Microsoft, Linux Foundation find common ground

Finally, Microsoft and the Linux Foundation agree on something. Neither wants to stand behind their products. OK, OK, that's not fair.

However, the Linux group and software maker are both opposing a law group's proposal that would create an implied warranty that software products ship with no material defects.

The two joined forces on a letter to the American Law Institute taking issue with its proposal. Microsoft and the Linux Foundation believe the proposal could do more harm than good.

"While the principles reflect a lot of hard work and thought by the ALI, Microsoft and the Linux Foundation believe that certain provisions do not reflect existing law and could disrupt the well-functioning software market for businesses and consumers, as well as create uncertainty for software developers," Microsoft deputy general counsel Horacio Gutierrez said in a blog posting.

The ALI is meeting in Washington this week and is scheduled to take up the issue, noted ZDNet's Mary Jo Foley.

Microsoft and the Linux Foundation aren't the only ones against this. As Foley points out, the University of Houston's Raymond Nimmer also wrote a biting critique of the ALI proposal.

Linux Foundation chief Jim Zemlin noted in a blog that its partnership with Microsoft makes for strange bedfellows. But, he said, the proposed legal standard would hurt open source and commercial software makers alike.

"The principles outlined by the ALI interfere with the natural operation of open source licenses and commercial licenses as well by creating implied warranties that could result in a tremendous amount of unnecessary litigation, which would undermine the sharing of technology," Zemlin wrote.

Gutierrez also noted that Microsoft and its partner in this effort don't necessarily see eye to eye on everything.

"The mere fact that the Linux Foundation and Microsoft are joining forces may be viewed by some as remarkable, given that our differences receive far more public attention than when our interests converge," Gutierrez said. "Our industry is diverse and sometimes contentious, but if nothing else unites us it is that we all believe in the power of software."

Gutierrez held out an olive branch, of sorts. "I hope that this represents just one of many opportunities to collaborate with the Linux Foundation and others going forward," he said. "We have a lot more we can do together."

The joint letter comes just a couple short months after Microsoft, for the first time, sued a company over its implementation of the Linux kernel. The company eventually settled with TomTom, but the move has created uncertainty over whether Microsoft intends to take legal action against Linux vendors that refuse to take a license to Microsoft's patents.

[JonathanE1701]

ZOMG. Somebody quick, boycott Linux!

[Renegade Knight]

An implied warranty in the case of something you paid for. Microsoft (and all otther paid software) will have a clause saying their software isn't fit for any purpose whatsoever and that you use it at your own risk. The implication is that if it has any use at all, it's one you found.

Meanwhile MS and the others market their software on all the great and wonderful things it does for you. The problem is they say "it does all these things so you should buy it, but when you do, we don't promise that it actually does any of those things".

That's a problem.

As for open source. If you didn't pay for it, you really can't expect anything out of the deal because you have no consideration tied up in the product.

[eadeguzman]

Open source does not necessarily mean you didn't pay for it.

[ClaBR]

The law will never be applied as it is impossible to make sure that 100% of the software is free from errors, specially complex software as Operating Systems. There are factors such as 3rd party drivers and software, licensed code and technologies, etc.

To test the OS on every possible scenario would require to test the system with every possible value on every byte in memory. Imagine this: a 4 GB machine. So it's 4 billion bytes (I'm rounding values) times 8 bits = 32 billion bits on a 4 GB RAM machine. Since each bit can be either 0 or 1, it gives us 2 possible values. So the number of combinations is 2^32.000.000.000. Impossible to be tested.

[Dalkorian]

Impractical maybe, but not "impossible".

[pentest]

this is a long time coming. Developers use the fact that they can ship any mess they want to get away with cutting corners.

I am a software developer, though a small part of what I do, but I am 100% for developers to be held responsible for there errors and laziness.

yes, it it difficult to produce quality code and is next to impossible to prove it mathematically. That still doesn't let them off the hook.

[eadeguzman]

Remember that is a law organization sponsoring it. You can imagine why they're proposing this.

So you will be opening yourself up for all sorts of law suits.

This will also negate the progress being made against software piracy as you can potentially just return the software media but use the software and product id codes any way....

Any major software company out there that hasn't released a service pack?

[longhairjnr]

Sorry to say but both Microsoft and paid for Linux needs to be held responsible for their code. As a Youth who wishes to be a programmer I find it extraordinary frustrating how many programs and their programmers that do not adhere to standards. If programmers had an 80% strike rate in their code it would be far better than what I would call approximately 20% at the moment. Microsoft windows Vista is a perfect example along with the updates they issue every single week. Updates are great but if I bought a car that needed major repairs for breaking components every week there would be hell to pay. Software needs to be treated similar. Not the same but it needs some higher standard than today's. Really it comes down to the fact that you are paying for software that should be fit for use, of which most today is not.

[shootfirst]

Longhair, you can't compare software to a car, however you can take it and compare software written to run on a computer and software on a car. There is going to be more and more software in a car and a car is one place you do not want software to be defective on, however the process to get it right on a car is far easier than making it work for every piece of hardware out there. Pretty much your car would get updates if it were hooked to the internet every week such as a computer running Vista as you can't possibly imagine all the bugs that do exist that just cannot be tested for in the short time that you have to develop a product.

However I do believe that software companies that charge for products and know about issues and never fix them should be held liable if you paid for the software. Proprietary software should be hit hardest as even trying to fix their faults will get you in more trouble than breaking into it. Open Source can be fixed by anyone with the means at no legal penalty for those that choose to do the fixing.

I do not think companies like Microsoft that sell a product to a consumer who buys it in good faith should be able to refuse to update their software since it will cost them too much money or will result in finding alternate solutions that work better and then charge you more for a newer version to get the fix! Anyone remember the bug that Microsoft left in their software that just got recently patched, but was in the wild for around 7 years.

Software needs to come with a security assurance and some kind of guarantee that they will fix defects that is in their software when it was bought for no added cost to a customer as well as suffer financial burdens that occur due to people having had to use software with defects. You want people to use your software legally, you better do your freaking best to ensure that they don't get screwed over and make it worth their while to not go to piracy.

[d3vildog69]

Alright, ill buy into that. Good Post

[meh100]

The problem is that the way the law is phrased is too broad. It's simple enough for a single developer working with a few hundred lines of code to check it for usual cases, several random cases, and border cases. It's another thing to test an operating system consisting of 10 million lines of code broken down into dozens of parts. If you look at the security bulletins for those weekly updates, very few updates fix actual problems in the code. What the updates do is close security holes in the way the OS interacts with other programs, the users, and networks. Those borders are where the problems sneak in. To continue the car analogy, this is like blaming the dealership for a flat tire after you ride over a bed of nails.

[wjsteele]

"Held to standards", Huh? As a youth, I guess you don't understand that A) Not all standards fit the problem at hand and B) In a lot of cases, Standards don't actually exist for the problem.

You're analagy to a car is also flawed. If a piece software is designed to one thing and someone uses it for something else, how can the software be called bad? That would be the same as someone buying a new car and driving it down the city streets, then driving down the road with the door open, backwards and doing damage to a bunch of other cars. The car manufacturer has no involvement with what the operator of the car used it for, be it legal or illegal. Just because the operator used it for illegal purposes doesn't make the manufacturer responsible to fix it.

However, just like in the auto industry, it's known to happen, so the manufacturer WILL modify their designs to deal with certain cases. For example, now car manufacturers are making cars safer for pedistrians in a collision by making the front of the car "softer" just the same way that software companies are making it harder for hackers to exploit software designs. (There is a BIG difference between exploitable code and a bug. A bug is software that is broken, an exploit is software that is used for purposes other than for which it was designed.)

Software is more akin to books than it is to physical objects. Books do not get warranties but get revisions to correct "known" flaws or changes in thinking... software (even in the law) is considered to be just like a book and therefore warranties do (and should not) apply.

Bill

[Random_Walk]

If such a law does come about?

Linux (even a paid-for RHEL subscription) is still in the clear - you only purchase support (if any), and not product (not even a license).

OTOH, Microsoft would be screwed. Not because of quality or lack thereof (so calm down, fanboys), but because they sell software as a product (and I'm very sure that licenses would count as product and admission thereof).

[eadeguzman]

Random_Walk... Maybe not RedHat... but the Linux Foundation can be sued... or maybe the hardware vendor that sells notebooks or desktops with linux installed may be sued...

It's a gold mine for lawyers...

The market should dictate who lives or dies in the software industry -- not lawyers.

[Random_Walk]

The Linux foundation sells... nothing. The Kernel (as coded and released by the Linux Foundation) is $0.00, and is usually considered a reference more than an implementation, since most distro makers modify it heavily.

QED, The Linux foundation is free and clear.

The hardware maker cannot, since they can only warranty the hardware, and at most warranty the software insofar as replacing defective media - much like Chevrolet cannot possibly warranty the gasoline that sits in the tank when you drive the car off the dealership lot.

[phatose]

The linux foundation wouldn't be against this if they were in the free and clear, given that it's obviously a large liability to software companies who have money and sell a product. Especially since Microsoft is one of the most obvious targets, and being anti-microsoft is one of the few things the linux community is consistent about.


Likely their lawyers realize that whether or not money changes hands, few licenses are actually totally free, and they're rightfully worried that things like requirements that any modifications be released will not only be interpreted as a 'cost'. A cost, which, if their software fails, could then be sued for - development cost. Not to mention a possibility of just going down the chain - company x's linux modification failed, but it was required for release by company y, which was required to do so by company z, and so forth, making a nice long line of targets for the lawyers.

[Random_Walk]

I suspect that the reason they are against the idea is because the Linux kernel has literally thousands upon thousands of contributors, and tracking each one down (let alone the paperwork involved) would be a bureaucratic nightmare.

[ozler_200]

www.forumamor.com herkesi bekelr?m