Slashdot Mirror

← Back to Stories (view on slashdot.org)

Developers As Pawns and One-Night Stands

Posted by kdawson on from the Microsoft-sweet-talk dept.

jcatcw writes "At the Comes vs. Microsoft antitrust case, last Friday's testimony included evidence that James Plamondon, a Microsoft technical evangelist, in a 1996 speech referred to independent software developers as 'pawns' and compared wooing them to trying to win over a one-night stand. Last week's proceedings also included testimony by Ronald Alepin, a former CTO at Fujitsu Software Corp. and currently an adviser to the law firm Morrison Foerster LLP. He said that Lotus 1-2-3 was killed, in part, by Microsoft encouraging Lotus's programmers to use the Windows API even though Microsoft's own developers found it too complicated to use." The plaintiffs have created a site that includes transcripts of testimony presented in the case.

2 of 268 comments (clear)

  1. Re:Woo by jellomizer · · Score: 5, Interesting

    I am guessing you havn't done much Microsoft Development. Did you ever wonder why MS Has features in their programs that you cannot program easily using Microsofts tools. When Office allows the fade in with graphics and colors menus in all their product while your API only allowed the text only popup Menus. MS Does do this. It is not about MS bashing it is about MS not giving us the tools to create modern applications.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  2. Re:Undocumented APIs by Oddscurity · · Score: 5, Interesting
    Cue depends.exe to do just that, indeed. Some relatively well-known examples of using undocumented APIs are by Sysinternals, who were recently acquired by Microsoft:
    Fundelete accomplishes this through the use of an undocumented API, ObOpenObjectByPointer
    ...
    The final step Fundelete performs is to convert the binary representation of the SID into a textual representation. Another undocumented API, RtlConvertSidToUnicodeString, performs this.
    ...
    Tokenmon relies on several undocumented SRM functions to obtain a logon ID from a thread's primary and impersonation tokens, and GetSecurityUserInfo, an undocumented function exported by the KSecDD (Kernel Security-support driver) that retrieves a logon session user's name, domain name, and logon server given a logon ID. Another interesting implementation detail is that several of the native API functions that Tokenmon hooks are not exported by ntoskrnl.exe for use by drivers. Thus, the Tokenmon GUI must reach into NTDLL.DLL, extract their system call numbers, and pass them to the driver.

    This courtesy of the people who unearthed the Sony Rootkit, which goes to show it takes someone with knowledge of deeply intertwingled cruft to find it?

    But more importantly: if ISVs behave in this way with limited knowledge of undocumented functions, how do you think Microsoft uses them?
    --
    Indeed!