Articles Weblogs Books School Short Cuts Podcasts  

Open Standards/Closed Mind

by Kurt Cagle

Microsoft has made a number of fairly questionable decisions about HailStorm that will come back to haunt them:

1. Microsoft has never had much success with creating a paid service. MSN limped along for years as a paid service before it ended up placing much of the content outside of the gate, and the number of active paid participants within MSN is still far smaller than the amount that MS claims, since it no doubt use the metric of the free service as its baseline.

If I, as a user, am charged $19.95 a month for the privilege of not having to type information in Web forms (something I do primarily to download free software, not to shop) then I'm paying far too much -- especially if only one form in five happens to reside within a Passport boundary. There will be all too few people who do decide it's worth their time or money.

2. With Windows, if you wanted to write applications, you had no choice but to write to the Windows APIs. Vendors that produced third-party products had to cooperate with Microsoft to stay on top of the latest changes in the OS or risk having products that would die on the next upgrade. Indeed, one of the ways that Microsoft leveraged its OS was to keep critical APIs evolving internally until fairly late in the cycle, giving its developers an automatic window of opportunity of several months to develop into a new niche before a competitor could.

The Internet, on the other hand, has a strong set of standards bodies that do not automatically bow before Microsoft and that have been working to keep the critical components of the Web as simple as possible. Given that these bodies are made up in great part from Microsoft's competitors, it is unlikely that they will cede the power to API, especially as Microsoft has a reputation for playing poorly in shared API arenas.

Related Articles:

Passport Is Evil

Who Is Microsoft Trying to Control?

HailStorm: Open Web Services Controlled by Microsoft

Brewing a HailStorm

3. HailStorm is partially designed to place Microsoft between the consumers and the banks and credit card services that authorize payment (and consequently perform a certain level of user authorization as well). The last time that Microsoft tried to do that -- with its Microsoft Money fiasco that tried to do an end run around the banking and credit industries -- the industry as a whole closed ranks and adopted Quicken instead. MS Money is now something of a joke without a punchline. I do not anticipate that things will turn out any differently, due to the tightening economy and given that most such institutions have or are developing their own online services.

4. The highly centrallized nature of the Web-services approach makes HailStorm incredibly susceptible to denial-of-service attacks. If people cannot purchase something for several days because Microsoft's services are DOSed, then you'll see people (and vendors) leaving the program with all due haste. Moreover, all it takes is one disgruntled programmer working for a HailStorm third-party provider to leak any relevant access codes to the Web, compromising the entire system. Given the fomenting animosity within the developer community for Microsoft's less than savory business practices, such attacks are inevitable.

5. Back in the mid-1990s, when Internet hype was first starting to really move into overdrive, an idea that was in vogue for about six months was the Internet Mall, where several businesses would band together to form a virtual shopping portal. They all failed . They failed because there was a confusion between physical and virtual proximity, there was no company that wanted to cede too many "trade secrets" to other companies and these were closed systems in what was (and hopefully will remain) a fundamentally open one -- the non-proprietary world was only a single click away, and that made whatever attempt at cohesiveness irrelevant.

In many respects, HailStorm is the Internet Mall of the '00s, but it rests on even shakier ground. The first is the question of the copyrightability of schemas, something that has not yet been tested in court. Given recent decisions concerning the principle of patent extensibility (generally favoring derivative works), the ability to enforce such copyrights remains suspect. HailStorm would also have to attract enough vendor participants, who would have to essentially give up on their efforts to create sustainable in-house offerings. Most of these companies are now in positions where they have invested a significant amount of their IT budget for tech modernization and will be cool at best to the notion of buying into yet another Microsoft initiative.

6. Finally, HailStorm is emblematic of both Microsoft's vision and its myopia. It is an audacious and ambitious project that will, if it works, be a technological marvel. It is also a mediocre solution to something that's a small problem in most people's lives - bad Internet shopping - compared to the more serious issues of privacy, an uncertain economic, an increasing sense of frustration with corporate greed and a waning interest in the use of the Internet across most sectors. Web services have their place (they are in fact ideal for intra-application enterprise development), but their use in consumer-to-business applications is dubious at best.