Feeds

Why Microsoft's EU ‘concession’ is no concession at all

Penguin extinction plan

  • alert
  • submit to reddit

Top three mobile application threats

Microsoft announced an "olive branch" to the EU last week, by offering to document the interfaces to its file and print server protocols. But the offer is less generous than it appears.

Eurocrats may not be pleased to discover that these CIFS protocols - which are considered undocumentable by developers who work with them - were due to be published anyway, as part of a two-year project which involved Microsoft's co-operation.

Microsoft's CIFS, or Common Internet File System, protocols are better known by their former name SMB. The CIFS moniker is misleading: it's not a file system, and it has little to do with the Internet. (SMB is a subset of CIFS). But it is the way that Microsoft has implemented file sharing and network printing since the OS/2 LAN Manager days.

But while other protocols have become commoditized (eight years ago, IBM and Microsoft charged extra for their PC TCP/IP stacks), SMB/CIFS has resisted the trend by presenting a moving target for developers, and introducing inconsistencies in each new Microsoft implementation.

Existing documentation is considered worthless, and so NAS vendors have one of two choices: license the Microsoft code, which is what storage pioneer Network Appliance chose to do, or use the GPL Samba Project, which has been incorporated into dedicated server appliances from Sun's Cobalt division, Hewlett Packard, and many others.

In 2000, the industry trade body the SNIA (Storage Network Industry Association) agreed to work on the CIFS specification, and the first cut of the draft was issued in April the same year. The 120+ page document is now at version 0.9.

And then my troubles bega...
However, such a document doesn't end interoperability problems with Microsoft systems. In fact it doesn't even begin to end them, say insiders.

"There can't be a specification that's worth anything," says Jeremy Allison, joint lead of the Samba Project.

"The source code itself is the specification . The level of detail required to interoperate successfully is simply not documentable - it would produce a stack of paper so high you might as well publish the source code."

That's because software developers who need to interoperate with Microsoft file and print servers must work around the implementation inconsistencies. A pristine specification has little value in the real world, argues Allison.

He illustrates this with an example of an implementation detail which only emerges in real world tests and would never be included in a specification.

When the Samba team tested Windows 2000 clients against Samba servers it discovered a feature of the locking code that threw the servers into a loop. The team traced this to a zero value parameter in a function call that's "virtually never used", and widely implemented as zero.

There is information that the Samba developers want to see: the IDL descriptions for remote procedure calls. These underpin tasks such as adding users, and adding quotas and shares, and Samba developers have successfully decoded them over the wire. But it's hard work.

"These IDL descriptions are *key* for providing interoperability with Microsoft clients," wrote the team in a submission to the EU commissioners earlier this year. "If these IDL descriptions were published, open and equal interoperability with Microsoft products would be greatly enhanced (although still not perfect)."

Allison says the Samba team has requested the IDL definitions from Microsoft annually, most recently at the 2001 CIFS conference, without success.

And he points out - and here we hope that both Judge Konsonant-Kollection and the EU commissioners are listening - that such protocols are not largesse: they're straightforward legal obligations which Microsoft - convicted of breaking the law - has agreed to perform.

"A pessimistic view would be that this is an attempt to make releasing something that the consent decree requires anyway into a separate magnanimous gesture," Allison tell us, wryly.

"Having said that, any further documentation on CIFS is good. However it may not be so helpful in the real world for those working to interoperate with Microsoft servers."

The stakes are high. Microsoft jealously guards its file and print business, and with its embedded Windows kits (which are stripped down, headless NT boxes) seeks to provide an "official" alternative to the Samba industry, by inviting NetApp, Cobalt and others to become Windows hardware OEMs.

We contacted the SNIA, individual contributors to the CIFS draft, and Network Appliance for comment, but have not received a response at time of writing. ®

High performance access to file storage

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.