Feeds

Bill Gates' letter to hobbyists (en Français, 2006)

Plus ça change

Providing a secure and efficient Helpdesk

The mere fact that a free software project has rejected source code might surprise some, but only until you see the strings attached. And they're more shackles than strings.

"The license proposal forbids you to run any binary that's based on the source code," Samba developer Volker Lendecke says.

As the Samba submission to the commission pointed out, code that was potentially encumbered with patents would have required the Samba team to set up a clean room.

"So having the ability to run source code, the complications rise tenfold. Really a bunch of new different problems," Lendecke says.

So there's the issue of practicality. In 50m lines of source code, it's hard enough tell what's going on, let alone what patents might be lurking. Back in 2001 the dissenting states suggested forcing Microsoft to disclose its Windows source code to rivals - and we can understand why that idea found no interest.

There's also another reason why a source code offer isn't all that it seems.

In his 1984 paper "Reflections On Trusting Trust", the co-author of Unix Ken Thompson described a theoretical Trojan which could be salted away inside the compiler. It's a work of subtle beauty that deals with the transmission of knowledge without the transmitter being aware of the payload. That's something we're all experts on, whether we think very much about it or not.

"No amount of source-level verification or scrutiny will protect you from using untrusted code," concludes Thompson. The relevance of "Reflections..." to this week's hearings is not to suggest that Microsoft has been so fiendishly clever that it may have rigged its compilers with an unknown payload - a feat which would require a level of foresight unknown at Redmond. But its to reinforce the general point that disclosure of the source code isn't the full story. Source code is not a holy grail of authenticity, but merely a set of instructions for other mechanisms to obey. The map is not the territory.

In fact, all the Samba team want, according to Andrew Tridgell's testimony this week, is a floppy disk's worth of Interface Definition Language descriptions.

Another comment of Cooke's met with astonishment during calls to parties with an interest in the outcome of the case on Thursday afternoon. Cooke expressed skepticism that Microsoft's buy out of AT&T's AS/U, its Windows services for Unix, represented a "disruption of supply". AT&T had licensed the code to 11 vendors, including HP and Sun, to permit them to build Windows interoperability into their server offerings. (We can't stress enough that the European anti-trust case specifies a server-to-server remedy beyond the client-server remedy the US settlement outlined).

The proof is surely in the consequences of this action. After Microsoft's cash settlement with AT&T, derivatives of AS/U such as Sun's PC NetLink withered on the vine. The only Windows interoperability project to gain any widespread industry momentum since its demise has been Samba, which is handicapped on several fronts. Did AS/U licensees - some of the biggest names in the industry - rationally decide that what their customers really wanted was worse Windows interoperability? Cooke seems to invite us to draw this conclusion. One must hope the other judges find this far-fetched.

Asked what Samba really wants, the team told us

"A fully specified protocol to the level of detail of an internet RFC, much like Sun's NFS v4 - that would be perfect."

There you have it. Not such an intellectual property giveaway after all, is it? ®

Internet Security Threat Report 2014

More from The Register

next story
Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
Windows NEIN skipped, tech preview due out on Wednesday
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
'Google is NOT the gatekeeper to the web, as some claim'
Plus: 'Pretty sure iOS 8.0.2 will just turn the iPhone into a fax machine'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.