cLabs

SubvertingOpenSource

October 09, 2003
BobCringely wonders:
Now consider an evil alternative. Say Microsoft assigns a team of programmers to help some Open Source project. Maybe this time that team isn't specifically identified as being from Microsoft, perhaps it is a Microsoft-funded startup. This team, because of its vitality and funding, quickly takes control of the project and goes running off in some particular technical direction, taking with it the rest of the suddenly re-energized team. But what if this new direction is not a good one? Even worse, what if the team gets far down that lonely road only to have Microsoft suddenly pull the plug, removing its team from the game? Would the project survive? It is hard to say, but if I was Microsoft that's how I would compete with Open Source, by subverting it. Microsoft can't compete on quality or price. And subversion -- since it is subverting a not-for-profit venture -- breaks no laws, nasty as it is.

Doesn't seem possible. I use DUnit, I'm one of the project admins. Let's say a new guy starts contributing some cool ideas to the project. The new guy is a secret Microsoft guy. The cool ideas make the project better. He comes up with a ton of great ideas, and we turn all coding over to him. Everything works great. Then, he just up and stops answering emails, stops doing everything he was working on. That sucks -- but we've still got a product that works.

Let's say in the middle of the cool ideas, he starts introducing stupid ideas. Let's say we've even foolishly unassigned ourselves as admins. We just don't use the new code that is just like the previous release minus the new stupid idea. He continues the stupidity. Then he deletes everything from the CVS repository, the web site, the mailing list archives -- scorched earth.

All the users have the source code from the last good release. We shrug our shoulders, set up new repositories, deal with some downtime, and life goes on.

At some point the project will start going sour. Whether it be slowly or quickly, the users just have to see that there's no point in upgrading and stay where they are. And if where they are works for production, then it doesn't really matter what happens tomorrow.

I still run Windows 95 at home. If Microsoft vanished tomorrow, I'd still be okay because the rest of the world running 95 could help out -- and in that case we don't even have the source code.

If Apache vanished tomorrow, at least all of the end users would have source code to pick up where they left off, assuming they even need to.


Time to counter myself. I asked above, “But what if this new direction is not a good one?” Here's a better question: “What if this new direction is not a good one and no one knew it?”

At the time I wrote the above, I'd say “How could we not know it? If it was bad code, it'd show up in the product as a bug or weird design or something. And if it so small as to not grab our notice, then it's a small bug, which is no big deal -- all software is rife with small bugs.”

But what if what was wrong with the code was not its functionality, but its propriety.

What if the secret Microsoft agent slowly snuck in copyrighted Microsoft code over the course of a few years (ignoring the obvious jab that it'd be impossible for the code to be good if it came from MS -- ha ha), then suddenly Microsoft publicly sues the project for including copyrighted code and demands it be removed? Several possible outcomes here, but none of them good for the project.

Then again, with 75.3 zillion dollars in the bank, there'd probably be easier fiscal ways to take over/kill the project.


tags: ComputersAndTechnology