i was thinking about the Microsoft vs DOJ spectacle today, wondering
what the gov't would do if M$ actually loses. the obvious answer is
that the case will roll its way up to the Supreme Court.. or even
farther, if the M$ legal team can find some way to force the issue..
but assuming a few million years of evolution take place overnight in
DC (or divine intervention occurs, depending on your personal taste),
and our governing bodies suddenly discover they have spines -- what
then?
nobody much likes the idea of having the gov't step in and break M$
up, like it did with Ma Bell.. probably because we've all had a chance
to see how well *that* worked. but it's about the only option i've
heard discussed so far.
this afternoon , however, an idea came to me which i rather like:
if Microsoft is found guilty of leveraging its OS monopoly.. blah,
blah, blah.. they lose the right to keep their source code private.
y'see, Microsoft uses a development technique called "the daily build
and smoke test". every day, a version of the program under
development is built and run through a series of quality tests. if a
given build doesn't pass the tests (it "starts to smoke"), development
comes to a crashing halt until the problem is fixed. it's a very
good development strategy, but it can also be turned into an
absolutely brutal paper trail, should anyone want to start throwing in
hidden features.
i don't propose that all Microsoft's code be made public as the
products are developed.. that would be ridiculous. OTOH, i can think
of no immediate damage to Microsoft that would result from being
forced to provide the gov't (at their own expense) a set of CDs that
contain the complete source tree, test suite, diff files, and
configuration management specs for each daily build.
the verification would be almost trivial.. at any time, a federal
inspector can come in and run a PGP hash of the whole source tree to
see if the result matches what the CDs say. the diff files can be
used to revert any version of the source tree back to all previous
versions, so there's no way to hide a faked source tree. the
configuration management specs tell you *exactly* what kind of
machine, compiler, libraries, and other software were used to create
each build. the inspectors can do their own builds independently,
and test them against the Microsoft version to verify that they're
byte-for-byte identical.
if, at any time, the gov't feels that Microsoft might be playing games
with the source, it can have an independent review done by programmers
who are sworn to secrecy under the standard federal rules. Microsoft
doesn't need to know if, when, or where such a review might take
place, until they get a report from the investigators that says,
"about this part of the code here ..."
oh yes.. something else that goes on the CDs: the database of all the
coders who work on the project, and what changes they made to which
files. if a certain block of code comes under scrutiny, we want to
be able to subpoena the person whose fingers actually hit the keys,
and find out what they have to say for themselves.
none of this would be particularly burdensome to Microsoft.. they're
doing all the work, now. the only difference is the requirement to
back everything up to CD, and ship it off to a government warehouse
somewhere. frankly, having to face the possibility of external
scrutiny would encourage the coders individually, and the company as a
whole, to write better software. it would also give the people who
want to develop *good* products a better bargaining position.
i don't expect this kind of thing to actually stop Microsoft's
powermongers from trying to sneak things under the wire.. nothing can
do that. it does make the job a whole lot harder, though, which
would keep them from causing as much trouble as they do currently.
besides, after that *embarrassing* glitch last week, where they
somehow misplaced the source files for their one-time flagship product
(currently under litigation from Caldera), i can't see Microsoft
posing any serious objections to an off-site backup archive. ;-)
mike stone <[EMAIL PROTECTED]> 'net geek..
been there, done that, have network, will travel.
____________________________________________________________________
--------------------------------------------------------------------
Join The Web Consultants Association : Register on our web site Now
Web Consultants Web Site : http://just4u.com/webconsultants
If you lose the instructions All subscription/unsubscribing can be done
directly from our website for all our lists.
---------------------------------------------------------------------
