Perception Vs Reality Regarding The .NET Framework Source Code

Oct 5, 2007 dotnet suggest edit

I think Miguel de Icaza nails it regarding some of the FUD being written about Microsoft’s latest move to make the source code to the .NET Framework available under the Microsoft Reference License (Ms-RL).

In fact, his post inspired me to try my hand at creating a comic. I have no comic art skills (nor comic writing skills), so please forgive me for my lack of talent (click for full size)…

I know some of the people involved who made this happen and I find it hard to believe that there were nefarious intentions involved. You have to understand that while Bill Gates and Steve Ballmer are known for playing hardball, they aren’t necessarily personally involved in every initiative at Microsoft (as far as I know).

Some things start from the grassroots with motives as simple as trying to give developers a better experience than they’ve had before.

Before: the original code, complete with helpful comments, original variable names, etc… was closed. You could use Reflector (and possibly violate EULAs in the process), but it wasn’t as nice as having the actual code.

After: The source is available to be seen. This is certainly not more closed than before. It is clearly better because you now have more choice. You can choose to view the code, or chose not to. Before, you only had one choice - no lookie lookie here!

But It’s Not Open Source!

Many pundits have pointed out that this is not Open Source. That is correct and as far as I can tell, nobody at Microsoft (at least in an official position) is claiming that.

The Ms-RL is not an open source license, so there is reason to be cautious should you be contributing to the Mono project, or plan to write a component that is similar to something within the framework. As Miguel wrote in his post, these precautions have been in place within the Open Source community for a very long time.

So yes, it’s not open source. But it’s a step in the right direction. As I’ve written before, we’re seeing steady progression within Microsoft regarding Open Source, albeit with the occasional setback.

My hope, when I start at Microsoft, is to be involved with that progress in one form or another as I see it as essential and beneficial to Microsoft. But I will be patient.

Should You Look At The Code?

So should you look at the source code? Frans Bouma says no!

Take for example the new ReaderWriterLockSlim class introduced in .NET 3.5. It’s in the System.Threading namespace which will be released in the pack of sourcecode-you-can-look-at. This class is a replacement for the flawed ReaderWriterLock in the current versions of .NET. This new lock is based on a patent, which (I’m told) is developed by Jeffrey Richter and sold to MS. This new class has its weaknesses as well (nothing is perfect). If you want to bend this class to meet your particular locking needs by writing a new one based on the ideas in that class’ sourcecode, you’re liable for a lawsuit as your code is a derivative work based on a patented class which is available in sourcecode form.

However I think the advice in Miguel’s post addresses this to some degree.

If you have a vague recollection of the internals of a Unix program, this does not absolutely mean you can’t write an imitation of it, but do try to organize the imitation internally along different lines, because this is likely to make the details of the Unix version irrelevant and dissimilar to your results.

My advice would be to use your head and not veer towards one extreme or another. If you’re planning to ship a ReaderWriterLockSlim class, then I probably wouldn’t look at their implementation.

But that shouldn’t stop you from looking at code that you have no plans to rewrite or copy.

And what do you do if you happen to look at the ReaderWriterLockSlim class on accident and were planning to write one for your internal data entry app? Either have another member of your team write it, or follow the above advice and implement it along different lines.

For example, Unix utilities were generally optimized to minimize memory use; if you go for speed instead, your program will be very different …

Or, on the contrary, emphasize simplicity instead of speed. For some applications, the speed of today’s computers makes simpler algorithms adequate.

Or go for generality. For example, Unix programs often have static tables or fixed-size strings, which make for arbitrary limits; use dynamic allocation instead.

Just don’t copy the existing implementation.

For many developers, their code is never distributed because it is completely internal, or runs on a web server. In that case, I think the risk is very low that anyone is going to prove you infringed on a patent because you happened to look at a piece of code, unless the code is a very visible UI element.

Please don’t misunderstand me on this point. I’m not recommending you violate any software patents (even though I think most if not all software patents are dubious), I’m just saying the risk of patent taint for many developers who look at the .NET source code is not as grave as many are making it out to be. When in doubt, you’d do well to follow the advice in Miguel’s post.

UPDATE: Upon further reflection, I realized there is one particular risk with what I’ve just said.

In the case of the ReaderWriteLockSlim, I believe the particular algorithm for high performance is patented. But what if the idea of a reader write lock in general (one that allows simultaneous reads unless blocking for a write) was patented.

Then you could get in trouble for implementing a reader write lock even if you never look at the source code. Patent infringement is a whole different beast than copyright infringement. This scenario is not so far fetched and is something Bill Gates has warned against in the past and has come to pass many times in the present.

Of course, this risk is present whether or not Microsoft makes the source available. By using Reflector, for example, you’d have the same risk of being exposed to patented techniques.

I should point out I’m not a lawyer so follow any of this advice at your own risk.

Having said that, I think a follow-up post on Frans’s blog proposes a solution I think Microsoft should jump on to clear things up. It comes from the JRL (Java Research License).

The JRL is not a tainting license and includes an express ‘residual knowledge’ clause which says you’re not contaminated by things you happen to remember after examining the licensed technology. The JRL allows you to use the source code for the purpose of JRL-related activities but does not prohibit you from working on an independent implementation of the technology afterwards.

It’d be nice if Microsoft added a similar clause to the Ms-RL so much of this FUD can just go away. Or even better, take the next step and look at putting this code (at least some of it) under the Ms-PL.

Disclaimer: Starting on October 15, I will be a Microsoft Employee, but the opinions expressed in this post are mine and mine only. I do not speak for Microsoft on these matters.

I’m also the leader of a couple OSS projects, so I will be very careful about separating what I learn on the job vs what I contribute to Subtext et all. But I’ll be a PM so I hear I won’t be looking at much code anyways. ;)

Found a typo or mistake in the post? suggest edit

Comments

18 responses

Vaibhav • October 5th, 2007
Excellent post and an equally excellent 'comic strip'. I have put it on my blog as well (I hope that is alright... if not, I will take it off)...
I have really enjoyed all the initiatives that have come through from Microsoft since the start of the .net era..
Shawn Burke • October 5th, 2007
Thank's for posting this Phil. Soon, you'll too be able to make decisions with the best of intentions and then have them warped into conspiricy theories... :)
Haacked • October 5th, 2007
@Shawn - Looking forward to it. :)
Gavin Joyce • October 6th, 2007
Nice post Phil, about time some balance was introduced into the somewhat heated discussion.
Steven • October 6th, 2007
You need Comic Life
Comes free with Macs and a PC version is in the making :-) http://plasq.com/comiclife
Dotmad • October 6th, 2007
Microsoft&#39;s latest move , to release the source code for the .Net framework, has triggered a variety
mallcontent • October 6th, 2007
So what you are saying is that looking at this code could expose you to a lawsuit from MS but that they didn't do it BECAUSE they wanted to sue.
That's a silly statement. Unless you were in the meeting room you have no idea why they did it. Imagine this scenario.
Employee: Hey boss if we made the source code available people could help up debug it for free.
Boss: Mmmm let me take it up at the next meeting.
Meeting: Not only would we have millions of people debug the code for us for free but we could also hold this as a threat over people who want to switch to mono on linux. Let's do it.
Adi • October 6th, 2007
I'm not sure it matters if you read the source code in legal terms:
http://dotmad.blogspot.com/...
efdee • October 6th, 2007
I don't think people are actually thinking Scott Guthrie and his friends have been cooking up some pinky masterplan to hold the world ransom for... ONE BILLION DOLLARS!, but still alot of them realise that Microsoft is a big company and different divisions might have different plans. While this is a very nice move on behalf of the Developer Division, how can we be assured that the other, potentially less friendly, chair-throwing divisions at Microsoft will use this opportunity to spread some more FUD towards the OSS community? I think that's what's frightening the people who are so vocal about this issue.
Scott • October 6th, 2007
re: patent infringement.
Yup, that's one of the reasons that developers at big corps, like Microsoft, often don't look to see if something has been patented already. That way you do infringe, you at least acted out of good faith and without knowledge of the prior art.
I forget where I saw an MS employee state that. I believe it was on Larry Ostermans blog, but I can't find it now.
Shawn Burke • October 7th, 2007
@mallcontent, @edfee
I can assure all of you with 100% certainty, that's not what happened in any which way or form. What did happen - and I tried to make this clear in the podcast that I did with Scott Hanselman - was that this initiative originated wholly within DevDiv (and more specifically from within my little noggin) and is purely targeted at helping our customers be more successful with our products, full stop. No chairs were injured or mistreated in the making of this announcement.
efdee • October 7th, 2007
@Shawn
Like I said, I do fully believe that that is not your intention. However, can you vow that the legal and PR divisions of Microsoft see it the same way?
Shawn Burke • October 7th, 2007
But that's the thing - legal and PR don't set policy. The policy is set, primarily, by the business groups who take very seriously the advise and assistance of legal and PR, but at the end of the day, they make the call. In this case, the conception, planning, design, and execution of the plan was purely focused on helping .NET developers be more successful - of that I can vow. Realize that this wasn't driven or mandated in any way by management or legal or anywhere else, it was really my little mission (with Scott's support) that I've been cultivating for almost three years now. So, hey, however other people see it isn't something I can every be 100% sure of, but I do know the context and content of every single meeting and email about this over the last 12 months, and there weren't any pinky masterplans involved.
I'll stop kvetching now. At the end of the day, I can't prove a negative, which is what much of this stuff boils down to. Phil's post here nails most of the points I'd ever try to make, plus he's funny and stuff.
Alright, I'd better get back to dreaming up my next evil...uh, um...shoot...nevermind.
Haacked • October 7th, 2007
@Shawn, I think the question is focused on the aftermath. Understanding that the intentions are pure, there are many out there who feel that looking at the code could come back to burn them later.
For example, they fear that the legal team may be opportunistic and see this well meaning project as a gift for their hunt, so to speak.
It would probably help to have a post that addresses some of those concerns.
Shawn Burke • October 8th, 2007
Yes, I understand that. Again, the legal team doesn't operate in a vacuum - they work in support/partnership of the product team. So I'm not sure how to relate to this idea that they're going to just start running around threatening people who are using this in line with its intended use - that wouldn't really play out well in the overall community, which would totally defeat the purpose.
Drop in the Bucket • October 8th, 2007
Framwork Source Available: Use for the Power of Good
ZarkBlog • October 9th, 2007
The Source is Here! Pt. II
Ricardo Stuven • October 21st, 2007
> The Ms-RL is not an open source license
While Microsoft Reference License is not an open source license, "Ms-RL" (ie. Microsoft Reciprocal License) is it.