Feeds

MS snags crucial authentication, DRM opt-outs in DoJ settlement

You thought it was bad, already? Here's the small print

  • alert
  • submit to reddit

Boost IT visibility and business value

The DoJ's capitulation to Microsoft, described by the San Jose Mercury's Dan Gilmor as "[awarding] the hen house to the meanest fox in the woods", was as Dan says not unexpected. Microsoft might not be the natural barbecue companion for the Texas oilmen who make up the Bush Administration: but the decision to nullify the AntiTrust laws by failing to enforce them is entirely consistent with the 43rd Presidency.

But what really should make enemies of The Beast weep tonight isn't the remedies, it's the opt-outs Microsoft has secured for itself.

The biggest omission you'll notice, when comparing the agreement against Judge Jackson's proposed behavioral remedies is the absence of technical disclosure practice. The original conduct obliged Microsoft to disclose APIs, and did so in some detail. It outlined the creation of a neutral clean room: an independent verification facility staffed by both industry opponents and Microsoft representatives, to ensure that compatibility issues were solved within a fixed time period. Or else.

In today's agreement, not only is Redmond not obliged to disclose APIs to third parties, it's secured an explicit guarantee that it doesn't have to. The small print in Section J 1 of the 'Prohibited Conduct' notes:- .

"No provision of this Final Judgment shall:
1.Require Microsoft to document, disclose or license to third parties:

(a) portions of APIs or Documentation or portions or layers of Communications Protocols the disclosure of which would compromise the security of anti-piracy, anti-virus, software licensing, digital rights management, encryption or authentication systems, including without limitation, keys, authorization tokens or enforcement criteria;

or (b) any API, interface or other information related to any Microsoft product if lawfully directed not to do so by a governmental agency of competent jurisdiction."

It's the most significant part of the entire agreement document, as it describes oversight of Microsoft's future conduct in the most critical areas of web services (authentication) and multimedia content (DRM).

It also represents an end-run around the AntiTrust Laws: Microsoft only needs to claim that its security is being compromised to get the authority of a Government policeman. In its own way, this section institutionalizes corporate malfeasance.

New balls, please

For much of the nineties, big business spent enormous energy on promoting the idea that markets and not the ballot box were the true instrument of democracy. Swashbuckling businessmen didn't just reject tiresome burdensome regulations, they stole the revolutionary couture of the Left to brand such interference as anti-democratic.

For the IT industry, with its instinctive fear of government, this became axiomatic: tech folk bought into the notion faster and deeper than anyone else, and ideology trumped common sense even amongst Microsoft's most articulate opponents. "Market failure is only solved by freer markets," chirped Eric Raymond in his 1998 essay which argued for the repeal of the AntiTrust laws. It's an argument that's welcomed, of course, by powerful monopolies.

But not even in their wildest dreams could the business elites have imagined that in 2001, the AntiTrust department itself would be offering a convicted monopolist state protection. ®

Boost IT visibility and business value

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft refuses to nip 'Windows 9' unzip lip slip
Look at the shiny Windows 8.1, why can't you people talk about 8.1, sobs an exec somewhere
Intel's Raspberry Pi rival Galileo can now run Windows
Behold the Internet of Things. Wintel Things
Linux Foundation says many Linux admins and engineers are certifiable
Floats exam program to help IT employers lock up talent
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Eat up Martha! Microsoft slings handwriting recog into OneNote on Android
Freehand input on non-Windows kit for the first time
Linux kernel devs made to finger their dongles before contributing code
Two-factor auth enabled for Kernel.org repositories
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?