Microsoft Opens Source Code To KGB's Successor Agency

← Back to Stories (view on slashdot.org)

Microsoft Opens Source Code To KGB's Successor Agency

Posted by timothy on Friday July 9, 2010 @12:00AM from the we'll-trade-for-american-spyware dept.

Jack Spine writes "Microsoft has struck a deal with the Russian government which will give the FSB, successor to the KGB, access to the source code for Windows 7, among other products. The agreement is an extension of Microsoft's Government Security Program, according to a source with links to the UK government."

187 comments

security holes of releasing source code by Anonymous Coward · 2010-07-09 00:02 · Score: 5, Insightful

yay, so now the Russians will know all the holes in Windows 7 and how to exploit them, no?
1. Re:security holes of releasing source code by TheRaven64 · 2010-07-09 00:05 · Score: 5, Interesting
  
  They've already provided it to the Chinese (and the British, not sure who else). That means that the Russians and Chinese can look for and exploit holes in Windows. Last I heard (which, admittedly, was around 2002), the source code that they provide is not enough to build a complete Windows system, and the license does not permit building it, only reviewing it, so this only lets you find (but not fix) accidental flaws, not malicious ones.
  Basically, they get all of the disadvantages of open source security, but none of the advantages.
  
  --
  I am TheRaven on Soylent News
2. Re:security holes of releasing source code by AlexiaDeath · 2010-07-09 00:07 · Score: 1
  
  Yep. And you don't because you are not given the source. Giving the source to some people is considerably more dangerous than not giving it to anybody, because the ones with the source have an advantage over everybody else in finding exploits and particular reason to disclose them...
3. Re:security holes of releasing source code by roystgnr · 2010-07-09 00:11 · Score: 5, Funny
  
  Yeah, but Russia probably signed the same "We promise to hack Google first" agreement that China did, so from Microsoft's perspective it's win/win.
4. Re:security holes of releasing source code by Vectormatic · 2010-07-09 00:12 · Score: 1, Insightful
  
  Last I heard (which, admittedly, was around 2002), the source code that they provide is not enough to build a complete Windows system, and the license does not permit building it, only reviewing it, so this only lets you find (but not fix) accidental flaws, not malicious ones.
  What use is it anyway then? I gather the russians (and brits, americans, chinese) want to be able to fully review the software in order to clear it for national security, what would be the point of only getting 90% of the code, and being allowed to build from it?
  i'd say a specific linux build for national security sensitive applications is in order, in every country which might want to stop the US or MS from spying in their stuff (which is everyone, including the US themselves)
  
  --
  People, what a bunch of bastards
5. Re:security holes of releasing source code by cappp · 2010-07-09 00:12 · Score: 4, Informative
  
  Russia is just being added to a rather long list of countries in this regard. Playing a little link-hopping tells us that both NATO and 30 countries (including the UK) have made similar deals with Microsoft albeit in refence to older technology. I would assume that all of those entities have similar updates to their agreements.
6. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 00:23 · Score: 2, Interesting
  
  The point of it is being able to review certain critical parts, for instance many of the governments require cryptographical reviews before an OS can be used by certain sections of the government and this sort of code access allows that. The intention is not for a government to go trawling through the entire source trees but to instead allow them review code that is necessary to follow whatever guidelines and legislation is applicable for that country. Do you really think most countries have any interest in reviewing all the code in windows? or even in linux or any other OS for that matter? the size of such a task would be beyond belief and a constantly moving target.
7. Re:security holes of releasing source code by aliquis · 2010-07-09 00:24 · Score: 1
  
  Basically, they get all of the disadvantages of open source security, but none of the advantages.
  ?
8. Re:security holes of releasing source code by jcwayne · 2010-07-09 00:40 · Score: 0
  
  Basically, they get all of the disadvantages of open source security, but none of the advantages.
  There are NO disadvantages to open source security! Take that back, you big meanie!
  
  --
  Failure to follow this advice may result in non-deterministic behavior.
9. Re:security holes of releasing source code by General+Wesc · 2010-07-09 00:40 · Score: 1
  
  Basically, they get all of the disadvantages of open source security, but none of the advantages.
  ?
  People can find security holes and exploit them, but they can't find security holes and fix them. (They can, however, find security holes and report them, so...)
10. Re:security holes of releasing source code by mlts · 2010-07-09 00:41 · Score: 4, Interesting
  
  Isn't it coincidental that the Chinese intelligence who received the source code suddenly had a lot of new Windows based 0-days and used them against US companies, Google mainly?
  The blackhats have the source and can look for bugs and errors that they can exploit at will. The whitehats have to guess or blindly firewall, hope that there are no remote exploits, and put a lot of resources into perimeter security.
  Maybe this is just another impetus for people and companies to move to UNIX based operating systems. Even a closed source offering like HP-UX or OS X (the pieces that are not open-sourced in Darwin or elsewhere) has been around such a long time that glaring show-stopper bugs are rare, and are usually limited to local exploits. This isn't to say things are perfect, but an exploit from remote like ssh is extremely rare on the UNIX side. To boot, UNIX variants have been getting a lot better at security, having ASLR, DEP, SELinux/AppArmor security policies, and other items to limit damage and spread of compromised code.
11. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 00:44 · Score: 0
  
  The licence also doesn't permit pirating window either, guess what the chinese do
12. Re:security holes of releasing source code by PopeRatzo · 2010-07-09 00:47 · Score: 1
  
  i'd say a specific linux build for national security sensitive applications is in order, in every country which might want to stop the US or MS from spying in their stuff (which is everyone, including the US themselves)
  And what if you want to stop China, Russia or Google from "spying on your stuff"?
  
  --
  You are welcome on my lawn.
13. Re:security holes of releasing source code by aliquis · 2010-07-09 01:04 · Score: 1
  
  Imho finding them / being aware of them would be an advantage, regardless of what's happening, atleast as far as the open-source model goes.
  For them to be exploited by others, yeah, but I guess in the government cases they most likely see it as an advantage to be aware of them ..
  I think it's hard to argue that still being exploitable and have the flaw but not being able to tell because you haven't got the source would be worse.
  And I thought being able to look for flaws was an advantage, maybe even so than having the maintainer accept any fixes or whatever.
  And I assume Microsoft would want to fix things if people reported them in.
14. Re:security holes of releasing source code by elrous0 · 2010-07-09 01:07 · Score: 2, Insightful
  
  so now the Russians will know all the holes in Windows 7 and how to exploit them, no?
  Them and every other hacker on the planet.
  
  --
  SJW: Someone who has run out of real oppression, and has to fake it.
15. Re:security holes of releasing source code by datapharmer · 2010-07-09 01:08 · Score: 3, Insightful
  
  i'd say a specific linux build for national security sensitive applications is in order
  Try setting SE Linux to "enabled".
  
  --
  Get a web developer
16. Re:security holes of releasing source code by NotBornYesterday · 2010-07-09 01:16 · Score: 1
  
  And I assume Microsoft would want to fix things if people reported them in.
  And you would be wrong a lot. (One of many; Google is your friend, finding others is an exercise left to the reader.)
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
17. Re:security holes of releasing source code by pandrijeczko · 2010-07-09 01:19 · Score: 3, Funny
  
  and the British, not sure who else
  Indeed, old chap. And we will tip our bowler hats at you when we've stopped having a jolly good laugh at it.
  "Gor blimey, luv-a-duck, Mary Poppins! 'av ya seen the state of those header files for Minesweeper!"
  
  --
  Gentoo Linux - another day, another USE flag.
18. Re:security holes of releasing source code by NotBornYesterday · 2010-07-09 01:20 · Score: 2, Interesting
  
  I wondered why they bothered with Windows at all, given their previous movement towards Red Flag Linux. I wonder if they did so just to find the vulnerabilities ...
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
19. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 01:27 · Score: 0
  
  "enforcing"
  Enabled is not an option, disabled and permissive are ;)
20. Re:security holes of releasing source code by dintech · 2010-07-09 01:29 · Score: 2, Funny
  
  Yes, but I'm looking forward to Vindows 7.
21. Re:security holes of releasing source code by v1 · 2010-07-09 01:44 · Score: 1
  
  They've already provided it to the Chinese (and the British, not sure who else).
  I'm sure the US Govt has had it LONG since before those guys. One of those "but under the Patriot Act, we don't have to TELL you" kinds of things I'm sure. It's like a rootkit for the Constitution.
  
  --
  I work for the Department of Redundancy Department.
22. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 01:45 · Score: 0
  
  > yay, so now the Russians will know all the holes in Windows 7 and how to exploit them, no?
  No, that's what M$ wants the Russian government and naïve folks to believe.
  To the US government, the talks and code are somewhat different, I suppose (I also am not entitled to know "what really happened").
23. Re:security holes of releasing source code by Vectormatic · 2010-07-09 01:51 · Score: 1
  
  The same, i was implying that since MS is US based, the various TLAs from the US have the best chances of acquiring a back door into windows
  Sure, russia et all might be able to find a peephole in their limited view of the source, but if there are any real TLA backdoors, they will be in the parts the russians dont get
  
  --
  People, what a bunch of bastards
24. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 01:55 · Score: 0
  
  And what if you want to stop China, Russia or Google from "spying on your stuff"?
  http://www.openbsd.org/
  http://www.sun.com/software/solaris/trustedsolaris/index.xml
25. Re:security holes of releasing source code by MikeBabcock · 2010-07-09 02:00 · Score: 1
  
  The idea isn't to find bugs, but to validate that there aren't back doors (at the behest of the NSA for example). However, without being able to build it, you can't tell if this really is the source code to the version of Windows you're running or not. A build test with a binary comparison would be a real assurance.
  
  --
  - Michael T. Babcock (Yes, I blog)
26. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 02:11 · Score: 0
  
  Parent is twitter.
  That is all.
27. Re:security holes of releasing source code by mlts · 2010-07-09 02:13 · Score: 1
  
  I'm sure that MS wants the countries to both get tough on piracy, and sign onto ACTA, so throwing them a bone by giving them the source code access makes perfect sense.
28. Re:security holes of releasing source code by morgan_greywolf · 2010-07-09 02:19 · Score: 5, Insightful
  
  Do you really think most countries have any interest in reviewing all the code in windows?
  
  If you can't compile the code into a working binary using the same compiler that was used to produce the production binary because you're missing parts, then you can't be sure that the source code you have represents the binary you're using. You have take Microsoft's word for it, and it's not like the rep you're talking to is the actual guy who manages the build, so even he doesn't actually know for sure.
  An incomplete set of source is absolutely useless for a true security audit.
  
  --
  My blog
29. Re:security holes of releasing source code by origin2k · 2010-07-09 02:23 · Score: 1
  
  You don't need the source code to find holes to exploit! In fact some security researchers only care about having the released binaries. For more information read "Hacking: The Art of Exploitation". IIRC it has something to do with the fact that different; compilers, versions of same compiler, options to same compiler can all generate different binaries. So to truly exploit the code you need to know what instructions actually made it into the binary that people are using. That is why tools like IDA Pro are so useful.
30. Re:security holes of releasing source code by Robert+Zenz · 2010-07-09 02:37 · Score: 1
  
  ...guess what the chinese do
  Using Linux?
31. Re:security holes of releasing source code by Serious+Callers+Only · 2010-07-09 02:40 · Score: 1
  
  Imho finding them / being aware of them would be an advantage
  That's assuming that the FSB (for example) chooses to inform Microsoft of any holes they find. Why would they do that?
32. Re:security holes of releasing source code by tibit · 2010-07-09 02:53 · Score: 1
  
  I don't really see how the non-buildable source can be generally useful. Certainly, some things can be examined on a printout. Perhaps most of interesting things.
  But there are still some pieces of code where it's hard to reason about their execution paths without seeing them in action. Thus you really need to build them, hack them, run under debugger and see how they behave in action, and how they react to your changes.
  
  --
  A successful API design takes a mixture of software design and pedagogy.
33. Re:security holes of releasing source code by Sulphur · 2010-07-09 02:54 · Score: 1
  
  If it fails, do they get their money back?
34. Re:security holes of releasing source code by tenco · 2010-07-09 03:07 · Score: 1
  
  Basically, they get all of the disadvantages of open source security, but none of the advantages.
  ?
  People can find security holes and exploit them, but they can't find security holes and fix them. (They can, however, find security holes and report them, so...)
  I guess that's why MS didn't give out the right to build from it's source. This denies governments to find flaws, fix it for their versions and exploit them on $enemy. This encourages governments to report found holes (unless they can be "fixed" without recompiling).
35. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 03:07 · Score: 0
  
  You mean Flowersweeper right?
36. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 03:18 · Score: 0
  
  Well....
  It is only a secret if one person knows it.
  With all the governments MS has exposed the source to it should be leaked out into the cyber criminal world by now.
  The exploits to benefit criminal hackers are most likely already hitting the net.
  Therefore, Win 7, no supprise, becomes an unsecure operating system.
37. Re:security holes of releasing source code by alexo · 2010-07-09 03:18 · Score: 3, Interesting
  
  the source code that they provide is not enough to build a complete Windows system, and the license does not permit building it, only reviewing it, so this only lets you find (but not fix) accidental flaws, not malicious ones.
  
  If I were in charge of an internal security agency, I would be more concerned about running an OS containing back doors or exploits than to try and exploit them myself. To that effect, I would insist on being able to build the OS from sources using a compiler that is known to be uncompromised (built it from source too). No other arrangement will guarantee that the copies I am running behave exactly like the source code says.
  If the FSB agreed to the terms that you mentioned, they are not doing their work.
38. Re:security holes of releasing source code by suso · 2010-07-09 03:24 · Score: 2, Insightful
  
  and the license does not permit building it, only reviewing it, so this only lets you find (but not fix) accidental flaws, not malicious ones.
  Oh noes, a license. That will stop em.
39. Re:security holes of releasing source code by phantomcircuit · 2010-07-09 03:35 · Score: 0
  
  Clearly you have no idea how SELinux works. It's an enormous pain in the ass to setup correctly. Simply enabling it will do nothing at all.
40. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 03:35 · Score: 1, Funny
  
  You've got to be kidding. The wall came down, man. We're best friends with the Russians now, right?
  It's not like we've got spies in each-others countries or any of that nonsense anymore.
  Next thing you'll try telling me we're going to have one of those old Cold War style "spy swaps" or something.
41. Re:security holes of releasing source code by NotBornYesterday · 2010-07-09 03:52 · Score: 1
  
  Huh? No, definitely not.
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
42. Re:security holes of releasing source code by Muad'Dave · 2010-07-09 04:02 · Score: 1
  
  ... the license does not permit building it, only reviewing it ...
  To make it doubly secure Microsoft set the read-only bit to true and the compile bit to false on all the source files.
  
  --
  Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
43. Re:security holes of releasing source code by NotBornYesterday · 2010-07-09 04:05 · Score: 1
  
  Yes, I understand MS's motivation ... just wondering about China's.
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
44. Re:security holes of releasing source code by king+neckbeard · 2010-07-09 04:12 · Score: 1
  
  but Google is stopping internal usage of Windows, making it a moot point.
  
  --
  This is my signature. There are many like it, but this one is mine.
45. Re:security holes of releasing source code by shutdown+-p+now · 2010-07-09 04:22 · Score: 2, Interesting
  
  Last I heard (which, admittedly, was around 2002), the source code that they provide is not enough to build a complete Windows system, and the license does not permit building it, only reviewing it, so this only lets you find (but not fix) accidental flaws, not malicious ones.
  From what I heard, this transfer is for complete buildable code, and, indeed, the whole point is that FSB guys will strip out everything they don't need to minimize attack surface, and use the resulting build for their own systems.
46. Re:security holes of releasing source code by d3ac0n · 2010-07-09 04:34 · Score: 1
  
  Imho finding them / being aware of them would be an advantage
  That's assuming that the FSB (for example) chooses to inform Microsoft of any holes they find. Why would they do that?
  That's also assuming that the FSB is capable of finding any holes and I think that's assuming alot. If the recent "sexy spy" debacle is any indication, the FSB has become the keystone kops of the espionage industry.
  
  --
  Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
47. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 04:49 · Score: 0
  
  yay, so now the Russians will know all the holes in Windows 7 and how to exploit them, no?
  All?? There is at least a Googol of exploits!
48. Re:security holes of releasing source code by Anonymous Coward · 2010-07-09 05:10 · Score: 0
  
  Right, so its good to just deploy a fix that is untested, could break tons of required legacy apps or introduce new holes. Why don't you use your critical thinking skills instead of band-wagoning on the MS hate Conestoga. But it's cool with you when UNIX/FOSS leaves know flaws active for 20 years though:
  http://www.computerweekly.com/Articles/2007/07/25/225765/serious-flaw-affects-bind-internet-server-software.htm
49. Re:security holes of releasing source code by Your.Master · 2010-07-09 05:12 · Score: 1
  
  Nobody said you couldn't build a binary. Just that you can't build the complete Windows system. You can probably spray dlls all over the place and then just do a binary diff against the original to verify that they are identical other than the signature.
50. Re:security holes of releasing source code by morgan_greywolf · 2010-07-09 05:15 · Score: 1
  
  If you only have 90% of the source, the portion you can't build depends on which 10% is missing. Just because you have 90% of the source, that doesn't mean you can build 90% of the binaries. For some projects, removing 10% source means you can't compile anything, if it's the right 10%.
  
  --
  My blog
51. Re:security holes of releasing source code by Phu5ion · 2010-07-09 05:59 · Score: 1
  
  Anything to prevent them from upgrading to FOSS.
  
  --
  Slashdot is kind of like Playboy; we aren't here to read the articles.
52. Re:security holes of releasing source code by bruce_the_loon · 2010-07-09 06:28 · Score: 1
  
  Careful there, the FSB just happened to have the right number of warm bodies spying for America/et-al hanging around behind bars to do the swap immediately after the debacle started.
  Keystone kops or ready to extract 10 spies whose job is done and are ready to come home? Just a thought
  
  --
  Trying to become famous by taking photos. Visit my homepage please.
53. Re:security holes of releasing source code by noidentity · 2010-07-09 06:32 · Score: 1
  
  Never mind Window, I heard Linucks has released its source codes to all governments worldwide, so that they know all the backdoors and exploits. So much for Linucks being a secured operatings system!!1
54. Re:security holes of releasing source code by StillNeedMoreCoffee · 2010-07-09 06:53 · Score: 1
  
  "and the license does not permit building it, only reviewing it, so this only lets you find (but not fix) accidental flaws"
  Right, the Russian former KGB is going to feel obligated to not build the code because they are not permitted to under license. The only way they wouldn't is if there was a bigger, more dastardly policeman out their to threaten to enforce that. Oh wait, the I.P. police, well I guess your right, they will abide by the licence.
55. Re:security holes of releasing source code by morgan_greywolf · 2010-07-09 07:35 · Score: 1
  
  Oh, yeah, another point: The license doesn't allow you to build any binaries, either.
  
  --
  My blog
56. Re:security holes of releasing source code by SplashMyBandit · 2010-07-09 07:48 · Score: 1
  
  The NSA released the SE patches to the Linux kernel a few years back. Most distros allow you to use this. Refer to: http://en.wikipedia.org/wiki/Security-Enhanced_Linux
57. Re:security holes of releasing source code by aliquis · 2010-07-09 08:11 · Score: 1
  
  Well, the issue was open-source advantages vs disadvantages?
  I don't see how being able to check the source for issues is a disadvantage, but yeah, not being able to build the software yourself to fix the bug is one. But if they want it fixed they can inform Microsoft. Done.
  If they just want to use the source code to look for exploitable code then they wouldn't be likely to inform Microsoft no matter what.
  If anything this scenario makes it MORE likely that they inform Microsoft because if they want it fixed it's their only solution. So not doing so risk their own systems to.
  I doubt the NSA is like "oh but we can't make anything we release of our own tooo good, it must be full of flaws so we can still exploit others."
  But whatever, some people will most likely argue they are.
58. Re:security holes of releasing source code by JumpDrive · 2010-07-09 09:09 · Score: 1
  
  Well if I was able to look at the code and find a security flaw, then be able to use an exploit against that flaw. Then that would be good enough for me to say that the code was complete enough.
59. Re:security holes of releasing source code by RocketRabbit · 2010-07-09 09:12 · Score: 1
  
  Apple also has another power: the inherent anti-Chinese sigil. I don't know what it is about Macs, but I have been a Mac user for about 25 years and an owner for about 15 years, and I don't think I have ever seen Chinese software of any kind on any Mac, ever. I have seen lots of Chinese people at institutions of higher education using Macs, but I don't think I have seen Chinese software, from China, on a Mac.
  I do believe they are probably pretty adept at exploiting Linux machines, though, because all day I get bombarded with probes and bad attempts on my SSH daemon, and when I nmap them they are usually running Linux and are usually in China.
60. Re:security holes of releasing source code by arkane1234 · 2010-07-09 09:21 · Score: 1
  
  Do you really think most countries have any interest in reviewing all the code in windows? or even in linux or any other OS for that matter? the size of such a task would be beyond belief and a constantly moving target.
  While it would be a huge huge huge task, by no means would it be a moving target.
  Versions exist for a reason, which is why we have things called version control.
  An organization/government can rip apart any version they wish to QA it, then freeze that version as 'stable' within their organization/government. It's how most (conventional) organizations operate.
  
  --
  -- This space for lease, low setup fee, inquire within!
61. Re:security holes of releasing source code by NotBornYesterday · 2010-07-09 09:43 · Score: 1
  
  I don't approve of anyone leaving holes unpatched, troll, so don't go putting words in my mouth. What I pointed out is a single instance of what has become a pattern of behavior from MS which contradicts his statement.
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
62. Re:security holes of releasing source code by morgan_greywolf · 2010-07-09 11:10 · Score: 1
  
  Well if I was able to look at the code and find a security flaw, then be able to use an exploit against that flaw.
  One security flaw? No. You'd only know that that piece of code that contained the security flaw corresponded to the actual binary(ies). Even for that, you wouldn't have a guarantee, since the source could represent, say, an older version and the newer version of the same code has other security flaws that you can't see.
  
  --
  My blog
63. Re:security holes of releasing source code by Windowser · 2010-07-09 12:49 · Score: 1
  
  Clearly you have no idea how SELinux works. It's an enormous pain in the ass to setup correctly. Simply enabling it will do nothing at all.
  Looks like you never tried it. It will make a lot of stuff stop working. Even serving a webpage will become complicated.
  
  --
  Avoid the MS tax, always buy I.B.M. PC's (I Built-it Myself)
64. Re:security holes of releasing source code by phantomcircuit · 2010-07-09 14:28 · Score: 1
  
  Did you even read my comment?
65. Re:security holes of releasing source code by hagiwhat · 2010-07-12 23:06 · Score: 1
  
  hassie aq bu ne simdi?
Available as a Torrent in 3... 2... 1... by Xtense · 2010-07-09 00:03 · Score: 4, Insightful

Available as a Torrent in 3... 2... 1...

--
"We are the music makers, and we are the dreamers of dreams [...]."
1. Re:Available as a Torrent in 3... 2... 1... by Anonymous Coward · 2010-07-09 00:09 · Score: 1, Funny
  
  Lawsuit in 1.. 0..
2. Re:Available as a Torrent in 3... 2... 1... by Xtense · 2010-07-09 00:10 · Score: 0, Flamebait
  
  Pffffffaaahahahaahaha.
  Oh wait, you're serious.
  Aaaaaaaaaaaaaahahahahahaahaaaaaaaaaaaaaaaaaaa!
  
  --
  "We are the music makers, and we are the dreamers of dreams [...]."
3. Re:Available as a Torrent in 3... 2... 1... by thijsh · 2010-07-09 00:26 · Score: 0, Redundant
  
  In Soviet Russia Information Wants To Be Suppressed, but Code Still Wants To Be Wrong!
4. Re:Available as a Torrent in 3... 2... 1... by arivanov · 2010-07-09 01:39 · Score: 3, Interesting
  
  And in which jurisdiction are you going to sue?
  
  --
  Baker's Law: Misery no longer loves company. Nowadays it insists on it
  http://www.sigsegv.cx/
5. Re:Available as a Torrent in 3... 2... 1... by timeOday · 2010-07-09 02:38 · Score: 3, Informative
  
  Don't you remember the big leak of Windows source code a few years ago?
  Surprisingly, it didn't turn out to have any impact on anything, that I can tell.
6. Re:Available as a Torrent in 3... 2... 1... by bigredradio · 2010-07-09 04:00 · Score: 3, Funny
  
  Hax0r: Ha! I have windows source code!!! (10 mins later) Hax0r: Humm.. now what?
  
  --
  Flexible bare-metal recovery for Linux/UNIX
7. Re:Available as a Torrent in 3... 2... 1... by theArtificial · 2010-07-09 05:09 · Score: 3, Interesting
  
  Wasn't that how the image hacks started? A specially crafted BMP. There are more but this is one I recall off of the top of my head.
  
  --
  Man blir trött av att gå och göra ingenting.
8. Re:Available as a Torrent in 3... 2... 1... by ThatsNotPudding · 2010-07-09 05:25 · Score: 1
  
  Known Space. Gil Hamilton will serve the subpeonas.
9. Re:Available as a Torrent in 3... 2... 1... by Anonymous Coward · 2010-07-09 06:43 · Score: 0
  
  Keep seeding?
I'm sure this will turn out well by linzeal · 2010-07-09 00:03 · Score: 5, Interesting

I'm more afraid of the FSB selling or having the code stolen from them by Russian hackers than the FSB actually doing anything. They are mostly incompetent hacks either leftover from the 90's or put there to be yes-men to Putin policy. Putin would not stack the deck against himself so he has cut out most of the intelligence in the intelligence agencies, that is why you get things like the recent spy swap debacle where they could not even penetrate a PTA meeting let alone the Pentagon.

--
An Education is the Font of All Liberty
1. Re:I'm sure this will turn out well by Anonymous Coward · 2010-07-09 00:51 · Score: 2, Interesting
  
  I tend to agree with your take on Putin.
  And, wtf. Those poor Russians just can't seem to get a break. They've gone from totalitarian monarchy to communism. Yay, workers paradise, except when the revolutionary dust settled they were still under totalitarian rule.
  And now that the confetti from the democratization celebration has blown away we are still looking at something remarkably similar to a dictatorship.
2. Re:I'm sure this will turn out well by BitZtream · 2010-07-09 02:49 · Score: 0, Flamebait
  
  Sounds like they've done pretty good for themselves. Their cover obviously has you fooled.
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
3. Re:I'm sure this will turn out well by dargaud · 2010-07-09 02:57 · Score: 3, Insightful
  
  When you ask a russian his opinion on some leader (either russian or otherwise), whenever he wants to praise that leader, he'll always add 'he's a strong leader'. It seems that russians only recognize leadership when it is associated with strength, so do not be surprised that they go from dictatorship to dictatorship. It's mostly self-inflicted.
  
  --
  Non-Linux Penguins ?
4. Re:I'm sure this will turn out well by shutdown+-p+now · 2010-07-09 04:27 · Score: 1
  
  People were genuinely supporting democracy and liberalism back in late 80s and in early 90s. That's what made the transition to democratic rule possible in the first place. It's also why the hardcore commie attempt at a coup d'etat failed in 1991.
  The problem was that people's trust in those things was undermined by those very politicians who were pushing for them, once they got in power. Yeltsin was a horrible president, both as a person (drunkard, slow-thinking, dishonest) and as a ruler (autocratic, bad manager). It was bad enough in 90s that, for the majority of population, the very word "democracy" itself became tarnished - "If that's what they call 'democracy', we'd rather have it the old way". And since the "old way" is stereotyped as "strong hand", we got Putin.
  So... I agree that it's self-inflicted, but it's more complicated than it seems.
5. Re:I'm sure this will turn out well by Reservoir+Penguin · 2010-07-09 05:36 · Score: 1
  
  The poor Russian we are, suffering under a bloody KGB regime, why don't you come here and bring us some of you freedoms? And do not forget winter clothes, it can get bloody cold over here.
  
  --
  US-UK-Israel: The real Axis of Evil
6. Re:I'm sure this will turn out well by Anonymous Coward · 2010-07-09 11:03 · Score: 0
  
  If they really wanted "the old way", shouldn't they have restored the monarchy?
7. Re:I'm sure this will turn out well by shutdown+-p+now · 2010-07-09 11:21 · Score: 1
  
  By "old way" I mean what people remembered as good times compared to where they ended up in the 90s.
  But, since you ask - there has been quite a resurgence of various monarchist organizations in Russia in 90s, and quite a few of them are of ultra-conservative type advocating absolutism, Orthodoxy as a state religion etc - in general, anti-liberalism - and opposing that to the "lying and treacherous liberals who have robbed the country". They mainly appeal to those people who think that commies were okay, except for the part where they suppressed religion.
8. Re:I'm sure this will turn out well by ScrewMaster · 2010-07-10 00:13 · Score: 1
  
  The poor Russian we are, suffering under a bloody KGB regime, why don't you come here and bring us some of you freedoms? And do not forget winter clothes, it can get bloody cold over here.
  No, we only spread freedom to countries with plenty of oil and other natural resources ... oh wait.
  
  --
  The higher the technology, the sharper that two-edged sword.
FSB is not "the" successor to the KGB by the+linux+geek · 2010-07-09 00:04 · Score: 5, Interesting

The FSB is approximately a third of the total KGB capability, with the FSO and SVR being the other legs of the triumvirate. The FSB, being the replacement for the former First Chief Directorate, is mostly responsible for internal security (counterintelligence, counterterrorism, counterinsurgency, action against dissenters.) I don't see how this deal with Microsoft could possibly threaten the US or US interests, except possibly in a peripheral way.
1. Re:FSB is not "the" successor to the KGB by Divide+By+Zero · 2010-07-09 00:19 · Score: 2, Funny
  
  Certainly they won't give it to whatever directorate's in charge of conducting espionage. Spies are the most honorable government officials there are, and nobody in Moscow's looking to get ahead by bending any rules.
  
  --
  Dare to Hope. Prepare to be Disappointed.
2. Re:FSB is not "the" successor to the KGB by elucido · 2010-07-09 00:31 · Score: 1
  
  Certainly they won't give it to whatever directorate's in charge of conducting espionage. Spies are the most honorable government officials there are, and nobody in Moscow's looking to get ahead by bending any rules.
  I smell sarcasm.
3. Re:FSB is not "the" successor to the KGB by Rogerborg · 2010-07-09 00:32 · Score: 2, Funny
  
  Whoa, whoa, whoa, let's put it in terms we can all understand, shall we? Are you saying that the FSB is like the Klingon ISF, while the FSO and SVR are the equivalent of the DSF?
  
  --
  If you were blocking sigs, you wouldn't have to read this.
4. Re:FSB is not "the" successor to the KGB by chris+mazuc · 2010-07-09 00:51 · Score: 1
  
  Not one bit.
  
  --
  E pluribus unum
5. Re:FSB is not "the" successor to the KGB by Anonymous Coward · 2010-07-09 01:03 · Score: 0
  
  Certainly they won't give it to whatever directorate's in charge of conducting espionage. Spies are the most honorable government officials there are, and nobody in Moscow's looking to get ahead by bending any rules.
  I smell sarcasm.
  I smell obvious and the recursion thereof...
6. Re:FSB is not "the" successor to the KGB by yossarianuk · 2010-07-09 01:21 · Score: 1, Troll
  
  Using Windows is a bigger threat to US security than giving the Russian's the source code.
7. Re:FSB is not "the" successor to the KGB by Bing+Tsher+E · 2010-07-09 02:21 · Score: 1
  
  No, the security forces in Russia are not characters in a TV show.
8. Re:FSB is not "the" successor to the KGB by Anonymous Coward · 2010-07-09 02:36 · Score: 0
  
  It doesn't matter anyway since the FSB was replaced a long time ago by HyperTransport and QuickPath.
9. Re:FSB is not "the" successor to the KGB by Rogerborg · 2010-07-09 02:39 · Score: 0, Offtopic
  
  No, the security forces in Russia are not characters in a TV show.
  Historical. Documents.
  
  --
  If you were blocking sigs, you wouldn't have to read this.
Brilliant Idea by Anonymous Coward · 2010-07-09 00:04 · Score: 1, Insightful

Giving the OS source code to the Russians... what could go wrong?
1. Re:Brilliant Idea by shutdown+-p+now · 2010-07-09 04:30 · Score: 1
  
  Microsoft is a company of 80k people. I would expect several hundred, at least, to have direct access to Windows source (and probably more like several thousand).
  Do you seriously think that it would be hard for any foreign intelligence agency worth its salt to bribe, or otherwise hook, one or more of them, and steal the source code to whatever MS products they desire?
  This is without even mentioning that there are quite a few people from ex-USSR working in MS.
Who can blame our "paranoia"? by Anonymous Coward · 2010-07-09 00:06 · Score: 0

So now, how can we blame the US government for not trusting Microsoft products? ...or does this have something to do with the spy swap going on in Austria?
Soon it'll be a Linux First world if we don't all panik.
Re:In russia by Pojut · 2010-07-09 00:06 · Score: 0, Offtopic

In Soviet Russia, you beat you to it!

--
Living With a Nerd
Equal opportunity by Cynic2sceptic · 2010-07-09 00:06 · Score: 1

I like it, the question remains - will they aid MS in any way or just use the opportunity to secure their own enviroment.
Also, isn't it fairly likely that they have the sourcecode already?

--
My opinion is based on my thoughts and others, all compiled by my brainy script.
In Soviet Russia... by yanyan · 2010-07-09 00:06 · Score: 5, Funny

I give up. This is too easy.
1. Re:In Soviet Russia... by dimethylxanthine · 2010-07-09 00:43 · Score: 2, Funny
  
  FSB caught your tongue?
2. Re:In Soviet Russia... by Chupathingy · 2010-07-09 02:39 · Score: 1, Funny
  
  If "In Soviet Russia, Microsoft gives you their source code,"
  then "In Capitalist America.... You give Microsoft your source code."
3. Re:In Soviet Russia... by Anonymous Coward · 2010-07-09 06:50 · Score: 0
  
  In Soviet Russia, Front Side Buses YOU!
  How's that?
4. Re:In Soviet Russia... by moyl · 2010-07-09 07:49 · Score: 1
  
  In Soviet Russia, your tongue catches FSB.
next step by Anonymous Coward · 2010-07-09 00:07 · Score: 0

The FSB diffing the source with their own reverse engineered one to see if they did everything right.
This is actually good by Chrisq · 2010-07-09 00:09 · Score: 3, Interesting

It will keep them tied up for years trying to find exploitable holes, when the real spies will use something else
1. Re:This is actually good by Anonymous Coward · 2010-07-09 00:20 · Score: 0
  
  Wow, how did we miss that?! Hey, thanks for the info Chrisq.
  
  Best,
  KGB
2. Re:This is actually good by JumpDrive · 2010-07-09 09:18 · Score: 1
  
  Yeah , but can you play games on it. Everyone knows that it will never make it into the desktop market unless you can play games on it.
Trust, Interesting World by Bob9113 · 2010-07-09 00:26 · Score: 4, Interesting

It is an interesting world in which a United States company trusts Russian spies more than it trusts United States citizens.

--
Stop-Prism.org: Opt Out of Surveillance
1. Re:Trust, Interesting World by fuzzyfuzzyfungus · 2010-07-09 00:34 · Score: 2, Interesting
  
  It is a world operating completely as expected when a multinational corporation cares more about satisfying the requests of large customers than it does small ones.
2. Re:Trust, Interesting World by Bob9113 · 2010-07-09 06:09 · Score: 1
  
  It is a world operating completely as expected when a multinational corporation cares more about satisfying the requests of large customers than it does small ones.
  Well said. Thanks for truthing my post. :)
  We would do well to remember that they are American In Name Only the next time they whine about taxes or H1Bs.
  
  --
  Stop-Prism.org: Opt Out of Surveillance
3. Re:Trust, Interesting World by Anonymous Coward · 2010-07-09 11:35 · Score: 0
  
  It is a world operating completely as expected when a multinational corporation cares more about satisfying the requests of large customers than it does small ones.
  This is Russia. They pirate everything. They aren't customers.
Update email by Linker3000 · 2010-07-09 00:27 · Score: 3, Funny

Has anyone else just got the email from Microsoft regarding a critical security update that should be downloaded and installed immediately from windowsupdate.micros0ft.ru?

--
AT&ROFLMAO
Maybe this will help the russian spies. by elucido · 2010-07-09 00:27 · Score: 1, Troll

It will help with their IT troubles now that they will be given the complete sourcecode to Windows 7. This just goes to show me that Microsoft is evil. Stick to Open Source software. If It isn't open for everyone then something is wrong with that.
yeah, right by circletimessquare · 2010-07-09 00:28 · Score: 0, Flamebait

because if the russian government (or any government) had an interest in using the source code for purposes beyond internal security, they would go "wait, we promised microsoft we would only use this domestically"
do you believe that? what exactly do you think motivates a government's actions?: protect the nation, at all costs, in any way possible. one way is to make false promises to naive parties and then promptly renege on them. but you write:
"I don't see how this deal with Microsoft could possibly threaten the US or US interests, except possibly in a peripheral way."
are you fucking serious? how naive and deluded are you?
the source code will soon be in the hands of ultranationalist russian hackers with marching orders to fashion a weapon or reveal a weakness out of anything they can find in the code. these hackers will be quasi-independent: no way to trace their activities back to the government. like the perfectly timed cyber attacks on georgia in 2008 as russian tanks rolled over the mountains or the cyberattacks on estonia because of a fucking statue. officially, of course, nothing to do with the government. yeah, right
you're a naive fool

--
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
1. Re:yeah, right by Anonymous Coward · 2010-07-09 00:40 · Score: 0
  
  And they said Screaming Fist would never happen.
Buildable? by temcat · 2010-07-09 00:28 · Score: 1

I wonder if the scope of code to be provided allows building it to a working copy of Windows 7.
1. Re:Buildable? by Shados · 2010-07-09 00:52 · Score: 4, Informative
  
  Probably not. It is not all that uncommon for Microsoft to open its source. I mean, it doesn't happen everyday, but they have special facilities for that purpose alone.
  It may have changed, but back when i saw it, it was basically a web based code browser that doesn't allow the more simple copying features (like no export and stuff obviously).
  If its still what they use, then it definitely cannot (realistically) be built.
2. Re:Buildable? by tibman · 2010-07-09 02:33 · Score: 4, Insightful
  
  How can the russians trust the source code to a binary if they can't compile and compare the binaries?
  
  --
  http://soylentnews.org/~tibman
3. Re:Buildable? by Anonymous Coward · 2010-07-09 05:55 · Score: 0
  
  You are asking too many questions and your account is being terminated.
Potential attackers get code, do defenders? by Anonymous Coward · 2010-07-09 00:30 · Score: 0

The FSB and their counterparts elsewhere are obviously potential attackers, and they get to see the source code, a huge benefit to them. Large corporations get to see it (IIRC), which must help with their security. The only ones left out in the cold are small/medium sized businesses and end users. At least I hope Trend Micro, McAfee, Symantec, etc. get to see it, so that those groups have a fighting chance.
Of course, now that I think of it, my computers are sharing a network with the FSB, every other intelligence agency, global criminal groups, and every hacker in the world. And I'm worried about the security Microsoft revealing its source code? What the hell am I doing?
Successor agency by TrixX · 2010-07-09 00:30 · Score: 5, Funny

Shouldn't the successor to KGB be called LHC... oh!
1. Re:Successor agency by glwtta · 2010-07-09 00:42 · Score: 2, Insightful
  
  Holy shit, that just completely blew my mind!
  
  --
  sic transit gloria mundi
2. Re:Successor agency by Anonymous Coward · 2010-07-09 01:13 · Score: 0
  
  I'm gonna be a real you-know-what here and point out that if we follow that line of logic, it would actually be the LDV if you want to transliterate. Not sure how to do unicode here. Light Duty Vehicle? Laser Doppler Velocimeter...? Not quite as interesting...
3. Re:Successor agency by L4t3r4lu5 · 2010-07-09 01:31 · Score: 1
  
  Leyland DAF Vans They made vans and minibuses in the UK. Most of them were shoddy and useless, and may as well have been made in post-communist Russia.
  
  --
  Finally had enough. Come see us over at https://soylentnews.org/
4. Re:Successor agency by Anonymous Coward · 2010-07-09 02:37 · Score: 0
  
  I'm gonna be a real you-know-what here and point out that if we follow that line of logic, it would actually be the LDV if you want to transliterate. Not sure how to do unicode here. Light Duty Vehicle? Laser Doppler Velocimeter...? Not quite as interesting...
  !! Laser Deflecting Velociraptors !!
  Very interesting...
5. Re:Successor agency by Robert+Zenz · 2010-07-09 02:43 · Score: 1
  
  So, you mean CERN is just a cover-company?
6. Re:Successor agency by TrixX · 2010-07-09 05:21 · Score: 1
  
  Yes, an evil plot from ex-communists to take the world hostage threatening to eat it with an artificial black hole. There you have it, a plot for the next James Bond Movie.
7. Re:Successor agency by Robert+Zenz · 2010-07-09 07:33 · Score: 1
  
  Ah damn it, and I already thought you'd come up with "threaten to blow up Vatican City with an Anti-Matter bomb". ;) Though, I agree that (yours) would be an interesting plot for a James Bond movie...I can already see the end battle...Bond and the ex-communist leader are rolling on the floor, stopping short before the black hole...first Bond seems to lose, then he turns the tables and the evil overlord is sucked into oblivion (though, I still believe that blackholes are nothing more then super-heavy spheres)! But it's to late for the world, the black hole already exists...but luckily Bond has that new inflatable Earth with him which Q gave him at the beginning of the Movie...well, I guess Stilettos will be forbidden from that day on. ;)
8. Re:Successor agency by Anonymous Coward · 2010-07-09 07:34 · Score: 0
  
  Like how HAL becomes IBM.
9. Re:Successor agency by Anonymous Coward · 2010-07-10 06:14 · Score: 0
  
  on a related note, did you know that the HAL 9000 computer went back in time, crossing over from a different world line where it exists in realspace, and founded IBM in our worldline?
we need open source by law by Weezul · 2010-07-09 00:44 · Score: 1

We should restrict copyright for software to require publication of the source code. You could still sell custom software without releasing the source code for everybody, but you'd be required to release the source code to your customers if you wanted copyright protections.

--
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
1. Re:we need open source by law by Bing+Tsher+E · 2010-07-09 02:02 · Score: 2, Insightful
  
  Why? The copyright protects a specific binary implementation. Are you implying that Microsoft's copyright protection should be extended to the method they use? That's what it sounds like.
2. Re:we need open source by law by h4rm0ny · 2010-07-09 02:24 · Score: 1
  
  We should restrict copyright for software to require publication of the source code.
  Why?
  
  --
  
  Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
3. Re:we need open source by law by tlhIngan · 2010-07-09 03:12 · Score: 1
  
  We should restrict copyright for software to require publication of the source code. You could still sell custom software without releasing the source code for everybody, but you'd be required to release the source code to your customers if you wanted copyright protections.
  Copyright is designed to prevent that. I think you really meant patents, in which case every patent should come with the full (buildable) source of the product containing said patented item. After all, a patent has to describe how something is done, and nothing describes "how" better than the source code. The use of that code is restricted by the patent anyways, and copyright covers the use of the binaries.
  Do the same for business patents (i.e., business employing said patent is literally open for inspection and observation by anyone) and you'll probably cut down the amount of silly patents filed (want to patent a silly feature? Release the source code to your entire app. Want to patent a stupid business plan? Well now your business is inspectable by anyone and everyone - open books for all, including your competitors).
Honey Pots ? by mbone · 2010-07-09 00:50 · Score: 1

If I were in charge of this give away, some fake back door honey-pots would be put into Windows. That way, if they found and exploited back doors and security holes, Microsoft would know about it.
How to provide a hole that is not a hole at a deeper level would be an interesting exercise in computer science. Of course, if a hole is planned, a patch can be sitting ready to go as soon as it is exploited, which would help some.
Threat is by counterpassivity, of course by dragisha · 2010-07-09 00:52 · Score: 1

Less holes in MS products => less opportunities to US intelligence audit/influence.

--
http://opencm3.net, http://www.nongnu.org/gm2/
In Soviet Russia... by Anonymous Coward · 2010-07-09 00:53 · Score: 1, Funny

In Soviet Russia, source opens YOU!
Whatcouldpossiblygowrong? by halfEvilTech · 2010-07-09 00:58 · Score: 1

If anything deserves this tag it would be this. The Russian government has long been known to be corrupt and it is my guess that before the ink even dries that a copy of the code has already made its way to the RBN and others.
Am I the only one by somaTh · 2010-07-09 01:01 · Score: 1

Am I the only one who thought of the text-a-question service? I mean, I could see Microsoft trying to get in on that action. I suppose the Agency portion of the title should've given it away.

--
Nostalgia isn't what it used to be.
in soviet russia by Anonymous Coward · 2010-07-09 01:07 · Score: 0

AC's moderate you! But in slashdot, they just mod u down.
Wait for it... by Anonymous Coward · 2010-07-09 01:12 · Score: 0

Cue Glenn Beck rant about Microsoft as communist plot in 3..2..1..
Reasonable Terms and a Nominal Fee by Alsee · 2010-07-09 01:12 · Score: 1

I am open to negotiating a deal with Russia or any other government interested in offering me reasonable terms and a nominal fee in exchange for a copy of Linux source code.
-

--
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
1. Re:Reasonable Terms and a Nominal Fee by Trelane · 2010-07-09 01:45 · Score: 1
  
  For an extra dispensation, I bet you'd be willing to give them the remaining 90% and let them build and use it too!
  
  --
  
  --
  Given enough personal experience, all stereotypes are shallow.
As Stalin said by gillbates · 2010-07-09 01:29 · Score: 5, Insightful

Wasn't it Stalin who said, "The capitalists will sell us the rope we use to hang them."
Nice to know that Microsoft, after complaining for years that open source was insecure because anyone could see the code, is now providing same to Russia. Nothing quite like putting quarterly profits above national security.

--
The society for a thought-free internet welcomes you.
1. Re:As Stalin said by m93 · 2010-07-09 02:34 · Score: 2, Informative
  
  That was actually a Lenin quote.
2. Re:As Stalin said by gad_zuki! · 2010-07-09 02:40 · Score: 2, Interesting
  
  I've always found that quote to be amusing. It like admitting that communism can't produce enough rope, only capitalism can, but they need rope so they deal with capitalists. Reminds me of all those stories about the price of car wipers and toilet paper in the USSR because their command economy 'geniuses' couldn't figure it out or couldn't turn capital into production.
  >Nothing quite like putting quarterly profits above national security.
  Lets not be too dramatic. The source code of Windows isn't some big trade secret. Several governments have it. Afterall, they want to see the source just like you do with linux and they have the buying power to demand it.
3. Re:As Stalin said by dunkelfalke · 2010-07-09 03:46 · Score: 1
  
  It is actually nothing like that. The saying implies that capitalists care about money so much that they would sell weapons which will destroy them to their enemies.
  
  --
  "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
4. Re:As Stalin said by meringuoid · 2010-07-09 04:07 · Score: 1
  
  It like admitting that communism can't produce enough rope, only capitalism can, but they need rope so they deal with capitalists.
  Read 1984 closely enough and you'll see this in effect. The despairing ending which everybody remembers is the future imagined as a boot stamping on a human face forever. But what was the first example we saw of the Party's information control in action? Why, it was our hero Winston Smith editing the figures for boot production.
  For example, the Ministry of Plenty's forecast had estimated the output of boots for the quarter at 145 million pairs. The actual output was given as sixty-two millions. Winston, however, in rewriting the forecast, marked the figure down to fifty-seven millions, so as to allow for the usual claim that the quota had been overfulfilled. In any case, sixty-two millions was no nearer the truth than fifty-seven millions, or than 145 millions. Very likely no boots had been produced at all. Likelier still, nobody knew how many had been produced, much less cared. All one knew was that every quarter astronomical numbers of boots were produced on paper, while perhaps half the population of Oceania went barefoot.
  Keep stamping, Big Brother. The day's coming soon when you'll run out of boots.
  
  --
  Real Daleks don't climb stairs - they level the building.
5. Re:As Stalin said by bmajik · 2010-07-09 04:38 · Score: 1
  
  I'd like to respond to this in two halves
  
  Wasn't it Stalin who said, "The capitalists will sell us the rope we use to hang them."
  
  You should assume that anyone in Russia or anywhere else that wants the windows code for naughty reasons already has it.
  
  Nothing quite like putting quarterly profits above national security.
  This brings up the more interesting half of my response.
  What is Microsoft's obligation to US national security interests?
  Microsoft (last i heard) had 40% of its revenue from outside the US. One reason MS has to continue putting up with the EU shakedowns is that MS gets so much money from its European customers. It would be financially irresponsible to just "walk away" and so MS has to continue putting up with the mafia style tactics employed by the EU.
  The US DOJ has waxed and waned on how much it feels like "Sticking it" to Microsoft. Certainly the outrageous patent-troll lawsuits, monopoly litigation, and other things can be construed as "attacks" against Microsoft either by government entities in the US, or by MS competitotors using the force and authority of US government entities.
  On the other hand, the current copyright and IP law protection regime in the US has some beneficial effects for MS. In the early days, having a strong copyright and anti-piracy legal framework was certainly a boon. These days when MS if the victim of many patent troll lawsuits it's not as clear that IP law is doing us much good.
  I hold the (unpopular) view that Corporations have no moral obligations whatsoever.
  When we see other countries doing bits of corporate protectionism to favor their domestic producers, we cry foul. IOW: I don't expect or want the US government to "help" Microsoft. But that's a two way street. Microsoft is a multi-national entity. WHy should it be loyal to the USA? Shouldn't its loyalties shift towards whomever provides the most benefits (or the minimum amount of pain/intrusion?)
  
  --
  My opinions are my own, and do not necessarily represent those of my employer.
6. Re:As Stalin said by gillbates · 2010-07-09 05:02 · Score: 1
  
  I hold the (unpopular) view that Corporations have no moral obligations whatsoever.
  Perhaps this isn't the way things should be. But it is the way things are, with few notable exceptions. When the public at large understands that a corporation *can't* possess a moral compass in the same way a human can, then we can have a productive debate on the value of capitalism, and the appropriate regulatory framework to prevent abuses from happening.
  All too many people fail to realize that a corporation - especially a publicly traded one - is a profit-making machine, nothing more, nothing less.
  
  --
  The society for a thought-free internet welcomes you.
7. Re:As Stalin said by Anonymous Coward · 2010-07-09 05:16 · Score: 0
  
  That's an absolutely ridiculous interpretation of that quote.
I'll bet the NSA ... by Rambo+Tribble · 2010-07-09 01:30 · Score: 1

... is glad they picked Linux.
The conversation... by lattyware · 2010-07-09 01:35 · Score: 2, Funny

Microsoft: So, we are agreed, you get access to our source code. FSA: Yes... we just have to add one question to our polygraph test for people reviewing the code? Microsoft: Yes. "Have you ever contributed, or plan to contribute, to open source software..."

--
-- Lattyware (www.lattyware.co.uk)
Exporting software by al3 · 2010-07-09 01:48 · Score: 1

I once signed up for a license to distribute the Acrobat Reader on a CD-ROM my organization was using as a give-away, and I had to agree not to let the program end up in places like Cuba. Now, in the same week I learn about Russian spies being arrested and swapped with the USA, I hear that Microsoft is giving out the source code to Windows 7 to the Russian spy agency. Wow.
1. Re:Exporting software by Anonymous Coward · 2010-07-09 02:27 · Score: 0
  
  The encryption built into some software is actually classified as a munition for the purposes of export. So if you tried to export it you would be violating the same laws as an arms dealer. For further information, read the Export Administration Regulations. Have fun, it's a really LONG document.
In Soviet Russia... by Sentrion · 2010-07-09 01:50 · Score: 0, Redundant

Windows look out through you!
Priceless! by Lisandro · 2010-07-09 02:15 · Score: 1

I'll just sit and wait for the torrent to appear!
I'm a Russian by Anonymous Coward · 2010-07-09 02:25 · Score: 0, Funny

and Windows 7 was my idea
Re:In russia by Anonymous Coward · 2010-07-09 02:30 · Score: 0

Which you will think is a good thing the next time you need it.
How the worm turns.... by zkiwi34 · 2010-07-09 02:59 · Score: 3, Insightful

It wasn't all that long ago when dear old Bil Gates et al were claiming in front of the DoJ that giving anyone (their competitors) access to Windows code would be a threat to national security. Fast forward to now and it appears that either the truth changed a whole lot or for some reason national security interests are served by giving China and Russia and who knows, maybe even the French access to Windows source.
The new Windows, our most secure OS ever!! Well...
1. Re:How the worm turns.... by thoth · 2010-07-09 05:59 · Score: 2, Insightful
  
  They changed even faster than that. IIRC, it was Jim Allchin that said releasing the source code for a portion of Windows (the message queue), would have serious US national security implications. This was in 2002, during the post-DOJ lawsuit cleanup where some states filed a separate lawsuit.
  Less that a year later in early 2003, Microsoft entered into a broad source code sharing arrangement, with Russia, China, and many NATO members.
  http://www.microsoft.com/presspass/press/2003/feb03/02-28GSPChinaPR.mspx
  From "serious US national security issues" to "here you go Russia and China" in less than a year.
Damned if they do, damned if they dont... by TheRedDuke · 2010-07-09 03:24 · Score: 1

I think it's ironic that we're reading an article about MS releasing source code and the /. community is busting their balls. Just sayin'.
1. Re:Damned if they do, damned if they dont... by mikechant · 2010-07-09 03:58 · Score: 2, Informative
  
  I think it's ironic that we're reading an article about MS releasing source code and the /. community is busting their balls. Just sayin'.
  Maybe you should think some more and consider that
  1/ MS are releasing the source code to potentially hostile foreign governments (China, Russia), but *not* to (say) security researchers etc. who might get something useful out of it for the benefit of Windows users in general.
  2/ MS are not releasing buildable or complete source, there is no way to tell if the source accurately reflects the actual distributed binaries.
  3/ MS has been doing this for years and it is clearly not in any way a path, stepping stone or partial move towards open source or anything like it.
  So maybe you'd be able to explain why it's 'ironic' that they are being criticised in the light of the above?
2. Re:Damned if they do, damned if they dont... by TheRedDuke · 2010-07-09 04:20 · Score: 1
  
  So maybe you'd be able to explain why it's 'ironic' that they are being criticised in the light of the above?
  Not really - I think my joke just fell on deaf ears.
3. Re:Damned if they do, damned if they dont... by Anonymous Coward · 2010-07-09 05:37 · Score: 0
  
  MS is releasing the source code to the blackhats. Not the whitehats who have to rely on the code to keep out intruders. This is another reason why people are extremely concerned about this move.
  As a business owner, the best you can do is perimeter security because there is in effect no solid way to secure a Windows machine other than air-gap it. So the next best thing to do is focus on network security so the baddies can't get to the network segment (as well as isolate compromised boxes from everything else), as well as app security so malicious code is not able to execute on the machine.
  Now, if people want to be really serious about wanting to completely get rid of Windows, find a way to make an Exchange replacement which actually works.
FSB isn't really the KGB's successor... by Wyatt+Earp · 2010-07-09 03:50 · Score: 1

The SVR is the successor to the KGB's First Chief Directorate, the section that is responsible for intelligence and espionage activities outside the Russian Federation. It works in cooperation with the Russian military intelligence organization GRU, negotiates anti-terrorist cooperation and intelligence-sharing arrangements with foreign intelligence agencies, and briefs the Russian president.
The FSB is the domestic intelligence organization handling counter-intelligence, internal and border security, counter-terrorism, and surveillance.
So it's like the division of the CIA and FBI with the GRU being the DIA.
Back in the Cold War, the ten Russian spies would have been working for the KGB, they didn't work for FSB this time however, they worked for SVR.
Have fun! by Anonymous Coward · 2010-07-09 03:59 · Score: 1, Funny

The windows 7 source code is huge!
If the russians can figure out any part of it then go them!
All the code? by Anonymous Coward · 2010-07-09 04:01 · Score: 1, Insightful

So microsoft is giving them all the code? So they can compile it on site and have it run? Or are they giving them pieces of paper that they can read in their spare time; pieces of paper with pseudocode that give a rough general idea of approximately something? Its one thing to be given pieces of paper, another to compile it and see it run with full functionality. Using microsoft anything is a bad choice because you cannot audit it. The Russian government can now audit their stuff, but upon inspection, will give it back to them, since they can see for themselves exactly how bad it is.
Yo! by notknown86 · 2010-07-09 04:07 · Score: 0, Troll

Yo America!

What value has your freedom when your freedoms are extended more to your past and present enemies than to yourselves? Which one of your domestic agencies gets the same privileges? Let alone (holy fuck!) the actual domestic *users* of the software?

Excuse me when I quietly say *pffft* next time I hear another hypocritical cunt spout off about freedom with no consideration for the responsibility in preserving those freedoms. Truth is, most care more for comfort. Not a problem, but it bothers me when it is nested in a halo of moral rectitude.
Clearly you have no idea about security by Anonymous Coward · 2010-07-09 04:11 · Score: 0

Clearly you have no idea about security. It doesn't matter a fig how much of a pain it is to set up, a government or sufficiently involved organisation to need such security can and WILL do it.
Do you know who wrote SELinux? NSA. Do you think they wrote a system they wouldn't be able to configure for their own use?
Just because you have source by Anonymous Coward · 2010-07-09 04:23 · Score: 0

Just because you have source doesn't mean you have any right to copy it, in the same way as the fact that though your english copy of "The Half-Blood Prince" is there open source for you, that doesn't mean JK Rowling has no copyrights.
And yes, copyright HAS to be on a specific implementation: you can't copyright "a Word Processor". You can only copyright the code. So your reading is incorrect and deliberately so, so that you can cast FUD upon the waters.
Not just governments, college students too by perpenso · 2010-07-09 04:35 · Score: 1

It's not just governments. Microsoft gives some college faculty and students complete access to Windows source code. They have to be part of a research team doing something Microsoft finds interesting, sign NDAs, etc. Microsoft gets access to their work but there are no restrictions on publishing. A friend was on such a team when he was a grad student.
I See Microsoft went Open Source by Anonymous Coward · 2010-07-09 04:37 · Score: 1

Microsoft Windows, Open Source to everyone, "except the user." The user who pays has to break the law to get the source code. That's irony.
While it's funny on top, it's not funny ultimately. It certainly isn't in the public interest. It's in the spying interest though.
Copyright requires we be able to learn by Anonymous Coward · 2010-07-09 04:47 · Score: 0

Copyright requires we be able to learn. You can't learn how someone coded their application from the object file. Copyright prevents you from copying and distributing whatever is copyrighted. And you can only copyright expressive art. That would be the source code, not the object code.
Think about this too: when the copyright expires, what can you use the object file on anyway? I can learn good writing from reading shakespear. If I can't read how you coded your application, what do I learn from it? Nothing.
Copyright on binary or object should DEMAND that source be available. You can't compile and make Bob's Windows 7 because there's still copyright on it. You can't use their VFAT extension in the US because it's patented. But that is true whether you have the source code or not.
And, since you can't gain anything from the object being made public domain, that requires you get the source code.
You've lost NOTHING from doing so.
Unless you've got something to hide in your code...
I said copyright & I meant copyright. by Weezul · 2010-07-09 05:04 · Score: 1

If you don't provide your customers with the source, then you should have implicitly revoked your claim of copyright, pure and simple.
Software and business method patents should simply be eliminated outright of course.

--
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
Don't blame me... by MJMullinII · 2010-07-09 06:45 · Score: 1

I voted for kotos!"
Jokes aside, I could very easily go into all the reasons why I use the Mac OS...but it's not proper to dance on another's grave :)

--
"Don't be a martyr -- BE THE ONE WHO GOT AWAY!"
Just the latest... by rnturn · 2010-07-09 07:47 · Score: 1

... in the almost innumerable reasons to avoid using Microsoft products.
Shouldn't something like this have been reviewed and approved by U.S. security agencies? And if it was, you gotta wonder whose side they're on.

--
CUR ALLOC 20195.....5804M
I don't believe it! by Anonymous Coward · 2010-07-09 08:24 · Score: 0

I don't think Microsoft is capable of writing KGB's successor System. KGB isn't that trivial.
But how... by Anonymous Coward · 2010-07-09 11:26 · Score: 0

How did Microsoft get the source code of the FSB anyways? And why are they releasing it?
Haaaa I can hardly wait.... by dogzdik · 2010-07-09 18:05 · Score: 0

For the source code to hit the internets!!!!
Fuck Microsoft.

--
.
Voting up, Voting down - If I really gave a fuck about your approval or not, I'd come and ask you.