|
February 12, 2004, was a day that will have many far-reaching consequences for Microsoft. In every sense, it was their very own September 11: A sea-change event that has shaken the foundation of the company's business model and the security of every Windows system on the planet.
The unauthorized partial leak of the Windows 2000 and NT 4.0 source code will present many problems for the software giant. But rather than dwell on the impossible task of cleansing the Web of this unauthorized code and seeking to prosecute those who distribute it, Microsoft should capitalize on the situation.
Why not make lemonade out of lemons by doing the unthinkable: Redistribute the complete NT4 and Windows 2000 code base via either a fully OSS-certified or quasi-open-source license on the MSDN web site?
Sound crazy? Maybe. But think about the positive implications of a fully Microsoft-sanctioned complete release of this code:
As is the case with the Linux distributed open-source development model, public scrutiny of the Windows 2000 and NT 4.0 code would allow developers, academic and professional, to submit bug fixes and product enhancements directly to Microsoft. This could help resolve long-standing security holes and add many simple but still-missing features that still have not been fixed or addressed in the closed-source version of the software.
Many slick security "tools" written by the hacker and virus/Trojan community will exploit back doors and holes in the exposed Windows code. Like it or not, because of this leak, we're likely to see unbelievably destructive exploits that will make the SCO Doom worm look like a 24-hour cold. But by providing a central clearinghouse and authorized community for this code, antivirus software vendors, other legitimate software developers and IT shops would be better able to understand and remediate these publicly exposed holes. As with Linux, Windows would advance from its position as one of the most insecure OSes in the world, to one of the most secure in a very short time.
By releasing the NT 4.0/Windows 2000 source code into the public domain, Microsoft could prove its sincerity in making Linux and Windows interoperable and compatible. Rather than trying to reverse engineer the Win32 API, the NTFS file system, the SMB protocol, and numerous other Windows subsystem components -- and wasting countless man hours on these tasks – developers could use the real, authorized Windows code. We could run these components natively on Unix-like operating systems such as Linux and Mac OS X, and bring in a whole new age of completely compatible heterogeneous networks and operating systems.
Crossover Office? WINE? SAMBA? VMware? Win4Lin? Who would want to use these things when you could have the real McCoy running on alternative OSes? And before you say "Microsoft isn't interested in porting its applications run on Linux," remember that with a pure implementation of Win32 and its core subsystems, Microsoft would never need to expend the resources to do so. To boot, we'll see better ports of open source Linux applications to Windows. With open-sourced Windows, these ports would proceed at a vastly accelerated rate, as much, if not all, of the guesswork of Windows internals finally would be eliminated.
Being able to run Windows applications and services natively on Linux and Mac OS will translate into increased sales for Microsoft software. And, contrary to common wisdom, it will also translate into a possibly HUGE windfall of professional services for Microsoft Consulting Services and its Solution Provider Partners. The consulting ecosystem will grow like cultivated bacteria in a Petri dish.
Am I crazy or crazy like a fox? Write me at mswatch@ziffdavis.com and
let me know what you think.
Jason Perlow is an independent technology consultant and the founder of eGullet.com, the food news and discussion website. He has been integrating (and writing about) Windows, UNIX and Linux networks for over fifteen years.
|
Comments (1)
How do you know the code leak wasn't intentional?
What a better way to patch then to have bugs to a system already hit for it? And then SP2 came out soon after all the attacks, don't you remember that? I think they may have done it on purpose.
Posted by Random Person | December 1, 2007 1:31 AM