This is exactly why I say that the browser is an excellent information distribution platform, but an awful application platform. Even with fancy toolkits, writing web applications is just plain hard. You spend a lot of time worrying about stupid things like cross-browser, cross-platform compatibility, weird concurrency issues, slowness of interpreted JavaScript, the inherent stateless of the browser, poor handling of lost connections, and more. Don't get me wrong - web-enabled application are awesome. I just think that JavaScript and DHTML for applications are not going to be the primary means of delivery in the next 5 to 10 years.

i think that's just a lame excuse by Microsoft. everyone who knows GPL knows that just because you bundle a single GPL app with Windows doesn't mean the entire Windows will have to be GPLd! if that were so then all Linux distros would be pure GPL, and we know they're not.

Actually, I think it's less a fear of GPL and more a fear of patented code.

For example, suppose Microsoft is ready to ship the next version and they bundle something like a new open source network stack. Just before shipping (or worse, after shipping) a company sues them because the network stack code included some code patented by another company. It would suck if Microsoft had to delay the release due to an injunction. This is the scenario they want to avoid.

On one hand, I think we need to reject a culture of fear. On the other hand, we've seen this sort of thing bite Microsoft over and over, whether or not the lawsuits had merit.

First let me say that I've been arguing for a long time that Microsoft was dropping the ball by not shipping BSD and MIT licensed projects with Windows, so I very much want to be wrong.

I think the general issue is that they can't afford the risk of shipping code they can't verify they have the right to ship. Patented disputes are probably a more likely concern, as Phil mentioned. However, even the GPL in Paint.NET issue presents the risk of being very costly for Microsoft. It's not at all hard to believe that a court (especially one with a bias against Microsoft) would grant an injunction preventing Microsoft from shipping the GPL'd code pending further study. However, that code is burned onto DVD's sitting on store shelves and preinstalled on thousands of computers at Dell, HP, etc. It doesn't matter that the court might be wrong, a massive recall and a one month delay in shipping Windows would be a disaster. Just the potential of something like that happens weighs pretty heavily against the nominal benefit Microsoft would get for shipping a better paint program.

"Most open source projects require that you would either explicitly transfer ownership of the code or that you would guarantee that you are adding your own code" - my guarantee doesn't do Microsoft any good if they're sued. Are they going to come after me to recoup the money they lost?

While you'd assume most developers know their software licenses, just today I talked to a leader on a medium sized open source project who discovered that a patch contained code which had been copied from another project with an incompatible license and without credit. The developer (who was immediately banned from the project) claimed they didn't know that was wrong.

Certainly not unique to OSS.

But from MS perspectives, their employees are told not to look at OSS code unless they get some form of approval. They are less likely to introduce patented code into a project by accident.

However, if they take a large OSS code base and decide to integrate it into Windows and release it, there may be tens to hundreds of contributors. It's very difficult for them to figure out whether it's a lawsuit waiting to happen.

I'm just saying, it's a legitimate concern, but not an insurmountable concern. Rather than saying, "Big deal! Just deal with it!" or "Everyone deals with this!" it's more helpful to say, "Here's how to mitigate the risk."

Keep in mind. There's no point suing an OSS project that has no money. For example, if someone put patented code in Rhino Mocks or MbUnit, you might never know (assuming others contribute). Why would anyone want to sue you?

Suing MS, is another matter because they have tons of money.

They are an attractive target.

Heck, it might be a bit outlandish, but you could imagine a scenario where someone contributes patented code to a project in the hope that MS incorporates, just so they can sue them later.

Again, the constructive question is, "What is your advice to MS?"

Define integrate, I am not talking about taking the networking stack from the SCO kernel, I am talking about bundling user level applications, and the example is Paint.NET.

That one is a legitimate concern, sure ,but it is the same concern you have whenever you take a dependency on another's code.

Phil,

My advice would be to evaluate existing OSS efforts and consider making use of them instead of developing in house. In this regard, Paint.NET is not a good example, because I am mainly talking about tools, more than user applications.

NUnit vs. MsTest is the classic example where they took the wrong way.

When/if they decide that they would like to develop something in-house instead of reusing existing technologies, I would like to know what the reasoning behind the decision are.