#define failure opportunity

classic Classic list List threaded Threaded
28 messages Options
12
Reply | Threaded
Open this post in threaded view
|

#define failure opportunity

Theo de Raadt
This is why OpenBSD/OpenSSH does not need to hire a spin doctor.

Other people do it for us ;)

http://www.ssh.com/company/newsroom/article/684/

And... thanks to those of you who supported us when they were
threatening to sue us years ago..

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

tony sarendal
On 28/11/05, Theo de Raadt <[hidden email]> wrote:
> This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
>
> Other people do it for us ;)
>
> http://www.ssh.com/company/newsroom/article/684/
>

---
The improved compatibility features will be beneficial for enterprises
that are in the process of migrating their OpenSSH environments to SSH
Tectia...

"The large installed base of the OpenSSH code on Linux and Unix
servers today is a major opportunity for SSH,"
---

Wow, I think I'll keep my money and let them hump that dead dog in peace ?

--
Tony Sarendal - [hidden email]
IP/Unix
       -= The scorpion replied,
               "I couldn't help it, it's my nature" =-

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Josh Grosse
In reply to this post by Theo de Raadt
On Mon, Nov 28, 2005 at 03:04:45PM -0700, Theo de Raadt wrote:
> This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
>
> Other people do it for us ;)
>
> http://www.ssh.com/company/newsroom/article/684/
>
> And... thanks to those of you who supported us when they were
> threatening to sue us years ago..
>
There's a little negative spin in that press release:

   "...However, OpenSSH deviates from the standards in its SCP (Secure Copy Protocol) implementation.
   SSH Tectia Client and Server now incorporate a compatibility mode for OpenSSH SCP, which still uses
   the old Secure Shell version 1 (SSH1)...."

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Chris Kuethe
On 28/11/05, Josh Grosse <[hidden email]> wrote:

> On Mon, Nov 28, 2005 at 03:04:45PM -0700, Theo de Raadt wrote:
> > This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
> >
> > Other people do it for us ;)
> >
> > http://www.ssh.com/company/newsroom/article/684/
> >
> > And... thanks to those of you who supported us when they were
> > threatening to sue us years ago..
> >
> There's a little negative spin in that press release:
>
>    "...However, OpenSSH deviates from the standards in its SCP (Secure Copy Protocol) implementation.
>    SSH Tectia Client and Server now incorporate a compatibility mode for OpenSSH SCP, which still uses
>    the old Secure Shell version 1 (SSH1)...."

$vendor is smoking something very funky... Trace below says OpenSSH
uses protocol 2 just fine.

# scp -v root@wifi-gw:groklease .
Executing: program /usr/bin/ssh host wifi-gw, user root, command scp
-v -f groklease
OpenSSH_4.2, OpenSSL 0.9.7g 11 Apr 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to wifi-gw [129.128.5.133] port 22.
debug1: Connection established.
debug1: identity file /home/ckuethe/.ssh/identity type 0
debug1: identity file /home/ckuethe/.ssh/id_rsa type 1
debug1: identity file /home/ckuethe/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2
debug1: match: OpenSSH_4.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'wifi-gw' is known and matches the RSA host key.
debug1: Found key in /home/ckuethe/.ssh/known_hosts:247
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /home/ckuethe/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 149
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending command: scp -v -f groklease
Sending file modes: C0755 2031 groklease
Sink: C0755 2031 groklease
groklease                                                            
                                                                     
                                                     100% 2031    
2.0KB/s   00:00
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.3 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0

--
GDB has a 'break' feature; why doesn't it have 'fix' too?

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

P. Pruett
In reply to this post by Theo de Raadt
omg  what a load of ****,

to funny,  any coporation stupid enough to fall for that story
by ssh to buy Tectia ssh and not use openssh deserves to be
taken for $$$$ plus the security issues they will get.
- article referenced-
http://www.ssh.com/company/newsroom/article/684/

smarter companies will have the advantage in the long run
to dumb corps who follow the marketing advice...

some get the software they deserve....

others get the software they support.

Qv6
Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Qv6
In reply to this post by Theo de Raadt
On Monday 28 November 2005 04:04 pm, Theo de Raadt wrote:
> This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
>
> Other people do it for us ;)
>
> http://www.ssh.com/company/newsroom/article/684/
>
> And... thanks to those of you who supported us when they were
> threatening to sue us years ago..


Intersting news.

I once worked for a major Telecom firm that used a commercial
implementation of ssh. I was curious and I asked one of the other
techies why pay for ssh when openssh is available. "Because we can go
to the company for support" was his answer.

I couldn't help but wonder what type of issues people encounter while
using openssh. Aside from the usuall software bugs, has there really
been any major problems with openssh that the community has not fixed
promptly?

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Christian Weisgerber
In reply to this post by Chris Kuethe
Chris Kuethe <[hidden email]> wrote:

> >    "...However, OpenSSH deviates from the standards in its SCP (Secure
> Copy Protocol) implementation.
> >    SSH Tectia Client and Server now incorporate a compatibility mode
> for OpenSSH SCP, which still uses
> >    the old Secure Shell version 1 (SSH1)...."
>
> $vendor is smoking something very funky... Trace below says OpenSSH
> uses protocol 2 just fine.

That caused me to raise an eyebrow as well, but I think they refer
to the protocol of scp(1) itself, not the SSH1/2 protocol of the
underlying SSH session.  The phrasing certainly is confusing.

--
Christian "naddy" Weisgerber                          [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

pete wright-2
In reply to this post by Qv6
On 11/28/05, Qv6 <[hidden email]> wrote:

> On Monday 28 November 2005 04:04 pm, Theo de Raadt wrote:
> > This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
> >
> > Other people do it for us ;)
> >
> > http://www.ssh.com/company/newsroom/article/684/
> >
> > And... thanks to those of you who supported us when they were
> > threatening to sue us years ago..
>
>
> Intersting news.
>
> I once worked for a major Telecom firm that used a commercial
> implementation of ssh. I was curious and I asked one of the other
> techies why pay for ssh when openssh is available. "Because we can go
> to the company for support" was his answer.
>
> I couldn't help but wonder what type of issues people encounter while
> using openssh. Aside from the usuall software bugs, has there really
> been any major problems with openssh that the community has not fixed
> promptly?
>
>
Not that I don't think openssh is superior for the fact that it *is*
open software, I bet that the company in question needs software
support lisc. for legal issues.  If the software goes tit's up and
costs the company N dollar's it is easier to get that money from a
commercial entity whom you have a contract with (or more likely get
money via a insurance broker of some sort).  At least that's the best
I've been able to see through that line of reasoning :^)

-p


--
~~o0OO0o~~
Pete Wright
www.nycbug.org
NYC's *BSD User Group

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Matthew Weigel
In reply to this post by Christian Weisgerber
Christian Weisgerber wrote:

> That caused me to raise an eyebrow as well, but I think they refer
> to the protocol of scp(1) itself, not the SSH1/2 protocol of the
> underlying SSH session.  The phrasing certainly is confusing.

I think you mean "misleading." :-)
--
  Matthew Weigel

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Lars Hansson
On Mon, 28 Nov 2005 21:43:34 -0600
Matthew Weigel <[hidden email]> wrote:

> Christian Weisgerber wrote:
>
> > That caused me to raise an eyebrow as well, but I think they refer
> > to the protocol of scp(1) itself, not the SSH1/2 protocol of the
> > underlying SSH session.  The phrasing certainly is confusing.
>
> I think you mean "misleading." :-)

I think you both mean "marketing speak"

---
Lars Hansson

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Dennis Davis-2
In reply to this post by Theo de Raadt
>From: Qv6 <[hidden email]>
>To: [hidden email]
>Subject: Re: #define failure opportunity
>Date: Mon, 28 Nov 2005 18:35:24 -0600

...

>Intersting news.
>
>I once worked for a major Telecom firm that used a commercial      
>implementation of ssh. I was curious and I asked one of the other  
>techies why pay for ssh when openssh is available. "Because we can
>go to the company for support" was his answer.                    
>
>I couldn't help but wonder what type of issues people encounter
>while using openssh. Aside from the usuall software bugs, has there
>really been any major problems with openssh that the community has
>not fixed promptly?

I'm reminded of the following quote I saved -- can't remember where
I found it:


Open source code is not guaranteed nor does it come with a warranty.
         -- the Alexis de Tocqueville Institute
I guess that's in contrast to proprietary software, which comes with
a money-back guarantee, and free on-site repairs if any bugs are
found.
         -- Rary


I certainly couldn't provide the services I currently support
without a *lot* of open source software running on OpenBSD.  Well,
not without it costing a great deal of money.

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

beck-7
In reply to this post by Theo de Raadt
* Theo de Raadt <[hidden email]> [2005-11-28 15:38]:
> This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
>
> Other people do it for us ;)
>
> http://www.ssh.com/company/newsroom/article/684/

    Heck, I wanna meet the person who wrote that. It's brilliant spin.
It's just deliciously evil, and designed so perfectly to maipulate
those with deficient weasel-dar.

   "Ford would like to announce the new compatibility mode for the
Pinto so that it doesn't explode. Other implentations deviated from
the standard in that they did not allow for exploding, we only do this to
ease the transition for customers migrating from other non-exploding
cars to the Pinto. The huge installed base of non-explosive cars out
there is a huge oppotunity for our new non-explosive Pinto."
 
    Whoever wrote it I'm sure has a promising career waiting for them
in Washington D.C. I really am seriously impressed with it.

        -Bob

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Han Boetes
In reply to this post by Dennis Davis-2
The people who they are addressing are bussiness, and they think
in terms of gaining money and loosing money.

Open Source Software is a concept they will not understand easily
since they don't have a concept of interacting with people without
a gain or loss perspective.

It is very important that we educate people about what the choice
of open source software means.

In their terms: You have to invest more _time_ into learning how
to use a more complex and better tool. And also to help it improve
by providing feed-back.

And it's the job of the ssh-salesmen to convince people that they
have to invest more money into an easier to use tool. That's the
main attraction of their concept: ease of use.



# Han

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Spruell, Darren-Perot
In reply to this post by Theo de Raadt
From: Han Boetes [mailto:[hidden email]]

> The people who they are addressing are bussiness, and they think
> in terms of gaining money and loosing money.
>
> Open Source Software is a concept they will not understand easily
> since they don't have a concept of interacting with people without
> a gain or loss perspective.
>
> It is very important that we educate people about what the choice
> of open source software means.
>
> In their terms: You have to invest more _time_ into learning how
> to use a more complex and better tool. And also to help it improve
> by providing feed-back.
>
> And it's the job of the ssh-salesmen to convince people that they
> have to invest more money into an easier to use tool. That's the
> main attraction of their concept: ease of use.

And here I've just not found OpenSSH to ever be difficult to use.

Maybe we can say it's SSH Corp's salemen's job to sell snake oil and back it
with FUD, the typical process for swaying people away from OSS to commercial
software.

DS

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

tony sarendal
In reply to this post by Han Boetes
> It is very important that we educate people about what the choice
> of open source software means.
>

From a business perspective I don't see this being very important =)
If the competition is willing to give me an edge on them, be my guests.

/Tony

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Spruell, Darren-Perot
In reply to this post by Theo de Raadt
From: pete wright [mailto:[hidden email]]
> Not that I don't think openssh is superior for the fact that it *is*
> open software, I bet that the company in question needs software
> support lisc. for legal issues.  If the software goes tit's up and
> costs the company N dollar's it is easier to get that money from a
> commercial entity whom you have a contract with (or more likely get
> money via a insurance broker of some sort).  At least that's the best
> I've been able to see through that line of reasoning :^)

Holds true until you realize that the box their software came in has a big
orange sticker on it notifying you that they aren't liable for any of that
stuff you would expect to be able to get money out of them from. Like I
said, snake oil. Don't believe for a moment that vendors don't take every
possible precaution to indemnify themselves from having to be responsible
for problems you experience as a result of using their software.

DS

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Will H. Backman
In reply to this post by Theo de Raadt
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]] On Behalf
Of

> Spruell, Darren-Perot
> Sent: Tuesday, November 29, 2005 2:57 PM
> To: '[hidden email]'
> Subject: Re: #define failure opportunity
>
> From: pete wright [mailto:[hidden email]]
> > Not that I don't think openssh is superior for the fact that it *is*
> > open software, I bet that the company in question needs software
> > support lisc. for legal issues.  If the software goes tit's up and
> > costs the company N dollar's it is easier to get that money from a
> > commercial entity whom you have a contract with (or more likely get
> > money via a insurance broker of some sort).  At least that's the
best
> > I've been able to see through that line of reasoning :^)
>
> Holds true until you realize that the box their software came in has a
big
> orange sticker on it notifying you that they aren't liable for any of
that
> stuff you would expect to be able to get money out of them from. Like
I
> said, snake oil. Don't believe for a moment that vendors don't take
every
> possible precaution to indemnify themselves from having to be
responsible
> for problems you experience as a result of using their software.
>
> DS

Software is like wine and lawyers.  If it costs more, it must be better.
;)

Qv6
Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Qv6
In reply to this post by pete wright-2
On Monday 28 November 2005 08:10 pm, pete wright wrote:

> On 11/28/05, Qv6 <[hidden email]> wrote:
> > On Monday 28 November 2005 04:04 pm, Theo de Raadt wrote:
> > > This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
> > >
> > > Other people do it for us ;)
> > >
> > > http://www.ssh.com/company/newsroom/article/684/
> > >
> > > And... thanks to those of you who supported us when they were
> > > threatening to sue us years ago..
> >
> > Intersting news.
> >
> > I once worked for a major Telecom firm that used a commercial
> > implementation of ssh. I was curious and I asked one of the other
> > techies why pay for ssh when openssh is available. "Because we can
> > go to the company for support" was his answer.
> >
> > I couldn't help but wonder what type of issues people encounter
> > while using openssh. Aside from the usuall software bugs, has there
> > really been any major problems with openssh that the community has
> > not fixed promptly?
>
> Not that I don't think openssh is superior for the fact that it *is*
> open software, I bet that the company in question needs software
> support lisc. for legal issues.  If the software goes tit's up and
> costs the company N dollar's it is easier to get that money from a
> commercial entity whom you have a contract with (or more likely get
> money via a insurance broker of some sort).  At least that's the best
> I've been able to see through that line of reasoning :^)
>
 
Seriously! How many companies have actually received money from, say,
Microsoft for an os or app software that crashes repeatedly, or gets
hit by a major virus attack?  You never get your money back. You just
get support based on your support contract.

Has any company ever approached the openssh dev team and offered to buy
a support contract from them? Did they refuse?  

Come to think of it, why doesn't the openssh team sell support contracts
to companies that want it? Or maybe they already do.

Take a look at Mysql. It started as the work of a couple of guys. Now it
is a major enterprise and lots of companies use their product. Openssh
comes bundled with every Open Source OS, and some companies ship it
with their products, too. So the install base is fairly broad, and I
think a separate business can grow around that.

Just my $0.02

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Gustavo Rios
I dont think a separated business growing around that would be a good
ideia? I don't really think so. I am not saying this happened to other
projects like FreeBSD, but i switched from FreeBSD to OpenBSD exactly
because much of what i saw the first time i started with FreeBSD i
could not see since that's  time i switched to OpenBSD. Many of my
feeling on FreeBSD has been lost since so far. OpenBSD folks, i my
point of view, take the right road. I believe they have a strong
conviction on the values i don't bargain that.

I see very positively, behavior like the one that decided to remove
ahc driver support. Of course it is not all good, but i pay the price.
I like openbsd just because the project "its" view of the surround
environment/world is not the common (to not say another world) view
shared by many alternatives around, including garbage like Linux.

OpenBSD may not be perfect, and in this sense, i label it the less
imperfect OS for my needs of confidence and peace of mind. I would
really love to use it for everything my needs could be. I cannot use
it in a multitera byte storage server nor in a 64 processor sparc box,
but i do love it. There many thing i believe it could get a
better support, real SMP (HIGH performance) kernel, and File System
for instance.

Anyhow, as i have already stated, i go for OpenBSD.


2005/11/29, Qv6 <[hidden email]>:

> On Monday 28 November 2005 08:10 pm, pete wright wrote:
> > On 11/28/05, Qv6 <[hidden email]> wrote:
> > > On Monday 28 November 2005 04:04 pm, Theo de Raadt wrote:
> > > > This is why OpenBSD/OpenSSH does not need to hire a spin doctor.
> > > >
> > > > Other people do it for us ;)
> > > >
> > > > http://www.ssh.com/company/newsroom/article/684/
> > > >
> > > > And... thanks to those of you who supported us when they were
> > > > threatening to sue us years ago..
> > >
> > > Intersting news.
> > >
> > > I once worked for a major Telecom firm that used a commercial
> > > implementation of ssh. I was curious and I asked one of the other
> > > techies why pay for ssh when openssh is available. "Because we can
> > > go to the company for support" was his answer.
> > >
> > > I couldn't help but wonder what type of issues people encounter
> > > while using openssh. Aside from the usuall software bugs, has there
> > > really been any major problems with openssh that the community has
> > > not fixed promptly?
> >
> > Not that I don't think openssh is superior for the fact that it *is*
> > open software, I bet that the company in question needs software
> > support lisc. for legal issues.  If the software goes tit's up and
> > costs the company N dollar's it is easier to get that money from a
> > commercial entity whom you have a contract with (or more likely get
> > money via a insurance broker of some sort).  At least that's the best
> > I've been able to see through that line of reasoning :^)
> >
>
> Seriously! How many companies have actually received money from, say,
> Microsoft for an os or app software that crashes repeatedly, or gets
> hit by a major virus attack?  You never get your money back. You just
> get support based on your support contract.
>
> Has any company ever approached the openssh dev team and offered to buy
> a support contract from them? Did they refuse?
>
> Come to think of it, why doesn't the openssh team sell support contracts
> to companies that want it? Or maybe they already do.
>
> Take a look at Mysql. It started as the work of a couple of guys. Now it
> is a major enterprise and lots of companies use their product. Openssh
> comes bundled with every Open Source OS, and some companies ship it
> with their products, too. So the install base is fairly broad, and I
> think a separate business can grow around that.
>
> Just my $0.02

Reply | Threaded
Open this post in threaded view
|

Re: #define failure opportunity

Jacob Yocom-Piatt
In reply to this post by Theo de Raadt
---- Original message ----

>Date: Tue, 29 Nov 2005 19:56:33 +0100
>From: Han Boetes <[hidden email]>  
>Subject: Re: #define failure opportunity  
>To: [hidden email]
>
>The people who they are addressing are bussiness, and they think
>in terms of gaining money and loosing money.
>
>Open Source Software is a concept they will not understand easily
>since they don't have a concept of interacting with people without
>a gain or loss perspective.
>
>It is very important that we educate people about what the choice
>of open source software means.
>
>In their terms: You have to invest more _time_ into learning how
>to use a more complex and better tool. And also to help it improve
>by providing feed-back.
>
>And it's the job of the ssh-salesmen to convince people that they
>have to invest more money into an easier to use tool. That's the
>main attraction of their concept: ease of use.

i asked my friend, a corporate accountant, about why large corporations don't
prefer to use open source software. he didn't even address the ease of use
issue, but he said that large organizations aren't interested in open source
software because it's difficult to audit "custom" systems for tax and financial
statement reasons. he mostly works with publicly traded companies, and it just
couldn't be a legal scam unless the money was sufficiently spread around, eh?

i wish you could audit the crap that comes out the mouth of a lying CEO and
include that as a big red number on the balance sheet.

cheers,
jake

12