= Solution for Oracle/Sun deal: Make MySQL independent =
[Permanent URL: http://www.fsfe.org/news/2009/news-20091023-02.en.html ]
23 October 2009, 11:00 CEST, Berlin, Germany
Oracle should agree to put MySQL in the hands of an independent
non-profit guardian, proposes the Free Software Foundation Europe. The
Free Software community could develop MySQL to its full potential, while
Oracle would not have to worry that a competitor could take over the
database project.
"Competition in the software market is very important, because it
drives innovation", says Karsten Gerloff, President of the Free
Software Foundation Europe (FSFE). "The fate of a project like
MySQL should not depend on a single company."
By moving the MySQL issue out of the way, this would make it possible
for Oracle to quickly complete the acquisition of Sun Microsystems and
prevent further losses.
FSFE has published a detailed analysis of the problem that MySQL poses
for Oracle, and for competition in the database market:
http://blogs.fsfe.org/gerloff/?p=274
MySQL is the stumbling block in Oracle's acquisition of Sun
Microsystems. With this deal, the biggest maker of proprietary databases
would gain control of MySQL, a large Free Software database project. The
European Commission is so far refusing to approve the deal because it is
worried about its effects on competition. At the same time, Sun is
quickly shedding money and jobs.
== About the Free Software Foundation Europe ==
The Free Software Foundation Europe (FSFE) is a non-profit
non-governmental organisation active in many European countries and
involved in many global activities. Access to software determines
participation in a digital society. To secure equal participation in
the information age, as well as freedom of competition, the Free
Software Foundation Europe (FSFE) pursues and is dedicated to the
furthering of Free Software, defined by the freedoms to use, study,
modify and copy. Founded in 2001, creating awareness for these
issues, securing Free Software politically and legally, and giving
people Freedom by supporting development of Free Software are central
issues of the FSFE.
http://fsfe.org
== Contact ==
Karsten Gerloff
President
Free Software Foundation Europe
e-mail: press at fsfeurope.org
mobile: +49-176-96904298
= Windows 7 to hit consumers with known security problem =
[Permanent URL: http://www.fsfe.org/news/2009/news-20091019-01.en.html]
19 October 2009, 13:30 CEST, Berlin, Germany
Microsoft's latest operating system, Windows 7, is currently shipping
with a potentially serious defect. Ahead of the product's global
launch on Thursday, Germany's federal IT security agency (BSI) has
issued a warning [1] about a high-risk vulnerability in the SMB2
protocol. This can be exploited over the network to shut down a
computer with a Denial of Service (DoS) attack.
This incident illustrates how proprietary software often poses a
security risk. "Only Microsoft can fix the problem. But they have
apparently closed their eyes to this vulnerability for a long time,
hoping that it wouldn't spoil the retail launch of Windows 7 this
Thursday," says Karsten Gerloff, President of the Free Software
Foundation Europe (FSFE).
Following responsible disclosure practices, the BSI has not published
details in its announcement (English translation below) from October 6.
While it is generally a good strategy to give vendors time to repair
vulnerabilities before announcing them publicly, in this case the BSI
should consider publishing the full details of the problem to put more
pressure on Microsoft. The agency says that the security hole affects
Windows 7 and Windows Vista in both their 32-bit and 64-bit versions, as
well as Windows Server 2008. This vulnerability is different from an
earlier SMB2 issue [2] for which Microsoft published the patch MS09-050
in September.
FSFE's Gerloff explains: "Microsoft's software locks its users in, so
they have to stay even if the company knowingly exposes them to a
security risk like this. With Free Software like GNU/Linux - software
that you can study, share and improve - several independent entities can
fix the problem. Consumers should not support Microsoft's negligent
behaviour by buying its products. Free Software offers an alternative,
and is available from many independent vendors."
Microsoft has not yet responded to the BSI's warning. There is no
indication that the company will manage to fix the gaping hole in its
flagship operating system before the global launch of Windows 7 this
Thursday. The vulnerability remains open even after Microsoft's October
patch day.
The company's security practices have long been a cause for concern. In
just one recent incident [3], Microsoft knew about another vulnerability
in SMB2 since July 2009. While it did fix the problem in the final
version of Windows 7 in early August, it did nothing to repair the same
problem in Windows Vista or Windows Server 2008 until an independent
security researcher went public about the issue. German IT news site
Heise speculates that the issue ended up on a Microsoft-internal list of
low-priority bugs which the company tries to fix silently, in order to
avoid negative publicity.
[1] https://www.cert-bund.de/advisoryshort/CB-K09-0315%20UPDATE%201
[2] http://www.microsoft.com/technet/security/advisory/975497.mspx
[3] http://www.h-online.com/security/news/item/Microsoft-has-known-of-the-SMB2-…
== Translation of the BSI's security advisory: ==
Threat level: "4 high risk" (out of 1-5, with 5 being "very high").
Title: Microsoft Windows SMB2-Protocol: Another vulnerability allows denial
of service (Windows Vista and Windows 7 vulnerable).
Date: 2009-10-06
Software: Microsoft Windows 7, Microsoft Windows 7 x64 Edition, Microsoft
Windows Vista / SP1 / SP2, Microsoft Windows Vista x64 Edition / SP1 / SP2,
Microsoft Windows Server 2008
Platform: Windows
Effect: Denial-of-Service
Remoteexploitable: Yes
Risk: high
Reference: internal research
Description:
Server Message Block (SMB) is a protocol which enables shared access to
printers and files. SMB2 is a new version of this protocol, which was
introduced with Windows Vista and Windows Server 2008, and which is also
available on Windows 7. Current implementations of SMB2 are affected by
this vulnerability. This is a new vulnerability, not the one described
in Microsoft Security Advisory 975497. The listed operating systems can
therefore still be successfully attacked even after installation of the
updates of Microsoft's October patchday (MS09-050).
Currently there is no update or patch available from the vendor. The
only recommended actions are to be aware of and track the vulnerability.
As a workaround it can only be recommended to limit access to SMB2
servers to trusted systems by firewalls, or to disable the SMB2 service.
== About the Free Software Foundation Europe ==
The Free Software Foundation Europe (FSFE) is a non-profit
non-governmental organisation active in many European countries and
involved in many global activities. Access to software determines
participation in a digital society. To secure equal participation in
the information age, as well as freedom of competition, the Free
Software Foundation Europe (FSFE) pursues and is dedicated to the
furthering of Free Software, defined by the freedoms to use, study,
modify and copy. Founded in 2001, creating awareness for these
issues, securing Free Software politically and legally, and giving
people Freedom by supporting development of Free Software are central
issues of the FSFE.
http://fsfe.org
== Contact ==
Karsten Gerloff
President
Free Software Foundation Europe
e-mail: press at fsfeurope.org
mobile: +49-176-96904298
Free Software Foundation Europe (FSFE) Newsletter - September 2009
The Software Freedom Day is one of the main events in the Free Software
community in September, and it is an event we never miss: this year FSFE
celebrated in Leipzig, Vienna and Hamburg with the help of our Fellows.
Thanks to them, the campaign "Ask your candidate about Free Software!" for
the German elections became a great success.
FSFE's president commented on the possible settlement in the Microsoft
"browser case"; we started using Identi.ca as a micro-blogging platform
and we also took on board two new interns. Read on to get to know them!
Giacomo Poderi
1. FSFE to EC: Don't waste an opportunity with a hasty deal
2. The Fellowship interviews: Andreas Tolf Tolfsen
3. The Second Fellowship Jabber meeting, 22 September
4. Celebrating the Software Freedom Day, 19 September
5. FSFE uses Free Software micro-blogging on Identi.ca
6. Welcome to Hugo Roy and Lena Simon: new Berlin interns
IN THE SPOTLIGHT
7. Free Software hits German election campaigns
IT HAPPENED IN THE PAST
8. European Union versus Microsoft: A victory for Free Software
UPCOMING EVENTS
9. Commercial packages: a new way to support FSFE
1. FSFE to EC: Don't waste an opportunity with a hasty deal
Karsten Gerloff, FSFE's president, commented on recent news that European
Commissioner for Antitrust Neelie Kroes, is working to close all the major
cases on her desk before the end of her mandate in November. Two of these
cases concern Microsoft's anti-competitive behaviour in the browser
market, and the company's practice of preventing others from
interoperating with many of its desktop applications. Karsten's article
highlights why Microsoft's offer for a settlement is too weak, lists what
Free Software needs from any settlement, and asks Commissioner Kroes not
to waste the opportunity to establish real competition in the European IT
market with a hasty deal.
http://blogs.fsfe.org/gerloff/?p=263
2. The Fellowship interviews: Andreas Tolf Tolfsen
Andreas Tolf Tolfsen is the Fellow interviewed by Stian Rødven Eide this
September. Andreas is a web technologist, developer and aspiring
musicologist. He works at Opera Software, and regularly fights for
digital freedoms. In the interview, Andreas tells us a lot about HTML5,
Electronic Frontier Norway and music.
http://blogs.fsfe.org/fellowship-interviews/andreas-tolf-tolfsen/
3. The Second Fellowship Jabber meeting, 22 September
On the 22 September, from 19:00 until 20:30 we held a new jabber meeting,
to repeat the positive experience of the one organised during the
Fellowship election. Many Fellows showed up in our virtual room:
conference.jabber.fsfe.org, and asked questions to Matthias Kirschner,
Fellowship coordinator, and Torsten Grote, Fellowship representative at
the GA. The main topics of the meeting were the role of the FSFE's GA
and the procedure to take part in it. Free Software in Education was
also discussed as an interesting topic for the next Fellowship Jabber
meeting. More information about the next meeting will be published soon!
4. Celebrating the Software Freedom Day, 19 September
For five years, the Software Freedom Day (SFD) has been the perfect
chance for 'hacktivists' to gather together in different place around
the world to celebrate Free Software and its principles. More than 500
teams worldwide registered for the event and celebrated on Saturday 19
September SFD 2009. FSFE's local Fellowship groups participated in the
events in Vienna and Leipzig, and we manned a booth at the SFD in
Hamburg.
http://blogs.fsfe.org/mk/?p=354http://blogs.fsfe.org/gollo/2009/09/23/software-freedom-party-in-vienna/http://softwarefreedomday.org/
5. FSFE uses Free Software micro-blogging on Identi.ca
Many key people in our organisation have started using the Free Software
micro-blogging service Identi.ca to share status updates and interesting
links. On Identi.ca it exists now a group "fsfe" which is possible to
subscribe to if you would like to stay informed on our activities.
We also started adopting some common tags such as #fellowship,
#pdfreaders and #dfd which we encourage you to use. Read Matthias
Kirschner's blog post to know more about it:
http://blogs.fsfe.org/mk/?p=327http://identi.ca/group/fsfe
6. Welcome to Hugo Roy and Lena Simon: new Berlin interns
Starting from the 1 September, FSFE took on board two new, young and
motivated interns: Hugo Roy and Lena Simon. Hugo is from France and will
work with us until May 2010, focusing on policy and legal aspects. Lena
is from Germany, and will stay with us for one month to help in the
setting of the new Berlin office. She also provided valuable help during
the campain "Ask your candidate about Free Software!". We are happy to
have them with us and we are sure they will add value to our work.
Welcome Hugo and Lena!
http://blogs.fsfe.org/hugo/http://blogs.fsfe.org/lsimon/
IN THE SPOTLIGHT
7. Free Software hits German election campaigns
Ahead of the German elections 2009, FSFE's German chapter with the help
of many Fellows and volunteers brought the issue of Free Software in the
political debate. The campaign "Ask your candidate about Free Software!"
questioned politicians of different parties about their visions on Free
Software principles, Open Standards and their diffusion. Matthias
Kirschner said: "We want politicians to get in contact with these
topics, and to motivate people from the Free Software community to start
a dialogue with their politicians."
During the political campaign, the questions prepared by the Fellows and
other volunteers were forwarded to representatives of various political
parties. We collected their answers in the Fellowship wiki, ordered and
summarised them. With the help and coordination of Matthias and Lena the
project collected 26 answers (to 35 forwarded questions), and a lot of
media coverage during and after the German elections. FSFE's associate
organisation ANSOL ran a similar campaign in Portugal, where national
elections took place at the same time. We exchanged links and looked to
each other for inspiration.
http://www.fsfe.org/projects/btw09/btw09.html
Relevant Links:
http://www.fsfe.org/news/2009/news-20090921-01.htmlhttp://www.fsfe.org/news/2009/news-20090908-01.htmlhttp://wiki.fsfe.org/Bundestagswahl2009http://ansol.org/politica/legislativas2009
IT HAPPENED IN THE PAST
8. European Union versus Microsoft: A victory for Free Software
In September 2007, the European Union versus Microsoft antitrust case
was finally closed. The European Court of First Instance found Microsoft
guilty of deliberate obstruction of interoperability and upheld the
obligation for Microsoft to share its protocol information. This
information has now been published and is being used by the developers
of Samba and many other projects. FSFE and the Samba team participated in
the case as an interested third party. Our work was crucial in bringing
about such a decisive victory. Today, the judgement in the case serves
as a landmark for the fight against monopolies in the software market.
http://mail.fsfeurope.org/pipermail/press-release/2007q4/000187.html
UPCOMING EVENTS
9. Commercial packages: a new way to support FSFE
In order to make it easier for companies who care about Free
Software to support our work, we have assembled a set of
commercial service offerings services related to Free Software.
They include services such as a Free Software Hotline,
personalized workshops, bi-monthly update calls, annual
networking dinners and more. More information about these packages will
be published soon on our website. Keep an eye on:
http://fsfe.org/news/
You can find a list of all FSFE newsletters on
http://fsfe.org/news/newsletter.html
You can join the Fellowship or find how to support us on
http://fellowship.fsfe.org/joinhttp://fsfe.org/contribute/contribute.html
You can order our merchandise at
http://fsfe.org/order/order.html
Copyright 2009, Free Software Foundation Europe <pr(a)fsfeurope.org>.
Verbatim copying and distribution of this entire article is permitted in
any medium, provided this notice is preserved.
= Microsoft settlement leaves Free Software in the cold =
[Permanent URL: http://www.fsfe.org/news/2009/news-20091008-01.en.html]
8 October 2009, 11:45 am, Berlin, Germany
The European Commission yesterday announced a preliminary agreement
with Microsoft. The deal is supposed to settle an antitrust
investigation about the company's dominant position in the web browser
market. The Commission is also ready to strike a deal on
interoperability. The goal is to allow rival products to work with
Microsoft's applications on the desktop.
FSFE commends Commissioner Neelie Kroes and the European Commission on
their effort to bring more competition to the European software market.
Though clearly negotiated under some time pressure, parts of the
agreement are better than Microsoft's previous proposals.
While FSFE's input as a steadfast defender of software freedom over the
past seven years has helped to bring about some improvements on details
of the browser selection screen, the updated agreement proposed by
Microsoft does not address the legitimate concerns of the Free Software
community.
Karsten Gerloff, FSFE's President, says: "In its current form,
Microsoft's proposal has many loopholes for the convicted monopolist to
slip through. The lack of a monitoring system leaves Free Software
projects out in the cold. There is no clear commitment from Microsoft to
adhere to web standards in the future, nor to end the company's habit of
adding proprietary extensions to standards."
In order to fend off another possible investigation by the European
Commission, Microsoft is also offering a set of promises to let rival
programs work with some of its desktop applications such as Outlook and
Sharepoint. Yet Free Software projects, which are often the strongest
competitors to the company's offerings, will not be able to use the
patent licence proposed by Microsoft.
FSFE's legal counsel Carlo Piana says: "We are disappointed that major
issues for Free Software and other small, innovative players remain
unaddressed. Private enforcement is out of reach for them. This is a
missed opportunity to break new ground in antitrust enforcement."
FSFE will analyse Microsoft's proposed commitment in detail in the
coming weeks and provide feedback to the Commission. Our goal is to help
shape a deal for a sustainable, interoperable and competitive future.
== About the Free Software Foundation Europe ==
The Free Software Foundation Europe (FSFE) is a non-profit
non-governmental organisation active in many European countries and
involved in many global activities. Access to software determines
participation in a digital society. To secure equal participation in
the information age, as well as freedom of competition, the Free
Software Foundation Europe (FSFE) pursues and is dedicated to the
furthering of Free Software, defined by the freedoms to use, study,
modify and copy. Founded in 2001, creating awareness for these
issues, securing Free Software politically and legally, and giving
people Freedom by supporting development of Free Software are central
issues of the FSFE.
http://fsfe.org
== Contact ==
Karsten Gerloff
President
Free Software Foundation Europe
e-mail: press at fsfeurope.org
mobile: +49-176-96904298
= Microsoft antitrust case: FSFE offers analysis to European Commission =
[Permanent URL: http://www.fsfe.org/news/2009/news-20091006-01.en.html]
6 October 2009, 12:15 pm, Berlin, Germany
The European Commission is on the verge of settling two antitrust
cases against Microsoft. The details of this settlement will determine
how much competition there can be in Europe's software market for
years to come.
The Free Software Foundation Europe has analysed the most important
elements that a settlement should contain to allow real competition in
the European software market. It has summarised those key points in a
letter sent to Competition Commissioner Neelie Kroes:
http://www.fsfe.org/projects/browserbundling/letter-20091005.en.html
(The full text of the letter is enclosed below for your convenience.)
Kroes is looking at Microsoft's practice of tying its Internet
Explorer browser to its Windows operating systems, excluding rival
browser makers. She is also trying to persuade Microsoft to release
enough information so that competitors can make their desktop software
work with the company's dominant operating system. This is something
that Microsoft has refused to do in the past.
FSFE believes that a settlement on the browser case needs to put rival
browsers on an equal footing with Microsoft's Internet Explorer by
pre-installing them. Fast-growing browsers need to be included in an
unbiased selection screen.
For desktop applications, FSFE argues that the software monopolist
must release interoperability information in such a way that it can be
used in Free Software. The company must also make a binding commitment
not to enforce its patents against Free Software. That would prevent
Microsoft from using Fear, Uncertainty and Doubt (FUD) to keep rivals
from making use of the information.
(253 words / 1665 characters)
== About the Free Software Foundation Europe ==
The Free Software Foundation Europe (FSFE) is a non-profit
non-governmental organisation active in many European countries and
involved in many global activities. Access to software determines
participation in a digital society. To secure equal participation in
the information age, as well as freedom of competition, the Free
Software Foundation Europe (FSFE) pursues and is dedicated to the
furthering of Free Software, defined by the freedoms to use, study,
modify and copy. Founded in 2001, creating awareness for these
issues, securing Free Software politically and legally, and giving
people Freedom by supporting development of Free Software are
central issues of the FSFE.
http://fsfe.org
== Contact ==
Karsten Gerloff
President
Free Software Foundation Europe
e-mail: press at fsfeurope.org
mobile: +49-176-96904298
== FSFE's letter to Competition Commissioner Neelie Kroes ==
Dear Commissioner Kroes,
regarding the antitrust investigations led by DG COMP against
Microsoft, you have let it be known [1] that you would like to
close a number of open cases very soon. This includes an ongoing
investigation into Microsoft's practice of tying its Internet Explorer
Browser to its Windows operating systems, and a pending complaint
about Microsoft's consistent failure to share interoperability
information for its desktop programs with competitors.
At the Free Software Foundation Europe (FSFE), we have long
followed your Directorate's excellent work in ensuring competition
in Europe. We participated as an interested third party in the
Commission's case against Microsoft about interoperability in the
workgroup server market. Today, FSFE is an interested third party
in the Commission's proceedings against Microsoft based on Opera's
complaint about the company's practice of tying Internet Explorer
to its Windows operating system. We also follow closely any
progress regarding the complaint filed by ECIS on Microsoft's
refusal to share interoperability information for a number of its
desktop applications.
It is our view that DG Competition has done splendid work in all
these cases. We are writing to you today to express our concerns
about the consequences that an insufficiently strong settlement in
those cases would have on the European software market. In our
view, the terms for a settlement which Microsoft offered in July
of this year are not an effective remedy against the company's
dominant position in the European market for desktop software.
We have published an analysis of the most important points for
effective antitrust measures. I would like to draw your attention to
this publication:
FSFE to EC: Don't waste an opportunity with a hasty deal
http://blogs.fsfe.org/gerloff/?p=263
As stated there, our core concerns in the browser case are the
following:
- Both Microsoft and OEMs must be required pre-install competing
browsers on desktop computers, if their manufacturers request it
- The proposed ballot screen should be a native Windows application,
should not give preference to Internet Explorer either implicitly
or explicitly, and must provide an easy way to remove Internet
Explorer from the system. Alternative browsers chosen by the user
must be integrated into Windows to the same degree as Internet
Explorer.
- The selection of browsers on the ballot screen must use clear and
transparent criteria. Market share cannot be the only criterion, as
that would effectively freeze today's market situation in
place. Instead, the *rate of growth in market share* and
availability across different platforms should be key criteria.
While the Commission has not yet issued a statement of objections
regarding Microsoft's failure to share interoperability information
with competitors, a settlement is being sought on this issue as
well. Again, FSFE has analysed Microsoft's proposed interoperability
undertaking, and has found it insufficient to establish competition in
the European market for desktop software.
It is worth noting that in many cases, the strongest competitors with
Microsoft's desktop applications are Free Software. OpenOffice is a
case in point, constituting as it does the most widely used
alternative to Microsoft Office. We therefore consider it essential
that any settlement on interoperability ensures that Free Software can
use the information provided by Microsoft to compete on an equal footing.
Regarding interoperability, our core concerns are:
- Microsoft must be required to provide interoperability information
either royalty-free or in return for a one-time payment. Running
royalties are incompatible with Free Software. The PFIF agreement [2],
which resulted from the Samba case [3], provides a tested and working
instance of such an agreement.
- Microsoft must provide a legally binding assurance that it will not
assert those of its patents which relate to the interoperability
information against Free Software. The lack of such assurance would
let the company use Fear, Uncertainty and Doubt (FUD) to discourage
competitors from making use of the interoperability information,
leaving the remedy ineffective.
In both cases, we consider that an effective settlement is much
preferable to one that is quickly achieved, but lacks the power to
establish competition in the European market for desktop software.
We would like to thank you for considering these points, and hope that
you find our analysis helpful. We of course remain available to
provide further input.
Kind regards,
Karsten Gerloff
President, Free Software Foundation Europe
[1] http://dealbook.blogs.nytimes.com/2009/09/23/antitrust-chief-in-europe-
seeks-to-close-cases/
[2] http://www.protocolfreedom.org/PFIF_agreement.pdf
[3] http://fsfe.org/projects/ms-vs-eu/ms-vs-eu.en.html