Open sourcing Windows is more hassle than it's worth and Microsoft sees little gain in releasing code, according to the man leading Microsoft's server marketing and platform strategy. Microsoft general manager Bill Hilf has said the Windows source code is "irrelevant for what people want". Hilf said "most of the knowledgeable …
"If you are in a situation where you need decent documentation for something, you are hardly likely to be in a situation where you're a suitable person to write it!!"
If you need anything more than "this is how to install it" and "this is how to use it," then having the source code makes it possible to see whatever it is you need to see, with or absent other documentation. And in such a case, you *are* a suitable person to write the extended documentation.
Your whine is not credible. Go cry at Ballmer about why your Vista apps don't exist.
...most knowledgeable people...
Of course they don't want to see it. MS has a habit of using the most odious terms in their agreements. If you look at it, they'll probably own everything you've ever done. The disappointing part is that they try to imply that knowledgeable people don't want to look at it for its own sake. It's slimy, twisted, evil, and... not at all surprising.
Most knowledgeable people would like to look at this train wreck, if only to laugh. But they won't, because they don't want to be forced to comply with the terms. No wonder they all give it a miss.
Tux, because the FreeBSD daemon isn't available.
And, of course
If it were opened we would NEVER EVER find any stolen code in there. MS would NEVER allow code from a GPLed project to ever find its way into their super-secret source code.
So that explains all as to why it takes upwards of six months plus to close simple loopholes or install security updates in Windoze Servers and require a full reboot power down then backup off line , where as Apache security updates for the security problems are available within days and are extremely easy to install at the same time !
Go M$ pull the other leg and pull the foot out of the spokes persons mouth, or as they have a saying down under in Oz "You're Dreaming! "
How about an investor class action lawsuit?
News to y'all. M$ has plenty of market capitalization, at least partially built on the assumption that they remain a closed source near-monopoly. Maybe also on the unlikely assumption that they will eventually make money from something else than Windows and Office, but I digress.
How would you like to have your money invested in them and they turn around and try the pure OSS business model? A model which so far has not resulted in that many big stock market hits besides Red Hat.
Many investors would not and there are many many lawyers who would be quite ready to pounce on whoever decided to follow the latest trend in geek fashions. Unless, of course, M$ actually made more money after opening up their source code, something I highly doubt.
Regardless of the technical merit of their products, there are many reasons why M$ does not, and should not, jump willy-nilly into open source. Hopefully they will gradually learn where they can open up. Documenting the APIs, _if_ they actually carry it out, is a good start. Plus, if their code is so bad, whaddya all care?
And he said that with a straight face, too?
I haven't waded through all 55 (at the time of this writing) comments, but it makes perfect sense why it wouldn't be to Microsoft's advantage and not necessarily monetarily either. My opinion is that it would show the world just how lazy their programmers & internal development teams really are.
I chose the IT? angle because to anybody already in the IT business , this should come as no shocking revelation, let alone something to be taken seriously...
There is some code I've written which will never, ever see the light of day, because it's bloody awful and there's nobody I hate enough to make them look at it.
Wouldn't surprise me to find that some of the Windows source code is just as bad as my worst dirty hack jobs.
Real reason? They have no compelling reason to open the Windows source code. Properly documented APIs should be enough for application developers to work from.
Maybe hordes of open-source developers could descend on the source code and make Windows better. But let's face it, if Microsoft, with lots of developers (developers! developers! ........), full access to the code, internal documentation, and people who have worked with it for years, can't seem to fix bugs without breaking other stuff, and struggle to make major updates, what hope does anyone else have of improving it?
Probably not a good idea...
Looking at Microsoft's source code probably won't tell you anything you didn't know about or suspected already but it will make you party to Microsoft's trade secrets. You'll then be screwed if you try to work on a FOSS project -- Microsoft will just claim IP leakage. After all, if they can claim that Linux violates "hundreds" of their patents without actually citing any of them (even though those patents are published) then they're really going to have fun with the vaguer "trade secrets".
The more I work with FOSS code the more I'm convinced that large parts of the MSFT codebase are obsolete. It reminds me of the later days of vxWorks, something that's had its day but really can't come close to the quality and ease of use of Linux. The only thing MSFT have left is their user interface and media tie-ins (neither of relevance to me -- I do embedded).
I'm not a Linux fanboy, BTW. Its just they've got the better development model. MSFT should really try emulating FOSS methods.
That kinda happened recently...
Security Now #133 talks about the new Truecrypt (v5) full disk encryption software which required the authors to create their own low level disk driver for windows so all disk activity is encrypted/decrypted on the fly.
You'd expect over the course of 20 years most companies would have honed and refined something as significant to performance as this, Moreso you'd expect adding the burden of encryption would therefore negatively impact disk io performance but in this case windows + Truecrypt's driver benches significantly faster!
Hahahaha, okay there may be some situations/tests that it is slower in but still, hahahahah!
I think it's be nice if I could create my own XP fork, I almost certainly wouldn't but it'd be nice to know I was allowed to and, as the above shows, some clever 17 year olds might make a good job of it (or get Wine working better)
How many competitors will SCO the company if they open up?
How much has MS stolen from competitors?
Certainly, the few dozen lines of code MS claims Linux developers stole from them would be rewritten within hours, so MS couldn't hold large customers up for ransom.
The latest value: $1mil per user:
You have three choices
(1) You provide documentation on ALL the APIs, libraries, applications, etc. that are in your product to allow other developers to create a working interoperability with your product;
(2) You provide the source code to permit anyone to reverse-engineer the documentation as needed;
(3) You provide a "closed" product that cannot be interfaced except as you specifically allow.
The problems with these choices:
(3) - You severely limit the market for your product. Unless you hold a de-facto monopoly position, this generally results in a competitive product displacing you simply by allowing a larger cadre of symbiotic products to work with it. IBM learned this lesson the hard way when technology let mini and micro computers usurp the applications from mainframes, even with a market monopoly. And Microsoft learned this with the original Windows releases (following Apple's success with the Mac SDK) by - literally - giving away the SDK and documentation for Windows development to end-run the tightly controlled OS/2 development environment.
(2) - If you make source code available you WILL have branches occurring. However, this is countered by providing the supporting community with leadership and responsiveness that permits extensions, repairs and changes to be incorporated into the main stream product with benefits for all involved. Leadership requires a LOT of truthful communications, and the tolerance of "splinter religions" that continue to depend on your core product, but are just out of sync enough to preclude re-integrating into the main branch. Among other issues...
(1) - If you are going to document your internals in order to permit access to them, then you have to do it in a covenant with the community that engenders true mutual dependence. Almost identical to (2), you have to ensure a tremendous amount of communication in order to not strand products without warning when changes are introduced, and you absolutely MUST document ALL interfaces ACCURATELY. This means keeping the docs fastidiously up to date, and if errors are uncovered, immediately confess to them and make amends. If you do this, you can provide warnings that certain specifications are not recommended for use, as they may cause problems or be subject to changes or removal without warning - and have the community actually respect the warnings.
Regardless of which choice (or combination of choices for a multi-faceted product like an OS) are taken, the key to making ANY of these models work long-term is building TRUST with the user and developer community. And trust is ONLY achieved by demonstrating that YOU trust your users and community developers.
Allowing a development community build a market for your core product with add-on applications, then cutting the community's legs out from under it by creating your own products that use "secret" interfaces and breaking the interfaces that your supporters used is NOT the way to engender trust. Microsoft has done this time and time again to dedicated developers and partners: only their monopoly position has allowed them to continue this practice.
Redmond has made the bed it is sleeping in through years of abuse. Whatever choice they make, the results will be solely their own making.
The one and only ...
So Microsoft release the source code for Windows. And within a few weeks, it's done a Linux - hundreds of different and non-compatible distributions floating around. The single biggest advantage Windows have - uniformity - is lost.
Now, there are bound to be various views on that, but to MS it can't be other than a Bad Thing.
"hundreds of different and non-compatible distributions"???
Please, tell us how they are incompatible. Unless you mean "RH 3.1 is incompatible with Ubuntu 6.06" you're talking a load of toss you know nothing about.
They all use the linux kernel (compatible with each other), they all use the GNU userspace (except Busybox-based systems that are cmopatible for most common uses but not 100% compatible).
I installed FireFox (one application) on SuSE (three different versions), Mandrake (two versions) and elive. I've installed Loki's "Rune" on two versions of Suse, one RedHat and one Mandrake.
Now look at some of your applications: certified only on Windows 2000 (SP3 up), Windows XP(SP2) and Vista. Got 2000 but only SP1? SOL. That is as bad or worse (because you can't install a SP if MS have dropped support because it's closed) than the incompatabilities that you do get in Linux.
But you just wanted to big up MS and had therefore to knock Linux down.
You sad, pathetic man.
You should be able to praise someone without knocking someone else down.
clear the board and start again
What MS really need to do is start again and develop an open source version from scratch and possibly in parralel with windows server products.
you'd get a rhel/fedora setup, they'd still be in control but with all the benefits of the 'knowledgeable' people that can fix any security holes and make things more compatible.
That's a little harsh, I use Debian (a little) and Gentoo (main setup), and they both have slightly different ways of setting things up (different conf locations etc).
Although you are spot on right with the software itself being compatible across the range, it doesn't mean that a person can go straight from Ubuntu and use RH or Suse or Gentoo easily, some bugger keeps moving the configuration files.
(That said, it could just be Gentoo which is the odd one out..... I await the rebuke)
As for documentation, most of the important stuff is documented well. Some of the obscure stuff isn't. Most of that doesn't really last though. So, it is not quite is much of a problem as some suggest.
@Yet another Anonymous Coward
Firstly the name's Turner not Taylor. If you can't even get *that* right... Onto your points:
Anonymous Coward: "I'll tell you why I'd like it to be opened: because I'm a fairly decent programmer with kernel-mode and device driver experience, and next time some awful bug is giving me trouble I could just *fix* it instead of having to struggle to find some workaround"
And are you going to make sure that your fix isn't ever overwritten by a patch? What if it turns out you weren't as skilled as you thought and perhaps you didn't know the full picture of why it does what it does and you broke compatibility with something else which you didn't or couldn't test at the time? Perhaps you could get away with this for entirely closed off installations but not much else. And of course if *you* can do it, so can millions of other people write their own 'improved' versions of Windows. As a Windows Developer myself I certainly wouldn't want to be coding for such a potentially moving target and I doubt MS would be chirpy about trying to support homebrew versions of Windows either.
AT: "Malware authors being able to find hooks and holes with much more ease."
AC: That's a fairly limited impact. Most malware these days spreads by idiots clicking on it anyway"
You know this how? Most virus checkers root out EXEs these days, it's opening malformed data files that's the bigger problem - that and visiting websites that are loaded with malformed HTML or images. Thanks to UAC in Vista, even running an EXE can have limited impact (assuming the user hasn't turned it off..), but if the writer of that EXE was able to leaf through the source in order to find a way of buffer overrunning their way to elevated privileges then that would make their life a whole heap easier.
AC: "it doesn't even need OS exploits or holes"
Unless you're talking about clicking on .EXEs, yes they do.
AT: "Malware authors being able to create 'pirate' versions of Windows with the malware built right into the OS"
AC: "That one's a total strawman. They can do that right now"
No they can't. Not at the level I'm talking about.
AC: "and it doesn't need access to the source, and access to the source wouldn't make it any easier. If your supposed pirate released a hacked version of windows based on the original sources, it wouldn't have the MS digital signatures on the system files, so they'd have to disable all the checking and system file protection feature in the os anyway... which you can already easily do, in which case you dead easily trojan or wrapper or replace wholesale any windows system file you like anyway. The source is neither necessary nor even useful for this kind of attack."
You're somewhat assuming I mean Window Mode binaries. I don't. Sure you might be able to disable System File Protection, but with the source you could make a version of Windows which *pretends* like it's doing it, but actually isn't. You could make a version of Windows which fakes the appearance of MS signatures on binaries that don't actually have them (to the UI level at least). Once you're inside Windows, especially the kernel level and you're able to simply add bits in without having to add new DLLs or wrapper existing ones then you can do a great deal and without much chance of detection.
AT: "Software developers being able to see how things work will start to use and rely on internal behaviours."
AC: Dude, that's what MS already do anyway, and that's why their public APIs are no use. MS' use of secret internal APIs to gain commercial advantage for their products was half the issue in the monopoly trial, remember?
Of course I do and I also recall the trouble it caused, how long ago that was and how much of a totally different issue that was. For a start, it's one thing to use undocumented APIs and another entirely to rely on the internal behaviour or data structures of a documented API. You might check through the code and decide that an API is almost certainly going to be thread-safe even though it's not marked as such. Then you rely on that at your peril when later versions break that. And it's one thing for MS to be able to ask the Word team whether changing some aspect of the undocumented API will cause them a problem since that's still an internal matter which MS can control. Once the source gets out then they can't have any idea how much changing internal data structures will break the code of people who've tried to be 'a bit clever' and have leveraged access to the source to get around the API. Not to mention people copying chunks of Windows into their own DLLs just to change some behaviour and then finding that the chunk they copied isn't always compatible with different OS patches.
Come on mate, if you blur the line between OS software and application software at the *source code level*, it would lead to an absolute mess as people all over the world leverage knowledge that they shouldn't and couldn't rely on just to try and get an advantage over their competitor. And on top of that, you only have to look at the huge number of Linux distros to see what other problems you may well get.
"You sad, pathetic man. You should be able to praise someone without knocking someone else down"
Hypocrisy in a nutshell!
So how do you tell someone off for being too critical of others? Because when you do, you're being critical of others. And, according to your "logic", that means you can't bring it up because that's hypocritical.
How do you do that.
Now, when you've had that idea sink in, ask where I bigged myself up in that? I said that Linux *did* have compatibility issues but they were no worse technically than Windows and (since you can roll your own with Linux but when Windows reaches EOL, you're SOL) somewhat better in a pragmatic sense.
Yup, there are different GUI-ways to configure those applications. But the command line configuration avoiding this is damn consistent.
Try setting up the firewall and you can crib a script using iptables and put it in /etc/initd/boot.local and it works on ALL distributions with iptables. Which goes back to early 2.4 kernels.
Then again, the GUI for changing Windows configuration changed radically between 98, NT3.5, 2000, XP and Vista.
The point being that you can't diss linux for being incompatible because it's incompatabilities don't exist in any worse form than Windows' compatibility problems.
All M$ *really* needs to do is open, and STRICTLY COMPLY WITH, the BIOS calls, the API calls, and file structures/formats. With that information, any compliant OS would be able to run Windows apps, and any compliant app would run on windows.
"So how do you tell someone off for being too critical of others? Because when you do, you're being critical of others"
You say "I think you're being too critical" and explain your reasoning. Saying "You sad, pathetic man" doesn't really cut it.
I've just spent like 12 hrs trying to get a widely known unnamed FOSS partition backup utility to copy stuff from my XP laptop to my Ubuntu desktop, using a Linux livecd. Countless config and connectivity errors later, I give up. I've had a crash course in Ubuntu compilation, CD-burning, error lookups, network configuration, you name it. I have learned quite a lot.
What I haven't done though is backing up my partition. I guess if you spend enough time on Linux you get used to this. But, to me at least, this particular program's usability is still a pig, no matter how cute its lipstick. Looking at the source code does not make it a pretty maiden.
Some other bozo asking for help (unanswered) said he'd been trying to do the same thing for 2 weeks.
So, Mark, is this the promised land you are so proud of? I guess I am just a sad little man. And dumb to boot. Maybe your granny could do this in her sleep? Is there absolutely nothing wrong with this picture, just because it's not M$?
There ARE great things about Linux. But lotsa things are nowhere near noob-friendly enough yet, though things have improved hugely in the last 5 yrs. If you are a sysadmin, Linux sure can't be beat. But what about Mr and Mrs. Average?
Re: noob friendliness
Windows isn't noob friendly either.
You have to be careful about what you click on on the internet.
you need to keep your virus signatures up to date
you need to keep your firewall up
When you install Windows, most of your kit doesn't work. If you bought them at the same time as Windows, you'll have a half-dozen CDs for drivers. But if you upgrade, you may find your hardware has no driver any more (big problems for Win98 users migrating to XP and any Windows user upgrading to Vista).
Windows is not noob friendly.
Linux isn't noob friendly.
Maybe *computers* aren't noob friendly.
If you want a noob-friendly system, get an appliance (and how many people have problems setting the time on their VCR...). Expecting noob friendliness from a powerful, flexible and complex system like a general purpose PC is like expecting flying a commercial jet to be just as simple as a car.
Couple of points
Apple are far worse than MS when it comes to wanting to shut independent developers out and maintaining the monopoly the have on their stuff
Windows is a damn sight more noob friendly than any current linux distro (including ubuntu, though that has made a reasonable start)
Re: Couple of points
If windows is so easy, why are there so many books on how to use it?
Then you have the need to administrate a windows machine: update the OS (watch the patches, otherwise silverlight can be installed and bork your system!!), update the firewall and the virus signatures. Watch what you visit, what you open in Outlook and so on.
Installation is easier on Linux than Windows, but then again, nobody installs windows (some have to reimage their OS because they have no Windows CDs, which is less unfriendly unless you don't know how to back up [a windows admin task again...]).
What you can't do with Linux is whack in the latest hardware and know it works (but then again, you're buggered if it has no XP drivers or it was bought before Vista) and you can't buy software out of PC world and install it (that's a problem with the developers, though a rational decision somewhat).
It's only to power users who know *Windows* rather than knows *computers* to whom Windows is much more friendly. For those who don't know either (the eponymous Aunt Tilly), Linux is easier because it's all there and no admin needed. For those who know *computers*, both have their downsides, but neither is better than the other.
(because you're speaking alien)
'Linux is easier because it's all there and no admin needed'
Of course it is, of course it is, you seen any pixies in fairy land?
Time to wake up, your cornflakes are going soggy
Just because _you_ had a problem with your installation (or other usage) of GNU/Linux, it doesn't mean that other people's claims of "Ubuntu is working" are not true. The fact holds that GNU/Linux is very user-friendly for most people in most cases (i.e., exactly the same as Microsoft Windows).
I have to admit, when I find someone who is actually an *expert* in Windows administration, and I watch them fixing a problem/doing a miscellaneous task, I am really quite baffled; it seems that Microsoft couldn't have made Windows power-user/sysadmin configuration for arcane and unnecessarily complex if they tried. Especially the Windows command-line.
"Windows is not noob friendly.
"Linux isn't noob friendly.
"Maybe *computers* aren't noob friendly."
Exactly - the common doctrine seems to be that computers have to "Just work". But, in an ideal world, the doctrine that should be preached to OS designers would be "The OS should always act in a logical way; if you tell a computer to do something, it should do what you said/interpret what you said sensibly; also the interface to the OS should make sense."
Of course, this might entail users having to learn the method with which they have to use the computer, but that goes for all human tools. Noone expects that you should be able to pick up a violin and it should "play itself" exactly how you want it to. You have to learn how to play the violin, but the way you use the violin is indeed logical, even if you have to learn how to do it.
Likewise, users should expect to have to learn about the computers they use. If the OS is well-designed, it should at least seem logical to an end-user. For example, Unix-style abstraction where "everything is a file" may require a bit of learning to be able to use, but it certainly makes sense - and if you're using a sensible Unix-like system, your commands will be interpreted sanely by the OS.
Basically, saying things do/don't/should "Just work" (or "Should work like Microsoft Windows because I can't conceive of a different OS") belies ignorance.
@ Idiot AC
So please tell me what leads you to think there are pixies here? Or is your crack pipe leaking?
When Linux is installed (and why not do what you do with windows: have someone else install it for you!) there's very little administration needed.
Use Mandrake and your exposure is limited severely (small target out of a 10% of the entire desktop ecosystem). The mechanism for installing stuff isn't as batshit insane as windows (where to "make it easier", any old shit can cause a program to install) and Linux distributions come with almost ALL programs needed for the eponymous Aunt Tilly: write letters, browse internet, write emails, show pictures of children, play music and Solitaire. No need to administrate ANYTHING.
I'm surprised El Reg hasn't put a stop to all this bickering - or are they all just snickering. I guess they are allowing free speech though.
I use Windows mainly due to work requirements, I have played with Linux (quite some time back) and Mac's long before that. They ALL have good and bad points - deal with it. You're rarely going to convert anyone from one to the other. You've got a choice and you make one. Hell, even run all three, but why waste your time flaming at each other.
On topic, I don't care if MS release their code or not and yes, there probably are loads of hacks and dodgy comments - I bet most large software projects are like this (except mine of course ;-). The only outcome of them releasing their code (aside from the branching problems) will be more MS bashing.
On a final note, someone had added a url to wal_mart and I childishly noticed that it's nearly an anagram of "malware". Totally pointless observation I know, but so are a lot of the comments above. (Oops, now I'm flaming - better choose that fiery icon)
My attempt is to stop people being put off because they only hear "it's too difficult". If you only hear one side, you're getting a skewed picture.