OpenBSD Microsoft Now OpenBSD Foundation Gold Contributor

[marcolino]

http://undeadly.org/cgi?action=artic...20150708134520

[bsd-keith]

Interesting times ahead.....maybe.

[marcolino]

Add to that the fact that Microsoft is the first gold-level contributor of 2015, and we live in interesting times, indeed!

[shep]

The Microsoft Halloween documents leak were leaked in 2007. I hope this is not another example of Embraced, Extend, Extinguish.

Quote:

Documents I and II[edit]
These are leaked reports for Microsoft's own use, both written by Vinod Valloppillil, who was a Program Manager at Microsoft.
Document I provides a detailed introduction to the concepts behind Open Source software and its possible impact on Microsoft products and services. It outlines the strengths and weaknesses of Open Source software. Document II describes the basic architecture of the Linux system, its relation to Unix and Windows NT.
Document I revealed that "FUD" (spreading fear, uncertainty, and doubt) was a traditional Microsoft marketing strategy, acknowledged and understood internally.[1] Examples of Microsoft's FUD tactics are announcing nonexistent products or spreading rumors that competing products will crash Windows.[3]
Raymond suggests that the documents show that while Microsoft may be dismissive of open source software in public, it considers it a serious competitor in private.
While discussing ways of competing with open source, Document I suggests that one reason that open source projects have been able to enter the market for servers is the use of standardized protocols. It then suggests that this can be stopped by "extending these protocols and developing new protocols" and "de-commoditize protocols & applications." This policy has been nicknamed "embrace, extend, extinguish".
Document I also suggests that open source software "is long-term credible ... FUD tactics can not be used to combat it," and "Recent case studies (the Internet) provide very dramatic evidence ... that commercial quality can be achieved / exceeded by OSS projects."
Documents I and II were filed as evidence on January 16, 2007 in the case of "Comes v. Microsoft".[4]

[ibara]

Quote:

Originally Posted by shep

The Microsoft Halloween documents leak were leaked in 2007. I hope this is not another example of Embraced, Extend, Extinguish.

That would seem to be impossible, since they'll have to make their SSH interoperable with what Linux/*BSD uses... OpenSSH. They're definitely not going to get any of the BSDs to change their ssh software. And it seems nigh impossible that they'd get any of the Linuxes to move from OpenSSH to proprietary Microsoft SSH. Remember: making ssh proprietary is one of the reasons we have OpenSSH in the first place.

OpenSSH has a well deserved reputation in the ssh world. It will, finally, be Microsoft as just one of the players contributing to OpenSSH, not the other way around.

[Oko]

Quote:

Originally Posted by shep

The Microsoft Halloween documents leak were leaked in 2007. I hope this is not another example of Embraced, Extend, Extinguish.

And I hope you are not another example of "Linux teens/Slashdot" FUD. Linux is fully proprietary OS with couple of billion of dollars (couple of $1,000,000,000) of annual investment from multitude of "evil" companies (Red Hat, Canonical, Oracle, IBM, HP) including the Microsoft who legally owns Linux. Now somebody gives little over 25K to one of BSD projects and the sky is falling. OpenBSD foundation has a fund-raising goal of 200K annually. For God's sake that is the annual salary of a single mid-level developer in Silicon Valley. Please stop the FUD right there. Theo alone would probably make seven digit salary in Silicon Valley if he wanted to work there.

@moderators
I would strongly suggest this thread to be locked for future posts and possible removed. This thread adds no value to this forum.

[marcolino]

Oko, I disagree with removal - the news comes from the OpenBSD Foundation itself, and certainly falls under the category of "News."

Shep, I agree with ibara that Embrace/Extend/Extinguish is a very unlikely scenario - contributors to the OpenBSD Foundation have no control over OpenBSD development.

[shep]

I am not interested in spreading FUD, although I will note that the strategy was employed by Microsoft.

The OpenSSH code does rely on some standards and contains some elegant encryption algorithms. Hopefully standards will remain open and code will be contributed back from Microsofts adoption of OpenSSH.

[bsd-keith]

I am sure that any code supplied will be thoroughly checked & only used if it enhances the security.
Perhaps MS, under new management, are just acknowledging publicly that they are using some open source software in their products.

[gpatrick]

It would be nice if Oracle would have a reciprocal donation to the OpenBSD Foundation given their possible use of pf as a replacement of ipf in Solaris.

Quote:

I am sure that any code supplied will be thoroughly checked & only used if it enhances the security.

Joyent doesn't accept code from third-parties to be included in SmartOS. Would be the same here I'd guess.

[jggimi]

Quote:

Originally Posted by gpatrick

Would be the same here I'd guess.

Monetary contributions to the Foundation do not influence Project direction, per the Foundation's charter. Nor do direct donations to the Project, per stated policy.

Software contributions -- whether by a Project developer, OpenBSD user, or a third party -- require the approval of at least two Project developers to be committed per policy, and are subject to both Project oversight and public review.

Those three words in red are important. Public code commitments are what makes OpenBSD open. No NDAs for trade-secret documentation or software, no pre-compiled vendor-supplied modules, no hidden or proprietary components.

---

Hardware contributions may influence support of that particular hardware, of course.

Quote:

Originally Posted by jggimi

Hardware contributions may influence support of that particular hardware, of course.

They're giving them Surface Pros! We're through the looking glass here people.

Does this mean that OpenBSD is going to support Secure Boot?

[jggimi]

Quote:

Originally Posted by Scarletts

They're giving them Surface Pros! We're through the looking glass here people.

Does this mean that OpenBSD is going to support Secure Boot?

I know, you're joking. But, let's review what is known:

1. Microsoft engineers have announced they are integrating OpenSSH with PowerShell, and will (and already are) working with OpenSSH developers to do so. This type of OpenSSH integration has been done many times before, with many different operating systems. See the Portable OpenSSH web page.
2. Microsoft has made a financial donation to the OpenBSD Foundation, which by its charter can use the funds as it sees fit to further the operations of the OpenBSD Project.

I don't believe I've seen any other announcements. Nor do I expect to see any change in the Project's strategy, direction, or policies. This was merely a donation. This was not a development grant, which would come with specific activity requirements and specific goals. The Project was funded by a major grant from 2000 to 2003, and this donation's value is two orders of magnitude lower than that.

I expect the engineering effort that has been announced will be of benefit to Microsoft's major customers: large enterprises and cloud service providers, whose systems administrators will be able to more effectively and securely manage remote Windows servers with tools that utilize SSH, and perhaps these can be devops tools that heterogeneously manage Unix-like systems.

Quote:

Originally Posted by jggimi

I know, you're joking. But, let's review what is known:

1. Microsoft engineers have announced they are integrating OpenSSH with PowerShell, and will (and already are) working with OpenSSH developers to do so. This type of OpenSSH integration has been done many times before, with many different operating systems. See the Portable OpenSSH web page.
2. Microsoft has made a financial donation to the OpenBSD Foundation, which by its charter can use the funds as it sees fit to further the operations of the OpenBSD Project.

I don't believe I've seen any other announcements. Nor do I expect to see any change in the Project's strategy, direction, or policies. This was merely a donation. This was not a development grant, which would come with specific activity requirements and specific goals. The Project was funded by a major grant from 2000 to 2003, and this donation's value is two orders of magnitude lower than that.

I expect the engineering effort that has been announced will be of benefit to Microsoft's major customers: large enterprises and cloud service providers, whose systems administrators will be able to more effectively and securely manage remote Windows servers with tools that utilize SSH, and perhaps these can be devops tools that heterogeneously manage Unix-like systems.

My views are roughly in-line with yours.

The overreaction to the donation in various communities strikes me as a bit... outdated? shep's post is misleading, as someone on Slashdot (!!!) noted, the Halloween documents were written 17 years ago, and the software development landscape has changed.

Donations from Facebook and Google haven't attracted nearly as much paranoia. Both of these companies are major purveyors of proprietary software (even if it is delivered through the web). What makes Microsoft so special that makes people think the donation came with strings attached?

Diffs for the purpose of reducing diffs with Android's libc have already made it into the tree - why has this not attracted the ire of conspiracy theorists to the same degree? I think the commit in question is of no consequence, but it seems like the commit shows Android effecting OpenBSD in a way which provides no benefit to OpenBSD's users (excluding Google), which is what these people are worried about, right?

[Carpetsmoker]

Quote:

Originally Posted by shep

The Microsoft Halloween documents leak were leaked in 2007. I hope this is not another example of Embraced, Extend, Extinguish.

These documents are from 1998, not 2007. They were files as evidence in a 2007 trail case.

[blackhole]

Quote:

Originally Posted by Oko

And I hope you are not another example of "Linux teens/Slashdot" FUD. Linux is fully proprietary OS with couple of billion of dollars (couple of $1,000,000,000) of annual investment from multitude of "evil" companies (Red Hat, Canonical, Oracle, IBM, HP) including the Microsoft who legally owns Linux. Now somebody gives little over 25K to one of BSD projects and the sky is falling. OpenBSD foundation has a fund-raising goal of 200K annually. For God's sake that is the annual salary of a single mid-level developer in Silicon Valley. Please stop the FUD right there. Theo alone would probably make seven digit salary in Silicon Valley if he wanted to work there.

+1

I think it's good that they decided to donate - which is more than a lot of the other big so called "FOSS" projects and corporations have managed to do over the last several years...