Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Microsoft Source Follow-Up

michael posted more than 10 years ago | from the no!-it-burns-my-eyes! dept.

Microsoft 1090

shystershep writes "It's official. Microsoft admits that 'portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet.' No more details, although it seems clear that it is only a portion of the code. Microsoft is, naturally, downplaying its impact, while everyone else is busy speculating about how serious this could get." A lot of you apparently haven't read yesterday's story. An investigation of the code is already underway.

cancel ×

1090 comments

Sorry! There are no comments related to the filter you selected.

Is that a joke? (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8270588)

Did Gay Michael make a joke?

A lot of people didn't read the other article on Slashdot? What the f?

Get a job Michael, you homo.

FP nigz.

woot first to post (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270590)

woot first to post

Re:woot first to post (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270741)

cat you >> /dev/fail/it

Winsock API Included. (5, Insightful)

Anonymous Coward | more than 10 years ago | (#8270591)

The Winsock API is included in the leaked source that's something fantastic hahaha.

Re:Winsock API Included. (0)

Anonymous Coward | more than 10 years ago | (#8270744)

what does this mean? is this 'y2k' big?!

source out on the open (2, Funny)

Jotaigna (749859) | more than 10 years ago | (#8270593)

maybe open source developers get a chance to fix some bugs it may have ;)

Re:source out on the open (3, Informative)

dtfinch (661405) | more than 10 years ago | (#8270672)

Groklaw has warned that anyone who gains access to the Windows source, whether or not they actually read it, may legally impair their ability to make contributions to open source resembling anything that exists in Windows.

heres a bug (-1, Flamebait)

RecipeTroll (572375) | more than 10 years ago | (#8270673)

10 print "fuck you hippie"
20 goto 10

Re:source out on the open (0)

lord_nightrose (652871) | more than 10 years ago | (#8270686)

I believe they've already done that. Perhaps you've heard about it already? It was released (with hundreds of imrpovements) under the name "Linux".

Re:source out on the open (0)

Anonymous Coward | more than 10 years ago | (#8270745)

Yeah, but the developers really screwed up the UI with that release.

What they said... (0)

lord_nightrose (652871) | more than 10 years ago | (#8270597)

The text of the statement:

Statement from Microsoft Regarding Illegal Posting of Windows Source Code

REDMOND, Wash., Feb. 12, 2004 -- On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. It's illegal for third parties to post Microsoft source code, and we take such activity very seriously.

We are currently investigating these postings and are working with the appropriate law-enforcement authorities.

At this point it does not appear that this is the result of any breach of Microsoft's corporate network or internal security.

At this time there is no known impact on customers. We will continue to monitor the situation.

Source of the leak (5, Informative)

cyt0plas (629631) | more than 10 years ago | (#8270598)

There are a number of empty .eml files in the archive. While their FTP server looks like (didn't check) it is running a vulnerable version of wu-ftpd , it seems more likely Nimda got to them first.

I wonder what the final MS press release will name as the cause. "Evil Linux Hackers", perhaps?

XBox rules!! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270599)

first post!!! you lame assholes... I can post first because my XBox is a american product and my pride in my great country and my great XBox accelerate everything...

If only they would make games for that bitch... IAve played Metroid Prime and it ruled... I hope M$ will buy those japanese bastards and port Metroid to my great american console system!!!

Join the fun!!! [slashdot.org]

Of course! (5, Interesting)

NeoThermic (732100) | more than 10 years ago | (#8270602)

>>Microsoft is, naturally, downplaying its impact

Of couse they are. They don't want to admit that its 203MB of files, they will just say its a small fragment.

Makes me wonder about all the weird e-mail files in the zip though...

NeoThermic

Re:Of course! (0)

Anonymous Coward | more than 10 years ago | (#8270677)

They don't want to admit that its 203MB of files, they will just say its a small fragment
I'd call one half of one percent a small fragment, wouldn't you?

Of course it's a small percentage... (5, Insightful)

SpaceBadger (556685) | more than 10 years ago | (#8270695)

...of the total that accepted wisdom says makes up the full source tree, but what percentage of the full source is for the thousands of drivers etc. that really aren't part of the OS proper.

I wouldn't be so sure that what has leaked is an insignificant portion just because of the number of lines of code.

Re:Of course! (2, Informative)

serfx (655219) | more than 10 years ago | (#8270724)

yes that torrent file was only 205 meg's
Yet if you read yahoo news, they acctually mention that the amount of souce code that was "released" was acctually closer to 650meg. you can read it here [yahoo.com] .
making todays statements mostly obsolete, or just re-hashes of older comments (wow its already a re-hash, noi pun intended)

Re:Of course! (1, Redundant)

Mr2cents (323101) | more than 10 years ago | (#8270738)

I wonder how many bugfixes MS will receive as a result of this..

first code fragment (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8270603)

first code, suckers

The watermarking was probably successful (0, Insightful)

Srividya (746733) | more than 10 years ago | (#8270604)

There is a utility "cb" for re-making C code which would have been good to use for Mainsoft if person there was trying to avoid identification!

Also probably cutting comments out.

So the question is (4, Interesting)

drinkypoo (153816) | more than 10 years ago | (#8270605)

Has anyone actually built this code? Will it actually be useful to anyone? I could see how having enough of the code available might allow someone to create a version of windows 2000 that would work with plex86, which would be exceptionally exciting. Just how much of the code is there anyway? It's reputedly a ~200MB archive which also contains assorted tools needed to compile from the source, so only so much of that can be code. 200MB of pure source code would seem like it was probably enough to assemble most or all of Windows from.

Re:So the question is (4, Informative)

MoonFog (586818) | more than 10 years ago | (#8270665)

Actually, it's supposedly only 15% of the source code. See here [bbc.co.uk] .

only ~30% of the Source leaked (1)

Puchku (615680) | more than 10 years ago | (#8270679)

Well, i read on El Reg .. http://www.theregister.co.uk/content/4/35547.html and Betanews... http://www.betanews.com/article.php3?sid=107663251 5 That it is only s30% of the source... But hey, that's one hell of a lot.. I Wonder.

Re:So the question is (1)

LighthouseJ (453757) | more than 10 years ago | (#8270696)

I think the files are called "ring 0" and therefore can't run by itself, you need much more of the code. You're not going to see any rogue Windows distributions, but some seedier programs might get a leg up on finding out some secrets in the source code. I won't be surprised if more powerful worms came out of this.

Re:So the question is (1)

minus_273 (174041) | more than 10 years ago | (#8270697)

RTFA the code was intended to make windows program compatible with unix flavors. It is not the windows source but the source for some code from win 200 sp1. The code is only 600mb (size of 1 cd) when uncompressed and apparently the entire windows source is 40GB.
So, no, the code will not build windows.

Re:So the question is (1)

ldm314 (105638) | more than 10 years ago | (#8270708)

If you had actually read the article you would have seen the line:
References to MainWin can also be found throughout the leaked source files, which do not compile into a usable form of Windows.
which clearly states that some had at least atempted to compile it.

Re:So the question is (4, Funny)

GoofyBoy (44399) | more than 10 years ago | (#8270710)

I can't wait for the Windows 2000 Phantom Edit version

Re:So the question is (0)

Anonymous Coward | more than 10 years ago | (#8270725)

There are the sources of wsock32.dll!!!!
The Winsock API :)

Microsoft ads (1)

onyxruby (118189) | more than 10 years ago | (#8270608)

So, does the leak coverage story mean no more Microsoft ads? Haven't seen one since the story broke and they've started to become a staple here.

post this (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270609)

wwwwweeeeee

Traces back to Mainsoft? (2, Redundant)

sp00 (639381) | more than 10 years ago | (#8270610)

EWeek [eweek.com] is reporting that Mainsoft [mainsoft.com] , a partner with Microsoft, is the source of the source code leak.

Re:Traces back to Mainsoft? (5, Interesting)

sp00 (639381) | more than 10 years ago | (#8270644)

Microsoft will probably use this to thier advantage: "The leaked code ... was apparently removed from a Linux computer "

Re:Traces back to Mainsoft? (5, Interesting)

cozziewozzie (344246) | more than 10 years ago | (#8270711)

The link seems to be slashdotted, but isn't that the company which ported IE to Unix and was rumoured to be doing something similar for MS Office?

Lesson for the kids out there (2, Interesting)

prostoalex (308614) | more than 10 years ago | (#8270615)

eWeek article mentions that leaked code was not traced to the Shared Source licensing program, because there were so many profanities in it.

I hope the guys who left the f-words in will get a promotion or something for aiding the investigation.

I wonder how MS stock will react (1)

TeamLive (699650) | more than 10 years ago | (#8270616)

It will be interesting to see how Microsoft stock will react. Also, I wonder how this will affect MS's security patching process.

Re:I wonder how MS stock will react (3, Funny)

sp00 (639381) | more than 10 years ago | (#8270693)

Steadily dropping [quicken.com] today...

One editing change needed in story (5, Funny)

burgburgburg (574866) | more than 10 years ago | (#8270617)

long-time Redmond partner Mainsoft.

formerly long-time Redmond partner Mainsoft.

Maybe this will force their hand... (0, Redundant)

curtoid (415759) | more than 10 years ago | (#8270620)

All the bugs will now be visible and accessible...
Maybe they will be forced to allow the "million eyeballs" to fix them.
Save Yourselves! GPL the code...

From Rich Bowen's blog... (5, Insightful)

tcopeland (32225) | more than 10 years ago | (#8270624)

...right here [drbacchus.com] :

Second, we're going to see lawsuits in the next 2 years where Microsoft identifies code in Linux, added after February 10, 2004, which are either copied from, or influenced by, the Windows source code. And, as absurd as this is, it will be used to have, as Microsoft would say, a chilling effect on innovation.

Hm. I bet Andrew Morton has better things to do then trawl through WinNT code. Staying away from it does seem safest, though...

Re:From Rich Bowen's blog... (4, Interesting)

guacamolefoo (577448) | more than 10 years ago | (#8270722)

...right here:

Second, we're going to see lawsuits in the next 2 years where Microsoft identifies code in Linux, added after February 10, 2004, which are either copied from, or influenced by, the Windows source code. And, as absurd as this is, it will be used to have, as Microsoft would say, a chilling effect on innovation.

Hm. I bet Andrew Morton has better things to do then trawl through WinNT code. Staying away from it does seem safest, though...


Part of future kernen maintenance should probably include comparisons against this code, just to be safe. The worst possible thing would be for some witless idiot to include any of it into any OSS project and have this miss final review.

IMHO, rather than chortling over this disclosure, I'd rather have the code be kept completely secret by MSFT. Unfortunately, information is hard to keep secret when so may people have it.

GF.

You Should Not Be Cheering (4, Insightful)

Pave Low (566880) | more than 10 years ago | (#8270625)

What occured here looks like corporate espionage and theft, plain and simple. Whoever leaked this should be caught, and sent to Federal pound-you-in-the-ass prison. I know everyone here loves to hate on M$ (hahah funny), but nobody deserves to have their hard earned work lifted without their permission.

Re:You Should Not Be Cheering (1)

Null_Void (149097) | more than 10 years ago | (#8270690)

I have to agree. As much as I prefer to use open source software, I have to say that I respect MicroSoft's desire to decide their own code policies.

Huh. This post really doesn't serve a purpose.

Re:You Should Not Be Cheering (0)

Anonymous Coward | more than 10 years ago | (#8270723)

Not only that, but this puts the OSS community at risk of being "tainted." Stay away.

I agree.. I hope the leaker ends up getting lubed and pounded.

Re:You Should Not Be Cheering (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#8270727)

I don't think microsoft worked really hard to develop their code.

from the eweek article (5, Funny)

squarefish (561836) | more than 10 years ago | (#8270627)

References to MainWin can also be found throughout the leaked source files, which do not compile into a usable form of Windows.

I don't think any code can claim this, no matter M$ says

Twofer (3, Funny)

Anonymous Coward | more than 10 years ago | (#8270628)

Now I can play Half-life 2 on Windows 2000 all while keeping it real.

BBC Q&A (4, Informative)

MoonFog (586818) | more than 10 years ago | (#8270629)

BBC also has a Q&A [bbc.co.uk] on the recent event, including thoughts on how this may impact Microsoft themselves.

Microsoft has said that this represents about 15% of the total source code for the operating system. It is not enough to recreate the operating system.

Re:BBC Q&A (5, Funny)

ZoneGray (168419) | more than 10 years ago | (#8270717)

Sure, it's only 15% of the code... but the only missing component is Internet Explorer.

Mwhahaha.. (-1, Troll)

ExTycho (218077) | more than 10 years ago | (#8270636)

Now there's finally evidence of sloppy coding (not that i can program.. suppose i'm being like the pot calling the kettle black...... meh.)

does DEBILIAN suck or what? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270639)

of course it sucks. what did you expect?

Can't wait to read.... (2, Insightful)

linuxrunner (225041) | more than 10 years ago | (#8270642)

The first reports on how buggy the code really is... This will either refute or prove what the OSS community has always thought.

That OS software is viewed by many, and therefore fixed by many.

If there are holes.... it's just going to be some sort of patch fest / orgy. Redhat, MDK, et al, should get positioned just in case.

Mainsoft is to blame... (5, Interesting)

JamesP (688957) | more than 10 years ago | (#8270643)

THe most astonishing phrase is this:
Analysis indicates files within the leaked archive are only a subset of the Windows source code, which was licensed to Mainsoft for use in the company's MainWin product. MainWin utilizes the source to create native Unix versions of Windows applications.

Mainsoft says it has incorporated millions of lines of untouched Windows code into MainWin.


WHAT?!?!!?!??

This can't be the first time (5, Interesting)

Schemat1c (464768) | more than 10 years ago | (#8270646)

The company I worked for 12 years ago was licensed to get part of the Windows 3.1 code in order to interface our product with theirs. There must be 1000's of companies that do this and have been doing this. I'm amazed it took this long for someone to finally steal it and post it.

While discussing with friends today... (1, Interesting)

Anonymous Coward | more than 10 years ago | (#8270649)

we were talking about how dangerous it would be for linux coders to look at it, after all the SCO mess. To which a friend replied it would be dangerous for anyone to look at it, considering how ugly it must be.

Anyone wanna bet microsoft programmers are hoping that their code doesn't show up with their name on it, for fear of public embarassment? Of course programming for microsoft is probably embarassing enough. No bob, I'm not working for microsoft, I'm doing gay porn!

apparently it was MSPaint (0, Funny)

Anonymous Coward | more than 10 years ago | (#8270650)

I read somewhere that the bulk of the code that has been analysed so far turned out to be MSPaint.

In other news Fark releases FarkPaint. Photoshop-larity ensues.

leaks leaks and more leaks (-1, Flamebait)

maxdamage (615250) | more than 10 years ago | (#8270651)

A very good reason to switch to linux is when micro$oft cant even provide for their own security...

XBox rules!! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270653)

first post!!! you lame assholes... I can post first because my XBox is a american product and my pride in my great country and my great XBox accelerate everything...

If only they would make games for that bitch... IAve played Metroid Prime and it ruled... I hope M$ will buy those japanese bastards and port Metroid to my great american console system!!!

Join the fun!!! [slashdot.org]

In a related story.... (1, Funny)

tackaberry (694121) | more than 10 years ago | (#8270655)

SCO after reviewing the leaked source code claims it contains SCO code and will move forward with IP claims against Microsoft.

This is serious (5, Funny)

Sparky77 (633674) | more than 10 years ago | (#8270656)

Now that the source code to Paint is out there, we can expect many derivative works to surface in the coming months. The impact on the graphics software market will be devestating.

If you've downloaded the source code (0)

Anonymous Coward | more than 10 years ago | (#8270657)

Get yourself an attorney, you've broken the law. Possible PATRIOT act violations at play and also financial compensation to MicroSoft may be required.

it escaped! (5, Funny)

Extrymas (588771) | more than 10 years ago | (#8270658)

"It is not clear at this point how the three and a half year-old source code escaped Mainsoft."

You know.. It's simple: code wants to be free

Admit the leak, admit the freak. (-1, Flamebait)

_Sambo (153114) | more than 10 years ago | (#8270661)

OPEN THE CRACKER BARRELL!

Microsoft admitted that they dropped the ball. Their code is now available to any Kazaa user.
The Russian boys will be able to pull off better attacks.
Virus writers will be able to be write stealthier code.
Chinese crackers will open the US Military network wide open. (This has happened before)

Oh, yeah, and most of the consumers in the world still use 98. Which is the real tradgedy of this sad story.

Its because they trusted Linux!!!!!! (5, Funny)

GoofyBoy (44399) | more than 10 years ago | (#8270663)

>The leaked code includes 30,915 files and was apparently removed from a Linux computer used by Mainsoft for development purposes.

I wonder what Linux security hole allowed that to happen.

LAUGH, ITS A JOKE.

Short selling.. (1)

freerecords (750663) | more than 10 years ago | (#8270664)

The Microsoft stock is dropping rapidly.. unfortunately for their investors - especially with the events of the past two weeks!

I got some rather interesting feedback yesterday when I asked if OS coders would use this to improve Wine and whether that would be legitimate. Of course I was flamed! But hey. Now answer this - why would looking at the code instantly taint you from joining any OS initiative. ie. If you had seen the code, what would stop you from coding part of a new groupware client, or what would stop you from coding an OS DVD Player.. I'm sure the effects aren't so far reaching?
Please don't be too harsh on me - I'm stupid!

Linux was involved according to an article (0)

Anonymous Coward | more than 10 years ago | (#8270667)

According to this article, Linux was involved:
http://www.betanews.com/article.php3?si d=107667411 8

Re:Linux was involved according to an article (0)

Anonymous Coward | more than 10 years ago | (#8270716)

Here is the right link: Windows Source Leak Traces Back to Mainsoft [betanews.com]

Which is it? (5, Insightful)

onyxruby (118189) | more than 10 years ago | (#8270668)

Is this damaging because 15% of the source to the NT / W2K tree was leaked and we're all suddenly vulnerable or is this no big deal since the code is three years old and it's only 15%? I haven't heard anyone talking about DRM, activation or serial code being in the leak, so I just don't see how this could affect MS other than to help interoperability of other software.

DirectLinux (1)

swordboy (472941) | more than 10 years ago | (#8270669)

I can't wait for DirectX on Linux. Or Linux on NTFS.

Re:DirectLinux (1)

mwilliamson (672411) | more than 10 years ago | (#8270740)

There already is full NTFS read/write support on Linux. http://www.jankratochvil.net/project/captive/ [jankratochvil.net] allows full and safe read/write of NTFS drives/partitions.

This isn't the first time their code was leaked... (2, Interesting)

cozziewozzie (344246) | more than 10 years ago | (#8270674)

And knowing how prompt Microsoft are at fixing known exploits, I really wonder how anybody can consider their products secure. I mean, Valve cited the code leak as the reason for a long rewrite and delay for Half-Life 2 (it's a bloody GAME!), and Microsoft downplays such incidents. We have a new model: Security through ignoring.

BUT...will it compile (0)

RLiegh (247921) | more than 10 years ago | (#8270676)

on Microsoft's mythological free command-line tools [slashdot.org] which are allegedly free for download?

DON'T TOUCH IT (1, Redundant)

Anonymous Coward | more than 10 years ago | (#8270678)

If you work on open source... or anything else for that matter.. DON'T TOUCH THIS WITH A 50-FOOT POLE!

Touching this source could make you "tainted" and could give MS or others cause to sue you or shut down your project for assumed trade secret violations. They might not win, but you don't want to have to go to the trouble of being hauled into court over this.

Not that there would be anything all that interesting.. I saw the file listing and it looks like fairly standard stuff... but just the fact that you've seen it could cause tainting to occur.

I repeat: DO NOT TOUCH THIS CODE! Do not download it, look at it, or think about it. Forget that it exists.

<hat type="foil">
Could MS have leaked this intentionally, to bait the OSS community and prepare for a SCO-esque assault?
</hat>

Bit-torrent (-1, Flamebait)

Perl-Pusher (555592) | more than 10 years ago | (#8270681)

Anybody have a bit torrent file, I'm trying to find out why certain API's seem to be slower that the unpublished ones used by microsoft products!

Good Grief (1)

illuminata (668963) | more than 10 years ago | (#8270685)

They're just testing to see if the open source software people will actually look at it. Otherwise, you'd know by now that it's just a shitload of ASCII art (like a big page-length piece saying TUX SUX).

Structured insight: (0, Interesting)

Anonymous Coward | more than 10 years ago | (#8270687)

http://everything2.com/index.pl?node_id=1519713

Today is the day after Windows NT becomes "Open Source", although not by choice. So far what's happened is... speculation and nothing else. As the roller coaster teeters at the top of the track, all walks of I.T. life are assessing the thrills and spills to come. Here follows a collection of views, insights and ruminations on the matter, collected from as many sources as possible.

Disclaimer: This is a summary of collected opinions on this issue. I am not claiming that any of this will happen, that these views are correct, or that I agree with them. If you spot anything particularly sensationalist or inaccurate here, please make suggestions and correct me.

Noung says re What will occur the day after Windows NT becomes open source : My understanding is that it hasn't exactly become "Open Source" (by choice or not), as we don't even know how much has been leaked... You should probably point that out as your write-up implies the whole thing is out.

jasonm says re What will occur the day after Windows NT becomes open source: it's hardly open source. it may be pirated source, but calling it open source misinterprets the term entirely

In reply to this I can only say that "open source" doesn't necessarily refer to openly licensed code released intently. Although I disagree with jasonm, I do believe that this is an issue which needs clarifying--the source certainly isn't open source in the same way that the Linux kernel or a typical openly licensed project is.

Microsoft Viewpoint

With everything out in the open, Microsoft's honesty regarding past issues is going to face heavy exposure. This might lead to legal battles for Microsoft itself, however, the leak is likely to have come from a separate company which the code was licensed to, and it is unlikely that Microsoft would be giving anything containing juicy secrets away to separate entities. Of course, the conspiracy theorists are already up in arms, voicing the possibility that Microsoft released this code their selves with the intention of converting Windows 2000 and NT users into purchasers of their latest operating systems. This is unlikely to be the case if common code is shared between 2000/NT and their latest releases, i.e. XP, else they would effectively be banging the gavel on this too. Microsoft may be forced to publish just how much of Windows XP stems from Win2K/NT.

archiewood says re What will occur the day after Windows NT becomes open source : You might've heard this already, but an interesting (likelihood of truth aside) theory is that Microsoft released the code deliberately, hoping Windows-derived code segments may eventually end up in Linux. Could be a perfect way to shut down their biggest competitor.

Already a popular idea is 'grep-ping' through the code for comments, and comparing the contents with released code from separate projects. The Slashdot crowd are literally frothing at the mouth at the thought of picking up on misconduct/incompetence in this code and exposing it. It's well-known that BSD network code exists (licensed) in Windows--a first stop for many will be to hunt this code down and ensure that it has been implemented legally and within terms of the license. This is an example of a known intellectual property issue; code monkeys are going to be much more interested in finding scandals of their own in the code.

Patches. Will Microsoft accept a more open approach to fixing problems in their code base? This may be a prime opportunity for them to re-license this code, and reap the benefits of the leak using a similar model to the Linux kernel code. However, with Microsoft's track record it's more likely that they will take an SCO-style approach and concentrate on protecting their own IP.

Hacker Viewpoint

Black hat, white hat... regardless of their choice in head wear, tinkerers from all disciplines are going to want a piece of the action.

White hats, the good guys. Their main intention will be to adapt and improve. Patches will be a main concern, along with general improvements and bug-fixes. Microsoft will not like this. With a past product ever adapting, new releases will be obsolete soon after they hit the shelves. It has been argued that Microsoft purposely make parts of their operating systems imperfect so that there is scope for product updates and new versions. With an Internet's worth of people improving on an old project, the company will have to come up with something very special if they want people to shell out the cash.

Blacks hats, a.k.a. the vigilantes.. Exploitation is the name of their game, and now they've got the ultimate weapon. With the inner-workings exposed they will be able to write new viruses, exploit new holes, and generally make a real mess of things for Windows users. Some of the problems will only be relevant to users of 2000 and NT, but it is likely that common code is shared with the other Windows operating systems. A hole in Win2K may also be a hole in XP, 98, ME, Server, Internet Explorer... the list goes on. Black hats will be taking on Microsoft, white hats, the media, users... and potentially lawyers.

General Windows-User Viewpoint

For the non-technically endowed users, confusion is going to be an issue. What will the average user do when their computer is exploited, people are screaming at them to take various precautions, when the media says "Panic! and Microsoft say "Upgrade!"--and all they want to do is check their e-mail and download the latest from Generic Boy Band? To most people the leak of a source tree means nothing. I've already encountered people mistaking this for the MyDoom virus and assuming that they're safe because they're not using Win2K/NT. When neither Microsoft nor techies know what to expect, what can be expected from the majority of computer users? Naturally businesses and users will be hit hard should this leak result in a torrent of viruses and exploits--viruses such as LovSan and MyDoom cause enough panic on their own; would anybody stand a chance against these multiplied by 10?

Open Source Viewpoint

A constantly expressed concern on the Slashdot message system voiced from the Open Source coders their selves is the potential danger of them seeing this illegally leaked source tree. If Microsoft code were to make it into into another project where the code, or even patented algorithms were in plain sight (purposely or subliminally), the grins on Microsoft's lawyers faces would be visible from space as the shit hit the fan. A more sinister approach to this issue would be illegal forks--intentionally using illegal code to better the progress of closed source and open source projects alike. For example, the WINE project (an implementation of the Windows API on other operating systems to form an application compatibility layer) may be forked to produce a compatibility layer using actual Windows code. Another possibility is the Windows OS itself being forked into a new product, customised, altered and improved. Certainly these would not go unnoticed, and would have to take the stealth development approach to protect its programmers, in a similar fashion to KaZaA Lite.
It should be pointed out that Linux Zealots are having a field day with this one. Certainly this is fuel for their fire, and perhaps a boost to Linux (although an ironic one, as the Linux source is all the more open than the Windows source).

Media Viewpoint

Sensationalism is likely. Already referred to as the "I.T. World's 9/11", the tabloids will make sure to expand on each issue as much as possible. Naturally this will be the public's main source of information and misinformation alike; perhaps the phrase "source leak" will become the tech paper's new favourite.

My Viewpoint

I only have one real opinion on the matter: amusement at the fact that the date for the subject matter of this node fell on Friday the 13th.

How long will it take? (5, Funny)

StuWho (748218) | more than 10 years ago | (#8270691)

Gentlemen, Ladies, I welcome you to the Microsoft Sweepstake. Crackers and Virus Writers are already in their places, competing for the trophy of being first to write a new exploit using this source code as their inspiration.

Current favourite, the author of MyDoom, but many youngsters are looking to make their mark in this prestigious contest

Grab a beer, sit back, and enjoy this great sporting occassion - sponsored by Microsoft, Security Through Obscurity.

Re:How long will it take? (0)

Anonymous Coward | more than 10 years ago | (#8270753)

Why should the source being available aid the Virus writers, I thought that when code is reviewed by many, security would improve...at least that is what all the slashdrones keep telling me....

Downplaying ... (1)

ackthpt (218170) | more than 10 years ago | (#8270698)

Microsoft downplaying the escape and distribution of their code is like the town water supply telling you there's some mercury in the water, but don't work about it, it probably won't harm you (much).

Then, it's probably the best their spin-meisters can come up with while Bill calls an emergency meeting in his office and yells at people (he has yelled at people in his office before.) I can just picture it:

Bill: <SHOUTING>How did this happen? I want names! I want places! I want heads on poles! And fergodsake don't tell me someone is already distributing versions of Windows(tm) with the registration requirement bypassed!</SHOUTING>

It was lifted from a Linux Box (0, Redundant)

Future Linux-Guru (34181) | more than 10 years ago | (#8270699)

>>BetaNews has learned that Thursday's leak of the Windows 2000 source code originated not from Microsoft, but from long-time Redmond partner Mainsoft.

The leaked code includes 30,915 files and was apparently removed from a Linux computer used by Mainsoft for development purposes. Dated July 25, 2000, the source code represents Windows 2000 Service Pack 1. ...
Clues to the source code's origin lie in a "core dump" file, which is left by the Linux operating system to record the memory a program is using when it crashes. Further investigation by BetaNews revealed the machine was likely used by Mainsoft's Director of Technology, Eyal Alaluf.

http://www.eweek.com/article2/0,4149,1526830,00. as p

Probably "Former" Director of Technology.

Re:It was lifted from a Linux Box (1)

polyp2000 (444682) | more than 10 years ago | (#8270752)

I dont see why it is relevant that it was lifted from a Linux box. It could just as well been Mac or a win32 box.

By explicitly stating this are they looking to implicate Linux in some way ? I dont get it !

What else is in there ? (1, Redundant)

cyberchondriac (456626) | more than 10 years ago | (#8270700)

I'm also wondering if anyone will find any code in there that deliberately breaks other apps, as often claimed in the past. Of course, this would be vehemently denied by MS, and claimed as added in by the thief. Is there any kind of CRC check on this thing ?

XBox rules!! (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#8270703)

first post!!! you lame assholes... I can post first because my XBox is a american product and my pride in my great country and my great XBox accelerate everything...

If only they would make games for that bitch... IAve played Metroid Prime and it ruled... I hope M$ will buy those japanese bastards and port Metroid to my great american console system!!!

Join the fun!!! [slashdot.org]

All this will do (1)

andih8u (639841) | more than 10 years ago | (#8270705)

Is probably make Microsoft be a bit more proactive about patching their systems. Don't forget that there are also alot of pro-Microsoft people out there who will go through this code and point out the flaws.

Download mirror for the MS Source Code: (-1, Troll)

Anonymous Coward | more than 10 years ago | (#8270706)

Look here [geocities.com] for links.

Yes but M$ will probably find a way to... (1)

i_want_you_to_throw_ (559379) | more than 10 years ago | (#8270707)

say "Having access to source code is bad. See how damaging it is to us? You want Linux now?"

Part of OSSs problem is that John Q Public just can't understand the benefits or the way things work with OSS.

Swearing? (5, Interesting)

thung226 (648591) | more than 10 years ago | (#8270709)

I'm shocked to find out that there is profanity in the comments/code. Anybody know specifically what they say? Seems a bit unprofessional.

M$ Programmer: Well, nobody's going to read this anyway, so "\\f*ck this bullsh*t"

For personal projects, this is fine (I've vented a bit in my personal coding projects), but I would never do anything like that at work...

Ever read MS code? (0)

Anonymous Coward | more than 10 years ago | (#8270714)

It is easier to read the disassembly, then to read MS code. This will not induce new hacks, but if the OSS ppl start reading it, in the future, MS may suddenly sue and claim it was their stolen code.

SIze??? (1)

freerecords (750663) | more than 10 years ago | (#8270715)

There seems to be varying claims on the size of this code. Geeknews claimed it was 660 mb of "around 30-40gb", whereas another news source claimed that it was "around 13.5 million lines out of 30-50 million lines" can anyone prove either of these theories? Cheers.. Tim

Re:SIze??? (0)

Anonymous Coward | more than 10 years ago | (#8270736)

It could be both...

The source of the leak (1)

rotomonkey (198436) | more than 10 years ago | (#8270718)

Further investigation by BetaNews revealed the machine was likely used by Mainsoft's Director of Technology, Eyal Alaluf.

Ouch. Somebody's career is going gently into the good night. Either Alaluf, or the person who set up Mainsoft's security, was pretty dangerously negligent.

should we be looking at this stuff? (4, Interesting)

mr_burns (13129) | more than 10 years ago | (#8270721)

I'm reminded that last time there was a windows source leak we were all encouraged NOT to look at it, so that we wouldn't have to deal with the source ending up in Linux.

Seems like a good idea, but...

Was it ESR that made that nifty app to compare SCO and Linux sources? Could it be fiddled with to see if Linux or other free/open source code made it's way into windows?

It would be quite a coup if we could somehow legally show that they stole from the community without having to deal with the gnarly mess of windows code finding it's way into Linux.

I'm not implying that such a thing HAS happened, but we're presented with an opportunity here.

crash (0, Flamebait)

zoefff (61970) | more than 10 years ago | (#8270730)

Hahaha, according the article: because Linux was not stable, we have now the windows source code

Clues to the source code's origin lie in a "core dump" file, which is left by the Linux operating system to record the memory a program is using when it crashes.

joke of the century

This may sound crazy, but M$ would likely gain... (3, Interesting)

Assmasher (456699) | more than 10 years ago | (#8270733)

...from the source leak if it has occurred at the proper time.

One of Microsoft's big problems when introducing a new operating system (felt especially strongly when they released XP) is that they often have difficulty moving corporations and smaller companies to the new platform right away.

Many people still run 2000 (because it was M$'s first decent operating system) instead of XP because they have NO REASON to move to XP.

All of a sudden, 2000, and NT4 (which are holding strong in their pie-slice of the M$ OS world) have been subjected to enormous security liabilities.

Obviously the only answer for companies stuck with M$, move to XP! LOL.

Mighty convenient isn't it?

Security by obscurity? (4, Insightful)

RT Alec (608475) | more than 10 years ago | (#8270737)

This may illustrate one of the halmarks of open source software-- that software open to prying eyes is inherently more secure than closed source. I won't be surprised if digging through the source reveals a number of exploitable security flaws, perhaps many more than have been revealed with the source closed!

To paraphrase Bruce Schneier, if I give you the plans to my safe, and 100 identical safes with the combinations so you can study the locking mechanism in detail, and you still can't crack my safe-- that's security!

A Prediction ... (5, Insightful)

starfire-1 (159960) | more than 10 years ago | (#8270739)

Maybe I'm a little jaded, but my guess is that in about a year, when we're closer to the Longhorn release, Microsoft will claim that the heritage Win2000/NT4 core is "too compromised" because of this leak and officially discontinue support prior to its seven year life-cycle. Along then along with Win98, everyone will be compelled to migrate to their new products.

Just a thought... :)

it's time (0)

kyshtock (608605) | more than 10 years ago | (#8270746)

Well, now it's time to start a new security company.

Anybody, any estimation on how soon exploits will appear?

Hmmm... I'll be selling linux firewalls to companies ;)

Source leak apparently traced back to MS partner (0, Redundant)

evn (686927) | more than 10 years ago | (#8270754)

According to BetaNews the source code was leaked by a company called "MainSoft" which has been a Microsoft partner for as long as the shared source initiative has been in place. Mainsoft makes a product called mainwin which is used to create native UNIX versions versions of Windows software. They go on to say the information was found by looking at a .core file found with the code. See here: http://www.betanews.com/article.php3?sid=107667411 8

The leak has been traced (-1, Redundant)

Space_Soldier (628825) | more than 10 years ago | (#8270755)

http://www.eweek.com/article2/0,4149,1526831,00.as p the leak has been traced

wu-ftpd vulnerability strikes again! (2, Informative)

Exmet Paff Daxx (535601) | more than 10 years ago | (#8270759)

"The leaked code includes 30,915 files and was apparently removed from a Linux computer used by Mainsoft for development purposes.

Clues to the source code's origin lie in a "core dump" file, which is left by the Linux operating system to record the memory a program is using when it crashes. Further investigation by BetaNews revealed the machine was likely used by Mainsoft's Director of Technology, Eyal Alaluf."


Wow, Microsoft's first source code leak in history came from running Linux. And they traced it because Linux's core files make forensics trivial!

I'm betting there's a lot of folks in Redmond right now saying: "who the hell decided to put Windows code on a Linux box?!!!"

P.S. Eyal is screwed, right?

Remember the Apple leak? (4, Insightful)

k98sven (324383) | more than 10 years ago | (#8270760)

Anyone around here remember when the Apple QuickDraw code was leaked 1989?

It started quite a big ruckus, with the media making it out to be the entire OS, and the FBI starting what has been described as more or less a witch-hunt on 'hackers'..

I would not be surprized to see a repeat of that, substituting 'hackers' for 'file-sharers'..
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>