Hello,
> (this may, as a matter of fact, include those who used to consider
> themselves part of the Opensuse community, me included) do not seem to fancy
> this legal minefield. In your deal, for example, the acknowledgement that
> patent exchanges are justified, only give credence to prospective
> allegations and demands. Also confer:
The original post talks about Novell withdrawing support from Mono.
Not about the general public withdrawing support for Mono. My
corrections were precisely along those lines, Novell has not
discontinued any support of Mono.
So you are barking at the wrong tree. But since we are in that tree,
yes, it is unfortunate that the Novell/Microsoft has made some people
uncomfortable.
> We have accumulated several more articles that speak of the risks over at
> BoycottNovell.com. There is a Mono tag to isolate relevant posts. I don't
> say this to anger you (in fact, notice that fact that I used to link to your
> blog /before/ the deal), but I wish to make you guys aware of how the
> 'community' perceives Mono. To me, as well as to many others whose blogs I
> read, Novell and Mono have become a 'grey/black area'.
I have seen those articles, and I have replied to Seth's FUD article in
my blog in the past.
The debate over patents is like debating those that do not believe in
global warming. It is easy to point out problems or cast a doubt in
any arguments or quote a reputable source to turn common sense into a
disputed discussion. The global warmer deniers will quote their
selective opinions, you will quote your selective opinions.
But it is particularly telling that you are the co-editor of
"BoycottNovell" and that you claim that you have more anti-Mono
literature there, it lets me properly weight your comments. It is like
debating global warming with the PR agent for Exxon Mobil.
>> No point replying to the rest of the nonsense.
>
> Your attitude here is somewhat inappropriate, in my humble opinion.
Well, I proved emphatically that the guy made claims that were easily
proven as false.
I also happen to have written the equivalent validation code for Mono a
couple of years ago, so I know very well that the checks for cross site
scripting have existed in the core of the framework since version 1.0
(ie, way before the "insecure" login controls that he referred to
existed).
You are right in that a fact-based attitude probably is inappropriate
for an advocacy forum, where half-truths, half-facts, rumors, fear,
uncertainty and doubt are used to promote one's product, ideology or
team over another one.
Sacré bleu! What was I thinking! Posting facts! I broke the
fundamental rule of Usenet advocacy groups.
> Experience and facts on the surface suggest that many attempts to mimic
> behaviour and technologies from Microsoft led to weaknesses. Look no further
> than last Friday when WMF led to a vulnerability in OpenOffice. Will the
> inclusion of C#/Mono in OpenOffice for macros, for instance, come with an
> added 'bonus' such as compatibility for Office viruses? I will continue to
> obtain from using this branch (you strictly insist it's not a "fork") of OOo
> that comes from Novell---a company that is evidently in bed with a convicted
> monopolist.
Ah, so your argumentation over Mono's technical nature will be based in
"guilt-by-association", at least in Mexico we are taught a logic class
in high school where we study fallacies and fallacious constructions.
The above paragraph is not only a jewel because of all the bad
associations and conclusions it reaches, but has the intellectual
integrity that would make Michelle Malkin proud.
But addressing your particular issues: Mono's support for OpenOffice is
to script UNO from the *outside* (activating and driving OpenOffice as
a "host", very much like we drive Mozilla's Gecko engine or any other
API) it is not exposed or enabled as something that is used to
transport rogue code in a file.
Am not sure if you are technically capable of distinguishing what the
above means, so I will translate in advocacy terms for you: "Mono is
not included for office macros".
Does that mean that Mono is secure? No, it does not mean that, Mono
like every other piece of complex software has its share of security
problems waiting to be found, and I am not fool enough to make any
claims along those lines.
But what it does mean, is that your understanding of how Mono and
OpenOffice are integrated is almost NULL, and drawing conclusions on
NULL, as every C programmer will tell you leads to segmentation faults.
Regarding the OpenOffice "fork", you might want to find out what
patches your Linux distribution is shipping for OpenOffice. Changes
are that 99% of them come from the repository I pointed to in my blog,
which happens to be Novell's set of patches to OpenOffice. Not
surprising, since we are the ones driving the external contributions to
OpenOffice and are the major external contributors to it.
Parroting miss information about the Novell "fork" of OpenOffice is
probably more fun and makes for more enjoyable gossip while washing
clothes in the laundromat but it is not the most constructive thing to
do, is not helping anyone, is not creating new software, and it will
only lower the level of discourse to a string of accusations.
You could try asking Simon Phipps, Michael Bemmer or Kay Ramme (all at
Sun, the later two heads of OpenOffice) what their opinion is about
Novell's patches and contributions, dont take my word, talk to them.
Simon has a public blog, go ask.
Miguel.
|
|
