begin quoting rbw as of Thu, Sep 20, 2007 at 09:00:07AM -0700: > I don't quite follow... > > I understand this argument which, while real > enough, is still FUD in the long run... > "Mid-sized companies switching to free software > may incur less obvious costs. Re-training > employees and working with programmers to > customize the new software to match previously > made tweaks in Microsoft's products can add up."
If you _rely_ on M$'s tweaks and features, then yes, it'll be expensive to recreate that in the software. M$ might or might not find that particular feature worthwhile to preserve in future versions, but if they do, you're golden, and if not, you're no worse off than with open source. Is this FUD? Not really... but that's a really big "IF" -- and I don't think it applies as often as people think it does. > But I don't understand what is being implied in > the next sentence. Can someone clue me in on > what this means in terms of an Office Suite of apps? > "Most large companies will find these trade-offs > unacceptable. The applications do not provide > adequate archiving options to meet legal > demands, nor do they guarantee the type of > security requirements." > http://www.forbes.com/business/2007/09/19/microsoft-office-software-tech-cx_rr_0919ibm.html > (It almost looks like there was something that > was supposed to come after the word "requirements") Yes, I believe you're correct. Something does seem to be missing. I think it might be something along the lines of: "The typ of security requirements required by <act/law/regulation>." > Discussing "adequate archiving", "legal demands" > and especially *"guarantee"* in the same > sentence as "security requirements" in any > argument that even implies that the level that > M$ is at can't "easily" be reached seems to me > to be absurd. It seems that the legal viewpoint of "security" is a bunch of checkboxes. (This is how we get voting machines with physical locks that anyone can get a key for -- it has a lock, check, next requirement...) However, IANAL. I would imagine that a large corporation can get away with some rather glaring "security breaches" if they're not the ones responsible for the software that failed. Zero-day exploits can expose a company legally, but if they can point to M$, they might get the regulatory hounds off their backs -- if they have their own programmers modifying the code to suit their needs, then they can't shift the blame. "Can we shift the blame for security/functionality breaches? Check." Small companies can't afford to fight the regulators at all; any significant appearance in court will lead to the dissolution of the company. Superficial CYA doesn't matter so much -- if it gets to that point, the company's already dead. > If someone has an idea of what this sentence > means I sure would appreciate being clued in ;^) Best is probably to bounce off an email to the author, but leave out the pro-open-source attitude. Presumably, there's a chain of reasoning that results in that sentence, but recreating it can be difficult. -- I miss StarOffice. Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
