Slashdot Mirror
China Prepares To Examine MS Windows Code
Stargoat writes "CNet reports that China is looking into MS's source code for Windows. They are looking both to increase security as well as perhaps create a Chinese version of Linux. Or are they perhaps concerned with rumors of deliberate holes left in the software for the NSA to exploit?" Here's an earlier Slashdot post about the Microsoft-China agreement.
I would think the NSA would be able to infiltrate Chinese gov't mainframes, whether they be Windows or Linux, without a need for pre-built-in backdoors.. I hope.
"We need to get over this notion, that, for Apple to win... Microsoft must lose." - Steve Jobs, 1997
What do you bet that a new form of Wine/Linux will show up in China with much better capabilities!
I prefer the "u" in honour as it seems to be missing these days.
looking at Windows source code help with a Chinese version of Linux?
When I am king, you will be first against the wall.
...and then they have to pay license fees to both microsoft and SCO?
whats the use of inspecting some offsite code when you have ABSOLUTELY NO WARRANTY that the code you're looking at is the one that is delivered in your compiled version?
In my language we have an expresion for that, that could be roughly tranlated to trying to stop the wind with a fork.
I'm trying to get modded "Interesting Flamebait Informative and Insightful Redundant Troll" *-* Please Help *-*
Don't know about any backdoors in Windows, but we all certainly have reason to distrust any OS sponsored by the Chinese government. They may have adopted a friendlier demeanor, but the folks who gave us Tiananmen still run the place.
-- Slashdot: When Public Access TV Says "No"
Then the entire security model rests in NSA translators knowing the traditioonal chinese word for RCP and the servers having enough bandwidth to support VNC or Terminal Server.
The NSA won't bother with any backdoors beyond a possible inclusion of Systram translation software.
You can't judge a book by the way it wears its hair.
If you were concerned about intentional holes in Windows permitting sekrat U.S. government access, wouldn't a properly configured firewall make the point moot?
It would be interesting to see if the Chinese can type 'make' (or whatever is the MS Windows equivalent) and end up with something that is bit wise identical to what MS ships as part of a standard distribution. If they cannot do this, one has to question why not ? and we will be left with the suspicion that there is something that MS doesn't want the Chinese to see (be that different MS or NSA code).
2) Besides, being closed source and microsoft, are they going to be able to [practically] compile windows and compare it to the actual version? Why do I doubt it?
3) even if you get to look at the source, then you'd have to look at the source of every security patch that comes your way too, because otherwise you can just put a hole in one of your patches and pretend it fixes such and such. I mean, it's not like this hasn't been done before (Germain police, Java Anonymous Proxy).
But then again Microsoft is probably just doing this for show anyway - bribe a few key officials so that there are too few people with too tight a schedule to examine all-too-much of bloaty code, and there you have it - "oh the code was examined and was ok" even though it's just a formality.
I say stay away from Microsoft on principle when you need to be sure that you are secure.
My life in the land of the rising sun.
reports have said that the search for backdoors installed by national intelligence agencies is also among the aims of the agreement.
MS drone Bob: Did you remember to send those CDs of the source code to the Chinese?
MS drone Dave: Yes, I did it this morning. Posted it Express delivery!
MS drone Bob: You did remember to send the version with the backdoors taken out, didn't you?
MS drone Dave: D'oh! [Slaps forehead]
Microsoft has announced GSP agreements with Russia, NATO and the United Kingdom
hmmm. Last I checked, the UK was part of NATO. Unless, of course, they are talking about two separate organizations. IE, the NATO offices and the government offices of the UK.
It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.
Just because China is viewing the 'Windows sourcecode' who says it's the same sourcecode they receive on their CDs?
Comment: Yes I realise the username 'fuckfuck101' makes me sound intelligent, no you cannot buy it from me.
Soon to be chinese linux advertisements with phrases like... "The System Operating your computer to run good make!"
*There's Klingons on the starboard bow, scrape em off Jim!*
Would I trust Chinese binaries? No. Chinese source code w/o an NDA? Maybe.
tasks(723) drafts(105) languages(484) examples(29106)
or use parts of it to make similar products who is going to stop them?
:)
I don't have a problem with countries being allowed to inspect the code of software being used by their government agencies, I do have a problem when it is done by a government that has not proven it can be trusted with another's IP... or worse, one with nearly no respect for another's IP.
This is not very different from certain South American and African countries that demanded and received the formulae to certain drugs and then turned around and started making their own.
If the review is benign then great, but honestly, I wouldn't trust China with anything of value.
* of course letting them incorporate windows into their system might be some ultra-right wing conservative plot to topple them
* Winners compare their achievements to their goals, losers compare theirs to that of others.
With all that in mind, I'd say any advantage the NSA can get, it would take. And with THAT in mind, I think it's perfectly reasonable for the Chinese government to fully inspect any operating system it may run.
Luck favors the prepared, darling.
"Yeah, all of these security problems are there because the ... N ... S ... A? Yeah, the NSA asked us to put them in." -- Discussion about submitting a story to Slashdot at a Microsoft PR Board Meeting
My blog
What about them running windows update with these machines. In 6 months time and after many security patches ;) the code is not going to be the same. So what is to stop MS coding something in a patch that restores any backdoors that they might have removed? Is the Chinese government going to examine the code for every critical update and service pack it installs?
(\(\
(^.^)
(")")
*This is the cute bunny virus, please copy this into your sig so it can spread
Looks like the Chinese Government is going to have to do their own compile and compare binaries ...
... heh heh. Yeah. Right.
*pffftt*
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
1) MS shows Windows source to China, then produces kick-ass version of Linux. Kick-assedness taken back into mainstream Linux, thanks to the GPL.
2) MS has a look at shiny new-kick-assedness Linux source (hey, its open!), spots something similar to the code they showed China (or similar enough to please a finned lawyer-shark), sues everyone who ever used Linux, everyone who ever met them, and some people who look like them.
3) Profit!!! (by destroying, or at least hurting, many Linux vendors, and setting back the 'political' progress Linux has made with big business.
Clearly a level of exaggeration in there, but I wouldn't put it past those wily scoundrels at MS to be hoping for something like this...
Game dev and music blog
I think they are not looking into making a language change to Windows. I think they are looking at adding Windows API's into their home brew OSS. That way they can run all the popular apps without the MS tax, BSA, Viruses, Exploits, etc.
Think about it. Who wouldn't want a Linux that would run nice Win apps natively, but had all the exploits left out? I would love to run the software that came with my GPS, Digital Camera, TOPO maps etc on my Linux box. It would be even better if at the same time, it couldn't run VBS, Outlook, & IE exploits. I wish Windows had IP chains and other security. Windows 98 SE won't even let you use Dial up, then seamlesly transfer to a LAN and back. Configuring the LAN to use the router gateway breaks the dialer. I have to unconfigure the Gateway on the LAN to dial up my ISP. Why does the dialer use some of the LAN adaptor settings? Buggy... To repeat, would love to ditch Windows bugs, but keep some of the favorite applications.
That's why I have 2 machines side by side with a keyboard/monitor/mouse switch.
The truth shall set you free!
I haven't seen anything reported on Slashdot or anywhere else that would "solve the problem of software piracy" and make China a huge market for Microsoft at the same time...
--Mark
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
Don't know about any backdoors in Red Flag Linux, but we all certainly have reason to distrust any OS sponsored by the American government. They may have adopted a friendlier demeanor, but the folks who gave us Hiroshima, Nagasaki, Vietnam, the genocide of the First Nation, the CIA-sponsored overthrows of democratically elected governments in various South American states, the illegal invasions of Iraq and Afghanistan, and the lovely freedom of Guantanamo Bay still run the place.
Considering China's respect of Intellectual Property, and their desire to create a custom version of Linux to break the Microsoft monopoly, What is to prevent China from looking at the Windows Source, and then taking the good parts out and inserting them into Linux (or derivative utilities). What if they saw how the whole Active Directory authentication stuff worked, and enhanced Samba?
I mean that could really be interesting. Genuine MS protocols in the Linux kernel. Microsoft would be pissed because of IP theft (ala SCO). But what could Microsoft do? Sue China?
Microsoft presents "sources of windows" to China.
Source gets examined. No backdoors are found. Code is accepted.
Microsoft sells binaries to China.
Difference between what appears after compilation of presented sources and what is in the binaries gets blamed on compilers... Backdoors are present on all copies that were sold as binary and not compiled from the "cleared source" by the chineese themselves.
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
You can tell much of the FUD about looking at Windows source and integrating it into Linux comes from a Flock of Psycho Chickens and their non-programming brothers. How in the name of all that is holy will the Chinese look at the source code and create their own Linux? Can anyone, from a programmer point of view, enlighten me on the subject?
Did not Germany do this about two years ago?
I spent all of about 5 minutes searching fruitlessly for a link, but I vaguely remember doing a bit for WABCRadio a couple years ago about German Parlaiment demanding to see the source to M$'s XP code. Of course for them it is a moot point now, but my contention now is the same is then: what government official in America do you know with a good understanding of what source code even looks like, much less what a security hole looks like?
I can't even begin to imagine what a congressional subcommittee would do with pages upon pages of XP Source code, much less a German parlaimentary committee, or whatever the equivalent is in China.
goto http://rizzn.com
Interestingly, rediff is reporting that the India govt. has not shown any interest in the offer made to it
Atleast so far:)...
No, Microsoft would sue all of the users who used this new version of Linux with stolen IP. And round and round it'd go.
Users would claim no source was stolen, Microsoft wouldn't say what was stolen, and you'd be hearing about it for months.
They are looking both to incease security as well as perhaps create a Chinese version of Linux.
If they want to create a Chinese version of Linux, looking at Windows source code is the last thing they want to be doing surely?
-= This is a self-referential sig =-
I'm going to beat on the conspiracy drum just a little bit... I think so far all the comments I've read missed this little tidbit:
Given the source, and given their manpower, and given all the recent news in security forums about how full of holes Windows is... if *you* got access to the source of the OS that the U.S. Federal Government is using, wouldn't YOU be spending every waking moment of all YOUR software hackers trying to find ways to exploit vulnerabilities in Windows? It would not take more than a few infected computers and poof! there go parts of the U.S. Government... and the British and any other country fool enough to trust Microsoft "security."
Admittedly, they have a tough job ahead of them, since nothing like the security they need has ever been seen on such a scale before in all of human histor... oh wait a minute, I forgot about the BSDs... whoops! Sorry about that! (Yes, I know they've got their holes, too, but those holes are much fewer and far between!)
Given the sheer numbers of the computers that have Windows on them that the government uses, the probability that *all* of them are secure and protected from attack via an email or a web viewing with IE is absolutely zero.
I know this *sounds* a bit kooky... but it's also realistic enough to be believable.
I read the article and noted that other governments are also talking with Microsoft... but China appears that it's going to be the first, and this concerns me.
"Sometimes the truth is stupid." - Lawrence, creator of Prime Intellect
thinking about using Windows considering this incident.
What I want to know is how long until this show up on the Warez sites? China is notorious for piracy. Just imagine, no one would need Wine anymore. You could just compile Windows support right into linux. You could call it Chinlindows.
...it will just put them into its back pocket, and save them for the next time it wants to shut down the State Department.
Sure the Chinese invented noodles, but only Italians can truly appreciate spagetti code at its finest.
From excellent karma to terible karma with a single +5 funny post...
Microsoft has announced GSP agreements with Russia, NATO and the United Kingdom.
.da.ru site very soon ... or at least in some of the more popular p2p networks :)
I predict the appearance of the windows source code on some
Did anyone else notice that it was soon after Balmer testified in the anti-trust sit-com about how revealing Microsoft's source code would be a national security threat, that China and several eastern European countries bought into Microsoft's Shared Source inititive?
i think most of the posts here are missing something. if the chinese government is not trustworthy enough to follow the microsoft nda's, then why should we expect they would follow the gpl? if they do decide to make a home-grown linux-based os, what would require them to publish their sources? which court would you sue them in? the hague?
I thought that the US Government didn't get to inspect the code. Why does MicroSoft allow China to inspect that which the US can't? Isn't this essentially giving the Chinese goverment insight into Windows that even the NSA doesn't have? Doesn't that essentially give them an advantage for dealing with windows? Has Apple computer signed a simmilar agreement? Why doesn't China just switch to OSX?
[signature]
[Disclaimer: I'm not involved in any negotiation or anything, just heard this from someone whose boss is an insider. So take this with a big grain of salt!]
Actually, it's not exactly true. Here are a few of the conditions that have been brought up by China, the main reasons being that China must be able to verify what MS claims.
I've not asked about the issues about the patches, as I consider it to be a waste of time, and China should be concentrating money and energy on improving Linux, or heck, if we don't want to release the code changes, we can take one of the BSDs too.
I remember during that circus the Feds put on called a monoploy trial. That either Billy boy or one of his minions said realasing their source code would be a national security risk. what a bunch of lying bashturds.
My karma is not a Chameleon.
I cannot even begin to think how large a US national security risk this is. Our military is highly dependant on MS systems. To have foreign nationals peering at the code that runs your military systems is just simply unnaceptable. Having source to the system does not necessarily cause a breach but it sure does help. Proprietary operating systems are a national security risk and should be treated as such.
Got Code?
Can all this fuss surrounding Red Flag linux just be a ploy to get MS to give China full and compilable source code that checks against the stuff in the stores? Many companies have been playing the "well we're thinking of linux for our servers" game to get discounts from MS.
How real is red flag linux and how serious are the Chinese about making it their national OS?
What will be easier to read for us?
Windows source code or Chinese?
My guess is Chinese...
I want my karma, and I want it now!
And what currently existing OS would that be?
but the folks who gave us Hiroshima, Nagasaki, Vietnam, the genocide of the First Nation, the CIA-sponsored overthrows of democratically elected governments in various South American states
Yeah, see, here's the thing about democracies. The governments who "gave" you those things are gone, not "still there."
It's amazing how Slashtrolls insist on denying and trivializing the brutality of the Chinese dictatorship by making bizarre analogies to the US. On Slashdot, every enemy of the US is my friend.
Does any country REALLY think they are getting the full source code? Hmm, lets look at some of the steps of the MS OS govt. release procedures
...
1. Remove nsa.c
2. Remove sendMSInfo.c
3. Remove
MS said that "some" code is removed for "security" reason. So any govt. that looks at the code and gives it the OK, does not really know what that missing code is doing when they use the commercial OS. Now if the govt. was allowed to build their own version of MS Windows based on the code the were given, then I think more govts would be a little more at ease over the deal. I personally think China will look at the code to try to make their Red Flag Linux more compatible with proprietary MS protocols.
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
It is called Red Flag Linux and has been around for a couple of years.
I've never understood the kind of schiznophrenia that /.'ers approach NSA with.
On one hand, they wrote SELinux, which _no one_ has been able to find any deliberate backdoors in. It is exactly what they said it was: a security-enhanced, hardened Linux.
Yet, on the other hand, we accuse NSA of rigging Windows with backholes for them. Can we at least make up our minds on whether NSA believes in deliberate backdoors or not? It strikes me that the only "evidence" of an NSA backdoor in Windows was the infamous NSAkey brouhaha, but this is _hardly_ hard proof of anything.
If NSA can use a backdoor, then so, theoretically, can enemy governments. That's hardly good security, and if there's one thing that NSA knows, it's good security.
-Erwos
Plausible conjecture should not be misrepresented as proof positive.
And I guess all those virgins are just SOL if the drugs are too expensive. Oh well, after all, it's their own fault becaue "they should have said no"/"the way they were dressed they were asking for it"/some other equal stupid expression that misses the realities of the situation, right? Are you saying that all those innocent people deserve to die a "long, horrible death" just to teach a few people a lesson?
In the long term, education is the only solution. In the short term, it's not much comfort to those who have had a death sentence forced upon them.
If India were to engage in such an exercise, the righteously indignant slashdotters
1. would wonder at the reasons for doing so even though all jobs were going to India,
2. would claim that even though they were not generalizing, Indians in general aren't creative and why all jobs were going to India,
3. would write a horror story or two on how their jobs were taken over by the Indians and they had had to train them before being laid-off and why all jobs were going to India,
4. would narrate their experiences of living in India and wonder why all jobs were going to India.
Thanks God it's China that's doing it and no, no jobs were transferred to India by the Chinese.
Oh, the Chinese government are looking into Windows code for exploitable holes, and I've no doubt that they're looking to increase security for their own version, but don't count out the possibility that they're looking for those exploitable holes to launch electronic attacks at the US and other democratic, capitalist nations. China has a long history of using American technology to prevent the spread of ideas and democratic ideals -- for instance their custom-built -- by Cisco of all companies -- filter/firewall devices.
This should have been a red flag -- no pun intended -- to everyone the minute they bought the code.
(How exactly does one punish the largest software company in the world for treason?)
Ed R.Zahurak
You know, oblivion keeps looking better every day.
I would suspect two other goals would be generating PR and taking developers off of more useful projects.
The main purpose, however, looks like it is to get development teams out of circulation via NDAs that taint them in regards to future F/OSS development. F/OSS is where China, and Asia in general, is currently heading.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
As with the AMD Elan - China I'm sure, will be taking copious notes on the design of the windows operating system. China has in the past attempted to create their own windows 98. Lacking 10 years of development time to bring China 98 to market - they will do the next best thing... or maybe they just want to see if it really IS spagetti code.
... China laughs.
Bill Gates would be like, "it wasn't supposed to be funny!"
But it is.
j.
Until China can take the source code, compile into binaries and distribute, they should NOT trust the creators of the programs to deliver them the "real" and "true" source code for what they may be running.
Would YOU trust someone who says "here's the program" and then "here's the source code, but you can't do anything with it other than just look at it"?!
"To make a mistake is only human; to persist in a mistake is idiotic." Cicero
MODERATORS: Before moderating parent down for being redundant, check the timestamp. It comes before any other post on a related subject. Just because Slashcode sorts the posts in a different order later, doesn't change WHEN it was posted.
Are the Chinese sure they'll be looking at the version of the source code that compiles to the shipped software? Or might they get a peek at the cleaned up code without the security holes.
OK, conspiracy theorists! Start your engines!
CUR ALLOC 20195.....5804M
We should try not to forget that during the MS antitrust trial, MS VP for Windows Jim Allchin testified that it would be a threat to US national security for the code to Windows to be revealed:
A senior Microsoft Corp. executive told a federal court last week that sharing information with competitors could damage national security and even threaten the U.S. war effort in Afghanistan. He later acknowledged that some Microsoft code was so flawed it could not be safely disclosed.
Now, they are showing this same code to the Chinese government? Has anyone asked them why this should be OK? Are they trying to endanger US interests with a fierce competitor? Or were they blatantly lying at the trial? And in either case, is anybody going to do anything about it?
I have to wonder if the Windows source has been made squeaky clean in the way of comments. IIRC, the Linux codebase had some interesting comments that gave you some insight into the mood of the developer when they were writing some chunk of code.
I can just see the puzzled expressions when they find things in the Windows source:
Yes, I know the stupid conditional should always be false, but shit happens. */
"Provided by the management for your protection."
Do what any good professor would do to an attractive maths student,
subtract her clothes,
divide her legs,
and give her the square root!
Like the chinese care about what NDAs are signed in their government laboratories!
It is true, if some of the code written in those laboratories comes BACK to the US, MS might be able to throw some harassment lawsuits at people who try to use it, but how far will they get?
Besides, MS needs attack dogs (like SCO,) to make legal threats for them, doing it directly is too much trouble.
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.
Prepare for a FLOOD of new M$ attacks from China and Korea.
Personally, I blackhole all Asian IP's at my firewall. Not that it matters because I don't use M$ but the attacks do task your resources none-the-less..
We're too busy playing "enlightened liberal" and trying to feel superior because we're against the grain by being overly critical of American actions and ignoring the atrocities of foreign countries! Stopping WWII after being attacked out of the blue (so much for isolationist America) is now an aggressive evil.
It's okay for Saddam to have stayed in power and continued torturing and stealing from his own people, because then we wouldn't have gone in "illegally" to overthrow their government.
"Sufferin' succotash."
Given China's track record of human rights abuses and not respecting copyright law ... How long till I can download the Windows sources from Kazaa? :-)
With this fine alternative, there's no need to steal MS code, unless you're using it to improve the comments in the code. Engrish comments are probably detrimental to maintenance efforts...
Having worked closely with Chinese developers (and companies) in China, Hong Kong, and Singapore over the last ten years I can tell you right now what the outcome of this inspection will be: "We can do it better!"
They have absolutely no intention whatsoever to buy or use Windows. They will develop their own OS (probably based on Linux) and copy anything and everything they can from Windows while proudly proclaiming that they did it all themselves, and that it's much better than that "imperialist crap" from the West.
from what deal outlined in the sources of the posts before before, the clients will have a special browser that views the source code. it wasnt apparent that there would be any source like we would see it. just viewing like a cvsweb view.
members are seeing something, your seeing an ad
and it's impossible to only put backdoors in the chinese version? can i get an 8th of what you have?
Actually many commercial companies that grant access to source, strip comments out, especially the funny ones.
See my journal, I write things there
Just like everything else on this continent, people will trade security and safety for minor convenience. Apparently the Chinese are thinking ahead a bit.
Luck favors the prepared, darling.
Unless, perhaps, if you are responsible for the information infra-structure of the most populous country in the world.
When Chinese worked on U.S. government atomic warheads, China soon had a design very much like it. Now that Microsoft is showing its source code, does that mean that there will soon be a Chinese version of Microsoft Windows, not owned by Microsoft?
Will Bill Li soon be the richest man in the world and complain about governments stifling innovation? Will Bill Gates then say that it doesn't really matter?
right, get people to clean up your mess and debug your entire flawed buggy poor security OS for free
my blog
Only they copied the hardware, too. I guess the intelligence was much better. Hint - in most cases they didn't even have to reverse engineer.
build
As far as I know. They build (and test) it several times a day. Probably every check-in causes at least a partial rebuild and test verification.
Please tell me what is insightful about the parent post? I can understand American fear of China as a "vaguely understood communist threat", but eastern Europe???? Has it not yet sickered through to mainstream USA that the cold war is over? J. fucking Christ, the fucking stupidity here amazes me at times.
Viewing the source code is an excellent way to understand how the program works. It removes the need to guess on how the code operates and more importantly, how to design better exploits for said code. If you "know" how an operating sytem works first-hand then you can design a better manipulation of the operating system (i.e. backdoor, virus, etc...). Perhaps this provides the Chinese Government with an opportunity to create a more effective strategy involving electronic surveilance and electronic information gathering.
The Chinese Government would need to be stupid to not take advantage of this opportunity. The Chinese Government, to my knowlede, is not stupid.
To know is to have knowledge....to understand is to be enlightened.
Would it not be nice if the Chinese government arbitrarily said: Screw your NDA. It is invalid here. We will break your monopoly. ... and then proceeded to publish MS's source code on the web or somewhere similarly convenient? Just imagine the end of embrace and extend. Compatibility would be a reality again.
This would be a much better solution to the antitrust violations than the US government is willing to implement.
China has screwed over corporations this way before. One can always dream that they would do so in such a way that would be beneficial to everyone (well, with the exception of MS employees and stock holders, of course).
All data is speech. All speech is Free.
All those who go on the patriotic road of claiming China is evil or the USA is evil and therefore one should support A or B is perhaps ignoring what probably is going on.
Firstly Microsoft is a huge business with a vested interest in selling Windows wherever it can. That means that it is in Microsoft's interest to satisfy government customers, whereever they may be, be it the US government asking MS to allow NSA backdoors in foreign (or all) versions of Windows. It also means that Microsoft will, at least on the surface, attempt to satisfy large foreign government customers in showing them Windows source code, although how they will get around the backdoors, if they are there, is a mystery to me.
Secondly, China has good grounds not to trust US companies in matters of security. There is a well known story of Boeing supplying a new jet (777 or 767) for the Chinese government that sat on the runway in China for months after the Chinese discovered more than 50 spying devices on board. On top of this China (and most of the rest of the world for that matter) has good economic reasons to want to develop an indigenous software and hardware industry. Buying Microsoft software only sends revenues to the USA, which is not in most countries economic interests.
I suspect China will carry on down its (ostensibly with proprietry added features) Linux road as it means greater freedom and power for them.
Such things (group trips to this hotel and others) are not unusual for perverted Japanese men who want a break from the normal Japanese whores, apparantly... ...but in all seriousness would a 'high-class' prostitute take part in such an orgy... no, the STD ridden ones (not to say the 'high-class' ones aren't STD ridden, just the low class ones for-sure are) would though, then these men take their new infections back to their wives, girlfriends, yet-to-be-conceived children.
--
FreeNET user? Comfortable with the adverse selection?
Not to be paranoid or anything. But, now that they have the source, they can find the weakpoints that a virus can exploit and proceed to create them.
...
:(
I mean it's handy to have the virus on hand in case US/ China ever get into a serious conflict and they wanted to cause some damage? Or maybe it could even be just one overzealous employee writing one to promote Chinese "self soverignty"
So US might be the only gov to not have the source
Will they be passing everything they learn on to the hackers attacking the Taiwanese web sites?
"Freedom means freedom for everybody" -- Dick Cheney
I was just about to say something similar. It's about time governments realize that security through obscurity in software isn't the way to go.
// file: mice.h
#include "frickin_lasers.h"
I hope that mantainers of open-source code will be extra-careful with any contribution coming from people that could have been tainted by looking at windows code.
Ciao
----
FB
Is anyone really buying this? Do you think a goverment with the resources of China does not have the capability to get Windows source? I mean, that code's floating around every second rate university this side of Krakow.
This story is obviously disinformation. Think for yourself, people.
Mod down people who tell people how to mod in their sigs
Why would the NSA rely on Microsoft to create security holes in Windows? If Microsoft cannot be trusted to patch holes they mistakenly placed in the OS, how can the NSA trust them to actually produce reliable security holes for breaching? I'm sure the NSA has viewed Microsoft code long before. All it would take would be to use Echelon's combined computing power for probably a couple of minutes and they could find all the hidden BSD code buried deep within...
"Right now, somewhere in this world, Scott Baio is plowing a woman he doesn't love," - Peter Griffin, *Family Guy*
bill gates will drag some linux company to court because there is stolen NT code in the linux source. It was probably snugged in by some chinees programmer that worked on the NT source code review, the plans are already layed out! by that time the SCO battle will just be finished, and MS will launch the second attack wave.
On a long enough timeline, the survival rate for everyone drops to zero.
> Why on earth would looking at Windows source code help with a Chinese version of Linux?
Maybe they can finally write an ntfs driver that can write reliably. (v)fat is dying
They'd BETTER not port Microsoft internals into Linux - or the rest of us better not accept their additions.
If you think the SCO suit is bad, imagine Microsoft suing - when they were RIGHT about having their IP lifted and would likely WIN.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
they will, of course, let Microsoft know about them rather than use them.
Microsoft's shared source program makes users more vulnerable than ever before. At least with Open Source there are a lot of eyes looking at the code who will sound an alarm if anything is found. With governments that's not necessarily the case; each one wanting to spy on the other.
The race isn't always to the swift... but that's the way to bet!
Oh, really? So you have read and signed one of these "shared source" agreements with Microsoft in the past, then?
Microsoft already has a wing of MS Research in Beijing, if I recall correctly. Why would it be such a stretch of the imagination to have a "build group" over there that produces Chinese-only builds from the same source tree that is open for government inspection? How do you know this isn't what is being done?
M$ gave them a copy of the TCP/IP stack that they have given all the schools over the world. big deal. M$ didnt even write it, it came from FreeBSD in the first place. Where is the progress in this world? ;)
No really, what a total joke. Would you trust someone who showed you what they *claim* is the source code, and then provided you with *their* binaries? If you don't compile it yourself, how do you really know? And even then, that's not an absolute guarantee that what you see is what you get (eg. if someone tampered with the compiler).
Or maybe CHINA wants to find and use exploits against American computers?
Maybe the NSA isn't the evil one in this story.
Browse at -1, because trolls are often the most creative part of
It seems like a waste of time.
Every month somebody finds on overflow exploit (slight exageration based on the double RPC patch).
Even if the source code was checked for backdoors, and then compiled in China, there would still be new exploits every month.
A hostile party would only have to study the binary and keep eploits secret until needed.
--
jpa
Hey,
:
:)
luckily we are in the 21st century and some things have changed in our societies even if GWB is still not able to accept it, so I'd say that there are only three things that matters here
- is she an interesting person ?
- know her real intention : is she serious or playing the seduction game ?
- make sure that if anything starts, you won't be influenced by your relationship with her as far as notation is concerned (if she's serious then she may wait a bit before anything really starts, so you might be able to jauge her a bit)
apart from that, well, that's life... it's short, live it with an open mind and just make sure you don't harm her or others.
IMHO, there's not much more to say there.
Oh, and good luck
Oh, shit.
:)
:)
I'm responding to an entirely offtopic post, dumbass me.
Well, it shows it's probably time for a new slashdot "geek social problems" section I guess
Now mod me down please, and while you're at it, give me brain cells too, I need them to read the whole page before replying next time
I have read the above thread, and I must say, as interesting as every comment was, we over-looked one significant issue: the resources.
The amount of resources required for undertaking a code evaluation of any kind, of MS Windows, is staggering.
Even if China is about to undertake such an immense project, and compile their very own MS Windows, supposedly hole-less (which would be a big step forward in security considerations) it would still not change the fact that:
A company willing to share the source code of a product they sell, already boost your confidence in the product. Now, would you be willing to spend money and resources on actually reviewing it? Not everyone is China. It might actually make more sense to make your own OS, like Germany did.
Even though the company that creates their OS has ~half a million employees, it is still a big step forward security-wise.
Like in every other security consideration, it's cost vs. benefit.
It would make China's life, and any hacker's life a lot easier to locate security holes in the OS once they have the source code, but compiling your own OS makes you feel more secure as well, no? Especially when you don't have to develop every driver on your own.