An article in today’s New York Times [nytimes.com, registration required], outlines a major shift in Microsoft’s attitude toward opening up its source code.
The new Windows CE licensing program announced yesterday will for the first time allow licensees to directly modify the source code and ship the product with their changes. The licensees will even ‘own’ rights to the changes for 6 months - at which time the licensee has the option of licensing the changes back to Microsoft.
This new licensing approach does not apply to the main Windows operating systems.
This approach, while a significant improvement over previous licensing terms, is still a small step when compared with embedded Linux. With embedded Linux, users have always had access to the source code and the ability to extend it.
It should be noted that, while Microsoft has a near monopoly in desktop operating systems, the market for embedded operating systems is much more competitive. In that market Linux has a much stronger position. Given the competitiveness of the market, it’s not surprising that Microsoft is being forced to compete in this way.
While most of the talk around this new licensing approach has been centering around the ability to add new features, my bet is that it’s probably at least as much about security. By opening up the source code to these partners, Microsoft is increasing the ‘number of eyes’ on the code. This should pay immediate dividends in making WinCE more secure as well.
To me, this is just another demonstration of two of the major strengths of Open Source:
- Innovation - by opening up the source code, Microsoft will gain from the insight and expertise of the users of its software. This ‘innovation advantage’ is a phenomenon being seen all over the open source landscape.
- Security - by opening up the source code, Microsoft also increases the number of eyes on the code - and increases the chance the security flaws will be found and fixed.
I’d challenge them to take the next logical step as well and put bug lists on-line for everyone who has access to the source code. This would accelerate the rate at which both innovation and increases in security occur.