Feeds

Microsoft exposes more Windows code

Jumps antitrust gun

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

ComputerWire: IT Industry Intelligence

Microsoft Corp will expose more Windows source code for public consumption today, this time in compliance with a proposed antitrust settlement.

Redmond, Washington-based Microsoft is making available to third parties 113 protocols used for communication between Windows clients and servers under the Communications Protocol Licensing Program, launched today.

Protocols are available in task-focused packs starting at $5 per server. Microsoft refused to provide further price details in public.

The Communications Protocol Licensing Program will be followed on August 28, with disclosure of 272 application programming interfaces (APIs) used by five Microsoft middleware applications.

The APIs are used by Microsoft's Internet Explorer (IE), Instant Messenger, Windows Media Player, Outlook Express and Java Virtual Machine (JVM) to call Windows. APIs will be posted on Microsoft's popular Developer Network (MSDN).

Microsoft senior vice president and general counsel Brad Smith claimed just one protocol and one API have not been released. These are the Windows file protection API, used to replace critical Windows components and which the company claimed could potentially expose users to more virulent forms of viruses if released.

Also unreleased is the Secure Remote Procedure Call (RPC) Protocol. The current protocol contained a security hole and Smith said a patched version would be released instead.

The protocols and APIs were hitherto only available to Microsoft engineers. Their release, announced yesterday, is the latest step by the company to comply with last November's proposed anti-trust settlement Microsoft reached with the US Department of Justice (DoJ) and nine prosecuting states.

Further steps towards compliance include the Windows XP Service Pack 1 (SP1), due by the end of September. Windows XP SP1 should enable users and Original Equipment Manufacturers (OEMs) to hide IE, Instant Messenger, Windows Media Player, Outlook Express and the JVM and to create custom installations of Windows. Similar functionality was included in the Windows 2000 SP3, released last week.

Also under the agreement are new licensing terms for OEMs, which came into effect on August 1. The agreements mean one-year contracts for all OEMs with extended indemnity coverage to manufacturers.

The Communications Protocol Licensing program is available to third-parties under a non-disclosure agreement. Microsoft will license protocols in packs based on specific areas of functionality, such as file server, print server and streaming media. A set of 50 base protocols have been identified as necessary to all tasks and are offered in one pack.

Compared to the total number of API's in Windows, those to be released on August 28 are a mere handful. They also potentially give competitors the opportunity to fine-tune their own software's interoperability with the client.

Smith said: "This puts us in a different position to everyone else because we are obliged to license some of our most valued technology to competitors."

In making the protocols and APIs available, though, Microsoft is actually furthering its own interests. Senior executives have lately recognized the success of Linux and open source software comes from open availability of APIs coupled with relatively loose licensing terms.

Microsoft has sought to emulate this with its Shared Source Initiative, recently completing the latest version of Windows CE.NET with University of Leicester.

Release of APIs and protocols can potentially help further seed the market.

APIs will be available for free download and Smith said Microsoft does not view the Communications Protocol Licensing Program as a major revenue stream.

There's just one problem. This proposed agreement still hangs on a decision by Judge Collen Kollar-Kotelly over calls for harsher antitrust terms that are sought by nine non-settling US states. Those states are seeking modular versions of Windows, free of the bundled browser and media player.

© ComputerWire

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.