have chosen" argument is so ridiculous. You do have a choice: You can use PLCs, which requires that you use Windows, the only supported platform. Or, you can write your own complete automation infrastructure and use whatever else you want. Some choice. Of course this is viewed as a level playing field by the Microsoft crowd. Which brings up the "Let them eat cake" argument which goes "If you want to use Linux, Go ahead!". As if it were actually possible in a monopoly situation. We do have a few tough engineers working on the infrastructure, but everyone else needs a real choice before we can say they've had one.

Regards

cww

By Blunier, Mark on 24 September, 2002 - 4:22 pm

Jay Kirsch wrote:
> If I had to choose between Bill Gates meddling with
> my computer over the Internet or Osama bin Laden flying a Boeing
> 747 into it, I'd pick the former.

You don't have that choice.

> There are some posts back there which had some actual technical
> information stating that remote updates can be disabled on
> WinXP. (I'd prefer this were the default setting.) What is this
> thread really about now ?

It is about MS EULA that says that they can make any changes that they want to your computer. Some people here want to believe that MS will only do things in the consumers interest, and
that MS will never create a problem propagating 'updates'. We are trying to point out that we don't believe this to be the case.
We are also trying to point out that if the MS is only going to provide these updates when the update feature is selected, the EULA should state that the users are only going to give up these
rights when the update feature is activated.

Mark Blunier
Any opinions expressed in this message are not necessarily those of the
company.

> From: Blunier, Mark

> Jay Kirsch wrote:
> > If I had to choose between Bill Gates meddling with
> > my computer over the Internet or Osama bin Laden flying a Boeing 747
> > into it, I'd pick the former.
>
> You don't have that choice.

I didn't bring up the comparison, you should have taken that up with ccw.

> > There are some posts back there which had some actual technical
> > information stating that remote updates can be disabled on
> > WinXP. (I'd prefer this were the default setting.) What is this
> > thread really about now ?
>
> It is about MS EULA that says that they can make any changes that
> they want to your computer. Some people here want to
> believe that MS will only do things in the consumers interest, and that
> MS will never create a problem propagating 'updates'. We
> are trying to point out that we don't believe this to be the case. We
> are also trying to point out that if the MS is only going to
> provide these updates when the update feature is selected, the EULA
> should state that the users are only going to give up these
> rights when the update feature is activated.

Updates will cause problems, no doubt about it. If you have a validated production computer and update software on it, it is no longer validated.
This goes for any OS. Thanks for the reminder.

I do not follow your second point. What are "these rights" ?

jk

By Vladimir E. Zyubin on 27 September, 2002 - 5:25 pm

Hello List,

The problem is not in evil will of MS.
The global disaster can happen because of an human error, i.e., by unpremeditated way... or because of terrorism... The centralized and
user-independent changes ("update", "upgrade") of OS is a point of global instability...

Also need to say that "update" of OS principially differs from an update of an ordinary application... in the case of OS changes, a
posible error is not a local thing and is connected with whole system functionality.

So, who will control the point of global instability? Bill Gates?
Usama bin Laden? Uncle Sam?

...and so on, very interesting topic...

--
Best regards,
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

Wednesday, September 25, 2002, 2:26:15 AM, Blunier, Mark wrote:

[...]
LM> It is about MS EULA that says that they can make any changes that
LM> they want to your computer. Some people here want to
LM> believe that MS will only do things in the consumers interest, and that
LM> MS will never create a problem propagating 'updates'. We
LM> are trying to point out that we don't believe this to be the case. We
LM> are also trying to point out that if the MS is only going to
LM> provide these updates when the update feature is selected, the EULA
LM> should state that the users are only going to give up these
LM> rights when the update feature is activated.

By Curt Wuollet on 24 September, 2002 - 4:20 pm

Perhaps abuse of a monopoly so pervasive that nothing is out of bounds. No abuse of privacy or security, no matter how odious, no abrigation of rights or contractual demand so one sided that any will risk exclusion or financial ruin. This
and past EULAs read like an unconditional surrender, not an agreement between "partners". And even when the momopoly acts in ways that directly and negatively impact business, there
is nothing that can be done except accept and make the best of it or even apologize for them. Doesn't this strike anyone as a little bit strange in a free country?

Regards

cww

By Mark Blunier on 21 September, 2002 - 4:23 pm

> As you are well aware, the EULA is an agreement between the=20
> MS and you,
> in which MS reserves the rights to update your machine with the latest
> and greatest fix. It DOES NOT state that you must let them push these
> fixes onto your machine.
>
> Turn off automatic update and these statements in the EULA are a moot
> point.

What makes you so sure? Have you seen the code? How do you know that shutting off the automatic update will prevent you from getting updates. They could have other back doors built in that you don't know about. Someone at MS could come up with the idea, that in order to prevent the next internet worm from breaking in to you system, they will use the same exploit to automatically update your system.

> Would you rather MS ignored these issues ??

I would rather that they do the right thing.

Mark Blunier
Any opinions expressed in this message are not necessarily those of the company.

By Donald Pittendrigh on 21 September, 2002 - 4:36 pm

HI All

Ummmm.... a thought crossed my mind..... what updates and what service packs, doesn't the new deal with corporate licencing and service agreements for microsoft software say no updates and service packs are going to be available anymore?

DP

By Joe Jansen/ENGR/HQ/KEMET/US on 21 September, 2002 - 4:55 pm

I guess I fail to see the difference. If MS reserves the right to update your machine, and you agree to the EULA, how can you say later that they cannot? Even if you turn off "Windows Update", how can you be sure that there is no other channel that they can send updates through? Of course, this would only be done "for your own good", and you did "agree that they had the right" to update your machine. Whether it comes through media
player or internet explorer instead of windows update is really the moot point, IMHO. You agreed that they could do it when you turned on the software (Windows). You thus give up your right to tell them "no".

Am I missing something? If I am wrong, and it is possible to let them reserve the right to do it, while you still retain the right to ultimately stop them, please explain it. I would really prefer to be proven wrong on
this point, actually.

--Joe Jansen

By Michael Griffin on 7 October, 2002 - 12:00 pm

I was doing some more internet research into this subject, and found the following information which I thought some people may find useful.

A) In some parts of the world for a while Microsoft Office 2000 has had a similar system to WPA for a while. Microsoft stated that 2 percent of activation requests for this product were re-authorisations due to hardware changes or other similar causes rather than due to new installations.
This is rather higher rate than I had expected, especially as this would have been comparatively new software in the relevant time period. If the figures for Windows XP are similar, then re-authorisation of software which
uses a WPA-like system is a problem which can't be ignored and must be dealt with as part of the system design of the project (i.e. troubleshooting and repair documentation).

B) A further point which I discovered is that 24 hour service for telephone re-authorisation is not available everywhere. In other words, if repair and recovery of your system depends upon re-authorisation being available then this may not be possible. You will need to investigate what hours are available in the location where the system is being installed. In some areas only "extended business hours" are supported.

C) Toll free telephone numbers to call for re-authorisation are not available everywhere. It may be necessary to ensure that nightshift or weekend employees are provided with authority to make long distance phone calls (in many plants this is not the case). Windows will run for up to 3 days without re-authorising, but this is not long enough to cover a long weekend or holiday period.

D) I understand that for re-activation requests require telephone contact where you must give a name, address, phone number, and E-mail address. If this is the case, the end user may have to put policies and procedures in place on how to deal with this, as their employees may (quite understandably) object to giving out their *own* name. In other words, there would need to be
a written procedure with appropriate standardised contact information.

E) Microsoft will support WPA activation for the designated life cycle of Windows XP. They have no definite plans at this point for what they will do after the official end of life. They *might* release an update which turns the activation system off, but there has been no definite decision on this. In other words, you may have to have a plan in place for how to deal with this situation either way.

F) Keithley had the following information on their web site, which I found interesting. As part of a customer survey they asked people what operating systems they use or intend to use with test and measurement sytems.

The information below is tabulated as
Column 1 - Operating system
Column 2 - Systems which are currently in use
Column 3 - Systems to be used in the next 12 months


Windows NT/2000 57% 55%
Windows 98 45% 26%
Windows 95 24% 13%
DOS 31% 16%
Unix 14% 14%
Windows XP 12% 21%
Linux 7% 14%
Mac 7% 5%
Other 5% 4%


The columns don't individually add up to 100%, because the same respondent may of course use several different operating systems.

************************
Michael Griffin
London, Ont. Canada
************************

By Curt Wuollet on 10 October, 2002 - 4:26 pm

Hi Michael

That really is interesting,(Kiethley's figures) especially since none of the T&M/DAQ vendors really support the use of anything but late edition Windows. DOS libraries are usually considered legacy. It would be most interesting to have data for NI, (who once told me my warranty would be void if I used their board with Linux) and some of the clone builders also. Linux has always been popular with the scientific and engineering community. I tend towards the clone builders. They don't support Linux either, but at least I'm not paying a premium for non-support :^) I would hope the vendors take heed. Imagine what these figures would look like if they actually supported an alternative or two. NI is ahead of the game as they actually have a version of LabView for Linux. They try very hard to discourage you from using it. Part of the reason I'm looking for a job.

Regards

cww

By Michael Griffin on 16 October, 2002 - 2:31 pm

On October 10, 2002 12:25 pm, Curt Wuollet wrote:
<clip>
> That really is interesting,(Kiethley's figures) especially since
> none of the T&M/DAQ vendors really support the use of anything but late
> edition Windows. DOS libraries are usually considered legacy. It would
> be most interesting to have data for NI, (who once told me my warranty
> would be void if I used their board with Linux) and some of the clone
> builders also. Linux has always been popular with the scientific and
> engineering community. I tend towards the clone
> builders. They don't support Linux either, but at least I'm not
> paying a premium for non-support :^) I would hope the vendors take heed.
> Imagine what these figures would look like if they actually
> supported an alternative or two. NI is ahead of the game as they
> actually have a version of LabView for Linux.
<clip>

National Instruments supports VXI for Linux, they have a GPIB driver in beta, and may offer NIDAQ for Linux in future. They have a number of web pages discussing Linux issues with their hardware. As you mentioned, they have a Linux version of Labview - which is their flagship product. I think they aren't pushing this heavily because they don't have enough
driver support at this time. At present they are pointing people to the open source Comedi Linux drivers. The following is a quote from an NI web page concerning their DAQ boards:

"National Instruments currently does not offer any Data Acquisition (DAQ) support for Linux, although a driver may become available in the future. However, an open-source driver is available that offers approximately 90% of the functionality of our NI-DAQ driver. This collection of drivers, Comedi, currently supports E-Series devices only. Refer to the Comedi Driver page (linked below) for more information."

What is interesting is that Comedi supports a wide variety of hardware, rather than just that from one company. One of the things I never really liked about traditional DAQ libraries was that every board maker had their
own unique API. The little I have read about Comedi seems to indicate a common API for common functions across various manufacturers.

The open source bit sounds attractive as well. There has been a number of times on previous projects where this would have come in very handy as the manufacturer's documentation was often ambiguous or misleading. I've also
spent many days worth of effort trying to characterise bugs sufficiently well to describe them accurately to the manufacturer. It is difficult to construct test programs for a black box.
I have long since lost any illusions about even the most reputable manufacturer having bug free libraries. I won't rely on a function from anywhere which I have not thoroughly tested myself under conditions which I expect to encounter in my application.


************************
Michael Griffin
London, Ont. Canada
************************

By George Robertson on 19 October, 2002 - 4:44 pm

I'm out here at the Permian Basin Oil Show, and all the SCADA/MMI vendors I'm talking too are touting their upcoming XP releases. So, whether we like it or not, here comes that screamin' sound again!

George G. Robertson, P.E.
Manager of Engineering
Saulsbury E & C
grobertson@si-tx.com
(915) 366-4252

By Michael Griffin on 22 October, 2002 - 4:17 pm

Their XP releases are just fixes to their software to deal with compatability problems with Windows XP. The vendors had to come out with them
in order to support the existing product line. These aren't really new products in themselves.

Something that should be kept in mind is that the problems we have been discussing are problems for the *customers*, not problems that the vendors have had to deal with themselves yet. If Windows doesn't work, why would the vendors care? Their direct competitors would have the same problem, and you're still buying the product in the end.
Of course, if the end customer has any sense, he will write his project spec to dump the problem back in the lap of any integrator quoting on a new project, so I guess this could more realistically be considered a problem for
integrators. As far as the end customer is concerned, the integrator is being paid to have the software and computer expertise, so they ought to be dealing with these problems as part of a proper system design. I suppose challenges
like this are why it is such fun to be an integrator.

There has been a good deal of discussion on this subject. I've been a bit disappointed though that all the solutions proposed so far using Windows XP seem to have been either impractical or illegal.

WIth regards to that last point, I would like to remind people that finding a satisfactory *technical* solution isn't good enough. It also necessary to be absolutely sure that what you are doing is *legal* under Microsoft's new licensing terms. What you want or what you need or what you may have thought you could do in the past is irellevant. Microsoft is getting very picky about
following their new terms exactly to the letter, and they are picking on small companies to make examples of them. You really don't want to be one of those examples.

************************
Michael Griffin
London, Ont. Canada
************************

By Curt Wuollet on 25 October, 2002 - 4:38 pm

Hi All

Busy again, but another very interesting article on the subject.
"http://cin.earthweb.com/article/1,3555,10493_1485861,00.html":http://cin.earthweb.com/article/1,3555,10493_1485861,00.html

It's interesting that businesses that have a slew of lawyers and live in the land of fine print, seem to read this the same way.

Regards

cww

Thanks for the link Curt.... but why on earth would any financial institution have a server connected to the internet with Automatic
Update turned on? Or for that matter, have any port left open? Or not have a HUGE firewall ??

This man obviously knows very little about computing. I'd suggest everyone in his establishment grab their money and run !!

The man is an idiot.

Mark

Mark Hill:
> Thanks for the link Curt.... but why on earth would any financial
> institution have a server connected to the internet with Automatic
> Update turned on?

In the case of a financial institution, it's at least as much about the paperwork as it is about what actually happens. If the fine print says
MS is allowed to do this, it's a problem in and of itself, regardless of whether or not it actually does.

I suspect it'll be a similar problem for anything the FDA has to OK.

(Once again, this isn't about Automatic Update but about the EULA.)

> The man is an idiot.

Or else he knows something about covert channels: if there's an MS box on one end, and MS on the other, it's non-trivial to actually stop them
from communicating. Military-grade covert channel analysis used to be allowed to leave holes up to 100 bit/s - a very slow modem - and few if any firewalls are up to that standard.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Curt Wuollet on 31 October, 2002 - 9:58 am

Well, they do provide internet services these days. And that brings us back to the matter of whether it matters if you turn it on or not. And I consider MS sending data from your computer to be even worse. No matter what it relates to, their assertion that they have this right makes it an insecure system, period. But, I wouldn't be using Windows for anything important anyway. Resolving the conflict wouldn't be a problem.
Actually, my interest in this is how anyone in a position of data stewardship can possibly justify or even tolerate this. It's like leaving the vault unlocked.

Regards

cww

By Chiron Consulting on 28 October, 2002 - 4:13 pm

> http://cin.earthweb.com/article/1,3555,10493_1485861,00.html <

My favorite bits of this article are:

"And Warby [pro-Microsoft CIO of Seattle Metropolitan Credit Union] says Microsoft has told him that it plans eventually to eliminate
users' ability to disable Microsoft's access to their systems."

"Microsoft had no comment on this issue..."

By Curt Wuollet on 20 October, 2002 - 4:53 pm

I quite agree on COMEDI. It's the kind of solution you get when _users_ solve a problem. The NI support issue, I am willing to write off as a local (MPLS) office thing. Still, it's quite discouraging to overcome all the opposition and "sell" a NI on Linux approach, only to be blown out of the water by the vendor's own Windows bigots. With the playing field as slanted as it is, this is sure death for a Linux proposal. It's not likely that I'll recommend LabView anytime soon. It's a pity, from all accounts I've heard it works well and doesn't crash. This is how you launch and scuttle a product in one fell swoop. Generally, folks who want the Linux product, don't want to fall back to Windows.

COMEDI is a really great concept that deserves more visibility than it's gotten. It's a framework where you describe a card and it builds the driver, sorta. Can you imagine how useful this would be for laying seige to the Tower of Babel? Too bad there's so much secrecy on card interfaces. But, a similar approach should be possible for SST cards, for example.

Regards

cww
--
Free Tools!
Machine Automation Tools (LinuxPLC) Free, Truly Open & Publicly Owned
Industrial Automation Software For Linux. mat.sourceforge.net.
Day Job: None, are you interested?
Consultancy: Wide Open Technologies: Moving Business & Automation to Linux.

By Michael Griffin on 25 October, 2002 - 5:03 pm

On October 20, 2002 03:33 pm, Curt Wuollet wrote:
<clip>
> It's not likely that I'll recommend LabView
> anytime soon. It's a pity, from all accounts I've heard
> it works well and doesn't crash. This is how you launch
> and scuttle a product in one fell swoop. Generally, folks
> who want the Linux product, don't want to fall back to
> Windows.
<clip>

I've looked at Labview in the past for production test systems, but each time it wouldn't *quite* do what we wanted. Sometimes we might have been able to make it work, but we couldn't be sure and could afford to sink the man
hours into an approach that might not work out. Labview and other similar products are good when the model they are based on fit what you want to do. They are particularly good when it is more important to get a program working quickly than it is to have one that fits your needs exactly.
However, if you find yourself going to great lengths to work around their limitations when designing a production test system, then you are probably further ahead just writing the program in 'C' or Pascal to begin with.
What you really need when you are writing software for custom production test systems is libraries for the user interface (including graphing), math and signal processing libraries, and routines for logging test results.

I really have to question though whether there is any commercial market yet for specialised third party software libraries or development systems of these types for Linux. It's pretty tough to sell something to people who
believe that software is supposed to be free. You have to sell it to people who are willing to pay money for software and are fed up enough with Windows to take the plunge. I think it will be a couple of years before that market is big enough to be profitable.

The people that I know of in the IT business who are using Linux commercially are using it for web based applications systems. They've no room for sentimentality when it comes to software, and Linux/Apache/MySQL/PHP puts
bread on the table. There are no big software companies making big money and big headlines, just a lot of small consultants making enough to pay for mortgages and mini-vans.

I think this is what it is going to take for Linux to be successful in test equipment. It needs a generally accepted collection of software which can be counted on to get the job done, and a pool of professional consultants who know how to use it. Measuring success in the Linux based market by sales of shrink wrapped software is a red herring. Linux and the software that goes
with it is currently more a tool for professional consultants and integrators than a consumer item.
Of course, if you're not a professional consultant or integrator, you shouldn't be building non-trivial test systems anyway, so this still covers a lot of ground.

************************
Michael Griffin
London, Ont. Canada
************************

Michael Griffin:
> B) A further point which I discovered is that 24 hour service for
> telephone re-authorisation is not available everywhere.
...
> In some areas only "extended business hours" are supported.

> C)
...
> Windows will run for up to 3 days without re-authorising, but this is
> not long enough to cover a long weekend or holiday period.

How does this go with point B - do the "extended business hours" ever have a gap of 3 days or more? Are there times and places where continued
availability of XP simply cannot be guaranteed, because re-authorisation is not available often enough?

> E) Microsoft will support WPA activation for the designated life cycle
> of Windows XP. They have no definite plans at this point for what they
> will do after the official end of life.

Hehe. Sorry, but the idea of deploying a product which may stop working five years after initial availability is so bad it's funny.

> F)
...
> The information below is tabulated as
> Column 1 - Operating system
> Column 2 - Systems which are currently in use
> Column 3 - Systems to be used in the next 12 months


> Windows NT/2000 57% 55%
> Windows 98 45% 26%
> Windows 95 24% 13%
> DOS 31% 16%
> Unix 14% 14%
> Windows XP 12% 21%
> Linux 7% 14%
> Mac 7% 5%
> Other 5% 4%

Cool, Linux has the highest "growth" (close second is WinXP, a new product).

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Curt Wuollet on 17 October, 2002 - 12:27 pm

It is really interesting if you think the thing through
to it's final conclusions. You _will_ upgrade when they
want you to and you _will_ agree to ever more one sided
EULAs and you _will_ be restricted to seeing what they
want you to see and hearing what they want you to hear.
And if you try to break that, they _will_ fix it for you.
Of course, you can keep your old stuff, it just won't work.

What a blessing for the average user who needs a little
guidance. He won't have to control anything. And people
think _I'm_ mad.

Where do I sign up?

Regards

cww

By Michael Griffin on 19 October, 2002 - 12:10 pm

On October 11, 2002 10:58 am, Jiri Baum wrote:

(My original commenst are in double quote indicators "> >". Mr. Baum's
replies use single ">" characters.)

<clip>
> > Windows will run for up to 3 days without re-authorising, but this is
> > not long enough to cover a long weekend or holiday period.
>
> How does this go with point B - do the "extended business hours" ever
> have a gap of 3 days or more? Are there times and places where continued
> availability of XP simply cannot be guaranteed, because re-authorisation
> is not available often enough?
<clip>
I have not found anywhere on Microsoft's web site where they promise that the re-authorisation system will be available at all times in all places. "Extended business hours" does not appear to be defined anywhere. No doubt,
Microsoft reserves the right to define these hours according to local circumstances, and to change these from time to time without notice.

In the automation business, it would appear to be up to the automation system designer to resolve this problem in a manner which is acceptable to their customer. No doubt anyone using WIndows XP as the OS for the system they are designing will need to research this question for each contract they undertake, and presumably cross their fingers and hope nothing changes during the warranty period. They will certainly need to have some plan in place for when the customer calls up on the weekend to complain that Windows is broken and they can't fix it.


> > E) Microsoft will support WPA activation for the designated life cycle
> > of Windows XP. They have no definite plans at this point for what they
> > will do after the official end of life.
>
> Hehe. Sorry, but the idea of deploying a product which may stop working
> five years after initial availability is so bad it's funny.
<clip>
In this point and the one above, you need to keep in mind what Windows XP was designed for. It was intended for supporting applications which do word processing and video games. It was not intended for systems which require continuous availability for extended periods of time. Microsoft is designing a product for what they see as their major markets. If this doesn't coincide with what a substantial portion of the automation market needs, then that certainly isn't Microsoft's problem.

> > The information below is tabulated as
> > Column 1 - Operating system
> > Column 2 - Systems which are currently in use
> > Column 3 - Systems to be used in the next 12 months
> >
> > Windows NT/2000 57% 55%
> > Windows 98 45% 26%
> > Windows 95 24% 13%
> > DOS 31% 16%
> > Unix 14% 14%
> > Windows XP 12% 21%
> > Linux 7% 14%
> > Mac 7% 5%
> > Other 5% 4%

> Cool, Linux has the highest ``growth'' (close second is WinXP, a new
> product).
<clip>

These are Keithley's numbers - a company which doesn't appear to have any major Linux products of their own to plug. I was surprised that the Linux numbers are as high as they are, considering that so many people on this list
were saying that no one is using it. *Someone*, or rather a lot of someones appear to be using it for test equipment.

What is also interesting is that WIndows XP seems to be eating into the WIndows 95/98 share, but not the Windows NT/2000 share (at least that is how I would interpret it). In other words, if Windows XP is a substitute for
Windows NT/2000 in new applications, then why isn't this reflected in a survey of customer buying intentions?


************************
Michael Griffin
London, Ont. Canada
************************

By Marc Sinclair on 7 October, 2002 - 4:18 pm

I am surprised by some of the reaction to this thread, a large proportion of the list, as far as I can tell, are working in the automation field as systems integrators, like me they choose
components from various manufacturers and build a working system, our skill lies in understanding the components and making them work together within our systems. Windows, in whatever flavour should be evaluated like any other component,
Yes windows XP is probably ten times more reliable that 98SE, but is that enough? - I have plc programs that have not stopped once in 16 years! - anyone who trusts their industrial process to a windows machine is daft. It is
a very nice home pc and entertainment os. :-P

The more important point, and the one which lies at the heart of this thread, is one of freedom, anyone who has tried to buy a PC without windows on in will understand exactly what I mean.

Our industry grows and innovates because we stand on the shoulders of others, microsofts' reliance on law and copyright, stifle this. That I think is what is upsetting most people and leads to the hyperbole , It has driven me to use linux, and should encourage others to do so.

Marc Sinclair

By Seib, Larry on 16 October, 2002 - 4:29 pm

My wife purchase a laptop from Gateway with some
version of windows XP.

The literature stated she had 30 days to activate the software. Since my home does not have an internet connection and since my office is on twisted pair, I was unsure how to activate the thing.

Any way it was her problem. I asked her about it several days after the 30 days was up and she said she just clicked no to the activation, and the operating system is still going.

Are there different version of XP that have different time limits? This thread has stated that windows would freeze if not activated, why hasn't that happened?

Thanks in advance

Larry

By Michael Griffin on 21 October, 2002 - 12:36 am

I am not a Windows XP expert, and I don't know exactly what you have on your computer, but I can tell you the following. There are three basic versions of Windows XP:
1) The "corporate" version. This does not have Windows activation. The copy is licensed directly to a specific customer who is only allowed to install it on a set number of computers which will remain in their possesion. I.e. you can't then sell the computer to someone else as part of a system. This is typically the version which very large customers will use, although there is a version which goes down as small as 5 licenses.
2) The "retail" version. This has the WPA (Windows Product Activation) feature. This what you would typically buy from a retailer if you only want one computer at a time.
3) The "OEM" version. This is essentially the same as the "retail" version, but it allows an OEM (possibly a company like Gateway) to conveniently "pre-activate" it on their assembly line. When it arrives at the customer, it
is already activated. There are supposedly manufacturing advantages to the OEM, but is is also supposedly more sensitive to hardware changes than the regular "retail" version so it can cause repair problems. Like the "retail"
version, you have to "re-activate" it if you make changes to the computer hardware.

In addition to the above, there are a number of "pirate" versions in which the WPA has been cracked or removed in some fashion (or was never present). Defeating the WPA does not appear to have been a significant problem for anyone who seriously wanted to pirate the software. The pirate versions supposedly outnumber the legitimate versions in some parts of the world.

It is quite possible that your computer has the "OEM" version, and it came "pre-activated". What you may have seen was a request for "registration", rather than "activation". Microsoft obscures the difference between these two, but essentially, "activation" is mandatory, but "registration" is optional.

"Registration" is just providing information for Microsoft's marketting department. Microsoft tries to confuse people (quite successfully I hear) about the difference between activation and registration in order to get them to register the product.

If you need any more information than the above, I suggest you talk to someone who knows more about Windows XP than I do.

--

************************
Michael Griffin
London, Ont. Canada
************************

For those of you who don't trust MS's explanation of WPA, I suggest you visit a German company called "Fully Licensed" and see what they say.
They've devoted a TON of effort towards figuring out exactly how WPA works.

Go here for a summary of their efforts ....
"http://www.licenturion.com/xp/wpa-eng.txt":http://www.licenturion.com/xp/wpa-eng.txt

Or go here for a technical discussion on exactly what they found.......
"http://www.licenturion.com/xp/fully-licensed-wpa.txt":http://www.licenturion.com/xp/fully-licensed-wpa.txt

Mark Hill

Want to read what Deloitte and Touche think about WPA ??

Go here .....
"http://www.microsoft.com/piracy/basics/activation/microsoft_opinion_report_english.pdf":http://www.microsoft.com/piracy/basics/activation/microsoft_opinion_report_english.pdf

But then again ... maybe they're involved in this conspiracy theory too !!

Mark Hill

By Joe Jansen/ENGR/HQ/KEMET/US on 28 October, 2002 - 10:55 am

I can believe what they say, and still not agree with your conclusion. Call me paranoid, but every reference to data being sent in that article
refers to data sent during and for the purpose of product activation. It does not in any way address data that can or is sent after the product has been activated. Data streams from Media Player are not conspiracy theory, they are fact. IIRC, MS has acknowledged that some data is collected and sent to MS via media player 9. Note that this does not discount what the
accountants state to be true at all.

I realize that this sounds picky and paranoid, but keep in mind how MS manipulated the 1995 consent decree to their advantage. That is simpy how they operate.

Same thing for the post you put up earlier to lecenturion. Hooray for them, but they state very openly that they were referring to early
versions of WPA. The EULA bundled with SP1 modifies the initial terms of the Win XP EULA. They are silent on the effect of this.

I think you are missing the 2 state nature of this thread. One side of this thread states that XP is not appropriate for industrial automation
because the activation is required to make it work, and weekend hardware fixes in some areas of the world will cause the system to be unusabe again until normal business hours. All references to WPA are of this nature. Again, not much anyone can say about it, because the nature of WPA makes it an added risk if you trigger the "hardware change" reactivation code.

The second portion of this thread involves what MS can push down to your machine with/without your consent, based on what is written in the new
EULA with SP1 for XP, and SP3 for Windows 2000. Those EULAs state that MS may send security updates to your computer when they want to, without consulting with you first. May is interpreted as it is in the sentence "Mother may I?", as opposed to "They may or may not". Only they are specifically stating that they have permission if you install the service pack. Although nobody can document whether this has happened yet, their exploitation of the 1995 consent decree definitely raises at least a
shadow of doubt as to their methods and motives. Make no mistake, DRM is where they are pushing this to. Security updates are DRM security, not
anti-virus security.

To summarize: Although I make no objection to the arguments and documentation that you provide, I don't feel that they directly address the issues that have been raised.

--Joe Jansen

By Bob Peterson on 28 October, 2002 - 11:03 am

Why would a report from their own auditors have any bearing? You can get a report written on just about anything and it will say whatever you want it to say.

Bob Peterson

By Vladimir E. Zyubin on 29 October, 2002 - 4:21 pm

It is just an opinion... that somebody trys to represent as a part of the EULA. "I am not a lawyer", but an irresponsible third-part opinion has no sense in the suits against MS.

And again: please don't try to reduce the question of safety and productive efficiency to a question of ill-founded suspicions.

--
Best regards.
= Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

Mark Hill:
> For those of you who don't trust MS's explanation of WPA, I suggest
> you visit a German company called "Fully Licensed" and see what they
> say.

We don't have a problem with MS's explanation of WPA. What we do have a problem with are the following two:

- 1 - The continued availability of WPA keys at all times, at the point
of installation, for the foreseeable future. Particularly the last
was a concern given Microsoft's four-year product support cycles.

As of 15th of October 2002, MS has changed this to seven to eight
years, which is a significant improvement, but still relatively
short as far as automation is concerned.

(Note that some of this support must be purchased within a 3-month
window at the end of five years.)

- 2 - The licence term that "upgrades or fixes ... will be automatically
downloaded to your Workstation Computer". Stated as it is with no
further qualification, it is not acceptable in situations where
consistency of performance is an issue.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Peter Whalley on 1 November, 2002 - 12:14 am

Hi All,

For those who wish to or are "forced" to use Windows XP for critical industrial applications the practical solutions (consider them draft guidelines on using XP in industrial applications) would seem to be:

1. WPA keys: Use an OEM version of XP rather than a retail version. OEM versions are available which are activated by the presence of the correct manufacturer ID in the motherboard BIOS and hence do not need to communicate with Microsoft to be activated and which do not depend on any
other hardware components. Site licenses may also be an option depending on the enduser. You may have to buy a name brand PC to get this but if the application's critical so be it. The extra cost for the hardware may well be compensated by the low cost of the bundled copy of XP relative to the cost of the retail version.

2. Updates: either:

a) don't connect to the Internet and install upgrades if and when you need them from a CD which you can purchase from Microsoft. Test the upgrades on an off line PC with your other applications before installing on the live PC or swapping the live PC for the upgraded PC.

b) if you must connect to the Internet, disable LiveUpdate and connect via a gateway/firewall. Configure the gateway to block access to any Microsoft sites as well as blocking all sorts of other potential nasties like ActiveX controls etc. Unless you really know what you are doing or if your application is particulalry critical, get a security expert to configure the gateway. Update the PC using a CD as per a) above.

3. Don't use XP for critical real time control applications unless you really know what you are doing. It's not designed for this.

4. If you're worried about possible breaches of the XP EULA in doing any of the above seek legal advice. If you don't know why I say this then go back and read the previous posts on this topic.

Any other suggestions which could be added to this list?

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

By Ranjan Acharya on 3 November, 2002 - 11:24 pm

Good start, I would add:

5) Replace the EXPLORER.EXE desktop with a third-party one that locks it down (make it look as least like the system they are using at home).

6) Consider anti-virus software if your machine has to have an active CD / Floppy / other drive - alternatively, disable CD, floppy et cetera as soon as the machine is plugged in.

7) Keep all industrial systems in an intranet dedicated to your particular area e.g., product A intranet (receiving, batching, processing, packaging, shipping - all linked by SCADA and then via some sort of secure link at one point to ERP, MES, OEE and so on). At all costs, keep it off the corporate network - get ready to slug it out with the IT folks.

8) Implement things like SANS Windows NT / 2000 / XP Security Guidelines and pay attention to things like "Common Criteria Security Configuration" (XP does not have this "window dressing" yet, 2000 just got it as long as you follow the rules).

9) Consider not using Windows at all :). Sounds silly but I rarely find an end user who is not aching for a viable alternative driven by a major OEM.

10) Don't use IIS. Tough one not to use if your control system OEM is tied up with M$.

RA

Ranjan Acharya:
> 5) Replace the EXPLORER.EXE desktop with a third-party one that locks
> it down (make it look as least like the system they are using at
> home).
...
> 7) Keep all industrial systems in an intranet dedicated to your
> particular area e.g., product A intranet (receiving, batching,
> processing, packaging, shipping - all linked by SCADA and then via
> some sort of secure link at one point to ERP, MES, OEE and so on). At
> all costs, keep it off the corporate network - get ready to slug it
> out with the IT folks.

> 8) Implement things like SANS Windows NT / 2000 / XP Security
> Guidelines and pay attention to things like "Common Criteria Security
> Configuration" (XP does not have this "window dressing" yet, 2000 just
> got it as long as you follow the rules).

Cool, this should make things like (7), (2) etc easier - CAPP assumes that the entire network is operating under the one set of security
constraints under the one management. Assuming you can push it through, of course, but being an official document from Microsoft should help.

Of course, getting a competent sysadmin assigned won't be trivial, because of the cost, even if it does say so...

> 9) Consider not using Windows at all :). Sounds silly but I rarely
> find an end user who is not aching for a viable alternative driven by
> a major OEM.

And if you're going to do (5), then it doesn't make much difference after that, does it...

> 10) Don't use IIS. Tough one not to use if your control system OEM is
> tied up with M$.

> On October 31, 2002, Peter Whalley wrote:
...
> > 2. Updates: either:

> > a) don't connect to the Internet and install upgrades if and when
> > you need them from a CD which you can purchase from Microsoft. Test
> > the upgrades on an off line PC with your other applications before
> > installing on the live PC or swapping the live PC for the upgraded
> > PC.

> > b) if you must connect to the Internet, disable LiveUpdate and
> > connect via a gateway/firewall. Configure the gateway to block
> > access to any Microsoft sites as well as blocking all sorts of other
> > potential nasties like ActiveX controls etc. Unless you really know
> > what you are doing or if your application is particulalry critical,
> > get a security expert to configure the gateway. Update the PC using
> > a CD as per a) above.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Peter Whalley on 7 November, 2002 - 4:04 pm

Thanks Ranjan,

Any suggestions on item 5. I haven't looked at these types of products.

Re item 9, Windows XP would not be my first choice either. I think Win2000 has fewer issues to contend with and is better understood, more mature and probably more secure. This list was for those that have to use XP (or really want to).

Regards

Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

Peter/Ranjan;

I'm not exactly sure what you mean by replacing Explorer with a third party product that locks it down and appears like the system they're using at home.

You can place the Windows XP Explorer interface into a "classic mode" and it'll look EXACTLY like Win2K. And, with policies, you can lock down anything you'd like.
You can prevent any user from seeing, accessing or damaging anything you'd like.

Mark

Mark Hill:
> I'm not exactly sure what you mean by replacing Explorer with a third
> party product that locks it down and appears like the system they're
> using at home.

That'd be getting rid of Explorer altogether and replacing it with something that looks vaguely like Explorer, but only lets the operators do what they're supposed to (like, run the machine).

> And, with policies, you can lock down anything you'd like. You can
> prevent any user from seeing, accessing or damaging anything you'd
> like.

Can you lock it down so that (for instance) the user can't drag the start bar to the side of the screen? Once they do that, and it's possible to do it accidentally, (a) it will look different from the training, and (b) it may obscure some controls.

For that matter, can you set it to ignore clicking on the clock? Tooltips on the clock? Ctrl-Alt-Del? (Yes I know it's the trusted path.)

Access policies for files and the like are one thing; lock-down is quite another.

Jiri -- Jiri Baum <jiri(AT)baum.com.au> http://www.csse.monash.edu.au/~jirib MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Peter Whalley on 13 November, 2002 - 4:35 pm

Hi All,
Did a bit of digging myself. It's a bit old but the Windows 95 Web Kiosk How-To at "www.kiasma.fi/~ooland/win95/":http://www.kiasma.fi/~ooland/win95/ does provide some suggestions
which may work.

One possibility is to replace the standard explorer.exe desktop with iexplore.exe or even possibly netscape.exe which forces the screen into a web browser rather than a conventional desktop. This appears to be possible in all versions of Windows. See "www.codeguru.com/mfc/comments/29090.shtml":http://www.codeguru.com/mfc/comments/29090.shtml .

Another alternative was to replace explore.exe with litestep.exe but litestep has been withdrawn pending release of a reworked version so this
may not be an option at present.

It is/was also possible to lock down the screen using Microsoft TweakUI 1.1 utility for Win95. This has been discussed on the list some time ago and from memory TweakUI is either not avialable or requires a different version for later versions of Windows.

SecureDesk! ("www.cursorarts.com/ca_sd.html":http://www.cursorarts.com/ca_sd.html ) seems to be another possiblity.

Anyone used any of these approaches and like to comment.

Regards
Peter Whalley
Magenta Communications Pty Ltd
Melbourne, VIC, Australia
e-mail: peter*no-spam*@magentacomm.com.au
delete *no-spam* before sending

Jiri;

If you're user is only supposed to 'run the machine' why on earth is he poking around inside the files with Explorer? FYI, the policy editor allows the admin to make 35 changes to Explorer, most of which will stop the user from causing damage to anything.

In the policy editor can also be used to lock down any part of the GUI, including the ability to resize or move the taskbar.

Have you actually looked at the policy editor in XP? If you had, you probably wouldn't be making so many comments that are obviously incorrect.

Mark Hill

By Michael Griffin on 19 November, 2002 - 7:06 pm

On November 14, 2002 10:45 pm, Mark Hill wrote: <clip>
> If you're user is only supposed to 'run the machine' why on earth is he
> poking around inside the files with Explorer? FYI, the policy editor
> allows the admin to make 35 changes to Explorer, most of which will stop
> the user from causing damage to anything.
>
> In the policy editor can also be used to lock down any part of the GUI,
> including the ability to resize or move the taskbar.
<clip>

There's 35 things we have to know about Windows security to prevent people from damaging anything? Most people would be hard pressed to name 35 things of any kind they know about Windows. A lot of people want to use Windows because they figure they won't have to know anything about computers that way.

A great disservice has been done to the industry by people who have been disseminating the falacies that "Windows is easy", or that "there are lots of people who understand Windows". The fact is that Windows is very complex, and most people know just enough about Windows to be dangerous with it. Very few IT people really know much about Windows other than how to click on menus to set up a typical network, so they're often not much help either.

I think it's reasonable to say that properly configuring any operating system requires more knowledge than can be gained by clicking on icons at your desk all day. In other words, the fact that someone has been using Windows on a daily basis doesn't mean they really know anything significant about it. Any discussion about Windows that begins with the premise that "everyone knows Windows" should be treated with the suspicion it deserves.

************************
Michael Griffin
London, Ont.
Canada
************************

Michael Griffin wrote ....

<snip> Most people would be hard pressed to name 35 things of any kind they know about Windows. A lot of people want to use Windows because they figure they won't have to know anything about computers that way. <snip>

Jeez Michael, you think an XP MCSE doesn't know how to lock down his own system? Are you suggesting that Linux administrators are more capable? more intelligent? better people?

To suggest a great disservice has been created by suggesting Windows is "easy", is a ridiculous statement. You're second statement is correct, Windows is EXTREMELY complex. Anyone who thinks otherwise is an fool. Even my 80 year old mother (who is XP proficient) realizes how complicated Windows really is underneath those pretty images.

You suggest that "Very few IT people really know much about Windows other than how to click on menus to setup a typical network ...." At least they can do it, which is more than what would happen if you handed Linux to them and asked them to perform the same functions.

OK ,,,, let's assume that at midnight tomorrow night, every MS OS and app where to disappear .... think the preponderance of Linux IT pro's and Linux apps could fill the void ?? How long do you think it would take .... without some central Linux organization?

Linux will NEVER become as accepted as Windows. It doesn't have the market clout, visible presence, financial backing, EULA's, NDA's, and a TON of lawyers, necessary to make it a world wide success.

Sorry to bust your bubble, but unless some large unifying force brings the Linux community together, it'll never happen.

Mark Hill
MS Windows eXPert http://www.microsoft.com/windowsxp/expertzone/

By Michael Griffin on 25 November, 2002 - 4:57 pm

On November 23, 2002 02:29 pm, Mark Hill wrote: <clip>
> Michael Griffin wrote ....
> <snip>
> Most people would be hard pressed to name 35 things of any kind they
> know about Windows. A lot of people want to use Windows because they
> figure they won't have to know anything about computers that way.
> <snip>
>
> Jeez Michael, you think an XP MCSE doesn't know how to lock down his own
> system?


How did you derive your question from my statements you quoted? I don't believe I said anything about an "XP MCSE". I believe I said "most people". I believe I also said that a lot of people figure that if they use Windows, they don't have to know anything about their computer. This sort of person would be hard pressed to name 35 things of any sort about Windows, let alone 35 security settings. However, for this sort of person, ignorance is bliss and it doesn't inhibit them from installing systems using Windows in an industrial setting. They just feed the CD-ROMs in when they are asked for them. In what state they may leave those 35 settings is a good question.

> Are you suggesting that Linux administrators are more capable? more
> intelligent? better people?
When I saw this, I went back and read my original message quite carefully. I didn't find any suggestion in it that Linux administrators were better than Windows administrators. Indeed, I didn't find any mention of Linux at all.

> To suggest a great disservice has been created by suggesting Windows is
> "easy", is a ridiculous statement.
> You're second statement is correct, Windows is EXTREMELY complex.
<clip>

I'm pleased to see that you agree that Windows is quite complex. However, I am not really sure why you feel it is unwise to point this out to people.

> OK ,,,, let's assume that at midnight tomorrow night, every MS OS and
> app where to disappear .... think the preponderance of Linux IT pro's
> and Linux apps could fill the void ??
> How long do you think it would take .... without some central Linux
> organization?
<clip>

I trimmed a few paragraphs where you vented your spleen about Linux. I think we get the point. You don't like Linux. I'm not quite sure just how that subject came up though or how it addresses any of the questions that were raised.

However, I will repeat what I think were the salient points of my original message:

1) Most people really know very little about Windows. Clicking on icons to use their e-mail or PLC software all day doesn't provide them with any special knowledge.

2) Many people seem to have the impression that there is really nothing to know in order to set up and configure a Windows operating system. You just click on a few buttons and answer "OK" to any and all questions.

3) Properly configuring any operating system requires more knowledge than what you get from just using it all day. Few people have this knowledge.

I'm not sure quite what it is you disagree with about this. My own conclusion from the above would be that few of the people who are selling their services installing computer systems in industry are capable of doing a proper job on the Windows configuration. My own observations of projects carried out by several companies would seem to bear this out. Asking typical IT people for assistance in these situations is often of little help. Many of the sort of problems you need to solve in the plant are not the sort of problems they have to deal with in the office. They may know a good deal more than the typical person, but they don't necessarily know what it is you happen to need. Someone who knows both Windows *and* how to use it in industrial applications is rather rare. It is worth while hiring or otherwise obtaining this sort of expertise to see the job is done properly. This is no doubt true for any operating system.

************************
Michael Griffin
London, Ont. Canada
************************

Mark Hill:
> OK ,,,, let's assume that at midnight tomorrow night, every MS OS and
> app where to disappear .... think the preponderance of Linux IT pro's
> and Linux apps could fill the void ??
> How long do you think it would take .... without some central Linux
> organization?


Actually, in the event of such wide-spread emergency, the distributed nature would be a benefit. Any central organization faced with such an unprecedented load would collapse, especially under the circumstances (impaired communications systems and the like). The LUGs might survive, at least some of them, hopefully enough to sort things out.

Let's hope we never find out.

I was going to write here that it's quite unlikely, but I can think of at least a couple of scenarios that could have essentially that outcome.

Jiri
--
Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Joe Jansen/ENGR/HQ/KEMET/US on 26 November, 2002 - 4:07 pm

<grin> I love posts like this........

>>>>>>
On November 25, 2002, Mark Hill wrote: Michael Griffin wrote ....

<snip> Most people would be hard pressed to name 35 things of any kind they know about Windows. A lot of people want to use Windows because they figure they won't have to know anything about computers that way. <snip>

Jeez Michael, you think an XP MCSE doesn't know how to lock down his own system? Are you suggesting that Linux administrators are more capable? more intelligent? better people?
<<<<<

Nothing of the sort! Instead, what (I assume, Michael can correct me if I mis-speak) he is suggesting is that an MCSE knows as much about Windows as a RHCE (Red Hat certified enigineer) know about linux. the difference is that many windows networks are "administered" by people who do not even have this level of training. They assume that since windows is "so easy", no training is required.

Plus, I am sure that you will agree that since Linux administration is somewhat more difficult than windows, the people who care for linux systems are by necessity more informed __IN GENERAL__ than the average windows user.

>>>>>
To suggest a great disservice has been created by suggesting Windows is "easy", is a ridiculous statement. You're second statement is correct, Windows is EXTREMELY complex. Anyone who thinks otherwise is an fool. Even my 80 year old mother (who is XP proficient) realizes how complicated Windows really is underneath those pretty images.
<<<<<

And yet it is amazing how many people figure that turning on directory sharing and print sharing, and plugging their cable modem together makes them a network administrator. The sad thing is, that in a sense, it does make them one, insofar as they are now responsible for taking care of their 'network'. The bad thing is that these people have no concept of patches, service packs, upgrades, etc. Windows makes it so easy, and propogates this idea of ease of use to the point of making people complacent. Think of Code Red, nimdA, etc. and tell me again how well every windows admin is taking care of their system.

MS Compounds this problem by rolling stuff up into service packs that historically have been known to break other parts of the system. This has instilled a fear in many organizations of immediately installing the SP's. This creates a no-win situation, which can be avoided in the Open Source world because of the different philosophy of patching. Note that in this situation, the epertise of the end user is irrelevant. Ie: MS gives a SP that you know will break a critical app of yours. You may be the best win admin in the history of time, but that is not going to change the fact that this SP will break you system. If the same level of expertise is present in the Linux admin, he can fix it. If he isn't that skilled with the code, he can still get a modification to the patch (from the patch author) that will work around it. MS has never been responsive to that degree.

>>>>>
You suggest that "Very few IT people really know much about Windows other than how to click on menus to setup a typical network ...." At least they can do it, which is more than what would happen if you handed Linux to them and asked them to perform the same functions.
<<<<<

again, if you take a windows person and stick them in front of Linux, they will be just as effective as someone who has never used windows who tries to set up a windows network.

>>>>>
OK ,,,, let's assume that at midnight tomorrow night, every MS OS and app where to disappear .... think the preponderance of Linux IT pro's and Linux apps could fill the void ?? How long do you think it would take .... without some central Linux organization?
<<<<<

This type of change does not happen that fast. But even if it did (I am trying to come up with a scenario, but am still failing), why not? And who says we cannot have a central Linux org? Red Hat seems to be doing well in that space. The difference tho, is that unlike windows, we can have a central org, and a wide channel of alternatives as well. It is not an either/or situation.

>>>>>
Linux will NEVER become as accepted as Windows. It doesn't have the market clout, visible presence, financial backing, EULA's, NDA's, and a TON of lawyers, necessary to make it a world wide success.
<<<<<

The same was said of AT&T, IBM, Standard Oil, Digital Equipment, etc. Markets change. MS is already starting to crack at the seams with trying to support itself. Licensing 6, the new Office issues, pricing, etc. have all started to erode their user base. Read ZDNet, many orgs are looking to alternatives, and many foreign countries are outright eliminating MS platform from their governmental systems. Ironically, the EULA's, NDA's, and lawyers seem to be hurting their cause, instead of helping. After all, what are you going to do, sue me into using windows? What good are those lawyers going to do for gaining market acceptance? I know of at least one org locally that uses only Linux equipment. No windows whatsoever. When BSA trolls came sniffing around, he was deliberately uncooperative to bait them into doing an audit. When they showed up, he tells me it was a fairly amusing, if altogether brief, experience. I am sure "dumb lawyer tricks" like that are not helping promote the warm, friendly image of MS. I don't anticipate that this run-in with EULA, NDA, and lawyers will cause him to jump up and start installing MS-anything....

>>>>>
Sorry to bust your bubble, but unless some large unifying force brings the Linux community together, it'll never happen.

Mark Hill MS Windows eXPert http://www.microsoft.com/windowsxp/expertzone/
<<<<<

Actually, I think the linux 'bubble' is still fairly intact. Linux may not take over the desktop at 'midnight tomorrow', but the fact that Red Hat has changed it's position of desktop linux is pretty interesting, IMHO. Since RedHat is actually a profitable company (last I checked, anyway) and has maintained the linux was not consumer and desktop ready, many other linux advocates were willing to admit this. Since RH has made the business decision to approach the desktop market with the latest improvements, I think you may start to see the tide begin to change.

Will Windows/Microsoft go away? I seriously doubt it. IBM, AT&T, etc are still around, after all. Will Ms and Windows lose their market dominance and have to compete on a more level playing field again? It seems inevitable.

--Joe Jansen
Just some guy that uses Linux and Windows both.

By Barry Newton on 24 March, 2003 - 2:39 pm

> <grin> I love posts like this........
>
> >>>>>>
Me too!
It should still be about choice.
The main thing with XP is that it does not allow certain PLC software to run.
Dual booting is required etc.
Yes its very nice not to have the blue screen of death anymore..... but isn't the "oh dear this application wont run anymore and will be shut down" message pretty much the same thing?
I personally like to use Linux whenever possible. Yes application s still crash. But they are fixable without shutting down the computer, after you've sent your "report" to MS.I've certainly learnt more doing this. I still have to use Windows at work, which will probably always be.
The next thing that Microsoft will do will be charging for additional "help" with applications. Because they wilfully leave certain things out.
Maybe i'm cynical, just wanted to comment.
Barry Newton

By Curt Wuollet on 27 November, 2002 - 5:39 pm

Hi Mark

> Michael Griffin wrote ....
> <snip>
> Most people would be hard pressed to name 35 things of any kind they
> know about Windows. A lot of people want to use Windows because they
> figure they won't have to know anything about computers that way.
> <snip>
>
> Jeez Michael, you think an XP MCSE doesn't know how to lock down his own
> system?
> Are you suggesting that Linux administrators are more capable? more
> intelligent? better people?
>
> To suggest a great disservice has been created by suggesting Windows is
> "easy", is a ridiculous statement.
> You're second statement is correct, Windows is EXTREMELY complex.
> Anyone who thinks otherwise is an fool. Even my 80 year old mother (who
> is XP proficient) realizes how complicated Windows really is underneath
> those pretty images.
>
> You suggest that "Very few IT people really know much about Windows
> other than how to click on menus to setup a typical network ...."
> At least they can do it, which is more than what would happen if you
> handed Linux to them and asked them to perform the same functions.

You obviously haven't run Linux lately, it's widely held to be more
manageable, from a centralized IS viewpoint. Some folks might have
to crack a book, but I'm sure that wouldn't hurt them. And we'll give
them the book.

> OK ,,,, let's assume that at midnight tomorrow night, every MS OS and
> app where to disappear .... think the preponderance of Linux IT pro's
> and Linux apps could fill the void ??

Yes. No problem. And a complete turnover would rid us of an awful lot
of cruft and baggage.

> How long do you think it would take .... without some central Linux organization?

There would be activity beyond belief and massive capitalization. There would be a competitive fervor such as the world has never seen. Having
one central monopoly is what inhibits this. It wouldn't take very long with wide open opportunity, to fill the void. There is a very, very, long line of people who would gladly compete if they could. Tech stocks would go through the roof. Er, except one. Everyone else would benefit.

> Linux will NEVER become as accepted as Windows.
> It doesn't have the market clout, visible presence, financial backing,
> EULA's, NDA's, and a TON of lawyers, necessary to make it a world wide success.

That is simply hilarious, did you read that after you wrote it? I respectfully submit that the lack of all that crap is _why_ Linux _is_ a success. Folks are getting tired of being clouted, marketed to, coughing up that financial backing, signing their life away with totally one-sided licenses and needing lawyers. Not all of them,
certainly, but a lot of decision makers are in the crowd. If your company switches to Linux, your preference becomes moot.

> Sorry to bust your bubble, but unless some large unifying force brings
> the Linux community together, it'll never happen.

The community is that large force that keeps Linux together. It's been vastly more succesful than any other competitor. It would be foolish to
abandon a working strategy to give MS a convenient target to smash. You might want to check with Redmond if you don't think it's working.

Regards
cww

By Curt Wuollet on 6 November, 2002 - 10:20 am

> Any other suggestions which could be added to this list?<

Yes, Please help me convince the automation vendors to port to Linux and we can avoid all this hassle and solve many other problems as well.

Regards

cww

By Joe Jansen/ENGR/HQ/KEMET/US on 6 November, 2002 - 10:22 am

I've been doing my part. I have convinced one of the Omron app engineers at corp HQ in Schaumburg Illinois that he needs to start running Linux on
his machine. I haven't convinced him to port CXProgrammer yet, but I can probably get him to help sniff out all the unpublished parts of FINS
protocol, if anyone wants to help write an Omron programming package!

<grin>

--Joe Jansen

By Curt Wuollet on 8 November, 2002 - 10:07 am

If everyone reading this simply _asked_ their vendor when they will be able to buy Linux based tools and took serious interest in the answer, we would have have alternatives eventually. If they also indicated the Windows infelicities were unacceptable, it would happen sooner. This whole fiasco could be avoided if people would simply use the power they have as consumers rather than bending over. Once there are viable alternatives, my guess would be that there would be an "industrial" Windows version with the problems removed. They are becoming rather sensitive to OSS competition. It would be a win/win situation. Notice what happened to Wince once there was competition from the embedded Linux folks :^)

Regards

cww

By Alex Pavloff on 10 November, 2002 - 11:55 pm

Curt Wuollet wrote:
> If everyone reading this simply _asked_ their vendor when they
> will be able to buy Linux based tools and took serious interest
> in the answer, we would have have alternatives eventually.

Have you considered the fact that while Windows is a suboptimal control platform, its a decent desktop OS well suited for programming packages and the like? My new project is using Linux. However, I have no plans at this
point to spend the large effort needed to port the programming enviroment to Linux because, well:

1) I have never run into any of my customers that use Linux on their desktops
2) Selling software to the Linux market is a problem because, well, they aren't used to paying for it.

Curt, here's your problem. You sit there, tell everyone that Microsoft and all the stuff they use right now sucks, and tell everyone how you can solve all your automation problems with a 386 running Linux, a tie-wrapped ISA
board, and plenty of elbow grease. Good for you and your customers, but... err... if you can do that err.... you're aren't going to be buying any software or hardware.

The current user base of Linux is highly technically inclined, not afraid of programming, and willing to build rather than buy. Automation vendors like myself aren't going to jump until we have solid indications that people will actually BUY our software if sold for Linux.

> Notice
> what happened to Wince once there was competition from the
> embedded Linux folks :^)

Bull. Windows CE (or whatever they're calling it) was giving priority because they wanted to take the lucrative handheld market away from Palm. Linux has only shipped on, what, one PDA (Sharp Zaurus). People flashing their IPAQs with a mostly-working linux distribution competition does not make.

Alex Pavloff - apavloff@eason.com
Eason Technology -- www.eason.com

By Curt Wuollet on 12 November, 2002 - 3:50 pm

Hi Alex.

Alex Pavloff wrote:
> Have you considered the fact that while Windows is a suboptimal control
> platform, its a decent desktop OS well suited for programming packages
> and the like? My new project is using Linux. However, I have no plans
> at this point to spend the large effort needed to port the programming
> enviroment to Linux because, well:

Yes Alex, this is a most thoughtfully considered position. And Linux is an even better environment for programming packages and quite usable for control. especially with extensions. And because it can be improved by people who want it to be an even better control platform and tailor made for the automation market, inside a year, there would be no comparison. In contrast, it is unlikely Windows will ever go in directions that make it more suitable for our particular needs. Indeed, as far as I can tell, all the changes seem to be in the wrong direction.

> 1) I have never run into any of my customers that use Linux on their
> desktops
And you never will if the monopoly gets their way.

> 2) Selling software to the Linux market is a problem because, well, they
> aren't used to paying for it.

You wouldn't be selling to the Linux market, most of them are singularly unconcerned with automation and controls. You would be selling to the automation market where downtime is expensive and MS licensing and policies are a PITA. Decreased cost couldn't hurt either.

> Curt, here's your problem. You sit there, tell everyone that Microsoft
> and all the stuff they use right now sucks, and tell everyone how you
> can solve all your automation problems with a 386 running Linux, a
> tie-wrapped ISA board, and plenty of elbow grease. Good for you and
> your customers, but... err... if you can do that err.... you're aren't
> going to be buying any software or hardware.

I'm obviously not your target candidate. I make my living solving the problems not addressed with OTS stuff. And I haven't said MS sucks nearly as often as the folks here that use it. I have said that they are a monopoly and have successfully wiped out just about any choice in this market segment. I respectfully submit that I am about restoring choices in a market that would benefit greatly from having some. Given a supported, realistic, alternative, competition would soon solve many, if not most, of the problems we see here. Without that alternative, folks will always have to simply accept whatever misery is visited upon them. Such is the case with monopolies. If you don't like the reliability of your local power company, you can generate your own, but it's not much of a _real_ choice.

> The current user base of Linux is highly technically inclined, not
> afraid of programming, and willing to build rather than buy. Automation
> vendors like myself aren't going to jump until we have solid indications
> that people will actually BUY our software if sold for Linux.

This is the "chicken and the egg" problem. I'm pretty sue you won't see this indication as long as there are no comparable Linux products for them to buy.

>>Notice
>>what happened to Wince once there was competition from the
>>embedded Linux folks :^)
>
> Bull. Windows CE (or whatever they're calling it) was giving priority
> because they wanted to take the lucrative handheld market away from
> Palm. Linux has only shipped on, what, one PDA (Sharp Zaurus). People
> flashing their IPAQs with a mostly-working linux distribution
> competition does not make.

And they are giving it away out of kindness? And showing source? That doesn't sound like it was induced by pressure from their proprietary comtemporaries.

I'm not sure why some folks look at my intent as evil or driven by malice. If you can think of a downside for having choices, I'm all ears. I simply want _all_ of us to be able to do automation and controls work with a more reliable, more flexible and adaptable OS that solves a lot of automation world problems. It's better engineering. People will buy better, more reliable, solutions if they become available.

Regards

cww

Alex Pavloff (in response to Curt):
> Have you considered the fact that while Windows is a suboptimal
> control platform, its a decent desktop OS well suited for programming
> packages and the like? My new project is using Linux. However, I
> have no plans at this point to spend the large effort needed to port
> the programming enviroment to Linux because, well:

> 1) I have never run into any of my customers that use Linux on their
> desktops

That's almost a tautology, though: you're selling a Windows program, so only people who use Windows will become your customers, therefore your customers will be using Windows.

> 2) Selling software to the Linux market is a problem because, well,
> they aren't used to paying for it.

That's not really a fair comment, but there is a true observation behind it; people use Linux for any number of reasons, many of which would be compromised by putting a closed-source program on it.

One of those possible reasons is, as you observe, the price. Others are things like avoiding dependence on a single vendor, access to the source code on reasonable terms, including the right to get someone else to change it, peer review and the resulting reliability, unlimited license `seats' which simplifies license management, and last, and in this case least, philosophical grounds.

You would have to provide truly compelling value to outweigh any of those reasons.

> Curt, here's your problem. You sit there, tell everyone that
> Microsoft and all the stuff they use right now sucks, and tell
> everyone how you can solve all your automation problems with a 386
> running Linux, a tie-wrapped ISA board, and plenty of elbow grease.
> Good for you and your customers, but... err... if you can do that
> err.... you're aren't going to be buying any software or hardware.
I suspect there's enough elbow grease to go around...

(a) Hardware will always be needed. Tie-wrapped ISA boards are OK for once-off things, specials and pilots, but for real applications, real hardware is needed.

(b) For software, it becomes a service. You don't sell software as such, you sell the software doing exactly what the customer wants. The great majority of software development already follows that model anyway, so it's not a big difference.

Jiri -- Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Mark Hutton on 11 November, 2002 - 3:54 pm

The trouble is most of us are suppliers not consumers.

Our customers are more interested in what the sales man and marketing people have to say (and partnership with Microsoft is often touted as a BIG plus point on the marketing front).

Our pull is negligable (though I would still advocate, and do, using whatever pull we do have).

The Linux community still has a WAY to go before they can convince the end-user of any advantages.

I have been a supporter of Linux since SuSe 6.2 and I would have a hard time convincing myself to propose a Linux solution, and certainly not without a commercial product such as Aprol or AutomationX.

I still have SuSe (8.0 know) installed on one of my PCs, but the only apps. I have any success in installing and getting to run are Kylix, JBuilder and StarOffice.

I spent half a day (time that I don't have) trying to set up apache, before giving up and installing and configuring apache 2 on Windows 2000 in fifteen minutes. I say this not in support of Windows (I really wish I could use an alternative) but because Linux applications need further development in ease of use, particularly (but not limited to) the area of installation before they will be useable by the vast majority of computer users.

By Curt Wuollet on 13 November, 2002 - 4:28 pm

Indeed, that's my point. And Alex will probably be glad to hear this. In this specialized market, What the Linux community does or doesn't do, is not going to make the major impact. Our GPL project will appeal to a certain class of folks, but again, these are not end users. The right people for the job are the Major Vendors. They can make Linux tools accessable and familiar and steal a march on the competition. It's obvious from the interests in Europe and Japan that we are going to get there eventually, the sooner we start, the better off we are in the race.

What I'm saying is that, if AB released a line of products on Linux tomorrow, that would have more impact and move the process faster than anything anyone else could possibly do. You would have the warm fuzzies you need to recommend a Linux solution, I would be able to work with Linux tools and do a great deal more with the installed base, and AB would have both a hi-rel solution set and would certainly have leverage with Microsoft to solve some of their problems. And a valid PR claim on something better and more Open.

Everyone would win, even Windows fans. Which brings up the question of why they would do this. Even if the obvious advantages of having a really bulletproof, adaptable, and customizable OS can't be envisioned, I would expect them to do it if enough of us ask for it. I would be willing to bet that NI's Linux version of LabView exists because someone really important asked for it. If not a major customer, then a large part of the scientific and engineering community.

Regards
cww

By Bob Peterson on 15 November, 2002 - 5:19 pm

In a message dated 11/13/2002 3:29:03 PM Central Standard Time, cww writes:

> Indeed, that's my point. And Alex will probably be glad to hear this. In
> this specialized market, What the Linux community does or doesn't do, is
> not going to make the major impact. Our GPL project will appeal to a
> certain class of folks, but again, these are not end users.
> The right people for the job are the Major Vendors. They can make Linux
> tools accessable and familiar and steal a march on the competition. It's
> obvious from the interests in Europe and Japan that we are going to get
> there eventually, the sooner we start, the better off we are in the
> race.

Obvious? I am not all that sure. MS has shown itself to be pretty adaptable. Its not perfect, but it has an advantage that Linux does not, and probably won't anytime soon. The advantage is the MILLIONS of people who are "competant" to manage and run their machines. There are very few people by comparison competent in Linux. I think MS is more worried by things like the Lindows $199 PC than by anything done in the automation field.

If Lindows ever supports windows apps to the extant that virtually any windows app would run on a lindows machine, wouldn't that be an even better idea? Maybe you have been barking up the wrong tree trying to take away MS Office from people and should have been spending your time making Lindows run more windows apps. few end users will care what the OS is as long as it flawlessly runs their favorite apps.

> What I'm saying is that, if AB released a line of products on Linux
> tomorrow, that would have more impact and move the process faster
> than anything anyone else could possibly do. You would have the
> warm fuzzies you need to recommend a Linux solution, I would be able to
> work with Linux tools and do a great deal more with the
> installed base, and AB would have both a hi-rel solution set and
> would certainly have leverage with Microsoft to solve some of their
> problems. And a valid PR claim on something better and more Open.
> Everyone would win, even Windows fans.

This would benefit only the very few integrators conversant with Linux, to the detriment of those not familiar with it. I can see why you might be in favor of AB doing such a thing as it would enhance your tenuous market position in Linux. Why would AB do something that would benefit only a few dozen people? The tiny bit of sales from these people would never cover the expense of porting software to Linux nor maintaining it. Besides, Linux people rarely buy software, at least that is the rub on them. And its probably pretty close to true, so even if they did release Linux versions of their software, the sales might end up being zero because the Linux fans would say its not "good enough" because it is not open source. And doing open source is a financial rathole.

> Which brings up the question of why they would do this. Even if the
> obvious advantages of having a really bulletproof, adaptable, and
> customizable OS can't be envisioned, I would expect them to do it
> if enough of us ask for it. I would be willing to bet that NI's
> Linux version of LabView exists because someone really important
> asked for it. If not a major customer, then a large part of the
> scientific and engineering community.

I'd guess its more like someone paid them to do it, either directly or indirectly OR someone at NI thought it was a neat idea and just did it. I wonder what percent of their sales are the Linux version versus the Windows version. I'd bet the Linux version has only a tiny percent of their sales, maybe only to a few customers.

Bob Peterson

Bob Peterson:
> If Lindows ever supports windows apps to the extant that virtually any
> windows app would run on a lindows machine, wouldn't that be an even
> better idea? Maybe you have been barking up the wrong tree trying to
> take away MS Office from people and should have been spending your
> time making Lindows run more windows apps. few end users will care
> what the OS is as long as it flawlessly runs their favorite apps.

There are people working on that, of course, but the problem is that in that field MS calls all the shots. They can make changes to Windows and Office, release or don't release any details of them, and so on. As DR DOS found out, they can even do things like (accidentally?) checking for such situations and popping up scary-looking warnings.

Microsoft would also dearly love to make it illegal outright, and they appear to be making some progress on that front.

I have great respect for the Samba team. They do an excellent job under circumstances most would consider unacceptable. Thankfully, theirs is just a small piece of Windows, so it's manageable.

Jiri -- Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Ranjan Acharya on 20 November, 2002 - 3:27 pm

<clip>
I have great respect for the Samba team. They do an excellent job under circumstances most would consider unacceptable. Thankfully, theirs is just a small piece of Windows, so it's manageable.

Jiri
</clip>

Yes and from what I have been reading Microsoft is trying to build a patent wall to keep Samba out.

RA

By Steve Myres on 18 November, 2002 - 4:03 pm

If someone doesn't make the products we'll never have the option of buying them and demonstrating the market. I can guarantee you that they sell more of the Linux version than if they hadn't written it.

I realize the point you're making is that companies can be expected to make decisions based upon expected ROI, and that is right. Even so, I'd be glad to make you a small wager that there are many people like me who, when the software of their choice is available to run on the latest platform from Bill G. and also to run on an open source OS, will choose the open version.

If the vendors stay away from the platform because they underestimate the market potential, we'll never get the chance to find out.

By Ralph Mackiewicz on 20 November, 2002 - 5:05 pm

> If someone doesn't make the products we'll never have the option of
> buying them and demonstrating the market. I can guarantee you that
> they sell more of the Linux version than if they hadn't written it.

...snip...snip...

> If the vendors stay away from the platform because they underestimate
> the market potential, we'll never get the chance to find out.

It's that "vision" thing. The companies that grow are the ones that spot an opportunity before there is a market for it (aka "vision").
Established companies tend to look at the market numbers and plan accordingly. But these numbers only measure "what is", not "what will be". Don't look to the dominant vendors to find these new
opportunities. They aren't really looking there. They are focused on their existing markets, not the markets that don't yet exist. So, if you think running automation systems on Linux is of benefit to you, don't wait for the big guys to do something (they'll only do it after it has already happened) and don't wait until you can get it for free (you'll have a long wait). Buy something from those companies on the periphery that have a vision of what can be now. That will really make a difference. And, you'll be able to take advantage of those benefits now (instead of having to wait for them).

Regards,
Ralph Mackiewicz
SISCO, Inc.

By Vladimir E. Zyubin on 24 November, 2002 - 2:30 pm

Hello Ralph,

And there is the brain-washing campaign MS doing. The team consists of professional psychologists, and admen, and marketing analysts, and the like. The "second-level" companies are under the hard pressing too (as well as end-users).

And if we precisely look at the antimonopoly suit against MS we can understand that people do not believe in the antimonopoly law and healthy competition.

Independency of the vendors' analysis you try to refer to is incorrect.

--
Best regards.
Vladimir E. Zyubin mailto:zyubin@iae.nsk.su

By Curt Wuollet on 18 November, 2002 - 5:23 pm

Hi Bob

List Manager wrote:
> ------------ Forwarded Message ------------
> From: PETERSONRA
>
> In a message dated 11/13/2002 3:29:03 PM Central Standard Time,
> cww writes:
>
>>Indeed, that's my point. And Alex will probably be glad to hear this.
>>In this specialized market, What the Linux community does or doesn't
>>do, is not going to make the major impact. Our GPL project will appeal
>>to a certain class of folks, but again, these are not end users.
>>The right people for the job are the Major Vendors. They can make
>>Linux tools accessable and familiar and steal a march on the
>>competition. It's obvious from the interests in Europe and Japan that
>>we are going to get there eventually, the sooner we start, the better
>>off we are in the race.
>
> Obvious? I am not all that sure. MS has shown itself to be pretty
> adaptable. Its not perfect, but it has an advantage that Linux does
> not, and probably won't anytime soon. The advantage is the MILLIONS of
> people who are "competant" to manage and run their machines.

Yes Bob, but we aren't talking millions of people here. We are talking about the people who craft automation solutions. Very few people reading
this would have any difficulty managing and maintaining a Linux machine. They deal with much larger problems with what they are using now. I have managed and maintained quite a few but, I'm at a loss regarding many of the Windows problems seen here. Linux issues tend to be more "fixable".

There are
> very few people by comparison competent in Linux.

It would depend on your definition of competent. Many more people know how to reboot and reload Windows, but anyone who can actually fix Windows problems should be way ahead on Linux where information is more available and there are no secrets.

I think MS is more
> worried by things like the Lindows $199 PC than by anything done in the
> automation field.

I'm more worried about Lindows than MS is. It's a very poor introduction to Linux in my view. It's much less robust and extremely limited in it's
present form and shares many of the same problems with Windows. It's a remarkable piece of reverse engineering and impressive as an exercise, but nowhere near automation grade. And it's dependent on MS. I wouldn't want to sell life insurance to competitors who depend on MS, based on
historical data.

> If Lindows ever supports windows apps to the extant that virtually any
> windows app would run on a lindows machine, wouldn't that be an even
> better idea?

If it even comes close, MS will just change the API's and send them back to square one. I see it as a last ditch solution where you must run
something unavailable on Linux and for a few special applications

Maybe you have been barking up the wrong tree trying to
> take away MS Office from people and should have been spending your time
> making Lindows run more windows apps. few end users will care what the
> OS is as long as it flawlessly runs their favorite apps.

I just finished explaining that I don't favor taking anything away from anyone. Let those to whom Office is critical, enjoy. I would not care to have someone running Office on a production machine, and for programming and documentation, OpenOffice will integrate just as well with the
tools. It's all about choices. There are a few snags, like AutoCAD, but I expect those to go away soon as well. The EDA market is moving to
Linux as an option and AutoDesk will have to compete or lose market share.

>
>>What I'm saying is that, if AB released a line of products on Linux
>>tomorrow, that would have more impact and move the process faster than
>>anything anyone else could possibly do. You would have the
>>warm fuzzies you need to recommend a Linux solution, I would be able
>>to work with Linux tools and do a great deal more with the
>>installed base, and AB would have both a hi-rel solution set and would
>>certainly have leverage with Microsoft to solve some of their
>>problems. And a valid PR claim on something better and more Open.
>>Everyone would win, even Windows fans.
>
> This would benefit only the very few integrators conversant with Linux,
> to the detriment of those not familiar with it.

How would having a choice be detrimental? I certainly wouldn't force anyone to use it.

I can see why you might
> be in favor of AB doing such a thing as it would enhance your tenuous
> market position in Linux.

I don't have a market position in Linux, it's free. I would greatly prefer working with Linux and the free tools make development much
cheaper. And the system cost would be less, which means more profit. And I really like the lack of phone calls at odd hours.

Why would AB do something that would benefit
> only a few dozen people?

Well there's the whole argument. People jump through a lot of hoops to deal with the present products I'm pretty sure lots of people will try
anything that that has the name on it. And anyone who does, would benefit from it. Low cost, no EULA or license tracking, much higher
functionality out of the box. Nothing else to buy except your automation tools, no activation hassles, no hardware snooping or sending your info
to Redmond. Almost everything that is a PITA with Windows in autmation is fixed with Linux. My guess is that it would be useful to a lot of
people and that number would increase rather rapidly.

The tiny bit of sales from these people would
> never cover the expense of porting software to Linux nor maintaining it.

Everyone who has ported to Linux so far has done OK, except those that compete with MS directly like Corel. Even some of those are doing well
like IBM, SAP and ORACLE. IBM mentioned there are over 4000 applications in precess. Somebody thinks there's a market.

> Besides, Linux people rarely buy software, at least that is the rub on
> them. And its probably pretty close to true, so even if they did
> release Linux versions of their software, the sales might end up being
> zero because the Linux fans would say its not "good enough" because it
> is not open source. And doing open source is a financial rathole.

As I mentioned, they would be selling to automation people, not Linux people. Automation people are at the opposite extreme, used to paying
astonishing prices for their applications. why would this be different? IBM has stated that their OSS effort has been worth about $2 billion and now that the initial investment has been repaid, a substantial chunk of their revenues will be from this "non-existant" market. HP and SUN are chasing their taillights.

>
>>Which brings up the question of why they would do this. Even if the
>>obvious advantages of having a really bulletproof, adaptable, and
>>customizable OS can't be envisioned, I would expect them to do it if
>>enough of us ask for it. I would be willing to bet that NI's
>>Linux version of LabView exists because someone really important asked
>>for it. If not a major customer, then a large part of the
>>scientific and engineering community.
>
> I'd guess its more like someone paid them to do it, either directly or
> indirectly OR someone at NI thought it was a neat idea and just did it.
> I wonder what percent of their sales are the Linux version versus the
> Windows version. I'd bet the Linux version has only a tiny percent of
> their sales, maybe only to a few customers.

It would be interesting to have those figures, wouldn't it. I noticed they upgrade it and it hasn't gone away. If they pushed it, it would
probably do a lot better. But their relationship with MS would suffer and they (like everyone else) can't afford that. Maybe they did it just
for the leverage with MS! Kinda nice to have a backup position if they get too greedy.

Regards

cww

By Bob Peterson on 20 November, 2002 - 4:58 pm

Curt Wuollet wrote:
> Hi Bob
>
> List Manager wrote:
> > ------------ Forwarded Message ------------
> > From: PETERSONRA
> >
> > In a message dated 11/13/2002 3:29:03 PM Central Standard Time,
> > cww writes:
> >
> >>Indeed, that's my point. And Alex will probably be glad to hear this.
> >> In this specialized market, What the Linux community does or doesn't
> >> do, is not going to make the major impact. Our GPL project will appeal
> >> to a certain class of folks, but again, these are not end users. The
> >> right people for the job are the Major Vendors. They can make Linux
> >> tools accessable and familiar and steal a march on the
> >>competition. It's obvious from the interests in Europe and Japan that
> >> we are going to get there eventually, the sooner we start, the better
> >> off we are in the race.
> >
> > Obvious? I am not all that sure. MS has shown itself to be pretty
> > adaptable. Its not perfect, but it has an advantage that Linux does
> > not, and probably won't anytime soon. The advantage is the MILLIONS
> > of people who are "competant" to manage and run their machines.
>
> Yes Bob, but we aren't talking millions of people here. We are talking
> about the people who craft automation solutions. Very few people reading
> this would have any difficulty managing and maintaining a Linux machine.
> They deal with much larger problems with what they are using now. I have
> managed and maintained quite a few but, I'm at a loss regarding many of
> the Windows problems seen here. Linux issues tend to be more "fixable".
> There are
> > very few people by comparison competent in Linux.
>
> It would depend on your definition of competent. Many more people know
> how to reboot and reload Windows, but anyone who can actually fix
> Windows problems should be way ahead on Linux where information is more
> available and there are no secrets.
>
> I think MS is more
> > worried by things like the Lindows $199 PC than by anything done in
> > the automation field.
>
> I'm more worried about Lindows than MS is. It's a very poor introduction
> to Linux in my view. It's much less robust and extremely limited in it's
> present form and shares many of the same problems with Windows. It's a
> remarkable piece of reverse engineering and impressive as an exercise,
> but nowhere near automation grade. And it's dependent on MS. I wouldn't
> want to sell life insurance to competitors who depend on MS, based on
> historical data.

As best I can tell it is intended as a way to run your Windows software without having to buy Windows. However, as I understand it, a full version of Linux is included that could be used by the end user if so desired. The Lindows part of it just allows some (incomplete) Windows functionality.

> > If Lindows ever supports windows apps to the extant that virtually any
> > windows app would run on a lindows machine, wouldn't that be an even
> > better idea?
>
> If it even comes close, MS will just change the API's and send them back
> to square one. I see it as a last ditch solution where you must run
> something unavailable on Linux and for a few special applications

A few "special" apps? How about the tens or even hundreds of thousands of apps totally unavailable on Linux but readily available to Windows?

> Maybe you have been barking up the wrong tree trying to
> > take away MS Office from people and should have been spending your
> > time making Lindows run more windows apps. few end users will care
> > what the OS is as long as it flawlessly runs their favorite apps.
>
> I just finished explaining that I don't favor taking anything away from
> anyone. Let those to whom Office is critical, enjoy. I would not care to
> have someone running Office on a production machine, and for programming
> and documentation, OpenOffice will integrate just as well with the
> tools. It's all about choices. There are a few snags, like AutoCAD, but
> I expect those to go away soon as well. The EDA market is moving to
> Linux as an option and AutoDesk will have to compete or lose market
> share.

I tend to doubt this. AutoCad is not exactly an EDA product. Its more of a drafting product. Big difference. I have played with OpenOffice. It looks to have a pretty good emulation of Office. So why is it OK to emulate Office in this way but emulating Windows ala Lindows is not? Could it just be that you are really opposed to the profit motive involved in Lindows???

> >>What I'm saying is that, if AB released a line of products on Linux
> >> tomorrow, that would have more impact and move the process faster than
> >> anything anyone else could possibly do. You would have the
> >>warm fuzzies you need to recommend a Linux solution, I would be able
> >> to work with Linux tools and do a great deal more with the
> >>installed base, and AB would have both a hi-rel solution set and would
> >> certainly have leverage with Microsoft to solve some of their
> >>problems. And a valid PR claim on something better and more Open.
> >> Everyone would win, even Windows fans.
> >
> > This would benefit only the very few integrators conversant with
> > Linux, to the detriment of those not familiar with it.
>
> How would having a choice be detrimental? I certainly wouldn't force
> anyone to use it.

Because everyone who did not use it would be forced to pay for it, even though they have no interest in it, since it could not pay its own way.

> I can see why you might
> > be in favor of AB doing such a thing as it would enhance your tenuous
> > market position in Linux.
>
> I don't have a market position in Linux, it's free. I would greatly
> prefer working with Linux and the free tools make development much
> cheaper. And the system cost would be less, which means more profit. And
> I really like the lack of phone calls at odd hours.

I have not gotten a phone call at odd hours in at leats 5 years, maybe longer. It has absolutely nothing to do with Linux versus Windows. It has
to do with competence in setting up the automation in the first place.

> Why would AB do something that would benefit
> > only a few dozen people?
>
> Well there's the whole argument. People jump through a lot of hoops to
> deal with the present products I'm pretty sure lots of people will try
> anything that that has the name on it. And anyone who does, would
> benefit from it. Low cost, no EULA or license tracking, much higher
> functionality out of the box. Nothing else to buy except your automation
> tools, no activation hassles, no hardware snooping or sending your info
> to Redmond. Almost everything that is a PITA with Windows in autmation
> is fixed with Linux. My guess is that it would be useful to a lot of
> people and that number would increase rather rapidly.

If that were the case there would be a lot of interest in the big automation venders in working with Linux. There just isn't. A few software engineers expressing an interest in Linux that just happen to work for an automation vender is not the same thing as interest by the company itself. Until they can find a way to make money at it, it just won't happen.

> The tiny bit of sales from these people would
> > never cover the expense of porting software to Linux nor maintaining
> > it.
>
> Everyone who has ported to Linux so far has done OK, except those that
> compete with MS directly like Corel. Even some of those are doing well
> like IBM, SAP and ORACLE. IBM mentioned there are over 4000 applications
> in precess. Somebody thinks there's a market.

Everyone? The fact is that Corel was near death long before it ported anything to Linux. I am unaware of any widely used products ported to Linux that have been a commercial success in the mass market. They just don't exist because the Linux mindset is "free" software. This is a huge
disincentive to software developers.

> > Besides, Linux people rarely buy software, at least that is the rub
> > on
> > them. And its probably pretty close to true, so even if they did
> > release Linux versions of their software, the sales might end up being
> > zero because the Linux fans would say its not "good enough" because it
> > is not open source. And doing open source is a financial rathole.
>
> As I mentioned, they would be selling to automation people, not Linux
> people. Automation people are at the opposite extreme, used to paying
> astonishing prices for their applications. why would this be different?
> IBM has stated that their OSS effort has been worth about $2 billion and
> now that the initial investment has been repaid, a substantial chunk of
> their revenues will be from this "non-existant" market. HP and SUN are
> chasing their taillights.

I find it humurous that the formerly evil IBM is now being touted as the future of computing. From what I can tell, virtually all of IBM's work in Linux is in developing what is nothing more than a closed system running on Linux. I don't see that as all that much different than what MS does.

> >
> >>Which brings up the question of why they would do this. Even if the
> >> obvious advantages of having a really bulletproof, adaptable, and
> >> customizable OS can't be envisioned, I would expect them to do it if
> >> enough of us ask for it. I would be willing to bet that NI's
> >>Linux version of LabView exists because someone really important asked
> >> for it. If not a major customer, then a large part of the
> >>scientific and engineering community.
> >
> > I'd guess its more like someone paid them to do it, either directly or
> > indirectly OR someone at NI thought it was a neat idea and just did
> > it. I wonder what percent of their sales are the Linux version versus
> > the Windows version. I'd bet the Linux version has only a tiny
> > percent of their sales, maybe only to a few customers.
>
> It would be interesting to have those figures, wouldn't it. I noticed
> they upgrade it and it hasn't gone away. If they pushed it, it would
> probably do a lot better. But their relationship with MS would suffer
> and they (like everyone else) can't afford that. Maybe they did it just
> for the leverage with MS! Kinda nice to have a backup position if they
> get too greedy.

And that backup position would be what? Order their customers to use Linux or else?

Bob Peterson

By Michael Griffin on 24 November, 2002 - 2:50 pm

On November 20, 2002 04:49 pm, PETERSONRA wrote: <clip>
> I tend to doubt this. AutoCad is not exactly an EDA product. Its more of
> a drafting product. Big difference.
<clip>

AutoCad is starting to look like a dinosaur. The CAD market is driven by the mechanical drafting field, and I don't personally know of *anyone* who is still using AutoCad for mechanical drafting. Everyone seems to be switching to 3-D modelling with SolidWorks or some other competitor. It's an entirely different way of approaching the problem and I don't know of anyone who is impressed with AutoCad's offering in this field. AutoCad was so busy defending their market share in their old product that they seemed to have missed the boat when the market changed.

I think the control system drafting market is ripe for a big change also. I would think it would be logical to allow electrical drafting systems to share a symbol database with PLC programming software. We don't need AutoCad on Linux. We need common data standards to allow us to get out of the electric pencil era and move on to something that integrates the electrical hardware design with the software design.

> And that backup position would be what? Order their customers to use
> Linux or else?
<clip>

Software companies need to make what their customers want to buy. Of course figuring out what somebody wants to buy isn't always that easy, since pretty often the customer doesn't realise they want it until you offer it to them.

However, looking back on the history of the software business, if I were selling software I would be rather nervous about staking my future (or rather, my money) on the continued dominance of a specific product from another company (or even the existence of that company). People change; companies change. A lot of dominant market leaders have disappeared into oblivion. I don't think that any responsible businessman can afford to forget that.

I think the prudent thing is to be careful not to tie yourself too closely to someone else's proprietary software unless there are several close equivalents from their competitors you can choose from. Support open standards rather than proprietary ones whenever possible. Minimise your exposure to proprietary features you can't avoid. There are a lot of basic software design principles you can use such as isolating operating system dependencies to specific parts of your program, rather than scattering them everywhere.

You many not eliminate all your risks, but you can at least reduce them to managable proportions. This isn't social philosophy, it's just good business.

--

************************
Michael Griffin
London, Ont. Canada
************************

By Ralph Mackiewicz on 26 November, 2002 - 4:06 pm

Although this is now WAY off topic:

> I think the control system drafting market is ripe for a big change
> also.

There are companies with vision that are addressing these things. Check out Instrument Design Works at:
http://www.automating-automation.com/

Regards,
Ralph Mackiewicz
SISCO, Inc.

By Linnell, Tim on 12 November, 2002 - 4:05 pm

On November 8, 2002, Curt Wuollet wrote:
> If everyone reading this simply _asked_ their vendor when they
> will be able to buy Linux based tools and took serious interest
> in the answer, we would have have alternatives eventually.

I might perhaps capriciously suggest that a good start here would be to prohibit Open Source projects from producing Win32 binaries. I would suggest that somewhere in the high 90s in terms of percentages of downloads from any given open source project are Windows based freeloaders, who never even download the open source, let alone look at it, and this is really not helpful in persuading people to shift to Linux on their desktop...

Cheers

Tim

Wow. I don't think I could add anything to that...

Jeff

Curt Wuollet:
> > If everyone reading this simply _asked_ their vendor when they will
> > be able to buy Linux based tools and took serious interest in the
> > answer, we would have have alternatives eventually.

Tim Linnell:
> I might perhaps capriciously suggest that a good start here would be
> to prohibit Open Source projects from producing Win32 binaries.

That wouldn't help... anyone, really.

> I would suggest that somewhere in the high 90s in terms of percentages
> of downloads from any given open source project are Windows based
> freeloaders,

1) There's no such thing as a freeloader.

Or, rather, the cost is so small as to be negligible. On the other hand, even so-called freeloaders will produce bug reports, informal help for other users, and so on. (What is the value to Rockwell of this mailing list? Yet none of the people on here have seen the RSLinx source...)

> who never even download the open source, let alone look at it,

2) Neither do most linux people. Only those who have a reason to do so download the source - to add a feature, find a bug, learn from it, etc.

Even those who do, generally only download and look at the source to a couple of programs. The rest just comes straight off the Debian CD or website, already compiled and configured to work together.

> and this is really not helpful in persuading people to shift to Linux
> on their desktop...

3) Sure it is - when the time comes to switch over, they're already familiar with a couple of programs. In some ways this is *excellent* help: in the middle of the great upheaval that the shift entails, there's at least one familiar thing that doesn't change.

In other words, share and enjoy!

Jiri -- Jiri Baum <jiri@baum.com.au> http://www.csse.monash.edu.au/~jirib MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools

By Curt Wuollet on 15 November, 2002 - 12:14 am

Hi Tim

OSS ia not exclusively Linux although Linux is (or at least should be) exclusively OSS. I really hadn't thought much about that as I certainly have no need to cross compile. I guess I wouldn't want to restrict anyone else's choice. Right now, I'm looking at issues seperately. What I am proposing would upset a great many Linux folks, but as a pragmatist, if the major automation vendors were to continue in their proprietary vein, but offer Linux binaries it would still be a great leap forward as at least the OS facilities would be Open. All the comm issues and OS issues could at least be addressed. I just thought I should be clear that I wouldn't expect them to release source amytime soon, we have to have realistic goals. Even if things stayed pretty much the same, with only the Linux platform added. much the way that NI did with LabView, we and our customers would gain great benefit. That would provide the springboard for perhaps working on the Tower of Babel problem and encourage some commonality and interoperability. As an integrator that would solve an unbelieveble number of problems.

Regards

cww

By Anthony Kerstens on 18 November, 2002 - 2:16 pm

I welcome what Curt suggests. One of the things that has me tied to a Windows box is my industrial software.

Anthony Kerstens P.Eng.

By Donald Pittendrigh on 23 October, 2002 - 9:34 am

HI All

I ran an installation of XP for 30 days without activation to see what happens 'n it deletes some part of the operating system which prevents it from booting, I wasn't too interested in the mechanism I just wanted to know what would happen as I had heard sensational stories about damaging the hard drive boot sector so it couldn't be used etc. etc. I tested on a multiple boot system and in fact that machine is still running perfectly today but wont boot to the win Xp partition.

If your version of XP is still running after 30 days, the chances that it is legal are rather slim.

Cheers
Donald P

> From: Donald Pittendrigh
> HI All
>
> I ran an installation of XP for 30 days without activation to see what
> happens 'n it deletes some part of the operating system which prevents
> it from booting, I wasn't too interested in the mechanism I just
> wanted to know what would happen as I had heard sensational stories
> about damaging the hard drive boot sector so it couldn't be used etc.
> etc. I tested on a multiple boot system and in fact that machine is
> still running perfectly today but wont boot to the win Xp partition.

Wow, I thought they would at least leave enough system to
log on to Microsoft and activate it.

> If your version of XP is still running after 30 days, the chances that
> it is legal are rather slim.

It must be legal, Gateway would not take a chance on
annoying microsoft.

My wife is an attorney, and she said that if someone
sold a product, there must be a reasonable expectation
that it will continue to function. This puts the
problem onto gateway.

Larry

By Donald Pittendrigh on 28 October, 2002 - 12:04 pm

Hi All

It is simple enough to re-install windows on the machine and activate the licence correctly so this makes little difference.

>Wow, I thought they would at least leave enough system to
>log on to Microsoft and activate it.

There are 2 ways I can think of that this software can still be Running 1) It was pre-activated for you in which case I am sure
the vendor would let you know as he is providing an additional service which as a Microsoft partner, he is not obliged to do, or 2) the installed copy is "cracked" in other words the copy protection Has been bypassed (illegally)

>It must be legal, Gateway would not take a chance on
>annoying microsoft.

The software does/did/will function correctly until the windows Activation scheme shuts it down (that is once again, assuming it still requires activation) As the shutting down is the way
It is expected to work, there would not be any form of comeback On the machine supplier side.

<clip>

Regards
Donald Pittendrigh

Sorry New here so forgive any stuff ups..

I just wanted to say that (perhaps contrary) to the general jist of this thread..

In my opinion it's a really good thing that Microsoft (as much as this sounds wrong..) keeps the goal posts moving. Obviously, it's money driven but look at all the issues it develops - which equates to work and sales and thus momentum in our industry.

Even if it does mean you have to re-write something, if you've had it for so long its no longer supported I think you've done pretty well, and we can always improve and in most cases for less.

I'd probably be bankrupt if it weren't for all the work that MS generates, and it's not just the software it's the whole industry that gets carried with it.

I hope that I'm not totally alone on this.

Also for XP apps I'd hold on for at least another few years, alternatively there is VMware which can handle most apps that don't have custom cards. Even some custom cards now have USB equivalents..www.plccables.com.au

For the vast majority of PLC's AB, Siemens, Omron, Schneider, Mitsubishi, GE, etc there are clear upgrade paths and a whole industry for sideways movement on some of the majors eg S5 to Vipa etc...www.plchardware.com.au

Then where is gets tricky there are us engineers, and thousands of integrators and now a host of SCADA security experts..who get to play/work out the solutions if your into your career choice..

Thanks