To Microsoft, Open Source means "Windows Encumbered"

One of the most interesting things to happen in the past couple of years, is Microsoft's embrace of Open Source. This means different things to various people I've spoken with at Microsoft. Some seem genuinely sincere. Some seem less so. What hasn't changed is Microsoft's behavior to the Open Source community at large.

Microsoft's version of Open Source Software (MSOSS) means software licensed under an Open Source License which is encumbered with a dependency on SharePoint, Microsoft Office, Microsoft SQL Server or Microsoft Windows (Azure or classic). This underscores something critical that we have all learned over the past few years while on our journey towards freer technology. That is that Open Source licenses are NOT enough to ensure (corporate or consumer) end-user empowerment. We also need Open Standards and Open Data.

Call it software freedom or whatever you want to call it. I think of it as End-user empowerment. This empowerment is, to me, about being a good capitalist. Empowered software users have these rights (among others):

  • To use - as they see fit to the best of their capabilities. If I want to embed it, redistribute it, enhance it, use it on some other device, I should be able to without fear of prosecution
  • To exit - if they don't like the price of staying on your platform, they can take their data and go home without impractical obstacles.

With these rights come pricing power. The ability to switch vendors when you don't like the price. Think of that antiquated accounting software your company uses, despite ever increasing prices and lacking conformance, just because they don't know how to get the data out. The next time Microsoft pitches their openness, or some product, or MSOSS, take them to task. What if you want to move your documents from Sharepoint to some other content system, because they raise the price, you can't afford it anymore, or your users just can't stand to use Internet Explorer when they want to edit in WYSIWIG? Can you run your Windows Azure VM on Amazon EC2 without reinstalling everything? Why should you encode your video in a format that will require you to pay a tax every time you want to view, modify or copy it to some other device or share it with a friend especially when better alternatives exist? If you base all your software on .NET, just how well will it run on Linux or OS X or one of Google's new fangled hand-held devices? What if they stop supporting whatever it is they're pitching today? What if you don't want to upgrade to Windows 8 (say if it is as bad as Vista)? What rights are you giving up? How much pricing power will YOU have after 6 months, a year, 10 years? Educate yourself, challenge your vendors and be a good capitalist (or free person).

Update: For certain people who think I don't give enough in the way of examples, I refer you to this more example-laden blog by someone else.


Andy, I could not have said it better myself. You have done a great job of identifying the fundamental ways in which open source can be made the lap-dog of a proprietary master. Open standards are, of course, as important as ever, and Microsoft's behavior in that arena has been both egregious and troubling. I look forward to what you have to say about open data.

MS is a public company and, as such, it's goal is to increase the value of the company for its shareholders. Like other public companies, everything they do is towards that end. It surprises me when other people are surprised that Microsoft is not behaving in an altruistic fashion. Their goal is to sell more copies of MS software, period. If they embrace open source software (in any way) it's only because they think doing so will further that goal.

Microsoft has acknowledged that open source software is hurting its profits. Especially GNU/Linux and other closely related software. So, in my opinion this explains why we have seen such a huge increase of Microsoft's activity to try and undermine it. The patent threats, release of FUD from close allies like Symantec and others, and overall sneaky behavior. Microsoft is very clever and they don't want you to realize that they are the puppet master behind all distractions.

>> That is that Open Source licenses are NOT enough to ensure (corporate or consumer) end-user empowerment. We also need Open Standards and Open Data. An open source license can be sufficient if we actually get the source! The problem is when the open source is for a wrapper of sorts and the actual data handling is through binaries (eg, through opaque system library calls). And open source that is closed off (eg, as allowed by BSD) is just a variation of this since the end result is that arbitrary details of behavior are obscured, and these details can make all the difference. This is why all "open source" applications on Windows or Mac are not open source because a great part of the application time and function is being carried out behind our backs by the OS, and those interfaces are not precisely defined publicly anywhere. A Windows or Mac update tomorrow can break your application in subtle or not so subtle ways (beyond whatever problems already existed today) or cause it to perform horribly, and there would be few ways to efficiently discover and fix those new problems. Note that a large binary blob update to these OS can wreak havoc on any serious effort to attempt to reverse engineer the OS behavior since the update can effectively function as a recompilation/re-obfuscation. And such a large update might be necessary in order for the OS to function as expected. So to attempt RE, you might freeze the binary after the updates you want (eg, disconnect from the Internet) and then try to follow the machine instructions from boot. However, this path can take you through a very long obstacle course (remember it can take a human (but not a computer) a very long time to go through and analyze just 1 billion instructions). By the time you finish, you might be years off. The old apps might not work any longer on new systems fully updated (and the app vendors would have updated the app recompilation with newer OS vendor build tools). Additionally, functioning of the OS might not even work without Internet connection, meaning that you might not get a chance to study the billions of instructions that precede an app start up without allowing the OS to grab new bits from online, but these bits might cause the OS to change many of the function calls that had already been called. In short, you have to study the instruction stream with a live system running (if perhaps throttled, etc, on special hardware or through virtualization). Taking too long can mean that the upcoming downloads don't match with the earlier ones and the system breaks, so, to try to stay in real time, you might try to instead take a snapshot of the full state of the system from online update to update to use for later analysis. All along, you'd have to try to avoid alerting the update server software that anything is out of place since that might be enough to cause the updates to turn into garbage (as a defensive mechanism against RE.. I mean security). In any case, how many teams have the resources to attempt this and do a reasonable job? Note such an attempt would go against copyright law and the EULA [thus further limiting the number of re attempts.] Would such a talented and sophisticated team undertake those costs and illegal actions and then share the results? In fact, if they want to recoup costs and if they were willing to break the law, one likely result of their partial research successes might be malware they can use on victims. And note that it's much easier to simply take all of a Linux system and study that inside out from the source code and even from the binaries that don't try to thwart re. The key to interoperability is in the bits you have a difficult time accessing. Don't promote closed operating systems if you value open source, end user control, and competition. Open source licenses on applications running on closed platforms, which manage to hide many important details, are a trap and likely contains more than an ounce of false advertizing.

Good article. The point is that you need free software all the way up the stack. Running some PHP code on Windows is not as free as running it with Linux / MySQL, etc. BTW, Richard Stallman realized this. He started with a compiler and an editor. It is with this that you build a kernel, etc. The good news is that the more free software is used on Windows, the more it is also used on Linux. When Microsoft didn't support PHP it just created a big reason to use Linux. Now that MS does, it just means PHP will gain even more users who can now switch to Linux one day. There is nothing MS can do except fight and cling. The focus should be Linux on the desktop. This lists the biggest workitems:

I want to reiterate the point that nobody should expect open source to require altruism. Open source gives you a certain set of advantages, but it also comes with some costs. Freedom isn't free. It isn't EVER free. It has costs, but it also has benefits. You should choose open source when the benefits outweigh the costs. I think it's a ringing endorsement of open source that Microsoft is choosing it ... not consistently, not perfectly, not always, and always for their own products. But it's still bringing open source benefits to Microsoft customers, and we should be proud that we helped to bring Microsoft around. There are further benefits for them, so we need to keep working on them, just as Andy has said.

Open Standards are, to me, the greatest things to come from the Open Source community. Open Standards allow simple interoperability of any device with any other device, with no legal worries. They do not force the product using the Open Standard to be Open Source, they do not require small-time developers to pay expensive royalties, and they do not attempt to secure their own interests in detriment (however small) to the common consumer. This is the pure beauty of open standards.

To promote and protect open source software and communities...

For over 20 years the Open Source Initiative (OSI) has worked to raise awareness and adoption of open source software, and build bridges between open source communities of practice. As a global non-profit, the OSI champions software freedom in society through education, collaboration, and infrastructure, stewarding the Open Source Definition (OSD), and preventing abuse of the ideals and ethos inherent to the open source movement.

Open source software is made by many people and distributed under an OSD-compliant license which grants all the rights to use, study, change, and share the software in modified and unmodified form. Software freedom is essential to enabling community development of open source software.