Jim Allchin, Microsoft's senior vice president for Windows, warned in testimony Tuesday that too much disclosure of technical information in the wrong areas would benefit hackers and create more opportunity for virus attacks.
"The more creators of viruses know about how antivirus mechanisms in Windows operating systems work, the easier it will be to create viruses or disable or destroy those mechanisms," Allchin testified.
Allchin, one of Microsoft's highest-ranking managers, took the witness stand Tuesday in the eighth week of testimony in a federal antitrust hearing. He is one of the few Microsoft witnesses appearing at this proceeding who also testified in the main, or liability, phase of the trial, which concluded in September 1999.
Like other witnesses, Allchin submitted written testimony to the court before an attorney for the states began the cross-examination process. Written testimony carries the same weight as that given in court.
Allchin is one of the last witnesses that the software giant plans to call before concluding its portion of the proceeding, which could determine a remedy for the company's antitrust violations. Last week, the software giant twice shortened its witness list, firsteight people and then CEO Steve Ballmer. Chairman Bill Gates two weeks ago.
Microsoft shortened its witness list in part tothe amount of new evidence that attorneys for the states could introduce in court, say legal experts, including documents that supposedly show that the company is using a separate settlement to its grip on PC makers.
Among other things, the states' remedy would compel Microsoft to give away for free the source code--that is, the software blueprint--to Internet Explorer and to sell a version of Windows without so-called middleware, such as Web browsing and media playback software.
Allchin focused the bulk of his testimony on the issue of technical disclosure, such as application programming interfaces (APIs), which are essential to making sure third-party software works well with Windows. Both the Justice Department settlement and the states' proposed remedy require expanded API disclosure, but the states want significantly more.
Allchin responded in part to theof Andrew Appel, a computer science professor at Princeton University, who contends that Microsoft could hide behind security concerns to limit API disclosure. Other critics of the Justice Department settlement, which Microsoft submitted as its remedy proposal for this proceeding, have the issue of disclosure of technical information.
In his written testimony, Appel called the settlement's security provision "an unjustified security exemption" that would "significantly restrict" Microsoft's technical disclosure.
Allchin testified that ill-thought-out disclosure would greatly compromise Windows security at a time when the company has made aof securing its software. He rebuffed what he termed the "security carve-out" as inconsequential to technical disclosure but important to large segments of Microsoft's customer base.
"Preventing this functionality from being compromised is in our customers' interests," he said.
The piracy threat
Too much disclosure also would lead to more digital piracy, Allchin testified. He noted that , a feature introduced with Windows XP, essentially locks the software to a specific hardware configuration. Another area of concern: rampant theft of digital content.
Gartner analyst John Pescatore says open documentation and public review of program interfaces between operating systems and applications will lead to stronger security mechanisms.
Allchin warned that if Microsoft were compelled to disclose all the APIs and technical information the states are asking for, the mechanisms for managing digital rights, used to protect content, would be compromised.
Besides addressing Appel's testimony on security and technical disclosure, Allchin attempted to counter theof Sun Microsystems executive Jonathan Schwartz. In written testimony and during cross-examination, Schwartz charged that Microsoft is using Windows XP as a catapult into , noting, for example, that some XP features require people to sign up for Passport, Microsoft's authentication service and a of its .Net sofware-as-a-service strategy.
Allchin mainly directed his criticism at Schwartz's definition of Web services. But he also dealt with the larger issue of whether Microsoft is trying to lock consumers and businesses into the company's Web services and software.
"We are not trying to force anyone to use Microsoft products," he testified. "We are instead seeking to make our products more attractive through innovation and by increasing their ability to interoperate with a broad range of existing software code," he testified.