Mystery surrounds Microsoft's virtualization flip-flop

Plans to ease licensing restrictions would have won company plenty of fans, so why did it reverse course at the last minute?

For months, the industry has been calling on Microsoft to ease restrictions forcing customers to use only the priciest versions of Windows Vista for desktop virtualization.

It was not surprising, then, when Microsoft started telling reporters and analysts that it was going to change the policy and allow lower-priced home versions to also be used. What was surprising to journalists, bloggers and analysts alike was a terse statement e-mailed Tuesday night from Microsoft stating that the company was reversing its plans and sticking with the old restrictions.

"Microsoft has reassessed the Windows virtualization policy and decided that we will maintain the original policy announced last fall," the company said in its e-mail. A company representative declined to comment further or say what prompted the move.

Once the domain of true geeks, virtualization is creeping into the mainstream. The technology, which allows multiple operating systems to run simultaneously on one computer, has become particularly important for Mac users who want to run Windows programs side-by-side with the Mac OS.

All along, Microsoft has been saying there are security risks associated with the latest generation of virtualization technology. Indeed, a researcher showed a program at last year's Black Hat security conference that showed how virtualization could allow malicious code to operate invisibly, similar to a rootkit. And, in discussing its plans to ease the restrictions, Microsoft said it still had security concerns, but had concluded it was better to let users decide whether to take on those risks.

But analysts have questioned the tie between the security issue and the licensing restriction. The security risks apply to all versions of Vista. Similar risks might even be present if someone were running another operating system in a virtual machine, whether that is Linux or Windows XP, properly licensed in all its major versions to run inside a virtual machine.

Paul DeGroot, an analyst with Directions on Microsoft, said the licensing agreement, which few people read, is the wrong place to set security policy. "If you want to make your product more secure, then make your product more secure," he said.

"We haven't received any more information either. It's a little odd."

--Parallels spokesman Benjamin Rudolph

As it stands now, only the full versions of Vista Business and Vista Ultimate are properly licensed to run as a "guest OS"; that is, inside a virtual machine. Vista Business sells for $299, while a full copy of Ultimate fetches $399.

DeGroot said he had welcomed Microsoft's plans to allow the Home Premium and Home Basic versions to act as guest operating systems. "I thought they were good changes," he said, adding that Microsoft's licensing terms seem arbitrary to him.

They have also been irksome to many others, including companies like VMware and Parallels, which sell virtualization software. When Vista debuted in January, Parallels posted a blog highlighting the licensing restrictions and what they meant for its customers. In February, VMware issued a white paper highly critical of Microsoft's policies.

Given all the feedback Microsoft had been getting, and apparently was keen to accommodate, it's not clear what prompted the last minute flip-flop.

"It just sounds like somebody put the brakes on hearing about this, (someone) who had not been part of the initial decision," DeGroot said. This is pretty curious, though, since changes to the Windows licensing agreement are not made lightly and typically get thorough scrutiny, including a review for antitrust issues by Microsoft's legal team.

Even Microsoft's partners have gotten little explanation. As part of its planned announcement, Microsoft had talked with Parallels, securing a quote from one of its executives praising the deal. Like the rest of the industry, Parallels was left scratching its head over the about-face.

"We haven't received any more information either," said Parallels director of corporate communications Benjamin Rudolph. "It's a little odd."

VMware founder and chief scientist Mendel Rosenblum said he doesn't comprehend Microsoft's security arguments.

"I have been perplexed by this supposed security risk," he said in an interview Wednesday. While he said the idea of malware being able to evade detection "sounds really scary," there are ways to detect whether such code is running. "As a rootkit, it's a bust," he said.

"I understand Microsoft has a right to put anything they want in the licensing agreement," Rosenblum said. "When they try and justify it with something in the technology, it doesn't make any sense to me."

It's not the first time Microsoft has changed its mind. Microsoft has already made one change to the Vista licensing terms in response to concern from enthusiasts. When it first announced its policies, Microsoft was planning to limit the number of times a boxed copy of Vista could be moved from one machine to another. The company quickly backtracked, saying as long as it was never used on more than one machine at a time, users could transfer boxed copies of Vista as often as they wanted.

Usually, though, when Microsoft changes its mind, it is to respond to customer feedback. In this case, Microsoft said it wanted to give users the choice, only to then reverse course. Analysts speculated that business concerns, in addition to security worries, were behind Microsoft's initial decision, as well as its last minute change of heart.

Indeed, virtualization poses an interesting set of business issues for Microsoft, particularly in that it involves Microsoft's crown jewel--its Windows desktop franchise.

On the one hand, Microsoft stands to gain some additional revenue, either from Mac users who historically weren't paying for Windows at all, or from Windows users who want to run more than one copy of the operating system at a time.

"Virtualization has the opportunity to dramatically increase Microsoft's revenue on the desktop," DeGroot said. "Regardless of what (version of the) OS people put on, it is additional sales of Microsoft's most profitable product."

But Microsoft also may see hidden dangers to its business model from virtualization, which allows one computer to act as many. "I think what we are seeing is a company having a great deal of difficulty deciding what they are going to do with virtualization on the desktop," DeGroot said, adding that while other software makers are also facing this challenge, it is of paramount importance to Microsoft. "It's where they make all their profits."

Featured Video

Common battery myths that need to die

Sharon Profis busts a few overplayed battery myths on "You're Doing it All Wrong."

by Sharon Profis