[As ever, this is also on the BBC News website]
The imminent release of Vista, the latest incarnation of Microsoft’s Windows operating system, could mark the point at which the ongoing argument between two very different models of how software should be developed and maintained is finally resolved.
With Vista Microsoft is taking much greater control over key aspects of the way users’ computers run, especially when it comes to security, and this will highlight the differences between the closed development model advocated by Microsoft and the approach taken by free and open source software developers like the people behind GNU/Linux or the Firefox browser.
Microsoft is putting a lot of effort into securing the Vista kernel, the program that sits at the centre of the system and provides all the functions that other programs need, including access to the hardware and any peripheral devices like disks and networks.
It will ship with Kernel Patch Protection – also called PatchGuard – which checks to see if the kernel has been altered in any way and make it a lot harder for viruses, trojans, rootkits and other types of malware to install themselves.
This will be backed up by support for the Trusted Platform Module, a hardware component built into many new computers that gives the operating system a way to store and use secured information.
All in all the new approach should make life more difficult for malware writers, but it is also going to get in the way of legitimate security software vendors like Symantec, who have already pointed out that their anti-virus programs rely on being able to modify the Windows kernel, something which will no longer be allowed.
Microsoft’s response is to argue that ‘kernel patching’, as the process is called, is not needed and that the standard security tools are all that are required.
They may be right, but it’s hard to tell because we don’t actually know much about what is going on inside the Vista kernel. Microsoft, like many other commercial software developers, prefers to keep such details secret.
This habit goes back to the company’s foundation. Very early in his career Microsoft founder Bill Gates complained that programmers were sharing their code and giving it away for free.
In 1976 he wrote a letter to the hobbyist’s Homebrew Computer Club complaining that he was not being paid for copies of his version of the BASIC programming language, saying that ‘most of you steal your software’ and ‘the thing you do is theft.’
At the time few people saw software as a product to be safeguarded and sold, but Gates has built his business around the idea that the work of programmers, the millions of lines of code written in languages like C or Java or BASIC, is an industrial secret which should be carefully protected. Only the version of the program that can be read by a computer, the binary, should ever be released.
Today Microsoft is one of the strongest advocates of the closed-source model of software development, keeping their program code secret and trying to ensure that users cannot change the final product except in approved ways.
And even though they now allow some customers to see some of their source, this is very limited and does not let anyone other than Microsoft make changes to the finished program.
Now they are locking many security vendors out of Vista, and as a result they will be under extreme pressure to deliver a completely secure system. If they fail and Vista security is cracked we will only have Microsoft to blame.
Yet there is another way of developing programs and dealing with bugs, one which has had remarkable success in building programs that are used by millions of people every day. Instead of locking users out, free software ensures that anyone who wants it can have the full source code of every program they use, and gives them the right to change it to suit their own needs.
Most people don’t actually do this, and few of the millions of us who use computers every day have the skill or the inclination to read the program code or suggest changes. Nor do we care about the arguments over total cost of ownership or intellectual property rights and patents that seem to make up most of the debate over whether closed or open source development is better.
But that could be about to change, because awareness of security has increased markedly in the last year or two, and now Microsoft is about to enable us to make a clear comparison between open and closed development and see which does a better job of building secure systems.
Back in 2002 Cambridge University security researcher Ross Anderson looked at the security of open and closed source systems and concluded that they were roughly comparable. However the closed source systems of the time, like Windows 2000, allowed some degree of user modification and patching, which could be exploited by security vendors to provide better levels of protection than those provided by operating systems vendors like Microsoft.
This will no longer be the case with Vista, leaving Microsoft in complete control of its destiny – and of the security of the millions of Vista users around the world.
If severe flaws are discovered in Vista, and there already signs that the lockdown is far from perfect, then users may well wonder why they have put their faith in the ‘benign dictator’ approach to security. They may instead decide that a more democratic model is to be preferred, like the one which lets everyone who cares to do so examine the source code of the Firefox browser and help remove bugs.
And if that happens, perhaps we will see Microsoft and other companies taking free software more seriously as a model to adopt rather than a dangerous ideology to be defeated.
Of course, this will force them to rethink their business model, but as the music and film industries have already discovered, nobody can rely on old ways of doing business in the network economy. Not even Microsoft.
Bill’s Links
Patchguard problems
Microsoft’s view
Gates’ letter
Symantec report
Ross Anderson on competing security models:
imminent release?