The following text is
copyright 2002 by Network World, permission is hearby given for reproduction,
as long as attribution is given and this notice is included.
Purina Paranoid Chow?
By Scott Bradner
To all intents and purposes it looks like we have seen the
final shoe drop on the current phase of the Microsoft anti-trust case. The result may not be exactly what
Microsoft wanted when the whole process started but it sure is not what many
others wanted. U.S. District Judge Colleen Kollar-Kotelly basically
endorsed the settlement negotiated between the U.S. Department of Justice and
Microsoft earlier this year. The
judge did tweak a few things but left most of the earlier settlement in place
including a provision that should speed the adoption of Linux in many parts of
the world.
For the paranoid one provision
in the 300 page decision stands out:
"No provision of this Final
Judgment shall:
1. Require Microsoft to
document, disclose or license to third parties: (a) portions of APIs or
Documentation or portions or layers of Communications Protocols the disclosure
of which would compromise the security of a particular installation or group of
installations of anti-piracy, anti-virus, software licensing, digital rights
management, encryption or authentication systems, including without limitation,
keys, authorization tokens or enforcement criteria; or (b) any API, interface
or other information related to any Microsoft product if lawfully directed not
to do so by a governmental agency of competent jurisdiction."
The (a) section of this seems to
say that Microsoft can withhold information about their APIs if they claim that
releasing the information would endanger the security of the system. It does not take a paranoid to expect
Microsoft to do this since they already have when talking about their own
special tweak on the IETF's Kerberos standard.
The (b) section is pure paranoid
fodder. This provision says that a
U.S. government agency, it does not take a court, can tell Microsoft to not
release the API specs. Some of you
may remember the stories circulating early in 1999 about a "NSAkey"
discovered in all recent Microsoft operating systems. The speculation at the time was that the U.S. National
Security Agency (NSA) had a magic key that would let them break into any
computer running Microsoft operating systems anytime they wanted to. (Search for "NSAkey" on
Google to see some of the thousand references still around.)
A number of foreign governments became absolutely convinced that the U.S. government does have at least one backdoor into Microsoft operating systems and have been actively pushing alternatives for a while. Now along comes this provision in the anti-trust settlement to help reinforce their suspicions.
One puzzling thing about this whole episode is that clause (b) probably did not need to be written to make it so. As pointed out in comments sent to the Justice Department after the proposed settlement was first posted noted, the clause "is a tautology and is thus superfluous to this proposed Final Judgment. ... [the clause] simply restates the law." Maybe the Judge is a secret supporter of open software and wanted to prod people, like the Chinese government, to be distrustful of Microsoft operating systems so they would switch to Linux where you can see what is going on.
disclaimer: I do not know if the Chinese government is distrustful of Harvard, normally the further away, the better Harvard looks, but the above is my own paranoia.