China Prepares To Examine MS Windows Code

Stargoat writes "CNet reports that China is looking into MS's source code for Windows. They are looking both to increase security as well as perhaps create a Chinese version of Linux. Or are they perhaps concerned with rumors of deliberate holes left in the software for the NSA to exploit?" Here's an earlier Slashdot post about the Microsoft-China agreement.

Would You Trust a Chinese OS?

[reallocate]

Don't know about any backdoors in Windows, but we all certainly have reason to distrust any OS sponsored by the Chinese government. They may have adopted a friendlier demeanor, but the folks who gave us Tiananmen still run the place.

not going to help

[lingqi]

1) as this post has pointed out, just because you get to look at the source does not mean it's secure. (the post is from Jeremy Allison on the security of Samba servers)

2) Besides, being closed source and microsoft, are they going to be able to [practically] compile windows and compare it to the actual version? Why do I doubt it?

3) even if you get to look at the source, then you'd have to look at the source of every security patch that comes your way too, because otherwise you can just put a hole in one of your patches and pretend it fixes such and such. I mean, it's not like this hasn't been done before (Germain police, Java Anonymous Proxy).

But then again Microsoft is probably just doing this for show anyway - bribe a few key officials so that there are too few people with too tight a schedule to examine all-too-much of bloaty code, and there you have it - "oh the code was examined and was ok" even though it's just a formality.

I say stay away from Microsoft on principle when you need to be sure that you are secure.

Re:and if they steal it?

[radja]

>This is not very different from certain South American and African countries that demanded and received the formulae to certain drugs and then turned around and started making their own.

that was a GOOD thing, saving thousands of human lives who otherwise could not afford medicine. withholding a lifesaving medicine for your own profit is not a very nice thing to do.

Would You Trust an American OS?

Don't know about any backdoors in Red Flag Linux, but we all certainly have reason to distrust any OS sponsored by the American government. They may have adopted a friendlier demeanor, but the folks who gave us Hiroshima, Nagasaki, Vietnam, the genocide of the First Nation, the CIA-sponsored overthrows of democratically elected governments in various South American states, the illegal invasions of Iraq and Afghanistan, and the lovely freedom of Guantanamo Bay still run the place.

Couple of questions

[tsetem]

Considering China's respect of Intellectual Property, and their desire to create a custom version of Linux to break the Microsoft monopoly, What is to prevent China from looking at the Windows Source, and then taking the good parts out and inserting them into Linux (or derivative utilities). What if they saw how the whole Active Directory authentication stuff worked, and enhanced Samba?

I mean that could really be interesting. Genuine MS protocols in the Linux kernel. Microsoft would be pissed because of IP theft (ala SCO). But what could Microsoft do? Sue China?

Timing

[Nishi-no-wan]

Did anyone else notice that it was soon after Balmer testified in the anti-trust sit-com about how revealing Microsoft's source code would be a national security threat, that China and several eastern European countries bought into Microsoft's Shared Source inititive?