Ballmer Puts Linux, Unix in Microsoft's Sights, Misses the Point
by Timothy Prickett Morgan
It's not every day that I get a personal e-mail from Steve Ballmer, the CEO of software juggernaut Microsoft, but last week, it is safe to say that many millions of us did. In that e-mail, Ballmer made the case for why Windows is superior to either Linux or Unix as a platform for corporate computing, reiterating many of the cost and security themes that Microsoft has used in its "Get The Facts" anti-Linux, anti-Unix marketing campaign. This time around, though, Ballmer added intellectual property issues to the mix.
Microsoft did not instigate the SCO lawsuit against IBM concerning the alleged use of Unix intellectual property inside Linux, but it has been a supporter of that lawsuit--through its licensing of Unix technology from SCO for $16 million and through its alleged funding of and definite advice to Baystar Capital to invest in SCO after the suit was launched--and is clearly one of the main benefactors of the lawsuit. SCO clearly has generated bad blood for itself in the open source community resulting from the IBM suits and the ensuing (pun intended) lawsuits with Novell and Red Hat. It also abandoned its commercial Linux business to make a point about its legal issues. So it is probably safe to say that Microsoft is the main beneficiary of the SCO suits (aside from the lawyers arguing on both sides, of course, and SCO if it prevails in court). There is no question that Microsoft wants to make hay out of this issue to promote Windows, and if Ballmer's e-mail last week had one intent, it was to foster the idea that Windows is a safer bet than Linux and a better option than Unix.
Ballmer's e-mail, which was blasted to Microsoft's immense customer base and which you can read here, started off by asking what are probably the central questions in the struggle among Linux and Unix (which have their own competitive issues) and Windows in the IT market. "In the thousands of meetings that Microsoft employees have with customers around the world every day, many of the same questions consistently surface: Does an open source platform really provide a long-term cost advantage compared with Windows? Which platform offers the most secure computing environment? Given the growing concern among customers about intellectual property indemnification, what's the best way to minimize risk? In moving from an expensive Unix platform, what's the best alternative in terms of migration?"
Ballmer's purpose in sending his e-mail, he said, was to share the "independent, factual information" concerning the total cost of ownership (TCO), security, and legal issues surrounding the use of Windows, Linux, and Unix. Ballmer cited a Yankee Group study and a Forrester Research study. We have reported extensively on both the Yankee Group study, called "Linux, Unix, and Windows TCO Comparison, and on the Forrester study, called "Is Linux More Secure Than Windows?". The most recent rebuttal of many of the conclusions in these reports appeared only last week and were authored by open source advocate Nicholas Petreley. Ballmer also cites another Forrester report, called "The Costs and Risks of Open Source," which is based on interviews with 14 Linux shops, for more TCO analysis.
As is the case in other political speech, Ballmer's citations of the facts is selective, meaning he selects the points that make his case and omits the data that does not. (All IT marketeers, including those in the commercial Linux camp, do this.) But Ballmer makes a good point when regurgitating from the Yankee report that it is much more expensive for many Windows shops to move to Linux compared to the cost of getting current on Windows Server 2003. This is especially true at small and midsized companies that have no Unix or Linux experience and that would face a daunting task of getting trained on a new platform. Familiarity, it would seem, breeds comfort as much as it breeds contempt.
Perhaps the most egregious example of selective quoting in the Ballmer e-mail came from the Yankee report. "Linux-specific worms and viruses are every bit as pernicious as their Unix and Windows counterparts--and in many cases they are much more stealthy." Ballmer went on to say that this was one of the reasons why farmaCity, a Brazilian drugstore chain, opted for Windows over Linux. But Ballmer did not finish Yankee's thoughts on the nature of worms and viruses on the Linux and Windows platforms. So we will: "In contrast to most Windows worms, which are slow- or fast-moving e-mail mailers, Linux worms are automated so they require no user interaction," said Yankee. "These worms exploit security vulnerabilities such as buffer overflows to gain access to the victim system. Of course, it is all relative. An infecting worm or virus will do far more damage to Windows (the most widely deployed and widely networked operating system) in a much shorter time than the nastiest Linux bug. The worst Linux rogue code was the Slapper virus that first appeared in 2002. It affects Linux machines that run Apache Web servers with OpenSSL enabled. Apache installations account for nearly 70 percent of public Web sites on the Internet. According to antivirus vendor F-Secure, the Linux-based Slapper infected 20,000 machines in more than 100 countries. Still, that infection pales by comparison to the most pernicious Windows bug: MyDoom. The MyDoom virus and its several variants infected more than 2 million PCs in less than a month." The security issue does not seem to be as clean cut as Ballmer would have us believe.
About half way through Ballmer's e-mail, he got to an area where I think it is safe to say Microsoft will start trying to get more market leverage: indemnification from potential lawsuits as it relates to software intellectual property. "Today, when a volume licensing customer--a business or organization ranging from as few as five computers to many thousands--licenses a Microsoft product, we provide uncapped protection for legal costs associated with a patent, copyright, trademark or trade secret claim alleging infringement by a Microsoft product," said Ballmer. "We do this because we are proud to stand behind our products, and because we understand that being on the wrong end of a software patent lawsuit could cost a customer millions of dollars, and massively disrupt their business." Microsoft knows a thing or two about being sued, so it probably makes some sense to learn from its experience. So, if you happen to get into a monopoly position with your software someday and have tens of billions of cash in the bank, just remember that ultimately, might almost always makes right in the courts (since you can hire the best lawyers, the antitrust laws are convoluted and weak, and political appointments behind antitrust cases usually change before a case is done), and while such trials are disruptive to the business, in the long run, you get to keep all the profits. It worked for IBM twice and it worked for Microsoft twice.
Ballmer continued in his argument on the intellectual property issue thus: "No vendor today stands behind Linux with full IP indemnification. In fact, it is rare for open source software to provide customers with any indemnification at all. We think Microsoft's indemnification already is one of the best offered by the leading players in the industry for volume licensing customers, and we're looking at ways to expand it to an even broader set of our customers. It's definitely something businesses want to think about as they're building or expanding their IT infrastructure." He goes on to say that a former Linux shop, movie theater chain operator Regal Entertainment, was worried about the IP issues and moved to Windows because of those worries.
Ballmer, of course, completely ignores that open source is not done by companies, but by people who give the code away, and therefore such uncapped indemnification is not possible because there is not a central company responsible for the code to be sued if there are IP infringements. Perhaps open source needs a central authority checking the code, which runs open source operating systems, middleware, and applications through a giant code library to find stolen code. To be fair, Microsoft does offer a complete indemnification for its software and the handful of indemnifications available for Linux and other open source programs have lots of qualifiers. They need those qualifiers--which restrict how end users can alter code and still be under the indemnification--because of the open, and therefore changeable, nature of the code. Windows is closed source and has been for over a decade, and no end user can add code to it.
That said, because Windows and the related Windows Server System stack is closed source, no one except Microsoft knows how much technology and ideas have been "borrowed" in the various generations of Windows over the years. Remember the Microsoft alliance with Digital Equipment in 1996? There are conspiracy theories--which have never been proven--about what was really behind that alliance. David Cutler, the core designer of the VMS operating system at DEC and what became Windows NT at Microsoft, was working on a kicker to VMS called the "Mica" operating system. In 1988, when DEC had to cut costs, they killed Mica (which was being housed in a lab in Seattle) and soon thereafter Microsoft snapped up Cutler and the company set about to make an alternative server operating system to Unix, what looked to be the next industry juggernaut at the time. The rumor about Windows NT is that whole chunks of Mica were in there (supposedly discovered by someone at the Massachusetts Institute of Technology, which presumably had access to the source code), and Digital threatened to sue Microsoft to the tune of $600 million. It was not too long after that, the rumor goes, that Microsoft significantly expanded its Windows NT alliance with DEC.
As long as Microsoft keeps all versions of Windows closed source and out of the hands of the open source community that would love to find such smoking guns, it can take the high road on indemnification. (Yes, I know Microsoft has shared source initiatives for universities for Windows CE, Windows 2000, and Windows 2003. But let's take a look at Windows NT 3.0 and 3.5 and 3.51.) And I fully expect Microsoft to continue to try to take the high road on indemnification. And for some companies, such fear, uncertainty, and doubt will sway them toward Windows and away from Linux and open source.
All I can say is that Windows NT and its kickers were supposed to be the alternative to the Unix platform and were supposed to take the half of the server market that Unix, as a collection, has dominated for a decade. No matter how much Ballmer and Microsoft protest otherwise, for those Unix shops who don't want to stay with Unix, Linux--not Windows--is the better, more familiar option because of their Unix background. Familiarity breeds comfort as well as contempt here, too. Unix shops that have Windows have a certain amount of disdain for it regardless of the fact that Windows has a boatload of applications. But these Unix shops are rooting for Linux on X86, and they are rooting for Solaris 10 on Opteron and for HP-UX on Itanium. If IBM was smart enough to put AIX on X86, they would root for that, but they will settle for AIX or Linux on Power5 servers because they give great bang for the buck. And Ballmer can send all the e-mails he wants and there is just nothing that is going to change this.