Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Microsoft Databases Programming Software IT

Microsoft Ponders Shared-Sourcing SQL Server 194

i_frame writes "C|net is reporting in an interview with Tom Rizo, director of product management in Microsoft's SQL server unit, that 'the company is thinking about including the forthcoming SQL Server 2005 in Microsoft's shared-source program for disclosing product source to customers'. Is Microsoft reinventing themselves, and are they ready to learn the benefits of open source?" From the article: "It's not finalized. It's not anything there, but if a lot of customers demand it, we'll definitely look at doing shared source with SQL Server..."
This discussion has been archived. No new comments can be posted.

Microsoft Ponders Shared-Sourcing SQL Server

Comments Filter:
  • by cyber_rigger ( 527103 ) on Sunday February 27, 2005 @09:34AM (#11793551) Homepage Journal
    It is look but do not touch
    • by matth ( 22742 ) on Sunday February 27, 2005 @09:35AM (#11793556) Homepage
      Indeed.. there is a huge difference between shared source and open source.... I've been told also that shared source some how they make it so that it will not compile??? I don't know exactly how you do that but that sounds like it's not the whole source then!
      • by Anonymous Coward
        SQL Server 2005 Express is FREE anyway. Nobody forces you to use it either. If you don't like it, shop elsewhere.

        Bloody whiners.
        • by artemis67 ( 93453 ) on Sunday February 27, 2005 @10:13AM (#11793676)
          This isn't about being FREE, this is about being able to modify and compile the code for your own use, and about being able to fix bugs and security holes and submit those changes to Microsoft for inclusion in the codebase. Being FREE helps the product to increase its visibility so that more developers will work with it (at least, from the developer's point of view), but the size of the installed base isn't a problem for SQL Server.

          Being able to look at select chunks of code but not being able to modify anything or recompile is of nominal value. I'm really not sure why anyone would want to do that. It sounds more like a PR initiative, so that MS can technically say that they've embraced "open source".
          • by Anonymous Coward
            You can do what you want with it, just dont tell them :D

            There are plenty of SHARED SOURCE licenses out there like HydraIRC, do you bitch and moan about that, NO?

            How often do you MODIFY code? I am a software design engineer and I rarely modify the code on projects available on

            Alot of the time the amount of effort required to maintain it is a bitch unless you are over 80% confident in the code otherwise you are just plain and simply hacking and poking and proding the product hoping the fix
            • I modify software I work with quite a bit, actually.

              I usually do so unhappily, bitching and moaning the whole time, as I'd prefer not to have to - but if I need a cusomisation for my site that's not configurable, I'll still modify the product if necessary.

              I also fix the odd problematic bug and provide a patch with my bug report. As somone who does OSS development work, I *know* how happy that makes the developers.

              That said, I'm working under different constraints than apply to a company buying MS softwar
          • by Anonymous Coward
            MS DO INDEED support FREE and OPEN SOURCE licences.

            WTL []

            They donated this to sourceforge.

            Quit yer whining. zealot.
          • Being able to look at select chunks of code but not being able to modify anything or recompile is of nominal value. I'm really not sure why anyone would want to do that.

            To make it easier for them to find security exploits?

            No, I'm serious, and I'm talking about security-conscious users as well as people attempting to break into computers. If you can't modify or reuse the code, isn't security auditing the only other reason to want to look at it?

            Perhaps that's why Microsoft only wants to release code a ch
      • by Lxy ( 80823 ) on Sunday February 27, 2005 @09:59AM (#11793633) Journal
        IIRC, Shared Source is limited in several ways.

        You do not get a complete copy of the source. You get large chunks... enough to examine the code, but not enough to compile a working product.

        Modification is a no-no. Even sending code modifications to Microsoft is against the license. You may NOT modify code or write patches against the code.

        You absolutely may NOT incorporated shared code into anything. If you've seen MS source code, you must wash your eyes and cleanse your brain as not to inadvertantly introduce MS code into other projects. Some would say it goes as far as not participating in GPL projects.

        Shared source is to appease the customer who wants the ability to evaluate the code and audit its safety. It goes something like "purchase XXX licenses, and we'll show you the source code. Of course, if you don't like the poor quality of the code, you don't get a refund, just that sinking feeling that you're screwed.".
        • by Anonymous Coward
          You do not get a complete copy of the source. You get large chunks... enough to examine the code, but not enough to compile a working product.

          Shared source is to appease the customer who wants the ability to evaluate the code and audit its safety.

          Why do customers think this works? If you have a partial source tree and you cannot compile it to the binaries that you run on your servers, then no matter how much source the company gives you it is still not the binaries you are running.

          Is this trustwor
          • Is this trustworthy computing? Your trusting Microsoft that the source they provide is the same source your running and the source they don't provide is simply irrelevant headers? I don't get it.

            You've got it. That's Trusted Computing in a nutshell. Trusted isn't about a warm fuzzy feeling, it's a statement of what you've done. You run the stuff, you're trusting Microsoft.

        • by tehshen ( 794722 ) <> on Sunday February 27, 2005 @10:29AM (#11793716)
          Then what's the point? You cannot change it for your needs, or compile it at all; You cannot put bits of it into your own projects to make them work more efficiently; You cannot even send patches to Microsoft (not that you could compile them to see if they worked anyway). All you can do is say "yes, this is good code" or "no, this is very unsafe" about it, which doesn't get you anywhere. And you can do that from using the product anyway.

          It can't be for the curious either, as many curious hackers would then be 'tainted' as people have said, and unable to continue with their own projects in case they get sued for copying Microsoft's code.

          'Shared Source' must be doing something correct, otherwise it wouldn't still be here. What is it doing right?
          • by LiquidCoooled ( 634315 ) on Sunday February 27, 2005 @10:58AM (#11793832) Homepage Journal
            Appeasing the lawyers and negotiators in the meetings.

            Govt OSS Advocate says "But OSS software is better because everyone can see and review the source code".

            MS says: "You can see ours as well".

            Its certainly answering some of the critisms against closed source, but its still 100% missing the point of OSS.

            • by tehshen ( 794722 ) <> on Sunday February 27, 2005 @11:28AM (#11793955)
              It is not answering any criticisms - there is no point in seeing the code if you cannot do anything with it. In fact, seeing the code counts against you, as I said above.

              The Govt OSS Advocate should have said "But OSS software is better because everyone can see and adapt the source code". MS just says "You can see ours as well, but don't you dare try to accomplish anything with it."
              • by Anonymous Coward
                There's a long tradition of "shared source" in the IT industry. OpenVMS and commercial UNIX products came as "shared source" for many years. Large customers have demanded read-only access to source code also. This was all done long before "OSS" became any sort of competitive concern.

                "Shared Source" has value in and of itself. Just because it is not the same value as open source is no reason to dismiss it. If you don't want it, don't use it.
          • by ChipMonk ( 711367 ) on Sunday February 27, 2005 @12:02PM (#11794081) Journal
            Then what's the point?

            You already answered it:

            You cannot put bits of it into your own projects...and if you do, Microsoft will move to shut you down. Such a threat is real enough for the Samba team:

            In order to avoid any potential licensing issues we also ask that anyone who has signed the Microsoft CIFS Royalty Free Agreement not submit patches to Samba, nor base patches on the referenced specification.

            The conspiracy theorist in me says Microsoft hopes (L)GPL projects will be contaminated by exposure to their code. The more cross-pollenation, the more Open Source they can shut down and bully.
          • What about using it to optimize the way you use the software. There's alot of voodoo involved with optimizing databases, this would help DBAs and developers to get more of an idea of why certain optimizations work, and help to find new ways to maximize performance. It's not like sharing the source of SQL Server hurts anyone, if anything it shows how open source is putting pressure on Microsoft.

            I mean um... tehrs no point, M$ is eevil OMFG!
          • by DickBreath ( 207180 ) on Sunday February 27, 2005 @02:09PM (#11795046) Homepage
            Ah, my son, you seem to misunderstand the entire purpose of Shared Source.

            Shared Source has a purpose that is not yet fully revealed. Until then, we won't really know if it is doing something right or not.

            The purpose of Shared Source is to poison open source projects. It is hoped that one day, some non-trivial bit of Shared Source will "somehow" find its way into a major open source project. Then the lawsuits and injunctions can begin.

            Despite how badly the fiaSCO is going, the fiaSCO has demonstrated two things very clearfully.
            1. The courts do not understand the technical issues
            2. The courts try really hard to treat both sides fairly -- thus giving a bad faith player the benefit of any doubt, and giving them lots and lots of rope. Even for years and years.
            As a fallback, even if no Shared Source finds its way into one of our projects, then maybe some open source developer's brain will have been found to have been contaminated by the Shared Source virus.

            You do understand how this works don't you?
            1. Get developers to sign away their eternal soul (click AGREE)
            2. Show them some "Shared" source
            3. Wait.
            4. Find one of those minions who have contributed to an open source project
            5. Sue, get injunctions. Claim intellectual property theft! "Those evil vile open source hippie communist terrorists have stolen our intellectual property!"
            6. (more) Profit
            Even if either of the above scenarios do not pan out (1) direct code copying found, or (2) a poisoned developer found; the Shared Source has several other benefits to Microsoft.
            • PR value: See, we're sharing, just like the cancerous open source crowd.
            • Negotiating value for large organizations. You can get more deeeply hooked, er, um, I mean you can make your code interoperate better with our crap. Yeah, that's the ticket: Interoperability. Your stuff is locked in more deeply, er um, works better with our software.
            Shared Source is a win-win. There is no downside at all. I think we can expect to see everything from Microsoft come under a Shared Source license in time.

            Traditionally, developers treat source with great secrecy. You don't want your competitors to gain advantage by studying your work. The above two scenarios are the ONLY reason that the "gain unfair advantage" would not be a consideration. Microsoft would have to be hoping for this to happen. At the same time, Microsoft has no real commercial competitors who could secretly make use of shared source. It is only against Open Source that Microsoft could consider Shared Source to be a weapon -- because they can study our source.

            What would traditionally be a drawback of letting your competitors see your secrets becomes an advantage to Microsoft because: (1) they have no real commercial competitors, and (2) when some real or alleged infringement takes place, they can prove it, unlike with a closed source competitor.

            Ergo, Shared Source is only a weapon against open source. It has never been about any other purpose. Microsoft is not in the business of "sharing", they are out to make money. They expect the "sharing" to have an eventual return -- and a huge one. The "risk" that Microsoft is taking is something that they want us to perceive to be real.
          • Then what's the point?

            Ultimately I think I agree with many others here, in that the main point is probably political -- so that Microsoft can look as if it's doing something good without it really being very useful.

            That said, I think it is still slightly better than having no source at all. For one thing, it's possible to examine the API's more closely and get a better idea of what's going on behind them. Sometimes this can be very useful, especially if the documentation's missing something im

        • You absolutely may NOT incorporated shared code into anything. If you've seen MS source code, you must wash your eyes and cleanse your brain as not to inadvertantly introduce MS code into other projects. Some would say it goes as far as not participating in GPL projects.

          (Hold on while I get my tin-foil hat on)

          Since the money they put into SCO is fizzling, maybe this is their next attempt. Release code into the open (not "open source" open, just that some non-MS people have access to it), wait a few years
          • This is exacty why I will NEVER look at MS code ever. The software patent problem aside, I want to be sure that anything I write will be free of legal and corporate entanglements. This is why I work for a non-profit organization as well. As I like to say:

            1. Your computer (CPU, RAM, etc...) is the wood, nails and screws
            2. The GNU tool chain (gcc, ld, make, etc...) are the hammer, saw and screwdrivers
            3. YOUR OWN IDEAS and the resultant code are the blueprints

            I don't see anyone hauling off DIY folks to cou
        • You forgot (Score:4, Insightful)

          by RoLi ( 141856 ) on Sunday February 27, 2005 @11:39AM (#11793993)
          ... the most important limitation:

          Because you can't compile the code, you have no way to verify that it is even the right source code.

          The only thing you will get is [i]some[/i] source code. It might be from a 5-year old version of the product, it might even be from another product.

      • you couldn't pay me to use that thing anyway...

        I used to have a really good contact with Microsoft, we were running FreeBSD at the time (Linux nowadays) and were quite happy, they suggested we port our stuff to NT so we could 'evaluate' the whole windows thing, they'd pay our way.

        So, free NT licenses and MSDN subscriptions and all the other goodies we're slaving away to make this thing work, just to give them the benefit of the doubt (I'm all for looking at the evidence) and guess what ? YOU CAN'T DO IT

        • "and guess what ? YOU CAN'T DO IT. If you're used to a unix environment and all the seamless integration between tools and the ability to tune the server there is absolutely NO WAY you are going to port any major web application over to Windows in any form"

          "I just want the best environment for my application to be built on"

          The build environment is not the same as the deployment environment.

          If your Web application is so tied to one Unix environment that it is impossible to move then I suggest you have pro
          • by jacquesm ( 154384 ) < minus physicist> on Sunday February 27, 2005 @10:59AM (#11793841) Homepage
            hehe, all my problems are of my own making :)

            transplanting from PHP to ASP is more then a little bit of work, Apache leaves IIS in the dust, so you need more hardware.

            If I can't even get decent performance in the 'lab', and the tools don't let me tune the server to perform at least as good under BSD (or linux for that matter) then why bother throwing it in front of the lions ?

            What happens in the open source world is something like this: Developer X is working on some project, needs a feature (say server-status in apache), adds it to the source, compiles and tests it until it works for him, submits the DIFF to the apache crew so he won't need to do it again next time he rebuilds the latest souces, it gets accepted, he feels good, they feel good, the product just got better. You try to get MS to include one of your 'improvements' or even a suggestion of one into IIS. Good luck :)

            If you throw enough hardware at the problem it will eventually go away, I don't doubt that (and besides Ebay there are quite a few other large companies that can 'afford' to run windows as their server platform).

            It's just that *I* can't afford that strategy and for a small operation like the one we are running (but with a significant web presence) windows is simply not an option due to the above concerns.

            Big companies have less of a problem with wasting some money, some are actually quite good at it !

            And I really gave it a good try, came away quite disappointed.

            FWIW I'm handling some 2000 database driven hits on pages per SECOND.

            I'm sure EBAY does a lot more than that but not on a puny little farm like mine.

          • Server: WebSphere Application Server/4.0

            Their dynamic content is mostly through a non-MSFT application server.

            First, they can go away any day with minimum effort.

            Second, they can use higher level abstractions compared to ASP/PHP as a result of that. This is the other approach to the problem which is more typical of people with the size of eBay. Once your business is that big you are working from a different set of premises:

            • Hardware costs compared to cost of loss of revenue are much lower then in a
      • Indeed. The whole strength of open source is that you can make changes, submit them to whoever, and have them included in future versions for everyone's benefit. People who fix bugs pretty much have to submit them to the code base, otherwise, when they upgrade, the bug may still be there. Who care's if you can look at the source if you can't actually modify or compile it. It would be like KFC giving you the chicken recipe, but you weren't actually allowed to make your own chicken.
    • Yep, have a look at Microsoft's Shared Source FAQ []. It contains a few blurbs about Linux and the GPL too...
    • by petrus4 ( 213815 ) on Sunday February 27, 2005 @09:56AM (#11793627) Homepage Journal
      Look but don't touch that particular code, maybe...but how are they going to enforce/prove it if someone looks at their code and gets ideas from it...and doesn't use their exact syntax, or even copy their entire concept verbatim?

      If Microsoft are serious here, they've got a couple of different options:-

      1) Use a license like the APSL or Mozilla License, which from memory does have a few commercial stipulations.

      2) Come up with their own version of something like the LGPL, in the sense that there are terms with regards to specifically where the source can and can't be used.

      3) Use the loss leader approach. Find something they don't really care about losing too much, (most likely something in their dev department, since that's not their primary bread and butter) and put it under the BSD license. Bill has already been quoted at one of his keynotes as saying that he likes the BSD license, or at least prefers it to the GPL, and he could earn himself some major PR points if he decides to prove it in practical terms...and good PR is something that Microsoft needs as much of as it can get these days. This would also help a few other people. It could score some free PR for FreeBSD, and if Bill was really smart he could even ally with the FreeBSD Foundation and Apple with the goal of driving back the GPL somewhat...Something which I for one wouldn't necessarily see as a bad thing. Stallman gives himself far too much credit for FOSS in general...the man is in dire need of being put squarely back in his box, in my opinion. More promotion of the BSD and other licenses could go a long way towards demonstrating to him that the world does not in fact need him anywhere near as much as he likes to think. I'm aware the GPL zealots will now materialise howling out of the woodwork and mod me a troll, as they generally do when I express this kind of opinion...but they are welcome to mod me a troll as much as they won't silence me.
      • Where Bill says that he prefers the BSD license to the GPL, he is talking about other people's code. Basically, with the BSD licence, code can be ripped out of a project and used within their own closed products. Such as what apparently happened with parts of the NT IP protocol stack

        If they tried that with the Linux IP stack, they would have to put the rest of the nT kernel under GPL - that's what's wrong with GPL, he can't make money off other people's work without giving something back in return.
      • >

        how are they going to enforce/prove it if someone looks at their code and gets ideas from it

        That's what patents are for, and MS has been known file quite some lately. Also, they have the option of isolating what they consider their 'most innovative' pieces in libraries still hidden from view. Finally, if you are good enough to get ideas from them without incurring in copyright infringement by inadvertently doing derivative work by inconscient memory afterwards, you are probably worth your weight i

    • In other words, not free. And you always have to watch out for embrace, extend, extinguish [] tactics when dealing with Microsoft, which is a convicted monopolist.
    • ....It might be much worse than that: if you can touch, it is an open source in which clients get to pay to work on what they bought, so they can pay anew.
  • by Anonymous Coward on Sunday February 27, 2005 @09:36AM (#11793562)
    Microsoft may be willing to open up the source to allow for open peer review of its app; this may be a necessity to stay in the government contracts. The still won't be giving people an open "GPL" type license to use it. Knowing M$, they will find a way to realease enough source to review but not to compile it...
    • It may not be GPL licensed, but they will be offering a free ("beer") version.
      • Avoid shared source (Score:1, Interesting)

        by Anonymous Coward
        It still needs an non-free OS, so it's hardly free beer.

        Still Interesting to see how Linux/Apache/Mysql/PostgresSQL is shadowing microsoft - They are giving IIS away free, they have to sell WS 2003 web edition cheaper xp home, and now they have to give sql server for free... Ms users should be happy about the competition.

        But Shared source is a hideous "Have a look, don't touch, and definetly don't touch any competing product after looking at this". Nice if you are a researcher, but it escapes me why do r
    • The only piece of software that will ever mean anything if they 'shared source' it will be the office suite, specifically excel and word because of file compatibility.

      It is my guess that they'll open source the whole of windows long before they'll 'shared source' the office file formats. The lock in of the market is based on this file compatibility and you'll never have 100% as long as those formats are not public.

      Myself, I'm for forced legislation that states that as soon as a certain file format gains

  • Whatever (Score:5, Insightful)

    by deutschemonte ( 764566 ) <lane.montgomery@gmai[ ]om ['l.c' in gap]> on Sunday February 27, 2005 @09:39AM (#11793571) Homepage
    This is just another attempt to try to dillute the term "open-source" by injecting their new buzzword "shared-source".
  • by Timesprout ( 579035 ) on Sunday February 27, 2005 @09:41AM (#11793579)
    They said they would consider it if they received sufficient requests from customers. Thats like me saying I would consider it if I received enough request for me to wear a tutu while on site with clients. At the end of the day consideration is not action.
  • by Rosco P. Coltrane ( 209368 ) on Sunday February 27, 2005 @09:46AM (#11793591)
    Hello Dear Valued Microsoft Customer,

    As part of our Shared-Source[tm] initiative, you have requested to see the main SQL server[tm] source code.

    We at Microsoft[tm] strive to meet customer demands. As part of the Shared-Source[tm] initiative, we are happy to disclose parts of our source code, in stages, after approval of our Customer's requests.

    Your request has been approved. Please find attached to this email the main SQL server[tm] source code.

    We hope this source code disclosure meets your requirements. The next scheduled disclosure will happen in 450 days.

    Joe Blow, Customers Satisfaction Manager, Microsoft Corp.

    FILE: main.c


    #include <common.h>

    main(int argc, char **argv)

  • shared source (Score:3, Interesting)

    by H9000 ( 529061 ) on Sunday February 27, 2005 @09:49AM (#11793602)
    shared source is not opensource or a license like BSD or GPL so I'm not interested an I will stay with potsgres.
  • sybase (Score:3, Interesting)

    by datadriven ( 699893 ) on Sunday February 27, 2005 @09:49AM (#11793604) Homepage
    Do they need permission from sybase to do that?
  • by zenmojodaddy ( 754377 ) on Sunday February 27, 2005 @09:53AM (#11793615)
    1) Ship half-arsed product.
    2) Let customers spot and fix all bugs, but don't give them the right to use the code they write.
    3) Charge same customers again for new and improved product.
    4) Profit!

    At least until they find out what Free software is really all about... at which point the game is up.
  • is it one time look (Score:2, Interesting)

    by camcorder ( 759720 )
    I really wonder those shared-source service of Microsoft? Is it checking source only one time? I hardly believe any other developer get to the point he wanted by just checking source at once. So it's actually no use at all apart from marketting trick.
  • by nurb432 ( 527695 ) on Sunday February 27, 2005 @10:04AM (#11793652) Homepage Journal
    Regardless of the fact that 'shared source' is not 'open source' ( actually its worse, as it could potentially create 'tainted programmers' and ruin their careers, and any open project they touch ) i dont see Microsoft letting anyone take a peek at one of their few GOOD products..

    Too much risk for them. Just imagine the next 'slammer worm'...
  • by occamboy ( 583175 ) on Sunday February 27, 2005 @10:10AM (#11793667)
    While shared source is not nearly as good as open source, this is pretty dramatic stuff. Microsoft would only be discussing this publicly if they believe that they're getting seriously hurt by open source stuff, e.g., PostgreSQL and mySQL.

    This means that open source is really and truly getting a serious chunk of the market.

    Personally, I've been using PostgreSQL in situations where I'd otherwise be using SQL Server if PostgreSQL did not exist. PostgreSQL is phenomenally powerful and robust. And, for those who want to go the Windows route, its new Windows installer is so user-friendly that it approaches SQL Server in that department.
  • Gift of polution (Score:4, Informative)

    by DoofusOfDeath ( 636671 ) on Sunday February 27, 2005 @10:19AM (#11793691)
    SQL Server is a joy to use, in medium-sized databases. So if MS was truly sharing it with the world gratis, that would be wonderful.

    But the bigger concern is that by opening their source code, every open source database is now subject to a lawsuit from MS, claiming that it misappropriated some for-loop or comment line that appeared in SQL Server.

    IMHO, the open-source DBs are catching up to SQL Server just fine, and would be far better off without the lawsuit risks associated with MS exposing its source code.
    • mod the parent up. The lawsuit angle is the most valid business justification for Microsoft to open up any source code whatsoever. Imagine, for example, if SCO had pockets as deep as Microsoft how successful its legal attack would have been.
  • I have not used shared source, so please correct me if I misunderstand this:

    When they did this to ATL 7, that seemed useful since that is a lightweight library that developers commonly call into. A C++ developer could trace into it and it would help them figure out a crash in their app, or contribute bug fixes/improvements to ATL7.

    I want access to the source for libraries that I call into directly such as MFC. That would me debug MFC applications better. Shared source of IE would help me figure out why
    • *not likely that an individual developer will find bugs or contribute patches to it*

      that would be against the license of shared source, you can't really do anything with the source.

      the real purpose of it is just another checkmark on the evaluation paper when considering them against an open source rival.
    • I want access to the source for libraries that I call into directly such as MFC. That would me debug MFC applications better.

      You do know that the MFC source is availible, right? Comes with the compiler. Back when I worked a straight job a co-worker of mine actually found a nasty bug in it that was causing us all sorts of problems. He ended up building a patched version and we shipped that with the product until MS fixed it (he reported the bug, supplied the fix).
  • by JustNiz ( 692889 )
    >Is Microsoft reinventing themselves, and are >they ready to learn the benefits of open source?

    NO. Messages like the above only serve to confuse and distract. Microsoft's shared-source scheme is nothing like open-source.
  • 'Nuff said. Rumor has it that this even has some lower level marketing types at Oracle a little nervous.
  • While not exactly source code, I was very impressed to see the inclusion of the SQL Server 2000 System Tables [] when I got my copy eons ago. Now with the hints of shared-source, I'm actually less suprised than I might have been.
  • by idlake ( 850372 ) on Sunday February 27, 2005 @10:50AM (#11793803)
    Once you look at someone else's source code, you run the risk that they claim that your own future work is "derived" from theirs. Some shared source agreements are quite explicit about that, while others are merely silent on the issue. Some shared source agreements also explicitly state that the code you are looking at is unpublished and contains trade secret information.

    The only way to guard against those claims is not to look at other people's source code unless the license not only permits you to look but explicitly permits you to reuse. Open source licenses do that, shared source licenses don't.

    Shared source isn't new. AT&T UNIX and DEC VMS were "shared source", for example. Companies hand out shared source licenses because they are too cheap to fix their own bugs and want to get bug reports with fixes from customers, because they want customers to be tied more closely to their product (making it harder to switch), because they want others to do their porting work for them, and/or because they actually want to lay traps for open source developers.

    If you have looked at any shared source source code under a non-open source license, do not work on any related open source or proprietary project; you would be putting those projects in jeopardy. Do not be fooled by "shared source" that's downloadable with a click-through: it may look like open source at first glance, but whether it's downloadable or whether you have to go into a room with five lawyers and sign an elaborate agreement may make some difference if it came to a court case, but it doesn't change the principle. Furthermore, most of those cases won't get to court: your future employer or open source project will probably unceremoniously dump you if there is even a hint that you have looked at shared source.

    In other words, before you look at some company's proprietary source code, think carefully whether you want that company to own a piece of your brain for the rest of your life, because that's what it comes down to.
    • How often has someone actually been harmed by this trap? Windows source is shared with various companies and universities yet I haven't heard of any problems arising from that.
      • Depends on what you mean by "harmed". Here is what GNU Classpath [] has to say about it:

        3.2 Can I look as Sun's sources to get inspiration?
        No. In fact, if you read Sun's sources we can't accept any code from you.

        Many other open source projects and many companies have similar rules. If the issue arises in a company, they may try to find another internal position where your previous exposure to such source code doesn't create a legal liability for them; of course, that position may be less interesting and

        • Isn't looking an open source code limiting if you plan to work on proprietary software? I imagine MS wouldn't hire any Linux kernel developers.
          • Isn't looking an open source code limiting if you plan to work on proprietary software?

            Not legally; the open source licenses are pretty clear on that point, and open source is, by its very nature, not trade secret. The legal problems that can result from looking at non-open source code are real.

            I imagine MS wouldn't hire any Linux kernel developers.

            MS hired some of the people who developed the original (open source) Mach kernel. Microsoft has also hired other open source developers (e.g. the develop
    • Once you look at someone else's source code, you run the risk that they claim that your own future work is "derived" from theirs.

      There's nothing unique to proprietary source about that, though. I could just as easily release some code under the GPL, wait, then go after anyone releasing code that does something similar too.

      True, most lone coders and independent projects wouldn't have the money to sue, but what of larger companies, such as IBM or Apple? Just because they're playing nice now doesn't mean th
      • There's nothing unique to proprietary source about that, though. I could just as easily release some code under the GPL, wait, then go after anyone releasing code that does something similar too.

        No, the two situations differ.

        Open source licenses satisfy explicit requirements (see that protect you from such claims; the nature and aims of open source software almost make that necessary.

        Shared source licenses, on the other hand, usually impose restrictions that cause legal problems if y
  • What about the Timeline patents? Is this going to be used to allow Timeline to harass companies other than MS?
  • Compare it with a dictatorship where all decisions are exposed to the public. The public can whine, rant, yell, scream, protest, but it's still the govt's decision anyway.

    Open Source is in contrast, a democratic government, run by the people. Open source isn't about "opening" your source. Open source projects are community driven, designed for and by the people.

    If Microsoft wants to share its SQL server source, they must ensure:
    a) That the whole thing is released so people can compile it at home,
    b) Support the community requests to change this or that part of the code
    and most important, c),
    NOT use this as a weapon to end the competition. How do we know that they'll sue open source projects because one of their developers has even glimpsed at Microsoft code?
    Call it FUD if you like, but As much as Bill says GPL can infect projects, I fear that the "microsoft share code" will "infect" open source projects so that Bill can sue them all and vanquish the competition.
  • by Anonymous Coward
    Once you look at M$ "shared" source, you're tainted - you're now subject to having M$ review all the code you ever write to make sure you didn't "steal" the ideas you saw in M$'s code.

    Have a nice career - my company won't even interview anyone who's signed one of those "agreements" that allow folks to see M$ code. You have to sign an affadavit that you've never done such a thing to work with us.
  • by tod_miller ( 792541 ) on Sunday February 27, 2005 @11:49AM (#11794029) Journal
    1) They tried to 'dirty' open source, and still do, calling it viral, commie... dirty words in the US/IT dictionary.

    2) Open source is a big buzz word, something each IT manager is worrying his job over.

    3) Open source is seen as growing competition against M$, they want to remove any unique selling points

    4) pressure from gov's looking to switch to open source

    IBM have opensourced a DB, sun have/are about to.

    So Microsoft invent shared source... I thin they were forced to do this... so they went along... it is pathetic at least.

    Now they are trying to us thier 'shared source' to confuse the unwashed masses that microsoft has the benefits of open source... the best of both worlds... pathetic shit like that.

    still, doesn't work on me.

    • In summary: when IBM and Sun open source something, they do it for real, and when Microsoft does it, they would just as well have not done it.

      It took Sun years to produce OpenSolaris. They had their team of lawyers on it, studied the problem, went with the CDDL for many reasons, and, finally, after five years, will release a full open source operating system. And the fruit of their efforts is an OS that should basically be immune from patent lawsuits--this is a good thing.

      IBM most definitely went throug
  • Sharing? Wait, a minute, Bill - that's communism!

    It's going to be hard for Microsoft to talk out of both sides of its propaganda mouth on "Shared Source". They've got 3 points they hammer Open Source on:

    1> No corporate accountability

    But there are big, sueable companies which specialize in open source support contracts: IBM, Novell, RedHat. Their bizmodel is exactly consistent with Microsoft's whining that SW TCO comes from the support costs, not the purchase. While Microsoft's model treats support as

  • Many above have mentioned that Shared Source is a one way system. It only benefits the owner (Microsoft), by having lots of eyes (and brains) on their code.

    Ingres source was also opened recently. It did not do them much good. Hope that Microsoft learns the lesson there.

    This is mainly a PR ploy: they want to say that they are "open" too, and they are putting out the source like others do, so they are like Linux et. al.

  • Of all the things they could open, this is one I'm pretty happy they've have the caps on.

    SQL server is the only product to my knowledge that preforms reasonably well, is incredibly stable and is probably the least affected by malicious attacks. (yes I know that's still a lot of attacks, just less than windows/iis/ie)

    It's so touchy opening a product up that's in use already in the market. At least in opensource, there's a public alpha and beta and people have a chance to work out some of the bugs/exploits
  • Q: Would Microsoft willingly let crackers view its source code?

    A: Of course not.

    Yet this is what Open Source software has been doing for years.

    The Shared Source way of allowing select users to check code for flaws is fine; but, surely one of the greatest benefits of Open Source is that anybody can see it?

    Secure coding is mandatory for popular Open Source software - it's a prime target!

    Open Source software can stand up to being thrown to the masses, yet Microsoft prefers security through obscurity [].

  • you mean the source code that originally belonged to Sybase []
  • Since the vast majority of the SQL Server codebase is straight from Sybase (that's where MS licensed the database from in the first place), M$ has little to lose by opening the kimono on SQL Server with other BigCo licensees.
    • You seem to have issues with tense. Let me rewrite your sentence for you, with the correct tense.

      Since the vast majority of the SQL Server codebase was straight from Sybase...

      Version 4.2 of SQL Server, which ran orignally on OS/2 was a joint Sybase/MS product. MS then made the decision that OS/2 was not the platform of the future and ported 4.2 to NT (this is in 1992). Indeed ported might not be the best way to describe it, because it involved a huge amount of re-writing of code, including the kernel. O
  • Shared source is bullshit.

    There is an argument for security by obscurity. I am completely unconvinced by it, but it's there. So now you take a product that is highly dependent upon obscurity for its security and you let (world - dog) check it out. Now the set of people who can audit for vulnerabilities is larger. Oooh - I'm sure there's no economic espionage coming from China! I'm sure there's no maladjusted contract programmer at THIS Fortune 1000 company going to share the shared source on IRC. But
  • What's ours is ours...

    and what's yours is ours too...

  • SQL Server has some features that aren't yet in Postgresql(I'm thinking clustering and some aspects of the web services interface). Shared Source SQL Server would mean that folks like the Wine team could probably get SQL Server running flawlessly under Linux/FreeBSD. I can believe some folks might actually use this configuration-but I suspect Postgresql and MySQL will get equivalent features soon enough there won't be much point.

  • I wonder what would happen if Bill suddenly woke up one day and said "What the hell are we doing, I should have seen that Open Source is the future!" And after this revelation decided to be truly open, instead of playing the current games they're playing?

    Of course they wouldn't make everything open source. What impacts would a REAL change in strategy mean for the community?

  • Shared Source is simply a way to allow certain users (gov't primarily) to review code for certain audits. It is in no way a relative of Open Source. MS would not be offering the code to just anyone who wants to download it. It is in very controlled circumstances with NDA's being signed. The comparisons to "opening up" code in a limited fashion are just silly. It's comparing apples to oranges.
  • Big deal.

    Microsoft is just finally doing something to fight against postgresql, which finally has a fast and easy install for windows machines.

The first Rotarian was the first man to call John the Baptist "Jack." -- H.L. Mencken