Subject: if M$ loses.. Thu Sep 10 15:47:20 1998 i was thinking about the Microsoft vs DOJ spectacle today, wondering what the gov't would do if M$ actually loses. the obvious answer is that the case will roll its way up to the Supreme Court.. or even farther, if the M$ legal team can find some way to force the issue.. but assuming a few million years of evolution take place overnight in DC (or divine intervention occurs, depending on your personal taste), and our governing bodies suddenly discover they have spines -- what then? nobody much likes the idea of having the gov't step in and break M$ up, like it did with Ma Bell.. probably because we've all had a chance to see how well *that* worked. but it's about the only option i've heard discussed so far. this afternoon , however, an idea came to me which i rather like: if Microsoft is found guilty of leveraging its OS monopoly.. blah, blah, blah.. they lose the right to keep their source code private. y'see, Microsoft uses a development technique called "the daily build and smoke test". every day, a version of the program under development is built and run through a series of quality tests. if a given build doesn't pass the tests (it "starts to smoke"), development comes to a crashing halt until the problem is fixed. it's a very good development strategy, but it can also be turned into an absolutely brutal paper trail, should anyone want to start throwing in hidden features. i don't propose that all Microsoft's code be made public as the products are developed.. that would be ridiculous. OTOH, i can think of no immediate damage to Microsoft that would result from being forced to provide the gov't (at their own expense) a set of CDs that contain the complete source tree, test suite, diff files, and configuration management specs for each daily build. the verification would be almost trivial.. at any time, a federal inspector can come in and run a PGP hash of the whole source tree to see if the result matches what the CDs say. the diff files can be used to revert any version of the source tree back to all previous versions, so there's no way to hide a faked source tree. the configuration management specs tell you *exactly* what kind of machine, compiler, libraries, and other software were used to create each build. the inspectors can do their own builds independently, and test them against the Microsoft version to verify that they're byte-for-byte identical. if, at any time, the gov't feels that Microsoft might be playing games with the source, it can have an independent review done by programmers who are sworn to secrecy under the standard federal rules. Microsoft doesn't need to know if, when, or where such a review might take place, until they get a report from the investigators that says, "about this part of the code here ..." oh yes.. something else that goes on the CDs: the database of all the coders who work on the project, and what changes they made to which files. if a certain block of code comes under scrutiny, we want to be able to subpoena the person whose fingers actually hit the keys, and find out what they have to say for themselves. none of this would be particularly burdensome to Microsoft.. they're doing all the work, now. the only difference is the requirement to back everything up to CD, and ship it off to a government warehouse somewhere. frankly, having to face the possibility of external scrutiny would encourage the coders individually, and the company as a whole, to write better software. it would also give the people who want to develop *good* products a better bargaining position. i don't expect this kind of thing to actually stop Microsoft's powermongers from trying to sneak things under the wire.. nothing can do that. it does make the job a whole lot harder, though, which would keep them from causing as much trouble as they do currently. besides, after that *embarrassing* glitch last week, where they somehow misplaced the source files for their one-time flagship product (currently under litigation from Caldera), i can't see Microsoft posing any serious objections to an off-site backup archive. ;-)