Slashdot Mirror
Microsoft Opens Source to China
angst7 writes "ZDNet is reporting that Microsoft has signed an agreement which would allow the Chinese government access to Windows source code. This is part of an effort to curb the shift toward Linux in China due to that country's concerns regarding the security of closed source software." Reader NZheretic points out that less than a year ago, Jim Allchin swore under oath that disclosing the Windows operating system source code could damage national security.
not opens source to China.
just using its own form of open source - you just need to yell "Hey were going to use Linux!" and you get the source ;-)
And this hurts the US National Security?!? WTF!?!
Well, it looks like terrorists are gonna be the first to see the source... :/
You are great player! Present you with points!
And I thought it was just Bill Clinton that sold us out to the Red Chinese...
I guess Drudge was wrong all along, eh?
Now that China has the source code we can look forward to some really nasty ones.
maybe its not all the source... you know they could just release parts of it.
I have heard people discuss this and say something like "Oh boy, I wonder if the code will be leaked and we can be free to modify windows! Yaaaay!" Not. Who would want to modify windows? I mean, you can make workarounds for problems that exist already without having source. If you want a fully modifiable OS, why don't you just go with Linux?
if the Chinese can't recreate the shipping binaries from the source that MS shows them? The last time the question came up (the Caldera suit) Microsoft finally had to admit that even they couldn't reproduce the distribution binaries from source.
Lacking <sarcasm> tags,
can they type: ../configure;make windows;make install?
If not -- then how do they know that the code they are looking at is the same version that goes into the build on their desktops?
(+1 Funny) only if I laugh out loud.
Just curiously... if all the linux users care about is open source, wouldn't the functionality of windows compared to linux IN SOME ASPECTS cause a flux of *nix users to use windows if they could fiddle with it as they liked? I mean besides server issues, windows is the way to go if your computer is really just a PC.
When he swore under oath that opening the source for Windows would be a threat to national security, I completely agreed. The number of security holes in Windows with the source remaining closed was bad enough. Now China gets to see the source, and we don't? Wouldn't that put them at an advantage over US companies that can't audit the code for security holes?
What's the corporate punishment for treason?
What's this Submit thingy do?
Sorting through gigabytes of Microsoft legacy code that was written under the pretense that nobody would ever see it. Now there's a scary thought. I'd hate to be the guy with THAT job...
How difficult would it be to leak the source to Windows XP out of China? I don't know really, but it seems to me a heck of a lot easier than to get it out of Redmond. And M$ can't go after the Chinese government with a lawsuit.. that'd create a sweet precedent. Would Bush bomb Beijing over Windows XP? Sad thing.. he probably would.. ;-)
Learn from the mistakes of others. There isn't enough time to make them all yourself.
--sex
Very popular slashdot journal for adul
less than a year ago, Jim Allchin swore under oath that disclosing the Windows operating system source code could damage national security.
So, does this open the door for a purjury investigation? I would think that a number of companies would look upon this with great interest.
Visit Jonesblog and say hello.
Many, many countries already have access to the Windows source, not to mention many businesses and universities.
Donate background CPU time to fight cancer.
Windows operating system source code could damage national security.
Well, I'm sure they won't open *that* part of the code.... (*cough* *cough* secret backdoors *cough* *cough*)
(Spudley Strikes Again!)
MSFT would say something like this...
I think China as a whole follows more rules than the loose nuts in the universities and companies in the US.
They will swear under oath too.
S
This must be a covert attempt from Microsoft to destroy China by weakening its national security!
/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i
No, it would compromise security if the vagrant open-source developers saw the Win32 source code. China, on the other hand, certainly isn't a threat.
Just replace "national security" with "microsoft security", and things make sense.
--
"God is a comedian playing to an audience too afraid to laugh." -Voltaire
They often releases it to schools with various NDA's, as well as businesses under various agreements, but that's usually for educational or development reasons.
The deal with China seems to be a combination of PR and sales, rather than education and development.
frob.
//TODO: Think of witty sig statement
So either the source is "open" or "closed"?
Microsoft would never think of a no-charge license for *some* of the source with a non-disclosure agreement, and keep the national-security sensitive stuff to themselves?
I cant wait to put my hands on that baby, i know, is an ugly one but would be very intersting to look the sources. This make me wonder, with all the security issues that Windows has isnt a bit dangerous to give the source to only one country who could find several bugs and holes by looking at the codes?, isnt it scary?, say bye-bye to Windows on sensitive servers.
Sigs are for morons... Wait a minute...
So the US government needs to either arrest Jim Allchin for perjury or Bill Gates for treason.
"No he ain't - hes LAOSIAN (sp), ain'tcha MISTER KHAN?"
So which is it, Microsoft? Treason, or perjury (or both)? (Yes, Microsoft bashing is fun, you should try it some time)
The ocean parts and the meteors come down
Laid out in amber, baby.
Unless the ability to compile the source and run the resulting binaries is there, this is a meaningless gesture as there is absolutely no way of knowing whether a given version of the OS matches up with the allegedly corresponding source.
I wonder if China and other governments will be tobuilding their own binaries and install CD's...?
What I'm listening to now on Pandora...
1. Turn over source code to foreign governments hostile to the United States.
2. Compromise National Security.
3. ???
4. Profit!
anyone else having thoughts of the Code Red virus 2 yrs ago that defaced websites with "hacked by Chinese"? Kinda ironic if it happens on a Chinese server, huh?
$cat
Just because you un-weld the hood of the car doesn't mean you can make that outdated-15-HP-two-cylinder-powered-pinto-with-squ are-wheels run any better. The *nix communities will not be hurt in any way from this. We started out a step ahead of the game and we will always be one step ahead in the future.
Just my $0.02 cents.
It's just that M$ can't go after China with an army of lawyers. When a school or corp breaks their NDA, they end up in court. I wonder what happens when China breaks NDA.
Learn from the mistakes of others. There isn't enough time to make them all yourself.
No offense to China (I have been, nice country, in the places I was anyways) But does this not seem kinda ironic, Windows, sharing source *whatever strings attached* with China? But on a serious note, whats the chance theyll ever do anything with it? is China gonna make a serious "Windows For China - Big Brother Returns part 4" or is this purely a PR? Karl P
..that microsoft is sharing it's source with a country that has really secure computers..
---
Anything worth doing is worth overdoing
That's what I was going to say. I was also wondering if MS should even be sharing with China's Government? I mean they are an evil bunch. Why is MS helping China who will just use Windows to better exploit its people. Oh wait, now I remember why. $$$
I would NEVER do business with China for all the money in the world, I guess I'm not surprised MS will though. We can't prevent China from using Linux since its freely available, but at the same time I don't think MS or any other American company should be selling China technology or any other products.
It could damage national security and they've licensed it to China and Russia, but not the US? MS must be living in a really strong reality distortion field ....
Trade secrets: Beyond a doubt there are piles of things in the source code that could be considered trade secrets. One way to protect trade secrets is to make certain that they are widely available but not legally available. In the cynic's view (i.e. mine) M$ wants the code to be leaked by China.
If the code is illegally leaked, it is very easy for M$ to accuse other products (future Linux apps?) of using illegally acquired trade secrets. How can the authors, living in countries around the world, prove that none of them have ever seen illegally leaked material?
Based on what I have read about the development of the clone of the IBM BIOS, it appears that the burden of proof de facto lies on the defendant to show that they are not using trade secrets illegally.
This may give M$ a very big gun to point at any colloboratively developed code that they don't care for.
From the efficient screensaver dept.: POKE 53281,0:POKE 53280,0:POKE 646,0
I have to ask, what system is that from, and what does it do? My first instinct says Apple II...
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
So after the US and the "western world" has dished out billions on windows, the MS-MoneyMaker decides to screw us all by handing over the precious code that we pay so dearly for (businesses at least) just because its popularity is down. I see this as a marketing scheme to get the MS name out to theother side of the globe which is beginning to trade in their rice for mice and keyboards, and evetually will be a great force in the OS market. However, allowing the Chinese government to see any part of the code they want is not exactly good form for the "older customers". In addition to security questions ($0.10 says it spreads to Korea, Russia and the Phillippines, wher piracy is thriving), the new partner that Gates is so enthusiastic about, (Chinese gov't) is relying on Red Flag Linux to cooperate with windows. This is going to backfire onGates real bad, and possibly on US businesses too (like our economy needs it).
Thats why people can place .exe files, run them on your computer to start hidden threads, and spy on your activities.
.exe, I'm talking window's backdoors. Windows has so many holes wanting to get fucked its like a bitch with two cunts put in men's prison.
Get all the security updates. Run internet explorer and if you browse the wrong website, you get em! I'm not talking downloading and opening a
God spoke to me
...security goes out the window. (no puns actually intended).
The almighty dollar means more than anything to a corporation after all. Laws, security, morals - whatever - have nothing to do with how a corporation acts, unless it will affect profit.
BlackNova Traders
He said it could damage national security. How is that perjury?
Sorting through 50 million lines of code, finding hundreds of thousands of vulnerabilities to exploit in windows, and thereby becoming the predominant information-warfare player, at least in terms of potential mass disruption, on the planet.
Someone in China is smiling sagely over this one.
Although I've always felt that "cyberwar" scenarios were rather overblown attempts at giving backroom geeks frontline roles, the military certainly takes it seriously; one well-received military paper a few years ago warned that America's IT defenses were on a par with the ability of Task Force Smith (whose ignominious retreat from Korean forces showed how woefully unprepared America was for the Korean conflict).
As we know, China has been touted as the first great cyberwar enemy; allegedly, China does have a "hacker brigade" tasked with disrupting American networks and computer systems in times of war, to rectify the strategic imbalance between the two nations. Now, Microsoft plans to open to a strategic rival of the U.S. the internal code that will power the Navy's upcoming CVN-77 aircraft carrier, plus other "smart ships."
This raises an interesting question for the Administration: although, as Vann H. Van Diepen (Director of the Office of Chemical, Biological, and Missile Nonproliferation) told Congress, export controls to China are not enforced in "areas where the technology is widely available as commodity items ... such as low-level computers," the source code to a mission-critical operating system used by military C4 systems is certainly not a "commodity item," nor is it "widely available." Will the White House put national security over Microsoft's profits? Les Kinsolving, call your office!
"Freedom is kind of a hobby with me, and I have disposable income that I'll spend to find out how to get people more."
"All warez copies of Windows actually fake versions distributed by the Chinese"
"Microsoft Source Code leaked world-wide"
"Microsoft discontinues entire software division and focuses full force on their Mouse and Keyboard division"
1- China Gets Source
2- China uses Message Queing to break or break into asian corps, and small countries which have little security
3- China now has massive espionage in 2nd/3rd world countries, and united states corporate subsidiaries in those countries
4- China invests heavily in US stock market
5- Profit!
At least that is what an Evil empire would do...
Or big liar.
US national security, from the software point of view, was already compromised on all systems running WindowsOS and assosiated backoffice and client side products. The only thing required in this case is to install software and pray for timely releases of security patches, providing MS considers flaws moderate to critical.
However, this is pretty significant move and raises few questions:
Perhaps none of these but there must be a very good reason.
More like an advantage over Gov't computers running Windows.
AFAIK, the really, really sensitive computers are on separate networks, but one can still worry.
Although I rather doubt the computer in George W. Bush's computer doesn't have Internet access.
What's this Submit thingy do?
Hey, now that the source to China is open, maybe someone could fix the population leak?
Liberty uber alles.
> Now China gets to see the source, and we don't?
Let's hope to God they don't get to see the source to IIS, or we're all doomed.
HELLO! Inacessable Boot Device, Performing Memory Dump! Hacked By Chinese!
Well, maybe our national security being at risk will force us all to switch to Linux...
I,
Know that there are export restrictions for crypto software and the like and I'm sure MS isn't sharing this type of material.
But, given the number of times MS software has been shown to be quite a good host for viruses etc. shouldn't there be someone at the Commerce Department reviewing MS's shared code policy.
Basically, I'm seeing MS sharing source code with probable enemies of the US and it makes me nervous.
What's China gonna do with this source code.
Well, they could certainly look for exploits, "No need to try to hack the darn binaries anymore, we got the source Bob."
After identifying the exploits they could EASILY turn around and use them against computers in the US.
For example, what about all those Navy ships out there that are being fitted with MS software? Do you really want the ships Phalenx (spelling?) system networked to and sharing network assets with MS OS's that could be compromised by a sneaky Chinese spy onboard with a floppy full of viruses?
What makes this even worse is that MS is handing over this material to the bad guys and I'll bet you that a majority of our military cannot get their hands on it. Nor can the majority of the FBI personel or the CIA or the NSA I would bet.
This is similar to handing over nuclear technology to the North Koreans so that they can build a power plant. See where that get us?
As much as I dislike saying it, if everybody on our side cannot see the source code, then nobody should be allowed to see it.
Caution: Contents under pressure
I'd hate to be part of the team that looks at the source code. Those people would never be able to work on open source code again without being accused of 'stealing'.
This is the perfect opportunity to demand that the US Gov't remove all MS products from their systems and switch over to open-source equivalents!
Microsoft can no longer argue that it's safe and secure, or they'd be purguring themselves!
Oh what a tanlged web we weave... eh Microsoft?
- Preferences: Solaris 10 (servers), Ubuntu (desktops), Solaris 11 (personal servers) -
...so now evil red China will have the source code to much of the software that the US government's computers run on.
I guess that's more reason for the US government to migrate away from Microsoft.
Um.... reverse engineer?
They released the source to them.
There's no need to reverse engineer it...
Karma: Non-Heinous
<sarcasm> You'll notice that there are no brown-skinned folks on that list, so rest assured that dangerous information will not fall into the hands of terrorists. </sarcasm>
In case you didn't know, the "People's Republic of China" has an entire department(ie Air Force, Navy) dedicated to Information Warfare. Which does in fact, include computer viruses.
Ironic that this asking MS to remove barriers to see the source code is coming from a country that built the biggest wall in order to keep from sharing their own "source code" (albeit ~2200 years ago)
two far east countries essentially "force" MS to change it's policies but the U.S. can't do anything to control them? Proving once again our government if far to beholden to corporate interest.
We are the ones (our nations/businesses) who made MS a reality in the first place after dishing out billinois on their OS's. This "sharing" is a backstab, an outrage. Anyway, what is the Chinese gov't gonna do but tie it to their existing Red Flag Linux.
How long will it be before the Chinese leak the source to the net?
SIGFAULT
on how long it takes for the source to be disseminated through Kazaa?
MWAHAHAHA...all their base are belong to us!
DUH.
From an Infoworld article on the subject:
"Governments signing up to the security program will be able to build systems that offer the high levels of security required for national security, Microsoft has said. However, government users will not be allowed to make modifications to the code or compile the source code into Windows programs themselves, according to Microsoft."
Yeah, real 'open'.
"Gold still represents the ultimate form of payment in the world." - Alan Greenspan, 1999
In all I have read about Microsoft's "Shared Source" programs, there doesn't seem to be *any* method of verifying that the source you are given is the same as the source given to someone else. You simply have to trust Microsoft because you aren't allowed to discuss it with anyone else, even those people who supposedly have the same access that you do. Isn't that a bit odd?
If I download some source for some Open Source package, like the Linux kernel, I can not only build it completely, but also compare what I got with whomever I wish. There are no secrets. I can have some faith that what I have is the real thing. That is simply not true with Microsoft's "Shared Source".
I just don't get why China would even bother with Microsoft. My guess is that, like most governments, money and lobbying are the only things that make sense to the politicians in control. They have no idea what the difference is between operating systems; why Linux would, of course, be a better option. They probably don't even care about the political/economic consequences of their country being dependent on an American import. I guess politics as usual has answered this question. No, it is not the year of Linux in Asia.
It would be great^H^H^H^H^H a pity if the source got leaked onto usenet.
I recall there was a story maybe a year ago about the chinese government and military investing heavily through their universities to develop a chinese made "clone"/reverse engeening of "Win95". Hmm..it seems this work will suddenly become much simpler for them, as well as being able to move up the food chain. Will they have a NT clone before ReactOS? :). And in a country where IP laws are what the leadership choose to decide they are in any given year, well, wouldn't it be a shame if the chinese choose one day simply not to recognize software copyrights or patents, after the fact? :)
hmm.. Microsoft and open source can never go together..
When can we expect to see the $5 knock-off CDs of the source hawked on Hong Kong street corners?
"Your superior intellect is no match for our puny weapons!"
Why is this article listed under the MS topic? I thought Chairman Mao owned the copyright on the "Source to China", or perhaps Karl Marx. How can Microsoft legally distribute it?
Creature of habit..billions is not a word I get to use often
I swore at Microsoft all the time. Then I stopped I knew they didn't pay attention.
I don't suffer from insanity, I enjoy every minute of it.
My wife was born in Taiwan so you can take the racist crap and shove it up your ass.
Plenty of viruses come for the US and China, yes. The ones coming from China are often tagged with nationalistic themes. It's those messages from Chinese hackers that initiated the "us" (USA) versus them (China) mentality.
Ahhh, a scholar!
But I fear most slashbots won't get the reference.
The full punishment for treason in England was:
- Disembowlment,
- burning the traitors viscera while he's still alive to watch it,
- drawing and quartering (tie each limb to a horse, and be ripped apart)
- Head displayed on a stake at London tower,
- (certain rules about burial, including, I think burial in unhallowed ground.)
- ????
- Profit
(errr... just to be clear, that was "all of the above" (neglecting the last two), not "pick one")Unfortunately, today in this country, you can get away with anything if you have enough money or the right connections.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Actually some versions of code red did have code to detect the language that a site's web pages were in and trashed the site if it wasn't in Chineese. Then a few days after this was discovered a second verison of the same worm appeared which did the opposite. Code Red hit at the time that the US spy plane was forced down in China.
There are plenty of examples of politically motivated hacking, the Palestinians and Israelis have been having an ongoing proxy war for some time. However almost all the events appear to be the work of independent agents working on their own rather than being coordinated cyber-warfare.
The only example of state sponsored cyberwarfare I am aware of is the attacks on Usenet by Hasan B-) Mutlu and Serdar Argic who roboposted thousands of anti-armenian propaganda messages. Mutlu and Argic were both pseudonyms used by an officer of thr turkish intelligence service which was concerned that reports on the Turkish massacre of Armenians during world war I were circulating on Usenet and damaging the image of Turkey abroad at a time when the post USSR CIS was fragmenting into racial warfare. So they roboposted claims of a bogus masacre of turks by armenians repeatedly in order to drown out and discredit the genuine claims that the turks massacred the armenians.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
so you can see the source. big deal. when i can compile my own windows, then big deal
You have a "for sure" evil and a "maybe it could be" evil, and you choose the for sure one? Ok, if Chinese Government make people to depend on them, suffer of their bad choices, put high obligatory taxes for low level services, arbitrary sue people, and try monopolize all services, well, yes, it will be very evil. Fortunatelly no US company does/did that ever.
thousands of chineese software developers commited a mass suicide after been exposed to the millions of lines of Windows source code. Apparently nobody warned them about the dangers of staring in the soul of the devil.
You can't handle the truth.
Name five?
:-), neither do I. I kinda like it that way, I prefer not to have MS lawyers do cavity searches looking for their source.
If they had, then there would be copies of the Windows source floating around for a while now. Also, we would have heard some major eruptions from the Dept of Homeland Security.
Sorry, but Universities do have access to the source. I have a friend who worked on a project that was granted access. You have to apply to MS, they have to like the project, you sign NDAs and agree to keep lab locked, CDs secured, etc. MS gets the right to incorporate your research, you are allowed to publish, move to a different University and take the license with you. It's real. The source probably is out there somewhere, you just don't run in l33t enough circles
...is just impolite, national security or not. Next thing you know, he's going to start cursing in front of the Chinese and he'll go to h-e-doublehockeysticks.
This wasn't just plain terrible, this was fancy terrible. This was terrible with raisins in it. - Dorothy Parker
The first organization to purchase the government-aimed package of M$ sourcecode was the electronic warfare division of FSB (former KGB) of Russia. Go figure...
Hu Jintao: "Very interesting, but I see in the code references to things not present in the source."
Bill: "Oh, that's where we are inserting new Trustworthy Computing initiatives."
Hu: "Really, and what does this connect_redmondwa() do?"
Bill: "That's for reporting any bugs which we didn't catch."
Hu: "and this part? send_all_user_info() , is that reporting the bug information?"
Bill: "uh.. yeah, yeah, that's exactly what it's doing."
Hu: "and this scan_personal_records() must be confirming notification, yes?"
Bill: "..ahem.. uh.. yes!"
Hu: "then we are most assured of Trustworthy Computing by carbon_copy_cia_gov() , correct?"
Bill: "yesyesabsolutelypleasedon'tkillme.ibegyoupleasedo n'tkillme..."
Hu: "We would not think to kill you, however we will continue with Peoples Great Open Source Initiative, for all 1.3 billion chinese."
Bill: "ok, you can kill me."
A feeling of having made the same mistake before: Deja Foobar
The post does not whine about opening up the source to China it simply points out that Allchin clearly lied under oath - yet another indication of the character of Microsoft's executive management.
I want to be alone with the sandwich
"A CD"? NT4 source was delivered to NDA'd Universities on five CDs IIRC.
I tried to write something that was quick to read, but to the point. Who knows, maybe someone will notice. I'm not holding my breath, though.
=====
Despite the fact that Microsoft's software is widely known to contain many security vulnerabilities, the U.S. government and military heavily rely on Microsoft's Windows operating system to peform vital government functions.
It is relatively easy to find security vulnerabilities in software when you have access to the source code of that software (source code is what defines software; people read and write source code).
In light of this fact, Microsoft has claimed that sharing information about its software with competitors could damage national security.
More important than any competitor to Microsoft, China now has the source code to Microsoft's Windows operating system.
Shouldn't the U.S. government move in the direction of open software that is not ultimately controlled by any one entity? As a concerned and informed citizen, I would wholeheartedly suggest Senator Warner support open source software and vote against bills like the DMCA that stifle the progress of open source software.
..it's only a matter of time until a copy appears on kazaa.
I understand that China is not allowed to compile the program. That being the case how can they be sure that they have the complete source.
The only way that I can see a government feeling warm and fuzzy about this would be if they were allowed to examine all 500 million lines of code and to compile it themselves and distribute that.
Even doing this they will have to do the same thing to every update and every proprietary piece of software that they run on government computers.
I think that Linux is still the way to go for China.
The race isn't always to the swift... but that's the way to bet!
You see, being exposed to Windows source code gives programmers a killer headache, and after having seen it, they'll never be able to write a secure piece of code themselves.
I wonder what the reaction will be from that part of the community that just couldn't let that "Red Hat removes Taiwaneese flag" incident go. China is a hot topic in many circles, and rightfully so.
I'd say lets start a Class Action Lawsuit against Microsoft, claiming damage to national public safety due to Chineese government (and by there own definition, isn't everyone "in the Chineese government" over there?) inspection of code to witch we, as Americans, have no right. Whatdya say guys? Who wants a million dollars?
put the what in the where?
Contrary to your assertion, many people outside of MS do have access to MS source. "Open Source" is not the only way to see source. China will probably sign an NDA just like the US corporations and universities do, and presumably the US government. Hell China might even abide by the NDA, why would they want to let their civilians to have access to the source. They are bigger control freaks than MS.
If, theoretically, the USG saw all the source code, couldn't citizens then solicit that same information (the source code) under the Freedom of Information Act?
I mean-- it comes down to the core issue of privacy-- the gov't would have to prove that it has no unfair advantage that could impede my 4th Amendment rights vis a vis the M$ software.
Or-- it could prove to be collusion between a private entity and the state, also illegal in the US, and I would think most of Europe...
davejenkins.com |
so if Jim Allchin perjured himself, is that grounds for declaring a mistrial on that whole anti-trust trial?
--Rob
If the Chinese government is concerned about security how is allowing only the government to view the source going to help. I thought one of the big advantages of real Open Source was the hundreds and possibly thousands of little minions all trying to make things break and find weaknesses from around the world. I don't see how what MS is doing is going to help out at all.
Whether you can audit the code for security holes is useless. What matters is being able to DO something about it when you find a problem. Microsoft's Shared Source programs don't allow you to do that, and I think that's just silly.
Basically, this program is giving an advantage to those with nefarious purposes -- they can find faults and exploit them. Those who simply want secure systems can't fix the faults that they find. So what good does it do for anyone?
My Karma was at 49, then they switched to words. All that work for nothing!
This isn't quite right. Trade secrets are just that - secrets. They are secrets that the company elects to protect by not publishing. However, if those secrets are discovered by someone else, or somehow otherwise made public, you have just lost any rights you may have had. The alternative is to patent them, in which case you gain limited protection (time frame, licensing fees, ect) but have just told the entire world how to do it, step by step. And not every country recognizes the same patent law. There have been recent medical cases where S American countries have broken pharma patents to provide cheap, effective medicine to it's people.
One of China's concerns was backdoors put into the software. How do they know that the source they get is the source used to compile their OS? Are they going to "roll their own" Windows OS?
Trolling is a art,
If this affects US security, can John Ashcroft detain Bill Gates? Please? Does someone at the DOJ need their palm greased? I can pay many pennies!
Penguins are so sensitive to my needs - Lyle Lovett
So, Microsoft is freely letting China view the source code, but they fought and vehemently insisted that they could not let our own government view the source code? Yeah, seems like they're real interested in American security.
barzelay.net
Since a lot of US government computers are using Windows security. What happens when US based Microsoft is sharing "security secrets" with other governments? The US government will say Microsoft can't share the source with anyone other than the US government and China will be right back to using Linux again.
http://www.askthevoid.com
If, according to Allchin:
"It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks," Allchin testified. "Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere."
Then why isn't the military running NSA Linux? Because they don't like OpenOffice? Because they can't see Sorenson video in Quicktime? Because Opera borks their MSN page?
I'm thinking that this program, like most other things related to Microsoft, has some hidden implimentations.
Think about it - Remember when MS got hacked, and they admitted that the hackers stole Windows source code? This program could be a coverup to *WHEN* source code gets leaked on the net. "Oh, Russia/China leaked our code!! War!!" instead of "Oh man, that source code has been leaked from when WE got hacked, and it's OUR fault! We can't do anything about it!!"
It is pitch black. You are likely to be eaten by a grue.
MSN is reporting a story on Opra attaining billionaire status, but I thought one side note was hillarious:
"Gates' personal wealth, much of it in company stock, has diminished by 60 percent since April 1998, when it briefly reached $100 billion. His worst year was 1999, when it plunged by a third as the government pursued an antitrust case against Microsoft. Forbes notes he is also the world's biggest giver, donating $1 billion annually to charity, largely to vaccine research."
With all the bugs and viruses his software is subject to, I was hoping he was putting more than that into vaccine research!
Acts of massive stupidity are almost never covered by warranty. --me.
Just curious...how can they prevent the Chinese from building the binary? Are they leaving bits of code out to prevent it from compiling? Does it require a compiler other than Visual Studios?
:-)
:-) for some patent violation?
If this is basically the shared source that MS currently provides in the US, isn't it possible for any US citizen and/or the government to get the source in the same manner?
I wonder if the Chinese will follow the user agreement
Isn't this likely really just internationalizing the Shared Source initiative?
Does this mean anyone looking at the source code cannot in good concious work on Linux?
Or will they intentionally put MS proprietary functionality to be included into Linux and then MS will have a legal leg to pursue the linux world (yes the conspiracy theorist in me comes out
Does this mean that for them to develop on it they will have to have a MS Platform to develope on which requires a MS purchase?
Eric B
ebresie@gmail.com
This has nothing to do with security and everthing to do with Microsoft maintaining market share by preventing the Chinese government from moving to Linux.
Maybe one of the Linux big-wigs (Torsvald et al) should contact the Chinese government and say "Here, use Linux. We give you the source code AND you can compile it into binaries!".
They said fine, but parlaimentary officials said they would like to bring some expertise with them as they didn't know much about internals of an operating system, they would like to bing some experts. These would be from the BSI (sort of like NIST) and some invited consultants from the Chaos Computer Club. MS objected to the latter so the Germans pulled out. This is why the servers at the Bundesrat (German Parliament) will not be running Windows.
See my journal, I write things there
DVD-CSS aside, that's not how it's supposed to work. In theory the difference between trade secret and patent is that with a patent, the Government enforces your exclusive right to use the development in return for you telling everyone how it's done. With trade secret, you take the chance of independent discovery. So if an organization chooses to hide a development as a trade secret and the secret gets out, they've got no recourse other than to recover damages for breach of confidentiality. (That only works with those who have a duty of confidentiality in the first place, of course.) The genie doesn't go back in the bottle.
Of course, that's theory.
Still, MS would have a decidedly difficult time going after Tridge for "trade secret violation" based on a speculation that he found out about some SMB operation from leaked Chinese source.
Lacking <sarcasm> tags,
I agree that patenting "concepts" is generally a bad thing, but there's a big difference between "intellectual property" and "concept". As an example, If I write a book, about concept X, the contents of that book are my intellectual property, and copying or distributing it without my permission is wrong (except for fair use). However, nothing is stopping anyone else from writing a different book about the same concept.
If I choose to share some software I wrote, and open source it, that is my decision, but if I don't, that code represents my hard work, and I deserve to reap the benefits.
There are no tiger attacks in my area and it's all because this rock I'm holding keeps the tigers away.
Microsoft was found guilty. It's the remedy phase that was the joke. Judge Coleen whatever her name was really had the wool pulled over her eyes by Microsoft. I bet Judge Thomas Jackson is laughing. He should call Bush and say I told ya so.
MS offered a similar deal to the Japanese government for their upcoming "e-japan" project.
Microsoft would give the Japanese government access to all the Windows source code if they signed an non-disclosure agreement and chose Windows over Linux.
Japan chose Linux.
Characteristics of a troll:
Frequently long.
Usually *too* well written - ie, canned
Only makes passing reference to the subject at hand - slight changes to the canned text.
Takes an extreme position intended to piss off some subset of the /. crowd
Has just enough logical fallacies and red herrings to make it clear to anyone looking for trolls (and therfore funny).
There are other signs, of course, but this is what I usually look for. The g'parent hits them all. It is, definitely, a troll. I guarantee you the poster does not actually belive the position espoused.
-Looking for a job as a materials chemist or multivariat
If this isn't all a well thought out plan by Microsoft to poison the open source movement by contamination. You know the source is going to be leaked eventually, Then how do you defend against an IP claim if your code happens to be similiar to MS's on some project. How do you prove you never saw the code someplace on the net.
All MS need to do is take out the us govt. approved spy code for the examination. The Chinese won't be compiling and shipping their own versions of windows will they? Or is MS now employing Stallman/
Windows with improved support for USB (Ultra Straggly Beard)
Hands up everyone who refuses to obey orders.
YOUR FACTS ARE INCOORECT!
...maybe Bill G is hoping that having Windows and Linux both "open" in the same chaotic marketplace (Asia) will quickly lead to enough "contamination" in Linux distros to "open" the door to generalized lawsuits.
We all know that there is really nothing new in code. Part of what makes an open application clean in the sense of free from copyright issues is not the absence of certain ideas or particular implementations of them, but the absence of a means for those ideas to have been lifted entirely from proprietary versions of the same ideas. Microsoft has always protected their code and this is actually a Good Thing for "clean room" OOS developers coming up with the same solutions as M$ codemonkeys.
Now, if Microsoft could point to Asia and say "our crown jewels made their way into Linux because of our ill-advised opening of Windows in Asia wink wink" do you think a sympathetic judge somewhere might be bri...er...convinced to slap an injunction on the further distribution of OOS software developed after the date of Windows source release to China? And even if they (M$ and the Chinese) aren't actually thinking along those lines right now, do you think they (M$) will hesitate a New York minute to take such action if the opportunity presents itself?
So you see my Prince, perhaps the binaries are not the issue. We all know what the issue is for M$, don't we.
Signed,
Nicolo Machiaveli
=^..^= all your rodent are belong to us
I would love to see the code, just to see how many glaringly awful programming errors there are and find out where this is in the code: do x=rand(500) if x mod 3 = 0 then computer.bluescreen while 1 !=2
-- Insert wisdom here:
1) Too many US government agencies use Windows. Opening the source code would allow hackers to find and exploit even MORE Microsoft bugs, and far more easily. Numerous government, as well as civilian, installations will get hacked big-time. Since Microsoft would never listen to anyone who noticed a bug while looking through source, this isn't an opportunity for improvement.
2) Windows includes a number of encryption algorithms whose ability to be secure may benefit from being closed source. It's harder to crack encryption if you know neither the key nor the algorithm. This is the sort of thing that M$ could omit from their shared source, however.
For this to be of any use, they'd need to open all of the Windows source to China's government. Who knows what they might be hiding inthe bits they've not opened.
Follow me
I personally think this is hilarious. I spit coffee all over when I read it on news.com this morning It's hard to ask to be taken seriously when your proprietary flagship software product is so shoddy and untrustworthy that you have to share the source to get foreign countries to trust it (and compete with other open source projects).
-B
Ash and Hickory, straight-grained and true, make excellent bludgeons, dandy for the cudgeling of vegetarians.
I can't believe that Gates is SO desperate to stop Linux that he's going to give away the source code to China. They have NO respect for intellectual property rights there. Not only will the government steal it, but the source will be freely sold on the streets. This COULD be the downfall of MS we've all wanted!
If someone says he and his monkey have nothing to hide, they almost certainly do.
Why would a company or country want the code if they cannot modify it or improve it? If they are looking for bugs, they will not be able to fix them.
China is not at the moment a declared enemy of the US, a requirement for a treason conviction. Indeed, China has most-favored-nation trading status and normalized relations, which I am pretty sure would be mutually incompatible with enemy state status. Remember, they didn't feel they could get a treason conviction for John Walker Lindh. Worst they could get would be an ITAR violation, I suspect (IANAL).
The interesting point to me: what makes Redmond think that the Chinese government isn't going to just mine the code to create their own OS? Chinese copyright law is not as, well, forceful as US law; and we know that China has been considering creating home-grown computers, apps, and operating systems. What could they do (MS) if a Chinese corporation suddenly came out with a Windows clone that claimed to be based upon Wine but was really based upon the original Windows code? I can imagine a gray market Red Windows cropping up around 2006 to take MS's Asian market away from them.
That's a problem with closed source: the minute you open the door a crack, you're forced to rely upon law enforcement to give you any kind of IP protection - so then you're basically in the same IP position as open source, but without the moral high ground.
Microsoft pulls a fast one on China.
Overheard in the Chinese consulate earlier this morning...
"Hmm.. Ok, install the source code from cd. ActiveX.cp, KernelDLL source.. Hey, wait a minute! I recognize this source code! This isn't the Windows source, it's Linux!"
But seriously, what's to prevent someone from taking the Windows source code and porting it to their own Linux distro? I think Microsoft just put another nail in their grave.
Who moved my sig?
"Microsoft enables chinese government to further restrict it's citizens in their abilities to compute or communicate with the free world."
-- http://www.criticalassets.com
But will they be allowed to make changes and recompile their own patched or enhanced versions?
If not, then Microsoft has completely missed the point of what Open Source software is all about. It's not just about allaying fears about that is in your code. It is the freedom to(pretty much) do what ever the hell you want to with it!
"People should be allowed to keep midgets as pets."
- Gov. Jesse Ventura
And the US doesn't?
Fair point, but at the time I posted there were only a whole load of anti-Chinese posts and there was a clear racist tendancy that made me angry.
less than a year ago, Jim Allchin swore under oath that disclosing the Windows operating system source code could damage national security.
And aparrently, not disclosing the Windows source hurts M$'s bottom line. Guess we all know now where their priorities are (not that this surprises anyone). Wonder if we should start organizing anti-MS protests among vehement pro-American groups?
"Time flies like an arrow; fruit flies like a banana." --Groucho Marx
While I can see how this will help China discover unintentional backdoors, this won't help them against intentional backdoors.
There was an old hack which Ken Thompson used to give himself access to all Unix systems, as a proof-of-concept of why you shouldn't trust source code. He didn't modify the Unix source code. Nor did he modify the C compiler used to generate the Unix binaries. He modified the C compiler used to compile the C compiler. Full source code access wouldn't help you see the exploit.
Details are atn ed /thompson.html.
http://www.wbglinks.net/pages/reads/hacksexplai
China doesn't have the rights to compile the source code they get. Even if they do (and I'm sure they will, if it's of any use to them) they won't be able to verify that the code is free of intentional backdoors-- because presumably it requires M$'s compiler. Even if they get access to the compiler source code (and I don't think they do) they can't verify that it doesn't have a back door.
If I were China I'd be afraid that the US government has hidden an exploit in Windows. That may seem paranoid, but security folks are supposed to be a little paranoid. I wouldn't trust Windows, source code or not.
Come to think of it, I wouldn't trust the American-designed processor, BIOS, disk controllers, RAM, keyboard controller, chip design tools, etc.
since they gave it to the wrong people. Whats Microsoft going to do, sue them, yeah like they will win. If G Bush wants to defuse N. Korea then China will win.
True.
Also true, but to fully complete your analogy and make it applicable, how would you feel about someone reverse-engineering your closed-source app and releasing their own open-source version? Applying the views you expressed about book authors writing about concepts, I would tend to think that you would have no problem with this practice. Right?
--K.
Sig: Bad people happen. Try to avoid being one of them.
wonder how long it will be before they find that "scam" going on between intel, the memory manufacturers, and microsoft:
/* 32MB */ /* 96MB */ /* 128MB */ /* 256MB */
... ... etc.
if (version == NT ) {
delay_loop_count = 100;
big_array_bytes = 32000000;
}
else if (version == W2K) {
delay_loop_count = 1000;
big_array_bytes = 96000000;
}
else if (version == XP) {
delay_loop_count = 10000;
big_array_bytes = 128000000;
}
else if (version == DOTNET) {
delay_loop count = 100000;
big_array_bytes = 256000000;
}
waste_space_array = alloc( big_array_bytes );
random_fill( waste_space_array);
mount_C_filesystem();
sleep( delay_loop_count );
init_gui();
sleep( delay_loop_count );
get_user_command();
sleep( delay_loop_count );
Every version seems to take more and more memory, but seems to provide less and less increase in functionality, and is slow enough on older hardware to *force* an upgrade. There *must* be a reason! THE TRUTH IS OUT THERE!
Seriously.. does anyone out there *really* need a 3GHZ machine to run Office and browse the web?? I mean *seriously*. My "new" desktop is a 1ghz box I snagged free from work, which I'm going to put my *legal* copy of W2K on, and then make my current 550Mhz box *another* free-unix box (NetBSD, actually).
my god, that's almost exactly what I was going to say. Decided to do a search for Neuromancer first.
Wow, than Microsoft doesn't know China well enough. :-)
They copy everything that can be copied and I sure hope they do continue what they are good at
why do SO MANY PEOPLE completely miss this point. I mean, no offense to the parent, but this would seem a pretty obvious point.
If you can't connect the source to the binaries you are running, you can't say you have access to the source.
Maybe the majority of people really do not understand the very, very basics of programming.
One more reason that programming should be a required subject to graduate high school . . .
Sdelat' Ameriku velikoy Snova!
Nah, you will have to do better than that, Mutlu would have said something more like 'these transparent lies only reveal your bottomless stupidity.'
The EFF only have half the story. The person 'working' for AT&T who called himself Hasan Mutlu was connected to the plot. However Mutlu was not his real name and AT&T was unaware that he was working for them. Mutlu was not acting alone there were several people involved including co-conspirators in England and Germany.
That is why the serdar argic posts were created at a far faster rate than the Mutlu posts.
"Mutlu" disappeared after certain inconsistencies were pointed out to the INS as did 'CoSar' who was alleged to be the sysop.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
No, the US has various parts of the Air Force, which isn't anywhere near the scale of what China's doing.
Plus, the EP-3 and its crew members landed safely in China, unlike the Chinese PLA plane that collided with the EP-3 and crashed into the South China Sea. The Chinese accused the Americans of crashing into their plan. Americans reversed the claims. While the Americans were worried about getting the 24 crew members back (they did eventually along with the plane), Chinese citizens were pretty pissed about their dead pilots. Hence the good deal of anti-U.S. sentiment that went into some strains of Code Red.
The earlier bombing of the Chinese embassy in Belgrade also contributed to the anti-U.S. sentiment.
Opening the source to China is to a single foreign organization. Opening the source to the courts during the MS anti-trust trials makes it a matter of public record and EVERYONE can get it.
and all of my sensitive information goes on my linux box.
> Now China gets to see the source, and we don't? Wouldn't that put them at an advantage over US companies that can't audit the code for security holes?
;-)
Do you know how many US (and non US) companies have the Windows source code now? Do you know how many US (and non US) companies sign strategic (and not so strategic) cross licensing contracts with Microsoft (and some of them include full source code disclosure) every year?
Try the news or ask some universitys CS department how (not) hard it is to get the source from Microsoft.
So the question why "you" -- i assume you are an US citizen -- will not see the Windows source code is missing the point. You will not until someone posts it somewhere -- nor will the average chinese geek/forum addict/slashdot troll.
b.t.w. greetings from _OLD_ europe
I say we all start a slashdot collection for money to bribe the chineese governement with to give us their code. Once its out M$ is screwed and the free people of the world will finally be free.
"It is not how things are in the world that is mystical, but that it exists." -Ludwig Wittgenstein
hi,all, I'm writer. I interview a Chinese famous academician of Chinese Academy of Engineering 28(BeiJing time)about the agreement of GSP,this is his opinion I got just now,for your referrence : ££ Ken Gao: The GSP initiative proposed by Microsoft is a progress with respect to the previously closed source of Windows. It is also the result of competition caused by Linux. However, the nature of share source is totally different from that of open source. There are constrains exist with share source. As compared with open source what share source provided is merely a limited, partial openness. You really can't get the full freedom that the open source counterpart provided. It remains to be seen if such openness could relief the security concern on Windows platform. Besides, there are still issues on monetary, on the promotion of China domestic software industry. Recently the Law of Government Procurement in China is in effect. Its related regulations are also to be announced. Thus, the promotion of domestic made software as well as Linux will be enforced by law. As a result Linux should have a bright future in China. ----Chinese Academy of Engineering Ni GuangNan(former Legend Group CTO)
--I can't show you an example right now,(I will just presume you could find these with google) but I remember reading the US government admitted to doing a lot of official cyberwarfare against serbia when we invaded kosovo and bombed serbia. That and using the physical e-bombs that used carbon filaments to take down their electrical grid as much as possible, etc. Right now they also have an active psyops disinformation program to disseminate false news stories in broadcast and print media, on the net as "news" and in forums and chatrooms. It's just an outgrowth of propaganda leafletting and radio broadcasts. That would be separate from say civilian police actions against kiddie porners,etc, I am talking about pure political stuff run by the military or state department paramilitary spooks, so I guess those two examples count as state sponsored cyber warfare or terrorism.
[quote]Also true, but to fully complete your analogy and make it applicable, how would you feel about someone reverse-engineering your closed-source app and releasing their own open-source version? Applying the views you expressed about book authors writing about concepts, I would tend to think that you would have no problem with this practice. Right?
[/quote]
This is already done, all the time. A good book-related analogy would be simply a book that comes to the same conclusions, possibly even using the same methodologies, but phrased and presented differently.
The software equivalent might be Gaim and Aim. both have exactly the same ends, and use similar means to get there, but are not identical, and thus should not be a copyright violation.
--I can't say the reason for sure, but can guess. Last year microsoft execs have gone all over the world making offerings to governments who have made noises about going to linux. Soon thereafter, there's microsft at the door offerring either cheap software, free software, or in some cases, that plus now the source. It certainly appears to be an attempt not so much to get market share, but a desperation move to hang on to any market share they have. They have to think day to day, medium term, and long term. Medium term and long term just isn't looking too good for them, in my opinion. The computer world moves quickly, several large nations switching from microsoft could cause a snowball effect with other nations, and various corporations, and it could literally happen in one year. There's nothing magical about microsoft, there's been a lot of hugely successful corporations go bust or near bust, and do it quickly.
Frankly, I really don't give microsoft much longer to retain their large business model the way it's set up now. Most people do, I am merely guessing and disagreeing. Partly is security, their's is dismal and you have to be living in a mud hut out in some bushlands someplace to not know that. The other is economics, the entire world's economy is slowing dramatically, all companies and governments are instigating measures to cut costs, broadly speaking. Microsoft's products are just too expensive for what they do.
but you hardly read it on China Media£
--the trial was a jokeski, basically soap opera. What everyone expected-mostly-happened. They got found guilty but got a slap on the wrist. This is similar to most trials involving extremely wealthy parties. The basic rule of thumb is, the larger the intrinsic "worth" of the trial in terms of public impact, notoriety, financial concerns, etc, the less of a fine or sentence occurs as a percentage of the defendants net worth. Example, joe nobody breaks into the local store, gets caught stealing something. He'll pull jail time. He'll pull time in jail even before the trial, at least until bail is set if he even is offered bail that he can meet. At a minimum he might get say half a year in jail, totally not making money and in prison. I am being rather random here, but just to make a point. Large concern A or extremely wealthy international personage B, does a crime or series of crimes that is 10,000 times bigger in terms of "worth" than the small store burglar. Chances are high the large personages or corporation would get a relatively small proportional fine, his corporation won't be seized or dissolved, etc, and probably no actual physical presence in any prison.
I am also thinking in the real world of planet earth, that even if you are a high level judge, when you are talking literally BILLIONS of dollars at stake, that there are probably a lot of political and personally practical carrots and sticks that apply to "judging". None of those will ever be acknowledged in public, and would be denied if the question came up. It's like turn it around, put yourself in the judge's place realistically, exactly how physically safe would you feel for yourself and your family if you were ultimately responsible from removing the income stream from tens of thousand of people, many of them billionaires and multi millionaires, and of who knows how many shareholders who would lose more x-billions of dollars as their stock would be worthless and unsellable shortly? Would you ever really feel even remotely safe again?
Poor Microsoft. Maybe someone should sic the law onto Microsoft again. Perjury this scale is surely a crime - maybe even treasonous.
"I his bow, and spun and wove, likes you." Vere de Vere out of my mould's mouth dragged me of the voluntary apes.
The problem is that the PRC is still a Mao Zi Tong style communist state. They control everything. Have you ever lived there? There's no "make people depend on them." There's only "require obience or disappear." There are no high obligatory taxes, because the state determines profession, pay, and housing. There's no suing people, only swift and merciless justice. They do not try to monopolize services, because they are the one and only provider, unless they, for some short perion of time, decide to "open the door" and let competitors in until they actually become competitive. Ask any of the US aeronautical companies who went in their around '86 how they feel about the situation there. Whatever MS has done, it pales in comparison to the slaughtering of untold millions of people simply because they were educated.
Put simply, I wholeheartedly disagree with you.
Put identity in the browser.
The fact that this spy network can be created and operated for years without public knowledge suggests to me that they aren't being entirely honest with us. I'd be willing to be a large sum of money that the US also has a large computer warfare department. You have the best military in the world, so it follows that electronic warfare is also pretty advanced.
Xix.
"Everything is adjustable, provided you have the right tools"
Jim Allchin swore under oath that disclosing the Windows operating system source code could damage national security.
Yeah, but when was the last time you heard of a virus from Asia? Oh wait...
Submit a patch! ;-)))
Learn from the mistakes of others. There isn't enough time to make them all yourself.
Seriously, wouldnt microsoft have considered all these issues? They arent that dumb and go to china and give their source code like that...there must be a huge deal behind this entire thing...its seriously is a big time conspiracy..u dont see microsoft going to chine and saying: "Hey, we want to give our source code to you for no odd reason" think about it...
"Human beings are a disease, a cancer of this planet..and we are the cure"
Correct. Reverse-engineering is fine by me. If someone sees my product, and says "Hey, I could do that", and then proceeds to do just that, even if they use my product as a model, then that is just healthy competition.
There are no tiger attacks in my area and it's all because this rock I'm holding keeps the tigers away.