2007-11-02 David A. Wheeler
* Roine Gustafsson sent some fixes; EGCS switch was April 1999 (not
1997), and the glibc-vs-libc5 text at ~sopwith has disappeared, but
the Internet Archive (www.archive.org) kept a copy.
* Added:
http://www.networkworld.com/news/2007/110207-survey-open-source-gaining-traction.html
"Survey: Open source gaining traction in US government"
Survey by Federal Open Source Alliance,
a group pushing the use of open-source
software in government. The alliance is made up of Intel,
Hewlett-Packard and Red Hat.
* Added reference to NASA's OSS release page:
http://www.nas.nasa.gov/Resources/Software/Open-Source/opensource.html
2007-11-06 David A. Wheeler
* Added a whole section on U.S. government DEVELOPED OSS/FS.
OSS/FS is a great way to release work so others can use it.
2007-06-25 David A. Wheeler
* A vast number of spelling fixes from Rick Stanley (thanks!)
2007-06-21 David A. Wheeler
* Reference: http://blogs.zdnet.com/security/?p=316
Microsoft admitted that it silently fixes multiple vulnerabilities
in patches without revealing what the other vulnerabilities are.
That means that Microsoft's vulnerability counts, as posted to
the public, are significantly smaller than the real
vulnerability counts. OSS/FS, due to its open nature, often can't
hide problems that way. So an similar count of vulnerabilities
would suggest that Microsoft is actually much worse.
2007-06-19 David A. Wheeler
* Google survey: IIS 2x likely to serve malware than Apache
2007-05-03 David A. Wheeler
* Reference this legal doc:
http://www.llrx.com/features/opensource.htm
2007-05-03 David A. Wheeler
* Added link to embedded survey:
http://linuxdevices.com/articles/AT7065740528.html
2007-04-16 David A. Wheeler
* Added lots of fixups (spelling, etc.)
due to comments from James G. Sack.
* Fixed link for "Why open source projects are not publicised"
by linking to archived version.
* Added link to
http://stephesblog.blogs.com/presentations/BrentWilliamsEclipseConV02.pdf
which makes many intriguing comments.
* FYI, my work was noted in
http://weblog.infoworld.com/openresource/archives/2007/04/the_numbers_beh.html
2007-04-14 David A. Wheeler
* Added a link to http://www.securityspace.com/s_survey/data/man.200703/apachemods.html?mod=UEhQ
thanks to a helpful comment on LinuxToday:
http://www.linuxtoday.com/news_story.php3?ltsn=2002-10-10-011-26-OS-MR-0002
2007-04-11 David A. Wheeler
* Note webserver stats with Go Daddy and lighttpd (vs. Apache).
2007-03-16 David A. Wheeler
* Noted Kenneth van Wyk's article about Linux security:
http://www.esecurityplanet.com/views/article.php/3665801
2007-03-12 David A. Wheeler
* Added quotes from Microsoft's Bill Hilf. These were from
"Cracking Open the Door to Open Source" by Carolyn A. April,
"Redmond" magazine, March 2007, pp. 26-36.
2007-01-20 David A. Wheeler
* Add link to Andy Tanenbaum's article about Ken Brown and ADTI:
http://www.cs.vu.nl/~ast/brown/
2007-01-18 David A. Wheeler
* Add link to http://www.cyber-rights.org/interception/echelon/European_parliament_resolution.htm
The European Parliament approved A5-0264/2001 which calls
"on the Commission and Member States to promote software projects whose source text is made public (open-source software), as this is the only way of guaranteeing that no backdoors are built into programmes [and calls] on the Commission to lay down a standard for the level of security of e-mail software packages, placing those packages whose source code has not been made public in the ‘least reliable’ category" (5 September, 2001; 367 votes for, 159 against and 39 abstentions).
2007-01-17 David A. Wheeler
* Add reference to Forrester report "Open Source Becoming
Mission-Critical In North America And Europe" by Michael Goulde
that says "Firms Should Consider Open Source Options
For Mission-Critical Applications".
2007-01-12 David A. Wheeler
* Added ref to a major new European Commission-sponsored study
http://ec.europa.eu/enterprise/ict/policy/doc/2006-11-20-flossimpact.pdf
"Study on the: Economic impact of open source software
on innovation and the competitiveness of the
Information and Communication Technologies (ICT) sector in the EU",
November 20, 2006. Major new study.
"Our findings show that, in almost all the cases,
a transition toward open source reports of savings
on the long term" etc. LOTS of quantitative studies here.
2007-01-10 David A. Wheeler
* Added reference to CACM Jan. 2007 "Increased Security through
Open Source", "http://portal.acm.org/citation.cfm?id=1188921".
It doesn't say anything new, but it's a prestigious journal
that says it.
* Added reference to mail server market survey:
http://www.oreillynet.com/pub/a/sysadmin/2007/01/05/fingerprinting-mail-servers.html
Sendmail and Postfix and #1 and #2 in the market.
2007-01-09 David A. Wheeler
* Added references to defectivebydesign.org and to
Raymond/Landley's "World Domination 201" into
desktop section.
2007-01-04 David A. Wheeler
* http://blog.washingtonpost.com/securityfix/2007/01/internet_explorer_unsafe_for_2.html
IE vs. Firefox unsafe days in 2006. Eek.
2007-01-03 David A. Wheeler
* http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9006990&intsrc=news_ts_head
Survey - Linux use on mission-critical systems
2006-12-27 David A. Wheeler
* http://lxer.com/module/newswire/view/77291/index.html
Danish cities demand more openness.
* http://blogs.zdnet.com/open-source/?p=837
"The war is over and Linux won" (Server war)
2006-12-20 David A. Wheeler
* Referenced http://www.linux.com/article.pl?sid=06/12/04/1538214
about Evergreen, an open source, enterprise-class library management
developed by the Georgia Public Library Service.
2006-10-05 David A. Wheeler
* Added reference to TCO savings on OSS/FS databases, from
"Open source databases '60 percent cheaper'" article
http://www.itnews.com.au/newsstory.aspx?CIaNID=42505&src=site-marq
2006-10-05 David A. Wheeler
* Firefox use keeps growing. See
http://marketshare.hitslink.com/report.aspx?qprid=3
http://www.techweb.com/wire/security/193104314
2006-09-04 David A. Wheeler
* Added reference to IDC survey, courtesy of:
http://www.linux-watch.com/news/NS8445673704.html
2006-08-04 David A. Wheeler
* Referenced "Trusting Trust" attack; see:
http://www.dwheeler.com/oss_fs_why.html#trusting-trust
"An Air Force evaluation by Karger and Schell first publicly described
this very nasty computer attack, which Ken Thompson ably demonstrated
and described in his classic 1984 paper "Reflections on Trusting
Trust". Thompson showed that because we use software to create other
software, if an attacker subverts the software-creating programs, no
amount of auditing any program can help you - the subverted programs
can hide whatever they want to! This has been called the
"uncounterable attack", and some have said that it's impossible to
secure computers simply because this attack is possible. Some have
even said that all those security audits of OSS/FS are worthless,
because subverted tools could insert attacks the auditors couldn't
see. But it turns out that the trusting trust attack can be countered.
My 2005 paper Countering Trusting Trust through Diverse
Double-Compiling (DDC), published by ACSAC, shows how the
"uncounterable" trusting trust attack can be countered. But there's a
catch: the DDC defense only works if you can get the source code for
your software creation tools, including the operating system,
compiler, and so on. That kind of information is typically only
available for OSS/FS programs! Thus, even in the case of the dangerous
"trusting trust" attack, OSS/FS has a security advantage."
2006-08-01 David A. Wheeler
* Added a note about Symphony OS (innovative user interface).
2006-07-29 David A. Wheeler
* Added quote from Bellovin to history section. OSS was the
norm in many communities before the mid-1970s.
2006-07-10 David A. Wheeler
* Added stats from onestat.com re: Firefox usage, at:
http://www.onestat.com/html/aboutus_pressbox44-mozilla-firefox-has-slightly-increased.html
2006-02-11 David A. Wheeler
* EMA study: http://levanta.com/linuxstudy/index.shtml
2006-02-10 David A. Wheeler
* http://news.yahoo.com/s/cmp/20060210/tc_cmp/179102616
Spyware stats, IE vs. Firefox. University of Washington.
2006-02-07 David A. Wheeler
* Added new reports on security flaw fixing time:
http://blogs.washingtonpost.com/securityfix/2006/02/a_time_to_patch.html
http://www.heinz.cmu.edu/%7Ertelang/disclosure_jan_06.pdf
2006-01-01 David A. Wheeler
* Add http://flosspols.org/deliverables.php
"Deliverable D3: Results and policy paper from survey of
government authorities". Lots of other good stuff
there too.
2005-12-03 David A. Wheeler
* Added reference to http://firstmonday.org/issues/issue10_10/nuvolari/
(another paper on innovation)
2005-11-26 David A. Wheeler
* Added reference to "Why open source projects are not publicised"
by Ingrid Marson, ZDNet UK, November 25, 2005,
http://insight.zdnet.co.uk/software/0,39020463,39238437,00.htm
2005-11-16 David A. Wheeler
* HTML error line 7135. Sorry! Sabastian Niehaus pointed this out;
thanks. Fixed.
2005-11-15 David A. Wheeler
* Paper and presentation - added 2005 supercomputer survey results.
* In presentation, made a number of small changes.
The most pervasive was a general switch from "OSS/FS" to "FLOSS";
it's difficult to pronounce "OSS/FS", but easy to say "FLOSS",
so I'll use FLOSS instead in the presentation.
The paper has used "OSS/FS" pervasively for years, and I see
no big reason to change it there, so I plan to keep using "OSS/FS"
in the complete report. This has a nice side-effect - now the
title of the presentation and the report are different, so people
have a better chance of distinguishing them.
I also improved the fuzz graphic (two columns had the same color and
the numbers for MS are now shown). Various other tweaks, inc.
moving the license declaration to a full slide.
2005-11-15 David A. Wheeler
* Added reference to "Linux continues supercomputer domination"
http://hardware.newsforge.com/article.pl?sid=05/11/15/1443249
2005-11-14 David A. Wheeler
* Updated the Netcraft website market surveys, in both
paper and presentation.
* Posted a new version!
2005-11-13 David A. Wheeler
* Posted a new version!
2005-11-09 David A. Wheeler
* Added reference to "Unix beats Windows" (Murphy):
http://blogs.zdnet.com/Murphy/?p=459
2005-10-16 David A. Wheeler
* The URL of the Netcraft survey archive changed slightly.
Now it's http://survey.netcraft.com/
2005-10-14 David A. Wheeler
* Use http://i.cmpnet.com/infoweek/1057/IWKLinuxOutlook-2005.pdf
Information Week Research conducted a study to measure corporate use
of Linux and Open Source software, pub. Feb 2005.
"Nearly 90% of companies we surveyed anticipate a jump in
server licenses for Linux. No other product comes close to these
expectations - not Windows, Macintosh or Unix." The report predicts
that "Linux server and PC licenses are expected to climb
dramatically over the next two years, due in part to the perceived
need for an alternative to Windows." Lots of stats here.
2005-10-05 David A. Wheeler
* http://www.businessweek.com/technology/content/oct2005/tc20050103_7038_tc_218.htm
has some interesting market figures.
* Added the titles of the OMB and DoD memos that formally
stated neutrality (that is, OSS/FS should be considered
as well as proprietary software when solving a problem).
2005-09-22 David A. Wheeler
* Note Symantec's newest security study. Firefox has more
vulnerabilities than Internet Explorer, UNLESS you count
vulnerabilities Microsoft hasn't fixed, in which case IE has more
vulnerabilities. You've got to be kidding me, this is an argument FOR
IE? I think vulnerability counts are a lousy metric, so it's fine to
complain about that, but DON'T rig the metric like that, that is
rediculous.
* Add reference to (which discusses OSS/FS commercialization):
http://www.investors.com/editorial/IBDArticles.asp?artsec=16&issue=20050921
2005-09-02 David A. Wheeler
* Note Anandtech's benchmarks, Apple vs. GNU/Linux:
http://www.anandtech.com/mac/showdoc.aspx?i=2520
("No more Apple mysteries, part two")
2005-09-01 David A. Wheeler
* Added RFG's August 2005 TCO report, at:
http://www-1.ibm.com/linux/whitepapers/robertFrancesGroupLinuxTCOAnalysis05.pdf
2005-08-28 David A. Wheeler
* Sri Lanka declares "Free and Open Source Software Week" to
begin 5 Sep 2005.
2005-08-14 David A. Wheeler
* Added a reference to:
http://www.softex.br/cgi/cgilua.exe/sys/start.htm?infoid=5565&sid=37
"O Impacto do Software Livre e de Código Aberto na Indústria
de Software do Brasil", which talks about the impact of OSS/FS
on the Brazilian Software Industry.
2005-08-07 David A. Wheeler
* Finally got around to updating the OpenSSH marketshare data.
Their September 2004 survey shows them dominating the SSH market,
with 87.9% share. What's possibly more important is the trend
line; there's no evidence that OpenSSH is being eliminated by
proprietary products at all.
2005-08-05 David A. Wheeler
* Newer Coverity study of Linux kernel defect rate (August 2005;
it complements their earlier studies). InformationWeek article:
http://informationweek.com/story/showArticle.jhtml?articleID=167100724
2005-08-02 David A. Wheeler
* Added more security vulnerability statistics:
- More recent summaries as of August 2005 suggest
Internet Explorer is still
more dangerous than the OSS/FS Firefox. David Hammond's
Internet Explorer is dangerous examined the Secunia reports on
Internet Explorer, Firefox, and Opera, as of August 4, 2005.
Firefox did far better than IE, both historically and currently.
- Statistics by Scanit's Browser Security Test group
found that 98% of time in 2004 Internet Explorer was vulnerable
to dangerous known remote attacks,
compared to 17% for Opera and 15% for Mozilla/Firefox.
http://bcheck.scanit.be/bcheck/page.php?name=STATS2004
* Added link to:
http://www.internetnews.com/security/article.php/3374931
I'd earlier noted DHS's warnings, but this link helps
explain the context.
2005-07-28 David A. Wheeler
* Added reference to Multics paper at:
http://www.multicians.org/fjcc1.html
"It is expected that the Multics system will be published when it is
operating substantially and will therefore be available for
implementation on any equipment with suitable characteristics. Such
publication is desirable for two reasons: First, the system should
withstand public scrutiny and criticism volunteered by interested
readers; second, in an age of increasing complexity, it is an
obligation to present and future system designers to make the inner
operating system as lucid as possible so as to reveal the basic
system issues...
The system will evolve under the influence of the users and their
activities for a long time and in directions which are hard to
predict at this time... It is
expected that most of the system additions will come from the users
themselves and the system will eventually become the repository of
the procedure and data knowledge of the community."
2005-07-24 David A. Wheeler
* Added reference to Calculating the True Price of Software
by Robert Lefkowitz
http://www.onlamp.com/pub/a/onlamp/2005/07/21/software_pricing.html
2005-07-18 David A. Wheeler
* Added reference to Tom Adelstein's "Linux in Government:
Outside the US, People Get it"
http://www.linuxjournal.com/article/8449
2005-07-15 David A. Wheeler
* Noted Microsoft's increasing development of OSS/FS; see:
http://news.zdnet.com/2100-3513_22-5384769.html
2005-07-09 David A. Wheeler
* Fixed dropped web page.
Page http://www.robval.com/linux/desktop/index.html
is not directly available; replaced with
http://web.archive.org/web/20011201023315/www.robval.com/linux/desktop/index.html
2005-07-07 David A. Wheeler
* Noted fundable.org and
http://business.newsforge.com/business/05/07/07/1330241.shtml
This is making money by proposing a project, and getting enough
people to join together dollars to do it.
2005-06-28 David A. Wheeler
* Noted comments by Norwegian Minister of Modernization
Morten Andreas Meyer, who said that "Proprietary formats will no
longer be acceptable in communication between citizens and
government." Details at:
http://www.andwest.com/blojsom/blog/tatle/agenda/2005/06/27/Norwegian_Minister_Proprietary_Standards_No_Longer_Acceptable_in_Communication_with_Government.html
2005-06-22 David A. Wheeler
* Noted that 60% of all supercomputers run GNU/Linux, including
the world's fastest, as of March 2005.
* Noted that 80% of the top ten supercomputers run GNU/Linux;
an LWN article noted that.
* Noted that the Internet Archive (world's biggest library
counting by text) uses GNU/Linux.
2005-06-21 David A. Wheeler
* I recommend FLOSS - it's easier to say, and it avoids the
problem that "Free" is often misunderstood as "no cost".
2005-06-20 David A. Wheeler
* Added a link to "Free/Open Source Software Localization" (Primer)
from the UNDP's Asia-Pacific Development Information Programme:
http://www.apdip.net/news/localization-primer
2005-06-16 David A. Wheeler
* Noted that KEPA and OneWorld Finland maintain the site that
posts "Free as in Education...", and not the Finnish ministry;
the Finnish ministry commissioned the _report_ I referenced not
the entire _website_.
My thanks to Niklas Vainio for correcting me.
2005-05-10 David A. Wheeler
* Added more text about bounty systems. They seem to be
becoming more common. Many aren't paying a LOT, but they seem
to be increasing and including more money, so the trend is up.
Very interesting. Is this what OSS/FS commercialization looks like?
You pay for support, and pay for new features, and get to use
it for free if you need neither? That certainly makes sense
economically; you only need pay when there is effort expended!
2005-05-09 David A. Wheeler
* Released to public.
2005-05-09 David A. Wheeler
* Noted the big BECTA report to come out:
http://www.tes.co.uk/2094985
http://www.egovmonitor.com/node/695
http://news.zdnet.co.uk/software/linuxunix/0,39020390,39196487,00.htm
http://www.schoolforge.org.uk/index.php/Becta_14/4/05
http://management.silicon.com/government/0,39024677,39129956,00.htm
2005-05-08 David A. Wheeler
* Added reference to Janco survey of Firefox market share at:
http://www.e-janco.com/browser.htm
2005-05-06 David A. Wheeler
* Added reference to the Linux in China's biggest bank:
http://www.internetnews.com/ent-news/article.php/3501561
2005-05-03 David A. Wheeler
* Added reference to the Australian Government Information
Management Office's release (in 2005) of
"A Guide to Open Source Software for Australian Government Agencies"
http://www.sourceit.gov.au/__data/assets/pdf_file/42065/A_Guide_to_Open_Source_Software.pdf
"A Guide to Open Source Software for Australian Government Agencies".
2005-04-29 David A. Wheeler
* Spanish translation moved, so changed its link.
* Released a new version!
2005-04-26 David A. Wheeler
* Noted:
http://www.itworldcanada.com/Pages/Docbase/ViewArticle.aspx?id=idgml-8f87ddb3-bfe0-4b69&s=90323
IDC's "Western European End-User Survey: 2005 Spending Priorities, Outsourcing, Open Source, and Impact of Compliance"
which notes that flexibility was a key interest of European
companies.
2005-04-25 David A. Wheeler
* Added reference to "beyond software" reference:
http://www.demos.co.uk/WideOpen_pdf_media_public.aspx
2005-04-23 David A. Wheeler
* Released a new version!
2005-04-23 David A. Wheeler
* Added reference to BusinessWeek article re: Didio:
http://www.businessweek.com/the_thread/techbeat/archives/2005/04/the_truth_about_1.html
and also Groklaw's article:
http://www.groklaw.net/article.php?story=20050419175709648
* Fixed PHP acronym.
* Noted Nielson/NetRatings info on Mozilla Firefox.
* Changed MandrakeSoftware to Mandriva (company name change)
2005-04-13 David A. Wheeler
* Added reference to BZ Research survey of 6,344
software development managers - they think Linux is more secure:
http://lwn.net/Articles/131788/
* Added reference to http://www.fcw.com/article88470-04-04-05-Print
regarding innovation.
2005-04-07 David A. Wheeler
* Added info on UK's Open Source Academy.
2005-04-07 David A. Wheeler
* Added references to GOCC and CORE in the
Governments /U.S. section.
* Noted more about enforcing OSS/FS licenses. They're not
hard to comply with, but you still need to do so.
2005-04-05 David A. Wheeler
* Added more text about another discouraged action on licenses --
license proliferation. See:
http://www.dwheeler.com/oss_fs_why.html#license-proliferation
* Under innovation, added a Reuters story noting that OSS/FS
has greatly reduced the costs of creating innovative new products
by orders of magnitude. As a result, many more innovative
products are getting to market.. because there are far more
funding vehicles available for these smaller amounts of money.
The products are cheaper to the customers (since they cost
less to develop), too, resulting in a more likely uptake.
* Added more links to some of my other articles, at the bottom.
People who like this article might like other things I've written,
too, so I may as well tell them what they are!
2005-04-02 David A. Wheeler
* Released new version!
2005-04-02 David A. Wheeler
* Added a graphic showing Firefox and IE marketshare
* Added a graphic showing data from Fuzz tests, and improved the
text explaining the tests.
2005-03-28 David A. Wheeler
* Added reference to happy customers of Microsoft's WiX,
one of its OSS/FS projects:
http://www.onlamp.com/pub/a/onlamp/2005/03/24/shared_source.html
* Added a reference to the 2002
http://www.aei.brookings.org/publications/abstract.php?pid=296
Brookings Institute's "Government Policy toward Open Source Software"
(a collection of essays about government and OSS/FS).
It's not the be-all of such discussions, but it's often
mentioned, so I thought I'd reference it too.
* Added even more Firefox marketplace stats, based on
http://www.informationweek.com/story/showArticle.jhtml?articleID=159908603&tid=5979
The biggest shock:
"PC news site Ars Technica reported that Firefox had become
the No. 1 browser among its readers with 40% market share.
Internet Explorer, which stood at 38% last September,
has dropped to 30% today." See:
http://arstechnica.com/news.ars/post/20050327-4738.html
2005-03-27 David A. Wheeler
* Added reference to book on OSS/FS licensing,
Understanding Open Source and Free Software Licensing
by Andrew M. St. Laurent.
* Expanded the introduction about governments, giving some of
the reasons some governments like/prefer OSS/FS.
` Added references to NSAKEY and the purported threats
by Microsoft to remove a Danish company as examples.
* Noted that it was John Koenig who wrote
"Seven open source business strategies for competitive advantage"
http://management.itmanagersjournal.com/management/04/05/10/2052216.shtml?tid=85
2005-03-22 David A. Wheeler
* Referenced article from Australia's "The Age" about standards
and Firefox:
http://www.theage.com.au/articles/2005/03/21/1111253920087.html?oneclick=true
* Added LOTS of Firefox stats, some pointed to by
the MozillaZine articles at:
http://www.mozillazine.org/talkback.html?article=6145
http://www.mozillazine.org/talkback.html?article=6263
These include WebSideStory's
http://www.websidestory.com/services-solutions/datainsights/spotlight.html
and OneStat:
http://www.onestat.com/html/aboutus_pressbox36.html
and Information Week/Net Applications:
http://www.informationweek.com/
and thecounter.com:
http://www.thecounter.com/stats/
and XitiMonitor:
http://www.xitimonitor.com/etudes/equipement4.asp
http://translate.google.com/translate?u=http%3A//www.xitimonitor.com/etudes/equipement4.asp&langpair=fr%7Cen&prev=/language_tools
http://standblog.org/blog/2005/03/15/93114061-firefox-usage-in-europe-during-week-ends
Also added an update from W3Schools:
http://www.w3schools.com/browsers/browsers_stats.asp
* Using the European home user stats, I calculated and
reported a summary of the XitiMonitor stats for
Europe as a whole. The result - 13.3% of European home users
were using Firefox on this date in March 2005!
How do can get such a figure?
Well, we can use these major European countries as representatives of
Europe as a whole; they're certainly representative of western
Europe, since they're the most populous countries.
Presuming that the vast majority of Sunday users are home users is
quite reasonable for Europe.
We can then make the reasonable presumption that the number of
web browser users is proportional to the general
population.
Then we just need to get the countries' populations; I used the
CIA World Fact Book
updated to 2005-02-10.
These countries' populations (in millions) are, in the same order as above,
82, 60, 60, 40, and 58;
calculating
(21.4%*82 + 12.2%*60 + 10.9%*60 + 9%*40 + 8.6%*58) / (82+60+60+40+58)
yields 13.3%.
Germany 82,424,609
France 60,424,213
U.K. 60,270,708
Spain 40,280,780
Italy 58,057,477
2005-03-21 David A. Wheeler
* Added reference to a U.S. GPL case,
Drew Technologies, Inc. v. Society of Automotive Engineers, Inc.,
Civil Action No. 03-CV-74535 DT, U.S. District Court,
Eastern District of Michigan. See:
http://www.groklaw.net/article.php?story=20050225223848129
This isn't a simple "GPL completely validated by the courts"
case, but it's an occurance of the GPL in a court case.
Certainly, there's no evidence that the court was interested
in throwing out the GPL.
* Added reference to "Symantec Internet Security Threat Report",
Volume VII, March 21, 2005 (today!):
http://enterprisesecurity.symantec.com/content.cfm?articleid=1539
2005-03-16 David A. Wheeler
* Added reference to Lessig's "Code and Other Laws of Cyberspace"
at its update Wiki site:
http://codebook.jot.com/Book
* Add text about Visual Basic for .NET, aka Visual Fred:
http://www.dwheeler.com/oss_fs_why.html#visual_basic
which shows that a proprietary vendor may choose to abandon
support for even a common, widely-used product, and even after
there's a public outcry.
* Noted the advantage of being able to internationalize, and
referenced http://www.adityanag.org/articles/ooo_interview.htm,
in the government section.
2005-03-09 David A. Wheeler
* Added a note that the United States'
Federal Enterprise Architecture
http://www.whitehouse.gov/omb/egov/a-1-fea.html
includes the Technical Reference Model (TRM),
and TRM version 1.1 (August 2003) includes both Linux and Apache.
* Added info on an unintentional reliability study done by
Heinz Trober. See:
http://news.zdnet.co.uk/software/linuxunix/0,39020390,39190950,00.htm
* Noted http://www.fsf.org/jobs
* Clarified that "GPL" stands for the "GNU General Public License".
There are other "General Public Licenses" out there, but
everyone means the GNU license unless otherwise stated.
That way, I can just say "GPL" and appeal to the definition
at the top of the paper, which clarifies that it's the GNU version.
2005-03-06 David A. Wheeler
* Released!
* Few small tweaks.
2005-03-01 David A. Wheeler
* Modified the introduction section to create subsections in it
(it was getting too long to read without some breaking up).
Added to the intro some evidence that this paper's worth
reading (e.g., reference by California).
Moved forward text about transition.
* Noted Freedom to Tinker, highlighted "commons-based peer production"
(via http://www.benkler.org/CoasesPenguin.html), as part of
a new section on the "bigger picture".
2005-02-28 David A. Wheeler
* Added reference to Black Duck presentation at http://www.osdllinuxsummit.org/presentations/tut3(Final)_Copenhaver_Reviewing%20Use%20of%20OSS%20in%20the%20Enterprise.pdf
2005-02-23 David A. Wheeler
* Noted Novell/SUSE met CAPP/EAL4+, according to Government
Computer News.
* Added reference to http://www.benkler.org/CoasesPenguin.html
"Coase's Penguin, or Linux and the Nature of the Firm"
by Yochai Benkler
* Added a quote from Craig Mundie, who in a moment of honesty
admitted that for many years Microsoft had been much more
interested in functionality than security.
Hopefully this is changing, but I believe it'll take years to
really address that.
2005-02-22 David A. Wheeler
* Added reference to Bruce Perens'
The Emerging Economic Paradigm of Open Source
http://perens.com/Articles/Economic.html
* Added reference to some common starting places,
such as the OpenCD, Gnoppix, Knoppix.
* Tweaked the text about self-sponsored "studies".
Noted a wonderful Steve Taylor phrase from
the song "Meat the Press" -- it's a phrase I always
think of when I think about that text. It is:
"They can state the facts while telling a lie."
* Changed any "Open Office" to "OpenOffice.org".
The latter is the official name, due to trademark issues.
2005-02-21 David A. Wheeler
* Released another edition!
* Noted that more EULA issues are discussed in:
http://eff.org/wp/eula.php
2005-02-17 David A. Wheeler
* Added reference to this hotplug discussion with Roman Kagan
and Greg KH:
http://article.gmane.org/gmane.linux.hotplug.devel/7070
http://article.gmane.org/gmane.linux.hotplug.devel/7039
I added this to the innovation section; it's a wonderful
example of how the insight of a "new" person can really
help simplify a system. In this case, a great deal
of complexity will be eliminated by simply re-looking
at the problem in a different way.
2005-02-10 David A. Wheeler
* Added a reference to
"On the security of open source software"
by Christian Payne of Murdoch University (Perth, Australia).
from Information Systems Journal, Vol.12,
Issue 1, February 2002. This is a peer-reviewed paper,
and includes results from a quantitative scoring technique.
The paper itself is available for a fee from
http://www.blackwell-synergy.com/links/doi/10.1046/j.1365-2575.2002.00118.x/abs/
* Added a link to a variant of the Communications of the ACM paper,
so people can easily download and view it.
2005-02-08 David A. Wheeler
* Added more hypertext links from the top of Appendix A into
the various subsections of Appendix A.
* Clarified the text at the bottom describing release conditions,
so that people will know that I _do_ take comments, gladly.
2005-02-08 David A. Wheeler
* Added link to BusinessWeek opinion piece about SCO's attacks
making Linux stronger by Stuart Cohen -
http://www.businessweek.com/technology/content/feb2005/tc2005027_4780.htm
* Made a few more editorial fixes - thanks again to Bill Fell,
who pointed them out.
* Posted results
2005-02-07 David A. Wheeler
* Add reference to Evans Data survey Feb 2005 on databases:
http://oetrends.com/news.php?action=view_record&idnum=392
* Made a number of editorial fixes. My thanks to Bill Fell
who was kind enough to tell me about several editorial problems.
* Posted results
2005-01-26 David A. Wheeler
* Added this link to my info on the rising commercialization of OSS/FS,
http://www.dwheeler.com/oss_fs_why.html#commercialization
This is the same place as #wont-destroy-industry and
#starving-programmers, but I thought this might make
the info easier to find.
* Referenced French police switching to OpenOffice.org;
they expect to save $2M Euros.
* The Ministry of Defence in Singapore has installed OpenOffice.org
on 5,000 PCs as of November 2004, and is planning to deploy
it on a further 15,000 within the next 18 months after that.
2005-01-22 David A. Wheeler
* Referenced major BusinessWeek article:
http://www.businessweek.com/magazine/content/05_05/b3918001_mz001.htm
2005-01-21 David A. Wheeler
* Add links in gov't section to IOSN, http://www.iosn.net
2005-01-17 David A. Wheeler
* Referenced http://www.theregister.co.uk/2005/01/07/gov_open_source_dynamic/
on governments and OSS/FS. It lists many governments who
stated policy of a preference for OSS/FS.
2005-01-15 David A. Wheeler
* Released new version
* In the section on governments, noted various documents
for governments who choose to use OSS/FS,
including the short article by Adelstein:
http://www.linuxjournal.com/article/8037
and the European IDA's migration guidelines:
http://europa.eu.int/idabc/en/document/2623#migration
2005-01-14 David A. Wheeler
* http://www.mass.gov/itd/legal/ninewaysprotectriskopensource.htm
has info from Massachusetts on OSS/FS legal issues. Conclusion:
"Use of either open source or proprietary software poses
some legal risk to states. States face fewer risks in
connection with the use of open source software compared
to their private sector counterparts, and the risks that
they do face can be managed."
2005-01-11 David A. Wheeler
* In #tco-misleading-rent explained that software isn't normally
owned by its users, and thus the term "total cost of ownership"
is misleading. A proprietary software user, in particular,
doesn't have the normal rights of ownership: they can't view
for understanding, modify, or redistribute. An OSS/FS user
isn't an owner either, but their rights are more similar to
an owner's. Included a link to the trusted computing FAQ by
Ross Anderson: http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html
That's because trusted computing is all about removing rights
of ownership from computer users, and transferring control to
vendors. See the text for details.
2005-01-05 David A. Wheeler
* Noted http://www.businessweek.com/magazine/toc/05_02/B39150502manager.htm
where Torvalds is named one of the best managers of the year.
* Noted http://www.computerworld.com.au/index.php/id;101366230;fp;16;fpid;0
Chicago Mercantile Exchange example.
2005-01-01 David A. Wheeler
* Referenced Committee for Economic Development, which mentions
OSS/FS relationship to innovation. See
http://www.ced.org/docs/report/report_dcc.pdf or
http://lwn.net/Articles/73678/
2004-12-30 David A. Wheeler
* Added reference to
http://searchvb.techtarget.com/originalContent/0,289142,sid8_gci1036918,00.html
2004-12-20 David A. Wheeler
* Added a section on the relationship of standards and OSS/FS.
OSS/FS can sometimes be considered an "executable standard" --
you can use it (so it's useful as it is), AND you can
also see EXACTLY how it works (helping to counter the problem of
ambiguity that occurs in far too many standards).
See http://www.dwheeler.com/oss_fs_why.html#standards
2004-12-16 David A. Wheeler
* Gave examples under support of some companies that provide
commercial support for OSS/FS; including MozSource, AdaCore,
MySQL AB, various Linux distributions, etc.
Noted the lists of consultants for Debian and OpenBSD.
I can't list everyone; the point is just that this is an option.
* Added information on bounty/sponsor systems and software ransoms at
http://www.dwheeler.com/oss_fs_why.html#wont-destroy-industry
2004-12-14 David A. Wheeler
* Added reference to Coverity study:
http://news.com.com/Security+research+suggests+Linux+has+fewer+flaws/2100-1002_3-5489804.html
* Noted Cybersource update to their TCO study
* Noted the humorous article "Total Cost of 0wnership" (note the zero)
* Added reference to "Wisdom of the Crowds" book.
* Note switching costs issues; this drives most companies to start
using OSS/FS on new deployments instead of existing ones to
start with, since then there's no switching cost to pay.
2004-11-17 David A. Wheeler
* http://news.com.com/Firefox+fortune+hunters/2100-1032_3-5455173.html
Yet another OSS/FS business opportunity, and note that
salaries of core contributors are 5-15% higher.
2004-11-09 David A. Wheeler
* Added reference to Koders.com, and an interview about it.
I put it in the innovation section - it's much easier
to innovate by being able to reuse all that pre-existing code
for the "other stuff" -- all you have to implement is the new
idea, not the piles of "other" stuff.
* Reference IBM's Blue Gene/L supercomputer, see
http://www.cbronline.com/article_news.asp?guid=A6E54915-E012-4B62-B7AE-382A4F670154
2004-11-07 David A. Wheeler
* Another release
2004-11-05 David A. Wheeler
* Added reference to http://opensource.mit.edu/papers/maccormackrusnakbaldwin.pdf
"Exploring the Structure of Complex Software Designs:
An Empirical Study of Open Source and Proprietary Code".
Very interesting article!
2004-11-03 David A. Wheeler
* Release "Look at the Numbers!" paper.
2004-11-02 David A. Wheeler
* Major rewrite of innovation section. I had a lot of material,
and it needed reordering. Dropped the Sweetcode.org site reference;
it hasn't been updated in a long time.
* Modified
http://www.dwheeler.com/oss_fs_why.html#ossfs-is-compatible-with-capitalism
to add the quote by Linus Torvalds, who specifically looked up
U.S. copyright law and found that the US Code _specifically_
notes exchange of copyrighted material as an EXPECTED potential
gain between parties. So the basic idea of OSS/FS is actually
specifically noted in the US Code itself.
* Added lots of links to subsections from the front of the
paper. That will make it easier to jump to specific sections.
2004-11-02 David A. Wheeler
* Noted that it's sometimes illegal to independently
criticize proprietary products, due to
UCITA in some places, and legal ambiguity in many cases.
Included a few links, such as to Ed Foster's examples at
http://www.infoworld.com/articles/op/xml/00/01/24/000124opfoster.html
and Microsoft's .NET clause at
http://weblog.infoworld.com/foster/2004/10/30.html
Added a link to AFFECT at: http://www.ucita.com/
* Added more references to the vast amount of material available
from the Interchange of Data Between Administrations (IDA),
including news, case studies, etc. This is especially of interest
to European readers, but I'm sure it'll be interesting to others too.
* Added more references to Firefox's significantly growing
market share (and shrinking IE market share).
* Mentioned mi2g's November 2004 report, but it's really hard
to interpret what it means to individuals... so I explain
WHY it's hard to interpret, and put it AFTER the main list
of quantitative figures. They don't take malware into account
in their main numbers - an absurdity. They don't take into
account market share, or whether or not a system is up-to-date
on its patches. What you REALLY want to know is the probability
that YOUR system will be broken into, given a particular OS,
and that info doesn't seem to be available. At least not
publicly. I also reference some reports about mi2g that
call them into question, such as
http://www.theregister.co.uk/2002/11/21/why_is_mi2g_so_unpopular/
and
http://www.attrition.org/errata/charlatan/mi2g-history.html
and
http://vmyths.com/resource.cfm?id=64&page=1
* Added a reference to James Boyle's
"Give me liberty and give me death?",
a response article that is better than the article it responds to
(my thanks to Groklaw, who pointed this article out on Nov 2, 2004).
This response article notes something rather extraordinary:
"IBM now earns more from what it calls 'Linux-related revenues'
than it does from traditional patent licensing,
and IBM is the largest patent holder in the world."
http://news.ft.com/cms/s/78d9812a-2386-11d9-aee5-00000e2511c8.html#U101244209021g4
I added this to the section "Is OSS/FS economically viable?",
"http://www.dwheeler.com/oss_fs_why.html#ossfs-economically-viable".
2004-10-30 David A. Wheeler
* Added a number of references to OSS/FS innovation research at MIT
by von Hippel and others (such as Lakhani); there's an interview
at http://www.cio.com/archive/101500/something.html
This research is very interesting, and I added a lot of
references. von Hippel has studied innovation, and in particular
user influence on innovation, for decades; he brings an
incredibly interesting perspective to his study of OSS/FS.
* Added reference to MIT's website, which has an impressive
collection of OSS/FS papers (I need to somehow read all of them!),
at http://opensource.mit.edu/
2004-10-28 David A. Wheeler
* Completely reorganized government section; it now has
subsections for U.S., Europe, and other, and I pulled
information from various sections. Hopefully it'll be
easier to follow now. As part of this,
added reference to OMB policy for U.S.
* Added Nicholas Petreley's security analysis.
* Added reference to TCO study at
http://www.researchandmarkets.com/info/about.asp
* Added references to UK policy and report at
http://www.ogc.gov.uk/index.asp?docid=2190
2004-10-11 David A. Wheeler
* Added reference to
http://www.linuxjournal.com//article.php?sid=7788
2004-09-29 David A. Wheeler
* Added reference to Communications of the ACM, October 2004.
* Released version.
2004-09-25 David A. Wheeler
* Added more information about security evaluations performed
or being performed for OSS/FS, esp. Common Criteria and FIPS 140,
in the security section. Novell SuSE, Red Hat, MandrakeSoft,
Trusted Computer Solutions' Secure Linux, and OpenSSL
(2 different projects!).
* Added reference to CSC's new report
"Open Source: Open for Business" at:
http://www.csc.com/features/2004/uploads/LEF_OPENSOURCE.pdf
2004-09-19 David A. Wheeler
* Added information about Debian's tests
(desert island, dissident, tentacles of evil)
to the appendix defining OSS/FS.
2004-09-19 David A. Wheeler
* Released version to the world!
2004-09-19 David A. Wheeler
* Added link to
http://www.theregister.co.uk/2004/09/09/ms_capgemini_newham_report
2004-09-15 David A. Wheeler
* Noted substantial rise in Gecko-based browsers:
links to http://www.w3schools.com/browsers/browsers_stats.asp,
http://calacanis.weblogsinc.com/entry/5574794258282236/
* Added to section on OSS/FS innovation a link to:
http://www.businesswire.com/cgi-bin/f_headline.cgi?bw.091404/242585281
where The Economist awards Linus Torvalds an award for
innovation in computing for the development of the Linux kernel.
2004-08-17 David A. Wheeler
i * Noted - http://story.news.yahoo.com/news?tmpl=story&cid=1093&e=6&u=/pcworld/20040824/tc_pcworld/117531
Another example of an innovation (a virus throttler) that
could NOT be deployed on a proprietary system, but
worked well on OSS/FS.
2004-08-17 David A. Wheeler
* Add links to http://www.eweek.com/article2/0,,1637079,00.asp
and http://www.vnunet.com/analysis/1157431
Proprietary vendors NEVER sit on vulnerabilities? Hmpf.
2004-08-09 David A. Wheeler
* Added reference to state of California report at:
http://www.report.cpr.ca.gov/cprrpt/issrec/stops/it/so10.htm
* Fixed URLs to the MITRE reports.
2004-07-28 David A. Wheeler
* Evans: http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20040728005158&newsLang=en
* Linked to http://www.members.optushome.com.au/brendanscott/papers/oslfossitdeficit040728.pdf (closed source operating system costs Australia $430M/year)
2004-07-26 David A. Wheeler
* Added note of Welsh support, see
http://www.theregister.co.uk/2004/07/22/mewngofnodi/
2004-07-23 David A. Wheeler
* Added a much longer discussion about the increasing
commercialization of OSS/FS development. E.G., noted
Andrew Morton's notes - nearly all Linux kernel changes are
now submitted by people paid to develop those changes by
commercial companies. I had a few links on the topic,
but I've added a few more. There are still volunteer projects,
and volunteers still contribute to the "big" projects
like the Linux kernel, but this trend has been growing
slowly for years and I think many have missed it.
* A German court confirmed today (23 July 2004) its preliminary
ruling that the GPL is valid, so I added that to the docs.
URLs: http://www.jbb.de/html/?page=news&id=32
http://www.heise.de/newsticker/meldung/49377
I didn't referece http://www.jbb.de/urteil_lg_muenchen_gpl.pdf
directly, but it can be found easily enough.
They're all in German, but since those are the originals
(and are important as originals) I just referenced them as-is.
2004-07-20 David A. Wheeler
* Added reference to http://gcn.com/vol1_no1/daily-updates/26641-1.html
and increased discussion on corporatization of OSS/FS.
2004-07-13 David A. Wheeler
* Added lots of text about the latest IE problems,
a Mozilla problem that was actually a Windows problem,
and now 4 more extremely critical IE vulnerabilities.
2004-07-07 David A. Wheeler
* Released another edition of Why OSS/FS.
2004-07-04 David A. Wheeler
* For independence day, added references to the paper
"Linux Adoption in the Public Sector"
* Added info on the major Microsoft Internet Explorer vulnerability -
it's been undergoing some really nasty exploitation as of
mid June 2004, and Microsoft only released a "fix" on July 2, 2004;
but Microsoft had NINE MONTHS to fix it, and didn't.
OSS customers can patch their systems, but a proprietary
customer doesn't have that option. A proprietary vendor that
ignores such a nasty vulnerability for that long is performing a
nearly criminal act; they're at least aiding criminals.
That's especially crazy because Microsoft has said they've been
working hard on security since 2002; I think that's probably true,
but this is SURE a scary lapse.
CERT recommends switching as one of the options for IE users,
since Microsoft decided to fail to fix it for so long.
* Added reference to Indian presidential announcement at
http://news.com.com/Indian+president+calls+for+open+source+in+defense/2100-7344_3-5259836.html
2004-06-23 David A. Wheeler
* Fixed typos, per very helpful comments from Ian McIntosh.
2004-06-17 David A. Wheeler
* Added link to http://www.cospa-project.org/
* Added link on Munich.
2004-06-11 David A. Wheeler
* Added "Recent attacks on Linux come from dubious source"
by Lee Gomes of The Associated Press;
http://www.mlive.com/newsflash/business/index.ssf?/newsflash/get_story.ssf?/cgi-free/getstory_ssf.cgi?f0023_BC_WSJ--Portals&&news&newsflash-financial
2004-06-11 David A. Wheeler
* Released!
* Fixed link to GIMP ancient history.
2004-06-08 David A. Wheeler
* Major new Release.
2004-06-07 David A. Wheeler
* Added note about XFree86 vs. X.org to fork section
(so that I have a "license fork" example).
* Noted SuSE and Red Hat got Common Criteria evaluations.
* Noted that 91% of broadband users have spyware.
* Noted Sandvine's study: 80% of spam sent from infected Windows.
2004-06-07 David A. Wheeler
* Updated Netcraft and Security Space surveys of web servers.
* Added reference to latest Netcraft survey of the most reliable
hosting providers (May 2004), available at:
http://news.netcraft.com/archives/2004/06/02/most_reliable_hosting_providers_during_may.html
2004-06-04 David A. Wheeler
* Added reference to DNS survey, http://pliant.cx/pliant/protocol/dns/
2004-05-24 David A. Wheeler
* Added "OSS/FS isn't just pirated source code", and
mention Tanenbaum, SCO.
2004-05-16 David A. Wheeler
* Incorporated a number of very helpful improvements from
Jerry Fass and Lloyd Kremer.
My thanks to him for keeping me straight!
* I had other helpful comments from others, and didn't keep
track of all the people who sent me suggestions. My apologies
for not adding your names to these mentions, and my
sincere thanks for your comments.
* Added a reference to IBM study showing that Linux is reliable:
http://www-106.ibm.com/developerworks/linux/library/l-rel
* Added note about de Toqueville re: communities; see
http://www.groklaw.net/article.php?story=20040517002423242#c136112
* Added reference to business models discussed in
http://management.itmanagersjournal.com/management/04/05/10/2052216.shtml?tid=85
* Added reference to "Thunder" (fastest computer in N. America);
it runs on Linux. See
http://www.linuxworld.com/story/44799.htm
2004-03-12 David A. Wheeler
* Typo. 5 employees, not 50, were required for a license audit
as described in http://www.itworld.com/Man/2685/lw-12-vcontrol_2/
An alert reader noted that (thanks!). I'm glad I give links,
not just copies of data, so that people can check the
data for themselves.
2004-02-11 David A. Wheeler
* Add link to http://www.businesswire.com/cgi-bin/f_headline.cgi?bw.020904/240405311
2004-01-13 David A. Wheeler
* Add link to http://news.com.com/2100-7344-5139511.html
* Add link to Allchin's "un-American" comments via O'Reilly:
http://www.oreillynet.com/manila/tim/stories/storyReader$167
2004-01-12 David A. Wheeler
* Add reference to http://firstmonday.org/issues/issue9_1/bonaccorsi
* Add reference to Paul Dravis'
http://www.infodev.org/symp2003/publications/OpenSourceSoftware.pdf
2004-01-07 David A. Wheeler
* Made a minor change in the wording of
"Is OSS/FS a 'destroyer of intellectual property'?" based on
a suggestion by Thomas Frayne.
2004-01-05 David A. Wheeler
* Noted that "protective" is a synonym for "copylefting", referencing
the legal article in Groklaw by Mark Webbink
(Red Hat's general counsel).
2004-01-02 David A. Wheeler
* Add link to http://69.56.255.194/?article=13350
"The IT industry is shifting away from Microsoft"
by Charlie Demerjian (The Inquirer, Sunday 28 December 2003, 11:31)
(an interesting opinion piece)
2003-12-31 David A. Wheeler
* RELEASED.
* Added reference to Israeli government moves; see
http://www.informationweek.com/story/showArticle.jhtml?articleID=17100349
2003-12-15 David A. Wheeler
* Added new Reasoning study.
* Added reference to the
Interchange of Data between Administrations (IDA) programme.
This is managed by the European Commission, with a
mission to "coordinate the establishment of
Trans-European telematic networks between administrations."
IDA has developed "The IDA Open Source Migration Guidelines"
to describe how to migrate from proprietary programs
to OSS/FS programs. URL is:
http://europa.eu.int/ISPO/ida/jsps/index.jsp?fuseAction=showDocument&parent=news&documentID=1647
This is probably one of the better documents for governments
who decide they want to do this transition.
2003-11-22 David A. Wheeler
* Noted the name of Microsoft's "Services for Unix"; I had
previously noted Interix, but Microsoft has relabelled things
so that "Interix" is now a technology that's PART of the
product "Services for Unix". Since people tend to hear
product names (not technology names) I felt I needed to add
and emphasize it. The issue is still the same: Microsoft is
saying the GPL is an evil virus & will destroy the IT industry,
all while quietly selling GPL'd code.
2003-10-20 David A. Wheeler
* Reference Solaris x86 vs. Linux in performance measures
* Mention top five state government websites:
http://www.centerdigitalgov.com/center/highlightstory.phtml?docid=71844
http://www.opensector.org/1065104758
2003-09-11 David A. Wheeler
* Referenced http://comment.cio.com/soundoff/091103.html
and the MS study it comments on.
* Referenced Bloor study: GNU/Linux is enterprise-ready.
2003-09-10 David A. Wheeler
* Referenced Bloor report
http://www.bloor-research.com/press.php?id=56
2003-09-08 David A. Wheeler
* Added a link to the French translation (hooray!)
* Added a link to my new paper on evaluating OSS/FS and the
GRAM list.
* Reorganized: placed desktop discussion into its own section.
This causes a lot of text to APPEAR to be a change, while it's
really just a move. I did, however, rewrite part of the
desktop intro to make it fit in its new location.
* Added a link to paper analyzing interoperability of office suites.
* Added link to Ernie Ball's more recent experience.
2003-07-14 David A. Wheeler
* Added another reference about Munich's switch to Linux,
an excellent article in USA Today.
* Added useful caveat on Challet's paper (at Challet's request).
2003-07-10 David A. Wheeler
* Fixed link to securityportal paper.
* I wish people would think of "removing important papers
from the web" as the moral equivalent of burning every
copy of a book: unacceptable to posterity.
2003-06-06 David A. Wheeler
* Added http://arxiv.org/abs/cond-mat/0306511
"Closed source versus open source in a model of software bug dynamics"
Authors: Damien Challet, Yann Le Du
2003-06-06 David A. Wheeler
* Noted Munich's move.
2003-05-01 David A. Wheeler
* Added reference to Tony Stanco's talk.
* Added reference to Dravis Group.
2003-04-14 David A. Wheeler
* Added new sections discussing OSS/FS management and forking.
2003-03-27 David A. Wheeler
* Clarified website uptime study - the measure is number of hours down
in a given month. I had to fuss over the German in the original
study to make that determination.
My thanks to Taylor Lewick Taylor.Lewick, at, us.fortis.com
for asking and raising the issue.
The key phrase from that study is the German label,
"Durchschnittliche Ausfalldauer in Std. pro Servertyp". This
translates to "Average down-time in hr. per type of server".
(Note, this isn't my study - see their study for more details).
Thanks to Altavista's Babelfish for explaining this phrase.
Thus, I understand the numbers to be the number of _hours_ down
in a given month, not a percentage.
My phrasing here is poor, and my apologies;
"average down-time in an hour" should have read
"average down-time (in hours)" or some such.
It's almost certainly not "minutes in an hour".
It's true that other figures above it are measured in minutes,
but they're quite clearly labelled that way. In the tables
I refer to, Microsoft's figure in November is 14.28.
If that were minutes in an hour, that would mean the systems
were down 24% of the time. That would make headlines, and
be replaced in a hurry. And I see no evidence that it's
a percentage - there are no percentage signs. Thus, I'll
take the table's heading at its word - the unit measure is hours.
It's not hard to see how such numbers show up.
If there's any kind of glitch, a simple
reboot will take at least a few minutes, and if the problem is
more serious it can take some time to fix. Even if one organization
doesn't have any downtime, another organization can have an extensive
amount and move the average up. What's interesting is that this
was true over several months, which makes the study more useful.
Many IIS servers were getting periodically rebooted; see my
textual comments about that.
2003-03-11 David A. Wheeler
* Fixed internal URL link for the appendix.
2003-03-03 David A. Wheeler
* Changed all URLs for Eric Raymond's papers; my URLs were
originally to www.tuxedo.org, and now they point to Eric's
new web site "http://www.catb.org/~esr".
Basically, everyone should change "tuxedo.org" to "catb.org".
The website "tuxedo.org" now just redirects people
to random other OSS/FS sites, and that's a real problem for
people trying to find actual content!!
When websites move, they usually leave a forwarding address,
but due to unethical behavior by an ISP (and not due to any
action by Eric Raymond) this didn't happen.
According to Penuicon news, Feb 23, 2003
(http://penguicon.sourceforge.net/news.shtml):
"Guest of Honor Eric Raymond's webpages moved. The old
tuxedo.org domain was Eric's personal domain for years, but
it turns out it was registered in his ISP's name, rather
than in Eric's. During the dot-com crash a lot of ISP's
intellectual property changed hands, and it turns out Eric's
domain wound up in the hands of a slimeball who wanted to
leverage Eric's reputation to launch a completely unrelated
"consulting business". (And we all know how much help ICANN is
in this kind of domain dispute. Question #1, what commercial
interests are at stake here, or more simply "who's going to
try to make the most money off the domain?" Right...)
So Eric eventually disentangled himself from this mess by
getting a new domain, "catb.org", which is registered in his
name from the beginning. All the old links will work again if
you just substitute "catb.org" for "tuxedo.org". The old tuxedo
domain will likely eventually re-emerge as some kind of money
making entity. (Spamhaus, perhaps?) Tell your friends to change
their links, maybe Google will catch back up eventually. (You'd
think it would notice the tuxedo.org pages have been gone for
a few weeks, and expire them from its cache, but no...)"
Moral of the story: If you maintain a website, make sure that
YOU (and _NOT_ the ISP) own the name. I made sure that I
owned the name when I got dwheeler.com, and I'm glad I did -
I've already changed my website host once. The notion that ISPs
would own the domain names of their customers is rediculous, but
clearly that's how things currently work. Perhaps someone
should instruct policymakers about competition, and why it's good
to devise policies to encourage (instead of prevent) competition.
* Add reference to Swedish report at
http://www.statskontoret.se/pdf/200308eng.pdf
2003-02-26 David A. Wheeler
* Added reference to Garner analysis of server market - see
http://news.com.com/2100-1001-985769.html
* Updated my picture.
2003-02-25 David A. Wheeler
* Added reference to "2003 And Beyond", a lengthy but interesting
article by Andrew Grygus.
2003-02-21 David A. Wheeler
* Fixed links to syscontrol (moved to Internet archive)
2003-02-21 David A. Wheeler
* Added reference to DISA COE acceptance.
* Improved discussion on Reasoning's results.
2003-02-14 David A. Wheeler
* Added references to Common Criteria efforts for GNU/Linux:
Oracle, IBM, GWU.
2003-02-13 David A. Wheeler
* Added Internet2 Land Speed record.
* Added Reasoning's analysis of Linux kernel TCP/IP implementation
defect rate.
* Added note: Revenue from sales of GNU/Linux-based server systems
increased 90% in the fourth quarter of 2002 compared to the fourth
quarter of 2001.
This 90% increase compared sharply with the 5% increase of
server market revenue overall.
This data was determined by Gartner Dataquest, and
reported in C|Net.
* Added note: even Microsoft's Bill Gates now admits that
developers are creating innovative capabilities on OSS/FS
products.
2003-01-21 David A. Wheeler
* Noted HP got $2B in annual sales.
2003-01-20 David A. Wheeler
* Added noted that South Africa's government is changing to a
"use only OSS/FS" policy, noted on Slashdot quoting BusinessDay
(referencing CIO Mojalefa Moseki).
2003-01-17 David A. Wheeler
* Expanded the discusion of the Linex work, esp. how some foreign
governments view OSS/FS as a way to combat domination by
Microsoft of their local companies. It's certainly a viewpoint
held by many, so it was worth mentioning.
2003-01-15 David A. Wheeler
* Noted Microsoft's release of code to some governments, see
http://www.bloomberg.com/fgcgi.cgi?T=marketsquote99_relnews.ht&
s=APiS8NBWeTWljcm9z
* Added references to documents on how to develop OSS software,
esp. two HOWTOs on the subject.
* Added reference to "Free for All" book.
* Referenced Denmark study: OSS/FS found $500M cheaper.
* Microsoft TCO study claims discussed.
* Added list of security experts, inc. Whitfield Diffie, who
have identified security advantages of OSS/FS.
2002-12-05 David A. Wheeler
* Created a ChangeLog file.
* Noted new Evans Data survey of developers on by October 2002.
59% of developers expect to write Linux applications in the next
year. See http://www.businesswire.com/cgi-bin/f_headline.cgi?
bw.112602/223300066
* SecurityTracker report found that Microsoft has more vulnerabilities
than anyone else. See
http://securitytracker.com/learn/securitytracker-stats-2002.pdf
* Made a large number of minor textual improvements based on
voluminous helpful editorial suggestions by Jerry Fass, including
those to shorten it.
E.G., "a single"->one, "portion"->"part". "of course"->""
"make the switch"->"switch".
Thanks!!
* Clarified that "freeware" isn't OSS/FS; since freeware usually means
closed source, the OSS/FS processes for improvement and
evaluation by a large community don't work. That's an especially
important point for U.S. DoD users, where there are official policies
restricting the use of freeware (which make sense, because there's
no way to support it).
* Noted Linux is a trademark of Linus Torvalds