Had to respond even to agree. See inline.
“Nick Ryan” wrote in message news:xxxxx@ntdev…
>
> David J. Craig wrote:
>
> > How can you have competition when they don’t charge for the free stuff.
I
> > understand they removed source code because too many other developers
were
> > taking their code and writing a commercial product. I would be torqued
off
> > too. OSR doesn’t release source code to anything and their DeviceTree
uses
> > several interesting techniques that most of us would like to see how to
> > implement even if we don’t have a reason or real need. I think one of
the
> > sysinternals guys works for Microsoft now, so maybe some of the newer
> > versions are using things that can only be done if you have seen the
source
> > code to Windows.
> >
> > Even though I am currently looking for a job with only consulting to
keep me
> > going, I still think that anyone should be able to sell their services
for
> > whatever the market will pay. Some of this has contributed to the move
of
> > software jobs to India, China, and eastern Europe, but from the
questions I
> > have seen some of this stuff is beyond most of their skill sets and they
> > keep asking for “free sample source codes”. I can’t see sysinternals
> > helping them take more jobs either. Enlightened self interest is good.
> > Many companies are leaving California for similar reasons.
>
> (Big rant/wish-list follows.
>
> Sysinternals has every right to make money off their work, but the fact
> that they are a regular business now restricts what they can do for the
> community. I don’t necessarily agree that the GPL is the best model for
> software development, but I do think that open-source benefits everybody
> and sports little risk for well-written commercial products.
>
I see that sysinternals has a few products at wininternals, but most of
their new business seems to be licensing source or consulting. There are so
many people trying to write security products using filemon as their basis.
Filemon was designed for one purpose and uses tricks and hacks that are
unacceptable in a commercial product for the average user. The IFS Kit
examples can be modified to easily do the same thing as filemon, but using
the approved and portable interfaces.
> To take an example, if there were decent AV, VPN, and firewall
> open-source Windows utilities out there, this would put pressure on the
> commercial vendors of same to improve their products. One VPN product
> from a big-name vendor that I used to use insisted on installing some
> sort of ‘adaptive packet prediction’ filter on my system. This filter
> made it impossible to play online games because it seemed to pend
> packets and send them out in periodic bursts, adding latency not
> noticeable by a sales guy downloading PowerPoint slides but fatal for
> the space marine shooting railguns. And this filter was in operation
> even when the VPN wasn’t connected, for all network traffic to any
> destination! Every time I wanted to play Quake 3 I had to uninstall the
> damn thing and reboot. Bad show!
>
I have a problem using the most popular AV/firewall from a guy in a pink
shirt. Foxnews.com has the bios page, pictures and video clips invoked by
java script that this product blocks. I have to disable it before I run IE
so it will work. They had one of the best sources of the firewall as I was
using it before it was sold to them. It has been expanded in some degree,
but I think they have committed some major errors.
> And I have similar stories for various AV and firewall products I’ve
tried.
>
> To shift track a little bit, I wholeheartedly approve efforts by
> Microsoft to get into the VPN and AV business themselves as long as the
> software community cannot produce acceptable, reliable alternatives.
> However, I believe that Microsoft should instead be encouraging the
> software community in this regard by exposing the source code to
> Windows. Microsoft can write the best VPN and AV utilities both because
> it has smart people and because those people can see the source code.
> Any other group of equally smart people are at an automatic
> disadvantage. If the disadvantage wasn’t there, Microsoft wouldn’t NEED
> to spend resources on writing these utilities themselves. Microsoft
> makes money off of Windows, not off of the XP defrag utility. It would
> be great if third-party developers didn’t have to work as hard inducting
> themselves into the high priesthood of Windows internals to produce
> reliable code (not that the priesthood isn’t fun, but it’s still a
> priesthood).
>
Microsoft seems to move into any area where a good profit can be made and I
have wondered for some time why they haven’t moved into AV and firewalls.
They have some security, but luckily for third parties, they seem to be
rather bad at doing it. Maybe it is designed to make management of security
difficult and obtuse so businesses will have to hire experts just to get it
configured.
> Driver frameworks are a good idea, but they don’t radically decrease the
> time needed to develop a driver. Abstractions always leak (thanks Joel
> Spolsky for his article on this topic), and 90% of a software engineer’s
> time is spent plugging these leaks. Having the source code behind the
> binary code that you are smashing your forehead against is the only way
> to drastically reduce the time needed to plug these leaks.
>
Simple frameworks do work very well. I have used DriverWorks many times,
but their pricing model and the lack of need for 9x has convinced me that
sticking with the DDK is the best solution. The C++ framework is something
I would prefer, but I will still compile as C++, but not use any non-C
constructs. The C++ compiler is stricter and forces cleaner code.
> And I don’t buy the IP argument against exposing the source. Microsoft
> makes money not because the page trimming algorithm in the Memory
> Manager is hidden (to take some random example), but because of the
> skill with which they can evolve the overall architecture of the
> product. For every conceivable OS algorithm in Windows, there is some
> open-source algorithm floating around that’s just as good. Microsoft’s
> competitive advantage is that they can string 10,000 good algorithms
> together in such a coherent way that a competitor can’t hope to match
> the effort without 30,000 smart programmers of its own.
>
Bill Gates became too paranoid (just because I am paranoid doesn’t mean the
whole world is not out to get me) after that MS-DOS clone. I heard that the
some of the evolution of Windows, especially early on, was to keep it from
being cloned. Probably too much code to clone completely now, but Linux
seems to be keeping them paranoid. I know from one job interview that the
caching algorithms in Windows are rather pathetic and when programs such as
SQL server run they do their own caching because the Windows cache
algorithms are not optimized for that environment. The NDIS, SCSI miniport,
printer and display driver’s architecture was designed to ensure that IHVs
had no choice but to support NT as well as 9x. As I have discovered some of
the miniport implementations are far from optimal especially virtual
storage.
Another good question is why do CSPs have to be signed before they can be
used? When the “no such agency” was in control it might have been
necessary, but why now? Of course, it appears that Microsoft is trying to
force all code run on Windows to be “approved”.
> –
> Nick Ryan (MVP for DDK)
>
>
>