Yesterday Register Hardware reported that a company called BT was offering a bundle that combined an Eee PC running Linux with a copy of Microsoft Office Home and Student Edition. (This appears to have now been corrected.) While this is quite amusing (especially since you only save £1.76), there is another side to mistakes like this: they damage Linux’s reputation unfairly.

Without the bundle, most non-techie users would probably not even wonder if they needed Office. By seeing that bundle, though, potential Eee PC buyers are misled into assuming that they need Office and that it will run on the Eee PC. If those users were tech-savvy, when they realized that Office would not install, they would blame it on BT — but, of course, if those users really were tech-savvy, they would not have bought the bundle in the first place. The point is that the kind of user who might fall for this bundle is likely to blame Asus or Linux for the mistake, not BT, who is truly at fault.

I am glad BT has fixed the problem and I hope it does not happen again. I am tired of Linux FUD being spread due to mistakes like this.

I am sure that almost anyone following the Linux news for any length of time has gotten completely used to the FUD (fear, uncertainty, and doubt) that comes out of Redmond over and over. Sometimes it is outrageous, sometimes it is just annoying, but I have never seen something as blatantly uninformed as this.

Yesterday, Wired reported this: (he is Bill Gates)

“There’s free software and then there’s open source,” he suggested, noting that Microsoft gives away its software in developing countries. With open source software, on the other hand, “there is this thing called the GPL, which we disagree with.”

Open source, he said, creates a license “so that nobody can ever improve the software,” he claimed

What?

Bill Gates is saying that GPL makes it “so that nobody can ever improve the software.” Apparently he does not understand what “open-source” means. With open-source software, GPL in this case, you have the right to modify and redistribute the program. How on earth does that make is “so that nobody can ever improve the software.” Is this supposed to be FUD or ignorance?

Can anyone give a logical explanation for how this could possibly be at all true?

One of the things that annoys me the most about Microsoft is their love of FUD (fear, uncertainty, and doubt.) I have no problem with companies marketing their products to customers, but I do object to false conclusions that cannot be backed by real, relevant facts. One argument that bothers me in particular goes like this: our product has fewer security vulnerabilities than yours so it is better. This argument works great for headlines, but when you really look at it, it falls apart. Below are two examples of these claims:

• Jeff Jones, a security expert for Microsoft, claims Vista is more secure than Ubuntu 6.06 LTS
• Windows Server is more secure than Red Hat Enterprise Linux, according to a Microsoft FUD site

As I said, these claims are full of issues. Here are the problems with the arguments: (not every such argument suffers from all these flaws, but all of them suffer from one or more of them)

• The severity of the vulnerabilities is not included. Security vulnerabilities are ranked by what kind of a threat they pose. If this data is not included, a product with 100 minor glitches of almost no consequence would be considered less secure than a product with 75 major glitches. (The kind of thing where a hacker can take control of your computer.)
• There is no consideration of the status of a vulnerability. If a vulnerability is quickely fixed it is counted the same as if it has been weeks or months and is still unfixed.
• Not all companies admit to all the bugs that exist. In an open-source project like Ubuntu, if a bug is found and can be duplicated, it is known and reported, but not all companies act this way.

When you fill in the missing data, you get a very different conclusion from what Microsoft would like you to believe. I will only go through the data pertaining to Microsoft’s FUD site claim, but you can do the same thing for Jeff Jones’s claim.

(All of the below data is from Secunia, solving the problem of companies not reporting all the bugs that exist.)

Starting with the severity of the vulnerabilities, here is the data:

As you can see, Ubuntu has less critical vulnerabilities. The data is even more impressive for fixed and unfixed vulnerabilities:

Here Ubuntu has a perfect record, having fixed all of the flaws.

In conclusion, Microsoft’s argument is flawed and their conclusion is incorrect. This will not be news to many of you, but hopefully you will appreciate seeing real numbers behind it.