Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Latest News
    • Servers

    Microsoft Code in Captivity

    Written by

    Peter Galli
    Published March 14, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The leak of some of Microsoft Corp.s Windows source code on the Internet last month has elevated the discussion about why the software company believes it needs to protect its code so fiercely when other vendors are more liberal with access to their proprietary source code. The leak has also raised doubts about Microsofts commitment to, and ability to effectively deal with, the security of its products.

      Microsoft officials are downplaying the security aspect of the leak of the Windows 2000 and Windows NT 4.0 source code. “The leak was not a breach of our internal security, it was not a breach of corporate network security and it was also not a breach of the Shared Source or Government Security programs or from one of those licensees. The code also did not come through the Code Center Premium, the mechanism we use to deliver source code to customers,” said Jason Matusow, Microsofts Shared Source Program director, in Redmond, Wash.

      /zimages/4/28571.gifClick here for eWEEKs interview with Jason Matusow.

      Microsofts response is not sitting well with some customers and developers. “The code leak was a fairly serious event, both for consumers and for Microsoft itself. Downplaying the issue is standard Microsoft damage control, but there will be consequences for that leak,” John Persinger, an internal network administrator for Source4 Inc., in Roanoke, Va., told eWEEK. “We run on the realistic knowledge that our network is, and always will be, subject to potential threats. We do all we can to maintain the most active awareness of threats to both us and to our customers, but events like the code leak dont help.”

      Bob Duerr, president of Integrated E-com, in Naperville, Ill., takes the code leak seriously. “This is a breach of the very code that is the core of what we use today in our business, Windows 2000. Even little pieces can be put together to give insight into where a hacker may insert trouble and breach security,” Duerr said, adding that Microsoft must assume responsibility for the leak.

      “The buck has to stop somewhere. This is no different than Coke keeping their secret formula for their cola. The bigger issue is that they should have had contingency plans if this happened,” Duerr said.

      /zimages/4/28571.gifShould Microsoft open-source its leaked code? Find out here.

      Brian Riley, a senior programmer and analyst at a publicly traded health care services company, also points to Microsofts security record. Riley said that “from a user standpoint, Microsoft products have never been secure and have gotten even less so.” But unless there are some serious exploits as a result of the leaked code, he does not expect that to have any impact on his company. “Security has tightened up quite a bit around here since Slammer, Nimda and Blaster,” he said.

      In defending Microsoft and its security initiatives, Matusow said, “I think our candidness around security vulnerabilities and our response mechanisms are part of the effort to show that we are dealing with these issues head-on. But I understand how customers make the leap of logic that the leak represents further proof to them of security concerns,” he said.

      “Weve been sharing Windows source code for 13 years, and many eyes have looked at that code. Maybe we havent done a good-enough job telling the source code story. It appears that many people think this is the first time anyone has ever seen Windows source code,” Matusow said.

      Next page: Microsofts crown jewels.

      Page Two

      Microsoft has long maintained that its code is its most valuable intellectual property, often dubbed the “crown jewels,” and has thus aggressively restricted access to that code. But other software companies, such as Sun Microsystems Inc., of Santa Clara, Calif., are less worried about sharing their source code with customers, developers and academic institutions.

      Programmer Riley said he believes that, among software vendors, IBM probably does the best job of keeping its source code secure while still letting those who need to see it do so.

      John Fowler, Suns chief technology officer for software, said Sun is much less protective of its Solaris and Java source code. Sun is also meeting with those parties who are pushing for an open-source implementation of Java.

      “We take a far more laid-back approach,” Fowler said. “We license the source code fairly liberally and quite widely. Solaris source code is licensed to hundreds of academic institutions for $100; we also have 50 commercial licensees. We are in general happy for people to look at the source and tell us what we ought to be changing—developers, partners and academic institutions—and allow them to download the actual code, which they can change as long as this is for noncommercial reasons,” he said.

      Fowler said Sun is fundamentally different from Microsoft with regard to its source code. “Preventing access to my source is not central to my business model,” he said. “Preventing access to source is central to their business model, as is trying to avoid having people have compatible implementations of protocols, data formats and other things.”

      But Microsofts Matusow disputes that claim, saying Fowler is muddling some ideas relative to standards and the role that standards play for things like communication protocols.

      “He is ignoring the fact that we have published, under the Consent Decree, more than 280 application programming interfaces but also made available for licensing the communication protocols for both client and server,” Matusow said. “Aside from those issues, he is correct that if you release all of your source code, then you do have an impact on competitive differentiation.”

      Its hard to argue that Microsoft has not enabled an ecosystem around Windows, which supports some 75,000 applications, Matusow said, adding that Microsoft also won the Best in Show award at LinuxWorld in 2003 for interoperability with its Services for Unix product.

      “[Fowler] may very well be giving away more of the source,” Matusow said. “But I cant comment on the effect of that on Suns business model except to say that you can judge that for yourself.”

      /zimages/4/28571.gifCheck out eWEEK.coms Windows Center at http://windows.eweek.com for Microsoft and Windows news, views and analysis.
      Be sure to add our eWEEK.com Windows news feed to your RSS newsreader or My Yahoo page: http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo2.gif

      Peter Galli
      Peter Galli
      Peter Galli has been a technology reporter for 12 years at leading publications in South Africa, the UK and the US. He has comprehensively covered Microsoft and its Windows and .Net platforms, as well as the many legal challenges it has faced. He has also focused on Sun Microsystems and its Solaris operating environment, Java and Unix offerings. He covers developments in the open source community, particularly around the Linux kernel and the effects it will have on the enterprise. He has written extensively about new products for the Linux and Unix platforms, the development of open standards and critically looked at the potential Linux has to offer an alternative operating system and platform to Windows, .Net and Unix-based solutions like Solaris.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.