Slashdot Mirror
FBI on the Windows Source Code Theft
Chris Gondek writes "There are various articles about the Stolen Windows Source Code, but today it is confirmed that an FBI task force hunted for a cyber-criminal who posted on the internet source code for Windows which says 'I can confirm that the Northwest Cybercrime Task Force was investigating, FBI spokeswoman Robbie Burroughs said. The posted program is part of the source codes, or blueprints, for Windows 2000 and Windows NT 4.0, according to the company.' "
>> Can they track torrents?
Only the source torrent, people who download from it are only anonymous if there are no logs kept, and even then, due to the way that it works, I doubt that it could be possible.
Correct me if I'm wrong there...
NeoThermic
Use my link above, or to view my server, NeoThermic.com
Anyone that's a peer in the torrent has your IP address. All they have to do is connect to the torrent and start collecting IP addresses of any peer that sends a piece of the file.
File: windows_2000_source_code.zipG Kv54~o6A
E MG Kv54~o6A/windows_2000_source_code.zip
Key: CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKoEM
Bytes: 213748207
CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKo
Of course if you don't have Freenet yet (wtf are you waiting for?) you'd do good to visit http://www.freenetproject.org.
Hmm, maybe I should have quoted more of the article. He goes on to say:
"These instructions have to be converted from the programming language in which they are written, like C or Java or C++ into a binary equivalent that the computer can understand, but that process is not analogous to building a house from blueprints - it's more like translating a book from one language into another."
Why does a magazine called "PC World" write idioticisms like
Among other things, the zip contains the source code to Notepad (you always wanted that!) along with an intriguing bugcodes.txt file that explains a lot of bluescreen/stop errors in more detail than you'll find anywhere else.
G Kv54~o6A
E MG Kv54~o6A/windows_2000_source_code.zip
File: windows_2000_source_code.zip
Key: CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKoEM
Bytes: 213748207
CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKo
Of course if you don't have Freenet yet (what are you waiting for?) you'd do good to visit http://www.freenetproject.org.
ed2k://|file|MSDOS_6.0_Source_Code.zip|21107046|8F DE89245233B5F0501C6817BFF48C6C|/
'SBEMAIL!' is better than a goat!!
NT4 (230 Mb)n fo_ha sh=66a26447f563c3dc2336de74ae37dc14d11dd8b9
n fo_ha sh=f03fc1e04869294d5644d3c8c5d0fb8f2d26aa59
http://torrent.spyderlake.com/download.php?i
W2K (208 Mb)
http://torrent.spyderlake.com/download.php?i
For some reason every limiting, nonsensical case is modded insightful. There is such a thing as culpability under the law. I think it's pretty obvious that if she really did intend to download something else (legally) and instead got the source code, she isn't guilty of anything, and could show that she really was tricked - say if she is none too computer saavy, has a demonstrable interest in cooking, etc. Notice that this is different than knowingly downloading the Windows source code and claiming that "I didn't know it was against the law." That is the genuine "ignorance of the law" for which there is no excuse. In the first case, something is happening to you that is really beyond your control. In the second, you are willingly and knowingly doing something that happens to be illegal.
It doesn't matter what I personally believe is right or wrong, the original poster wasn't talking about personal ethics, it matters what the law and the courts decide is right or wrong.
If ever someone busts your ass for anything, whether it's an overdue library book or murder, feel free to knock on my door asking what I feel is right or wrong but don't expect the law to agree with everything I say.
Rightly or wrongly, as I said before, ignorance is often no defence at all in the eyes of the law. If that offends you, well, I don't know what to suggest because that's pretty much standard practice everywhere on the planet.
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
Coca Cola Formula
Whoa. There is no proof that it was stolen/leaked from a Linux box at all. The file is question may have been assembled on a Linux box, and then copied to a Windows machine, and then stolen/leaked from there. Just because there is a core file from a Linux machine does not mean it was stolen/leaked from that same machine.
You are being MICROattacked, from various angles, in a SOFT manner.
According to BetaNews, a company called Mainsoft is to blame. They allege that Mainsoft had access to the code in order to develop their Visual MainWin tool giving developers the ability to write Linux and Unix apps from within Visual Studio.
Or instead of little red flags, you should have a little light bulb light up that says "What a deal!".
Downloading from the net is not illegal. Putting stuff on the net you don't have rights to is - but the downloaders aren't doing that. They are just accessing publicly available information.
-ZOD-
Oh thats not always true. I bought items from a guy I worked with, in front of my boss. Turned out 6 weeks later the boss found out he was stealing them. I imediatly called the police and explained I had bought items from him and did not know they were stolen. Their response was to charge me with accessory, because in my state, having stolen property is the same as stealing it, even if you do not know its stolen. I had to do 200 hours community service, and lost the items, and the case in civil court to get my money back.
the source codes, or blueprints, Yuck! Please: Spokespersons from the FBI and people from the media - learn to say "code" not "codes". It's like the plural of sheep and hair is still sheep and hair. "codes" are encryption algorithms or something. And the source code for Windows is nothing like a blueprint. Source code is the actual thing we build - a blueprint is a guide for building the thing it describes. For software, the analogous thing to a blueprint would be something like a flowchart.
www.sjbaker.org
Easier than that...just set up your wi-fi card to use a different MAC address from the burned-in MAC.
There's no need to seed or download a torrent to get IPs from the tracker, it's totally separate. A normal BT client will get IPs from the tracker, and provide its own IP, then use that information to make connections and start downloading and uploading. It is trivial to connect to the tracker and ask it for the IP of everybody currently on that torrent, along with their status (seeding, downloading, how much progress). This is why using BT for illegal activity is extremely boneheaded. I doubt if the speed jump was related to MS's tracking, unless they were being stupid.
Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
For those whose assembly (DOS asm none the less!) is rusty, function 09 of int 21h is/was used to print a string to stdout.
-.-- -.-- --..
One fish / Two fish / Red fish / Blue fish
ShyaOS - Think Differently!
Microsoft's Shared Source Initiative is pretty new, the leak is said to be from Mainsoft, which has had access to microsoft source code since 1994.. so yes they have had other programs to give out source code
Don't download that and please spread the word to other forums: This is a fake!
Can be verified by a glimpse at the partially downloaded files: every part-file just consists of text lines saying this:
"Rar!Fake!Hahaha!"
A zillion times of course. So don't waste your time & bandwidth for that. If in doubt, download the first parts to see for yourselves...
Go look in /shell. Lots of messy code there.
Microsoft finally has something to say about this.
-I DDoSed your mom.
As I understood it. They (mainsoft, microsoft or whoever) published source code (not source codes but code!). Souce code is something that looks like:
... the compiler turns this source code into assembly language, something that looks like:
...the linker turns the assembly into:
while(lax_us_laws && sheep_like_users)
{
find_devices();
find_software();
secretly_report_back_to_redmond();
}
mov 0AH, 0x085a
inc 0AH
sub 0B
jmp 0x05a
01001110000010101000010101110101011010101010
So no, they didn't get pre-compiled code (pre-compiled code is assembly language software like the middle step above) so that is a lie (but like so many other things, journalists get very important technicals wrong, publish, and the clueless repeat what they read (and we all suffer).
A blueprint is a set of instructions one gives to builders to make a building or a ship. In that sense, source code is a blueprint and the builders happen to be the compiler and the linker or interpreter.
This is my sig.
Try MUTE http://mute-net.sourceforge.net/
Simple, anonymous, encrypted. I noticed the MS source code was available on the MUTE network yesterday.
Actually you can fake you IP partially (at least in ethernet). Just pick IP belonging to same local subnet so that trafic gets routed to your subnet and then grab packets with that IP.
In practice, it's good idea to wait till some machine is down and then use temporarily free IP. This only works 100% if you know exactly when machine/IP will be down (so it cannot see trafic you generated) and if you can change your card's ethernet address to be also correct. One could also scan constantly to check if rightful owner of IP has become online again but in ethernet everyone can see the scanning.
The source was taken from a computer owned (at least at one point) by Mainsoft.
Windows 2000, XP, and ME all have Windows File Protection. If you replace a system file, the OS is going to ask the user if he/she wants to restore it. All Microsofts system files are signed by Microsoft. The leaked source code doesnt contain Microsofts private key.
It was always possible to do that. Just dump the exports of a .dll, make a new .dll with the same exports that merely hands them off to the old .dll.
.dll. This was all trivially doable before, although its harder now with the File Protection crap in 2k and newer.
Insert whatever code you want before and after handoff to the old
It still comes down to the same thing. If you are running a binary system that's not signed with a trusted key, you are vulnerable. Period. This is as true with Linux as it is Windows. Access to source doesn't change anything.
Besides, if you are running Windows, some terrorist plot to subvert your machine is the least of your problems. Trying to not get infected, 0wn3d, and bluescreened twice a day is a much larger concern. If you are running Windows, you clearly don't care about security anyway.
No, that isn't true. Under U.S. copyright law you own the copyright to something the minute it is created. If I write a song and never register it with the copyright office I still own the copyright and I can still sue over the unauthorized use of my work. Not placing a copyright notice makes it *difficult* to prove ownership but it doesn't make it impossible and it certainly doesn't mean it's now in the public domain.
Additionally, do you really think that Microsoft (or any company in a similar situation) wouldn't simply go in and *add* the copyright notices to their source? It's a trivial matter and who do you think law enforcement will believe: a multi-billion dollar company who says "it was there all the time" or somebody who stole their code and is trying to save themselves from an IP suit? One of the most important things anyone in this situation can do is NOT to underestimate Microsoft. Multimillion dollar companies have done so in the past and many of them are no longer around. How do you think the average hacker will fair?
Anthony Papillion
Advanced Data Concepts, Inc.
"Quality Custom Software and IT Services"
And he messed up the plurals again. It's source code now, but it "were public"...
The writer's use of "were" is correct here. It is the past subjunctive form of "to be", used mostly in "if" clauses and to express hypotheticals.
See The American Heritage(r) Book of English Usage for details.
www.poak.net