Modernizing Authentication — What It Takes to Transform Secure Access
After parts of Microsoft's Windows 2000 and NT operating systems were discovered leaked to the Internet, then came the dirty laundry. Reports of sloppy code and snotty commenting made the revealed source code a must-read for many Microsoft watchers. But most open source programmers are taking a strictly eyes-off approach.
"I would never look at the code," said Michael Cherry, an analyst for Directions on Microsoft -- and a former Microsoft program manager and senior architectural engineer. "If anything like it ever shows up in any work I do, I'd like to be able to say, 'Well, I never looked at their code.'" His sentiment was echoed on IRC and chat boards, where some opined that the leak was actually a dirty trick by Microsoft to entice programmers to use the code then discredit them.
Microsoft is sending notifications to people who may have downloaded the company's source code warning them that such actions are in violation of copyright law.https://l1.cdn.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iEven though software is a product, the code falls under the same copyright laws as any other written material, according to Christopher W. Brody, a partner in the intellectual property firm of Clark and Brody. Just like book authors, companies have to file their source code with the Library of Congress. "But it's not like a book in that you don't have to send it to the copyright office and publish it so people can see it," Brody said. "Software companies can publish only part of the code and redact portions they want to keep as trade secrets."
Today, Brody said, companies also use patents, if they can, to protect software routines. Patents give broader protection than copyright. "They protect the way the code works rather than the specific code. I could describe some software routine and implement it with ten different pieces of code. But my patent claim could cover all of those ten codes."
In theory, if someone used any of the leaked code, Brody said, Microsoft could sue for copyright infringement.
The scenario of independently creating code that looked like Microsoft's, then being accused of plagiarizing is certainly possible. But, Brody said, Microsoft would have to prove its case -- and the fact of having looked at the code isn't enough. Unfortunately, this thorny question would have to be decided in court, or at least in arbitration, not an inviting prospect.
Actually, a lot of open source programmers just don't care, said independent software developer Andy Green. "The projects which try to be compatible with Windows, like Wine, however, are a different story," he said. Wine is an open source implementation of the Windows API for X and Unix, with a toolkit to port Windows apps to Unix and a program loader to run unmodified Windows binaries thereon. "The sources will be tempting for them, because of Microsoft's lack of openness about their APIs." Green said that Wine has made good progress without access, "but the extra information would make the difference between it working for many programs and working for them all."
Green said it's possible that Wine or other developers might use reverse engineering principles on the code: One group looks at the code and writes functional specs for it, then a separate group writes code to those specs independently.
"But who knows?" he said. "Having come so far on their own, and with the distaste for the Microsoft code that is widespread in OSS programming circles, they may well decide to have nothing to do with it."