Slashdot Mirror
Microsoft Source Follow-Up
shystershep writes "It's official. Microsoft admits that 'portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet.' No more details, although it seems clear that it is only a portion of the code. Microsoft is, naturally, downplaying its impact, while everyone else is busy speculating about how serious this could get." A lot of you apparently haven't read yesterday's story. An investigation of the code is already underway.
EWeek is reporting that Mainsoft, a partner with Microsoft, is the source of the source code leak.
All the bugs will now be visible and accessible...
Maybe they will be forced to allow the "million eyeballs" to fix them.
Save Yourselves! GPL the code...
If you work on open source... or anything else for that matter.. DON'T TOUCH THIS WITH A 50-FOOT POLE!
Touching this source could make you "tainted" and could give MS or others cause to sue you or shut down your project for assumed trade secret violations. They might not win, but you don't want to have to go to the trouble of being hauled into court over this.
Not that there would be anything all that interesting.. I saw the file listing and it looks like fairly standard stuff... but just the fact that you've seen it could cause tainting to occur.
I repeat: DO NOT TOUCH THIS CODE! Do not download it, look at it, or think about it. Forget that it exists.
<hat type="foil">
Could MS have leaked this intentionally, to bait the OSS community and prepare for a SCO-esque assault?
</hat>
>>BetaNews has learned that Thursday's leak of the Windows 2000 source code originated not from Microsoft, but from long-time Redmond partner Mainsoft.
...
. as p
The leaked code includes 30,915 files and was apparently removed from a Linux computer used by Mainsoft for development purposes. Dated July 25, 2000, the source code represents Windows 2000 Service Pack 1.
Clues to the source code's origin lie in a "core dump" file, which is left by the Linux operating system to record the memory a program is using when it crashes. Further investigation by BetaNews revealed the machine was likely used by Mainsoft's Director of Technology, Eyal Alaluf.
http://www.eweek.com/article2/0,4149,1526830,00
Probably "Former" Director of Technology.
I'm also wondering if anyone will find any code in there that deliberately breaks other apps, as often claimed in the past. Of course, this would be vehemently denied by MS, and claimed as added in by the thief. Is there any kind of CRC check on this thing ?
Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
I wonder how many bugfixes MS will receive as a result of this..
"It's too bad that stupidity isn't painful." - Anton LaVey
According to BetaNews the source code was leaked by a company called "MainSoft" which has been a Microsoft partner for as long as the shared source initiative has been in place. Mainsoft makes a product called mainwin which is used to create native UNIX versions versions of Windows software. They go on to say the information was found by looking at a .core file found with the code.
See here:
http://www.betanews.com/article.php3?sid=107667411 8
C&P for your convenience..
Yesterday's Windows source code leak tracks back to long-term Microsoft partner Mainsoft, according to Betanews. An analysis of the code finds numerous references to Mainsoft's MainWin product, while a post-crash core dump file provides a possible smoking pistol pointing to a Linux machine likely to have been used by Mainsoft technology director Eyal Alaluf.
Mainsoft tells the world that Mainsoft has unprecedented access to Microsoft Windows source code enabling the industry's highest level of Windows compliancy on Unix - quite.
The company was one of two Unix-Windows interoperability specialists which had access to Windows source code under the WISE (Windows Interface Source Environment) programme, the other being Bristol. This three-cornered relationship and the circumstances which led Bristol to mount an antitrust suit against Microsoft are covered in possibly excessive detail here. But the rise of Linux and its growing perception by Microsoft as the threat means that almost four years on this old argument is acquiring renewed relevance.
As regards yesterday's escape, the circumstantial evidence would point to it having been an everyday story of cockups among coding folk. Companies licensed to build products via access to Windows source code are going to be using Windows source code, and it seems inescapable that they are going to put this source code on machines in order to use it. Prior to Microsoft deciding that source code was so darned important and secret that it was going to make a big deal of letting people look at it and spin it up into a Linux countermeasure, source code was just stuff, and we very much doubt Mainsoft staff felt the need to don bunny suits and submit to strip-searches prior to working with it.
You work with other people's source code because you have a need and a licence, and if you don't have a licence you don't work with it, because what you've used will show up in the products you build and you'll get fingered and sued. And if you are offered unlicensed access you're smart not to even look at it, because simply knowing how the stuff works compromises your ability to produce products independently, and renders you difficult/dangerous to employ in the relevant field.
That is why source code tends not to leak - it is not because it's kept in a big safe, no matter what Microsoft's marketing people tell us to the contrary.
Back at the partner with the source code licence, time passes, machines with the code on board change users, change owners, people lose track of where they put all the darn copies, what happened to the darn machines until... oops. It meets someone who knows what it is and they post it.
If this supposition is even partially right then we presume that the someone in question is at least aware of the possibility that it might be possible to construct an audit trail based on where a particular PC went, and that they could therefore find themselves in some considerable trouble over the matter. But as far as the rest of us are concerned, it's important to hold onto the fact that this leak is only important because Microsoft claims its source code is hugely important secret sauce/coke formula.
Whereas it's not really, it's just stuff, and not all of the stuff either. There's an outside chance it could give you information about how you could screw up the world's Windows installations, but the world's virus writers appear to be doing that splendidly without recourse to source access, and carrying on without such access is probably quicker than trying to benefit from it. Finally, this is very important: If you propose to continue working in the IT industry, and somebody offers y
Spoke to someone in Microsoft Support today, they told me it was less than 1% of the OS code.
Playing it down, obviously.
I personally, have no interest in the source, just like I have no interest in the OS.
Join the Free Software Foundation
Release the source... or what appears to be source...
Then tell businesses and users that the only way to be "safe" from possible exploits is to upgrade to the "tighter then a drum" Windows 2003 version.
Sad...I hope someone can trace the release to MS and someone there has the courage to speak up. Of course it may be "terrorists"... oh wait are we still fighting them or are we looking for WMD...
I mean how obvious does MS have to get before the world sees what they are up to.
It's about time these bastards went open source (!) and let the world scrutinize the crap they write.
DISCLAIMER:
I don't believe what I write, and neither should you.
Even, no ESPECIALLY, in criminal court, the burden is on the prosecution to prove guilt beyond a reasonable doubt. They present evidence and the defense attempts to refute it. If the prosecuting attorney walks in, points to the defendant and says, "He did it!" it won't mean a thing even if the defense does nothing.
Gamingmuseum.com: Give your 3D accelerator a rest.