Slashdot Mirror
Microsoft Finally Open Sources Windows 7 Tool
Jan writes "Microsoft has
open sourced the Windows 7 USB/DVD Download Tool by releasing it under the GPLv2 license. The code is now available on CodePlex, Microsoft's Open Source software project hosting repository, over at wudt.codeplex.com. The actual installer for the tool is now again available for download at the Microsoft Store (2.59MB). (Microsoft previously took responsiblity for the violation.)"
It's good that Microsoft took responsibility for this, kudos to them.
I took a quick look at the article and I have no idea what this tool is supposed to do. I couldn't even venture a guess. So some tool that I know nothing about and have no idea what it does now has the source code available for it. I think the term "underwhelmed" would apply. What exactly is a USB/DVD download tool?
As someone mentioned in the original story, Microsoft does not write all of its code itself but sometimes hires other companies to write a specific tool for them. Such was the case here. As for it taking a week, I think that's a pretty short period of time for something to take in a bureaucracy.
It's a tool to download Windows 7 into a USB drive, hence it's a tool FOR Windows 7. Shortening it to "Windows 7 Tool" is just common English usage -- that's just like saying a drive for reading CD-ROMs is a CD-ROM drive. Get over it.
Pet peeve: Profane people propagating perfunctory pedantry.
Or it's proof that they made some changes so that the tool uses public API's instead of private windows internals and instead of just throwing it out the door, tested the changes made.
"I use a Mac because I'm just better than you are."
For a company that believes so strongly in the inviolability of Software licensing, it's nice to see them practice what they preach when it comes to the rights of others. Fair play to Microsoft for meeting it's requirements, and score one for the GPL and Open Source.
So there I was, scribbling down some notes off the PC screen by hand, when I reached for the keyboard and Ctrl-S'd.
I've seen some of the Windows Source code when I worked there. Trust me, it's WAY more professional than the Linux source code.
Microsoft's problem with code quality isn't the engineers - they're the same as everywhere else. In Windows 2000, they set out to eliminate BSOD, and they mostly did. In XP SP2, they set out to make it secure, and it's better.
The problem is no one asks them to do the right things.
Anyway, trust me - it's very professional, clean code, nice design, and not filled with hacks like the Big Global Lock that used to be in the Linux kernel.
You apparently have never worked in a large company before. There were probably 27 meetings before someone high enough up the food chain stuck their neck out to say "ok". We're talking about opensourcing code from a company that generally doesn't do it. Legal was involved, top executives were involved, someone had to talk to PR about spinning a press release, etc etc. This isn't like some dev got emailed and said, "Shit! I better get that posted right away!"
First the SEGA logo brazenly appeared on a Nintendo console
Now it's Microsoft publishing GPL licenced-code. TWICE (the other being their contribution to the kernel)
Pigs expected to fly next week.
Wouldn't changing the code at this point still be a violation of the GPL? They released a certain version containing GPLd code, they need to make /that/ version available, right?
Obviously there are plenty of other reasons it's likely to take a week to do anything at a megacompany like Microsoft.
Slashdot is not a game, Slashdot is not a game. Crap, I just lost points.
The bigger news is not that Microsoft open sourced the tool after their GPL violation (that was inevitable). The news here is that Microsoft kept the open source tool instead of replacing it with one of their own. Microsoft has open sourced portions of their code before, that really isn't newsworthy. Keeping an open source tool that will be used to deploy their crown jewel operating system by millions of people - that's newsworthy.
This is PROOF that Microsoft KNOWS they are producing bad code. They put something out there, and then when they had to open source the code, they were all like "Well now everyone will see how bad our coding is, better take a week to fix it up before releasing it to the public!"
Having been involved with open source at Microsoft, I'd guess that the real reason for the delay was to "scrub" it to make sure that no intellectual property was inadvertently being given away.
The difference between theory and practice is that, in theory, there is no difference between theory and practice.
It's been, what, a month since they were informed of the lapse, and less than that since they acknowledged the error?
Show a reasonable amount of patience.
I can't help but notice the "finally" in the title.
Really slashdot, can't you post any MS related story without personal bias?
1) What programs do people here like for applying .ISO images to USB drives in Windows? Is this one "locked" to Windows 7 ISOs or can I use it to, say, put Puppy Linux onto a USB drive? I tried to install this one to find out but it's telling me "This application requires the Image Mastering API v2" and I don't want to put too much effort into this if it isn't for general use.
2) Anyone know how to do the same thing in OS X? I tried using Disc Utility but it will only let me a) burn ISOs to CDs or b) apply Apple .DMGs to drives. I tried mounting the ISO and using that as a source to create a DMG and that worked, but then when I went to apply that DMG to a disk it gave up at the last minute. (Sorry, that machine is at home, I don't know the exact error message. It basically said "Sorry, can't" after I clicked 'restore'.)
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
I'm sure Microsoft's source code looks much more professional than the Linux source code. The company probably has rigid coding standards that all programmers must adhere to. Not only standards that have to do with the kinds of constructs you are allowed to use, but how the code must look, how many spaces to indent, how to format your comments, and where to put comments. In other words they probably have a 'grammar police' for code. (Do they still use Hungarian notation?). OTHO the Linux kernel was written by coders from ALL walks of life with different views on how to write code. There is only a very loose coding standard for the kernel, if Linus can read it and understand it, it gets used as is.
Does this make Microsoft source code work any better than Linux? No. Does it make it more supportable (for the programmers actually working on it)? Probably. But the people working on the Linux Kernel are used to the hodge-podge of coding standards in use. Still it could make it harder for someone to break into kernel support.
BTW, I've heard of some diehard Mircosofties getting windows tats. Wonder if Linux coders have a Tux tat. (yuck).
I think your comment about asking the engineers to solve the right problem is very insightful.
But I'm curious - did Windows have more fine-grained locking than a single kernel lock at the time Linux introduced SMP support with 2.0? I can imagine Windows may well have been better re locking scalability back then. Both Linux and Windows have been using increasingly fine granularity locking over the years, which is nice. It's somewhat frustrating that the Big Kernel Lock is still hanging around but at least it's not on most / any important critical paths now. And one day hopefully it will go away properly :-)
Other reasons to stop calling it the "Windows 7 Tool" include the similarity between:
"Microsoft Finally Open Sources Windows 7 Tool" and
"Microsoft Finally Open Sources Windows 7 Too!"
I spent the first 30 seconds in shocked disbelief as I tried to remember anything else they've open sourced.
Now that I think about it, I'm pretty sure everything I just said is completely wrong.
filled with hacks like the Big Global Lock that used to be in the Linux kernel
The spinning hourglass begs to differ.
Eh... I understand what you are saying. And yet, Linux has never produced anything nearly as bad as Longhorn. Seriously, Long- freaking-horn. You can't praise them for 2000 and xp SP2 and ignore their obvious mistakes with xp/xp-sp1 and longhorn/vista. Every version of windows that is released is accompanied by a story interviewing some Microsoft fellow that describes how bad the source code for the previous version was and how no one really knows how all of the different parts of windows interact. I'm sure its not bad code full of obvious hackery and bad coding. I am however convinced that its a more difficult of a design than the Unix philosophy and it suffers because of that.
Plus, as closed source we can just sort of imagine the code that causes the problems we run into, where as with linux we can actually see the code that caused the problem so we don't have to imagine any code crappier than what we find.
Well.. maybe. Or Maybe not. But Definitely not sort of.
Microsoft's been doing this a lot lately (a lot being relative to their past conduct).
It's good that they're doing good and paying down their negative karma, but sometimes I wonder if people are deliberately infecting their sources with GPL'ed code just to make them cough it up once it gets published. A windows 7 tool getting fingered for a GPL violation so quickly makes me think that the exposure had a bit of inside help.
Time will tell.
Kudos to Microsoft though if their efforts are sincere.
Anyway, trust me - it's very professional, clean code, nice design, and not filled with hacks like the Big Global Lock that used to be in the Linux kernel.
Bad example. Just about every uniprocessor-developed OS had a Big Global Lock until they went multi-cpu - and even then it usually took a few releases before it was really eliminated. I would be hugely surprised to find that the Win9x series didn't have one too. When did the linux kernel deprecate it? Like a decade ago?
When information is power, privacy is freedom.
Frankly, I find htat hard to believe.
Letter overflow!
This third party code would have been produced under contract as "work for hire". Presumably, the contract stated that the third party had to assign all rights to the code to Microsoft, like any other work for hire, and that the end product must be wholly assignable.
Most likely, the third party actually violated their contract with Microsoft by creating a work that uses GPLed code.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Depends on your definition of "deprecate" and "decade". As late as last year (2008), the kernel people were still working on removing it.
Je ne parle pas francais.
You downloaded the tool (a.k.a. application), not the source code.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Microsoft did the right thing, they shouldn't be bashed for it. Consider the following:
You're standing in line thinking that the guy next to you, Steve, is a pretty normal guy; perhaps you don't like him a lot, but he seems to keep to himself. Suddenly Steve turns to you and junk-kicks you right up in your man business. When you come to several minutes later, Steve apologizes profusely. Apparently there was a mix-up which unfortunately resulted in your swollen nuts. Wanting to make things right, Steve allows you to junk-kick him in his man business.
I think it is safe to say Microsoft is doing the right thing allowing you to junk-kick their man business.
good point. It's easier for Microsoft to miss when the original source had the license text removed before handed over to Microsoft and if they had an agreement that all code and licensing were to be handed over to Microsoft.
It does surprise me that Microsoft would hire out for little tools like this. Unless, it's in payment for some other more 'serving' task(s). Like how they hired Mainsoft to create Internet Explorer for UNIX while at the same time they just about quadrupled the cost of licensing their Windows sources needed to do the task. MainSoft had the dough to pay the higher licensing fees but none of the other Win32 on UNIX vendors could afford that expense. Mainsoft survived but all other products which allowed Win32 to compile on UNIX were shut down. It was a great trick to get vendors to port UNIX apps to Win32 and then eliminate the ability of those apps to be updated and run on UNIX.
I wonder who the 3rd party was and why they were hired to do this little tool for Microsoft?
LoB
"Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
As opposed almost everyone fussing about "teh M$" and nuances of "freedom", I decided to take a look as see this professionalism.
The first, the first, line I read had a pre-processor no-no. Here:
#define ReleaseStr(pwz) if (pwz) { StrFree(pwz); }
You can read all about it here: http://www.parashift.com/c++-faq-lite/misc-technical-issues.html#faq-39.4
Here's how it doesn't work:
if ( something )
ReleaseStr(pwz)
else
foobar;
So there. The code might look professional. It might but it doesn't mean that it is.
Note, this isn't a W7 thing ,this all happened 8 years ago for XP SP2.
Jibe!
http://blogs.msdn.com/e7/archive/2009/04/25/engineering-windows-7-for-graphics-performance.aspx
http://blogs.technet.com/markrussinovich/archive/2009/10/22/3288577.aspx
-Foredecker
Jibe!
I'm sure its very pretty. But at the end of the day, it doesn't work as well as the Linux kernel.
Obviously you haven't experienced the joy related to binary Linux drivers (WIFI and 3D come to mind). Let me guess you're doing studio audio production on Linux because of the low latency performance?
Linux makes for an awesome hackable server and it is very flexible. The tools available for networking and development stand on their own but the awesome begins to fade after that. If only BeOS had lived (yes I've been following HaikuOS)...
Man blir trött av att gå och göra ingenting.
And by banned, he doesn't just mean there is a policy against them. They run regular code scans for "illegal" functions and then send out high priority bug reports to the code owners if any are found. I had to fix a couple of them when I worked there (and they weren't for strcpy, it was more subtly problematic functions). In my entire time at MS, I never saw one instance of strcpy. Usually the code used StringCchLength and StringCchCopy, which are not only safe if called with the appropriate buffer size, but function well with both ASCII and UTF-16 strings environments (though in practice, all our code was compiled with unicode support).
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
Linux audio. Just... Linux audio.
---
Most of the senior engineers at the time were working on Windows Server 2003. The people working on Longhorn were less experienced, and after a bit they started to put their pet projects into Windows, similar to the Copland fiasco Apple went through. (The difference was probably pride rather than fear of getting fired, like "see that? That's my idea!", but meh.)
Jim Allchin wrote his "I'd buy a Mac" memo here.
After they shipped Server 2003, they tried to clean up the Longhorn mess - first by cutting out some of the projects, then by stripping it down and then building up to Server 2003-level. Only then did they decide it was too unworkable, and decided to rebuild straight from the Server 2003 codebase.
Not trying to refute anything here, just giving some background info. Yeah, they definitely could have done a lot better, but they also could have done worse, and I'm not sure that open source would have helped them at all.
Thank you; I sit corrected. However, if they are, as you say, using functions that don't allow unbounded copying, how do you explain all the buffer overflows. Granted, my programming skills are way out of date, but from where I sit it looks as though using copy functions with built-in bound-checking should prevent them.
Good, inexpensive web hosting
I'm not sure what buffer overflows you are refering to. We're very careful to use the bounds checked type of copies you are referring to. There are many ways to do this. The safe string copy functions are one, so is the new secure CRT. String handling C++ classes are anohter.
Of course, its impossible to claim that there are no 'run of the mill' buffer overlows in Windows XPSP2, Vista, Win7. But we went to great lenghts to avoid them. This includes code reviews, and the use of automated tools (static analysis) among others. But there are very, very few.
Of course, there are still things that need to be fixed and they may be due to simple coding errors, or they may be more complex.
-Foredecker
Jibe!
Indeed, something similar happened when at I was Sun. With modern servers you just have to have an IPMI client for remote lights-out management. The most popular one is IPMItool, an OS product that got support on Unix-like systems early on. But somebody managing a remote system might well be running Windows. IPMItool will run on Cygwin, but Sun can't redistribute Cygwin, so they needed to provide customers with a native Windows version. For that, they hired a software consulting firm to make the port, then released the source code in accordance with the original software license.
The difference here is that Sun is a very bureaucratic place where you can't do anything without jumping through all the right hoops. So if you use OS software or code, you're required to tell the company lawyers so they can make sure you don't break any rules. At other places I've worked, it was pretty common for some engineer to see some OS code he wanted to borrow and just go ahead and use it. Any OS license requirements might be ignored or the engineer might try to interpret them on his own, with the resulting mistakes that amateur lawyers always make. Either way you have a violation of the OS license that has more to do with stupidity than with any grand conspiracy. A classic example of Hanlon's Razor.
I see you like the play of devil's advocate.
This goes against the spirit of the GPL.
However, in legal perspective (IANAL), I don't think it will work out like that. You see, either you accept the license (GPL) and you get to redistribute the software under the GPL license.
Or you don't accept the GPL license, in such case, copyright would still be with the original copyright holders.
Now, any works under copyright doesn't have to have been sold yet. You can always discuss the price with the copyright holder for proprietary use.
Better do it before using the code though, as you may have more bargaining power then.
The fact that you didn't, even if you didn't know, copyright still stands. The copyright holder can make you have to pull all your violating binaries / code from any distribution, which could actually cost alot by itself if infringement is big.
Price will be at market price, or whatever agreement with the copyright holder. Not sure if there are any limits to demands here.
Just because the sourcecode can be distributed under the GPL license doesn't mean it no longer have any market value. It can be relicensed under any other free or non-free license by the actual copyright holder (not those who merely redistribute under GPL), with or without monetary or other compensation.
This vibes very much with what other posters have said, that the GPL itself give value back in form of collaboration. If you don't want to collaborate with the rest of the world though, you gotta pay something else. Many companies are already using this strategy to make money off of GPLed software, selling their rights to companies who wants to do proprietary work.
Always remember: GPL == free software, GPL != free beer
http://www.debunkingskeptics.com/