Microsoft to give governments access to Windows code

Associated Press / SFGate

[austinite]

One look at that bloated, obfuscated spaghetti code and government software engineers will burn a trail on the carpet as they run to Linux. Oh, wait, they're already doing that!

Respond to this post. I totally agree with this. MS is now going to be scrutinized, ridiculed, MS arrogance can't hide it's dirty little secret anymore.

[TechJunkYard]

.. once they figure out how to benefit from greater openness, they may develop a comprehensive approach to source code openness.

This is just sowing the seeds of greater control over the "beneficiaries".

The shared-source programs applicable to commercial and government organizations forbid modification of the code; thus, you cannot actually use your access to solve your problems. Because you are not allowed to build, experiment with, or deploy modified versions, your "read-only" access cannot help you field fixes to Microsoft's bugs any more quickly...

Shared source licenses include a requirement that the licensor agree to treat Microsoft's code as confidential proprietary data. It follows that any developer, once he has seen shared source code, can be enjoined under trade-secrecy law from any activity that Microsoft considers to be competitive with its code.

Shared source, therefore, behaves like a virus that infects developers' brains. Once you let it into your organization, you must keep careful track of which developers have been contaminated, avoid deploying them to any projects which might compete with a Microsoft product, and even erect "Chinese walls" between projects so that no knowledge from shared source can leak into projects with competitive implications. Failing to implement any of those precautions could result in your organization's being sued for ruinous compensatory damages by Microsoft's armies of lawyers.

If you are not convinced of Microsoft's altruism, kindness, and beneficience, consider the possibility that the viral, poison-pill side-effects of shared source are actually the main point of the program - a device to make as many independent developers as possible vulnerable to intellectual-property blackmail and reduce competitive pressure against Microsoft's monopoly.

Could this be the hook that Microsoft uses to arrest government support for Open Source projects?

[Bush2000]

Respond to this post. I totally agree with this. MS is now going to be scrutinized, ridiculed, MS arrogance can't hide it's dirty little secret anymore.

I'd be curious to know how Imal presumes to know about "bloated, obfuscated spaghetti code" since he or she obviously hasn't even seen it. Sounds like yet more ideological ABMer stupidity.

[Bush2000]

Also, the paranoiac in me doesn't trust CHINA with the Windows code. I wouldn't be surprised if they used it to develop software viruses as a potential weapon against western economies..

More likely the Chinese would steal the code and market a competing product.

[HardStarboard]

>>>I agree with Gartner on this one. It's a smart move. <<<

I agree generally, but China was one of the countries mentioned as possibly being allowed to review the "secret sauce".

I wouldn't trust those ba$tards with anything. There will be a CD with the MS code out within a week of China getting a peek.

[Bush2000]

Could this be the hook that Microsoft uses to arrest government support for Open Source projects?

Well, it would be fairly obvious if open source projects "lifted" the code from Microsoft -- but the argument works both ways.

[Bush2000]

Agree re Chinese. Bastards. Nuke 'em.

[eno_]

Microsoft's strategy against Linux is .NET.

.NET is no answer to Linux. .NET is an answer to Sun's Java. Unless you count open source J2*E implementations, Linux does not have anything directly comparable to .NET. Python and the Apache middleware is coming along nicely, but, right now, Linux and .NET are moving in separate planes.

Microsoft's problem with Linux has to do with the fundamentals of open source. If YOU were a foreign government, would you trust Microsoft not to talk about vulns to the NSA before fixes are released? This is a lot more basic than a distributed object/servlet/JIT/VM/middleware/UI-framework system. So, while .NET is pretty neat, it isn't an answer to "Why should I trust you?"

Palladium might be an answer to that, but, for the same reasons any governments that take secrecy seriously prefer to compile their own security-audited Linux kernels, I doubt they would look too kindly on a system that enables outside authorities to hide software on your system, run it at will, and forbid you from examining it. In that sense, Palladium is a step backward: it is "trust" only for people who trust other people more than they trust themsleves. I don't see why any sane person would want Big Brother Inside, but for a foreign government it amounts to inviting the NSA to listen in.

[thisiskubrick]

Linux does not have anything directly comparable to .NET.


Check out the mono proj, it's an open source implementation of the .NET framework: http://www.go-mono.org/

Your points regarding the NSA and foreign gov'ts are valid, however in practice, those customers have always bought high-end specialized hardware anyway. In fact, back in the early 90's, Steve Jobs wound up trying to sell NeXT's to the NSA when he couldn't sell them to anyone else.

Spies have different software usability requirements than my grandma.

Microsoft engineers hate the government enough that I don't really worry about them giving the NSA that much information. We'll never know anyway.

But I don't lose much sleep over the NSA. By all accounts they are behind the curve. They're still upset over 128bit RSA encryption for goodness sake. I can't think of two engineering cultures that are more different than Microsoft's and the NSA's.

Take your NSA or MITRE engineer, put them across the table from a Microsoft engineer, and you'll see two very different outlooks. One of them wears a short-sleeved dress shirt with kahki trousers and a tie. The other wears snowboarding gear. Enough said.

[thisiskubrick]

More likely the Chinese would steal the code and market a competing product.
Having the code isn't that useful unless you also have the bug databases, the marketing infrastructure, the sales force, the Fortune 500 relationships, the best engineers money can buy, etc. etc.

[eno_]

I lose no sleep over the NSA, but foreign governments' data security people should, and do. That is one reason why Linux is gaining in government applications.

It is true that governments are very inefficient and uncreative compared to companies like Microsoft, but that isn't the issue. The issue is whether foreign governments can trust Microsoft not to give U.S. spies an early look at vulnerabilities, so that they can be exploited by U.S. intelligence agencies.

[flamefront]

No one has mentioned that Russians probably already have the source. Remember when Microsoft was hacked?