Editorial: MS World Domination Scorecard

Microsoft is often accused of -- and has been convicted of -- anticompetitive behavior in the technology marketplace. In this article, I'll look at some of the things the company is doing (or might be doing) to gain an advantage over its competitors.

The definitive example is, of course, Internet Explorer. In June 2003, Microsoft admitted it won't be developing Internet Explorer for the Mac platform anymore and said it may even discontinue development as a standalone product on the Windows side -- it's won the browser wars; why bother? Another good example is Windows for Pen Computing, released in 1992. The announcement of Microsoft's Pen Windows all but squashed smaller competitors, including one-time pen computing leader GO. More recently, Microsoft has taken aim at Adobe with new PDF-killer technology to be included in Office 11, called XDocs. As soon as it was announced in Nov. 2002, Adobe’s stock took an immediate hit. Linux Format explains why.

The PowerWindows page reveals another anti-Macintosh move. Microsoft, you see, bought the Virtual PC emulator from Connectix earlier in the year. In June, it sent a cease-and desist letter to FWB, a competitor preparing to offer updated versions of a pair of alternatives called RealPC and SoftWindows. Such actions may be within its rights, but they certainly look anti-competitive.

In May 2003, word emerged of an alleged internal memo to Microsoft executives suggesting that, if a deal involving governments or large institutions looked doomed, they were authorized to draw from a special internal fund to offer software at a steep discount, or free, if necessary. “Under NO circumstances lose against Linux,” it reportedly said. In June 2003, Lindows CEO Michael Robertson accused Microsoft of offering Windows licenses at deep discounts (reportedly, at prices as low as $50) to system builders who had been offering the Linux-based Lindows OS as an alternative.

One of the most telling examples of Microsoft's attitude is revealed in a job posting offered by Microsoft in Nov. 2002. One of the requirements of the successful candidate is to "Demolish competition by knowing everything they do and thwarting their every move in the relevant spaces." Really, I'm not kidding.

Also in Nov., BusinessWeek interviewed Bill Gates, who described the company's strategy for its new Tablet PCs. Said Gates, "For anything like this, the first year is [about] getting a beachhead." This would explain the many category killers Microsoft has released over the years.

In March 2003, The Inquirer reported that, by May 30th Office Depot will only be carrying computer products that have been certified by Microsoft and carry the ‘Designed for Windows XP’ logo. At this writing, Microsoft isn't saying whether it had anything to do with this business decision, but it sure looks it.

Even more telling was the memo leaked from the halls in Redmond in Jan. 2003 that alluded to astroturf (surreptitious promotion) campaigns, attacking journalists, and suborning regional political interests for Microsoft's purposes.

Back in June 2002, the company announced its intent to dump $750 million into China, over the next three years, in the form of Microsoft products and licenses (which, of course, don't actually cost them that much in "real" money). It doesn't take much of an imagination to guess that the reason the company might want to supply a country with one of the world's highest piracy rates a lot of software is due to Microsoft's plans to lock those customers into a Windows-centric platform, and then ramp up its efforts to eliminate piracy by building upon its announced plans for a Secure OS that could virtually eliminate the potential for unauthorized distribution of intellectual property via built in digital rights management software and hardware. This Secure OS initiative, code-named Palladium, might also threaten the open-source world of GPL (General Public License) software and thus eliminate the threat of alternative operating systems, such as Linux. (With that said, the company also says it will release the source code to Palladium, thereby allowing third parties to develop systems compatible with it.)

In his June 2002 Pulpit column, Robert X Cringely gets to say "I told you so," in light of Microsoft's announcement of Palladium. This, he notes, is the code name for a Microsoft project to make all Internet communication safer by essentially pasting a digital certificate on every application, message, byte, and machine on the Net, then encrypting the data EVEN INSIDE YOUR COMPUTER PROCESSOR. Palladium compatible hardware (presumably chipsets and motherboards) will come from both AMD and Intel, and the software will, of course, come from Microsoft.

Notes Cringely, "If Microsoft is successful, Palladium will give Bill Gates a piece of every transaction of any type while at the same time marginalizing the work of any competitor who doesn't choose to be Palladium-compliant."

But that's not all Microsoft is doing to push computer users into using more Microsoft products. In 2000 and 2001, the company announced several server-based technologies that aim to build Microsoft-developed technologies on the "server side" of the Internet. The forthcoming Windows.NET Server aims to further extend Microsoft's reach in this area.

During my tests of Windows XP and Internet Explorer 6.0, I've been seeing a lot of references to Microsoft Internet (oh, excuse me, ".NET") services quite literally pop up. There are enough of them already that it's getting hard to keep track of them all. So, here it is: a list of ".NET required" services and offerings from Microsoft and its cronies, oops, I mean partners. According to PCWorld, there are about 200 partner sites, including Starbucks and Buy.com as well as Microsoft's own network of sites.  

1. Beginning the second time you start Windows XP, a dialog imploring you to sign up for a .NET service called "Passport" appears. You'll see this dialog the second through the sixth time you restart.
2. To send and receive email through a HotMail account, you need a .NET Passport. (Recent "upgrades" to Hotmail have left Mac users unable to access the service with Microsoft's own Entourage or Outlook Express products, notes macuser.co.uk.)
3. Windows Messenger, the Instant Messaging option in Windows XP, requires a .NET  Passport.
4. MSN Messenger (the version of Messenger for users of other versions of Windows) requires Passport.
5. Want to listen to MSN Radio? The "Soundlike" feature requires a .NET Passport.
6. Planning to watch movies at Windows Media.com? - Watching some movies requires a Passport.
7. To send a message to a human through Microsoft's Knowledge Base support option, you have to sign up for a Passport account.
8. The new Windows Online Crash Analysis page requires Passport.
9. To read eBooks with Microsoft Reader 2.0, you'll need a Passport -- and you need to "activate" your installation of the software.
10. Language translations with the Microsoft Office "eService" called  iTranslator require Passport.
11. Windows Messenger is being refashioned to work with Microsoft Exchange 2000 Server as the authentication server. You guessed it. Passport again.
12.  "404 errors" now bring up an MSN search dialog. Microsoft says it may sell advertising to companies to be listed on this page.
13. Want to use the "order prints online" photo-finishing option in Windows XP? All of Microsoft's Canadian partners (and presumably, those in other countries) require the use of Passport to sign up.
14. Unbelievably, Microsoft is so desperate to foist Windows Messenger on XP users that, even if you uninstall the annoying little program using the simple Remove Windows Messenger hack at NTCompatible.com, there's a 'Critical' item which MS presents to you during Windows Update. It's called the 'Windows Messenger 4.6 Connectivity Update', and MS "strongly recommends that you download the update even if you don't use Windows Messenger." My advice: use the hack to uninstall Messenger if you don't use it. As Neowin.net notes, this will prevent the irritating memory-resident proggie from consuming RAM and haranguing you to obtain an MS Passport every time you reboot. And besides, I get nothing but porn junkmail arriving in my Hotmail inbox, anyway.

Okay, here's a scenario. Let's say I am a sneaky hacker trying to steal your passport password. All I have to do is set up a website with a name like http://shopping.aol.com/ and put up a fake "Please enter your Passport password to sign in..." dialog and I've got you. I can then store your password on my system and then forward you on to a real Passport partner site, where you may of course be prompted for a real Passport login dialog later on. Most people, I fear, wouldn't even notice the exploit. Meanwhile, the hacker has your keys to ALL the above services, and probably many more in the months to come, as fraudsters target the more than 200 million Passport accounts already set up. (05/01/02 Update: Microsoft has apparently come to its senses and realized this is a genuine problem and has instituted Microsoft .NET Passport Service Changes that its says will permanently disallow sign-ins on pages other than those on Microsoft's own servers.)

Says the company, "As of Monday, May 13th, 2002, we will permanently disable the feature and will not be allowing any applications that use it to roll into Production. Inline sign-in was introduced in .NET Passport version 2.0 (August, 2001) as an optional alternative to the standard single sign-in (SSI) mechanism. It allowed participating sites to embed the sign-in dialog box directly in a page on their site, instead of redirecting users to a .NET Passport-hosted sign-in page. However, in a recent security evaluation of the .NET Passport service, inline sign-in was identified as representing an unacceptable security risk to the service. Therefore, effective immediately, this functionality is being phased out."

Microsoft has already had to face a vulnerability in Passport's Wallet, as detailed in a recent Wired article. Marc Slemko, a software developer and founding member of the Apache Software Foundation, discovered in Nov. 2001 that it is possible to to steal a person's Microsoft Passport and credit card numbers, simply by getting the victim to open an innocent looking but specially crafted Hotmail message. Microsoft subsequently took the Passport Wallet service offline and said the feature would remain disabled until the company could add additional security features to ensure that similar exploits cannot be used to compromise its users' credit card information. This exploit certainly draws into question a statement by a Microsoft spokesperson on the Mar. 17, 2002 edition of Dotto on Data that Passport's "security track record speaks for itself." He alleged that Passport had not suffered any security breaches in the two years since its introduction. Apparently he forgot.

Undeterred, the company has persisted in aggressively pushing users toward its services by what some say amounts to force and coercion. In Dec. 2001, it released a revamped version of its e-wallet service and began offering cheques of up to US$100 to users as an incentive to give it another try. The company also announced what amounts to a bribe program that offers a heap of free software and deep discounts worth many thousands of dollars to those willing to sign up for a "Microsoft Certified Security Partner Program." The catch? It requires you to keep silent about any Microsoft security bugs you might discover, until Redmond authorizes you to speak.

Microsoft also began requiring a Passport to gain access its MSN Gaming Zone, a glitch that for a day in Jan. 2002, diverted Hotmail users into a "test" account where anyone could read messages. The same day, a privacy group called EPIC (Electronic Privacy Information Center) asked law enforcement agencies in all 50 states to examine Passport, on the grounds that it "exposes consumers to fraud, junk electronic mail and identity theft."

In late March 2002, Microsoft began requiring programmers to sign an agreement that prohibits using information in a document describing the Common Internet File Sharing (CIFS) protocol when building software governed by the General Public License (GPL). Among the  products affected by the restriction is Samba, the most popular Open source product designed to allow access to Microsoft networks.

Perhaps the biggest step forward in the acceptance of Passport occurred in July 2002, when Microsoft, in a deal with Arcot Systems, announced its intention to use the Passport authentication system to process credit card payments for Visa and MasterCard purchases, beginning in the Fall of 2002. According to Gartner analyst Avivah Litan, “People will start trusting the system now that it’s linked to credit cards.”

Another contentious issue concerns a clause in the Windows XP license agreement. Essentially, it restricts your right to use an entire class of remote access and administration products such as the excellent free VNC (Virtual Network Computing), a free remote-access application (see "Your virtual network," InfoWorld, March 11). Microsoft's XP license agreement says, "Except as otherwise permitted by the NetMeeting, Remote Assistance, and Remote Desktop features described below, you may not use the Product to permit any Device to use, access, display, or run other executable software residing on the Workstation Computer, nor may you permit any Device to use, access, display, or run the Product or Product's user interface, unless the Device has a separate license for the Product."

That means using any software other than Microsoft's to view an XP desktop from Windows 2000 or any other operating system would violate the company's license agreement.

Even more disturbing is a clause in the Windows End User License Agreement (EULA) that limits your ability to use a copy of Windows on a computer other than that which it was delivered with. A Microsoft website clarifies this contentious issue, stating: "It is a legal requirement that pre-installed operating systems remain with a machine for the life of the machine." In essence, if a PC is shipped with Windows preinstalled, you are not allowed to remove the OS and install Linux instead! (Update: The Register notes that Microsoft has since removed this statement from its website.)

Elsewhere, a "Microsoft School Agreement" calls for "100 per cent of all Pentiums, Power Macs, iMacs or better" to be licensed in a "School Agreement" software subscription plan that the company says "requires an institution-wide commitment." Among the titles supplied for Mac users is a Windows upgrade that only runs on Intel PCs. The Register dug into this topic and discovered just how deep this institution-wide commitment goes. The Reg's John Lettice writes, "And if you're kidding yourself it's impossible to top getting people to pay for software they don't want to run on Intel boxes, and for software they can't run on Apple boxes, check out the Microsoft UK Campus Agreement. This has you paying for software for people who don't even have computers.

Microsoft's EULA in Service Pack 3 for Windows 2000 proved to be the final straw for some Windows 2000 users. Released in Aug. 2002, it reads in part: "The OS Product or OS Components contain components that enable and facilitate the use of certain Internet-based services. You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its components that you are utilizing and may provide upgrades or fixes to the OS Product that will be automatically downloaded to your computer." In other words, by agreeing to the terms of the EULA, you are giving Microsoft the right to automatically download code to your computer, without your explicit authorization or knowledge.

And get this: the EULA for W2K’s SP3 also says "You may not disclose the results of any benchmark test of the .NET Framework component of the OS Components to any third party without Microsoft’s prior written approval." In other words, if I test the product and abide by its licensing terms, I am not allowed to give you proof if, in fact, this product's performance sucks without playing "Mother May I?" with the Redmond Mothership. Having a license agreement limit the potential for negative press is certainly a disturbing trend -- and one that bodes very badly for the future of my inclination to adhere to the terms of Microsoft licenses.

More like this . . .

How many search commands do you have in your PC?

How many search commands do you have in your PC? asked Bill Gates during his keynote introduction at Forum 2000, where he unveiled a set of next...

Linux News

2003 Aug. 7: Noted at News.com: This week, KooBox.com started selling what it calls the first complete Linux computer. US$449 gets you a 1.2 GHz...

A Mac OS X Overview

Server and Client At the 1999 Worldwide Developers Conference, Steve Jobs, Apple's interim CEO, and Avie Tevanian, Apple's senior vice president of...

Windows Server 2003

Introduction Microsoft's next server platform is known as Windows Server 2003. It will be offered in both 32-bit and 64-bit editions, designed for...

Alternative GUIs for Windows XP

As we've noted in our earlier features on Alternative Graphical User Interface (GUI) options for Windows PCs, there are a number of products that can...

Codename: Whistler

Codename: Whistler This preview examines the feature-set in the Professional version of Windows XP, code-named "Whistler." There were...

Whistler Preview - part 2

Key Features One of the key features of Windows XP (Whistler builds 2410 and later) is the inclusion of Internet Explorer 6.0. However, some features...