'Inside Microsoft's Open Source Program Office'

On Friday VentureBeat published a new interview with Stormy Peters, the director of Microsoft's eight-person open source programs office: "These are exciting times as more and more organizations are engaging more with open source," Peters said. "It's also just as important to developers to be able to use open source in their work — jobs that involve open source are more likely to retain developers."

However, the growing threat of software supply chain attacks and other security issues, not to mention all the license and compliance complexities, puts considerable pressure on developers and engineers when all they really want to be doing is building products. And that, ultimately, is what the OSPO is all about. "OSPOs help make sure your developers can move quickly," Peters said. "Without an OSPO, teams across Microsoft would probably have to do a lot more manual compliance work, and they would all have to reinvent the wheel when it comes to understanding open source licenses, compliance, best practices, and community — we know they'd do well, but we want to help them do even better and faster by learning from each other and using tools standard across the company."

Open source program offices have evolved greatly through the years, according to Peters, with two specific changes standing out in terms of scope and industry adoption. "OSPOs no longer focus solely on license compliance and intellectual property concerns — we now help with best practices, training, outreach, and more," Peters explained. "And, it's no longer just tech companies that have OSPOs." Indeed, a recent survey from TODO Group, a membership-based organization for collaborating and sharing best practices around open source projects, found that while OSPO adoption is still at its highest in the tech industry, other industries such as education and the public sector are gaining steam... "We want to reduce friction and make it easier for employees to use open source — that includes using and contributing to open source software, as well as launching projects in the community...."

"Our job is to help make it easier for employees to use and contribute to open source," Peters explained. "We work with all the groups to help set policy, empower employees with knowledge and tools, and consult different groups across Microsoft and others in the industry on their open source strategy."

Yeah, sure

[Anonymous Coward]

"It is difficult to get a man to understand something, when his salary depends on his not understanding it."

So, the salary of literally everyone on this "group" depends on everyone else not understanding open source software licenses, so their real goal is going to be to be making open source appear to be complicated to use as possible.

And the first lie is that it's not really that complicated to use open source software, not for any company that has used _any_ type of software whatsoever. i.e. the complex

Hey! we know how to get down with the kids

[nothinginparticular]

Arty pictures of young people in trendy clothes. Continual association between "Microsoft and "Open source" throughout the article. "Doled out" money for github? As if they bought if for some altruistic cause. Who are they trying to fool?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[AmiMoJo]

Because Microsoft has proven that it has moved on from that now. Their open source contributions have been good, they haven't been disruptive or tried to pull a bait-and-switch. They actually listen to the community, e.g. the recent reversal on some .NET features that people objected to being tied to Visual Studio.

They have earned a second chance.

ah yes, bury my opinion

[drinkypoo]

I see that Microsofties have modpoints again.

Microsoft is the same corporation it has always been. It doesn't give two fucks about you, or the law, or what's "right" or "proper" or anything else. All it care about is how it can produce revenue. Not being held accountable for abuse of their effective monopoly position under Bill Gates has emboldened them and now they believe they can get away with anything. And in exchange for running the most invasive spyware program ever conceived and for I promise you handing over that data to the federal government [wikipedia.org] they are probably correct.

Literally the only way we are going to get corporate malfeasance under control is if we start punishing it by employing the corporate death penalty when necessary, and also using antitrust law to break up corporations before termination of their charter in fact becomes necessary. But that never happened to Microsoft, which is why they are still shitlords.

Re:

[Petersko]

I think you were modded down because your post was a complete non sequitur. There's no "-1 Non Sequitur", so somebody used what was at hand.

Re:

[drinkypoo]

It only seems like a non sequitur if you know nothing about the history of Microsoft, in which case a) what the fuck are you doing on this site for nerds, and b) why the fuck do you think you have anything to add to a discussion about Microsoft when you don't even know the back story?

Re:

[Petersko]

Since your premise is false, your points A and B can be ignored.

Seriously, you don't understand why going from "embrace, extend and extinguish" to "the most offensive piece of spyware of all time" is a non sequitur?

Fine, then. Have fun.

Re:ah yes, bury my opinion

[drinkypoo]

Seriously, you don't understand why going from "embrace, extend and extinguish" to "the most offensive piece of spyware of all time" is a non sequitur?

I don't understand why you think that going from one example of extreme malfeasance to the next example of extreme malfeasance doesn't establish a pattern of extreme malfeasance.

Re:

[Petersko]

It's just another variant of "whataboutism". It's not good logic, whether employed by a politician or a nerd.

Re:

[drinkypoo]

It's just another variant of "whataboutism"

Before you use a word, you should figure out what it means.

Whataboutism is a tactic used for distraction from an issue by calling attention to another issue. It is NOT when you give an additional example of bad behavior to underscore the same issue.

HTH, HAND.

Re:

[Petersko]

You've accused me twice of not understanding something. I didn't choose that word idly.

Those are not the same issue. You have two statements involved. You countered the idea that "embrace, extend, and extinguish" has been largely left behind by Microsoft with the statement regarding spyware.

One claim does not affect the other no matter how tenuous a link you try to describe. They're unrelated. Calling both "malfeasance" doesn't change that.

Re:

[drinkypoo]

Those are not the same issue. You have two statements involved. You countered the idea that "embrace, extend, and extinguish" has been largely left behind by Microsoft with the statement regarding spyware.

I countered the idea that their bad behavior has been left behind with evidence that they are still engaging in bad behavior. If you trust that they have left EEE behind while they are operating a massive government surveillance program then you are a gullible toolbag. And frankly, there is zero evidence that they have given up EEE. Relatively recently for example they "end[ed] support for basic authentication access [wikipedia.org] to Exchange Online APIs for Office 365 customers", shutting down access through legacy prot

Re:

[AmiMoJo]

We were both modded "troll", so apparently both giving them a second chance and not giving them a second chance is equally offensive.

Windows is still crap, from what I can tell 11 has as much spyware as 10 does. But on the other hand Microsoft is one of the biggest providers of cloud Linux services and .NET Core is actually pretty good. Kinda like Java was supposed to be, but not shit.

Re:

[drinkypoo]

We were both modded "troll", so apparently both giving them a second chance and not giving them a second chance is equally offensive.

Yes, the troll mods have been flying fast and thick of late. Apparently nobody is bothering to metamod any more.

Windows is still crap, from what I can tell 11 has as much spyware as 10 does.

Right.

But on the other hand Microsoft is one of the biggest providers of cloud Linux services

Sure, but don't trust them, or any other cloud provider frankly, but especially Microsoft. If their OS is that level of spyware, what level of spying are they doing on their hosting?

and .NET Core is actually pretty good.

Meh. C# can FOAD for all I care.

Re:

[AmiMoJo]

If you never get mod points then metamoderating is also pointless, your votes don't count. Taco explained it a while back on Twitter, there is some mechanism in the /. code which decides you are a mad moderator and gives you a permanent ban. He said it was based on the system posting dummy comments for moderation and seeing if you mod them the wrong way. I don't recall what comment I got but I have been banned for years.

Otherwise I'd put the effort in.

Trusting any cloud provider fully is probably a bad idea

Re:

[drinkypoo]

I used to occasionally get mod points but marked myself as unwilling to moderate in protest over the whole idea that you can't comment and moderate in the same story. The same people best qualified to moderate are the people best qualified to comment! That part of the system is frankly broken by design, and it doesn't make any kind of sense even in the modern social media paradigm of maximization of engagement at all costs... let alone the news for nerds concept.

Re:

[syn3rg]

But on the other hand Microsoft is one of the biggest providers of cloud Linux services

Sure, but don't trust them, or any other cloud provider frankly, but especially Microsoft. If their OS is that level of spyware, what level of spying are they doing on their hosting?

That we know of? Installing OMI on Linux guests in Azure without notification [microsoft.com].

(although I'm sure there was a notice on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard').

Re:

[account_deleted]

Comment removed based on user account deletion

Re: Hey! we know how to get down with the kids

[rnmartinez]

Yup. But It will take awhile for me to forget

20 years ago?

[coofercat]

This while piece smells like it's 20 years old. I mean, sheesh, most shops started dealing with open source, compliance and license issues about that long ago. Microsoft are trying to make it sound like they're doing something new. Maybe this is what "innovation" looks like inside MS these days?

The thing that this crystalises is that MS is having to allow developers to use open source tools in order to retain them. No longer is is sufficient to develop tools themselves and then have developers use them knowing that's a transferable skill when you want to leave. Instead, the opposite is becoming true - if you know how to use some open source tools, then MS are more likely to hire you than if you don't. As much as it's obvious for just about everyone else, it must be quite a cultural "climb down" for MS, as their iron grip on the industry starts to rust.

Re:

[flyingfsck]

Mick Jagger made a song about it with Marianne Faithful - "As Tears Go by": "Doing things we used to do, they think are new."

Re:

[tlhIngan]

This while piece smells like it's 20 years old. I mean, sheesh, most shops started dealing with open source, compliance and license issues about that long ago. Microsoft are trying to make it sound like they're doing something new. Maybe this is what "innovation" looks like inside MS these days?

The thing that this crystalises is that MS is having to allow developers to use open source tools in order to retain them. No longer is is sufficient to develop tools themselves and then have developers use them know

Wrong

[dujardin]

"Office" is not an open source program

Re:

[zoobab]

"Windows" is not an open source program.

I don't get it

[drinkypoo]

the growing threat of software supply chain attacks and other security issues, not to mention all the license and compliance complexities, puts considerable pressure on developers and engineers when all they really want to be doing is building products. And that, ultimately, is what the OSPO is all about.

Who the fuck out there is trusting Microsoft to explain FOSS licensing to them after all the time they spent attacking FOSS? That's like trusting the US Government to give you guidance on how to avoid a coup.

Re: I don't get it

[rnmartinez]

Yeah and especially after they vaguely put a threat of patent infringement out there (with 0 proof or specifics) and used it to strong arm revenue from people who didnâ(TM)t want any of their crappy products.

Re:

[JThundley]

The last time I heard Microsoft explaining Free software, they were saying it's a cancer.

Because this is so confusing

[rnmartinez]

Begin license text. Copyright Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permissio

Re:

[flyingfsck]

There are many different licenses in a typical FOSS distribution - more than 20.

Re:

[rnmartinez]

Yes of course. But for the most part they are nowhere near as scary or unclear as a typical Microsoft, Apple or Google EULA

Re:

[walbourn]

The MIT license is in fact the default and preferred open source license at Microsoft. Most GitHub Microsoft org projects are using MIT, some use Apache 2.0 due to earlier license policies. The complications are that MIT is not always compatible with other license agreements, which is what the Open Source Program Office is there to help with. For example, the Visual C++ Standard Library uses Apache 2.0 with an LLVM exception. The DirectX Shader Compiler uses LLVM technology so it has to use an LLVM Releas

Re:

[rnmartinez]

interesting - thanks for clarifying.

Embrace,...

[ocean_soul]

"We want to reduce friction and make it easier for employees to use open source — that includes using and contributing to open source software, as well as launching projects in the community..."

That should be considered *extremely* worrying to any open source project Microsoft sets its eyes on. If Microsoft actively involves itself with an open source project, that project should be considered compromised. The only way open source software will be able to survive is by immediately making a Micrsoft fr

Re:

[drinkypoo]

The only way open source software will be able to survive is by immediately making a Micrsoft free fork of any infected project

Nah, that's what licenses are for. Notably GPLv3 is fairly resistant to fuckery because it doesn't allow amendment, and requires patent licensing [fsfe.org]. Some other licenses are less resistant to tampering by Microsoft or other malicious actors, though.

Re:

[flyingfsck]

By your yardstick, Linux and BSD are all compromised by MS, so good luck finding something to run.

Token woman leading Token office

[bettersheep]

How appropriate