Windows 2000 & Windows NT 4 Source Code Leaks

PeterHammer writes "Neowin.net is reporting that Windows 2000 and Windows NT source code has been leaked to the internet. More on this as we hear it."

it's true

[sperling]

A quick peek around indeed shows something named Windows.Source.Code.w2k.nt4.wxp.tar circulating, but this had to happen sooner or later, considering the number of institutions with access to the source. Wonder how long it'll take before a torrent of new worms using newly discovered security holes tear up the net.

I for one would love to peek around in this, more out of curiosity than any desire to actually do something useful with it.

Re:it's true

I wonder how long till hackers go in and fix some of the bugs. That's the real danger to microsoft, if the bugs were fixed people wouldn't have to upgrade.

Re:it's true

[Strudelkugel]

Seems a bit of a stretch to thing 'soft would have given all of these organizations the complete source tree. If they did, then I am far more amazed the source wasn't leaked a long time ago. It's a bit hard to believe 'soft licensed the entire build tree to anyone.

Makes a pretty good headline, though.

Re:it's true

[MenTaLguY]

I for one would love to peek around in this, more out of curiosity than any desire to actually do something useful with it.

I hope you weren't planning on ever contributing to any Open Source projects after doing that. If it's later demonstrated that you had access to the W2K source and contributed vaguely similar code (even by accident) to a project, it could have severe repercussions for that project.

I doubt Microsoft would leak it deliberately, but this does open the door to a whole SCO-esque can of worms from now on.

Re:it's true

[Marillion]

Sure the source code will make it easier to find exploits, but I've believed for a few years that "institutional hackers" those who have long ago reversed compiled Windows into something suitable for writting worms. How else does the Code Red author decide, "Hey! I found this buffer overflow routine in the unicode support for URLs in the IIS Indexing Server"?

There are probably paranoid governments who have teams who do this just this kind of work just to make sure those fabled NSA back doors in either are or aren't windows.

Re:it's true

[uradu]

> I for one would love to peek around in this, more out of curiosity

Morbid curiosity perhaps. Considering the amount of backward compatibility in there, and the generations of tools and code frameworks used over the past decade and longer, I would expect the Windows code to be a BLOODY MESS. In fact it would probably be amusing to just grep for comments--"what does the next line do?!" or "what the h3ll were we thinking?!"

Re:it's true

[sperling]

And that's exactly why I won't even consider downloading this. I make a living as a programmer, and if I have access to this source Microsoft, with the resources they posess, could make the rest of my professional life a nightmare.
As much as I'd love to peek around in this, I won't risk it.

Re:it's true

[Zork+the+Almighty]

I'm a little curious as to why you seem so uncomfortable saying "Micro". Actually, scratch that. I don't want to know.

Re:it's true

[pegr]

"Wonder how long it'll take before a torrent of new worms using newly discovered security holes tear up the net."

Speaking of torrents, anybody got one?

Re:it's true

[El]

So, if any Micro$oft employees have ever looked at Linux kernel source, they are no longer allowed to work on Windows 'cause now they are tainted? Either the sword cuts both ways, or not at all.

Re:it's true

[weileong]

Either the sword cuts both ways

You're assuming the law will be applied fairly and evenly.

Re:it's true

[LinuxGeek]

So, if any Micro$oft employees have ever looked at Linux kernel source, they are no longer allowed to work on Windows 'cause now they are tainted? Either the sword cuts both ways, or not at all.

In Microsoft's closed source world it would have been tough to know if someone had included code that was similar to something they had seen in the Linux ( or any other opensource) codetree. It will be interesting, if this windows code release (escape?) proves true, if any suspicious code is found.

Re:it's true

And that, more than anything else, is why this code leak helps the black hats far more than the white hats.

Re:it's true

It was a quiet nice evening couple years ago. Someone pointed me on IRC to 2 links on some unnamed (I won't tell) microsoft.com server. 2 huge .tar.gzs, totalling couple gigabytes. The Windows XP source code.

The links circulated very fast and the servers started slowing and slowing down and then they died. The first ones did manage to get all the stuff. I envied them because I managed to get only couple megabytes. :-(

It seemed real. Very real. Someone had broken into their development servers, stuffed the stuff to the web servers and escaped with it all.

There was some small mention about it on the Slashdot too but I couldn't find it right now. It seems the Microsoft was able to really sweep that one under the carpet. I wonder how.

There are people around with self compiled Windows XP copies, trust me. I envy them. I would gladly remove some features and tweak couple edges I am not now allowed to. Even though it would be a HUGE task.

So the now leaked source codes to NT/2k are mostly just boring and obsolete.

Re:it's true

[caluml]

fw calum $ grep -ir " shit " /usr/src/linux/* | wc -l
15
fw calum $ grep -ir " fuck" /usr/src/linux/* | wc -l
40
fw calum $ grep -ir " crap" /usr/src/linux/* | wc -l
98

Should I have been doing this on the company firewall? Probably not.

Re:it's true

[Zork+the+Almighty]

What the hell, it's just one big .vbs file!

Re:it's true

[kerrbear]

If it's later demonstrated that you had access to the W2K source and contributed vaguely similar code (even by accident) to a project, it could have severe repercussions for that project.

I seriously doubt that having looked at that crappy code, anyone would want to duplicate it in even a vague way. At best it would provide an example of what not to do

Re:it's true

[Cylix]

I don't make a living as a programmer and I still won't touch this. I want to keep my programming options open and I don't want to consider myself even remotely tainted.

However, if someone should glance upon the evil known as win2k source, I hear that are some mystical perl monks who can cleanse your soul.

Re:it's true

[alienw]

Here's my favorite. BY FAR. Who the fuck accepted this into the kernel?

[from drivers/usb/spca50x.c, a usb camera driver]

/*
* Function compares two strings.
* Return offset in pussy where prick ends if "prick" may penetrate
* int "pussy" like prick into pussy, -1 otherwise.
*/
static inline int match(const char* prick, const char* pussy, int len2)
{
int len1 = strlen(prick); //length of male string
int i; //just an index variable
const char* tmp; //temporary pointer for my own pleasure // We skip all spaces and tabs
for (i = 0; i len2)
return -1; //Fuck off, no fucking

if (!strncmp(prick, tmp, len1))
return i + len1;

return -1;
}


To get around stupid slashdot filter:
# mportant Stuff: Please try to keep posts on topic.
# Try to reply to other people's comments instead of starting new threads.
# Read other people's messages before posting your own to avoid simply duplicating what has already been said.
# Use a clear subject that describes what your message is about.
# Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)

# mportant Stuff: Please try to keep posts on topic.
# Try to reply to other people's comments instead of starting new threads.
# Read other people's messages before posting your own to avoid simply duplicating what has already been said.
# Use a clear subject that describes what your message is about.
# Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)

Re:it's true

Try this torrent

Rakshasa

Re:it's true

[tjw]

Looking at the file listing linked to in other slashdot comments, it looks pretty likely that suspicious code exists:

114 07-26-00 02:17 win2k/private/inet/urlmon/compress/gnumakefile
0 11-18-01 14:24 win2k/private/inet/urlmon/compress/gzip/
3627 07-26-00 02:17 win2k/private/inet/urlmon/compress/gzip/api.c
1978 07-26-00 02:17 win2k/private/inet/urlmon/compress/gzip/api_int.h
639 07-26-00 02:17 win2k/private/inet/urlmon/compress/gzip/common.h
1838 07-26-00 02:17 win2k/private/inet/urlmon/compress/gzip/comndata.h
871 07-26-00 02:17 win2k/private/inet/urlmon/compress/gzip/comninit.c
3927 07-26-00 02:17 win2k/private/inet/urlmon/compress/gzip/crc32.h

Last time I checked gzip was licensed under the GPL. Although, it could be a totally re-written version of gzip or something else named gzip I guess.

Re:it's true

[CrackHappy]

Uh... you might want to fix your keyboard or your fingers as you cannot seem to hit the "l" key correctly.

kots of kuck to you!

Re:it's true

It was a quiet nice evening couple years ago walking around Washington. Someone pointed me to an open door at the white house. 2 telephones sitting side by side. One direct to Moscow, the other direct to central nuclear command.

People were milling about in the room, I finally took the dive and made a couple of prank calls for pizza. Some other guys managed to get the US up to def con 4. I envied them because I managed to get only arrested. :-(

It seemed real. Very real. Someone had broken into the potting shed, stuffed a key to the nuke room under a bush and escaped with it.

There was some small mention about it on the Drudge too but I couldn't find it right now. It seems the government was able to really sweep that one under the carpet. I wonder how.

There are people around with the phone number still, trust me. I envy them. I would gladly make the call to nuke France. Even though it would be a HUGE task.

So the now Brittany Spear's leaked cell number is mostly just boring and obsolete.

Re:it's true

[iminplaya]

And that's exactly why I won't even consider downloading this.

And here lies one of the most basic problems of copyright. Nobody can see the other's code...to build on and possibly improve. Everybody has to learn what is already known by themselves. That slows down the whole developement process to a virtual standstill. I think this whole copyright mess has probably set us back anywhere between 50 and 200 years. This applies to all human work, not just computers.

Re:it's true

[Saint+Stephen]

When I worked at Microsoft I had read-only access to the NT tree. The full, current "main" branch was about 20 GB, you needed about 80 GB to compile it, but *much* of that was binary versions of things like DAO checked in to support all the Internationalization. So I'd be shocked if you all were passing around the whole thing.

The base stuff is probably 4 GB.

Re:it's true

[rixstep]

Moving from cathedral to bazaar isn't easy. This stuff has been closed all along, and although people have been able to sense what moronic code the Beast has produced, it will be first now that they'll see with their own eyes.

Linux has had the advantage of being checked, line for line, from the beginning. NT was an estimate 16 million lines of code; 2K three times that much. That's a lot of code.

I think what people will see, most for the first time, is exactly how bad the coding is in Redmond. This will cause some laughter, and some shock. I think they'll find that parts of the NT kernel were strangely well-written, coming as they did from David Cutler's 'tribe' and the DEC Prism project on which NT was based. On the other hand, I think they will find that other parts, such as the GDI, were horribly written.

And it's all good, IMHO: eEye and Guninski and others have been able to give us a bit of a picture of how bad things are there, but we'll finally be able to see with our own eyes.

It won't be a pleasurable experience.

Re:it's true

[mmp]

You remember incorrectly. That looks like zlib (which gzip is based on). zlib's license is very flexible:

http://www.gzip.org/zlib/zlib_license.html

/* zlib.h -- interface of the 'zlib' general purpose compression library
version 1.2.1, November 17th, 2003

Copyright (C) 1995-2003 Jean-loup Gailly and Mark Adler

This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.

Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:

1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.

Jean-loup Gailly jloup@gzip.org
Mark Adler madler@alumni.caltech.edu

*/

Re:it's true

[mix_master_mike]

"A quick peek around indeed shows something named Windows.Source.Code.w2k.nt4.wxp.tar circulating"

How does one take a quick peek to see such a file is circulating?

Re:it's true

[GlassHeart]

here lies one of the most basic problems of copyright. Nobody can see the other's code...to build on and possibly improve. Everybody has to learn what is already known by themselves. That slows down the whole developement process to a virtual standstill.

I agree that a lot of reinvention has to go on, but I think you exaggerate the effects of not being able to reuse code. To begin with, people tend to forget the steep learning curve required if you choose to reuse code as opposed to rolling your own.

Case in point: Microsoft started nearly from scratch (licensed a simpler browser, IIRC) with IE, at around the same time Netscape decided it was unable to maintain its aging source code. IE overtook Netscape 4 in terms of quality (despite illegal bundling) over a few years. We cannot know if Netscape could've survived if they kept maintaining their 4.x browser, but it's pretty clear that Microsoft wasn't moving slowly at all.

Apple then did the same years later, starting with KHTML (generally considered inferior to Gecko), and within a pretty short time has a really polished Safari browser. It's not as maximally compatible as some of the more established browsers, but it's probably 90% of the way there within a year or two of development.

In fact, the projects that truly move at a glacial pace tend to be the free software projects. Sourceforge is full of these projects, gasping for attention, despite disclosing full source code. In the commercial world, when you throw money at a problem, code gets written from scratch pretty quickly.

Re:it's true

[Deadplant]

grep -ir fuck windows_2000_source_code/*

private/shell/applets/welcome/html/webapp.cpp: // HighContrast mode is turned on. This totally fucks our style sheet as most of it will
private/shell/shell32/copy.c:// want to fuck with.
private/shell/shell32/util.cpp:// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
private/shell/shell32/util.cpp:// around the fucking peice of shit compiler we pass the last param as an void *instead of a LPITEMIDLIST
private/shell/shell32/util.h:// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
private/shell/shell32/util.h:// around the fucking peice of shit compiler we pass the last param as an LPVOID instead of a LPITEMIDLIST
private/windbg64/debugger/tl/remote/ shell/windbgrm .c: // The user fucked up
private/windows/media/avi/verinfo.16/verinfo.h : * !!!!!!!!!!!!!!DOING SO FUCKS THE BUILD PROCESS!!!!!!!!!!!!!!!!
private/windows/shell/con trol/midi/map.c: // !!!this is fucked if a map goes to multiple physical devices

Re:it's true

[Deadplant]

hehe, some days people on IRC can be so nice and helpfull. here's another grep i was given.

grep -ir " shit" windows_2000_source_code/*

private/inet/wininet/urlcache/conman.cxx:// BUGBUG - DON'T DO THIS SHIT.
private/shell/ext/netplwiz/mnddlg.cpp: // this shit's read only
private/shell/win16/commctrl/ctl3d.c: // Some ugly shit goin' on here!
private/windows/media/avi/avicap/capdib.c: // Holy shit, couldn't change formats, time to punt!
private/windows/media/avi/avicap.16/capdib. c: // Holy shit, couldn't change formats, time to punt!
private/windows/media/avi/avicap.io/capdib. c: // Holy shit, couldn't change formats, time to punt!
private/windows/media/avi/msrle/rle.c: // lets do some majic shit so the compiler generates "good" code.

Re:it's true

[TheGrayArea]

You'd probably be surprised. Some of it is really, really clean and some of it is a mess. It all depends on which part you look at. As far as searching for curse words and such (as referred to in a reply later in this thread) there actually was a concerted effort at MS a couple of years ago to actively 'clean' the code of offensive comments. There were actually bugs submitted against a whole slew of "WTF" and "hack" and "shit" comments back then.
The code varies greatly in style and how it's put together. The MSMQ code where I spent most of my time when I worked at MS support is just friggin brilliant and a real joy to debug. I can't say that about everything (IE ....).

Re:it's true

This notice DOES appear in the Windows documentation, btw, so it's not exactly a state secret that they used zlib.

Re:it's true

[This+is+outrageous!]

you exaggerate the effects of not being able to reuse code

Case in point: Microsoft started nearly from scratch (licensed a simpler browser, IIRC) with IE, at around the same time Netscape decided it was unable to maintain its aging source code. IE overtook Netscape

You might want to read Eric Sink on how this happened:

What was interesting was the day we learned that Netscape didn't have the funding to keep up with Microsoft. (...) At one of those meetings we sat down for a talk which was a major turning point for me and for Spyglass. Scott told me that the IE team had over 1,000 people.

I was stunned. That was 50 times the size of the Spyglass browser team. It was almost as many people as Netscape had in their whole company. I could have written the rest of the history of web browsers on that day -- no other outcomes were possible.

Apple then did the same years later, starting with KHTML (generally considered inferior to Gecko), and within a pretty short time has a really polished Safari browser.

Well you're making the other guy's point, since KHTML was, precisely, (open source and) being reused.

Open Source

[The_Rippa]

Now will everyone stop bitching about Windows not being open source?!

Re:Open Source

[eyegor]

Actually, now Microsoft can pull a SCO and sue anyone who produces an OS with lots of security holes and cruft.

Re:Open Source

[Rosco+P.+Coltrane]

I'm surprised nobody has sent them patches to fix security issues yet...

Re:Open Source

I would see the opposite being more likely...now the open source community can examine w2k for evidence of GPL'd code being used.

Imagine the shitstorm if someone found linux code in the w2k kernel...and people thought slashdot posted a lot of SCO stories...

Re:Open Source

[DarkBlackFox]

No, but how long will it be until Microsoft pulls an SCO and accuses open source of integrating MS code? If it is indeed true, and the code is floating around out there, and within a few weeks a miracle version of Wine is released which suddenly has 100% compatibility, what would MS's reaction be?

Server problems ALREADY...

[momerath2003]

"The server is too busy at the moment. Please try again later."

Later isn't going to work, since the server was down even before it hit the Slashdot front page. I empathize with their server.

I did, however, managed to grab the news blurb (but not the, at that point, 214 comments) from the intermittent front page:

Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.

Please do not post any links/screenshots/hints or anything to do with the source code outbreak. Discussion is allowed but we will not condone people spreading this source code.

Torrent, anyone? ;) (not like I would have any reason to want to have several lines of bug-infested code, as who knows to where the bugs might spread in my system)

Re:Server problems ALREADY...

[momerath2003]

Also, someone on the comments posted an alleged 2.3 MB list of the files leaked as well (contains no source).

It's allegedly from the file "windows_2000_source_code.zip."

(Who knows if it's real, as it's too early to tell, probably)

Re:Server problems ALREADY...

[1010011010]

I hope some bright I.T. reporter will write a story about how "Linux source code leaks" are not a security issue, but part of the development process, making Linux safer than Windows. I mean, if the Windows source is so full of bad code and bad design that releasing it represents a threat to national security (Jim Allchin's words), while Linux has always had its source code freely published -- it standsto reason that Open Source software is of higher quality.

Re:Server problems ALREADY...

[Mr.+Piddle]

At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them.

How big are these files? I would expect the size of these tarballs to be comparable to Linux Kernel + GNOME + Mozilla + misc userland/bundled equivilents. If they are unexpectedly small (like less than a gig for W2K), then they are probably a hoax.

Re:Server problems ALREADY...

[Rosco+P.+Coltrane]

God, this latest karma-whoring technique on Slashdot consisting in posting "I thought I had read first!" or "I could have sworn it said " pisses me off to high heaven : if people can't find funny lines in the article to exploit in a witty post, they just make up their own, and moderators mod up funny for a reason that escapes me.

MOD PARENT DOWN, IT'S NOT FUNNY...

Re:Server problems ALREADY...

[LuxFX]

... that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

Argh! Trying to get rid of images of naked NeoWin people thinking about ramifications....

What now?

[Rosyna]

Are people deeply involved with OSS going to start fixing bugs in Win 2k? Might be fun and a dagger in MS's heart.

"We fix bugs in 24 to 40 hours, much faster than OSS."

Re:What now?

[Jim_Maryland]

Just to throw this out, what's the possibility that MS saw some similar routines in WINE and figured to shutdown the project by releasing some portions of the MS code that overlaps? They could essentially say that WINE must be based on MS proprietary code. Even with the code only publicly being leaked now, they could argue that copies may have been floating around for a while. Maybe they are taking some ideas from SCO on how to profit from the OSS community.

Re:What now?

[Bagels]

Not likely - the WINE folks could just show some code from before the leak with the "similar routines" included. That said, they'd have to find a way to *prove* that it came from before.

Hmmm...

[TheSpoom]

Do I have to sign an NDA?

Seriously, this should be pretty interesting. I wonder how many bugs are ACTUALLY in the NT kernels...

What's the big deal?

[Fluk3]

There's plenty of worthless spam on the internet already.

For those that need more proof

[timdorr]

Full file listing with sizes: http://heim.ifi.uio.no/~mortehu/files.txt I suggest mirroring ;)

Re:For those that need more proof

[say]

What is this:

win2k/private/inet/urlmon/iapp/gnumakefile
win2 k/private/inet/urlmon/mon/gnumakefile
win2k/priva te/inet/xml/xml/tokenizer/parser/gnumak efile

(and so on - many, many instances)

on the other hand, a few funny files:
win2k/private/inet/xml/xml/tokenizer/dll/w ords of wisdom from dennis.eml
win2k/private/inet/xml/xml/dso/letter to children - 2.eml

and VERY interesting:
win2k/private/ntos/w32/ntuser/kernel /

Re:For those that need more proof

[scambaiter]

Well, Dennis Ritchie would make some sense, wouldnt it?;)

Re:For those that need more proof

[PipianJ]

20475 07-26-00 03:06 win2k/private/windows/shell/games/sol/sol.c

AT LAST! The secret to beating Solitaire... This could perhaps be the most significant event of our times!

Re:For those that need more proof

[plaa]

A few more interesting ones:

win2k/bsc/.glimpse_filenames_index
etc.

Huh? What's with the "."? Are they using Unix?

win2k/private/inet/mshtml/src/site/download/pngl ib /
win2k/private/inet/mshtml/src/site/download/zli b/
win2k/private/inet/mshtml/src/site/download/jp glib 6a/
win2k/private/inet/urlmon/compress/gzip/

(AFAIK nothing illegal in using these, but interesting to know. Maybe the gnumakefiles are for these and similar?)

win2k/private/ntos/rtl/boot/i386/cv - vered mazafi.eml
win2k/private/shell/wontfix.txt
win2k /private/shell/docs/leak.txt
win2k/private/shell/ shdocvw/ofbugs.txt
win2k/private/shell/cpls/appwi z/todo

Interesting...

win2k/private/shell/ext/viruschk/
win2k/private /shell/ext/viruschk/mcafee/

Wha?

At least that list looks pretty damn convincing... If that list is a hoax its a pretty damn well made one.

New Licensing Model

[MADCOWbeserk]

GLL - General Leaked-Souce license

Simpsons mode equals one

[defile]

Ha ha!

Close you eyes!

[exhilaration]

...LEST YOU ARE CORRUPTED!!!

Seriously, don't look at it, you will no longer be considered "clean" and might become a liability to any project you work on.

Just don't use the code

[Midnight+Thunder]

What ever you do, don't let the code influence your projects. The last thing we want is Microsoft joining in with SCO and accusing the open source community of using MS code in an open source project such as Linux. Sure you probably wouldn't want to with its reputation, but I am sure there would be those who would be tempted.

Re:Just don't use the code

[aoteoroa]

What ever you do, don't let the code influence your projects

You beat me to the punch. This code leak could be a very good thing for Microsoft, and a trap for the open source community. I doubt that Microsoft intentionally planted this snare but if any future open source project even vaguely resembles this leaked code I have no doubt that Microsoft will open their full arsenal of lawyers.

Re:Just don't use the code

[SkArcher]

Exactly

In fact if you are involved with an Open Source project (especially Kernel and Window Manager projects) I suggest you do everything possible to avoid seeing this code.

Accusations of Taint are undoubtedly going to spring up from this, and you would be better to be well clear.

I will confess to a certain curiosity as to what the results of a comparator test would be though.

Re:Just don't use the code

[acousticiris]

Yeah... I can see it now.
"Microsoft is suing end-users of Linux due to the discovery that the latest version of the kernel incorporated Windows 2000 code. The discovery of the code theft was made after someone at Microsoft plugged a USB scanner into a system running the latest Linux kernel and received the Blue Screen of Death."

Re:Just don't use the code

[cybermace5]

*** CONSPIRACY THEORY BEGIN ***

I remember someone on here, a while back during one of the SCO stories, wondered what would happen if Microsoft released the source code, but under such a devious license that contamination would be fatal to an open-source project.

Maybe someone at Microsoft thought that was a neat idea.

*** CONSPIRACY THEORY END ***

As far as looking at the code: the only real reason to examine it is to find new exploits. No developer is going to slave over that source in order to find bugs and repair them, since there is no legal way to do it.

Maybe they will rethink Open Source...

[viper21]

Microsoft just needed a push in the right direction, right?

-S

One a related note

[ackthpt]

On a related note, Microsoft is reporting the number of bugs in Linux to have surged in recent weeks, thus proving Intellectual Property theft.

Seriously, the previous article lambasting open source for being vulnerable is nothing when compared to eyes backed with malicious intent poring over Windows source code for new exploits. So much for security through ignorance.

Re:Torrent?

[thelasttemptation]

I want a ebuild!

emerge win2000

Fortune

[Tom+Rothamel]

The funny thing is the fortune that appeared in the appropriate slashbox when I first saw this article.

"Never trust an operating system you don't have sources for. ;-)
-- Unknown source"

Mirror With Comments

[RPoet]

Mirror with comments.

Hope it's all just a bluff.

Re:Mirror With Comments

[RichMan]

You have commented all that Microsoft code already. Holy Crap that is fast.

Code

[daeley]

...Windows 2000 and Windows NT source code has been leaked to the internet.

The Internet, however, being a polite sort of fellow and completely undesirous of the undoubtedly horrible ramifications of having such a beastie running around loose, gently replaced the source code and gave Windows a friendly pat on the head.

Do NOT read that code!

[AuMatar]

Do NOT read that code if you ever wish to program for an open source OS, ever. Doing so will make you tainted- you open the project up to allegations of copyright infringement. Unless you never want to contribute a single line to Linux, *BSD, etc, checking out that code is a bad idea. Its almost a surprise MS didn't "leak" Win 95 or 3.1 years ago to catch open source developers like this.

Re:Do NOT read that code!

[Samari711]

oh take off the tinfoil hat already.

that's like saying the beatles can sue every musician who ever listened to them for copyright infringement

Re:Do NOT read that code!

[TekPolitik]

Do NOT read that code if you ever wish to program for an open source OS, ever...

Of course those of us who are also lawyers can safely read other peoples' code, because we know exactly what to do to avoid infringing. It is possible to extract knowledge from the code without breaching copyright, but...

Getting a copy of the code at all is a breach of copyright.

Re:Do NOT read that code!

[GoofyBoy]

>Its almost a surprise MS didn't "leak" Win 95 or 3.1 years ago to catch open source developers like this.

Please, you are talking about sacrificing the source code for NT and 2000 just to hold off OpenSource projects, which WILL happen eventually regardless of what lawyers say. They can't stop every comptuer science student out there from writing and giving away programs.

The number of virus created and holes which will be found (now and years in the future), IF this is true, will almost destroy any IT administrator to a weaping mound of tears and make them seriously consider moving to Linux/BSD/Mac.

Moving to XP won't help because this could happen with that code also.

So, IF this is true, this MIGHT be more damaging to MS than the Dept of Justice thingy from years ago. Not something MS would want to do on purpose no matter what they think about OpenSource.

Re:Do NOT read that code!

[cmowire]

That's not entirely in the tinfoil zone.

The basic problem is that if it's clear that you have viewed the source code and make substantial contributions to a project that competes with Windows, MS will be able to, without being laughed out of court, at least file a lawsuit against you and ruin your day.

The correct analogy is sampling large portions of a beatles song or performing your own rendition of it. If you try to record a beatles song and sell it, you had better pay the proper song royalties or you will get sued.

I'm really fascinated about, if this turns out to not be a lie, the long-term ramifications of this. It's a can of worms that you can't undo. Its impact on the number of security holes, any commentary by third party sources, etc. will be most interesting. Especailly given that it's probably reached areas already where it doesn't have the sort of protections that it has under US laws. ;)

Re:Do NOT read that code!

[aoteoroa]

It is possible to extract knowledge from the code without breaching copyright, but...Getting a copy of the code at all is a breach of copyright.

Sorry for sounding like an idiot but could you clarify that for me. On one hand you say it is safe to read copyrighted code, on the other hand it isn't.

It sounds like you are saying that there are some instances where you can read copyrighted source code and still write your own code for a similar project and be legally safe. But in this instance simply having a copy of microsoft's code without signing their NDA first is a breach of copyright and would put a person at risk. Is this correct?

I must admit that I am curious to see the Windows source, and since I write network apps in java & delphi, not operating systems in C my software is not likely to be tainted by it.

Re:Do NOT read that code!

[MenTaLguY]

that's like saying the beatles can sue every musician who ever listened to them for copyright infringement

I personally think it's a bad analogy, but even that isn't as far-fetched as you might think.

George Harrison (of Beatles fame) was succesfully sued for _subconsciously_ ripping off the song "He's So Fine" (in "My Sweet Lord"). See here for more details.

So, no, I don't think worrying about IP contamination from looking at Windows source code is paranoid at all.

Re:Do NOT read that code!

[happyfrogcow]

The correct analogy is sampling large portions of a beatles song or performing your own rendition of it. If you try to record a beatles song and sell it, you had better pay the proper song royalties or you will get sued.

Yet if I learn to play guitar by among other things, listening to all of the Beatles songs and playing along, do the Beatles own the rights to any future song I write? Goddamn hell freakin no! How is that any different from learning things from viewing MS, or any other persons code?

I've learned to code by doing all sorts of things over the years. Among them, learning from coworkers code. Applying that knowledge at my current job doesn't make the propoerty of my current employer a derivitive work of my employer from 5 years ago, even though I had access to the source code of that previous job.

Re:hmm seems a bit buggy

[fishbowl]

It *amazes* me that it hasn't been routine.

Windows source code is not some deep dark secret that is locked in a vault, only let out during builds for the product releases.

*MANY* people have access to the Windows source code. A number of people in my own university have it. There are strict licensing considerations, but when has that ever worked before? Surprisingly, none of the people with source access has ever pulled off the stunt where it's broadcasted. I have always wondered why.

error.h

[sarice]

We all know the real valuable stuff is in error.h.
So, what does it say?

Re:error.h

[fredrikj]

Apparently that's where they put main()

Article +1 Ironic

[Samari711]

right after a story that was about open vs. closed source

So much for security through obscurity

This pretty much destroy's any argument that Windows is more secure because "the bad guys" can't look at the source code. And yet it won't get the positive aspect of "the good guys" reviewing the source code for bugs as it is illegal to make a copy of the code without a license to do so.

Re:So much for security through obscurity

Just remember, eEye doesn't have access to the code and they have been sitting on exploits for months.

Source helps, but it isn't everything.

Does anyone else just get a tingly feeling seeing this article sitting on top of an article on Open Source being less secure because of it's openness?

Re:So much for security through obscurity

[Monkelectric]

Could this be a ploy to spur Win2k+3 updates? Blame the hackers for making win2k insecure. Oops you gotta upgrade now, sorry,

Re:So much for security through obscurity

[Dr+Caleb]

So, when do you figure SCO will find their intellectual property in it?

Re:So much for security through obscurity

[CaptBubba]

Windows XP is based on the Win2k kernel IIRC. Assuming that code is part of what got leaked everything after Windows ME could be in for a world of hurt.

Re:So much for security through obscurity

[mwheeler01]

win2k+3? wow that's much easier that typing win2003...I don't care mod me down, abreviations and acronyms have gotten out of control!

Re:So much for security through obscurity

[The+Lynxpro]

Never. Remember Microsoft is currently their big supporter, a long with Sun Microsystems? They both took out large contracts with SCO at the beginning of the whole lawsuit business. Both companies know they could sue for damages later (against who? I don't know.) since the contracts could be seen as invalid. "You sold us this product under the guise we were required to buy it, but that's not true".

So, all we need is an over-ambitious green-thumb attorney straight out of lawschool to discover this and bring it out in the open and force the hands of Microsoft and Sun to sue SCO out of existence over it so neither company "appears" guilty in the eyes of the SEC and class action lawsuit specialists. It could be the IT adaptation of the book/movie "The Firm."

Re:So much for security through obscurity

I prefer win3*23*29+2

Re:So much for security through obscurity

[diersing]

If its true (conspiracy theorists) that MS was behind the 50M cash investment into SCO a while back, then its possible MS is trying to provoke the playgournd wimp into picking a fight with the Big Blue bully for the sole purpose of being there first after getting his ass kicked. Its not out of the realm of possibility that the MS world domination plans include purchasing UNIX IP just to burn it in some pagan ritual.

Re:So much for security through obscurity

[zangdesign]

Could this be a ploy to spur Win2k+3 updates? Blame the hackers for making win2k insecure. Oops you gotta upgrade now, sorry,

Not a very effective one, then. The key component - Windows Update - still fetches from the same place each time, and unless someone manages to fool that program into downloading from some other source, it's not a big problem.

The bigger issue here is the release of code that Microsoft may have licensed from third parties that they were not supposed to reveal, as well as the release of their own IP. I imagine someone's or some institution is going to be in a world of hurt if MS ever finds out who did it. Not terribly likely, but possible.

If it were me who did it, accidentally or on purpose, I'd be on a jet to some foreign country right now.

Re:So much for security through obscurity

[homer_ca]

No, it's the same codebase. Big parts of it are rewritten for every release and new parts are written from scratch to support new features, but a lot of it is the same. How else do you explain that most of the security bugs affect every Windows NT version from 4.0 to Server 2003? They were rewritten from scratch with the same mistakes?

Re:So much for security through obscurity

[Cryptnotic]

I prefer Windows 666*3+5.

Re:So much for security through obscurity

[RoLi]

Actually when you look at the security track record, WinNT/2K/XP is already in a world of hurt compared to Win9x.

Blaster was the biggest worm - ever. And it worked only on NT, not on 9x...

That Windows 2000 (or NT or XP) is "more secure" than Windows 98 has been repeated so often that most people started to believe it, even though the security track record shows the reversed situation.

Re:So much for security through obscurity

[Pharmboy]

Actually, I think it would be funny to see the open source community release a security patch for win2k before Windows does, proving that open source is more secure since it can be patched faster with more eyes looking at it.

Of course, MS would flip out, call it an exploit, and have the next patch uninstall it, since any patch for MS products that do not come from MS "can't be trusted". Another reason I like Linux more and more every day, not having to rely on a single company for patches.

Re:So much for security through obscurity

[Fizzog]

Adding Microsoft to the SCO mix would make no difference whatsoever.

IBM's legal team make Microsoft's look like first year law students. IBM's lawyers held the DoJ at bay for DECADES. Not even Microsoft are prepared to mess with IBM. The moment IBM called SCO's bluff SCO knew they were dead.

And if Microsoft could buy them with a month's revenue imagine what IBM could do. They are a little bit bigger than Microsoft you know...

I just think it's funny that IBM were everybody's worst enemy in the 70's and 80's, and now they are usually the ones doing the right thing by the industry.

Re:So much for security through obscurity

[puck71]

I'd say that's misleading at best. The reason there have been more worms/virii/etc. that attack 2000/XP than 9x is purely numbers. There's so many more computers running than 2000/XP than 9x, why bother writing any kind of worm that targets 9x?

Coincidently, this is also one of the key reasons that there are more worms/virii released that target Windows than Mac or Linux - why target Mac or Linux when you can target Windows, with many, many times more users?

Re:So much for security through obscurity

[cps42]

Windows Update clients are hardly secure if you happen to modify the registry of the client system to use a differenet "WindowsUpdate" server...

Re:So much for security through obscurity

[benna]

You know its very interesting. This has just gotten released into the regular warez scene. Some group pred it on a bunch of sites. its called Windows.2000.Source.Code-iND. But anyway, i requested it be sent to a site im on. Imediatly one of the siteops said, "if that request is filled, i'll seriously leave." many others agreed with him. It seems at the very top of the scene, in the irc channel im in, curries and siteops are making a moral arguement NOT to move the source. When I asked what the big deal was, the siteop responded, "think about it, by downloading that you think its okay for people to search through it to hunt down ways to fuck people over." So anyway i was just facsinated by the sudden display of morals in the warez scene.

Re:So much for security through obscurity

[RancidBeef]

Yeah, I remember back during the Microsoft vs. Apple "Look-and-feel" lawsuit, I was rooting for Microsoft. 'Course, I guess I still would today because Microsoft was in the right on that argument.

Re:So much for security through obscurity

[nullard]

There's so many more computers running than 2000/XP than 9x, why bother writing any kind of worm that targets 9x?

Is that true? Can you prove it?

For years after Windows 95 came out, there were more Windows 3.1 systems than there were Windows 95 systems. Why is this?

It's probably for the same reason that there are more dead people than live people.

Re:So much for security through obscurity

[LittleBigLui]

why target Mac or Linux when you can target Windows, with many, many times more users?

what my first thought was:

Because every idiot skr1pt k1dd13 and their lam0r grandmother can code winDOZE viriii, but only 1337 H4XX0rZ can ownzor teh LiNuX and MaC BoXxEn!!!1!!

how it should be phrased:

Successfully designing, implementing and deploying a worm/virus targetting the aforementioned "alternative" platforms Linux and/or Apple would - although being a much more complex undertaking and promising less quantifiable success (for example, infected hosts) than targetting the Microsoft Windows platform - could strengthen the Programmer's social status amongst his peers.

how it should be phrased on slashdot:

Frist psot!

Re:So much for security through obscurity

[yandros]

Actually, there have been numerous studies/surveys by roughly every major `business market analyst' company (Gartner, Jupiter, et al) that show that Win9x variants are more widely used than all other Windows OS's combined, by a decent margin.

Perhaps your personal experience in server rooms has misled you about the HUGE number of Win9x installations on user desktops?

Re:So much for security through obscurity

Windows 1337+666 seemed to always do it for me...

Re:So much for security through obscurity

[MasterSLATE]

Due to the source code leak, Microsoft has delayed the release of the highly anticipated Windows 2000 till the summer of 2004.
*time passes*
Due to the source code leak, Microsoft has delayed the release of the highly anticipated Windows 2000 till the fall of 2004.
*time passes*
Due to the source code leak, Microsoft has delayed the release of the highly anticipated Windows 2000 till the release of Half-life 2.
*time passes*
Duke Nukem Forever released...

Re:So much for security through obscurity

[LurkerXXX]

If you look back at past slashdot stories, you'll find exactly that was done several months ago. An opensource patch was released for a windows exploid before MS could release one. Everyone raved about it that day.

The next day it was discovered the patch was very badly coded, and included a backdoor...

I think I'll stay away from 'opensource' MS patches, thank you very much.

Re:So much for security through obscurity

[soramimicake]

Sorry for pointing out the obvious, but you really don't want to end up being as a scapegoat in a high profile case this one has the potential of turning into. Getting blamed for distributing a million copies of Windows and ending up in jail for years is not fun.

It is wise to keep a low profile from a company that offers bounties to hunt people down.

Re:So much for security through obscurity

[andy55]

Windows source code posted!!

Re:So much for security through obscurity

[what+the+dumple+is]

Coincidently, this is also one of the key reasons that there are more worms/virii released that target Windows than Mac or Linux - why target Mac or Linux when you can target Windows, with many, many times more users?

I have noticed some viruses for linux. One was just a script and it recommended that the indivdual chmod a+x and then run it. The other one you had to type gcc -o virus virus.c and then run the resulting binary in order to get it to work. And then there was that one where it wanted to load a module but it couldn't because modules weren't supported on that kernel, although it did try for /dev/kmem.

Then there was that one that installed an irc backdoor:

:Portland.OR.Us.Aolirc.us 372 lamer :- Network Admins:
:Portland.OR.Us.Aolirc.us 372 lamer :- Paul
:Portland.OR.Us.Aolirc.us 372 lamer :- MrSteve
:Portland.OR.Us.Aolirc.us 372 lamer :-
:Portland.OR.Us.Aolirc.us 376 lamer :End of /MOTD command.
:lamer MODE lamer :+wx
JOIN #ddos# vrfx
MODE lamer +i
:lamer!lamer@aolirc-1FCCF050.client.attbi.com JOIN :#ddos#
:Portland.OR.Us.Aolirc.us 332 lamer #ddos# :
:Portland.OR.Us.Aolirc.us 333 lamer #ddos# smash` 1068679664
:Portland.OR.Us.Aolirc.us 353 lamer @ #ddos# :lamer
:Portland.OR.Us.Aolirc.us 366 lamer #ddos# :End of /NAMES list.
:lamer MODE lamer :+i
MODE #ddos# +nts


23:14 < lamer HTTP server listining on poort: 999 root dir: c:\ Address http://X.X.X.X:999/

Oh, wait. that last one was a Windows thing. But those other ones. Look out. They'll do some nasty things. I mean, it takes a bit of work to get them running. But once you do. Look out. They're dangerous!

/* address size */
/* 0x00417001 0 */ /* unknown */ void __entry_point__;

Re:So much for security through obscurity

[ImpTech]

No, bah, way off...

The reason there are more worms on win2k/XP than the 9x series is because the 9x series doesn't DO anything. Win98 doesn't have "UPNP" or "Remote registry", or "windows messaging" or any other fancy services to speak of. Usually its all that crap (which is on by default!) that becomes the portal for worms. 2k/XP are a more powerful OS than 9x, which makes them inherently more dangerous. And now that more and more people are moving that way, of *course* chaos was going to break out, just as countless people predicted 4 years ago.

Not good

[savagedome]

This is not good. Windows is designed primarily with 'security by obscurity' in mind. The security holes indeed show up every often and we have worms making it to the gazillion windows boxes before the patch does. Get ready for a deluge of worms/virri. Another bad week/month for sysadmins.

Re:Not good

[Salsaman]

Didn't you read the last article, closed source software is much more secure than open source. You have nothing to fear.

Re:I'll believe it when I see it.

[rritterson]

While you may not have heard of Neowin before, they are actually quite well known and are often placed in those '100 essential sites' lists.

They focus primarily on windows tech, and have a knack for breaking stories about Windows- leaked builds of future versions, beta builds of service packs, etc. Whoever runs the site is well connected in Microsoft.

So Windows is now fertile ground for foul play?

[Serious+Simon]

See previous article

Source TREE, looking more legit now

[City_Idiot]

http://heim.ifi.uio.no/~mortehu/files.txt I'll wait till i can download it into a lab

If this is true...

[thesolo]

I haven't been able to even get to Neowin, it's been slashdotted since before this story even made it to "The Mysterious Future" here on /., but think about what this means if this is actually true. The potential vulnerabilities. All the trade secrets Microsoft put in there. Hell, IE 5 was released with Windows 2000, so if this is full source, it means IE 5 and the trident engine are in there as well.

If this is true, today may be the day that everything changes.

In other news...

[zellyn]

ReactOS have announced they have hit all upcoming milestones and consider their project "feature complete".

The comparator

[fava]

I wonder how long it will be until someone runs the comparator in it?

Re:So is this the beginning of something...

[webroach]

Sure it's illegal, but so have many things Microsoft has done.

I'm not sure that kind of justification really works. It also doesn't help the open source community, IMHO. I can't agree with the "let's sink to their level" philosophy.

Lookout for Backdoors

[bstadil]

Here is a chance to not only check for backdoors but to compare with the stuff that has been given to foreign governments.

Strangely enough this Leak will make Windows more secure in the long run as the code can be studied and possible exploits be "published"

Here's the source

[FattMattP]

I found the source code here.

tin foil hat

[wildcard023]

Ok so here's MS's plan.

Step 1) Leak their source
Step 2) Sue Onen Source developers down the road because obviously they have studied the MS leaked source.
Step 3) ... Ya, I'm sure you know what goes here.

Ok but seriously, I'm not touching it. The last thing I need is Microsoft saying that I somehow owe something to them.

Jerks.

--
Mike

Re:tin foil hat

[Skyshadow]

Actually, I think it would be easier to refute any claims that portions of the code were lifted now. Unlike with SCO, a full source tree exists for us to compare the potential offending code to.

As a side note, I actually feel bad for MS on this one. Seriously: This was *their* code. They paid for it, they kept it going over the last 20 years, they should be able to decide how it gets distributed.

We here at /. should all be as PO'ed by this as when we catch some asshat corp. using our code without regard to the licensing (in our case, the GPL).

I won't mirror this code any more than I'd steal my neighbor's lawn mower because someone else opened his garage door. It's not right.

Re:The shit will hit the fan + Mirror

[milgr]

Could this potentially help the WINE Project?

IANAL but I would avoid looking at the leaked code - especially if I was working on a project like wine. You wouldn't want wine to sued out of existence because it contains code derived from a proprietary, copywritten system.

If I was big into conspiracy theories...

[PythonCodr]

... I might think Microsoft leaked it on purpose, so the OSS community would find the bugs, point them out publically, and even describe how to fix the problems.

Of course, I'm not the suspicious type ... :-)

J

An open source of Windows... of sorts?

[NitroWolf]

What would be the legal ramifications of:

1) Someone taking the W2K source and making an Out of the Country host of a tweaked (and improved?) W2K source? Would this be illegal to use? I realize it would be illegal to distribute in the US, but would it be illegal to *use*. Especially if you owned a valid copy of W2K?

2) If you own a valid copy of W2K, could you legally look at/use the leaked W2K source?

3) If there were any derivative works off the W2K source, I'd think the W2K license would allow you to use any subsequent O/S created with that source by independent developers. I realize the EULA may forbid this, but I seriously doubt that would hold up in court. You probably couldn't do this from a commercial standpoint, but as a private citizen, I can't see there being any legal recourse MS could take against using what would effectively be an OSS version of W2K.

Anyway, something to think about.

Re:An open source of Windows... of sorts?

[DaHat]

No, no and no.

Unless this source 'leak' was officially sanctioned (which we know it wasn't), possession, use, distribution, etc of said source would be illegal, regardless of if you have a legitimate copy of windows 2000 sitting on your home pc.

Also, the EULA covers the final product, not the original source. There are separate license agreements for that source.

Re:There is no evidence listed

[RealityMogul]

Breaking News:

A member of the Slashdot cult has admitted he has stolen the source code to Microsoft's Windows XP operating system. PickyH3D is the handle the low-karma hacker used when bragging of his accomplishment to the world. He has also issued a challenge to Microsoft's legal team with the statement that "there is no evidence". More on this as we hear it.

Re:About bloody time.

[funkhauser]

Well yeah, running ed as an HTTP server is bound to fail.

Or perhaps you meant /.ed?

Now W. Russell Jones can put his story to the test

[ThogScully]

In the last article on the /. home page, we have W. Russell Jones talking about all the insecurity of having source available in open source projects.

I'm afraid we've reach a massive failure here in security by obscurity, but time will tell. If this is true and if there are lots of security holes discovered, I find it hard to believe even a company of Microsoft's size can respond quickly enough to keep the outbreaks down. This threat is why open source is better than what W. Russell Jones made it out to be. The threat of security failing because of leaking source just isn't there with open source.
-N

What's the big deal?

[Animats]

What the NT kernel does is well understood. The object code is widely available, and key parts, like file system formats, have been reverse engineered. There's plenty of documentation. A few major development shops have access to the source anyway. If you're into kernel architecture, it might be interesting, but otherwise, so what?

Internet Explorer

[CeleronXL]

So will we finally find out exactly what kind of information that IE is keeping on us?

Re:Internet Explorer

[helmutjd]

Not that I'm advocating the use of IE (bleh!), but the author of that page appears to be talking out of his ass right from the start.

The magical "hidden folder" that's "segregated from the main filesystem" and "doesn't seem to exist" (C:\DOCUME~1\YourName\Local Settings\History\History.IE5\) is really just a plain ol' system folder.

Go to a command prompt and run:
attrib -s C:\DOCUME~1\YourName\Local Settings\History\History.IE5\

Wow, now the folder appears just like any other folder.

As for the deeply mysterious "encrypted" file inside it, index.dat... it's just a plain ol' binary file. Open it up in any hex editor and you can read all of the URLs stashed inside just fine.

The file "cannot be deleted by any normal means" because it's in use by Explorer (which is always running - it's your shell). If you've ever done any work with programming shell extensions, you'll have run into the same problem.

Put the following into your autoexec.bat (or any similar startup file - anything that runs before Explorer starts) and you can delete it just fine:
del C:\DOCUME~1\YourName\Local Settings\History\History.IE5\index.dat

Granted, IE may not be worth its weight in spit, but this guy appears to be a little bit off his nut.

Why ofcourse!

[Soul-Burn666]

It's only reasonable that software with so many holes will leak!

Re:I'll believe it when I see it.

[BrianCarlstrom]

Second point: The odds of getting one's hands on the full source to NT4/2K are slim to none--even most Microsoft folks couldn't do that. The code is probably scattered across multiple servers in Redmond, for starters, and you'd only be given access to the parts you needed to work with.

Microsoft gave a talk at usenix: Windows A Software Engineering Odyssey

This slide indicates the full source is 50gb and took a week to setup and 2 hours a day to update.

That implies to me that people could have the whole source but it would huge.

Slide 24 talks about their new perforce based system that only takes 3 hours to setup and 5 minutes to update.

Easy to spot packages

[Rosco+P.+Coltrane]

It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT

How to easily find the Windows source code packages in your daily P2P incoming directory:

rosco@dipstick:~/emule/incoming$ ls -l --sort=size -r .
total %@*@&^23462&^% bytes
-rw-r--r-- 1 rosco rosco 645124103 Feb 12 22:49 starwars.zip
-rw-r--r-- 1 rosco rosco 658124896 Feb 12 22:50 nt.zip
-rw-r--r-- 1 rosco rosco 660100457 Feb 12 22:49 goodbadugly.zip
-rw-r--r-- 1 rosco rosco 705012756 Feb 12 22:49 dasboot.zip
-rw-r--r-- 1 rosco rosco 706107014 Feb 12 22:56 daftpunk.zip
-rw-r--r-- 1 rosco rosco 710127685 Feb 12 22:58 chembros.zip
-rw-r--r-- 1 rosco rosco 9874520782^45 Feb 12 22:59 2ksrc.zip
-rw-r--r-- 1 rosco rosco 4578924574^37 Feb 12 23:12 ntsrc.zip
Segmentation fault. Core dumped.

Compilation and Windows source code

[CdBee]

Microsoft has always maintained that it takes a good 24 hours to compile a full version of Windows from the source, and that the increasing complexity of Windows has meant that modern computers don't compile modern windows any faster....

I'd be interested to know what the Windows source is compiled with though

Intel C compiler? I'm sure they couldn't stand the irony of using GCC. The NT codebase is supposed to be crossplatform do I doubt it's got any Assembler code in it - is it written in C or one of Microsofts own languages?

If so, what was it originally written in and when was the translation made? (Pls don't mod me informative - I may be way off the mark!)

Re:Compilation and Windows source code

[DR+SoB]

It's in c (at least the core pieces). the older modules may contain assembler.

Re:Compilation and Windows source code

[say]

It is some asm, in the kernel code.
Then there is a lot of c++.
Most of it is c.

Some other files exists, i dunno what they are.. .prf and .mib and friends.

Re:Compilation and Windows source code

[sICE]

If the files.txt that is linked from another post is real, you might be very right. I checked the .ext there: C(4675), CPP(2257), ASM(148). But only MIB(28), PRF(39).

Some more other interrestings extentions: BAT(123), CMD(65), JAVA(37), SED(29), PL(17), JS(16), M4(5), AWK(3), BAS(2), VBS(1).

Documentations? EML(2213), TXT(382), HTM(212), HLP(23), RTF(9), PPT(3), PDF(1).

Media: ICO(1304), BMP(803), GIF(165), AVI(141), ANI(34), MID(3), JPG(2).

TOP11: H(5611), NoExt/Dirs?(4708), C(4675), CPP(2257), EML(2213), CXX(1466), ICO(1304), HXX(972), BMP(803), RC(702).

Re:The shit will hit the fan + Mirror

[ctr2sprt]

Could this potentially help the WINE Project?

No. If the Wine folks look at the actual Windows source code, they aren't reverse engineering any more, they're copying, which is illegal. Even copying from memory and not wholesale code lifting can be against the law. If even one person were to do it, it might taint the entire project, undoing years of work. I very much hope that no MS-copyrighted code ever finds its way into an open source project, both for practical reasons like the above and for moral ones. The same copyright that keeps Windows secret keeps Microsoft (and others) from just stealing GPL'ed projects.

Re:hmm seems a bit buggy

[jmorris42]

> It *amazes* me that it hasn't been routine.

Because most people are paranoid enough to assume M$ watermarks each distributed copy to allow them to trace it back to the point of release. But now they are giving copies to governments like China and folks there just don't really give a damn about western notions of copyrights.

Re:The shit will hit the fan + Mirror

IANAL but I would avoid looking at the leaked code - especially if I was working on a project like wine. You wouldn't want wine to sued out of existence because it contains code derived from a proprietary, copywritten system.

What if we just use the parts that MS lifted from BSD?

It's not a problem.

[ggruschow]

I've seen a fair chunk of the NT kernel code, legally, under NDA. The NDA bars me from revealing any details, but it doesn't prevent me from saying that, if I were MS, I wouldn't worry about anything aside from sheer embarassment.. However, I have to admit that getting something of that hulking size operating solidly is pretty respectable.

On the plus side, some of the comments are fairly humorous, especially when you note who wrote them and look up where they are today.

Re:It's not a problem.

On the plus side, some of the comments are fairly humorous, especially when you note who wrote them and look up where they are today.

OK, it just HAD to be said..

/* mem_routines.h */
success = malloc(655360); /* [billg] this should be enough for anybody */

this could be really bad

[G27+Radio]

The Windows code hasn't had nearly as much peer review as open source OS's so I won't be suprised if this leads to a ton of exploits. The big problem here is that this source will be available to any black-hat that wants it--they obviously aren't going to be concerned about the legalities of obtaining leaked source code. But the businesses that use Windows aren't going to be able to audit the code for security leaks unless they obtain it illegally (or sign some agreements with Microsoft and shell out bundles of cash.)

Re:this could be really bad

[cmowire]

That is exactly my thoughts.

The interesting part is the difference between Win2k and Linux. In both cases now, the black hats have access to the source code. However, there are more white hats who have access to the Linux codebase, which will make for some interesting long-term implications.

This also has the potential to solve the NSAKEY contriversy once and for all and provide some interesting insights into how Windows works. I'm wondering if, through the use of countries with more flexible copyright systems, it would be possible to document interesting attributes and then pass them back to WINE and other open-source folk.

Re:this could be really bad

[ianr44]

This also has the potential to solve the NSAKEY contriversy once and for all It only has the potential to show that there are backdoors. If there are no backdoors are in the source, the tinfoil hat crowd will just say that the leaked source isn't the version used to build windows binaries, and the controversy will continue.

OSS developers, don't be tempted to look

[jd142]

I think from a legal standpoint it might be very important that OSS developers not look at the code. Even though they didn't leak it, MS still has rights to the code. If an open source program took advantage of illegally leaked code, what would the legal ramifications be on the OSS project? I don't know the answer, but I'd be willing to be real money that MS would sue. I remember reading an article where the SAMBA developer said he was very careful not to look at any code because of this. Reverse engineering is fine, but you don't get any help to do it.

MOD PARENT UP

[nickos]

For the same reasons that Microsoft warned its IE developers to stay clear of Mozilla, open source coders should avoid even seeing this.

That said, I'd love to get hold of the dll code that does the equivalent of a window manager in X. How cool would it be to swap out a dll on the Windows box at work and have a completely custom windowing environment?

Re:MOD PARENT UP

[jason0000042]

www.litestep.net, or litestep.com. Works pretty good too.

Re:MOD PARENT UP

[nickos]

I thought Litestep just replaces the shell (ie explorer.exe). Is there any way I can change the click-to-front behaviour of Windows to use the Amigas (or WindowLabs) click-to-focus but not click-to-front model.

Nope? - didn't think so.

The only way I can think of doing it is using hardcore hook stuff. Having the code would be *much* easier.

Re:MOD PARENT UP

[svallarian]

Doesn't tweakUI have an option in it that gives you X-style window options?

Steven V.

The odds of getting the full source: experience.

[rufusdufus]

The odds of getting one's hands on the full source to NT4/2K are slim to none--even most Microsoft folks couldn't do that.

This is incorrect.

Its funny how people build up ideas in their heads about what its like in a large corporation, somehow like a hollywood movie with lots of people with dark shades and guns ala "The Net".

No, inside Microsoft is a lot more like "Office Space" and anybody with motivation could get the entire source with little trouble.

That leads to a fascinating question

[way2trivial]

Are there any back doors showing in the source...

:: prediction ::

[macshune]

Just imagine the FUD/lawsuits/etc when, for some reason, Linux starts running on natively on NTFS.

Re::: prediction ::

[jonadab]

Actually, that's exactly what I was going to suggest, though not by copying.
I was going to say the first thing anyone competent in C/C++ who gets their
hands on the code ought to do (providing they don't need to take a hands-off
approach due to, say, the need to be able to legally write competing OS code)
would be to post English descriptions anonymously to usenet, describing the
way NTFS works, especially the parts that are not currently well-understood.
No source code snippets, just stuff like "it appears that such-and-such
information about each file is stored and updated whenever it changes in three
places: at offset blah in the file header info, and ...". (I don't know beans
about NTFS, so any fs jargon that leaked into that sentence may not be accurate.
But you get the idea of the kind of thing I mean.)

Then somebody else could take that information and implement a compatible
filesystem in a clean-room fashion.

IANAL, but from what I've read on slashdot, there's apparently at least a
vague possibility the resulting code might be legal. Though, one should
consult legal counsel before spending significant time on such a project.

Re::: prediction ::

[Rubbersoul]

You, my friend, win for best line I have ever read on slashdot ...

IANAL, but from what I've read on slashdot...

This is good stuff

Now? Improve emulators!

[axxackall]

Well, on a serious note, the leaked sources of NT and W2K can be used by win-emulator developers to improve their emulators. No need even to copy the code (it may or may not work directly inside that emulator anyway), but when it comes to debugging the developer may look at the original code in order to UNDERSTAND why it works differently.

Besides, there are several obfuscating methods designed to hide the logic of the original code. They can be used to actually copy the code to the emulator (if the copied piece will work there). After that it would be hard to prove anything even in the open source.

Disclaimer: IANAL, but anyway, personally I would not feel guilty having W2K source code and using it to improve WINE. Because I think that the algorithms is a part of the math, which existed always even before humans came here. A programmer just discovers the piece of math and express it using one or another language. The gravity doesn't belong to Newton, the math formula that describes the gravity neither. Only the fact of discovery of gravity math description belongs to Newton, just for references. Only the fact that programmer wrote the code belongs to the programmer (or the employer), not the code itself. Just to refer in the report to the boss why one was so busy all the day. Getting the source code from Microsoft is not stealing - it's learning. There is nothing wrong in learning.

Re:Now? Improve emulators!

[harrkev]

Yup. And films should not be copyrighted because the film studios did not invent silver nitrate.

And CDs should not be copyrighted because they did not invent the photon used to read it.

If you take this to its logical extreme, any file is simply an extremely large digital number (millions of bits). How do you copyright a number? So it is then not possible to copyright ANY digital work.

Oh, no! I Looked!

[ackthpt]

10 * BEGIN
100 GOSUB 7000 ; * Load stuff
110 GOSUB 900 ; * Show windows logo
120 GOSUB 20000 ; * Prompt for operator login
130 GOSUB 32000 ; * Fill half of memory with DLL's
140 GOSUB 16000 ; * Time waster loop
.
.
.

SCO Code in Win2000

Imagine if somewhere hidden in the bowels of the Windows2000 source an intrepid SCO intern finds a sliver of SCO-owned Unix code. Then all hell would break loose...

Re:SCO Code in Win2000

[UserGoogol]

Lets not forget who first wrote SCO Unix. Microsoft. Microsoft bought the rights to a Unix back in the eighties, (which they named Xenix) but DOS/Windows got too damned popular, and when they started working on OS/2 they decided to sell off Xenix to the Santa Cruz Operation. Years later, Santa Cruz Operation would recieve the rights to Unix-proper from Novell. A little after that, Santa Cruz Operation sold all their Unix stuff to Caldera, who promptly renamed themselves SCO.

Of course, this lawsuit is based on the AT&T Unix which "Classic SCO" got from Novell, not from Xenix, but... well, there's a lot of mixed up stuff here.

Re:SCO Code in Win2000

[rixstep]

Lets not forget who first wrote SCO Unix. Microsoft.

This is totally untrue. What happened was that Microsoft bought a compiler from Lattice which they retrofitted for Unix, and a source code licence from AT&T, but Microsoft did NOT, I repeat did NOT, work on that source code themselves.

That source code was given to Santa Cruz, who 'developed' Xenix from that.

And I am sorry, but the very thought that the dim-witted Microsofties would have 'written' their own Unix? Sorry, but that is just too laughable.

Someone PLEASE...

[RyanFenton]

As someone mentioned, this would be fascinating to just read the comments. Would it be possible for someone to strip out all the code, leaving only the comments for each file, minus comment lines that ARE code? It would be GREAT just to read the "intention" and "questions" living in that code and be able to associate each with a filename. Purely for entertainment value. It would also be neat to compare comment-to-code ratio in areas of MS code. :^)

Ryan Fenton

Re:Someone PLEASE...

[menscher]

Cute. Linux 2.6.2 kernel source. About 500 took the bait so far.

More Info + Source Snippet

http://www.windowsbeta.net/ is carrying the story (not slashdotted yet) and has a snippet from TaskManager up to prove validity.

See win2k/private/ntos/ for kernel stuff

[enosys]

The files listed in win2k/private/ntos/ appear to be kernel stuff. Yes, even asm files in there.

Re:See win2k/private/ntos/ for kernel stuff

The listing appears valid, but is only a subset.

I lived for years with full source access at a MS partner company.

Example of what's missing is the file systems (only the file system recognizers seem to be there, not the file system), the entire device driver tree, storage drivers, etc. Most of the core kernel functionality is there though, if pre-service pack levels.

That is a MYTH

[FreeUser]

I hope you weren't planning on ever contributing to any Open Source projects after doing that. If it's later demonstrated that you had access to the W2K source and contributed vaguely similar code (even by accident) to a project, it could have severe repercussions for that project.

IANAL but I do read Groklaw, and from what I understand copyright restricts the act of copying (duplicating). You can study someone's implimentation of something as much as you like, then go impliment something similiar yourself. As long as you do not copy the code verbatim you are not in violation of copyright law.

Otherwise, no student would be able to code having once looked at examples in a text book ... the textbook author would own all of your code.

The problem is, of course, proving one implimented the code oneself and did not in fact crib the whole thing from someone elses code, and the greater the similiarity (for code of sufficient complexity ... trivial code will generally be similiar regardless) the more difficult that is.

In any event, it is a myth that, simply by looking at, or even studying, one set of code one is somehow "tainted" and unable to contribute to another, competing project, be it free or proprietary. To violate copyright law one must copy, not just receive inspiration from.

Re:That is a MYTH

[Bootsy+Collins]

> I hope you weren't planning on ever contributing
> to any Open Source projects after doing that. If
> it's later demonstrated that you had access to
> the W2K source and contributed vaguely similar
> code (even by accident) to a project, it could
> have severe repercussions for that project.

IANAL but I do read Groklaw, and from what I understand copyright restricts the act of copying (duplicating). You can study someone's implimentation of something as much as you like, then go impliment something similiar yourself. As long as you do not copy the code verbatim you are not in violation of copyright law.

What you're saying about copyright is correct; but that probably isn't what MS would come after you (and your open source project) for. It'd be patent and trade secret violations.

That said, I don't know whether the unauthorized release of code would invalidate subsequent trade secret claims. On one hand, it seems crazy to lose trade secret protections because of an illegal or unauthorized act; OTOH, it seems crazy to call something a secret that, well, isn't. Maybe someone who is a lawyer can discuss.

Re:That is a MYTH

[AKAImBatman]

The idea of being "tainted" is actually from licenses that have "trade secret" clauses. Once you sign a license like that, you *are* tainted. That being said, it's a very difficult clause to enforce. Contracts that prevent someone from working in the field for which they are educated and experienced have often been found unenforceable by courts.

(IANAL and this is not legal advice. Go talk to PJ. At least she's a paralegal.)

Re:That is a MYTH

[Derek]

"IANAL but I do read Groklaw"

It was only a matter of time before people started saying this....

-Derek

Re:That is a MYTH

[SquarePants]

IAAL. What you are saying is simply not true. Even if you don't copy verbatim you can be guilty of copyright infringement if you create a "derivative work" from copyrighted material. MS would probably argue that your "perusal" of their code and subsequent creation of a work based on such "perusal" would constitute creation of a derivative work. Its done all the time since only a complete moron would copy source code verbatim.

Also, because the act of copying is incredibly hard to prove unless you are dealing with a complete moron, it is not necessary under the law today for a copyright plaintiff to actually prove the act of "copying." Generally speaking, it is sufficient for them to prove "access" to the copyrighted work and "substantial similarity" between the two works. There is tons of case law on this stuff.

Re:That is a MYTH

[mypalmike]

> Do you not think that Microsoft has patents on many of the things in that code?

Yes, but then, wouldn't reading the publically available patents be a problem?

The answer to this is, of course, yes. I used to work at a major game developer which strictly forbid us to read any patents. This policy wasn't just something you might read in the fine print of the employee manual: there was a mandatory-attendance presentation on the subject. The argument was that if a single employee read a particular patent, the whole company is legally tainted by that knowledge. Even though it's not supposed to matter, knowledgeable infringement apparently makes for a stronger case in the courts than coincidental infringement. So, if I read patent X, and another employee working on the other side of the planet unknowingly infringes on X, a case can be made that they actually knew it., because the company knew it as a whole. How could they prove I read it? There could be a server log that shows my PC was at that url at uspto.gov. Crazy stuff.

-_-_-

Re:That is a MYTH

[Bootsy+Collins]

Correcting myself . . .

> from what I understand copyright restricts the act
> of copying (duplicating). You can study someone's
> implimentation of something as much as you like,
> then go impliment something similiar yourself.
> As long as you do not copy the code verbatim
> you are not in violation of copyright law.

What you're saying about copyright is correct;

[ snip ]

No, it isn't, and I don't know why I said it was. Too much crack today or something. The law on derivative works would make this not true, at least according to my understanding of Brad Templeton's 10 Big Myths about copyright.

So...

[El]

My question is, has anybody managed to get this steaming pile of manure to compile? Seems like one would need to do that and then compare the binaries (ignoring any timestamping) before assuming this is authentic.

Re:Is the code that bad

[pjrc]

Is the code that bad such that this news story considers this so dangerous to Microsoft?

Well, that's what Microsoft claimed in court, in response to the notion of requiring them to provide the source. Microsoft claimed releasing the source could compromise (USA) national security, because the malicious individuals could find and exploit all the holes. Yes, they really did say that, more or less.

But only a couple months later, faced with China adopting Linux over concerns of hidden backdoors, Microsoft provided a copy of the source to the Chineese. So much for national security (or was that honest under oath?)

Here's some of it....

[C+A+S+S+I+E+L]

Neowin.net is reporting that Windows 2000 and Windows NT source code has been leaked to the internet.

The server is currently slashdotted, but I managed to download the first few lines of the Windows 2000 codebase. Here they are:

10 REM Windows 2000 Operating System
20 REM (C) Microsoft Corporation
30 REM Note: TO DO: fix up security stuff
40 REM :
50 REM :wq
60 REM exit^M^M quit ^C

What, no GPFL?

[namespan]

I was expecting the General Protection Fault License.

Pffft...

[TheSpoom]

The Win2K Source was released a while ago.

Mirror

[jeroenvw]

mirror

It's a TRAP!!! /Adm. Ackbar

[Thud457]

Microsoft is sooooo obviously trying to pull an SCO here.

If you work on any Open Source project, DO NOT LOOK!

Re:Torrent?

You must either be new to Gentoo or new to Windows. It would most definately be:

ACCEPT_KEYWORDS="~x86" emerge win2000

Re:The shit will hit the fan + Mirror

[Lehk228]

Having the source you could do a cleanroom implementation of it, have a set of "dirty" developers read and describe the undocumented API's and another set write those API's from scratch

MS giving source code to countries

[xandroid]

I seem to remember reading that Microsoft gave China access to the entire source code, after the country mentioned that it was leaning more towards using Linux for government-related things, because the entire source code was open for inspection.

Re:MS giving source code to countries

[leerpm]

I guarantee, that if it was one of these countries who gave it away. They will be caught. Why? Because Microsoft probably made small but unique cosmetic changes to each of the codebases they released. Essentially, putting a unique fingerprint on it in each instance they have shared out the code.

Re:MS giving source code to countries

[adrianbaugh]

Whereas SCO were stupid to mess with IBM, for Microsoft to mess with China would be utter lunacy, especially given China has the source code. Regardless of what political ticking-off MS can ask for China to receive, China has the source. It has a regime where it can require (literally) millions of people to work their way through the code, write as many utterly hideous virii as they can and release them all. Make no mistake, while China might get a slap on the wrist it's nothing worse than they continually get for their human rights record: on the other hand, they seriously have the resources to destroy MS if they're pissed off enough. I think MS made a stupid deal when they gave the source code to an insecure OS to a government like China's.

Re:It's a TRAP!!! /Adm. Ackbar

[vrtladept]

In my best Bruce Campbell voice "Stop, it's a trick. Get an axe!" Hail to the king baby!

The dirty room and the clean room

[tepples]

As long as you do not copy the code verbatim you are not in violation of copyright law.

Copying of nonliteral elements is actionable infringement. That's why many reverse engineering firms have two separate teams: one to describe a piece of copyrighted code and another to implement it.

In any event, it is a myth that, simply by looking at, or even studying, one set of code one is somehow "tainted" and unable to contribute to another, competing project, be it free or proprietary. To violate copyright law one must copy, not just receive inspiration from.

Try telling that to the estate of George Harrison, who lost in Bright Tunes v. Harrisongs. It's possible to copy without knowing you're copying, and it's still infringement.

Mirror: An Insightful comment from Neowin

[metroid+composite]

#1.3 Reply by cowabunga on 13 Feb 2004 - 02:16
About when is it time to buy som Microsoft stock? In an hour when it plummets and then sell tomorrow when its back up after they find out its all bull

Maybe someone trying to make some money this way or MS is agressivly pushing their customers over to XP

Worth mirroring I thought.

Re:I'll believe it when I see it.

[sql*kitten]

took a week to setup and 2 hours a day to update

No wonder, with half a meg of memory :-)

Re:I'll believe it when I see it.

[justsomebody]

Agreed, but you forget one thing about size. Source code has very good compression ration. Almost every time ratio is 10:1 or more which would mean 1-5 GB, and considering Fedora dvd image i'm downloading right now 3.7GB, well nothing special about the size.

Re:ReactOS

No, I think this is actually bad for us. We now have to be even more careful about who we accept code from.

Ge van Geldorp
ReactOS developer

Re:hmm seems a bit buggy

[zurab]

It *amazes* me that it hasn't been routine.

I agree. Remember, at the trial MS argued that opening or showing parts of Windows source code would be a threat to national security. Not long after that, they gave their source code to Russia, China, and many multi-national corporations and other organizations as part of their Shared Source initiative. Now, don't know where the source was leaked from, but 1 + 1 = ?

If in fact, this story is true, MS is riding against the wind here. It is feeling pressure from the Open Source while its security, software, and business models are based on keeping the source secret. If so, how long can they keep up?

ANONYMOUS DONOR CONTRIBUTES TO WINE

WINEHQ: Early today, a developer who wished to remain anonymous contribued an astonishing amount of source code to the WINE project. Some initial testing performed by WINE core developers revealed that WINE's compatibility with Microsoft Windows applications releasted for Windows NT and Windows 2000 had perfect compatibility, even down to some annoying and well-known bugs that have plagued certain Microsoft DLLs distributed with Microsoft's operating systems.

"This will really make it possible for non-Windows users to run more applications than ever using WINE on alternate operating systems like Linux," said one develper we spoke with. ;)

Irony of ironies....

[bobdotorg]

I would be the most poetically ironic event ever if it turns out that it was a MS Win security hole that allowed a hacker to enter a server and steal the code.

Doubly ironic if it was a hole that MS has known about for months and not bothered to patch.

Triply ironic if someone finds said hole, patches it, and ships patched source back to MS.

Re:Irony of ironies....

[MxatmaXandi]

Doubly ironic if it was a hole that MS has known about for months and not bothered to patch.

Well, I work there now, and after having all my net taps cut off at the router one day because I inadvertently left an unpatched OS (I typically have several on a test box) running overnight (some sniffer demon noticed it hadn't been patched), I'd have to say, "NOT LIKELY!"

Oh, and the file list looks pretty authentic to me- I wrote (tiny) parts of Win2K, and I found my files right where I left them. I didn't read the contents, and I'm sure they would have changed between when I finished and the OS was released 3 years later

IMO, this leak happened the old fashioned way- people of weak character and dubious morality don't value what doesn't belong to them, and do with it as their own blinding egos let them see fit. Social Engineering worked for someone..

Re:It's a TRAP!!! /Adm. Ackbar

[Via_Patrino]

What about the opposite:
Is there GPL code there?
Ask an auditing company to
diff NT4 2000 | grep -e yourcode
and get an answer.

I don't think they're playing SCO if they released just a part of it maybe but not the whole thing

Code leaks not new

[Jim+Hall]

Code leaks from Microsoft are not new. Check this article at CIO Update about a code leak a year ago: (emphasis mine)

Microsoft Corp. said it is tracing a key piece of code from its Windows Server 2003 software that was leaked onto the Internet, triggering concerns about piracy problems ahead of the company's scheduled product release later this month. The volume-licensing key in question allows for unlimited installations of Microsoft's Windows Server 2003 server operating system, the next upgrade from Windows NT that is slated for release on April 24.

However, this seems only to be a partial leak, not comparable to this complete (if it's real) source code leak.

Seen it - nothing spectacular

Blimey. We got wind of this around lunchtime GMT, and within half an hour two zip files mysteriously got downloaded to - ahem - servers some collegues and I have access to (no, I had no involvement in the download and have no idea of the source). We took a look, us being extremely sceptical of the claims, and ended up spending a few hours grepping the Win2K sources.

If this is a wind up, someone or people spent a long old time faking it. Microsoft notices and email addresses all over the place. They don't like the AIX compiler one little bit. Hardly any mention of Linux, GPL or GNU.

Actually quite a professional bunch of source files by all accounts. Appears to be using standard GNU Makefiles though. Yes, the 'f' word appears, as does the 's' word. Apparently Office 2k is broken in some respect that Win2k needed a tweak or some description.

Plenty of mentions of Internet Explorer, although I wouldn't like to say that we found 'IE' in the code, but then we aren't C experts at all. It does mention IE6 and Windows ME, so can't be all that old either. Does mention buffer overflows a fair bit, also plenty of 'hackhack' and 'bugbug' notes laying around.

In fact, nothing particularly spectacular found at all. We took a look, got bored, and went back to our normal work. Honest boss!

And no, we didn't try to compile it. We felt it was genuine enough though - not that we really cared. We did however note that if this lot is proven to be the real deal, Microsoft are going to be landed with one hell of a lot of security alerts for 2k/NT over the next six months.

Yours merely curious...

my eyes must be getting old

[proj_2501]

whoa, i totally read that as "MOD PARENT UP SUPER FUNNY"

Interesting Neowin comment

[bonch]

"#43 Posted by psneddon on 13 Feb 2004 - 01:09
Just my opinion / thoughts.

1) The software that builds and compiles Windows is very complex I doubt anyone could turn the source into a working system easily. Maybee it would be possible to compile certain parts. Plus even if you could it would take hours if not days to go through the process.

2) I don't see how this will let anyone find any obvious flaws, microsoft have software that does this all the time. I'm not saying its not a security risk but its not as simple as the journalists make out - as always.

3) This exact same scare happened about 7 years ago, I remember they were selling the source to NT4 at a local market on CD, doubt it was the real source code."

patents and trade secrets.

[ecalkin]

there might be patent issues, but i think they list those one the software or license somewhere. my understanding of trade secrets is that it is their reponsibility to maintain a the secret. and if this is *really* source code for nt4/win2k, it's not a secret anymore.

eric

Re:The shit will hit the fan + Mirror

[happyfrogcow]

No. If the Wine folks look at the actual Windows source code, they aren't reverse engineering any more, they're copying, which is illegal

I'm tired of this b.s. Since when has looking at something been equated to copying it? Copying is copying. Looking is looking. However, obtaining the code is probably a copyright violation. After all, this post is not a copy of your post. It was inspired by it, I looked at your post, I legally cited your post, but I did not give you the rights to my post by doing so, nor can you force me to remove my post.

The Iraqi Information Minister

[jeffkjo1]

"There is no available source code! Only a heathen would suggest such a crime. Microsoft has an excellent security track record. Those are features, not bugs! The heathen apple and linux communities are spreading lies, it is all lies."

Re:Download it HERE

[say]

The front page there reads: "SLASHDOTTED TO HELL" in a nice, bold font.

File headers

[Del+Vach]

I found some of the file headers of particular interest:

Copyright 1984 Apple Computer, Cupertino, CA

DRM?

[lysium]

Any chance that the juicy bits of Windows Media Player are sitting in that code? Breaking that system would make more than a few distributors cry...

Re:Samba 3.0 is potentially, royally, screwed.

[pandrijeczko]

Before now, it could be assumed that Samba developers were working from scratch- clean room implementations, because it wouldn't be possible for them to have the source code.

Oh, come on, get real! You miss one very important point in your comment...

The source code to SAMBA is Open Source!

This means that MS have probably got a few copies of Samba themselves already and were there any licensed MS code in it, you can rest assured the Microsoft would have sent their lawyers over long before now.

Just accept that the Samba guys are a pretty neat bunch of programmers that have genuinely backwards engineered Samba from the word go - it's the likeliest and most realistic conclusion to draw.

Re:GNU make users?

[TioHoltzman]

No they wouldn't.

There have been articles on the web describing alot of their NT build process. They do use command line builds. They originally wrote a custom version control system, but now use something else (not Visual Source Safe, I think perforce, or perhaps they created anotehr system). I believe, if memory serves, that they had a custom make tool, but they may now use nmake, which is the make tool that's distributed with their commerical dev tools.

I recall the article did mention the use of perl for parts of the custom build scripts.

As a long time windows programmer, frankly, this stuff looks made up. Clever, amusing, but ultimately it seems like a hoax. If this is all the proof we have, then I'm afraid it's a bit pathetic!

Also there appear to be duplicate headers, repeated in various directories that I'm almost positive would end up screwing the compile process in a real build. Also, another thing is that, if their distributed files with VC6/7 are indicative of their internal naming, they stick to a strict 8.3 naming scheme, and make note of this in their documentation (don't remember *where* it was that I read it, but it was MS docs, and I remember being surprised by it). Another thing, again assuming that the files distributed with VC6/7 are a good model, their files tend to be all UPPERCASE! For example, here's a listing from their includes in for VC6:

-rwx------+ 1 Administ None 21912 Apr 24 1998 ACCCTRL.H
-rwx------+ 1 Administ None 27863 Apr 24 1998 ACLAPI.H
-rwx------+ 1 Administ None 3735 Apr 24 1998 ACLCLS.H
-rwx------+ 1 Administ None 747 Apr 24 1998 ACLSID.H
-rwx------+ 1 Administ None 269 Apr 24 1998 ACSMGTC.H
-rwx------+ 1 Administ None 267 Apr 24 1998 ACSSVCC.H
-rwx------+ 1 Administ None 833 Apr 24 1998 ACTIVECF.H
-rwx------+ 1 Administ None 1111 Apr 24 1998 ACTIVEDS.H
-rwx------+ 1 Administ None 39805 Apr 24 1998 ACTIVEX.MAK
-rwx------+ 1 Administ None 3794 Apr 24 1998 ACTIVEX.RCV
-rwx------+ 1 Administ None 2053 Apr 24 1998 ACTIVEX.VER
-rwx------+ 1 Administ None 68013 Apr 24 1998 ACTIVSCP.H
-rwx------+ 1 Administ None 17845 Apr 24 1998 ACTIVSCP.IDL
-rwx------+ 1 Administ None 3402 Apr 24 1998 ADDRLKUP.H
-rwx------+ 1 Administ None 18946 Apr 24 1998 ADMEX.H
-rwx------+ 1 Administ None 10051 Apr 24 1998 ADMINEXT.H
-rwx------+ 1 Administ None 2827 May 31 1998 ADOID.H
-rwx------+ 1 Administ None 343678 Jun 19 1998 ADOINT.H
-rwx------+ 1 Administ None 135222 Jun 2 1998 ADOMD.H
-rwx------+ 1 Administ None 14127 May 31 1998 ADOMD.IDL
-rwx------+ 1 Administ None 5083 Apr 24 1998 ADPTIF.H
-rwx------+ 1 Administ None 1133 Apr 24 1998 ADS.ODL

Re:What if it were discovered that ...

[Dr.+Mojura]

How would you call them on that?

Hey Microsoft! You have GPL code in your secret Win2K code! I mean... not that we've seen your code or anything... Just guessing.

Re:The shit will hit the fan + Mirror

[jps3]

The contention is that you would have a dickens of a time proving in court that you were not directly influenced or did not directly copy the copyright work. Do you have the financial security to take this through the courts and win? No? Then, keep your nose clean. If you don't want to stink, don't go near the shit.

I understand what you're saying, but it's best to steer far and wide and very clear of it. Treat it like nuclear waste. You don't even look at it no one can try to taint you.

Files with interesting names...

[SiliconJesus]

10328 07-26-00 01:41 win2k/private/genx/shell/gnumakefile
0 11-18-01 14:23 win2k/private/genx/windows/inc/mobileq-apache.eml
0 11-18-01 14:23 win2k/private/genx/letter to children - 2.eml (*)
0 11-18-01 14:23 win2k/private/inet/mshtml/btools/bin/words of wisdom from dennis.eml
0 11-18-01 14:23 win2k/private/inet/mshtml/build/ppcmac/ship/unix.e ml
0 11-18-01 14:23 win2k/private/inet/mshtml/build/ppcmac/documentati on of problems in stress.eml
506 07-26-00 02:12 win2k/private/inet/mshtml/gnumakefile
64276 07-26-00 02:13 win2k/private/inet/mshtml/tools/mips/utils/sed.exe

Plenty of gnumakefile entries throughout...

Also - directories for ppc / ppcmac / alpha / mips

Could this be OFFICE 2000 instead of Windows 2000?

* - WTF?

Re:Files with interesting names...

[raodin]

I don't know about mips, but there were alpha/ppc builds of NT4.. this is probably just left over.

Taking a leaf from Valve...

[diodegod]

Maybe seeing how Valve can put the Half Life 2 release date back a few months due to their leak may have given Microsoft an excuse to delay Longhorn a little further ;)

Yes I understand the consequences etc, I wanna grow up and be a respected open source coder (and get paid to go to conferences). If I wanna read source, I'll read /usr/src/linux (captivating stuff, gripping plot).

~Duane

Re:Torrent?

Don't worry... We're safe. MS can't prove what you're downloading, because no one there can open a tar.bz2!

TAR!? BZ2?! What the hell? That's not ZIP!!!!

How it can go wrong

[ackthpt]

A friend and his associate left a previous employer to form a start-up. They began work on a product, much like the one their former employer was developing. Though my friend largely contributed the code and many fixes to his associates code, the project died when the former employer had detectives raid the associates house. The former employer claimed they were copying the firmware, though my friend had mostly written it. However, an old code listing was found in his associates house after they had both vehemently denied copying any code from their former employer. In light of the discovery, the issue of stole-did not steal became a moot point, as they would need a company of lawyers, time and lots of money to defend themselves. If he had tossed all prior employer related junk from his home office, the burden would have been much greater on the former employer. Having some code at home which looked suspiciously like product code (particularly to the untrained eye) killed their start-up and put the associate in jail.

Re:How it can go wrong

ummm he let detectives do a raid?

i would have kicked them the hell out then called the police for attempted burgarly AND pretending to be a law enforcement officer.

A note from someone who has see the real source

[rufusdufus]

Its been a couple years, but I have seen the real source code for windows NT. All I have seen so far here is a file list, but I can say these things about it:
1) I cannot confirm that this is a legitimate file list.
2) I can confirm that every tree and file I am specifically aware of is missing.
3) This is definetely not the entire source tree.
4) There are many dubious file names such as "words of wisdom from dennis.eml
", zero length, and "gnumakefile" that definetely appear out of place.

My guess is that someone has taken some licenced source code and "sexed it up" to troll internet.

Re:It's a TRAP!!! /Adm. Ackbar

[jafac]

Worse still - if you work on any Open Source project, and you look at Microsoft Source code. . . DO NOT COPY IT!!!

We like Linux as it is. Reliable, stable, and fast. Copying Microsoft code in would jeopardize that. Never mind the IP issues. . .

Re:backups

[Viper233]

This is probably old hat now, but....

Real men don't do backups, they just pack their files into windows_2000_source_code.zip and post them to their website.... with torrent links...

SHORT THE STOCK?

[macshune]

Speaking of "a world of hurt," wouldn't the general reaction to a leak of this kind cause a precipitous fall(big or small) in Microsoft's stock? If was an investor, I would totally short the stock right now, since there will probably be some crazy reaction at just the hint of a leak...probably because people will think it's a bigger deal than it will end up being.

It looks as though at the end of the trading day, MSFT did lose some value. If not short it, then maybe sell it, if only to pick up some deals later...

Re:SHORT THE STOCK?

[mbshafer]

To note if the leak is true and the stock gets pounded it's unlikely one would get the opportunity to short the stock. Ref SEC rule 10a-1 (aka "Uptick Rule). For Reference: http://www.forbes.com/2001/10/04/1004short.html But bottom fishing would certainly be in order. Question of course is where is the bottom when a stock takes a hit? :) Cheers!

Re:SHORT THE STOCK?

[noisehole]

found a torrent: ed2k://|file|windows_2000_source_code.zip.torrent| 16496|5506C49CCCA12204BAB6FE960CE5602C|/

btshowmetainfo.py windows_2000_source_code.zip.torrent
btshowmetain fo 20021207 - decode BitTorrent metainfo files

metainfo file.: windows_2000_source_code.zip.torrent
info hash.....: f03fc1e04869294d5644d3c8c5d0fb8f2d26aa59
file name.....: windows_2000_source_code.zip
file size.....: 213748207 (815 * 262144 + 100847)
announce url..: http://alge.nlc.no:6969/announce

maybe its that thing, atm 23 seeders, 239 downloading and it was created on 2/12/2004 11:16:13 PM, so looks good so far

knock yourself out

Re:SHORT THE STOCK?

[catscan2000]

You know exactly what's going to happen is that Microsoft's stock will gain value and rise several dollars by the end of the next business day.

Why do I predict that? Simple: The Stock Market's reality is the exact opposite of Slashdot's reality ;-).

Proof? One word: SCO

Re:SHORT THE STOCK?

[noisehole]

its in the wild and no one can do anything about it.
most ppl are downloading it to have something to brag about. others are just peeking at it for the fun of it, like me. just a few grep's showed some interesting things...

the file actually is the zip to the spreading files.txt

whats a little bit weird is a linux coredump at private/security/msv_sspi/core

it appears someone named eyala from mainsoft used vim (VIM - Vi IMproved 5.6 (2000 Jan 16, compiled Mar 7 2000 12:18:07)) on a redhat x86 box under xfree86/kde on a w2k sp1 sourcefile, well until the box ran out of memory...

Re:SHORT THE STOCK?

[DakotaK]

Gee, when MS gets their grubby hands on server records, they'll have fun suing the hell out of all the downloaders. Thanks!

Hrmph.

[goliard]

Hrmph. I opened one of those files and all it said was:

If this were a virus, you would be dead now. Fortunately, it's not.
The Metaverse is a dangerous place; how's your security?
Call Hiro Protagonist Security Associates for a free initial consultation.

Semi-slashdotted? Here's the text...

Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.

Please do not post any links/screenshots/hints or anything to do with the source code outbreak. Discussion is allowed but we will not condone people spreading this source code.

(The rest is just the comments, you know, crap like you get on /.)

Re:Semi-slashdotted? Here's the text...

[blorg]

Perhaps the following error message was not such a good idea:

"There seems to have been a slight problem with the database. Please try again by pressing the refresh button in your browser."

Refresh, you say? Oh-kay...

Please be a hoax!

[raw-sewage]

I sincerely hope this is a hoax. On the one hand, it would be great to point to the Windows source code and say, "See how terribly written, buggy, crufty, etc closed-source code is?" And the rash of exploits, worms and virii that would follow would only underscore that comment.

But, it only takes one person to look at the Windows source, then go do something vaguely similar in Linux (or any OSS project for that matter). The result would be devastating: Microsoft would litigate Linux to death.

As many have said, the principle behind these copyright suits is awful. Looking at code, then doing something somewhat similar (because of inspiration) should not be a copyright violation. But with Microsoft's legal and financial resources, the laws will "adapt" to what is most beneficial to them.

I can only echo what many other have said: for the sake of Linux and OSS in general, do not look at the Windows source!. That's a very conservative and overly-paranoid policy, but it's a invaluable measure for protection.

To me, general acceptance of open-source software is similar to political elections: every last spec of dirt is drug out and put under the spotlight. Any potential or suspect or even misunderstood characteristic is scrutinized, and the naysayers always manage to put a negative spin on it.

Open source only stands a chance if it can maintain the straight and narrow path... I hate to sound preachy, but any slight mishap, no matter how innocent or accidental, quickly turns into a major catastrophic disaster. There's just too much money and power interested in seeing OSS fail.

If code is criminal, only criminals will have code

[Vreejack]

If code is made criminal, only criminals will have the code

Now that was a very satisfying cliche re-use. I hope it was an original cliche re-use.

BTW the server seems ve-wy slow to-day. I think we were just Farked.

It's worse than that!

[RLW]

This is an attempt to corrupt your ability to write reliable code. It is the software equivalent of a Medusa. Once you've looked at it your mind will be agog to make blue screens. Do not look! For the love of Pete, DO NOT LOOK!!!!!

Re:The shit will hit the fan + Mirror

[mangu]

The contention is that you would have a dickens of a time proving in court that you were not directly influenced or did not directly copy the copyright work

What part of "being proved guilty beyond reasonable doubt" didn't you understand? It's the accuser's task to prove the accused party guilty, not the other way round.

Life is good.

[mr_luc]

It's 5:15PM. I got home from work 2 hours ago, and had a nap. It is a beautiful day outside, and the Windows source code has been leaked.

And I have 5 Moderator points.

Today -- today, life is good.

Re:Life is good.

[Mike+Markley]

Except, of course, that you can no longer moderate this thread... :)

Re:Life is good.

[blackmonday]

Now all you need is a girlfriend.

Re:Life is good.

Now all you need is a girlfriend.

What, and ruin a perfect day?

Re:Life is good.

[st0rmshad0w]

What, and ruin a perfect day?

So your girlfriend reads /. does she?

Re:Life is good.

[Yeti7226]

Scene: Two guys in black suits sitting in car

Guy 1: "It's midnight, the windows source in leaked, we have 5 moderator point and our sunglasses on..."

Guy 2: "hit it"

Sorry, that image just popped into my head ;-)

Re:Life is good.

[enthused+i+swear]

Well maybe he can't, but I ca-.......aww, crap....

Re:Life is good.

[Anonymous+Brave+Guy]

Now all you need is a girlfriend.

Do you have any idea how much that costs around this time of year?

Some snippets of code

[rmsousa]

I find this one refreshing...
if (app.exename="NETSCAPE.EXE") system.sluggify();

And this one provides for the future...
if (site.url="www.google.com") {
browser.renderer.togglebuggyrenderer(); /* You will be assimilated, suckers */
browser.fakepopup("www.msn.com");
}

I can't say anything about this one though:

if (user.status==PISSED_OFF)
prick.annoyingpopup("Hello, I noticed you are writing a letter")

Seriously, given the denounces of delayed APIs for Navigator, I wouldn't doubt the first one... could someone with the codes please grep for netscape.exe?

I know that...

[Ayanami+Rei]

I've hacked Samba myself and I am 100% sure it's reversed engineered.... heh.
The point is now they can claim that they had potentially had access to their trade secret (not that they necessarily copied it verbatim). The can call all the work into question, and while it can be pretty thoroughly shown that this is not the case, it could take awhile to sort it and out and by then Samba could be tainted in the eyes of less savvy IT persons.

Not a great plan, IMHO, but quite possible. The same argument goes for Wine, but others had already brought that up.

Re:define "derivative", please

[SquarePants]

You raise a good point. The devil is in the details. Whether a work is a derivative is a factual question which generally only a jury should decide. But I will indulge you.

17 USC 101 defines a derivative work as:

"a work based upon one or more preexisting works, such as a translation, musical arrangement, dramatization, fictionalization, motion picture version, sound recording, art reproduction, abridgment, condensation, or any other form in which a work may be recast, transformed, or adapted. A work consisting of editorial revisions, annotations, elaborations, or other modifications which, as a whole, represent an original work of authorship, is a 'derivative work'."

That really cleared things up, didn't it?

But seriously, my point was that what the parent was stating as an absolute is actually untrue. You can be guilty of copyright infringement even if you dont "copy."

Re:IAAL???

[plj]

IAAL.

My god, this is simply not possible - man, this is /.! You must be just some miserable karma whore... or then you just made a major typo and forgot the obligatory "N" and ",but".

Well, I believe the latter must be the case. Be more careful on your next post, OK?

Microsoft source code leak? Pfft, that's nothin...

[blorg]

...I hear the source code to Linux gets leaked every other day!

Since when does Microsoft using GNU Makefiles?

[margal]

2404 07-26-00 02:12 win2k/private/inet/mshtml/src/core/cdutil/gnumakef ile

Re:Oh, no! I Looked!

[Elitist+Snob]

10 * BEGIN
100 GOSUB 7000 ; * Load stuff
110 GOSUB 900 ; * Show windows logo
120 GOSUB 20000 ; * Prompt for operator login
130 GOSUB 32000 ; * Fill half of memory with DLL's
140 GOSUB 16000 ; * Time waster loop
.
.

200 GOSUB 38000 ; * Profit

When you find them....

[_ph1ux_]

.... try this password: cia1234 or 1234nsa

That quote is from four years ago

[blorg]

...when hackers broke into Microsoft's corporate network. Google is your friend.

No you haven't

I worked at MS on NT, and though it's been a few years, I can definately tell you there are "gnumakefile" files all over the place. It's the first thing any coder notices when they first look at the source, "Hey theres a Makefile, and a gnumakefile, what's the deal?"

If you'd really seen the source, you would have remembered that.

Re:It's a TRAP!!! /Adm. Ackbar

[orthogonal]

Microsoft is sooooo obviously trying to pull an SCO here.

If you work on any Open Source project, DO NOT LOOK!

Whoops! I looked. And now it's clear why Microsoft bought a license from SCO.

All these headers start with "Copyright, AT&T" and "Copyright, Regents of the University of California". I wonder what that's all about.

(For the more literal-minded Slashdot readers: no I haven't really seen the code. This is a cheap jab at Microsoft, implying their code is derivative of unix and linux code,)

The real question is, of course -

[blorg]

Why this is perceived as such a security threat to Microsoft, when it's not for Linux?

Re:The real question is, of course -

[RancidBeef]

Because Microsoft depends on "security through obscurity". Now the holes are allegedly there for the world to see.

Re:The real question is, of course -

[kaschei]

Because Microsoft doesn't accept code updates from people who know better than they, so any bugs that are revealed are not going to be fixed through the increased visibility of the code. Having open code is only good if you have the will, the ability, and the infrastructure to make use of its openness. Microsoft is famous (infamous?) for lacking all three.
The short of it is: no "free" security updates a la linux, just more visible bugs to exploit.

Re:The real question is, of course -

[DarthTaco]

" Why this is perceived as such a security threat to Microsoft, when it's not for Linux?"

The assumption is that microsoft writes insecure code, and depends on it's non-publication to keep this a secret.

I think this assumption is mitigated by the fact that so many universities have a license to look at the source.

Re:The real question is, of course -

[LittleBigLui]

A)
1. look at the linux source
2. find a mistake
3. send a patch to the maintainer.
4. PROFIT!!

B)
1. look at the windows source
2. find a mistake
3. ???
4. write a worm
5. get caught
6. JAIL=tEH_SuXX0rZZ!!!1!! lolomgrofl

Re:The real question is, of course -

[mangu]

Why this is perceived as such a security threat to Microsoft, when it's not for Linux?

Because the Linux source code can be legally downloaded by the "good" guys, who go and fix the holes. OTOH, only the "bad" guys download the Windows source code (it's illegal to do so, you know), and they go and create exploits based on the holes.

Re:The real question is, of course -

[dubious9]

Because Microsoft never had its code freely audited. Because they won't take patches from Joe Shmo. Because they design for features first, security third. Because they relied on security through obsurity. Because they don't have a global network of developer-users to fix patches when they see them. Because it takes Microsoft a relatively long time to fix bugs. Because...

Re:The real question is, of course -

[mangu]

good guys are actually hiding back doors in the Linux code

They can't do that, since the source code is open. That Edgar Allan Poe "Purloined Letter" story set the precedent. Nowadays, any self-repsecting investigator will check first the obvious, before checking the obscure stuff.

Re:The real question is, of course -

[KarmaMB84]

Because people assume that because its closed source, Microsoft leaves in gaping security holes rather than fix them. They forget that Microsoft does use its own products and would probably fix this stuff if aware of it if only for their own benefit.

Re:The real question is, of course -

[Attaturk]

Why this is perceived as such a security threat to Microsoft, when it's not for Linux?

Because Microsoft's OS was, and is, designed and developed based on a principle of closed source. Generally speaking, with closed source development potential black hats can't see how you do things without significant reverse engineering. This gives the OS programmers a 'safe' framework to work within. So when that source later becomes available to the general public, it leaves the OS programmers facing a huge legacy of problems that should, in theory, never have become problems.

Linux was open source from the outset. Therefore it is designed and developed relying absolutely on the principle that it's secure because everyone has equal access to see how things are done.

Furthermore, if and when there are security holes then at least with OSS you can never be held to ransom by the people owning the source. i.e. "Windows 98 has this huge security hole and it's no longer supported - go buy Win2k."

Re:The real question is, of course -

[AstroDrabb]

Is it really illegal to download the source code to MS? It is protected by copyright law and I thought copyright laws only protected against distribution? I can go to a library and read any book I want. I can look at any piece of artwork I want. What I cannot do is to distribute those works without permission. The RIAA has not sued anyone for downloading music, only for UPLOADING music. I am not a lawyer, so I could be way off here. If I am correct, then there is nothing wrong with looking at the MS source code. You can even use non-patented stuff that you learn as long as it is a clean room implementation that is not based on the copyrighted code. Again, don't take this as advice, since I have no clue about copyright laws.

Re:The real question is, of course -

[sealawyer2003]

You may look at it as long as your method for doing so does not make a copy. But downloading the code will make a copy, and so will viewing at on a browser.

In a related story, Wine annnounces

100% compatibility with all Windows programs.

"Don't ask us how we did it!!!"

Re:In a related story, Wine annnounces

[cant_get_a_good_nick]

That's quite a trick, since Windows isn't 100% compatible with all windows programs. =)

You slashdotted forbes

and you didnt even use a link

Someone got into Mac OS X's source and posted it 2

[digitalgimpus]

You can see it here: here

I didn't point you to it ;-) :-D

Funny how different two companies feel about source code. Apple has somewhat embraced the open source model, contributing to KHTML, and using many other open source projects. While Microsoft has shunned them all.

Re:IAAL???

[SquarePants]

Sorry, no typo. I'm really bad at detecting sarcasm but I think I got your meaning.

Mod Parent Up !!

[TheGrayArea]

He's correct. The tree is forked as needed for future versions. Heck, you can search through the asm files and still find ones with David Cutler's name in them that haven't been changed since he wrote them.

Re:It's a TRAP!!! /Adm. Ackbar

[gujo-odori]

If you work on any Open Source project, DO NOT LOOK!

This is extremely good advice. I would go even further and say that if you would ever like to work on an open source project, don't look. The presence on a project of a person who had seen the Windows source could put the entire project at risk.

For a very practical example, consider Samba. If a person who had seen the Windows source were to contribute to Samba and it were later to come to light that the contributor had seen the Windows source, in the name of safety every piece of code that person contributed would have to be ripped out and replaced. Worse, to guarantee that there was no trace of taint, it would probably have to be replaced by people who had not only never been exposed to the Windows source, but who had also not seen the contributor's tainted code. In short, it would require the recruitment of people who had never worked on the project before, or even read the source. Finding those people would not be easy, to say nothing of the time and credibility that would be lost.

For that matter, even if you have legally seen the Windows source because Microsoft has provided it to your employer under their shared source program, the same taint would follow you. If your employer has access to Windows source and your job does not require you to see that source, do yourself a favor: don't look.

If you look at the Windows source, you at the least taint yourself WRT working on any project aimed at interoperability with Windows, and quite possibly on a much wider variety of projects than that.

In short, JUST SAY NO.

FULL SOURCE TREE IS FREE and legal HERE....

[cheekyboy]

http://www.sysinternals.com/ntw2k/info/xpsrctree.s html

full source tree is free, and generatable from the debug/dlls etc....

enjoy.

yes this is 100% legal

No GPL - Lots of BSD

[PetoskeyGuy]

I know they have at least the TCP/IP stack from BSD. I would be interested to see if the copyright comments are still on the files.

Re:No GPL - Lots of BSD

The company was actually called Spider, and the Spider TCP/IP stack (which was BSD-derived) was used in exactly one MS operating system: Windows NT 3.1 (1993-1994).

Windows NT 3.1 was released in 1993, and replaced in 1994 by Windows NT 3.5, which was much smaller, much faster and used an MS-written TCP/IP stack (which was presumably smaller and faster than the BSD-derived Spider stack). The MS TCP/IP stack in NT 3.5 was then ported to Win9x for the release of Windows 95.

The lifetime of NT 3.1 was very brief, and during that brief lifetime, hardly anyone used it (because it was too big, too slow and there was no Win32 software), so the fact that its TCP/IP stack was BSD-derived is not really something to brag about.

Re:No GPL - Lots of BSD

[duffbeer703]

That may be true, but there is BSD code in Windows XP.

open up a command window and type "strings c:\windows\system32\ftp.exe"

This will return:

@(#) Copyright (c) 1983 The Regents of the University of California.
All rights reserved.

Re:No GPL - Lots of BSD

Yeah, there are a few trivial and ancient/obsolete BSD command-line tools in Windows (finger, ftp, nslookup, rcp, rsh). They were ported from BSD, and you can see that they contain the appropriate copyright attribution. Note that none of the kernel-mode files (e.g. the TCP/IP drivers) contain any such strings.

MS is naturally not opposed to using freely-available BSD code to achieve better interoperability with BSD/UNIX. MS Windows Services for UNIX, for example, includes a lot of modern BSD tools ported from OpenBSD. That's reasonable, of course, since it's supposed to provide a set of command-line tools familiar to UNIX systems administrators, and OpenBSD tools are known to be relatively good in terms of security.

Importantly, MS's porting of OpenBSD userland tools to Services for UNIX is also good for OpenBSD, because it helps to establish those tools as something of a standard. If hordes of MS users become used to the OpenBSD userland tools, they'll be much likelier to start using OpenBSD if they want a UNIX-like OS than to start using, say, Linux.

The common claim about the MS TCP/IP stack from open source zealots is that MS 'stole' the Windows TCP/IP stack from BSD because it couldn't write one of its own, which is of course complete nonsense. The handful of BSD tools in Windows are/were there to make it easier for UNIX users to access their systems from Windows. They're in no way critical to Windows as an operating system (in the way that, for example, a TCP/IP stack is).

Here's an official current MS quote + more news

[blorg]

They are denying it, but are investigating their Shared Source Initiative (suggesting that they have a lead, and that there is some truth to the leak - or perhaps it's just the obvious place to look). Apparently the rumoured code uncompresses to around the size of 1 CD, and would only be a small portion of the total 40gb code base. Although all the articles mention the security risks, MS insist it is just an IP issue:

"The rumor regarding the availability of Windows source code is based on the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code. Microsoft is looking into this as a matter of due diligence," a company spokesman said. "If a small section of Windows source code were to be available, it would be a matter of intellectual property rights rather than security." - from Eweek.

Also see ZDNet, InternetNews and Google News

first time in the sun for MS source

[rbird76]

When I go out in the sun, I wear sunscreen and although I'm fairly pale, I probably won't get burned too badly. If someone goes outside with a T-shirt and shorts for the first time in their life (say a 25-year old), they'll probably get burned fairly badly (unless they wear a lot of sunscreen or aren't out for long).

Linux and other open source OS have had people looking at them for a long time. The people looking at the source of Linux are less likely to be a monoculture than the people at MS who are hired to look over software. In addition (uninformed speculation) more of the Linux people may have been black hats once - the less ordered (as in cubicle order rather than procedure order) system may be more amenable to some who fit a less monolithic background. Linux is thus likely to have been looked at by people who might once have looked to hack it and by people with a wider variety of skill sets. MS knows a lot about software, but their diversity in software knowledge and opinion is likely smaller than that of either their user set or of that of white hat hackers.

The other factor is that having the MS source without a licence is illegal - thus the people who are most likely to take advantage of the availability of the source are people without much respect for the license in the first place - black hats. Linux source can be viewed legally, and so is just as likely to be looked over by white hats as black hats (probably more likely, because of the population ratio of BH and WH).

In one of the Clancy books (I think "Debt of Honor"), he talked about secrecy being good for hiding information that someone doesn't want you to know - but that when it broke, the news would be much worse for that someone, and harder to control. That seems applicable here - only the news is directed almost exclusively to those who would do them harm.

from around the IRC campfires

[neoThoth]

Topic of #windows: http://www.windorks.com | We don't care about "the leak," don't ask us about "the leak," and we will not give you voice.

Topic of #phrack: "wake me when they find the code that lets the FBI in"

other sources

[beas++mas+er]

http://www.internetnews.com/ent-news/article.php/3 312451

http://zdnet.com.com/2100-1104_2-5158496.html

http://www.infoworld.com/article/04/02/12/HNmicr ol eak_1.html

http://www.eweek.com/article2/0,4149,1526390,00. as p

I'll second that, not the whole tree

[anticypher]

My guess, this is some of the source released to academic institutions for study. Lots of universities have access to a small portion of the windows source code, for use in various computer labs, and to create interoperable code. It comes on a single CD, and is not difficult to obtain.

I've studied one small section of M$'s source code, a single network module appearing in both NT4 and NT5.0, under NDA of course. I don't see it here. There are a lot of things I don't see here, and I'm still going through the tree. There are some things here that are clearly part of windoze, such as the source to regedit.

Some other things that make me suspicious this isn't all the source code:
1) lots of 0 length files, could all those .eml files be links to the original file?
2) the win2k source just happens to total 658MBytes, about the size of a CD
3) there are a number of 0 length files of people's names with the letters CV next to them. cv - vered mazafi.eml, ronen-cv.eml
4) all through the file listing are repeats of .eml files, like tcp-ip tutorial.eml. Would there really need to be a tutorial like this spread everywhere?

I think this is just a student prank, being trolled out of proportion. It's not just /. doing the trolling, this will probably hit the major news outlets tomorrow. No doubt, they will only quote the most pandering media whores around, to sensationalise the story. Any bets several major stories will point to /. as a culprit, or as a den of criminal hackers?

the AC
I can't believe I'm admitting to extensive knowlege of windoze on /.

Microsoft's initial response:

[aarku]

according to this...

When asked to comment, Microsoft responded by e-mail that "the rumor regarding the availability of Windows source code is based on the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code. Microsoft is looking into this as a matter of due diligence."

So here's what you do

[tony+clifton]

1. Get the OS to compile and boot.
2. Reproduce windows bugs.
3. Fix bugs faster the MS does.

[...]

6. Profit!

OSS "Suicide car bombers" -- WTF???

[paco+verde]

Yankee Group senior analyst (sic) Laura Didio has these alarming thoughts on internetnews.com about who might now be able to get their hands on the Windows source:

"With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."

So Microsoft is the defender of truth and justice in the free world, and OSS hackers are like suicide car bombers?

She then went on to warn of the dangers of hackers using the several hundred megabytes worth of leaked source code to compile their own pirated copies of Windows 2000. What a dumbass.

And what exactly is a "tinker", anyway?

Parent is a fake - it's the source of linux 2.6.2!

[AmunRa]

As subject, this torrent is actually the linux kernel ver 2.6.2!

Re:It's a TRAP!!! /Adm. Ackbar

[marauder404]

Microsoft is sooooo obviously trying to pull an SCO here.

This is the among the most ridiculous theories that I've ever read on Slashdot (and I've seen some doozies in the past several years). Why would Microsoft go about trying to pull off what SCO did? So it could a bunch of Linux users (a LIBERAL estimate of 100M) for a paltry $500 a pop ... that's a mere $5B over the course of the next several years? Let's double it for a $1,000 each and it's still just $10B, nevermind all the expenses, including legal, to go about trying to collect something like that. Or, perhaps, they decide to go sue a handful of companies for a few billion dollars each after years of litigation and all kinds of negative PR. Microsoft's revenue was $34 billion for last year alone, $26B of it being profit.

SCO's actions are based on a company with little revenue, little cash, and nothing to lose. Microsoft has everything to lose. Say what you will about Microsoft, but they didn't get to where they are today with silly moves like that.

Some are saying Open Sourcer did it. I say bunk~!

[tetrahedrassface]

Laura Didio: aka the SCO queen and her take on this development!!


"Up until now it was more like the 70/30 rule, where 70 percent of the threats are bogus. Now it's more like 50/50," Didio said. "With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."

Re:It's a TRAP!!! /Adm. Ackbar

Please, don't slander BSD and research UNIX. That's just not right.

Nobody wants to be sat on

[KalvinB]

by a 500LB gorilla.

It has nothing to do with morals. It's self preservation.

Most companies don't have the resources to kick the crap out of warez distributors. MS isn't one of those companies.

Ben

Re:It's a TRAP!!! /Adm. Ackbar

[iammaxus]

I think you people are going a little overboard. Windows source code isn't like a virus or something.
Wait a minute....

Re:Finnaly de-lurked

[ReNeGaDe75]

If that happens then the person who put the code into the project should be prosecuted. Why would the accusation hurt open source?

Open source is less likely to have that problem in the first place. I mean, the code is open, so the programmer would get caught. Closed source software, on the other hand, is more likely to contain illegal code, because nobody can easily prove it, being closed and all.

Here is a Torrent link ... 200MB download

[afxgrin]

http://www.sschmidt.info/w2k_source.torrent

I haven't finished downloading this, but it's 200MB in size, has 944 peers! :-)

The tracker is the same one you have listed:

http://alge.nlc.no:6969/announce

The hash is also the same.

Re:Microsoft source code leak? Pfft, that's nothin

[Last+Warrior]

true, its leaked constantly but sco is the only company that is stealing it.

If you believe in Open Source or Free Software...

[Bozovision]

If you believe in Open Source or Free Software then you should believe in copyright. If you find a GPL code in use in a closed project, then you should report it to FSF. If you find Windows code in the wild then you should report it to Microsoft. It's their code and consequently they should and do control who gets to see the code.

That said, I would desperately like MS to release the code under an open-source, but closed-project style licence; that is, the code belongs to them, and for any derivative code MS is automatically granted a licence to to sublicence and do whatever they wish. It should not be permissible for the code to be included in another product without the explicit say so from MS. Microsoft could protect theselves financially by being the only source for binaries. BillG are you listening? Win2K, with open source could be sooooo good, and you would still make a stack of money. Plus you'd have a huge team looking at improving the software, for nothing.

It's worth a shot if the code has escaped. At worst you'll get a second product line.

The EML Files

[Alex_Ionescu]

Guys...

I can't believe you haven't figured out what the EML files are yet.
Anyone remember NIMDA? The worm from 2002 I think? It had this exact same effect of sticking infected eml files all over your folders (by taking some names from your files, and others randomly). Opening those EML files or forwarding them would guarantee future and constant infection.

It's clearly evident that this machine was infected by nimda and got port-scanned and found. The rest of the code is probably going to come soon enough, unless MS already found out and pulled the plug.

By the way, alpha doesn't mean "Alpha Version" but the Alpha CPU made by DEC, now owned by Compaq.

Re:The EML Files

[shird]

The virus was cleaned from the comp (ie zeroed the eml files), but the backdoor (file sharing) remained. Most AV software don't remove backdoors after cleaning a virus.

it wasnt leaked!!!

[ShallowThroat]

IT WAS LIBERATED!!!!!!

Re:It's a TRAP!!! /Adm. Ackbar

[n1ywb]

I read rotten.com, I think I'm about as fscking tainted as they come. It's absurd to think that there would be ground for a lawsuit against an open source project you worked on because you had at one point glossed over the NT kernel source or something. That's like homeopathics who believe that remedies should contain miniscule quantities of active ingredients. In fact, the "strongest" formulations usually contain not a single molecule of the substances in question. Zero parts per billion -- pure water.

I've seen the Windows CE source. Maybe I should never program again because MS could sue me! I think not.

PS No offence to homeopathics, I don't care what crazy shite you belive in.

Re:It's a TRAP!!! /Adm. Ackbar

[Sivar]

We have identified over one million lines of our IP in Microsoft's source code. While I cannot share most of them because they are a trade secret, here are three of the most glaring examples:

#include

for( ; ; )

if(!stop) {

Many of these lines have been copied verbatim several thousand times. We do not want to, but are forced to sue Microsoft for unlicensed use of our intellectual property.
We will institute a licensing program called gplSource which will allow Windows users to obtain the legal rights to use our IP. This cost will be significantly discounted to early adopters.
Already at least three Fortune 500 companies have seen the validity of our claims and have paid these fees on a per-CPU basis to continue using Windows. While we cannot divulge their names, they do exist. Really!

Re:It's a TRAP!!! /Adm. Ackbar

Think it absurd if you want; the law certainly allows for it. It works like this:

1) You see some proprietary source, either legally or otherwise;

2) You later work on some open source project;

3) The copyright holder of the proprietary source in 1) looks at the open source project and decides that some sections of the code look strikingly similar to their own code. They further discover that you wrote or contributed to those sections. They call their lawyer. Now, it may well be a combination of "coincidence plus a limited number of ways to do X" that caused the similarity, but you're going to have to convince a judge and/or jury of that. The other side will have to convince them that you copied it. They've got the striking similarity plus the fact that you've seen their source. What have you got?

Now, since you've seen the Windows CE source, why don't you ask the Samba project if you can join, and tell them you've seen MS source code (whether legally or not doesn't matter; seeing it is all that matters) and see if they will take you on as a developer.

I bet they won't.

Re:It's a TRAP!!! /Adm. Ackbar

[tsanth]

In short, JUST SAY NO.

Father: Where did you learn to do this? Tell me, where?!

::: dramatic silence :::

Kid: I learned it from you, dad! I learned it from you!

::: cue dramatic music :::

Windows is their baby

[KalvinB]

MS's game department isn't what brings in all the money. It's their Windows and Office products that make the money.

They can grin a bear it when some games are pirated. Why do you think they (try to) crush companies that make mod chips for the XBox? Some things are more important.

And this is the source code to Windows. This is NOT just another product.

Anyone who dares to host it will be sat on until they are dead. Hell hath no fury.

Claiming this is just another product shows your definit lack of ability to comprehend the scope of this leak and the importance of it to MS's bottom line.

The legal costs required to shut down warez sites over a game generally are more than the amount of the losses. The legal costs required to crush the fools who dare to host the Windows source comes nowhere near the potential losses due to the leak.

Ben

News

[loconet]

It's now all over online news..

http://www.infoworld.com/article/04/02/12/HNmicrol eak_1.html
http://www.ebcvg.com/news.php?id=1903
http://arstechnica.com/news/posts/1076628412.html
http://www.internetnews.com/ent-news/article.php/3 312451
http://www.sunherald.com/mld/sunherald/business/79 41292.htm
http://www.wvec.com/sharedcontent/nationworld/nati onprint/021204cccanatmicrosoft.149f2b31.html
http://www.komotv.com/stories/29778.htm
http://www.cryptonomicon.net/modules.php?name=News &file=article&sid=671
http://www.dvhardware.net/article2423.html
http://searchwin2000.techtarget.com/originalConten t/0,289142,sid1_gci950346,00.html

Re:News

[j0se_p0inter0]

it's all over eDonkey too.

Microsoft confirms it

[Sailsa]

Microsoft has confirmed the leak.... According to the Associated Press in this article http://www.sunherald.com/mld/sunherald/business/79 41292.htm Microsoft Corp. said late Thursday that portions of its Windows source code - the tightly guarded blueprints of its dominant operating system - had been leaked over the Internet. Microsoft spokesman Tom Pilla said in an interview with The Associated Press that some incomplete portions of the Windows 2000 and Windows NT4 source code had been "illegally made available on the Internet."

Coincidence? I think not...

[Kinesthe]

"Slashdot...let's see...NASA...the FCC...Windows source code leaked?!"

[click]

A fatal exception OE has occured at 0028:C001539A. The current application will be terminated.

"...what the hell?"

( meanwhile, deep inside Windows... )
if( sourceLeaked == true && url = "slashdot.org")
{

BSOD();
SendEmail( "bgates@microsoft.com", "IP of teh L1n|_|x haxx0r: "+userIP );

}

Re:Bogus Bogus Bogus -- MS confirmed it's real

[ka55ad]

MS has confirmed that the code is real. Story here (washington post).

Transcript, before it gets Slashdotted...

[Kinesthe]

Microsoft Confirms Windows Code Leak
---

Microsoft Corp. on Thursday confirmed that the source code for two versions of its Windows operating system has been leaked, a security breach that could give hackers important intelligence about how to exploit flaws in software run by most of the world's computers.

"Today we became aware that incomplete portions of Windows 2000 and NT 4.0 source code was illegally made available on the Internet," said Microsoft spokesman Tom Pilla. "It's illegal for third parties to post Microsoft source code and we take that activity very seriously."

Pilla said the company does not know how much of the operating system code was compromised, but he said Microsoft believes it was not a complete version of either operating system.

There was no indication that the code was stolen through a breach of Microsoft's internal network, Pilla said. He said the FBI is investigating the matter.

Computer security experts said the release of Windows source code could pose a significant threat to Internet security, depending on what portion of the code was leaked.

A leak of any portion of the Windows code "could dramatically increase the probability that new zero-day vulnerabilities will be found," said Alan Paller, director of research the SANS Institute, a security training group based in Bethesda, Md.

"Zero day" exploits are highly effective attacks that occur when hackers discover a way to exploit a security vulnerability before or at the same time as a software maker learns of the flaw. Attackers can then use this information to launch a virus or worm that exploits the security hole before a patch can be released to fix the problem.

Thor Larholm, senior security researcher at Newport Beach, Calif.-based PivX Solutions, said the Windows source code file being traded on the Internet appears to be roughly 660 megabytes in size, about the size of one CD-ROM's worth of data. That is far short of the estimated 40 gigabytes of data that makes up the entire 40 million lines of code in the Windows operating system.

Even a partial leak "is a potentially very serious problem for Microsoft," Larholm said. "Just look at the vulnerabilities that are discovered by people who didn't have access to the source code."

The origin of the leak is not currently known. The Redmond, Wash.-based software giant closely guards the computer code that comprises the company's operating system. But Microsoft does license portions of its programming code to security researchers and more than 50 universities under its "Shared Source Initiative."

Microsoft last year said it would began sharing complete copies of its source code with governments around the world that want to validate the security of the software before deploying it in national defense and other sensitive areas. Microsoft signed an agreement in 2003 that lets the Australian government inspect the source code of Windows 2000, Windows XP and Windows Server 2003. Other counties, including India, are exploring similar arrangements.

Unlike open-source software like the widely used Linux operating system, the code comprising Microsoft's Windows software is not open for public inspection. Linux users are encouraged to participate in an open, continuous cycle of modifications and upgrades that its proponents say results in systems that are more secure and reliable than those powered by proprietary code like Windows.

Lets be realistic

Without being arrogant in anyway, we really need to keep in mind we aren't looking at a mom and pop company here.

I highly doubt this will be the almighty downfall everyone thinks it is going to be. Try to keep in perspective that if this is true (and I have some pretty serious suspicions it isn't) if it costs MSFT $100 000 000, do you think they will even notice? Well maybe a bit but by fiscal 2005? I doubt it.

The source for NT will be useless for any kind of exploit in a year because support will be removed by then and the attitude in that end of the pool has been keep up or fall behind. And yes I do recognize the sickening number of them out there, I support the bloody things.

As for 2000, keep in mind that Linux may have 10 million developers constantly surveying the code on a part time basis, but they all have other jobs. MSFT has thousands of full time employees they can throw at one patch (in a pinch) that will deal with all of this.

Or maybe all the opportunists out there should look at it from a conspiracy theory point of view? Maybe they wanted this to happen.... (btw I love starting rumors) That oughtta keep people entertained for atleast a few terraflops.

In the long run it won't even phase them, and always remember that even if Linux/Unix/Novell(-laugh) ever wins out; they will then be the top dog and will subsequently be the center of scrutiny. Bias is based on prejudice, which is generally malfounded.

Remember....conspiracy theory....stay up all night tonight thinking about it....then show up late for work tomorrow...and get fired so you can work more open source code.

(btw the teeshirt and sunblock example was really shotty)

Tracker (dead.)

[algeliten]

Hmm. That's my tracker. And it's dead now. I probably should learn to not have a public tracker.. *sigh*

Anyway, at least 1000 people got it down, so it shouldn't be too hard for some of them to make a new torrent. But I'm definetly not going to host it anymore.

--
alge of flauna
http://alge.nlc.no/

Open Source bashing

[leicaM6]

On an article at internetnews.com there is a paragraph that says: "Up until now it was more like the 70/30 rule, where 70 percent of the threats are bogus. Now it's more like 50/50," Didio said. "With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."

A smoking gun?

[meadd00d]

If that's true, it's fairly interesting. Mainsoft makes cross-platform products to run Windows apps on Unix (and Linux), and Elaya Alaluf is their VP of Technology. Link Circumstantial evidence that the leak originated at mainsoft. (they could have been hacked from outside, of course.)

instances of "fuck"

$ grep -r -i fuck *
bsc/.glimpse_index:fuck?sMP
bsc/.glimpse_index :fucks?sMx
bsc/.glimpse_index:fucked?sM`
bsc/.gl impse_index:fucking?sMj
private/shell/applets/wel come/html/webapp.cpp: // HighContrast mode is turned on. This totally fucks our style sheet as most of it will
private/shell/shell32/copy.c:// want to fuck with.
private/shell/shell32/util.cpp:// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
private/shell/shell32/util.cpp:// around the fucking peice of shit compiler we pass the last param as an void *instead of a LPITEMIDLIST
private/shell/shell32/util.h:// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
private/shell/shell32/util.h:// around the fucking peice of shit compiler we pass the last param as an LPVOID instead of a LPITEMIDLIST
private/windbg64/debugger/tl/remote/ shell/windbgrm .c: // The user fucked up
private/windows/media/avi/verinfo.16/verinfo.h : * !!!!!!!!!!!!!!DOING SO FUCKS THE BUILD PROCESS!!!!!!!!!!!!!!!!
private/windows/shell/con trol/midi/map.c: // !!!this is fucked if a map goes to multiple physical devices

Microsoft Confirms it

[loconet]

It seems like they've confirmed that indeed, part of the OS's have been leaked.

source:
http://www.washingtonpost.com/wp-dyn/articles/A376 48-2004Feb12.html

"The Source" :)

Security bugs.. Nah...
$ grep -r strcpy -i . | wc
10454 42054 1069145

Where it was ganked from:
There is a core dump file inside the windows 2000 (sp1) archive, it clearly shows that the source was stolen from a system at Mainsoft. The following url confirms that they did have access to the leaked code. http://mainsoft.com/news/press_releases/2000_3_22_ 01.html

The actual strings which confirm this:

PWD=/usr/ms/win2k_sp1/private/security/msv_sspi
DOMAIN=mainsoft.com
REPLYTO=eyala@mainsoft.com
ORGANIZATION=Mainsoft Co. Ltd.
MWBATCH_SERVER=lod:8000
MSOFTLM_HOST=@xor
MAINSOFTLM_HOST=@xor
XAPPLRESDIR=/il2/users/eyala /app-defaults
EDITOR=vi
BASE_LIBPATH=/usr/lib

Re:"The Source" :)

[CoolVibe]

Where it was ganked from: There is a core dump file inside the windows 2000 (sp1) archive, it clearly shows that the source was stolen from a system at Mainsoft. The following url confirms that they did have access to the leaked code. http://mainsoft.com/news/press_releases/2000_3_22_ 01.html

Odd... That page doesn't exist anymore, and suddenly (according to their press page), nothing happened in March 2003.

Guess who's in save-my-butt mode? :)

Re:"The Source" :)

Actually the page exists... Note a space in the url, you have to remove it, the press release is still there:

Mainsoft(TM) extends strategic relationship with Microsoft(TM)
Leading provider of cross-platform solutions for the enterprise to offer enhanced computing capabilities for the Unix environment; New source code available for CAD/CAM and Visual Simulation markets
SAN JOSE, Calif. - March 22, 2000 - Mainsoft Corporation, the leader in cross-platform solutions for the enterprise, today announced expanded terms of their WISE agreement with Microsoft Corp. The WISE agreement, signed in 1998, provides Mainsoft access to source code for Windows NTO including the recently released Windows 2000. As part of the new terms, Mainsoft will receive additional source code for Windows to provide advanced graphical capabilities for industries, specifically the CAD/CAM and Visual Simulation markets, that require this functionality on Windows and Unix. Today's announcement underscores the two companies' commitment to cross-platform support of Windows-based applications through the Win32 APIs.

Mainsoft's receipt of additional source code for Windows will provide leading technology capabilities for developers who rely heavily on extensive graphics applications. Based on Extensible Scene Graph (XSG) technology, Mainsoft will enhance graphic technology applications on Unix for the CAD/CAM and Visual Simulation industries. As the first deliverable of the "Fahrenheit" initiative, Microsoft's XSG technology offers modeling capabilities to provide a higher level of programming for developers to create consumer and professional 3D applications. XSG provides high-level data structures and algorithms that increase overall graphics performance to assist the development of sophisticated graphics-rich applications.

"We're excited to continue to work closely with Mainsoft to deliver customers advanced graphics technology," said Jeffrey Friedberg, Graphics Program Manager at Microsoft. "Our collaboration will extend XSG functionality to customers who require the advanced graphics technology in a cross-platform environment. We are looking forward to joining forces with Mainsoft on projects for the CAD/CAM and Visual Simulation industries. "

"Since 1994 when our relationship began with Microsoft, Mainsoft has delivered to the software development community a Windows platform for the Unix operating systems," said Yaacov Cohen, president of Mainsoft. "The availability of this new code launches the next logical stage in our alliance: into a new vertical category where we can offer our expertise to developers along with the Win32 APIs to work on Windows NT and port to Unix."

Through its relationship with Microsoft, Mainsoft has had access to the source code for Windows to provide a Windows platform for Unix, called MainWin. This is the leading technology infrastructure for Independent Software Vendors (ISV's) and IT professionals to re-host Windows NT-based applications onto the Unix and Linux platforms. By utilizing MainWin, companies have the power to develop software on the Windows NT platform and deploy it to several different operating environments simultaneously.

etc etc etc

Re:It's a TRAP!!! /Adm. Ackbar

[AstroDrabb]

What laws are you basing your comments on? I was under the impression that it is against the law to DISTRIBUTE a copyrighted work, not to look at it. Can the RIAA sue me for listening to a song I hear on my friends CD player if I have not purchased the song? Of course not. I also do not think it is illegal to use the knowledge you may gain from seeing the source code. Unless of course that knowledge is covered under a patent. I am not a lawyer and can be completely off-base here.

The other thing is that MS would have to PROVE that you did see/use the source code. You can just say that you reverse engineered it.

Of course it is illegal to USE the source code. So if some wine guy goes and plops down a chunk of MS's source code into wine, then yes, that would be illegal. I am not sure if it would be illegal for some wine guy to look at the code and use some of that knowlege gained that is not under a patent in wine. Think about this. I can walk into a book store and read through a book. I can later write a book with that very same theme and I have not broken any copyright laws. What I cannot do is copy the book verbatim or distribute that as my own work.

I am under the impression that copyright laws do not prevent you from creating a work based on knowledge of another work. As long as you do not use the original work verbatim. I can go and create a movie called Planet Wars with a lead character named Duke SlyStalker based on a very similiar theme as Star Wars. I can write a book with a theme just like LOTR with trolls, hobbits, elves, dwarfs, etc. I can paint my own version of very famous paintings. I can make music that sounds like other popular music.

I don't see what legal case MS would have against someone who viewed their source code and made an application that used that knowledge, again, as long as their is not a patent covering what you are re-creating. The only way I can see MS having a legal case is if you signed an NDA with MS.

*Note*: I am not a lawyer and I can be completely wrong about copyright laws.

Re:It's a TRAP!!! /Adm. Ackbar

[cbreaker]

Looking at the code and gaining some insite and knowledge to the inner workings of MS software, and using that knowledge to incorporate into your own product, may be illegal.

But, it happens all the time. ALL the time. You think the programmers at MS haven't poured through the Linux code? If what you say is correct, then Windows must be littered with Linux code just because they studied and learned something from it?

There's a line between reverse engineering and access to source code; but you're unlikely to prove something wasn't reverse engineered unless you copy and paste the code.

It may be unethical to use leaked MS code to improve your compatibility solutions, but with all the underhanded and generally nasty things corporations are doing, it's just more of the same..

And about your comment about the "IBM PC BIOS." Not even close. Proving that you copied a 256kbit bios is a lot easier then proving you used information learned from studying 50 lines of code out of 40GB...

Hey, I'm no saint in real life.. no need to be one online.

A bit about the developer...

http://www.mainsoft.com/corporate/exec_profiles.ht ml
At the very bottom is the owner of the core file.

A friend took a look at their FTP server, looks like an unpatched wuftpd, gee, i wonder how they got in....

220 circle.mainsoft.com FTP server (Version wu-2.6.1(1) Thu Oct 12 09:06:04 PDT 2000) ready.

They have copyright notices in the docs

[GridPoint]

Yes, Microsoft is acknowledging the use of BSD licensed code. I don't know if they are doing it in the source code, but since they are putting copyright notices in the release notes for their software they probably have copyright notices in the source code too. Look at the copyright information on their page, they not only honor Berkeley but also a lot of other people that have been actively contributing to various BSD software such as Luigi Rizzo.

Re:It's a TRAP!!! /Adm. Ackbar

[GundyRage]

I'm submitting patches to the 2.6 kernel for the blue screen of death. I'm hoping they make it in to the next release.

new Working Torrent

http://torrent.spyderlake.com/download.php?info_ha sh=f03fc1e04869294d5644d3c8c5d0fb8f2d26aa59

Re:It's a TRAP!!! /Adm. Ackbar

[TKinias]

scripsit AstroDrabb:

I am under the impression that copyright laws do not prevent you from creating a work based on knowledge of another work. As long as you do not use the original work verbatim. I can go and create a movie called Planet Wars with a lead character named Duke SlyStalker based on a very similiar theme as Star Wars. I can write a book with a theme just like LOTR with trolls, hobbits, elves, dwarfs, etc. I can paint my own version of very famous paintings. I can make music that sounds like other popular music.

IANAL either, but I've had to deal with copyright issues in academe. You cannot create a derivative work -- that is part of the copyright-holder's monopoly. You needn't use a single line of text verbatim for it to be considered a derivative work; a movie adaptation which mangles the plot and doesn't use any of a book's dialogue is still a derivative work. So would a translation into Mandarin or a children's version.

There are exceptions, I believe, for parody -- various Star Wars knockoffs (e.g., the Death Star Clerks animation) are apparently legal as parody. Otherwise, you can get into hot water with the kind of things you're talking about. You have to be able to convince a jury that your work is not derivative of the earlier copyrighted work or you are infringing.

The painting one is an interesting example, because most of the `famous' paintings one would be inclined to make works derivative of are not in copyright any more. And when it comes to music, pop all sounds alike anyway, so it would be pretty hard to argue that anything is derivative of anything else, unless it copied bars on end of melody or something.

Now, academic plagiarism and copyright infringement are not the same thing, but the rule-of-thumb I tell students about plagiarism still applies: If I read your work and I think ``Hmm, I've read this somewhere before,'' there's already a problem. There doesn't have to be verbatim copying of text. It might not be enough to convict, so to speak, but unwelcome attention has been drawn and a legal fight is a possibility.

Re:Anyone elses brain getting ready to explode?

[pandrijeczko]

Some perspective on your comments...

If the source code got leaked, Win2k will get exploited by...

Apparently the leak has been confirmed but it's some of the source code, not all of it. Only time will tell whether it's an important bit of source code.

I mean, with linux there's a temptation but nobody runs it.

You cannot think of Linux in the same way that you are thinking of Windows.

Two people who use a Linux system could be running entirely different systems with few or no common applications across the systems - this is why it is unlikely that something like a worm virus would propagate through the Linux community in the same way it would through the Windows community.

Linux is by no means immune from attack, but if one comes, it will be a particular application (e.g. Apache) that will get attacked and whether a specific Apache system is affected will depend on the version, what modules are loaded to allow things like CGI scripts, etc.

When you say nobody runs it, I agree it's a minority on the desktop but the applications that run on Linux (and the likes of BSD, Solaris, etc.) like sendmail, BIND, Apache, etc. are very widespread and a lot more so than IIS or Exchange in many cases.

MS leaked it intentionally so they can get everyone to patch with their DRM system.

Microsoft are an arrogant company and have no doubts about getting DRM through the door with the way they do things currently - DRM's success or failure is now simply based on the level of it's acceptance in the user base, nothing more.

If anything, a source code leakage would allow everyone access to how MS's DRM technology works.

Whatever the extent of the leak, MS will downplay it because to not do so will affect the share prices. There is no conspiracy theory here...

I mean, I like linux and all but this isn't the way to win at all.

There is no battle here. Linux exists despite Microsoft and offers an alternative way of doing things to Windows.

Microsoft may attack Open Source on a regular basis but the Open Source community does not care - it is just creating good quality, free software and defending it's right to do so. This will happen no differently with or without competition from Microsoft.

I thought we were going to slowly beat them back into submission and competition, not completly screw them and quite a few million over.

You're now implying that a member of the Linux / Open Source community stole the source code and I resent that.

No Open Source programmer cares about seeing MS proprietary code. To do so would run the strong risk of inadvertently incorporating MS code into an application and nothing would please MS more as it would allow them to send the copyright lawyers in.

The only thing the Open Source community will care about is if MS's code contains GPL code but I doubt even MS would be stupid enough to do something like that.

Well, time to begin caching DNS entries to websites I use the most, and it may be high time to backup some of this data and close all the nat ports on my router just to be extra safe.

Perhaps you'd also like to stock up your kitchen cupboard with canned food and make yourself up a tin foil helmet also...

If you haven't secured your router then I'm surprised you haven't been attacked already. Also, the core DNS system mainly runs on BIND & Solaris (so I'm led to believe) so it's unlikely that this would be affected.

In all honesty, you are being far too sensationalist at this stage and my advice is simply to wait and see what happens. I doubt it will be very much...

Re:It's a TRAP!!! /Adm. Ackbar

[SamSim]

Viruses are well supported by their authors, their program code is fast, compact and efficient and they tend to become more sophisticated as they mature.

So, Windows is not a virus.

Re:One Man's Source Code Is Another Man's Virus

[Boltronics]

"this is probably the biggest punch Microsoft has landed"

Don't you think maybe you are just a little too paranoid? I could understand this possibly being a problem for the WINE project, but I wouldn't expect it to go any futher than that. NTFS code wasn't leaked, and samba/vfat is probably already as good as it can get.

So, lets help MS out and find the holes!

[insomnic]

The best thing the community can do now - when the source has leaked - is to actually perform a peer review of the MS source code, and HELP MS close the security holes.
After all, we all do want a more secure internet, with less virii, worms and bugs. So why not help out?
I can't imagine what MS reaction would be if they actually started getting serious _help_ from the open source community, instead of the regular bashing.
And - it would be a Good Thing as well... Remember - it's Valentine's day tomorrow...

Interesting tidbits from the source..

windows_2000_source_code.zip:

4667 *.c files. 5601 *.h files. 2255 *.cpp files. 26 *.hpp files. 1456 *.cxx files. 961 *.hxx files. 148 .asm files = 15114 total "code" files.

Lines of code:

<...>@<...>:/stuff10/win2k# for i in `find . -name '*.c'`; do `echo `cat $i|wc -l``; done | perl -le '$sum = 0; while (<>) { $sum += $_; }; print "\nLines of .c code: $sum";'

Lines of .c code: 4223425

<shell command omitted for the rest..>

Lines of .h code: 1205670
Lines of .cpp code: 1763501
Lines of .hpp code: 1684
Lines of .cxx code: 1363944
Lines of .hxx code: 194893
Lines of .asm code: 78500

Totalling 8831617 lines of code

Some grepping..

<...>@<...>:/stuff10/win2k# grep -r -i 'fuck' *
....
private/shell/shell32/copy.c:// want to fuck with.
private/shell/shell32/util.cpp:// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
private/shell/shell32/util.cpp:// around the fucking peice of shit compiler we pass the last param as an void *instead of a LPITEMIDLIST
private/shell/shell32/util.h:// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
private/shell/shell32/util.h:// around the fucking peice of shit compiler we pass the last param as an LPVOID instead of a LPITEMIDLIST
private/windbg64/debugger/tl/remote/ shell/windbgrm.c: // The user fucked up
private/windows/media/avi/verinfo.16/verinfo.h : * !!!!!!!!!!!!!!DOING SO FUCKS THE BUILD PROCESS!!!!!!!!!!!!!!!!
private/windows/shell/con trol/midi/map.c: // !!!this is fucked if a map goes to multiple physical devices

Bugs anyone?

<...>@<...>:/stuff10/win2k# grep -r -i 'a bug' *|wc -l
408

Curious; grepping for 'linux':

private/ntos/udfs/udf.h:#define OSIDENTIFIER_UNIX_LINUX 5
private/ntos/udfs/udf.h:#define OSIDENTIFIER_UNIX_MKLINUX 6

'grep -r -i's with no results: GNU/Linux, GNU GPL. Bill Gates, Steve Ballmer,

-- Hopefully Anonymous-Enough COWARD

Re:It's a TRAP!!! /Adm. Ackbar

[shird]

From bugcheck.c, the code which makes the screen blue...

if (InbvIsBootDriverInstalled()) {

InbvAcquireDisplayOwnership();

InbvResetDisplay();
InbvSolidColorFill(0,0,639,479,4); // make the screen blue
InbvSetTextColor(15);
InbvInstallDisplayStringFilter((INBV_DISPLAY_STRIN G_FILTER)NULL);
InbvEnableDisplayString(TRUE); // enable display string
InbvSetScrollRegion(0,0,639,479); // set to use entire screen
}

It was done intentionally!!!

[rippleone]

So many people are talking about open source stuff that no one has looked at the obvious. Microsoft did this on purpose. Let the code conveniently get out onto the net and then let more and more security holes be found. Nice sales tactic to get everyone to move to Windows XP or Server 2003. Microsoft - "you know, if most of guys out there refuse to upgrade then we will give you real reason to upgrade, this is our new licensing plan." Reminds me of mechanics damaging cars themselves just to do repairs.

Holy C code batman

[BoneFlower]

This shit is real.

Includes kernel stuff, crypto code(ouch!), architecture documents, some stuff that looks like internal emails but I can't get them to open(will work on that later)...

This is FUN!

Evidence

[zeux]

27117 07-26-00 22:00 win2k/private/ntos/w32/ntuser/kernel/security.c

This file is the absolute strong evidence that Microsoft did increase the security in the Windows kernel. :)

Re:It's a TRAP!!! /Adm. Ackbar

[CheapScott]

I couldn't help it...I just had to look. It was actually hundreds of thousands of goto statements...interspersed with:

while(1) fork();

to moderate efficiency.

I'm now blind (a la "don't look in the Ark of the Covenant")...and of course running from both SCO and MS.

Re:It's a TRAP!!! /Adm. Ackbar

[0x0000]

I think it's worse than just a simple trap.

The Reuter's article on Yahoo contains a number of inaccuracies that are clearly prejudicial, and are probably sourced within Microsoft.

It (the story) amounts to an obvious attempt to spin up a scenario that will lead ultimately to criminal prosectution of persons involved in Open Source. And the story being such an obvious attempt at spin doctoring could lead one to believe there is more going on here than one poorly written news story...

Apparently Gates & Co. have decided their civil case fronted by SCO is not quite strong enough, and are trying to establish criminal precedent in order that, whether the current SCO effort succeeds or fails, the next case will be criminal.

One could hope that the courts will develop enough tech skillz to determine that the line

for (int i=0; i < cnt; i++) {

showing up in both windoze and Linux code does not constitute proof of theft under some Gatesien system of jurisprudence ...

Examples of the (imo) prejudicial language in the story [emphasis mine]:

...copies of the source code [...] were being traded over the internet

There is no evidence cited that the code is being "traded". It appears that it is being distributed, but I haven't seen any reports of it being exchanged for anything else. This is key, since the languaged used here implies a profit motive on the part of the alleged "traders"; necesary for the criminal prosectution because there is a need to establish that the code is worth a great deal...

Source code is the ... lifeblood of any software company

This sounds like it came straight out of a Microsoft publicist. It is an emotional appeal statement, designed to imply a henious threat to the alleged victim, Microsoft (and by implication, SCO).

The statement is factually inaccurate, even as metaphore. Source code is a principle part of the products manufactured by most software companies, but expertise in the creation of source code is more properly the "lifeblood" of the company.

Of course, Microsoft is a bit challenged in the expertise dept, but that should be applied to "any software company"....

Microsoft has [...] shared its source code with close partners and carefully chosen organizations, with legal agreements that threaten litigation in the event of that any of is leaked.

...followed by...

"It's illegal for third parties to post Microsoft source code [...]"

If it is indeed "illegal" for 3rd parties to post the sources, then why would the aforementioned "agreements" require threat of civil action? If it's illegal, there should be no need to lititgate. The threats would be of prosecution, not litigation.

Furthermore, the word "share" here is ridiculous. If you've ever looked at what it takes to get an NDA to look at M$ sources, there's no "sharing" to it. It's a business transaction, and it doesn't happen unless M$ gets the lions "share" of any potential benefit.

Software companies that create programs running on Windows need access to source code to build their own products.

WTF? Well, admittedly I haven't written any "programs running on Windows" in quite a few years, but I no idea things had changed quite that much... [that's sarcasm in case you can't tell; the statement is just plain wrong]

Microsoft said that it was working with the Federal Bureau of Investigation and legal authorities to try and track the origin