[NBLUG/talk] Mono

ME dugan at passwall.com
Mon May 26 06:54:11 PDT 2003


> Mono is the (still under construction) open source
> implementation of the"Dot-Net Framework"
> ( http://www.go-mono.com ).
>
> What do y'all think of it?
>
> I read a quote from Alan Cox to the effect that
> Mono is a ridiculous idea, because Microsloth will
> be able to kill it quickly and easily through shrewd
> legal maneuvering, whenever it suits Microsloth to do so.
>
> Thank you for your input.  I respect your ideas
> and really appreciate your sharing.  *smile*

I agree with Alan on his reasons, but I dont agree that it is ridiculous.

MS has a history of changing protocols and formats for existing software
as alternative projects provide supports to use MS protocols/formats. MS
word is a great example of this. As the file format for ".doc" files are
discovered by opensource coders, MS changes the ".doc" format and releases
a new copy of MS word. This is what they have done, this is what they will
do.

However, I do not see an attempt to dev an opensource .net as ridiculous.
As the coders build their own understanding of .net, they may come up with
security weaknesses in the .net made by MS.

Since MS has put so many different things under the name ".net" weaknesses
found in even a few areas tarnish the whole name. (Attempt to locate
multiple eggs in the same basket to make entry into the market of .net
clones too costly?)

Of course, I am first to agree that their project to duplicate .net is
ultimately doomed to failure while MS is in control of the protocol,
format, and specifications.

Though it was not a ".net" failure (more of a web coder failure) there was
a hole discovered recently in the passport portion of .net and
authentication. It seems that MS had a web page for resetting passwords
that would allow you to reset any user's passport password with a properly
(improperly?) formatted submission from a form. It seems that MS is/was
willing to trust the client to verify the client was who they said they
were. (Not entirely true, but it sounds better than saying the coder of
the password reset page from MS just botched the job.)

-ME




More information about the talk mailing list