Embrace, extend, censor

Microsoft asks Slashdot to remove posts revealing copyrighted information.

Published May 11, 2000 3:52PM (EDT)

Yet another skirmish has broken out in the ongoing war between free-software hackers and proprietary-minded corporations -- and this one promises to be a doozy. On Wednesday, lawyers representing Microsoft requested the removal of a series of posts on the bulletin boards at Slashdot, the popular "news for nerds" Web site.

Citing the provisions of the Digital Millennium Copyright Act, Microsoft asserted that the Slashdot posts, which reveal information about Microsoft's proprietary version of a popular security technology called Kerberos, include "unauthorized reproductions of Microsoft's copyrighted work" -- as well as information on how to get around access restrictions protecting Microsoft's "data specification."

The Microsoft action is just the latest move in a long-simmering dispute between the free-software/open-source software community and Microsoft. The technology in question, Kerberos, is a security system that authenticates the identity of users logging into networks running the Unix operating system. It is an open standard, developed in part by Theodore Ts'o, a software developer who now works for VA Linux, a company that specializes in computers preinstalled with Linux.

Ts'o and other Kerberos developers became alarmed when Microsoft included in Windows 2000 its own version of Kerberos -- with unpublished and undocumented "extensions" designed, say the developers, to prevent networks running Unix from being able to interoperate with the new version effectively.

Ts'o says that Microsoft has taken extensions of Kerberos that the company "promised two years ago to release freely to universities" and made those extensions proprietary. "They welshed on their promises," Ts'o says. "I'm fairly indignant about it."

"In a nutshell," says Joe Barr, a contributing writer for LinuxWorld who has written extensively on the Kerberos brouhaha, "Microsoft freely associated with an open-standards group and worked with them and then instead took the standard internally and made it proprietary. Almost universally within the Kerberos group, that's seen as an attempt to wrest control."

For months, Kerberos developers have been making a stink about Microsoft's behavior. In response, Microsoft finally announced that it would publish the specifications for its version. But in a peculiar twist, Microsoft required readers of the published version to agree to a nondisclosure agreement forbidding them from reproducing or redistributing the information.

"They published it, but they didn't publish it," says Robin Miller, editor in chief of Andover.net, the corporate owner of Slashdot. "They published it in a weaselly manner, and Slashdot readers called them on it."

In response, Ts'o and Jeremy Allison, lead developer of the open-source SAMBA networking protocol, wrote a public message accusing Microsoft of abusing the Kerberos protocol. Slashdot posts publishing Microsoft's data specification, as well as methods for circumventing the nondisclosure agreement, came in the wake of the protest by Allison and Ts'o.

Microsoft is well known for its "embrace and extend" strategy, in which it adds elements to popular technologies to bind users to its version of the technologies. But in this case, Microsoft may have stumbled into a minefield: Asking Slashdot to remove posts is like asking a hacker to cut off his or her own hands. Rob Malda and Jeff Bates, Slashdot's co-founders, say they've never agreed to remove posts, and they are not about to start doing so now. And when the technology is one that originated in a community closely identified with the ethos of open source -- in which everything is always published and available -- issues of free speech and free software become closely entwined.

"Other companies have asked us to remove posts and we've always refused," says Malda, riffing off some licks on his electric guitar while talking via speakerphone. "As far as we are concerned, this isn't any different. You can't regulate the speech of other people so that nothing that is offensive gets said."

Robin Miller sounded like he was licking his chops when reached by phone. In contrast to other disputes involving copyrighted information -- such as the Napster controversy -- this particular tangle cannot easily be painted as one in which hackers are ripping off corporations or depriving artists of revenue. Instead, Microsoft is attempting to co-opt a popular public technology and, after having been confronted about that, is attempting to control the transmission of information revealing its actions.

"If I were a Microsoft public relations person, I would probably be sobbing on a desk right now," says Miller.

"Microsoft has no comment at this time," said a Microsoft public relations

By Andrew Leonard

Andrew Leonard is a staff writer at Salon. On Twitter, @koxinga21.

MORE FROM Andrew Leonard

Related Topics ------------------------------------------