Shared Office Code Unlikely to Sway Governments
Microsoft Corp.s offer to share the source code of Office 2003 with governments may be a positive move, but governments say it is unlikely to make much difference to which software they choose.
On Monday Microsoft said it would extend its Government Security Programwhich allows governments to inspect source code, visit the companys Redmond, Washington campus and provide feedbackto include Office 2003. The decision marks the first time Office has been made available under Microsofts Shared Source Initiative, of which the GSP is part; Windows 2000, XP, Server 2003 and CE have been offered under the GSP since last year.
Industry observers say "shared source" is a response to competition from software covered under open-source licenses, though Microsoft maintains the program was created solely in response to customer feedback. Sun Microsystems Inc.s StarOffice and its open-source spin-off OpenOffice.org have begun to pose a more significant challenge to Microsoft Office in recent months. One advantage of open source, according to its proponents, is that anyone can inspect the source code, meaning theoretically unlimited numbers of people can assist in tracking down security flaws.
The City of Munich, which is in the midst of a well-publicized migration from Windows and Microsoft Office to Linux and OpenOffice, said the expansion of the GSP could have positive effects. "For administrations which use Microsoft products, the shared source [program] represents an improvement in evaluating IT security," said Wilhelm Hoegner, the citys equivalent of a chief technology officer, in an e-mail interview.
However, the GSPs benefits are limited, and wouldnt be sufficient to tempt Munich to Microsoft Office, Hoegner said. He noted particularly that the GSP allows governments only to inspect software code, not to modify or expand it, as open-source licenses do. "The shared source [program] does not modify anything in Munichs decision-making, since security is just one of several strategic considerations," Hoegner said.
The British government, one of the first to sign up for access to Office 2003, praised the program but said its involvement merely builds on a pre-existing commitment to roll out the software.
"Microsofts collaborative approach and source-code access have demonstrated a deeper level of commitment to our ongoing collaboration," said Dr. Steve Marsh, director of the Central Sponsor for Information Assurance in the Cabinet Office, in a statement. "The release of this source code will help the U.K. government understand the security implications of the Office productivity suite and aid secure deployment in a wide range of scenarios."
With some governments requiring the ability to examine the source code of software they purchase, expanding the GSP is a necessary step for Microsoft, according to principal analyst James Governor of research firm RedMonk LLC. But the program is unlikely to change anyones mind about Microsoft or open source, he said.
"I dont think Microsoft will gain sales in governments by doing this, but it wont lose them either," Governor said. "This is a tick-list item for Microsoftif their government customers want to be able to look at [the source code], they can. But no one would ever really do it."
To make a real difference to security, governments would have to devote substantial resources to poring over endless lines of software code, Governor said. Practical questions aside, one could argue this would be a waste of government resources, he said: "Should governments be doing kernel work, for example?"
In any case, the notion of a rigid opposition between proprietary and open-source software is a myth, Governor argued, pointing out Microsofts involvement in some open-source projects. "Microsoft is doing a lot of open-source work, and will continue to do so. This is not a binary industry, and it is absurd to suggest that it is," he said.