Microsoft To Assist Ximian In Producing Mono

C-JiPH writes: "There is morning I came across a very interesting article here that describes how Microsoft have agreed to work with Ximian to develop Mono, allowing for 'a version of .NET for Linux and Unix using open source.'"

Super cool

Anyone remember when Microsoft helped IBM with OS/2 ?

Cheers,

--fred

Re:I'm confused

[Tim+Macinta]

What possible reason could M$ have to do this?

Possibility #1 Perhaps the same reason that they wrote a version of IE for Solaris - they want to be able to say that their software has "cross platform" support. This was originallly done with IE because quite a few companies listed a standardized client across all their computers as their main reason for not switching from Netscape to IE. Microsoft wrote a Solaris version of IE so that they could convince the PHBs at these companies that they provided cross platform support (as if Solaris and the Macintosh are the only platforms besides Windows), but last I heard IE on Solaris is a joke (big surprise).

I would expect the same thing to happen with Mono. Microsoft could say "if you want to use .Net you can use any platform, but if you want it to be 'optimized' (i.e., to work in a non-crippled manner) use Windows."

Possibility #2 Microsoft is planning on charging for the use of its services which are delivered over .Net. Linux does hold a very big chunk of the server market. Having .Net on Linux would allow Microsoft to collect a toll on the users who connect to Linux servers.

Possibility #3 It would also allow them to gain a foothold on a platform where they have no leveraging power at all today. If Linux, Java, or anything else lives up to its promise of make the OS irrelevant, Microsoft will be one step ahead because they will already control the necessary services which sit on top of the OS.

Re:Do you know what .NET is?

[iabervon]

Personally, I'm going to wait for either EDU or GOV.

Re:Ximian, don't be silly.

[Tet]

You *cannot* win with Microsoft, you are in a position of weakness and disadvantage by default. Microsoft will screw you over at the first chance, and along the way you will have helped bolster the mindshare of its questionable strategy.

Couldn't agree more. It's happened too often in the past. Just look at Citrix or Bristol. But then again, Ximian never really did get it. For a start, they don't understand the small, dedicated apps philosophy of Unix. They're trying too hard to copy MS to gain market share, without stopping to think about the technical issues behind what they're doing. They're also following the MS "screw-security-lets-do-features" route. Witness their install instructions -- download something from a web site, and pipe it into a shell run as root. I think not...

It's about PASSPORT, not .NET

[bjb]

Microsoft plans on having .NET services available on other platforms, and I've even seen them running on Solaris and Linux with my own eyes (unless the uname -a just before the sample was bogus).

Remember.. it's all about the PASSPORT subscription that Microsoft really plans to get the stranglehold here.. They're promoting .NET as cross platform and open source.. the one key element, however, that is NOT free and open is the identification service (Passport).. that will have a massive stranglehold, and that will be required by any .NET service to identify who is who. If there is any place to make money in this scheme (or control the monopoly), it is this identification service.
--

Re:It's about PASSPORT, not .NET

[anticypher]

I just used up my moderator points, or I'd up you to a (score:+6 spot-on).

Since I was forced recently to attend several M$ sponsored functions to learn about dotNET and the authentication services which will have to pass unhindered on networks, I've come to believe M$ has come up with a winner for their stockholders. As you point out, since M$ has 95% of the desktop market, their only growth will be limited to the slowly expanding installations of PCs, a measly 5%-12% per year. If they continue to rely on software licensing, their revenues will drop steadily over the next few years until the economy booms again.

So they are moving into services, but not just any old services. The only services where you can control the market are those where they have legal protection from all competitors, including free software. This means software patents, trademarks, service marks, and copyrights (there, I've just included every /. hotbutton :-) M$ has been quietly devising a scheme where they can legally control all of the key services to "valid" communication between all dotNET implementations. By being at the centre of the authentication scheme, they control who can use all the nifty new services, and who will be excluded. They will also charge a subscription service for every end user, so you can go ahead and use *nix, but you will still have to pay your Pissport fee in order to access any new features offered by any value added internet content provider.

One of the things being pushed in these meetings was the fact that dotNET will not be run centrally by M$, but they will license the authentication, administration and accounting features to ASPs all over the world. So instead of end user fees going directly to M$, local companies can offer a variety of licensing options to their customers, passing a percentage of the revenues on to M$. So M$ will have the master certificates, and thousands of ASPs will each purchase a certificate signed by M$, and their customers will then only need to authenticate with the local ASPs servers. A certificate from one ASP will be valid with all other ASPs, and will need very little communication with the central M$ site.

Corporate customers can have a "secured" authentication/accounting server (also the application server, and data store) installed locally to keep track of a corporation's use of M$ product use. Unlike the fears of some /.ers, a company's data will never leave the premises, and it will be up the the local BOFHs to perform regular backups of the data. But the A/A server will report back to the ASP on a regular basis to re-authenticate the certificates, and to communicate application and feature usage. The ASP can then bill the corporation for use. The ASPs will be required to purchase large blocks of licenses, which they will then have incentive to sell. The larger blocks of licenses will have bigger discounts. That means that a large ASP will have 50,000 licenses for OXP, and will then have incentive to find as close to 50,000 licensees to have the greatest RoI. Larger ASPs will be able to undercut the price of licenses than smaller ASPs, who will have to compete by offering better technical support.

The security implications of a huge hierarchical authentication method are staggering, and I'd expect there to be distributed.net style contests to crack the root M$ keys. The one question micr~1.oft avoided was any details on Certificate Revocation Lists, which to this point are mostly broken in all OS releases. They only said they are developing a system which will be "judicially protected" from any Open Source copies, so the ASPs did not have to worry about pricing pressures of people trying to substitute a "free" authentication scheme. The bane of my existance, XML, was mentioned rather cluelessly at several points, but no technical details at all were permitted during the discussions.

the AC

Port Mono to Windows

[Ed+Avis]

How hard would it be to port Mono - if and when it is finished - to Windows? Probably not impossible if things like the GIMP or gcc are any example.

Re:Port Mono to Windows

[Drone-X]

That would be very well possible, glibc and GTK+ have already been ported and I figure these two libraries will form the basis for Mono.

Skimming through the Mono mailing list I've seen people talking about porting Mono to MacOS-X and Windows already.

Re:I'm confused

[IntlHarvester]

* Would it increase their server platform sales?
No, because people would just run .NET stuff on Linux.
* What about increasing their client platform?
No, .NET is supposed to be client agnostic. Right?


It makes sense if you think about the J++ vs. Java episode.

I gather that there is such a thing as "Pure .NET" application that purely the VM. However, the .NET platform as Microsoft delivers it will have lots of Windows platform dependencies. For example, database access is through ADO.NET which is a layer that sits on top of OLEDB. ASP.NET sits on IIS of course. Windows Forms doesn't even hid the fact that it sits on Win32. Remote components can still be called through DCOM/RPC. And I'm sure there's plenty more.

But even with all of this, MS is playing the open standards song for the core parts of the platform (the VM, C#, etc). They can afford to do that because the standard is extended-n-embraced right out of the box. Even with Corel and Ximian's work at building the standard-compliant stuff, very few real world .NET apps will run on platforms other than Windows without significant extra reverse engineering.

Where this helps Microsoft is that it allows users to connect existing Unix infrastructure to new .NET applications in a much cleaner way that pure COM allowed. But only at the periphery of the app.

--

Hmm.

[mindstrm]

If MS helps them, they end up producing something that is .NET compliant, reenforcing the need for MS to supply the server end.

If MS doesn't help them, they do their own thing, and .NET gains an enemy.

In the end, it won't be software subscriptions, but .net subscriptions that MS owns.

Of course, 5 years from now, they'll file tradmeark suits for all domains ending in .net

I wonder...

[Basje]

... will they use GPL?

----------------------------------------------

Re:Same old arguments

[GauteL]

No... actually even less so.
You personally have almost no hope in trying to influence the way Windows develops. You DO however have such possibilities in the opensource-world.

Although I agree that it is easier for managers to force a developing direction when they actually pay people.

Re:PASSPORT doesn't do POOP

[anticypher]

I can't imagine how MS can use Passport for anything more than a bullet for thier .NET brocuure, let alone dominate an industry.

You are right there. Pissport is just a beta test of some new ideas. EOL is already planned for next year, to be replaced by newer and costlier and more prevalent technology. They are tweaking the business processes behind the service, to see what flies in the market, and what doesn't produce any revenue, and what pisses off end users to the point of abandoning the service. After the next round of analysis, pissport will evolve into something else with a newly trademarked name and flashy marketing campaign.

M$ has changed their entire focus from being an OS and apps company, to an internet services and developer support company. If the US courts break off their OS and apps divisions, the core will continue to become the dominant force for intranet and internet authentication, using dotNET as the infrastructure.

The scale of the project is huge, and will require years for their own in-house developers to write, as well as years for the 3rd party developers to get on board. But if they play all their cards correctly, they will soon be in the center of a new market, earning regular income from a wide variety of licensing schemes. It will take years until this happens, but they started last year while they still had the 95% monopoly of desktop systems, and that monopoly will continue for long enough for them to muscle into the new internet markets.

The looming battle for the desktop OS will be huge, and largely un-stoppable. Mundie was 100% correct in his assessment of the GPL as "viral" and a "cancer". Soon, FreeOSen will dislodge M$ from their 95% market share, down to maybe 50% or less. But at that point, M$ will be in a new playing field, and will have patented and registered every key technology to lock all competition out. They know they can't compete with a Cisco for networking, or an Oracle for straight-up DBs, or an AOL for control of the cable, or the RIAA for hatred inducing lawsuits. The markets for the 4 A's, Authentication, Authorization, Accounting and Auditing services are very immature right now, and when properly developed will be a new source of revenues. Cisco will be required to license M$ patents on network authentication protocols. Oracle will have to license the patents for DB authentication, or find themselves with no windoze desktop user software. AOL will have to obtain certificates identifying themselves as properly certified by the M$ controlled root, and you can believe M$ will force some concessions before granting a cert. The RIAA lawyers will genuflect in admiration at the gall of the M$ legal team using thousands of newly purchased laws to beat down any free competition.

Its late, I've now ranted enough about M$ to last me a few weeks. I would love to see some well thought out criticisms from intelligent people, to help me sharpen my arguments and avoid repeating mistakes, but alas, this is /.

the AC

Re:I still don't get it

[anticypher]

Here is a list of some things that *MAY* be incorporated into XP over the next couple of years. None of them are confirmed, some were tossed out by M$ to see what the corporate response would be, others are just rumours and pure speculation. Predicting M$ future moves is becoming an art form for those of us in the trenches.

- browsers that will only show banner ads from "certified" advertisers. When suddenly 95% of the machines don't show an ad unless the advertiser purchases a certificate, watch the stampede over to certified ads. So what if FreeOS users can see any ad without checking on certificates, advertisers will still buy them. To avoid anti-trust problems, IE will have a checkbox "block un-trusted banner ads", which when unchecked, allows a luser to see all banner ads :-) IE will NOT have a check box "block all banner ads" :-(

- checking hotmail. When hotmail servers detect a non-authenticated browser, user gets re-directed to a pissport signup page. Again, since 95% of users will be on XP boxes with an authenticated browser, the loss of only 5% of FreeOS users can be absorbed by increased licensing revenues and re-selling the private data from pissport to spamm^Wadvertising partners.

- certificates buried in Office documents, which can be lightly encrypted, or just signed. The official Office will check the certificate for every document it opens, and refuse to open any non-certified documents. This will be touted as a solution to wurd macro viruses and increased security and confidence in legal documents. Again, since the algorithm for generating the embedded certificate will be patented, and FreeOS package will be attacked by the courts if it can duplicate the functionality(deCSS), there will never be another starOffice-style package offering M$ compatibility. If a FreeOS version somehow triumphs in the legal arena, with dotNET's DCOM features, M$ could overnight change the embedded certificate functions in every currently licensed application, pushing the changes down the hierarchy to the ASPs and then to the end-users. They can keep doing this every time the FreeOSen catch up to the functionality, and most updates will be transparent to XP using sheeple.

- Attaching a certificate to every email sent through a licensed gateway, to prove trackability of emails in case of UCE, ILoveU-style virii, or timestamping ability. Certainly sendmail/Ximian/Kmailgate will have dotNET modules to create and verify digital signatures, but the certificates will still only be available from a M$/verisign licensed crypto-key vendor. To avoid privacy laws in the .eu, only gateways would need to add/verify certificates, the end users would never need to see or manipulate a cert. The sysadmins of a gateway would then be responsible for their machines. In case a user started spamming, it would be only the local gateway admin who would know the detail of the user sending the spam, and hopefully take corrective action. ORBS could then become "gateway certificates revocation list of known spam-friendly ISPs".

Re:MOD Clueless DOWN - Not Across

[anticypher]

Which clueless are you referring to? Me or yourself?

You are confusing the simplistic communication tools available to programmers in this early round of dotNET implementation. Yes, there are some cool, well developed XML communication procedures. I'll bow to your point about W3C standards, since I'm not a web coder. I seldom raise my eyes above OSI layer 4, or else I concentrate on policy, budget, and religious issues. But M$ themselves have been quietly letting key developers know that they are positioning themselves to repel the FreeOS attack, by including a lot of additional features in future versions of dotNET.

If you want to write an app or web page to do simple communication between processes or from a web server to a browser, XML tools can do the job. But if you are going to use the latest authentication goodies to communicate with objects and processes externally, you will have to pay royalties/licenses/fees to M$ at some point. If you are ever going to write a killer app for a website, or a client/server setup, or a P2P function, M$ will be somewhere in the middle of your transactions. Count on it, it is what they are telling the financial analysts, the corporate planners, the CEOs of favored developers, and a few other elite few.

Passport is a service that is offered to service/content providers.

Pissport is just one service that M$ offers, where they sit in the middle and collect revenues from those sites that want to participate in this new program. They have a whole bunch of other programs in development right now, all grouped together under various codenames, the latest to leak was called HailStorm.

As a provider, I can choose whether to use Passport, Vendor X, Vendor Y, my own authenication scheme, or all four implementaions if I choose to do so.

Great. Use all four. But the market will be dominated by the M$ based one, and few, if any will use a Vendor X. Will you develop for Solaris, Macintosh, HP-UX, SGI, Linux, and a dozen other platforms, even though only 15% of your customer base might use them? As a hardcore *nix person, supporting a huge user base of every kind of machine, I can tell you of the levels of frustration we face every day when popular websites decide to reject all browsers except for IE5 on win98 or 2K. My bank offers banking by internet, and under pressure from M$, they have decided that alienating 35% of their customers is worth the discount that M$ gave them on their web development tools. It is written into their licensing discount they will reject all non-IE browsers, so its no use talking to the project leads, and they reassigned all the programmers who objected, leaving only M$ lackeys.

there will probably be competition in the authenication service market

You are showing how naive and blinkered you are, if you believe that M$ will tolerate any competition in the authentication marketplace. Their stated goal is total domination, using their monopoly position to force developers to use only M$ protocols. Those of us on the sidelines who have been burned by M$ repeatedly are hoping the US Justice Department create a remedy to the illegal abuse of monopoly power that will address the newly mutated M$. M$ today no longer cares about OS or standalone application revenues, since they will decline over the next decade, and has shifted its entire focus to dominating the internet services market.

the AC

That's only craptalk

[chrysalis]

The article only states that Ximian and Microsoft just *talked* together. Nothing more. Microsoft didn't help the project in any way yet, and chances are that they'll never do.

-- Pure FTP server - Upgrade your FTP server to something simple and secure.

Re:This is good to see

[GnrcMan]

Hmmm....that's completely wrong on all counts. The .Net Class Libraries allow you to do RPC over HTTPD using XML, but you can also do RPC over SMTP using a binary format, or RPC over [insert any transport here] using [insert any format].

And as to .Nets VM-ness. It has little to do with a VM. MSIL (the intermediate language that the CLR compiles to) does not run under a VM. It is designed specifically to be JITed (email me for an explanation of what aspects of MSIL are taylored toward JIT...it's a long explanation) to native code. In fact, MS has a concept called Pre-Jiting, which means that the MSIL is compiled to native code *on installation* instead of on execution, which further removes it from the idea of a VM.

The CLR is, however, "managed" which means it is garbage collected, and secure (in theory anyway. As it is new, the real-world security of the CLR has not been under public scruitiny).

Thanks
Casey

--GnrcMan--

I'm confused

[Corrado]

What possible reason could M$ have to do this?

• Would it increase their server platform sales?
  No, because people would just run .NET stuff on Linux.
• What about increasing their client platform?
  No, .NET is supposed to be client agnostic. Right?
• Is this the first step in squashing Java?
  Hmmm, quite likely. I think it .NET takes off with C# and other CRLs (not Java!) it might give M$ a shot at future Web services. Then they could change the "standard" to fit their needs.
• Are they being nice?
  Yea, that's it! :)

--
Later...

Re:I'm confused

[naasking]

Or Microsoft could end up saying stuff like, "look, Ximian went under as a company selling and developing free software. We tried to help them out with by contributing, but it cost us $X and what was our return? $0. Free software is bad for business, and we just proved it." How's that for a conspiracy theory? Then again, Microsoft may just want .NET to run on as many platforms as possible. But if it fails, there's always that to cover there asses. Really a no lose situation for MS.

-----
"Goose... Geese... Moose... MOOSE!?!?!"

Missing the Point

[webword]

Microsoft is not helping Ximian. Instead, they are helping themsleves. This is quite clear when you think about what is going on.

Microsoft doesn't care as much about software as they do controlling network services and collecting payments from various transactions. The idea in this case is to get Ximian to play along so that, ultimately, Microsoft will be able to extract fees from users. Ximian will merely be a small part of the infrastructure that Microsoft controls. That infrastruture will be used to extract new "taxes" from people.

Microsoft to Ximian: Sure, we'll help you build your software. Sure, we'll get you integrated into .Net, no problem. We're here to help. We're the new Microsoft.

Microsoft to Microsoft: Ha ha ha! Fools! Don't they understand that we are kind of like a giant cable company now? We don't care that much about the software and hardware, we care about capturing data from stupid users so that we can extract big money. We know that the margins on software are great now, but they are probably going to decline. However, the margins in services are on the rise. World domination... Ha ha ha!

Re:This is good to see

[technomancerX]

Yes, it's wonderful to see MS doing everything possible to look good so they don't get slammed when a remedy comes out of the anti-trust case.

Let's face it, .NET is not a very impressive technology... RPC over HTTPD using XML running what is basically Java (sorry, VM based platform-independent byte code is what Java IS) is not a good foundation to build all of your software on...

It allows some cool applications, but when people are giving examples (Corel's CEO) of using it in a spreadsheet to perform calculations, it's a bad idea...

.technomancer

Re:Woah

[bero-rh]

Call me pessimist, but I think it's yet another
"Microsoft attempts to buy out Linux" story. They'll
help Mono until .NET is widely adapted, at that time,
they drop any support for non-Microsoft OSes and add
proprietary undocumented functions, just like they
always did -- and if you intend to continue using
.net stuff, you have to "upgrade" to Windows.

I wonder where Ximian fits in though - IMO they either don't realize what Microsoft is up to, or they're trying to be bought out by Microsoft to salvage their company financially.
In any case, I'd recommend to avoid .net and Mono wherever possible, using it just where there's no alternative (just like we're using wine for some applications now).

MS want token competition

[Dr_Cheeks]

MS don't want to go through an enquiry into having an anti-competitive nature again - this would be great evidence that they've cared and learnt and shared and grown. But what do they get aside from a token competitor in a market that they've created? Well, working closely with Ximian means they can look over their shoulders and keep an eye on things to make sure they stay ahead of the competition (and Ximian are definitely the little fish here). And since their relationship is informal, MS doesn't have to divulge anything it doesn't want to. They get to encourage more people to use .NET systems, but they also get to offer the best option (well, assuming they don't just sit on their asses while Mono improves).

Sure, MS would like to keep everything secret, but it recognises there's some real competition now (Linux etc.) and now has to try to bring those of us who defected back onto their side again.

Or am I just being paranoid?

Ximian, don't be silly.

[Karma+Sucks]

Focus on fixing GNOME so that it can compete with KDE and Windows. You *cannot* win with Microsoft, you are in a position of weakness and disadvantage by default. Microsoft will screw you over at the first chance, and along the way you will have helped bolster the mindshare of its questionable strategy.

You are creating a conflict with your ally Sun by neglecting JAVA. Do not divest your efforts from GNOME. GNOME needs you. Do NOT neglect the ailing GNOME desktop like this.

This is my fair attempt at talking some sense into you. I sincerely hope you prove me wrong so that I won't have to say "I told you so" in a few months.

-- A KDE Fan.

Hold on, let me get my stop watch...

[MongooseCN]

...ok now, let's see how long it takes someone to shout conspiracy.

XNS

[Drone-X]

Fortunately there's an alternative provided by IBM and put under a non-profit organisation. I'm hoping this will get big.

Re:ooohh... what a surprise

[RedOregon]

Agreed. From what I've read, simple exposure to closed source code (M$ code), even seeing it during the course of work, opens up the developer to charges of IP theft if any code remotely resembling the M$ code shows up in the open source product. Sounds to me like M$ trying to open that possibility in order to shut the whole product down (or tie it up in litigation, effectively the same thing). WARNING... WARNING... DANGER, WILL ROBINSON!!!

____

Web Services using XML vastly superior to Java

[Ars-Fartsica]

Microsoft is not the only company backing web services - IBM and Sun itself are coming behind a model based on SOAP, WSDL and UDDI. Since you don't give any reasons why "this is not very impressive technology", I will provide you with some reasons why this approach is impressive:

1. The standards are open, and you can program with them right now.

2. "RPC over HTTP" is already being hacked out and used all over the web, so it makes sense to standardize it. Maybe a world full of JVMs communicating over ORBs using IIOP would have been preferrable, but it isn't ever going to happen, even Sun conceeds this.

3. It makes sense to work with Microsoft at this point instead of against it. They control practically all of the desktop computers in the world, and an increasing number of servers. How they came to this position is irrelevant. Strategically, it doesn't make any sense to fight this presence for any group, corporate or volunteer.

4. Java has failed to live up to its promises. No one believes Java is write-once read-anywhere, regardless of if it is even true at this point, so there is no point in flogging that messasge anymore - it has failed in the marketplace.

Another article on this topic

[decesare]

...can be found in this morning's Boston Globe (story link here)

Do you know what .NET is?

[SpankTech3000]

It is a specification, like COM. Once MS published the spec, they couldn't and didn't want to prevent people from making a Un*x version. With all of the other .NET server apps, they don't really care if you bought your copy of an MS server, if you can run their other server components (ASP.NET, ADO.NET). Throwing 2 or 100 developers (which they won't use that many) is chump change for them. It's a LOT cheaper than the advertising dollars they'd need to spend to convince the Linux community that "they care". All the big corporations are the same. They've all realized that they don't have to spend millions on advertising, they just have to hire a couple of very vocal developers, and let them work on open source whatever. It makes them look good in the trade rags, and the whole open source community has a love fest with them. And once again the developers are the pawns.

2 Down, 1 to go

[abe+ferlman]

They already own .gov.

Bryguy

Microsoftspeak

[darkov]

"[Microsoft] will determine with Ximian whether technical assistance would be appropriate" = we'll have a look and see if we need to screw you.

"testament to the openness and viability of the .NET platform." = we have a thousand lawyers and ten thousand programmers poised for attack. Resistance is futile.

"Microsoft will do everything that it can to ensure that Windows remains the best place to run Windows applications" = Microsoft will ensure Windows is the only platform you can run anything. Period.

ooohh... what a surprise

[tantrum]

Microsoft helping to develop open-source software? What is happening to the world?

Well, anyway: was there ever any doubt that .net would be ported to other operating systems? Microsoft certainly want linux users to use microsoft software, espesially as the numbers of linux and *BSD users are increasing.
I would not expect the linux .net implementation to match the windows version, though.

In the news ...

[s20451]

Microsoft to provide technical assistance on Open Source project
VP Mundie's head 'just exploded', say witnesses

Slashdot readers condemn Microsoft
Open Source move seen as 'sinister plot'

World ends, film at 11
Televangelists express surprise

Weather forecast for Hell: Scattered flurries, high -2