This one was a big issue in the first government investigation back in the early 1990's; it was originally discovered by Geoff Chappell and covered in some depth in Andrew Schulman's book Undocumented DOS.

I'm not going to post a ton of code like I did for the INT 25h example on the previous thread; see Andrew's book for the details. Briefly, the AARD code (probably named for programmer Aaron Reynolds, one of the key architects behind Windows) checked for certain very esoteric (and totally undocumented) behaviors on the part of the underlying DOS.

If DOS didn't behave as expected, the AARD code would assume that it was running on a clone (read: "DR-DOS") and display the following message:

Non-Fatal error detected: error #2726
Please contact Windows 3.1 beta support
Press ENTER to exit or C to continue

---

Note that the default behavior ("press ENTER") was to terminate and bail out of Windows' boot-up.

The code actually only worked during the Windows 3.1 Beta; the code was left in for the 3.1 release, but the error display (and termination option) were patched out. The code can also be found in some of Microsoft's older C compiler products and a few other programs.

The AARD code itself, to quote Schulman, looked like "something out of a teenage virus writer's nightmare." It was XOR-encrypted and contained debug traps that revectored INTs 1 and 3 to discourage anyone from tracing through it. It was obvious that Microsoft flatly did NOT want anyone examining that code.

---

Well (as those of us who have examined viruses well know) these things are relatively easy to defeat; it was only natural that this would be figured out in short order. It caused quite a stir and, like I said, became a big issue in the lawsuit brought by the owners of DR-DOS.

There were a couple of issues here. First, there was the fact (and long-standing complaint!) that Microsoft doesn't document the internals of its operating systems. Someone building a clone (such as FreeDOS or DR-DOS) has a very difficult time emulating DOS's behavior because of this. This automatically discourages competition.

By contrast, compare, say, the auto industry. Ford certainly has the right to build its cars any way it chooses, but it documents how those cars are built pretty thoroughly. Sure, you must pay for this information, but if I wanted to, I could build and sell you an after-market engine for your Ford car, using that info.

What's funny is that this is expected of every industry ... except for software.

---

The software industry has evolved several unique protections that apparently don't apply to everyone else. The biggest is that they're the only industry that enjoys virtual blanket protection from lawsuits because of a bad product ("bugs" in their case).

Imagine a car warranty that said, "if we happened to build this thing incorrectly, too bad. The minute you open the door, you agree to this, too." That's just how software is marketed. When you open the shrink-wrap, you're on your own.

They have been assisted in this by the fact that (I'm sounding like a broken record now) these are such technical, arcane matters that the layman can't even begin to follow it. To the average computer use, the PC is a Box Filled With Magic. He/she has no idea what goes on inside.

---

The second (and bigger) issue, though, was that Microsoft's applications software not only knew (and continues to know!) about these undocumented functions, but used (and continues to use!) them heavily.

Windows was merely the biggest example and this was considered direct proof that Windows knew about these undocumented DOS functions and gained a direct competitive advantage as a result.

Remember, at the time (early 90's), DR-DOS was a serious competitor to MS-DOS. Windows was becoming ascendant, but there was still a choice as to which operating system you used underneath it.

Did it affect sales? Of course it did. When I bought a 486 back in the mid 90's, I deliberately stayed away from DR-DOS just because I'd heard of incompatibilities. So did a lot of people.

---

For those who care: the functions in question relate to certain critical DOS data structures, such as the layout of the system file tables, the NLS (national language support) and the ever-redoubtable DOS Swappable Data Area (SDA).

The best example is network software: if you're writing a network client/server rig, you need to understand these things. A typical network redirector, for example, must sometimes swap out the DOS structures (hence the name), make certain DOS calls, then swap these structures back into place.

Microsoft doesn't document these things ... or do they? Actually, you can buy the source code from them (at a very high price), provided you sign an agreement that you won't use it to compete with them directly!

(Again, back to Ford: suppose they sell the service manuals, but make you sign a form agreeing not to build that aftermarket engine from the info.)

Read Undocumented DOS for this and other examples. Like I said, this was an issue in the DR-DOS lawsuit many years ago (which lawsuit, by the way, is still being pursued by Caldera, if I understand correctly).

And again: this is just my opinion and I reserve the right to extend and clarify. :)

-- Anonymous, June 30, 2001

Answers

The software industry, led by Microsoft, is also unique in one other respect.

When you or I write a book, or a song, or draw a picture and wish to register a copyright for it, it's generally understood that a copy of the thing goes on file. (Historically, these have been placed at the Library of Congress.)

Whether it's a classic James Joyce novel or the Beatle's All You Need Is Love, there's a copy available. You can see what has been copyrighted. And in fact, if there's a lawsuit because the copyright owner claims that I've "borrowed" from his/her work, that registered copy will be presented in court as evidence.

Software is different. Microsoft is so paranoid about anyone seeing (and possibly cloning) the internal details of its operating systems that it lobbied for, and successfully obtained, an insane exception: they can register the copyright with a redacted copy of the work.

In plain English, a software author can blank out large portions of the work so that it's not in the public domain. I'm not aware of a court case where this has been tested, but I guess the idea would be that the copyright owner would agree to provide a complete copy in that event, placed under Court seal (and thus, still not available for public distribution).

Do you see the inherent problem here? The copyright owner could claim anything they wanted to! "Yeah, that 'MakeMicrofarbWeeble()' function is part of the copyrighted code. We blanked it out when we registered it, but here's a true copy (and you'd better appreciate the fact that we worked frantically all night to wedge it in there!)."

This all ties in with the AARD code -- and more importantly, the reason behind it.

The truth of the matter is the Microsoft's entire empire has been built on a house of cards. What they do is not unique; any talented group of software author could do the same thing. Read a good account of how they rushed to complete the (minor changes to Tim Paterson's) original MS-DOS/PC-DOS that would be distributed with the IBM PC to get an idea.

---

The AARD code represents the fact that Microsoft has always rushed things to market, often before they're really ready for release. The original Windows 3.xx distributions, for example, were hydras, "things on things" that required the underlying DOS to do the grunt work while the Windows shell provided the cute user interface.

Microsoft needed to ensure that a True Blue copy of MSDOS was under Windows because Windows hooks DOS (and vice versa). The two meld together and become a single, if unweildy, package. DR-DOS prevented this close marriage, which is just one of many reasons (ignoring market considerations, which are always number one in Redmon[g]) why they were frantically looking for some way to slow it down.

Had then been forced to wait until the Windows 95-level release, in which most DOS functions had been supplanted by true 32-bit code in VxDs, Windows would have been many years later getting to market. By the time, Desqview, Linux and who knows what else might have established a decent share of that market.

---

The biggest problem in taking Microsoft to task over this sort of thing is that it's hard to point to a single "smoking gun" (which -- broken record time again! -- the public could understand) and say, "looka here, looka here! PROOF!"

And given the way the software is copyrighted in this country, finding that just-used firearm is next to impossible!

-- Anonymous, July 03, 2001