Since its inception, Microsoft has made a practice of folding innovation by others into its proprietary products. Windows 7 is no exception. Beginning with version 1.0, Windows has accreted features that often eclipsed third-party products, sometimes killing them in the process.
This isn't to say that Microsoft doesn't innovate on its own -- clearly it does. The question is: Why does Microsoft so frequently, and completely, vanquish third-party software by merging their capabilities into its OS? Is it for competitive advantage? Perhaps, as bundled features ultimately cost users less, although at the expense of future innovation through competition.
Or could it be part of Microsoft's ongoing efforts to lock in its customer base? Frequently Microsoft's versions of third-party capabilities add proprietary code and protocols that limit their use to Windows, and Windows only.
Studying some of the history of Windows as it progressed to today's Windows 7 sheds light on Microsoft's motivations and the ultimate effect of its feature-grabbing to limit user software options.
Windows 7 starts out on the wrong foot
Although it's too early to fully measure the impact Windows 7 will have on the third-party market, it's already off to a bad start with its heavy-handed dismissal of third-party video codecs. Third-party codecs cooperate with video compression standards that Microsoft's own video applications, such as Media Player, were heretofore loathe to support.
But Windows 7 adds some new codecs to Microsoft's quiver, and where these collide with third-party products, you won't be surprised who comes out on top.
Windows 7 pre-empts third-party codecs in Microsoft's own applications, such as Media Player, by using its own embedded codecs whenever possible. This is a major change from XP and Vista operation, where users could override Microsoft codecs globally. Although users can circumvent Windows 7 codec usurpation with some effort, the process is not intuitive and decidedly less convenient than the old behaviour.
Early Windows dismisses, then plays catch-up with Apple
The Windows 7 codec "roadkill" move is just the latest example of the company's behaviour -- habits that started with the very first version of Windows.
Apple introduced the first windows-based GUI in 1983 with its Lisa system. Microsoft at first derided the GUI concept, using the acronym WIMP (for "windows, icon, menus, and pointing device") to describe the Lisa interface. Nevertheless, Microsoft proceeded with its own versions of a windowed OS, initially writing OS/2 for IBM, then releasing its first edition of Windows in 1985, a year after Apple's Macintosh.
Windows 1.0 was famously dinged for copying the Macintosh. Although Apple's Steve Jobs accused Microsoft's Bill Gates of directly stealing features from the Mac's user interface, Gates claimed the similarity was because both systems copied the Xerox PARC Alto. Partly as a result of this controversy, Windows languished for many years, considered by most to be much less usable than the Mac.
Microsoft's first truly competitive version of Windows, version 3.1, didn't arrive until 1990, at which point Redmond had a lot of catching up to do. Through its next few iterations of Windows, Microsoft would often find itself adding features in response to Apple innovations, developing few revolutionary ideas on its own. Apple was first to deliver networking as part of the OS, the first to support desktop publishing with high-quality laser printing, and the first to support 32-bit addressing.
Microsoft was thus not well prepared for the game-changing Internet in the early 1990s.
Windows 95 kills Netscape with bundled IE
As with GUIs, Microsoft at first eschewed the Internet, claiming it was just a fad and that Microsoft's own proprietary Microsoft Network was what people really needed.
Tim Berners-Lee's invention of the web browser, coupled with Mark Andreessen's delivery of the free, commercial-quality Netscape browser in 1994, changed all that. Users flocked to the Internet, immediately grasping the concept of the Web and revelling in the easy-to-use Internet viewport provided by Netscape.
Despite Netscape's popularity, Microsoft continued to ignore the web when it released Windows 95 in late 1995. Although Windows 95 did support TCP/IP, the default installation did not include it, so Windows users were locked out of the Internet unless they took pains to install the optional TCP/IP component.
In 1996, Microsoft suddenly seemed to notice that 75 percent of the now burgeoning Internet user base ran Netscape on their systems. Abandoning its proprietary Microsoft Network concept, Microsoft bought browser developer Spyglass and hurriedly released a Windows 95 update featuring the newly minted Internet Explorer browser as a built-in component.
As with the first editions of Windows versus Macintosh, early IE versions were no match against Netscape, but by IE 3.0, Microsoft had gained feature parity with Netscape. By late 1998, Windows' embedded IE effectively killed off Netscape, which was acquired by AOL and eventually faded away to software oblivion.
Ultimately the US Justice Department, along with the attorneys general of several states, filed antitrust lawsuits against Microsoft, centered largely on the Windows-embedded IE browser and Microsoft's requirement that PC makers bundle a copy of Windows with every computer sold.
In the end, Microsoft dodged the DOJ bullet, but was forced to significantly change the way it bundles software with the OS. Alas, those changes did not seem to temper Microsoft's willingness to squash third-party products.
Microsoft mimics WebBase features in ASP
With Microsoft at last fully engaged with the Internet, Windows began sprouting web-oriented features left and right, many of them competing directly with existing third-party applications. Microsoft produced its own free mail client, Outlook Express, that severely damped the market for third-party clients.
And Microsoft bundled a free HTML authoring tool, FrontPage, with its Windows NT 4.0 Server release. The popularity of the web rapidly led to users wanting their business -- particularly e-commerce -- applications accessible over the Internet, which threatened to eclipse Microsoft's proprietary desktop application ecosystem centred on its Windows Server OS.
The holy grail of web application development at the time was entry to Microsoft's powerful Access and SQL Server databases. SQL Server was the hub of Windows' desktop application environment, which depended on Microsoft's bundled Visual Basic programming language. Visual Basic applications were widely deployed at the time in enterprise-class organisations to replace mainframe applications.
Web developers hosting their applications on Windows servers had extremely limited database access. In late 1995, third-party software developer ExperTelligence began selling its WebBase package, containing a built-in web server and programming language, which let HTML coders directly access SQL Server, among other databases, and a powerful scripting environment based on the dynamically typed SmallTalk language (another Xerox invention).
Essentially a web application server and programming environment rolled into a single application, WebBase let users rapidly build applications with full-featured access to Microsoft databases.
WebBase used browser cookies to keep track of multiple user sessions, solving one of the most difficult problems of e-commerce applications like Web storefronts, which need to process multiple orders concurrently. A significant advantage of WebBase over Microsoft's own web application hosting options was its ability to run on both desktop and server editions of Windows. The cost of WebBase could be often be directly justified by eliminating the expense of a Windows Server license.
The first web server programs for Windows were third-party applications like WebBase. In 1996, Microsoft added its own free Internet Information Server (IIS) Web server as an option pack for Windows NT Server. At the same time, Microsoft began developing application delivery tools competing with third-party products.
According to Expertelligence founder Denison Bollay, Microsoft visited Expertelligence in 1996 to discuss licensing WebBase technology, studying WebBase's language and integrated web server during the visit. Microsoft never followed up with an offer, but subsequently announced its Active Server Pages (ASP) scripting environment as part of IIS 3.0.
According to Bollay, ASP was remarkably similar to WebBase, with cookie-based session management, scripting embedded within HTML, and dynamic variable typing. The main difference was that ASP ran only on Windows Server ASP, which being bundled with the Windows Server OS, quickly dominated server-side Web application scripting; eventually WebBase joined the ranks of Windows roadkill.
ActiveX controls control users as well as applications
While ASP took over server-side scripting, web developers had been, since 1995, building client-server applications using Sun's powerful and free Java language, in the form of Java applets that ran right in a browser window.
Java applets gave users the look and feel of traditional Windows client applications, with the advantage of cross-server and cross-client portability. Java applets were locked out of most direct OS access by a runtime container called the Java sandbox, to help mitigate potential Java-based security threats.
IE initially supported Java, and users had no problems accessing Java-enabled sites, or using Java-based utilities, from their desktop computers.
But shortly after releasing ASP in late 1996, Microsoft bundled some back-shelf technology -- Object Linking and Embedding -- and renamed it ActiveX. ActiveX gave users a useful, but proprietary, alternative to Sun's open and portable Java applets. Programs written in ActiveX, called ActiveX controls, were automatically downloaded and installed on the user's computer by the IE 3.0 browser.
Owing to the proprietary nature of Microsoft's ActiveX runtime support, no other browser could execute ActiveX controls. But ActiveX controls provided more access to internal Windows functionality -- something Java blocked with its sandbox security model. This flexibility made ActiveX easy for Microsoft-oriented application developers to use, leading to its rapid proliferation.
ActiveX's looser security stance made it a favourite vector for so-called drive-by viruses, which infected users simply visiting contaminated Web sites. Microsoft eventually beefed up ActiveX security as part of its User Account Protection (UAP) feature in Vista. But Microsoft also added a kill-bit feature to ActiveX that lets it unilaterally shut down any vendor's rogue ActiveX controls across the Internet. Microsoft promises it would never use its kill-bit power maliciously, but the kill-bit technology has opened at least one new vulnerability already exploited by hackers.
The availability of free ActiveX controls for Windows often supplanted more portable Java-based third-party applications, a problem that persists to this day. It's still possible to encounter Web sites that require ActiveX controls, locking out non-Windows users (and non-IE browsers on Windows as well), particularly for sites that have rich content, such as streaming video or audio. Eventually Microsoft booted Java out of the Windows installer, although users can still download Java runtime support directly from Sun (which is the process of being acquired by Oracle).
Microsoft's ActiveX and abandonment of Java undoubtedly limited Java's success as a client-side Web application enabler.
Microsoft dispatches AutoPatcher with a dispatch
At the dawn of the new millennium, Microsoft was not treating security as seriously as it does today. As a result, Windows desktop users suffered an embarrassing series of Internet-borne maladies, resulting in increasingly frequent security patches from Microsoft.
Microsoft only distributed patches through online downloads via IE, directly into each computer, often releasing patches on the second Tuesday of each month -- a day known both then and today as Patch Tuesday. Some Patch Tuesday patches were quite large, and the effect of dozens or hundreds of computers in a network all trying to download on the same day created administrative headaches.
In 2003, after a particularly vicious malware infection called the Blaster worm resulted in a litany of patches, system administrator Jason Kelley released a free batch script he called AutoPatcher. AutoPatcher bundled sets of Microsoft updates into an easily distributed file that could be installed on multiple computers without Internet access, circumventing Microsoft Update's download storm.
AutoPatcher gave system administrators a much faster update process, but also let administrators apply cumulative patches to new computers without exposing them to the network and possible malware infection. Over the next four years, AutoPatcher became a staple utility for network administrators.
Then, on 29 August, 2007, Microsoft sent AutoPatcher's authors a cease-and-desist notice demanding an immediate end to AutoPatcher distribution. Intimidated by Microsoft's threat of imminent legal action and lacking financial resources to fight back, the authors complied. AutoPatcher's website went dark in a single day.
Microsoft cited security risks of third-party patch distribution as the reason for its precipitous action, despite four years of AutoPatcher operation without a single security incident. An alternative explanation is that Microsoft had decided to limit patch distribution using its Windows Genuine Advantage license verification process, which AutoPatcher unwittingly circumvented.
Microsoft could have done things differently
It's not realistic to expect that any OS maker can avoid incorporating features that already exist in third-party applications, but the approach to doing so need not be as destructive as Microsoft's has sometimes been.
Apple's Mac OS X is a good example. Apple has occasionally stepped on a third-party software developer, but not with the frequency and voracity of Microsoft. Apple is not without its controlling ambitions -- as a hardware vendor, it tightly manages systems and peripherals.
But while Microsoft users are free to choose their hardware platform, Microsoft controls many of their other selections because Microsoft has already made those decisions for them. Thus, today individual and corporate users largely opt for IE to avoid Web site compatibility problems, commercial and corporate developers write applications using ASP.Net (the descendant of ASP), developers let Microsoft control their ActiveX controls, and IT admins patch their systems the Microsoft way or no way at all.
The next carcass in the road is anybody's guess, but there are plenty of at-risk products: antivirus tools, mobile backup, and web multimedia. But the next time Microsoft approaches a hit-and-run possibility, perhaps it will swerve to avoid another victim on the Windows expressway.