Slashdot Mirror

← Back to Stories (view on slashdot.org)

Did Microsoft Borrow GPL Code For a Windows 7 Utility?

Posted by Soulskill on from the free-as-in-gimme dept.

Goatbert writes "Rafael Rivera over at WithinWindows.com has found evidence that Microsoft has potentially stolen code from an open source/GPL'd project (ImageMaster) for a utility made available on the Microsoft Store to allow download customers to copy the Windows 7 setup files to a DVD or USB Flash Drive. If Rivera's evidence holds up, this could be some serious egg in the face for Microsoft at a time when they're getting mostly good press from the tech media."

6 of 493 comments (clear)

  1. Let's see... by Anonymous Coward · · Score: -1, Offtopic

    ...who the FUCK cares?!?

  2. In other news... by jayme0227 · · Score: 0, Offtopic

    Goatbert engages in anal stretching. My evidence: the names are very similar.

    Wait, you mean similarities DON'T mean that they are the same thing? Damn. I thought I was on to something.

    --
    But then I realized the cable was blue, so I only gave it one star. I hate blue.
  3. Re:Knee jerk by X0563511 · · Score: 1, Offtopic

    Mod up! This particular problem has survived too damn long.

    --
    For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
  4. Re:Knee jerk by Blakey+Rat · · Score: 1, Offtopic

    Well you can submit a bug on Slashcode, but Slashdot never reads them or fixes them. I have ones in there over 2 years old that have never even been triaged.

    It reminds me of this MST3K bit: http://www.youtube.com/watch?v=pVvr9f-Z5u0 "Slashdot developers? They just do not care."

    --
    Comment of the year
  5. ForeDecker, step inside please... thanks! apk by Anonymous Coward · · Score: -1, Offtopic

    Foredecker, per my subject-line above - Please answer on these following points, thanks (I would like answers on what you folks @ MS plan to do, in regards to points 1- 2 a & b):

    Per -> http://slashdot.org/comments.pl?sid=1429510&threshold=-1&commentsort=0&mode=thread&cid=29967174

    ----

    1.) TELL US WHY ROOTKIT.COM SAID THIS BELOW (who published code that shows how to EASILY "unhook" the new NDIS6 firewall in VISTA, Windows Server 2008, & Windows 7 no less) & why they said this:

    http://www.rootkit.com/newsread.php?newsid=952

    PERTINENT EXCERPT/QUOTE:

    "BTW, the firewalls based on NDIS v6, which was introduced in Windows Vista, are much easier to unhook and bypass."

    (AND, more importantly, since you claim to be a senior development mgr. @ Microsoft, what you plan to do about it (or, if you plan to @ least investigate their claims @ least - because this is only to POINT THIS OUT TO YOU PEOPLE @ MS, & up to you to @ least "check it out", as to the veracity of it... thanks!))

    I am pointing this out to you, based on their claims @ ROOTKIT.COM and for the fact the seemingly provide actual exploit code for "unhooking" (making useless) the firewall(s) designed based from NDIS6... please, look into it, or @ least give us an idea of your intent in regards to this. Thanks.

    &

    2.) Give us a SOLID answer to why 0 was removed in HOSTS then, because in HOSTS files:

    a. 127.0.0.1 or even 0.0.0.0 HOSTS files only, vs. 0 blocking "IP" based ones, only makes for larger slower HOSTS file loads into memory (be that the local DNS client, or diskcache even) & using hosts thus, speeds you up online as well as a bonus for speed (see Mr. Oliver Day below as well as myself on THIS note) , not only yielding one more safety online (by blocking adbanners which have been shown to harbor malware, or isn't this indicative of that -> Anti-malvertising.com? and in doing so, you also gain speed by not downloading or calling out to said adbanner servers also) and, HOSTS also provide another option for more speed, by allowing a user to optionally also speed ones' self up online as well, by allowing one to hardcode in one's favorites to avoid potentially compromised DNS servers (ala Dan Kaminsky proof thereof!) or, even allows a user to avoid being logged on a DNS request log theoretically @ least I would think

    (AND, sure: An ISP/BSP can check where you went, & so can anyone because of the top-level domain that maintains the reverse DNS request lookup tables, & a ping or traceroute does the rest of the job, but this makes it harder to do by "the infamous they" is all, in hardcodes of favs & avoiding DNS server request logs potentially).

    AND

    b. HOSTS also make you SAFER online, not as much CPU + other forms of I/O burning use needed, vs. things like local DNS servers, or other forms of OS level/IP stack level filtering &/or caching solutions do...

    (As seen in more complicated filter like iptables in Linux for example: Yes, no cpu burned there either, but that's just more complex than editing a text file like HOSTS is)

    Nor does using a HOSTS file with favorites/bookmarks hardcoded involve communicating with a potentially compromiseable DNS server that definitely use more RAM in a local DNS program being used by a user, vs. a HOSTS file, as well as other forms of IO + CPU usage (as much, or more, than a HOSTS in a local diskcache or DNS local client cache would).

    Using HOSTS files, YOU can also, for safety, EASILY "Block out" known bad servers using HOSTS files, for security!

    (From RELIABLE lists, that are easily found from Dancho Danchev of ZDNet, stopbadware.org, or even Spybot Search & Destroy + WIKIPEDIA even)

    1. Re:ForeDecker, step inside please... thanks! apk by Anonymous Coward · · Score: -1, Offtopic

      There's no accuation: Only what ROOTKIT.COM found, & put out code for (that easily unhooks the VISTA/Server2008/Windows 7 firewall) that I am warning Microsoft about here in fact, which is all that is plus notice they ought to look into it (foredecker says he is a dev mgr there @ MS is why I am stating it here)

      AND

      There IS also what I can PROVE (&, so can any coder) & easily, is a mistake on MS' part, with HOSTS files no longer being able to use the smaller, faster, & more efficient "0 blocking IP address" in a HOSTS file (vs. the larger & slower 0.0.0.0 + worse yet, the "loopback adapter" default in 127.0.0.1) anymore in VISTA after 12/09/2008 "MS Patch Tuesday" & neither can Windows Server 2008, OR Windows 7... strangely, Windows 2000/XP/Server 2003 still can though.

      This disallowance of 0 as a blocking IP Address in a HOSTS file?

      This is, for all I can see really, INTENTIONAL bloat in both RAM + on DISK!

      (AND, it is slower to read up from, from disk, into memory (be that the local DNS client, or into a diskcache such as the native logical filesystem driver based caching one in modern NT-based OS))

      That is simply because this being forced to use the larger/longer 127.0.0.1 or 0.0.0.0 alternate blocking IP addresses results in HOSTS files that use 127.0.0.1 being:

      ----

      A.) 127.0.0.1 based HOSTS files are, line by line and in total file size, around 50% larger than 0 based HOSTS files are.

      and

      B.) 0.0.0.0 based HOSTS files are, line by line and in total file size, around 30++% larger than 0 based HOSTS files are.

      ----

      A load into a listbox, or a line-by-line read load into a file or memory from a program doing a WHILE loop, reading each character in each line until CR+LF is hit as the line terminator & UNTIL the EOF (end-of-file filemarker trailer record) is encountered, is the way to test this, with a hi-resolution multimedia timer.

      (I.E.-> 127.0.0.1 is 8 bytes per line larger, & 0.0.0.0 is 6 bytes larger, per line, than using 0 as you blocking "IP address" & they both produce far larger files than one another, respectively, until you use 0 & get a file that offers the same protections for safety online, and the potential speedups + reliability gains as well if one wishes via optional hardcodes of your fav sites into one, or, via blocking adbanner servers (they have been shown to harbor malwares many times)).

      And, which mind you, using 0 as a blocking ip address in a HOSTS file, is completely legit to do, in using 0 as a smaller+faster&more efficient "IP domainname/hostname blocker" in a HOSTS file for... that is because ping'ing any site blocked thus in a HOSTS file with a preceeding 0? It returns 0.0.0.0 on a ping of a site blocked by using 0 in front of it to block it, set thus in a HOSTS file.

      Thus it is LEGAL TO USE!

      (AND, using a 0 in a HOSTS file as a blocker for bad sites or servers still works in 2000/XP/Server 2003 too)

      Using 0 in HOSTS files produces a smaller, faster, & more EFFICIENT HOSTS FILE... period!

      (AND funniest part is this: Microsoft only added it in a service pack somewhere in Windows 2000 SP#1-SP#4, because I know, for a fact, from having setup Windows 2000 for a pal of mine recently, that the BEST IT COULD USE FOR EFFICIENCY/SMALLER FILESIZE/MORE SPEED, was 0.0.0.0 (vs. 127.0.0.1) pre-service packs for Windows 2000, & that 0.0.0.0 in a HOSTS file was the best Windows 2000 could do, prior to Service Packs for it, OUTTA THE BOX/OEM INSTALL CD issued by MS... so, they saw it as a good/legit thing to use by allowing it in a service pack for Windows 2000 up until VISTA on 12/09/2009. So, why the heck pull it now?)

      Especially when it shows it can provide the same valuable security function, for less??

      APK

      P.S. => So, "that all said & aside"??? Well - "LESS IS MORE" here, & "SIZE MATTERS" (because 'dynamite comes in smaller packages')... on HOSTS files, & MS needs to look @ their DNS client cache too (it lags the system bad with larger HOSTs files also) as well... apk