Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI on the Windows Source Code Theft

Posted by ryuzaki0 on from the don't-they-use-macs dept.

Chris Gondek writes "There are various articles about the Stolen Windows Source Code, but today it is confirmed that an FBI task force hunted for a cyber-criminal who posted on the internet source code for Windows which says 'I can confirm that the Northwest Cybercrime Task Force was investigating, FBI spokeswoman Robbie Burroughs said. The posted program is part of the source codes, or blueprints, for Windows 2000 and Windows NT 4.0, according to the company.' "

144 of 504 comments (clear)

  1. Simple question by Anonymous Coward · · Score: 5, Interesting

    Can they track torrents? Not that I'm afraid of the Fumbling Bumbling Idiots or anything...

    1. Re:Simple question by NeoThermic · · Score: 4, Informative

      >> Can they track torrents?

      Only the source torrent, people who download from it are only anonymous if there are no logs kept, and even then, due to the way that it works, I doubt that it could be possible.

      Correct me if I'm wrong there...

      NeoThermic

      --
      Use my link above, or to view my server, NeoThermic.com
    2. Re:Simple question by Anonymous Coward · · Score: 5, Interesting

      They're more interested in finding the people who originally copied/published/distributed it. They're not stupid - they probably realize that it's out in the wild now, and chasing each individual downloader isn't going to stop these files being passed around.

      Although, they seemed to clamp down pretty hard on the DOS 6 distributors a few years ago - a few people still have the source to that, but you can't seem to find it out there any more!

    3. Re:Simple question by Anonymous Coward · · Score: 5, Informative

      File: windows_2000_source_code.zip
      Key: CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKoEMG Kv54~o6A
      Bytes: 213748207

      CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKoE MG Kv54~o6A/windows_2000_source_code.zip

      Of course if you don't have Freenet yet (wtf are you waiting for?) you'd do good to visit http://www.freenetproject.org.

    4. Re:Simple question by westlake · · Score: 5, Funny
      Not that I'm afraid of the Fumbling Bumbling Idiots or anything...

      so why do you post as an Anonymous Coward?

    5. Re:Simple question by Anonymous Coward · · Score: 2, Interesting
      I got a letter from my ISP's abuse team, regarding "unauthorized distribution of microsoft source". They said they didn't release my personal details, but it would be in my best interests to destroy said source if I had encountered it somehow. I followed their advice. See the following.

      To the user at (ip address):

      The unauthorized copying and distribution of Microsoft's protected source code is a violation of both civil and criminal copyright and trade secret laws. If you have downloaded and are making the source code available for downloading by others, you are violating Microsoft's rights, and could be subject to severe civil and criminal penalties.

      Microsoft demands that you immediately (1) cease making Microsoft's source code available or otherwise distributing it, (2) destroy any and all copies you may have in your possession, and (3) provide us any and all information about how you came into possession of this code.

      Microsoft takes these issues very seriously, and will pursue legal action against individuals who take part in the proliferation of it source code. We look forward to your prompt cooperation. Should you need to contact me, I can be reached at the address above or at emailaddress@microsoft.com.
    6. Re:Simple question by cliffiecee · · Score: 2, Funny

      'cause he's afraid for his karma.

    7. Re:Simple question by CaptainAx · · Score: 2, Insightful

      It doesn't matter how much work it is. If they trace the source of the leak to someone using this type of service, they will expend a vast amount of energy and money to find it. It doesn't matter how many tunnels, BNCs, VPNs, proxies or PGP encrypted sessions they need to get through, the FBI with the backing of Microsoft *will* find the perp. They have 52.78 billion in cash.

  2. Scapegoat by DigiShaman · · Score: 4, Interesting

    There will be a scapegoat regardless if they find the real criminal or not. After all, Microsoft wants to ease the minds of consumers and investors.

    --
    Life is not for the lazy.
    1. Re:Scapegoat by AlaskanUnderachiever · · Score: 4, Interesting
      That's true, I've noticed an increasing trend in heavy media coverage of computer related crime as far as the chase, catching the "criminal" and the beginning of the trial. . . HOWEVER I've seen precious little followup on sentencing, etc. I've really begun to wonder if a goodly percentage of those publicized as caught end up innocent (at least of the charges brought against them) and walk away. Eeh, it's probably just my paranoid mind at work. . .

      --
      Find out about my new childrens book: SS Death Camp Criminal Batallion Go To Monte Carlo For The Massacre
    2. Re:Scapegoat by Knight55 · · Score: 5, Funny
      I think they could catch you if sheffif taylor is outside and knows who you are, but if you're smart enough you wouldn't be so obvious.

      Buy a laptop for cash at wal-mart

      configure netstumbler

      upload source code on random insecure wi-fi miles away from your house in a metropolotin area

      Throw said laptop in fire

      Drive home and watch a re-run of friends.

      thats it.

      --
      1888 Franklin St.
    3. Re:Scapegoat by espo812 · · Score: 4, Interesting
      HOWEVER I've seen precious little followup on sentencing, etc.
      I don't think this applies only to computer crimes. I constantly read about all kinds of crazy crimes involving real world and number world (say fraud or idenity theft, etc). Strange thing is, I never hear if the murderer was sentenced (unless he's given the death penalty) or if the fraudster was convicted (even though the media claims he stole $8 Million worth of widgets), etc.

      In summary, the media reports the catch and the outlandish - without bothering to follow through with what actually happens. The problem is solved from their end (to paraphrase office space).
      --

      espo
    4. Re:Scapegoat by SpaceLifeForm · · Score: 4, Informative

      Whoa. There is no proof that it was stolen/leaked from a Linux box at all. The file is question may have been assembled on a Linux box, and then copied to a Windows machine, and then stolen/leaked from there. Just because there is a core file from a Linux machine does not mean it was stolen/leaked from that same machine.

      --
      You are being MICROattacked, from various angles, in a SOFT manner.
    5. Re:Scapegoat by Anonymous Coward · · Score: 3, Funny

      "And I would tell you this. If you happen to park your car and try hacking on my ststem, I have a nice honey pot waiting. It is like a guy in a house with a gun waiting for a burglar. Come on, come and get it. It's dinner time."

      Sounds more like a retard with a gay piece of software. 00h, ph33r my h0neyp0t. It is my .44 magnum of anti-hax0r toolz.

    6. Re:Scapegoat by rekoil · · Score: 2, Informative

      Easier than that...just set up your wi-fi card to use a different MAC address from the burned-in MAC.

    7. Re:Scapegoat by mattyp · · Score: 3, Insightful
      you guys have it all wrong: IMHO, microsoft posted the code themselves. they are planning ahead, so they can be like SCO, and accuse linux of incorporating their IP in the future... the problem is, they had to leak it first... notice they released only old versions.

      Why did they take the risk? Because it's not a risk. It turns out they've learned the lessons from opensource, and now they embrace it, though in a familiar embrace, extend and smother way.

    8. Re:Scapegoat by Carewolf · · Score: 2, Interesting

      In fact the code is filled with tell-tale signs of a windows virus, meaning it has at least been on an infected windows machine at one time.

      The Linux thing is just Microsoft/media twist.

  3. Good to hear it by Anonymous Coward · · Score: 5, Funny

    The FBI really needs to crack down on this whole Internet thing before the terrorists get their hands on that source code. Good to see they're doing something about it.

    1. Re:Good to hear it by Pierre · · Score: 4, Funny

      I know what you mean. I've seen source code all over the internet and they never seem to do anything about it. The folks at debian ought to call the FBI - they're being robbed blind!

  4. "In jeopardy is Microsoft's near-monopoly" by zegebbers · · Score: 5, Insightful

    In any case, Microsoft's code allows the company to keep its near-monopoly on computer operating systems, for the same reason Coca-Cola guards its secret formula.
    Yes, It's very lucky that there is absolutely no way to obtain any MS source code!

    --
    Unpretentious Sydney reviews by unqualified Sydney reviewers
    1. Re:"In jeopardy is Microsoft's near-monopoly" by Epistax · · Score: 2, Insightful

      In any case, Microsoft's code allows the company to keep its near-monopoly on computer operating systems, for the same reason Coca-Cola guards its secret formula.

      Water, high fructose corn syrup and/or sucrose, caramel color, phosphoric acid, natural flavors, caffeine.

      Uh uh the fuzz is after me.

    2. Re:"In jeopardy is Microsoft's near-monopoly" by Epistax · · Score: 2, Funny

      That's vanilla, orange, lemon, nutmeg, cinnamon, coriander, neroli, alcohol, and critic acid. Would you like it premixed? Powdered form costs less to ship...

  5. well... by G27+Radio · · Score: 5, Informative

    Anyone that's a peer in the torrent has your IP address. All they have to do is connect to the torrent and start collecting IP addresses of any peer that sends a piece of the file.

    1. Re:well... by Anonymous Coward · · Score: 5, Funny

      Yeah there is, I was at some of the sites recommended by all those e-mails I get every day and a window appeared and told me that I was surfing insecurley ( and that Adult content had been spotted on my hard drive ) so I downloaded there utilities at once and so now I'm totally protected.

    2. Re:well... by swillden · · Score: 3, Funny

      Is there a way to hide your IP yet? Surely SOMEONE has come out with a way to hide IP addresses from those who snoop?

      Oh, absolutely. The trick is to change your IP address to that of someone else, or even a completely invalid IP address. Just hook your computer up to your DLS or cable modem, let it assign you a dynamic address then manually override that address, changing it to something else. The "private" IP address spaces work well, like anything in 10.x.x.x or 192.168.x.x, to name two.

      Of course, having effectively disguised your source IP, you will have made it impossible for any other system on the Internet to send packets to you, so you won't actually be able to download anything...

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  6. Interesting note... by lukewarmfusion · · Score: 2, Interesting

    The security officer at Microsoft, Scott Charney, used to be the head of the FBI Cybercrime unit. I'm not sure of his exact title at either position, but I remember him speaking to my college class shortly after he left the FBI and before he started at MS.

    1. Re:Interesting note... by DustMagnet · · Score: 5, Informative
      From http://discuss.washingtonpost.com/wp-srv/zforum/02 /sp_technews_charney091702.htm:
      Los Angeles, Calif.: Did you ever work for the FBI?

      Scott Charney: No, I worked for the Dept. of Justice as a prosecutor in the Criminal Division. The FBI is a different part of Justice.

      --
      'SBEMAIL!' is better than a goat!!
  7. Illegal to download? by Anonymous Coward · · Score: 5, Insightful

    The article says FBI spokesperson said 'It's illegal to download it.'. How can that be? Is it really so? What if your girlfriend downloads a file called 'cookingrecipes.zip' and it happens to contain stuff she did not know - such as Windows source code? Does that mean innocent downloaders can be put in jail?

    1. Re:Illegal to download? by WIAKywbfatw · · Score: 5, Insightful

      Ignorance rarely is a valid defence in the eyes of the law. If you're speeding at 70mph in an area where the speed limit is 50 mph then you not knowing that you were above the speed limit is not a valid defence.

      Similarly, if you hold a barbeque and your kids sneak off with some beers, get drunk and do something stupid then you're still liable for any laws that you may have unknowingly broken (providing alcohol to a minor, etc).

      Just because you didn't know you were breaking the law that doesn't excuse you from any possible punishment. Look at what happened to the grandfather who got hit with a hammer by RIAA because his grandkids used his PC to download copyrighted material over P2P networks without his knowledge. He had no clue what the kids were up to but he was still held liable for their actions.

      If your theoretical "cookingrecipes.zip" defence was held up in court I'd be surprised. It would be carte blanche for copyright infringers, paedophiles and anyone else intent on evading the law to disguise their activity by giving the files they were swapping innocent file names and then claiming that they "didn't know" what the files really contained.

      --

      "Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
    2. Re:Illegal to download? by Henry+V+.009 · · Score: 2, Interesting

      I don't think anyone has ever been prosecuted for downloading copyrighted material. Certainly for uploading it. But downloading is another ballgame.

    3. Re:Illegal to download? by martinX · · Score: 3, Insightful

      Look at what happened to the grandfather who got hit with a hammer by RIAA because his grandkids used his PC to download copyrighted material over P2P networks without his knowledge. He had no clue what the kids were up to but he was still held liable for their actions.

      And so you think it's right? Given the many many ways of disguising the true nature of files, images, URLs etc before they are downloaded, how can anyone in their right mind think that any computer user who had no intention to break the law could be held liable for grabbing something they didn't know was illegal to have.

      Your analogies are bad analogies. Find some new ones.

      --
      When they came for the communists, I said "He's next door. Take him away. Goddam commies."
    4. Re:Illegal to download? by Rostin · · Score: 5, Informative

      For some reason every limiting, nonsensical case is modded insightful. There is such a thing as culpability under the law. I think it's pretty obvious that if she really did intend to download something else (legally) and instead got the source code, she isn't guilty of anything, and could show that she really was tricked - say if she is none too computer saavy, has a demonstrable interest in cooking, etc. Notice that this is different than knowingly downloading the Windows source code and claiming that "I didn't know it was against the law." That is the genuine "ignorance of the law" for which there is no excuse. In the first case, something is happening to you that is really beyond your control. In the second, you are willingly and knowingly doing something that happens to be illegal.

    5. Re:Illegal to download? by WIAKywbfatw · · Score: 4, Informative

      It doesn't matter what I personally believe is right or wrong, the original poster wasn't talking about personal ethics, it matters what the law and the courts decide is right or wrong.

      If ever someone busts your ass for anything, whether it's an overdue library book or murder, feel free to knock on my door asking what I feel is right or wrong but don't expect the law to agree with everything I say.

      Rightly or wrongly, as I said before, ignorance is often no defence at all in the eyes of the law. If that offends you, well, I don't know what to suggest because that's pretty much standard practice everywhere on the planet.

      --

      "Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
    6. Re:Illegal to download? by ch-chuck · · Score: 2, Offtopic

      it matters what the law and the courts decide is right or wrong.

      The Law is an Ass, it is stupid, blunt and rarely just. I don't know why most every 'do-gooder' consists primarily of getting laws passed and then think they've accomplished something. The decline of the west is largely the legislation of freedom and common sense out of existence, sacrificing the greater for the benefit of lessers.

      --
      try { do() || do_not(); } catch (JediException err) { yoda(err); }
    7. Re:Illegal to download? by rblum · · Score: 2, Interesting

      They might be bad analogies, but they're the law. Same goes for your cookingrecipes.zip. The only way for your girlfriend to get out of this is to actually call the police and notify them that that's not what she downloaded.

      Come to think of it, maybe people should do that. I can just imagine how happy the police would be about all those calls :)

    8. Re:Illegal to download? by zod1025 · · Score: 4, Informative

      Or instead of little red flags, you should have a little light bulb light up that says "What a deal!".

      Downloading from the net is not illegal. Putting stuff on the net you don't have rights to is - but the downloaders aren't doing that. They are just accessing publicly available information.

      --

      -ZOD-
    9. Re:Illegal to download? by Henry+V+.009 · · Score: 3, Insightful

      True. And if you redefine copyright infringement as "theft," I suppose a downloader would be liable for "misappropriation damages" under the Uniform Trade Secret Act. But damages could only appear if the downloader were to do something commercial with the code (or possibly put it up for upload). So I don't think that the trade secret angle matters that much here.

    10. Re:Illegal to download? by badriram · · Score: 2, Insightful

      In this scenario, it is not ignorance of the law we are dealing with. We are dealing with not knowing what you are downloading. If you sign official documents, you would notice a line that says, to the best of my knowledge and belief, they are true, correct
      So when you did download a file that was named as something else you cannot be held responsible. On the other hand if you hold on to the file after you realize that it is the windows source you will be in trouble.
      Think about it as a virus.... If you accidentally clicked on a virus, you are not going to get into any trouble. If it was intentional you will.

    11. Re:Illegal to download? by iceburglar · · Score: 2, Insightful

      Ignorance can be used as a defense in certain cases, such as the case the OP mentioned. You cannot claim ignorance of something that is considered common knowledge (like speed limits, where a "reasonable person" would be expected to check for signs before traveling at an excessive rate of speed). To go back to the OP's case, if his girlfriend downloaded a file from a cooking site named "cookingrecipes.zip" and it contained illegal data, her argument of ignorance would stand up in court (other things like her level of epertise with computers, which could be demonstrated by her education level, e.g. she has a culinary arts degree, rather than a CS degree). However, if she downloaded said file from Lotso-warez.ru, the ignorance thing probably would not work. This whole thing is MOOT however, since they don't care if your argument will stand up in court or not, they just care whether or not you can afford to defend yourself. See DirecTV and the RIAA extorting their customers to pay thousands or else be sued.

      --
      iceburglar "If it wasn't for date rape, I'd still be a virgin."
  8. Blueprints? by nickos · · Score: 3, Interesting

    What's with calling code "blueprints"?

    The BBCs Bill Thompson says in a recent article:

    "In the coverage of the release of the Windows source code we've seen journalists try to describe what it is that has been posted to websites around the net, but those who didn't descend into cliche seemed only able to use the most misleading metaphors.

    Perhaps the most common is to describe the source code as a "blueprint", presumably because we've all seen movies in which architects pore over blueprints of buildings under attack, or because middle-class readers all have the blueprints of their extensions carefully filed away.

    But source code isn't the blueprint: it is the thing itself. The source is the set of instructions given to the computer that, when executed, cause the behaviour we see on screen.    "

    1. Re:Blueprints? by Anonymous Coward · · Score: 3, Insightful

      Technically, you could call source code blueprints. The compiler follows the instructions you've requested, then translates it into assembly and then object code. Some compilers will do a good job (Intel's) and others will needlessly bloat the specifications (GCC). Just like building a house.

    2. Re:Blueprints? by lseltzer · · Score: 4, Insightful

      It's a perfect metaphor. Computers don't run C code, just as we don't live in drawings of houses. Both are human-readable representations that we can use to build the implementation.

    3. Re:Blueprints? by nickos · · Score: 2, Informative

      Hmm, maybe I should have quoted more of the article. He goes on to say:

      "These instructions have to be converted from the programming language in which they are written, like C or Java or C++ into a binary equivalent that the computer can understand, but that process is not analogous to building a house from blueprints - it's more like translating a book from one language into another."

    4. Re:Blueprints? by tornado2258 · · Score: 3, Interesting

      It's all very well complaining about the failings of the blueprint metaphor but when trying to explain to someone what source code is it is very hard to come up with something accurate. Where else can you have something like source code. If you tell someone that the source code is the program then they don't understande the signifigance of it compared to binaries and as soon as you start explaining about compiling they really get confused. I know people doing tech support who don't know how programs are made - that is something someone else does they just tell you to reboot.
      I agree whole heartedly with Bill Thompsons call for greater computer literacy but in the interim can anyone come up with a better way to explain what source is to someone who doesn't care how a computer is programmed but is worried hackers are going to get control of their computer after hearing the news reports.

    5. Re:Blueprints? by Anonymous Coward · · Score: 5, Funny
      Hmm, maybe I should have quoted more of the article.

      What and ruin another pedantic rant with facts? Never.

    6. Re:Blueprints? by gnu-generation-one · · Score: 5, Funny

      "Technically, you could call source code blueprints."

      Technically, only if you printed it. In blue.

    7. Re:Blueprints? by ocie · · Score: 3, Interesting

      I like to call source and excutable instructions. Instructions can be given at a number of levels:

      top) go to the kitchen and get me a beer

      lower) stand up
      walk 12 paces due north
      open the refrigerator
      remove 1 beer
      close the refrigerator
      walk 12 paces due south

      lower still) contract the following muscle groups until you are standing upright ...

      The point is that we usually give instructions to other people in the first way, sometimes going into the detail of the second way, but never in the third because it would take too long and wouldn't work anyway (How do you describe the complex process of just standing upright? And in a way that applies to all people?)

      In the same way, computers are programmed in one of the two first ways and although you can program them in the third way it takes longer and doesn't work for all computers in the same way.

      --
      JET Program: see Japan, meet intere
    8. Re:Blueprints? by __past__ · · Score: 2, Funny

      So interpreters are equivalent to living in a cardbox?

      --
      Programming can be fun again. Film at 11.
    9. Re:Blueprints? by madpierre · · Score: 2, Funny

      he means the ... BSODprints. :D

      --
      siggy played guitar
    10. Re:Blueprints? by timotten · · Score: 2, Insightful

      Nope. A blueprint is a plan. A house is an implementation of the plan. Likewise source code is an _implementation_ of a plan - not a plan.

      These things are relative:

      1) flow chart:source code :: blueprint:house
      2) source code:machine code :: blueprint:house
      3) machine code:execution :: blueprint:house

      4) building requirements spec:blueprint :: blueprint:house
      5) blueprint:house :: blueprint:house
      6) house:daily life :: blueprint:house /* a bit tenuous */

      What I find neat is that the relation is transitive, i.e.

      1+2) flow chart:machine code :: blueprint:house
      1+2+3) flow chart:execution :: blueprint:house
      2+3) source code:execution :: blueprint:house
      4+5) building requirements spec:house :: blueprint:house

  9. MIcrosoft is ultradevious by John+Jorsett · · Score: 3, Insightful

    Aha. Microsoft gets one of its sock puppets to expose some obsolete source files of an old version of Windows, and has them do it on a Linux box in order to make it look like Linux is as shaky in the security department as Windows. My God those people are Machavellian. I'll bet some of the same people behind the fake Mars landers are behind this.

    1. Re:MIcrosoft is ultradevious by One+Louder · · Score: 2, Insightful

      If they were trying to make Linux look bad, then it probably would have been a good idea to remove all those bogus .eml files that indicate the server was infected by Nimda. Wherever these files came from, clearly security wasn't a very high priority.

  10. heh... by mrscorpio · · Score: 4, Funny

    Why would the FBI care unless the source code had all the secret gov't backdoors plainly visible? :)

    Chris

    1. Re:heh... by sangreal66 · · Score: 2, Interesting

      You can ask the FBI to investigate any cybercrime that has damages of, I believe, $5000 or more.

  11. I don't know if this is true by gustgr · · Score: 3, Interesting

    but at freenode a guy said he downloaded the source in one of his company computers and on the other day the admin/root got an e-mail from Microsoft with a warning and the IP which did the illegal download.

    As one have already said here, the best thing to do is to stay away from that file.

    1. Re:I don't know if this is true by Daniel+Boisvert · · Score: 5, Interesting

      cough... cough... FUD...

      I spoke with a gent on the same network reporting the same experience (could be the same guy :) and read the email they sent him. The email was sent from Microsoft, not from the FBI or any law enforcement entity.

      It's not FUD. The gent in question also mentioned that his torrent download jumped from about 100K/s to 600K/s at some point through the download, which would lead me to believe that somebody with fat pipes *cough*Microsoft*cough* jumped into the swarm, likely in order to start tracing IP addresses.

      I do wonder a bit about that, however, because if Microsoft jumps into the torrent to start nabbing IP's, haven't they also contributed to the dissemination of the source code by participating in its distribution? I'd imagine that it's no more of a problem for them legally than it is to undercover police selling drugs in sting operations. I do wonder if it should be, however...especially considering that they're *not* a law enforcement agency.

      Dan

    2. Re:I don't know if this is true by HeghmoH · · Score: 4, Informative

      There's no need to seed or download a torrent to get IPs from the tracker, it's totally separate. A normal BT client will get IPs from the tracker, and provide its own IP, then use that information to make connections and start downloading and uploading. It is trivial to connect to the tracker and ask it for the IP of everybody currently on that torrent, along with their status (seeding, downloading, how much progress). This is why using BT for illegal activity is extremely boneheaded. I doubt if the speed jump was related to MS's tracking, unless they were being stupid.

      --
      Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
  12. Not so much fuss about Debian or SF break ins by DrSkwid · · Score: 5, Interesting


    You'd think the FBI had some sort of pro-corporate bias!

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
    1. Re:Not so much fuss about Debian or SF break ins by lukewarmfusion · · Score: 5, Interesting

      As I posted earlier in this discussion, the MS security officer is Scott Charney, formerly of the FBI Cybercrime division. So yes, there certainly are connections.

    2. Re:Not so much fuss about Debian or SF break ins by krumms · · Score: 3, Insightful

      Duh. Corporate America and the US Government are business partners.

      The more money you have, the more of an American you really are in the eyes of the government.

  13. Re:maybe now... by holizz · · Score: 5, Funny

    It was only about 5% of the source that got released so we'll only see about 20 backdoors.

  14. blueprints or by j_dot_bomb · · Score: 2, Funny

    >..is part of the source codes, or blueprints,..
    or punch cards (just in case you still dont get it)

  15. Help your local law enforcement team by Linker3000 · · Score: 5, Funny

    REWARD

    Have you seen this code:

    MOV AH,09h

    Believed to be part of a larger gang of code, this fragment is guilty of initialising a register for potentially illegal or disruptive purposes, notably the dissemination of disturbing messages or misinformation. Older intelligence indicates that the code was often seen accompanied by its partner:

    INT 21h

    But now believed to be part of a larger organisation.

    --
    AT&ROFLMAO
    1. Re:Help your local law enforcement team by Biffer4810 · · Score: 3, Informative

      For those whose assembly (DOS asm none the less!) is rusty, function 09 of int 21h is/was used to print a string to stdout.

      --
      -.-- -.-- --..
      One fish / Two fish / Red fish / Blue fish
      ShyaOS - Think Differently!
  16. Re:Not normally pro Microsoft by bhima · · Score: 5, Insightful
    The source for Linux is available.

    I haven't had many problems with it.

    Maybe you are over reacting.

    Not that I condone this

    --
    Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
  17. This just in, M$ hires RIAA Lawyers... by Knight55 · · Score: 2, Funny

    Revenue at 11. --- "What is your fascination with my forbidden closet of mystery?"

    --
    1888 Franklin St.
  18. Re:Not normally pro Microsoft by smittyoneeach · · Score: 3, Insightful

    What good was gained from doing this? What benifit is there?
    This whole affair is going to have one effect similar to that of major virus upgrades: it will scare the recalcitrant to upgrade.
    Deliberately falling short of carrying that analysis any further...

    --
    Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  19. No, you're wrong by seizer · · Score: 2, Funny

    5% of 63000 is 3150.

    (c.f. Bugfest! Win2000 has 63,000 defects! :-)

  20. MSHTML was in the .tar and Winsock by Anonymous Coward · · Score: 5, Interesting


    MSHTML.dll for those that don't know is the heart of Internet Explorer , (iexplore.exe is just a wrapper for mshtml) prepare for some exciting browser exploits , Winsock should ensure there is plenty of fun to be had with windows networking sockets

    and don't forget MSPaint was in the source tree so Adobe had better watch out :))

  21. Re:Not normally pro Microsoft by calyptos · · Score: 2, Insightful

    I agree that it was wrong to release the source code without permission, but I disagree with you sueing the one who distributed it. If you have a problem with your computer's security and feel the need to sue someone, sue Microsoft. You'd lose though, you've already signed an agreement excusing them from practically everything. I have a feeling if the source code to my linux distribution was ilegally released (its not finished, and MY software isn't free until I say so) that the FBI wouldn't give a shit.

    --
    http://illhostit.com/ - Webhosting
  22. Re:Not normally pro Microsoft by BorgDrone · · Score: 2, Insightful
    I wonder, (...) if I can sue the person who let out the code because it will increase the time I have to spend securing my system.

    If you want to be secure, you shouldn't be using software whose security depends solely on the secrecy of the source. it's know as "security through obscurity" and almost everyone agrees it doesn't work.

    Even microsoft won't be so stupid as to rely on it.
  23. What is there to investigate? by valentyn · · Score: 5, Funny

    What went wrong with the US law system? Microsoft is finally in compliance with their anti-trust regulations, opening up API's and stuff, and now the FBI is investigating that? ;-)

    --
    my other sig is a 500 page novel
  24. Pure Public Relations by rueger · · Score: 5, Interesting

    After reading the article, I can only say it's pure PR speak, factually error prone, and more than a bit slanted. Perhaps this paragraph explains the timing:

    "The announcement of the leak came on the same day Microsoft pushed in Washington for tougher anti-counterfeit legislation in the United States and worldwide, saying pervasive pirating of computer software was hurting the industry."

    Given that any number of companies and computer professionals have access to Windows source for various reasons, it's not unreasonable to think that occasionally chunks of it appear in the wild.

    And certainly a lack of source code hasn't slowed down the virus and worm industry.

    Consequently I have to assume that this story is just a way for Microsoft to build support for even more draconian anti-piracy and DRM laws.

    As a post-script - the original post and magazine link should be modded +5 funny at best. It's really quite pathetic.

    --
    Three Squirrels
  25. Download it on Freenet...Anonymously! by Anonymous Coward · · Score: 5, Informative

    Among other things, the zip contains the source code to Notepad (you always wanted that!) along with an intriguing bugcodes.txt file that explains a lot of bluescreen/stop errors in more detail than you'll find anywhere else.

    File: windows_2000_source_code.zip
    Key: CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKoEMG Kv54~o6A
    Bytes: 213748207

    CHK@JANQuMJMYGNWPVWyfwBwyXPsgBwPAwI,LeWue01uUKoE MG Kv54~o6A/windows_2000_source_code.zip

    Of course if you don't have Freenet yet (what are you waiting for?) you'd do good to visit http://www.freenetproject.org.

    1. Re:Download it on Freenet...Anonymously! by Weird+O'Puns · · Score: 2, Funny

      Among other things, the zip contains the source code to Notepad (you always wanted that!)

      Yes, screw Vi and Emacs! I can finally get Notepad on my Gentoo box. There is no need for some fancy syntax highlighting or keyboard shortcuts. Notepad is everything any self respecting geek needs.

      I wonder when ebuild will be available.

  26. Yes, you can find DOS 6 source! by Anonymous Coward · · Score: 3, Informative

    ed2k://|file|MSDOS_6.0_Source_Code.zip|21107046|8F DE89245233B5F0501C6817BFF48C6C|/

  27. The article is complete crap by 1u3hr · · Score: 5, Interesting
    Counterfeiters have been trying to get their hands on Windows source code for years. So have computer activists who say that programs could be made to work better with Windows if the source code were public.

    Counterfeiters don't want the source code, they just copy the binaries and maybe a hack to circumvent registration.
    "Computer activists" even less so -- copying Windows code would poison any GPL project.

    In any case, Microsoft's code allows the company to keep its near-monopoly on computer operating systems, for the same reason Coca-Cola guards its secret formula.

    True; but the reason Coke and MS have near monopolies is because of marketing, not innate superiority of their products (Pepsi wins most blind taste tests; Macs win all usability tests).

    In parts of Asia and the former Soviet Union piracy rates approach 90 per cent, they said. As a result, the US software industry loses $US13 billion ($A16.52 billion) a year for counterfeiting and other forms of software piracy.

    Debatable; but irrelevant anyway.

    The US Congress is considering legislation designed to close a number of legal loopholes often allowing counterfeiters to get away with their activities, specifically prohibiting trafficking in genuine authentication components.

    Again, the idea that this will make piracy more prevalent -- it will have no affect at all on MS warez.

    1. Re:The article is complete crap by Daengbo · · Score: 3, Interesting

      Aw, heck: the last computer software store I went in had the XP Service Pack with the anti-piracy measures hacked out. No one needs the source to do this stuff, do they?

      --
      Put identity in the browser.
  28. Microsoft doesn't know how the source was released by hillct · · Score: 4, Interesting
    I love this:
    Microsoft said that its own security had not been breached by whomever did the posting, nor was it released by a series of companies and governments with whom it shares the source code for the purpose of building software to work with Windows.
    Aparently Microsoft has no idea how the source code was relased. This doesn't speak well for their security. If they can't protect their own code repositories - their single most valuable asset - how can we expect them to provide a secure or even non-trojaned product?

    --CTH
    --

    --Got Lists? | Top 95 Star Wars Line
  29. Piracy != lost profit by inf0mike · · Score: 5, Interesting
    As a result, the US software industry loses $US13 billion ($A16.52 billion) a year for counterfeiting and other forms of software piracy.

    It amazes me just how much emphasis is placed on financial losses due to piracy. Just because people are using pirated versions of software does not mean they would have bought it anyway! The figure qouted is a "best case scenario" projection of what could have been new sales, but the companies are not actually losing that amount from money they have already earned.

    1. Re:Piracy != lost profit by Anonymous Coward · · Score: 2, Insightful

      Shouldn't we adjust that "financial loss" number by subtracting out the $$$ made by selling people like me computers with Windows on them? Often without a choice? Only to have me reformat the drive and install Linux? Someone else gets Windows without paying, that should be balanced by me paying for Windows and not using it. It's like them rooting through my trash cans before the truck picks them up .

    2. Re:Piracy != lost profit by thales · · Score: 4, Insightful

      The Piracy of Windows hurts Linux more than Microsoft because most of the piracy occurs in areas where the majority of the people can't afford the high cost of a Windows OS. If it were impossible to pirate a copy of MS Windows, then most of these people would be using more affordable Linux distros, rather than buying Windows and Windows software.

      --
      Quemadmodum gladius neminem occidit, occidentis telum est
  30. Law enforcment by panxerox · · Score: 2, Insightful

    the main functions of law enforcment are revenge and the instillment of fear rather than prevention. they seem to be performing thier function quite well.

    --
    "It's so convenient to have a system where everyone is a criminal" - A. Hitler
  31. Intellectual Property by Anonymous Coward · · Score: 2, Funny

    The bonus from this situation is clearly not the free code. It is that we actually get free coporate based entertainment. People would pay good money to see Microsoft cry.

    Big it up for Captain X.

    Intellectual property, eh!? What intellect? What property? Get over yourself MS.

  32. Torrent for W2K and NT4 source by Anonymous Coward · · Score: 3, Informative

    NT4 (230 Mb)
    http://torrent.spyderlake.com/download.php?in fo_ha sh=66a26447f563c3dc2336de74ae37dc14d11dd8b9

    W2K (208 Mb)
    http://torrent.spyderlake.com/download.php?in fo_ha sh=f03fc1e04869294d5644d3c8c5d0fb8f2d26aa59

    1. Re:Torrent for W2K and NT4 source by phritz · · Score: 3, Insightful

      As has been pointed out, you are not anonymous when you use bitTorrent. If you're stupid enough to download from the links in the parent, there's a very good chance that someone at microsoft or even the FBI will be logging your IP address. Don't be stupid - ignore the parent.

    2. Re:Torrent for W2K and NT4 source by epiphani · · Score: 2, Troll

      I really dont give two shits about them knowing that I'm downloading their source code. Under what other circumstances is downloading information Illegal? With the exeption of child pornography, which is designed to avoid the exploitation of minors - I cant think of anything.

      I'll happily download that source code, and happily tell everyone about it. Until I take that source code and do something illegal with it, I think I'm in the clear. If people show up at my house and say I've stolen source code - they're wrong. It was publically availible. I didnt break into someone computer to get it.

      I'd happily fight off a lawsuit regarding this.

      --
      .
    3. Re:Torrent for W2K and NT4 source by westlake · · Score: 2, Funny
      I think I'm in the clear

      be sure to let us know when you are done with community service, enlightenment at club fed, and paid off that second mortgage on your house---which is what ignorance and attitude can cost you.

      never mistake the risks of a civil lawsuit for those of a criminal trial!

  33. Re:Not normally pro Microsoft by diersing · · Score: 4, Interesting
    I am a Windows Administrator, I'm not anti-MS.

    The leak of the code scares the shit out of me. We've had some rather nasty security bits on the net lately and this is not a reassuring development.

    will increase the time I have to spend securing my system. although true, my main target in such a suit would MS itself for (1) not securing the code properly (2) recent stories (and past ones) of them sitting on security patches for months on end.

    If someone broke into my house and I followed my handbook and best practice about securing my house and it was STILL penetrated I want to go after the security document, not the intruder (the intruder would be handled by the criminal courts, my case is civil and monetary in nature since everytime some BS exploit is released and MS hasn't a patch my company is spending money to monitor and sort things out.

    Vary rarely will you see a class-action suit against an individual (I can't recall one, just ones against companies when their neglegence is going to lead to a large cash settlement..... I wonder how the MS lobbyest have protected them from such action)

  34. Re:Not illegal in China,India,Asia,Europe,Scandina by gnu-generation-one · · Score: 2, Interesting

    Not illegal in China, India, Asia, Europe, Scandinavia... I can hear them laughing from here

    Well the defense of U.S. computers does depend a lot on the security of MS-Windows. And Microsoft has said that if the source code were made public then it would compromise the security of Windows.

    So...

    prepare for the imminent attack?

    If you believe what Microsoft said in court, and what the US government said on TV, it might be time to look at buying generators and water filters...

  35. shoulda been posted on microsoft.com by savuporo · · Score: 4, Funny

    If MS corporate net was really compromised, like BBC reported, the leaker should have posted it on download.microsoft.com.
    If it were posted there ( like in DirectX9.1.zip or somesuch ), would they still have legal grounds to hassle the users who downloaded it ?

    --
    http://validator.w3.org/check?uri=http%3A%2F%2Fwww.slashdot.org Errors found while checking this document as HTML5!
  36. Who'd want that old junk anyway? by no+longer+myself · · Score: 3, Insightful
    I'm pretty sure from the posting pattern here on Slashdot that Microsoft has moles posting and trolling (and you guys know who you are), but for the life of me, I can't recall any law (IANAL) that prohibits the downloading of a "leaked file". Oh sure, we all know that possession of certain kinds of pornography and other files can get you into nasty trouble, but really... If that were the case, then why didn't the FBI start investigating IBM when SCO started belly-aching?

    On the flip side, I've already given up on Microsoft, and want nothing further to do with them or their products, so somebody leaking their code is almost a bad joke to me at this point. The most likely conspiracy to come out of this is that the next version of the Linux kernal will have a cloud of accusations that it derived some of its functionality from Windows 2000 source. (Oh please...)

    I guess the ugly part is dealing with the feds out there who are intent on taking names and kicking ass... After all, it's a national emergency! Microsoft's code has been leaked!

    Feh.

    Many of us have woke up to the fact that you don't need Windows to accomplish your goals on a computer. While the rest of of us are trying to actually get something done with our computers (instead of updating them every 15 minutes), Microsoft is suddenly crying out "Thieves!". Just how does MS come up with these horribly written plot devices?

  37. The Immaculate Transmission by grouse · · Score: 4, Insightful
    Here's what Microsoft's press release on the inadvertent release says:
    [I]nvestigation has shown this was not the result of any breach of Microsoft's corporate network or internal security, nor is it related to Microsoft's Shared Source Initiative or its Government Security Program...

    Interesting. From this, one must conclude that either (a) Microsoft legitimately releases the code to others outside these two programs, but we don't know about it; (b) Microsoft has absolutely no idea how the source was released but is lying through its teeth claiming there was no security breach nor an unauthorized release from its shared source programs; (c) Microsoft leaked the code itself for nefarious purposes (e.g. destroying ReactOS).

    We report, you decide.

    1. Re:The Immaculate Transmission by Anonymous Coward · · Score: 2, Informative

      Microsoft's Shared Source Initiative is pretty new, the leak is said to be from Mainsoft, which has had access to microsoft source code since 1994.. so yes they have had other programs to give out source code

    2. Re:The Immaculate Transmission by Keeper · · Score: 2, Informative

      The source was taken from a computer owned (at least at one point) by Mainsoft.

  38. Re:Not normally pro Microsoft by Baron_Yam · · Score: 4, Insightful

    You're quite right - but there is a difference...

    Let's use the home metaphor - you live in a house in a neighbourhood built by "MS Homes". They are nice, comfortable homes, but the security system involves closing your front door with a plastic latch. Because the latch doesn't LOOK like plastic, everyone feels secure. Burglars, however, suspect there is an easy way in to the homes.

    Now, if none of the good guys examine the security and say, "Hey, maybe these latches should be steel", then eventually a bad guy will figure it out and your home is open for business.

    In such an event, if a good guy opened *a* front door on a *single* MS home, then posted a note in the local newpaper that maybe latches should be upgraded, I'd sleep with a shotgun until my latch was replaced. In the end, I'd have a safer home and know it. Without the good guy, I don't have a safe home, AND I'm unaware until a break in.

  39. Fun files in the Win2000 source code by Anonymous Coward · · Score: 3, Funny

    For anyone who has access to the Windows 2000 source code, check out the following files:

    win2k/private/windows/shell/control/bitmaps/std. bm p
    win2k/private/windows/shell/control/bitmaps/nt. bmp

    TEH FUNNAY!!!!1

    1. Re:Fun files in the Win2000 source code by Anonymous Coward · · Score: 2, Interesting

      enterp.bmp - a picture of the USS Enterprise D....i wonder what paramount will think?

  40. Is it just me... by Anonymous Coward · · Score: 2, Funny

    Or does it crack any of you up uncontrollably when someone says "source codes."

  41. Disgusted by Anonymous Coward · · Score: 2, Funny

    When I heard that some moron had stolen the source code I felt very upset for Bill Gates. That man has put his heart and soul into building up Microsoft in to the greatest company in America.

    What that pervert did is downright un-American, and I hope that in the fullness of time he is ashamed of his actions.

  42. Yep any p2p can track. by nurb432 · · Score: 5, Interesting

    Unless you use something like Freenet to download.

    But even there they can see your IP. There just is no way to prove it was you that did the request, or was just 'forwarding' the request thru your node....

    --
    ---- Booth was a patriot ----
  43. The Secret Coca Cola Formula Can Be Found Here: by Anonymous Coward · · Score: 3, Informative

    Coca Cola Formula

  44. Tools alone dont assume guilt by nurb432 · · Score: 2, Insightful

    The same 'tools' can be used for legit purposes, like if you are the security admin of a company..

    Its your JOB to make sure that you arent vunerable..

    But, you have to convince the jury of that....

    --
    ---- Booth was a patriot ----
    1. Re:Tools alone dont assume guilt by GooTi · · Score: 2, Interesting

      Its your JOB to make sure that you arent vunerable..

      You say that also to victims of rape or other crimes?

  45. Re:Not normally pro Microsoft by mgt · · Score: 2, Insightful

    True, but it was not developed as closed source and then made public over one night. Because that would not have been very smart, right...

  46. That particular case would hold up by nurb432 · · Score: 2, Insightful

    All you need is a jury, and explain you were doing something LEGAL, that turned out to be illegal due to the actions out of your control.

    ( this is assuming her recipes were not restricted from re-distribution of course ).

    It would be the same case if you went to a legit store ( like a pawn shop or antique store )..
    and bought an item in good faith that anyone would assume was legally theirs to sell...that later turned out to be stolen ..

    Sure, they take away the object, but you dont get arrested...

    This isnt a matter of 'ignorance' of the law, its a matter of intent beyond your control.

    That said, if you *kept* said mis-labeld file, then of course its minor to prove intent...

    --
    ---- Booth was a patriot ----
    1. Re:That particular case would hold up by FictionPimp · · Score: 2, Informative

      Oh thats not always true. I bought items from a guy I worked with, in front of my boss. Turned out 6 weeks later the boss found out he was stealing them. I imediatly called the police and explained I had bought items from him and did not know they were stolen. Their response was to charge me with accessory, because in my state, having stolen property is the same as stealing it, even if you do not know its stolen. I had to do 200 hours community service, and lost the items, and the case in civil court to get my money back.

  47. Re:Not normally pro Microsoft by __past__ · · Score: 5, Insightful
    But the source for Linux is available both for attackers and for white hats to find and fix bugs. If anyone would find a security problem in the leaked Windows code, they cannot simply send a patch to Microsoft - they would admit to have illegally obtained the code doing so.

    Open Source code is available for everyone. Only criminals can use the Windows code.

    --
    Programming can be fun again. Film at 11.
  48. Re:Idiot world by xanadu-xtroot.com · · Score: 3, Funny

    The Windows code on users' PCs is all compiled code.

    Not anymore...

    --
    I'm not a prophet or a stone-age man,
    I'm just a mortal with potential of a super man.
  49. According to BetaNews, Mainsoft is to blame.... by telstar · · Score: 4, Informative

    According to BetaNews, a company called Mainsoft is to blame. They allege that Mainsoft had access to the code in order to develop their Visual MainWin tool giving developers the ability to write Linux and Unix apps from within Visual Studio.

    1. Re:According to BetaNews, Mainsoft is to blame.... by telstar · · Score: 4, Informative
      Mainsoft had the following to say:

      • "Mainsoft has been a Microsoft partner since 1994, when we first entered a source code licensing agreement with Microsoft. Mainsoft takes Microsoft's and all our customers' security matters seriously, and we recognize the gravity of the situation.


      • We will cooperate fully with Microsoft and all authorities in their investigation.

        We are unable to issue any further statement or answer questions until we have more information.

        From Mike Gullard, Chairman of the Board, Mainsoft Corporation"
  50. That is the difference by Baron_Yam · · Score: 3, Interesting

    ...between the real world and the ideal world.

    First, get rid of the real bad guys. Once they are guarenteed to be gone, I'll support locking up anyone who enjoys 'testing' security on computers. Until then, they are a lesser evil made tolerable by their effect on the virulence of a greater evil.

    On a side note - how often do you think the locks on your doors help you? I have yet to see a residential door that would stop a good shoulder. My old house had a lovely steel door - in a thin wood frame that would split if you looked at it. Windows break if they can't be jimmied. Only once was my house ever entered because I didn't lock the door - and that was a new neighbour who was mortified that she'd entered the wrong house!

  51. Re:Goto's goto's goto's by Anonymous Coward · · Score: 2, Insightful

    There's nothing wrong with goto. You're just too influenced by Dijkstra's flamebait. Use it sometime... it's quite refreshing.

  52. Re:Not normally pro Microsoft by Thomas+Shaddack · · Score: 2, Insightful
    The worse for Microsoft, the better for the world.

    The more problems MS installations have, the higher the pressure for migrating away. The more systems migrated away, the higher heterogenity of the Net ecosystem, the higher overall resistance to platform-specific threats - and the higher pressure for compatible, standardized data-exchange formats; proprietary ones could then become a disadvantage instead of a lock-in advantage.

    The computer world needs to be pushed into different dynamic-equilibrium mode. The sooner, the better.

  53. Parent is funny, but possible TRAP by Anonymous Coward · · Score: 3, Funny

    DO NOT moderate the parent. Not up, not down, not sideways, nor in any way shape or form. If you mod the parent funny, it can be presumed that you have seen the files in question and have thus "illegally" accessed the leaked source code!

    It is not outside the logic of reason to think that Microsoft, the FBI, or someone else may force Slashdot to give up the records of anyone who modded the parent post. We all know that Microsoft has some astroturfies around here. Please DO NOT fall victim to a virtual sting operation...

  54. My pet hate... by sbaker · · Score: 3, Informative

    the source codes, or blueprints, Yuck! Please: Spokespersons from the FBI and people from the media - learn to say "code" not "codes". It's like the plural of sheep and hair is still sheep and hair. "codes" are encryption algorithms or something. And the source code for Windows is nothing like a blueprint. Source code is the actual thing we build - a blueprint is a guide for building the thing it describes. For software, the analogous thing to a blueprint would be something like a flowchart.

    --
    www.sjbaker.org
  55. handles? by immel · · Score: 2, Interesting
    "In one posting on the Web site Slashdot.org, someone using the handle "Monkelectric" asked if the leak could be a ploy by Microsoft to get users to upgrade from Windows NT and Windows 2000 to newer operating systems, perhaps to avoid an onslaught of security breaches. Other posters joked about Windows having gone open source."
    "Handles"? They talk about us like we're a bunch of malicious hackers! (That's almost completely incorrect, right comrades?) Can we at least be like civilized people and call them usernames or UIDs instead?
    --

    10 Bits= $.25
    100 Bits= $.50
    110 Bits= $.75
    1000 Bits= 1 byte
    1. Re:handles? by Mixel · · Score: 2, Funny

      At least the press uses "handles" and not "knobs"

  56. Re:Microsoft doesn't know how the source was relea by Weird+O'Puns · · Score: 2, Interesting

    The source code wasn't stolen from MS directly, but from some third party who had access to it?

  57. Re:Microsoft doesn't know how the source was relea by madpierre · · Score: 2, Interesting

    Presumably the security concept of tagging copies and recording
    who they issue them to hasn't occured to Microsoft. Their human
    resource department must go to extremes to employ morons. :)

    --
    siggy played guitar
  58. Re:Windows longhorn sourcecodes out there, too by phoenix321 · · Score: 2, Informative

    Don't download that and please spread the word to other forums: This is a fake!

    Can be verified by a glimpse at the partially downloaded files: every part-file just consists of text lines saying this:

    "Rar!Fake!Hahaha!"

    A zillion times of course. So don't waste your time & bandwidth for that. If in doubt, download the first parts to see for yourselves...

  59. Looking at the src by Anonymous Coward · · Score: 2, Interesting


    I'm surprised nobody has actually commented on the src here, maybe because they noticed the same thing I did - how good it is. /. has slammed M$ for their closed source/anti-socialist practices crediting the quality of their security/code. Stepping into this zip I expected pure crap code, written in a very hap-hazard fashion when the developer who wrote it, under intense pressure to pump out lines, hastily slapped together some functionality leaving security vulnerabilities in his wake. What I found was quite the contrary - THIS CODE IS CLEAN. Well written, well formatted, well commented. I'd venture that the majority of this code put side by side with Linux's kernel src would put Linus to shame. I'm curious what other folks are finding and their impressions?

    1. Re:Looking at the src by Anonymous Coward · · Score: 2, Informative

      Go look in /shell. Lots of messy code there.

  60. Coke Minus Cocaine But With Coca Derivatives? by handy_vandal · · Score: 3, Interesting

    Ever try reading the back of the coke bottle? They used have cocain in it, but had to remove it.

    As I understand it (sorry I forget where I read this), although cocaine was removed from the formula, Coca-Cola continued to use other flavoring agents from the coca plant for some time (although I gather that today's Coke uses no coca derivatives whatsoever).

    So ... they were harvesting coca plants ... extracting some coca derivatives, BUT NOT THE COCAINE ... really makes me wonder what happened to all that cocaine ....

    -kgj

    --
    -kgj
  61. Press Release by gagy · · Score: 2, Informative

    Microsoft finally has something to say about this.

    --
    -I DDoSed your mom.
  62. Re:Precompiled code by Anonymous Coward · · Score: 2, Informative

    As I understood it. They (mainsoft, microsoft or whoever) published source code (not source codes but code!). Souce code is something that looks like:

    while(lax_us_laws && sheep_like_users)
    {
    find_devices();
    find_software();
    secretly_report_back_to_redmond();
    }
    ... the compiler turns this source code into assembly language, something that looks like:
    mov 0AH, 0x085a
    inc 0AH
    sub 0B
    jmp 0x05a


    ...the linker turns the assembly into:
    01001110000010101000010101110101011010101010

    So no, they didn't get pre-compiled code (pre-compiled code is assembly language software like the middle step above) so that is a lie (but like so many other things, journalists get very important technicals wrong, publish, and the clueless repeat what they read (and we all suffer).

  63. there is no half of globalization by axxackall · · Score: 5, Insightful
    Oh, that's easy: have your friend in Russia to give you stunnel address and enjoy how FBI is weak attempting to figure out anything about IP address in Russia. Or China. Well, actually in many countries.

    I said it before and I'll say it again: the globalization MUST be improved. If they want investigations across the borders - they have to remove the borders. That include the freedom to trade across the borders, the freedom to hire across the borders, the freedom to ELECT across the borders, the freedom to immigrate across the borders.

    You don't wanna give that freedom to people? Enjoy your useless attempts to sue DVD hackers in Norvey and find IP addresses in Russia.

    Remember: there is no such thing as "half of globalization". It either exists givig equal opportunities and freedoms to everyone, or it doesn't exist at all.

    --

    Less is more !
  64. Blueprint not a bad metaphor by tjstork · · Score: 2, Informative

    A blueprint is a set of instructions one gives to builders to make a building or a ship. In that sense, source code is a blueprint and the builders happen to be the compiler and the linker or interpreter.

    --
    This is my sig.
  65. Coke Adds ... Something (not sure what) by handy_vandal · · Score: 2, Interesting

    A very high yield coca plant will have 1.5% of its weight as coca, with a normal coca plant at less than .5%. I think Coca-Cola used/uses coca plants that have very little coca in them, so there is less to remove. What is removed isn't actually cocaine, but a precursor to cocaine base (which isn't coke yet either). I was under the impression however that the Coca-Cola company STILL uses the coca plant for flavoring, and they are the only company in the US that can legally import the coca plant. The process is kept quite secret, primarily to prevent threat and/or scandal.

    Even with a low-cocaine coca plant, given how much Coca-Cola gets bottled and sold every second of the day, 24/7, around the world ... I can't help but picture mountains of cocaine precursor ... of course, that's an "industrial waste by-product" ... the company probably, uh, burns the stuff ... or dumps it at sea ... yeah, that's it: mountains of cocaine precursor, dumped at sea every day.

    In any case, Coca-Coca has no shortage of scandals to deal with, e.g. alleged CIA connections, screwing Bob Kolody, etc....

    -kgj

    --
    -kgj
  66. Don't even think about it. by nberardi · · Score: 2, Insightful

    Just a reminder to anybody out there that is doing any kind of development for anything, don't even look at the code because if you do and you are caught, any of your work from this point on can be considered property of Microsoft. If you don't think this would happen look at IBM and SCO. And I doubt any of you have enough money to take on Microsoft, even the DOJ failed, so what chance do you have.

  67. DMCA in full effect by Anonymous Coward · · Score: 5, Interesting

    you may receive a letter like the one below if you pull the file off of edonkey (Windows.source.code.w2k...). this is kind of ironic, because the file downloadeed was a fake.

    > Hash: SHA1
    >
    > J.K. Weston
    > Microsoft Corporation
    > One Microsoft Way
    > Redmond, WA 98052
    > jkweston@microsoft.com
    > Tel: (425) 703-5529
    >
    >
    >
    > URGENT/IMMEDIATE ATTENTION REQUIRED
    > VIA ELECTRONIC MAIL
    >
    > Re: NOTICE OF POTENTIAL UNLAWFUL DISTRIBUTION OF MICROSOFT SOURCE CODE AT:
    > xx.xx.xx.xx
    > Date of Infringement: Detail below.
    >
    > Dear xxxxxxxxxx:
    >
    > We have received information that one of your users as identified above by
    > the SITE/URL xxxxxxxxx may have engaged in the unlawful distribution
    > of Microsoft's source code for Windows 2000, and/or Windows NT4, by
    > distributing and offering for download these source code files via a
    > peer-to-peer network.
    >
    > Since you own this IP address, we request that you take appropriate action
    > against the account holder under your Abuse Policy/Terms of Service
    > Agreement.
    >
    > We also kindly request that you forward this notice promptly to the user
    > of the IP address listed above at the time and date stated.
    >
    >
    >
    > To the user at xx.xx.xx.xx:
    >
    > The unauthorized copying and distribution of Microsoft's protected source
    > code is a violation of both civil and criminal copyright and trade secret
    > laws. If you have downloaded and are making the source code available for
    > downloading by others, you are violating Microsoft's rights, and could be
    > subject to severe civil and criminal penalties.
    >
    > Microsoft demands that you immediately (1) cease making Microsoft's source
    > code available or otherwise distributing it, (2) destroy any and all
    > copies you may have in your possession, and (3) provide us any and all
    > information about how you came into possession of this code.
    >
    > Microsoft takes these issues very seriously, and will pursue legal action
    > against individuals who take part in the proliferation of it source code.
    > We look forward to your prompt cooperation. Should you need to contact
    > me, I can be reached at the address above or at jkweston@microsoft.com.
    >
    > Very truly yours,
    > By
    > J.K. Weston

  68. Blueprints? by ScrewMaster · · Score: 2, Interesting

    Is anyone else fed up with articles constantly referring to source code as blueprints? I think the analogy has been overused to the point where it isn't necessary anymore.

    --
    The higher the technology, the sharper that two-edged sword.
  69. Re:Microsoft doesn't know how the source was relea by Keeper · · Score: 3, Interesting

    They do know where the source was taken from. Files in the archive being passed around indicated that the computer was owned by an exec at Mainsoft. Add, in a nice ironic twist, the computer was a linux box ...

    http://www.eweek.com/article2/0,4149,1526831,00. as p

  70. Re:Windows AQ by nick+this · · Score: 2, Informative

    It was always possible to do that. Just dump the exports of a .dll, make a new .dll with the same exports that merely hands them off to the old .dll.

    Insert whatever code you want before and after handoff to the old .dll. This was all trivially doable before, although its harder now with the File Protection crap in 2k and newer.

    It still comes down to the same thing. If you are running a binary system that's not signed with a trusted key, you are vulnerable. Period. This is as true with Linux as it is Windows. Access to source doesn't change anything.

    Besides, if you are running Windows, some terrorist plot to subvert your machine is the least of your problems. Trying to not get infected, 0wn3d, and bluescreened twice a day is a much larger concern. If you are running Windows, you clearly don't care about security anyway.

  71. Speaks volumes about our society by Aslan72 · · Score: 4, Insightful
    I hope this doesn't sound too conspiracy-theory oriented, but I find it interesting the amount of pull MS has in our society now. We're talking about a product that, for all purposes, is still a product and yet the verbage that I've seen on it makes it sound like someone just gave out a key national secret.

    Granted, we have so much riding on Windows that it being compromised is akin to loosing a national secret, but who is to blame here? If we lean so much on MS's code being secure, why are people storing data on there that could be a probem if the system was hacked?

    --pete

  72. Re:Sux0rz. by You're+All+Wrong · · Score: 2

    Wrong. They chose, in the wonderful free market that MS resides in, to buy Windows. I, as a non-windows user feel the brunt by having hundreds of viruses dumped through my DSL and into my mail program.
    If this thing causes chaos, then the windows users are _part of the problem_.

    The buck? Sure, that's stops at Microsoft, there's no denying that.

    YAW.

    --
    Your head of state is a corrupt weasel, I hope you're happy.
  73. Stupid article by danila · · Score: 3, Interesting

    I hate stupid people. This journalist is stupid. I hate this journalist.

    An FBI task force hunted today for a cyber-criminal who posted on the internet source code for Windows, the jewels of Microsoft's software empire.
    It hunted today, huh? Did they ride on horses when hunting? Will they stop hunting tomorrow? BTW, what the hell is "cyber-criminal"? And since when copyright violation is a crime? And didn't that idiot know that Windows is the brand for an OS, thus it's not really plural, so it would be jewel, not jewels.

    In jeopardy is Microsoft's near-monopoly on operating systems found on 90 per cent of the world's personal computers.
    How exactly is the near-monopoly in jeopardy? And while we are trying to understand the sentence, is the near-monopoly found on 90% of computers or is it the monopoly on Windows (i.e. the OS on 90% of computers)?

    "I can confirm that" the Northwest Cybercrime Task Force was investigating, FBI spokeswoman Robbie Burroughs said.
    What? Confirm WHAT??? Or, the quotation marks moved by themselves, never mind...

    "Microsoft source code is both copyrighted and protected as a trade secret," the company said in a statement posted on its website today.
    At least he managed to copy-paste the quote... I can't understand what "Microsoft source code" is, though...

    "As such, it is illegal to post it, make it available to others, download it or use it.
    The quote continues, but the ending quotation marks are missing... As for the MS press release, I really like them saying that it is illegal to make the Windows source code available to others. What did they just do? :) OK, they forgot to add "without permission from the copyright owner".

    The posted program is part of the source codes, or blueprints, for Windows 2000 and Windows NT 4.0, according to the company.
    Pluralisation again... Are the source codes similar to cheat codes in any way? The last time I checked it was code. And saying "or blueprints" sounds really stupid. Really. Nobody uses blueprints for software. :)

    Counterfeiters have been trying to get their hands on Windows source code for years. So have computer activists who say that programs could be made to work better with Windows if the source code were public.
    Oh, brilliant! I bet counterfeiters didn't knew what they were trying to do all that time. I though they were trying to duplicate CDs MS was openly selling in retail stores, sometimes cracking the copy-protection. Well, now that they got the source code they must be happy and probably will stop counterfeiting. :) And I would really like to know who the hell are these activists? What, "Americans for cleaner code" or "C coders for forward compatibility"? And he messed up the plurals again. It's source code now, but it "were public"...

    Microsoft said that its own security had not been breached by whomever did the posting, nor was it released by a series of companies and governments with whom it shares the source code for the purpose of building software to work with Windows.
    What the fuck? Let me ponder the absurdity of this sentence for a second. The code neither came directly from MS machines, nor did it come from the series (what series?) of companies and governments who had the code? If I wasn't sure that the journalist is a total moron, I would presume he suspects universities or research institutes, the only remaining category, which was not vindicated. :) But since he is, let me just say that nothing like that was written in the MS press release. What MS claimed was that its internal security was not broken (the external security obviously was) and the code didn't leak via two specific programs - Microsoft?s Shared Source Initiative and Government Security Program.

    In any case, Mi

    --
    Future Wiki -- If you don't think about the future, you cannot have one.
    1. Re:Stupid article by _vapor · · Score: 2, Informative

      And he messed up the plurals again. It's source code now, but it "were public"...

      The writer's use of "were" is correct here. It is the past subjunctive form of "to be", used mostly in "if" clauses and to express hypotheticals.

      See The American Heritage(r) Book of English Usage for details.

      --
      www.poak.net
  74. Taxation without Representation by Opiuman · · Score: 2, Interesting

    The action of your president affect me every day but I have no influence over his election.
    See my subject and figure out if it feels familiar.

  75. Re:What about the source files with no copyright by CaptainTux · · Score: 2, Informative
    What this means is that most of the source code to Windows Explorer, and Internet Explorer are now effectively public domain.

    No, that isn't true. Under U.S. copyright law you own the copyright to something the minute it is created. If I write a song and never register it with the copyright office I still own the copyright and I can still sue over the unauthorized use of my work. Not placing a copyright notice makes it *difficult* to prove ownership but it doesn't make it impossible and it certainly doesn't mean it's now in the public domain.

    Additionally, do you really think that Microsoft (or any company in a similar situation) wouldn't simply go in and *add* the copyright notices to their source? It's a trivial matter and who do you think law enforcement will believe: a multi-billion dollar company who says "it was there all the time" or somebody who stole their code and is trying to save themselves from an IP suit? One of the most important things anyone in this situation can do is NOT to underestimate Microsoft. Multimillion dollar companies have done so in the past and many of them are no longer around. How do you think the average hacker will fair?

    --
    Anthony Papillion
    Advanced Data Concepts, Inc.
    "Quality Custom Software and IT Services"
  76. Murray Gell-Mann Amnesia effect. by Threni · · Score: 4, Interesting

    Yeah, but you can over analyze the media. Usually it's less than worthless.

    Check this out:

    http://www.crichton-official.com/speeches/speech es _quote03.html

    Media carries with it a credibility that is totally undeserved. You have all experienced this, in what I call the Murray Gell-Mann Amnesia effect. (I refer to it by this name because I once discussed it with Murray Gell-Mann, and by dropping a famous name I imply greater importance to myself, and to the effect, than it would otherwise have.)

    Briefly stated, the Gell-Mann Amnesia effect is as follows. You open the newspaper to an article on some subject you know well. In Murray's case, physics. In mine, show business. You read the article and see the journalist has absolutely no understanding of either the facts or the issues. Often, the article is so wrong it actually presents the story backward--reversing cause and effect. I call these the "wet streets cause rain" stories. Paper's full of them.

    In any case, you read with exasperation or amusement the multiple errors in a story, and then turn the page to national or international affairs, and read as if the rest of the newspaper was somehow more accurate about Palestine than the baloney you just read. You turn the page, and forget what you know.

    That is the Gell-Mann Amnesia effect. I'd point out it does not operate in other arenas of life. In ordinary life, if somebody consistently exaggerates or lies to you, you soon discount everything they say. In court, there is the legal doctrine of falsus in uno, falsus in omnibus, which means untruthful in one part, untruthful in all. But when it comes to the media, we believe against evidence that it is probably worth our time to read other parts of the paper. When, in fact, it almost certainly isn't. The only possible explanation for our behavior is amnesia.

  77. Re:Where was it First Posted anyway ? by crabpeople · · Score: 2, Funny

    "Any idea, anyone ?"

    you wont fool us mr FBI agent!

    --
    I'll just use my special getting high powers one more time...
  78. Would somebody please tell me by AnalogDiehard · · Score: 4, Insightful

    why it takes less than six days for M$ to be hot-n-heavy on the trail of the source of the leak while it takes M$ six months to patch a serious security vulnerability in their source code?

    --
    Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
  79. Re:well... (faking ip address) by kir · · Score: 2, Interesting

    Actually you can fake you IP partially (at least in ethernet). Just pick IP belonging to same local subnet so that trafic gets routed to your subnet and then grab packets with that IP.

    Actually, you cannot do that. BT is TCP. The machine with the IP you're borrowing would never allow a TCP handshake to complete. RST RST RST If you used an IP that isn't being used, a good ISP wouldn't allow you out as there is no DHCP/PPPoE "lease".

    Unless...

    In practice, it's good idea to wait till some machine is down and then use temporarily free IP. This only works 100% if you know exactly when machine/IP will be down (so it cannot see trafic you generated) and if you can change your card's ethernet address to be also correct. One could also scan constantly to check if rightful owner of IP has become online again but in ethernet everyone can see the scanning.

    ...that's what you were saying here. I'm not being dick, I just don't understand what you meant.

    --
    3cx.org - A truly bad website.