Microsoft Releases Source Code For Web Sandbox 188
nandemoari writes "After flirting with open source development for some time, Microsoft has made another step towards real commitment with the release of source code for Web Sandbox, a program used to test and secure web site content.
The Sandbox source code will be released under the Apache 2.0 license, an open source license agreement allowing the content creator to maintain copyright while permitting others to develop the product for their own use. Microsoft has gradually been increasing their involvement with the Apache Software Foundation (ASF) since 2008 when they agreed to fund development of certain ASF initiatives."
Rule of Acquisition #76 (Score:5, Insightful)
Profit!!! (Score:5, Insightful)
Microsoft has gradually been increasing their involvement with the Apache Software Foundation (ASF) since 2008 when they agreed to fund development of certain ASF initiatives.
The whole "Embrace, Extend and Extinguish" thing is sure taking a lot longer these days...
Apache? (Score:5, Insightful)
Update the Microsoft icon? (Score:5, Insightful)
Maybe a screaming Steve Ballmer in a Darth Vader helmet instead?
Re:Apache? (Score:5, Insightful)
Plus, let's flip this on its head: do you REALLY want to have to publish your changes so that Microsoft can take advantage of your hard work?
Re:Apache? (Score:5, Insightful)
Re:Apache? (Score:5, Insightful)
I want to publish my changes so that EVERYONE can take advantage of my hard work.
Re:Apache? (Score:5, Insightful)
The GPL protects the "commons", the other open licenses do not. With another license like the Apache one microsoft or anyone else is free to take the code close it up and sell a product that makes the open version obsolete or at best less featured.
The freedom for end users to have and be able to modify the source is the only one that really means anything.
Don't Forget Rule of Acquisition #48 (Score:5, Insightful)
The bigger the smile, the sharper the knife.
Re:Apache? (Score:5, Insightful)
the Apache license is MUCH more free than the GPL
I find the debates about which OSS license is "most free" to be rather silly, because:
1. All the "major" OSS licenses (GPL, BSD, Apache, etc.) are awesome, in my opinion. They all do great things and greatly help free software. So debating about which one is "the best" seems counter-productive because it obscures the fact that they are all good.
2. The debates usually have an implicit assumption that "freedom" is a one-dimensional axis, and we are trying to maximize the amount of "freedom." Occasionally someone will insightfully explain how freedom is more complex: one person's freedom may come at the expense of another; you need to distinguish between user freedom, developer freedom, distributor freedom; etc. Overall I prefer to think of "freedom" as being multi-dimensional.* A particular license may maximize along one freedom-axis, while not being maximal along another freedom-axis. And there may not be any license which simultaneously maximizes along every axis. Hence no such thing as the "most free" license. (But there may still be ways to rank things; e.g. most proprietary licenses are less free along every axis.) In other words (and you would think this would be obvious): the "best" license depends very much on the particular situation and one's particular priorities.
(* I believe this multi-dimensionality applies to many "wavy-gravy" human concepts/principles/emotions. Too frequently we argue about things as if they were binary or 1-dimensional, when even a cursory analysis shows them to be more complex than that.)
Re:A step in the right direction (Score:3, Insightful)
Historical evidence suggests otherwise.
They would first need to get rid of their bad reputation for people to treat them fairly.
Coming around finally? (Score:3, Insightful)
Re:So what? (Score:5, Insightful)
That's cutting your nose off to spite your face. Free Software is only useful on Linux, then? That seems absurd. There's no reason that free software can't exist within the framework of a proprietary platform. As always, if you don't like it, you don't have to use it. Your attempt to somehow paint this as a bad thing doesn't really hold water.
Re:Apache? (Score:5, Insightful)
Yeah, just like America was a much freer place in 1750 because you were free to own slaves or to sell yourself into indentured servitude.
Re:Apache? (Score:5, Insightful)
Re:Apache? (Score:4, Insightful)
The end-use has just as much access to the original project under Apache (or BSD) as they do under the GPL...but they may not necessarily have access to the changes that a developer makes to the original. I don't see this as a giant hurdle since the only people who would give a flying fuck about source are developers and they are perfectly capable (maybe) of adding whatever changes they want to the original.
</dragged_into_troll_debate>
Re:So what? (Score:2, Insightful)
I don't care about cost, and I don't care about "freedom". I care about getting the job done, delivering what I was asked to deliver and getting paid for it.
If I write an application with ASP.NET/Server 2008 that cost $500K to build and maintain over five years, which then ends up generating $50 million in revenue, my costs are effectively zero. Besides, the bulk of the cost is usually people, not software licenses. For all practical purposes the cost ends up being the same if I do it in Python, except that there are things I won't use Python or any other open source software for.
As to freedom, that's a philosophical argument, and you're welcome to it. Just don't assume it's a major factor in real life. I it were, Microsoft and every other commercial software company in the planet would have gone out of business years ago.
Re:So what? (Score:4, Insightful)
Considering I've been happily using "closed" products for more than a decade to make a living, you're a little late on the warning front.
For all practical purposes I would be just as screwed if I found a bug in the .NET CLR as I would if it were in the Python VM, because I'm not in the business of developing or fixing languages or runtime libraries, but corporate applications.
That's why I choose tools that are established and have solid backing behind them. I trust the Apache Foundation as much as I trust Microsoft. I trust Guido van Rossum and his troupe of geniuses. I trust Zend and I trust Debian. Not so much the SuperDuperPHPCMSOfTheWeek Team, so I might use their product to run my personal blog about kittens, but I wouldn't trust my livelihood to them.
Understand that money has nothing to do with this.
Re:Apache? (Score:3, Insightful)
Settle down, tiger, and give that straw man a rest. I was responding to a post that made the absurd claim that a license that allowed covered code to be made less free ("closed" was, I think, the word used) was actually a more "free" license than one which required the code to remain free/open. This was so close to a restatement of Orwell's paradigmatic slogan of linguistic nihilism -- "Freedom is Slavery" -- that I thought it bore comment. The "freedom" to discard your own freedom -- or that of others -- is no freedom at all.
You've imputed to me a bunch of weird stuff about business models, equating software licenses with human slavery, and so on. I suggest that this is your baggage, not mine, being inappropriately drawn into the conversation.
"Gates As Borg" icon (Score:1, Insightful)
You should change your M$ icon, from "Gates As Borg" to "Ballmer As Borg".
Re:Re-licensing (Score:5, Insightful)
Thank you for being another example of why I really, really don't like the GPL or its users.
"How do we lock this up so the original developers can't use this?"
I'd say you ought to be ashamed, but your sense of shame has likely atrophied away a long time ago. (And you lot do the same to BSD developers on occasion, who are at least nominally "your own." Pathetic.)
Re:A step in the right direction (Score:3, Insightful)
And "Past performance is no guarantee of future results." Shit changes, man. At some point, you have to either allow them the chance to regain some level of trust, or you have to admit that you just have a weird personal issue with MSFT that so totally dominates your view of them that you can't behave or think rationally about anything they do.
How does one get rid of a bad reputation except by making positive moves that would show an effort to move in the right direction? If every step they make is greeted with derision, will it be all that surprising when they say "Hey you know what? We tried playing by your rules and caught nothing but shit for it. GFY."
Repairing a bad reputation and restoring trust takes 2 sides: one side to make a genuine effort to make amends for past damages, and the other side to be genuinely willing to forgive and move forward. Nobody's suggesting you swear an oath of allegiance to MSFT based on a single project adopting the Apache license. You cannot, however, say that this is not an encouraging move by MSFT, and perhaps an indicator that they're trying.
Re:A step in the right direction (Score:4, Insightful)
Why not just run Windows then? You're bitching about wanting free software all over the comments here, and then you're going to claim that you want to run closed-source windows software on your Free OS? What's the point?
If freedom is of paramount concern, why would you care to run software that will interoperate with non-free systems at all? Why not pressure them to accept a better (standard) way of doing things? You know, by using the robust & stable FLOSS software that does the same job as Exchange, Sharepoint, etc., but does so while conforming to GPL & open standards? And then when you've achieved a market leadership position with your superior products, you can simply freeze out Microsoft products if they don't conform to your standards.
Or is all this really about forcing Microsoft to commit some bizarre form of hara-kiri ritual to atone for the grievous sins they've committed against you?
Re:Re-licensing (Score:5, Insightful)
Why should I be ashamed? Microsoft can use whatever they wrote. The question is why would anyone else help them build their next release of anything for free? Why would anyone with half a brain help a convicted monopolist to screw its users even further for no reward beyond, perhaps, a poorly paying job on a company regarded as "second rate" by any programmer that could contribute to the project?
What re-licensing as GPL does is that it keeps the downstream users "honest" by forcing them to be as nice to their downstream users as their predecessors were for them. It would say "Dear Microsoft, I give you my contributions on the condition that you never subvert my will and turn them into proprietary software I can no longer study or modify". Is that too much to ask?
The license difference between BSD and Linux is probably the most influential factor in the development of the healthy community that surrounds Linux and that does not surround BSD. Why would IBM contribute to BSD if HP could take their contributions and implement them in HP-UX without giving anything in return? IBM gives code to Linux because they know that HP, SGI, Intel, Red Hat, Novell and just about everyone else will do the same. Everybody is kept nice by the force of the license, which is the "law" of the community around it.
So, again, what is the advantage this license gives the community that, for some incomprehensible reason, decides to give their time and dedication to this initiative?
Re:Re-licensing (Score:2, Insightful)
More like "How do we free this up so the original developers can still use this and everyone else too?". ;)
If someone forks a project like this, that has an Apache license, using the GPL (so every future user will be Free to use, modify and distribute it), the original author keeps his copyrights to *his* code, he can even relicense it over and over again, as many times and under as many licenses he wants. My code, my terms, their code, their terms (and I'm glad they are choosing Apache and not one of those craptastic microsoft "open licenses"
Re:Apache? (Score:3, Insightful)
Since you got moderated to "insightful" and I don't have moderation points in this article, I'll have to take the bait:
They're both just as Free Software. Claiming one is "more free" than the other, is a proof that you're confusing issues and still have something to learn about Free Software licensing, because for instance...
No, you can't. You can't claim you're the author, for instance. Actually, it's very hard to find a popular license where you can do that. In some jurisdictions, it is even legally impossible to do so.
That you can, and it is a crying shame.
Funny you should say that, since your comment is quite philosophically rabid, like the majority of the GPL haters club.
No Free Software license mandates publishing. The GNU GPL in particular only mandates that IF AND ONLY IF you publish, then you must provide the same rights and obligations (in a very broad overview, read the text for the gory details) you got when you got a copy of said software.
Besides, when you do publish in a license like Apache's, Microsoft can take advantage of your hard work and it is very likely to do so.
Indeed it has done so, albeit not Apache, but a somewhat similar but quite shorter license, previously.
Re:A step in the right direction (Score:3, Insightful)
If they're open source, then just port them to run on the free OS. Why do you need to make your free OS look like & behave like a non-free OS? Think about it for a second. The point you're making about allowing WINE to work fully makes NO sense - either you want to run closed source applications on Linux under WINE (which would only be enabled by the WINE project having full specs to make WINE 100% interoperable, as you demand), or you have the source to an open-source windows application and can simply port it to your free OS, in which case WINE is irrelevant.
So then use POP3 or IMAP. Why do you need Exchange or Sharepoint to interoperate? Why make a shitty knock-off of a non-free Microsoft product? Why not make a better product, based on open standards, that conforms to your notions of free software?
For all the bitching about Microsoft and other non-free software companies that happens here, you'd think somebody would put their money where their mouth is and do something about it by writing free software that compares favorably on the basis of robustness, stability, features, and usability to the non-free / non-open offerings.
Re:A step in the right direction (Score:3, Insightful)
If they want to regain peoples trust let them release all the docs the Wine project would need to be 100% interoperable.
Now this is just you being disingenuous. There is no 'document' that describes how to perfectly implement win32, user32 etc. Windows is filled with 15 years of shims, edge-cases, special-cases, back-compat-hacks, and just plain bad code, like every other commercial software of size and complexity.
Such a thing doesnt exist, other than in the source code itself, plus the build process, plus the compat testing, plus the testing scripts, etc etc.
And you know that, so asking for it is just being silly.
Then release real interoperability docs for exchange, sharepoint, etc.
Yeah, that happened last year. Go google it.
MS even went to the trouble of having plugfests and such for the samba project on their campus, put them one-on-one with the engineers who actually work on these things etc.
It may have taken along time, and the EU to get involved, but its out there.
You also probably knew that, and if you didnt, then you're having conversations about an industry that you apparently dont follow, which is also silly.