[NBLUG/talk] Mono
ME
dugan at passwall.com
Mon May 26 15:02:01 PDT 2003
Jon Shiring said:
> If you see Mono as an attempt to create a compiler for a new language, I
> can't believe people would really want to avoid supporting a new
> language in Linux simply because MS created it. Are we going to limit
> ourselves to Perl and C for the next 50 years of computing because we
> refuse to be open to new languages that have legit uses?
This is not a stand I took in my reply. Issues of compatability over time
and any ability to have a project claim to be equitable to C# will never
be attainable over the long term while a central authority has the right
to not publish future specifications. There are many C++ compilers. There
are many C compilers. The "standards" for these languages are published
and available for all. "ANSI" provides for a standard for all to share.
The authority of ANSI is not likely to become profit oriented and limit
access with licenses to generate profit. Anyone can build their own
compiler and IDE using the specifications. IEEE POSIX is another example
for a published open specification.
This issue is not "because MS created it" but instead "because a single
entity with a proven track record for altering specifications not
publishing all specification can at any time exercise their history over
users in future versions."
WFWG came out, and so with Windows 95. They supported a share based model
for authentication for access to network resources. It was effectively P2P
sharing. As Samba came to fill this gap and offer support for SMB based
file sharing, MS came out with another model "user based authentication"
with PDC/BDC and the Domain model. As Samba gained sufficient support for
acting as a PDC (with exception to a few items) a new model was provided
by MS (Active Directories.)
A better example is a review of the History of MS vs Netscape (the early
years.) Both Netscape and MS invented new "isms" (Internet Explorer-ism
and Netscape-ism) that were outside the scope of the published HTML
standards. Each tried to create a "feature" available when using their
clients *and* servers that was not available when you just used their
client and/or did not use their server. Additions to the HTML standards on
both sides permitted people to make pages that offered very different user
experiences to the users. Inconsistency is not easily supportable.
MS is very good at making money. This is their job. They are a
corporation. They answer to their stock holders. If they find they can
make profit by altering .net with a new release that has closed specs, or
only licenses the specifications to businesses at a cost to entities
willing to sign NDA, they will do it.
An earlier example is IPX/SPX. Who uses this anymore? TCP/IP is an open
standard with the only central authority that has a mission to publish new
"Request for Comment"
> The patent issue is absurd, because it implies that MS couldn't use
> patents to stop other projects. MS probably has patents that could
> cover evolution, mozilla, gnomemeeting, and many many other apps. Heck,
> mplayer forces you to violate copyrights to play some formats and nobody
> jabs it as not worthwhile. Patents shouldn't be an excuse not to create
> any sort of project, because to fear patent violation would mean
> stopping almost all open source application development. MS actually
> has a good track record in terms of actually using patents as a
> defensive tactic.
It is a control issue. NPO, and our government have no profit motivation
with their operation. My issue is based on predicting the future based on
past actions. (I was also not happy with Sun owning Java.)
> As for changing the protocol, who is to say that compatibility is a
> must-have?
Sure. Java is a build once, test everywhere. If you are a business, and
you wish to provide a product for various OS (Windows, Linux, *nix, *BSD,
Mac OS X, etc.) then you would likely *want* compatability. If you are in
user support, you also want compatability. If you are an end use, you
would also likely want compatability. (Even today, you will note that MS
Word for the Mac is different from MS Word for Windows.)
Compatability is not a "must-have" but is desired. It makes it easier for
businesses and support groups to include a technology.
> Is language-independent programming, less platform
> dependence, and a better-designed set of system libraries a bad thing?
It depends. "better-designed" and "bad" are entirely subjective. These are
matters of opinion. Some will agree and some will disagree.
> Even if it was incompatible with .net it would still be a win.
I'm not so sure it would be a win. Having ".net" for windows and ".net"
for Linux might send a message to businesses that is not true.
> But
> given the rate at which the windows APIs change, I suspect it'll be even
> easier than keeping Wine up to date. MS is all about client
> compatibility, they don't screw around with changing APIs very often
> (file-formats, yes, but if the APIs are stable, tracking file format
> changes is managable).
They have at least 3 changes in client/server authentication in less than
7 years. How many changes have been made to the apache client-server
HTTP-AUTH in the past 7 years? How about the authentication for ssh,
telnet, ftp in the past decade? Even MS IIS has had its authentication
systems changes twice since it first came out.
When MS was notified about insecurities in the NTLANMan authentication
(exposed by Hobbit and Mudge from L0pht, and built into a product they
made "l0phtcrack") MS response was to (eventually) provide a hotfix that
enforced case-sensitive authentication. This (once installed) denied MS
Windows 9X users to participate in Domains. MS could have provided a patch
to Windows 9X to make them work with the new hotfix, but chose not to.
There was no profit in this.
MS is also encouraging people to upgrade their MS Windows Systems with
http://windowsupdate.microsoft.com/ (using only MS IE BTW) to remain up to
date. At least 2 Different releases of ".NET" have been provided by MS
over time. For MS to make changes to client-server will become easier with
such a network based upgrade strategy. When everyone shifts to this system
for upgrading, it will be very easy for MS to impose changes to API,
protocols, and languages.
(MS has had Service Packs to MS Widows NT 4.0 that made NT machines using
the older patch unable to authenticate against the machines that had been
patched.) MS does in fact change their client-server authentication
systems, and changes them more often than I like. (Another "BTW": when the
new SP for NT came out that caused this incompatability, Samba
authentication was broken, and Samba had to be modified too.)
> I'm not saying that .net is "better" than C applications or anything of
> the sort, I'm saying that when we find ourselves refusing to support new
> technologies, don't expect to keep programmers flocking to write Linux
> applications.
Oh. Have you seen MS dev environment for C# as part of .NET? It looks
really slick. I mean, you can create a UI by dragging and clicking and
setting buttons and names and make it "look" the way you want, and then
have it "build" a skeleton set of code that will display it the way you
just "drew" it. Then you can "click" on buttons and specify the actual
code that should be used when the user clicks on them.
I like the way it looks, but I do not like the fact that an entity driven
by profit has control of it. Do I hate MS? Nope.
Let me be clear on this:
My issue is with a corporation having controlling ownership in what they
wish to dictate as a new "De facto-standard." I look at the Success of
HTML (pure), TCP/IP (whole suite), C++, C and HTAUTH (apache) and am glad
that these offer consistent access.
-ME
> Jon
> Programmer, S2 Games
>
> On Mon, 2003-05-26 at 06:57, ME wrote:
>> I agree with Alan on his reasons, but I dont agree that it is
>> ridiculous.
>>
>> MS has a history of changing protocols and formats for existing software
>> as alternative projects provide supports to use MS protocols/formats. MS
>> word is a great example of this. As the file format for ".doc" files are
>> discovered by opensource coders, MS changes the ".doc" format and
>> releases
>> a new copy of MS word. This is what they have done, this is what they
>> will
>> do.
>>
>> However, I do not see an attempt to dev an opensource .net as
>> ridiculous.
>> As the coders build their own understanding of .net, they may come up
>> with
>> security weaknesses in the .net made by MS.
>>
>> Since MS has put so many different things under the name ".net"
>> weaknesses
>> found in even a few areas tarnish the whole name. (Attempt to locate
>> multiple eggs in the same basket to make entry into the market of .net
>> clones too costly?)
>>
>> Of course, I am first to agree that their project to duplicate .net is
>> ultimately doomed to failure while MS is in control of the protocol,
>> format, and specifications.
>>
>> Though it was not a ".net" failure (more of a web coder failure) there
>> was
>> a hole discovered recently in the passport portion of .net and
>> authentication. It seems that MS had a web page for resetting passwords
>> that would allow you to reset any user's passport password with a
>> properly
>> (improperly?) formatted submission from a form. It seems that MS is/was
>> willing to trust the client to verify the client was who they said they
>> were. (Not entirely true, but it sounds better than saying the coder of
>> the password reset page from MS just botched the job.)
>
>
> _______________________________________________
> talk mailing list
> talk at nblug.org
> http://nblug.org/mailman/listinfo/talk
>
>
More information about the talk
mailing list