Post #141,493
2/12/04 5:22:57 PM
|
Windows 2000 source code leaked
Source site slashdotted, so no link for you.
Checkout the list of files.
They use gnumake to compile parts of it!!!!
[link|http://heim.ifi.uio.no/~mortehu/files.txt|http://heim.ifi.uio....mortehu/files.txt]
|
Post #141,497
2/12/04 5:30:09 PM
|
Time to haul out grep...
...and see what Linux code has been lifted.
"I'll stop calling this crew 'Orwellian' when they stop using 1984 as an operations manual." - J. Bradford DeLong
|
Post #141,498
2/12/04 5:32:19 PM
|
Not if you ever want to have children ...
...or contribute to an OSS project. Guard your eyes!
--
Chris Altmann
|
Post #141,499
2/12/04 5:35:47 PM
|
Agreed
The file list is probably harmless, but it would probably be a BAD idea to go get the real source.
Note: They mispelled "accessory" in the source tree. I bet it was one of those ancient booboos that could never be fixed!
|
Post #141,524
2/12/04 8:56:07 PM
|
Re: Agreed
Can someone explain to me what this conversation is about?
-drl
|
Post #141,539
2/12/04 9:47:10 PM
|
Sure
NT Source code leaked to web.
Any programmer who looks at it is tainted.
They can never work on any project, commercial or OSS, without there being a chance of MS suing them for stealing MS code. So you don't want to ever admit to looking at it, or be on a computer who's IP address is logged while downloading it.
|
Post #141,685
2/13/04 4:51:06 PM
|
Gawd we're a terminally-silly species..
|
Post #141,518
2/12/04 7:39:40 PM
|
Could make for an interesting lawsuit or three...
"good ideas and bad code build communities, the other three combinations do not"
- [link|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html|Stefano Mazzocchi]
|
Post #141,500
2/12/04 5:38:47 PM
|
What are the EML files?
Feel like some kind of source code control lock files. Always zero byte with interesting names.
|
Post #141,502
2/12/04 5:44:57 PM
|
MS email files.
Alex
The mind is not a vessel to be filled but a fire to be kindled. -- Plutarch
|
Post #141,507
2/12/04 6:35:56 PM
|
I googled too
Doesn't make sense based on these files.
|
Post #141,521
2/12/04 7:54:41 PM
|
My take on that:
Download that file (I called it W2Klist.txt) and do the following:
grep -c children W2Klist.txt
I get 63 lines that say:
*letter to children*.eml
or
*letter to the children*.eml
My guess is that these are notes reflecting changes that are to be propagated into user and external developer documentation. Arrogant notes at that.
Alex
The mind is not a vessel to be filled but a fire to be kindled. -- Plutarch
|
Post #141,520
2/12/04 7:47:57 PM
|
Checkout scumbag Didio!!!!
[link|http://www.internetnews.com/ent-news/article.php/3312451|http://www.internetn...ticle.php/3312451]
It's them evil open sourcers!!!!
|
Post #141,546
2/12/04 10:22:38 PM
|
[ ... ]
Oh christ not [link|http://twiki.iwethey.org/twiki/bin/view/Main/LauraDiDio|her again].
===
Implicitly condoning stupidity since 2001.
|
Post #141,574
2/13/04 6:45:26 AM
|
I remember when
I'd read an occasional column by her in one of
the rags. It was focused toward women in computing
and how to get ahead in a male dominated field.
She was so technically clueless that I knew the only
way she got ahead was via politics, not ability, and
was pushing a platform that would allow other women
to get ahead on the same basis.
Idiot.
|
Post #141,588
2/13/04 9:00:44 AM
|
Women get ahead in a male-dominated environment by
plying the oldest trade of them all. Politics. That's a new developement, that is.
--
"...and pronounce all four E's in the word 'shit'"
|
Post #141,569
2/13/04 4:33:53 AM
|
You misspelled "Didiot". HTH!
|
Post #141,617
2/13/04 11:43:49 AM
|
Re: Checkout scumbag Didio?????
I read the whole thing twice and see no place where Ms. DiDio accuses "open sourcers". Has the article been changed? There's enough legitimate reasons to criticize Ms. Sandy Reed II, it's not necessary to exaggerate.
[link|http://www.aaxnet.com|AAx]
|
Post #141,618
2/13/04 11:49:06 AM
|
They've changed the article...
There were three paras of quotes from her when I first read it. Now they've simply paraphrased her.
Regards,
-scott anderson
"Welcome to Rivendell, Mr. Anderson..."
|
Post #141,680
2/13/04 3:20:40 PM
|
Damn, knew I should have grabbed it for the twiki
===
Implicitly condoning stupidity since 2001.
|
Post #141,798
2/14/04 5:22:21 PM
|
Your wish is my command (Google cache!)
[link|http://216.239.37.104/search?q=cache:DccrkldmeqUJ:www.internetnews.com/ent-news/article.php/3312451+internetnews+didio+nt+leak&hl=en&ie=UTF-8|http://216.239.37.10...ak&hl=en&ie=UTF-8]
February 12, 2004
Windows Code-Leak Rumor Lights up 'Net
By Susan Kuchinskas and Michael Singer
Internet sites and relay channels are aflame over an item that hit a Windows rumor and tip site claiming that Windows 2000 and Windows NT source code was leaked and available on the Internet. NeoWin, a site that bills itself as "unprofessional journalism," reported the rumor late Thursday afternoon.
Apparently, according to the NeoWin posting, "two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT."
When asked to comment, Microsoft responded by e-mail that "the rumor regarding the availability of Windows source code is based on the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code. Microsoft is looking into this as a matter of due diligence."
IDC research director Al Gillen said too many questions remain unanswered at this point, such as whether the leak was all of the code or only part, which part and what form it was in when compromised. "That all has to be answered before you can even start to assess how serious it is for Microsoft," Gillen told internetnews.com He pointed out that the entire application contains some 40 million lines of code. "I don't think that someone is going to zip that up and send it around."
If code were leaked, there would be plenty of suspects, such as the more than 50 universities participating in the Microsoft Shared Source Initiative (SSI), which makes parts of the operating system code available to select developers.
Microsoft's SSI makes various portions of code available to academics and students in the hope that they might choose to work with it instead of or in addition to the open source Linux.
Conspiracy theories aside, there are two real threats to Microsoft if substantial code has been leaked, according to Yankee Group senior analyst Laura Didio: even worse security for Microsoft apps and bootleg copies of the software being passed around like bottles of Thunderbird wine.
Didio told internetnews.com that valid threats are on the increase because the people creating the attacks are more sophisticated -- and the technology is more available.
"Up until now it was more like the 70/30 rule, where 70 percent of the threats are bogus. Now it's more like 50/50," Didio said. "With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."
Didio also said the issue of bootleg copies of Windows NT or Windows 2000 pose another headache for the software industry in general if the code running around the Internet is in fact the full version of either platform.
"If it is the full version, anyone who got their hands on it would have their work cut out for them," Didio said. "Windows Server 2000 had 35 million lines of code. That is a lot to recompile, and it's certainly something to be concerned about. Pirated software impacts not only Microsoft but also all the other software vendors out there."
Even if the intercepted code were limited to the 100 million aggregate lines distributed as part of Microsoft's Shared Source program, Didio pointed out that that might be enough to modify and launch future attacks.
|
Post #141,807
2/14/04 7:29:42 PM
|
This would destroy her credibility . . .
. . if she had any left. She doesn't. She's Darl's whore.
[link|http://www.aaxnet.com|AAx]
|
Post #141,630
2/13/04 12:10:05 PM
|
This is telling
Other implications, according to online security experts, are that attackers may be able to more easily craft vulnerabilities and other attacks against Windows 2000 and Windows NT operating systems.
John Watters, CEO and chairman of network security firm iDEFENSE, said as a result of the leak, vulnerabilities will surface at a much faster rate.
From [link|http://www.internetnews.com/ent-news/article.php/3312451|http://www.internetn...ticle.php/3312451]
----------
Which makes me suspect this is intentional for force some upgrades from some "end of life"'d versions.
The tree of research must from time to time be refreshed with the blood of bean counters.
-- Alan Kay
|
Post #141,635
2/13/04 12:25:53 PM
|
XP's guts aren't that different form 2000 in user space
If that's the intent, then it's misguided.
--
"...and pronounce all four E's in the word 'shit'"
|
Post #141,638
2/13/04 12:30:51 PM
|
Highly dubious
The security holes found will often affect current versions as well. Which just means more (and worse) black eyes.
Unless, of course, the internal review caught most of the holes that crackers may find. Which is a possibility so remote that it would take a complete idiot to believe it.
I don't think that upper echelons of Microsoft management are that stupid. If they are, then the companies that they beat should hang their heads in shame. Not only did you lose to monopolistic bastards, you lost to incompetent monopolistic bastards.
Cheers,
Ben
"good ideas and bad code build communities, the other three combinations do not"
- [link|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html|Stefano Mazzocchi]
|
Post #141,645
2/13/04 12:47:16 PM
|
Re: This is telling
What exactly was leaked and what the hell difference does it make? People have the entire code for UNIX and it doesn't make a damn bit of difference for security. Is this just the usual crowd of idiots crowing, the same ones who buy and install garbageware?
-drl
|
Post #141,659
2/13/04 1:32:23 PM
|
Ross, you are completely wrong on this
Read [link|http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulousebook.pdf|http://www.ftp.cl.ca.../toulousebook.pdf] for an analysis of why open and closed systems are (to first order effect) equivalent when it comes to security. Read it carefully and note that while bugs are found and fixed in similar rates in both, the ease of finding bugs with source available means that the open system winds up being of higher overall quality.
To the extent that Microsoft makes the transition from being closed to open, its overall quality will improve. Unfortunately the transition is accompanied by people finding lots and lots of bugs, many of them readily exploitable.
If Microsoft code was open all along, its new-found openness would be a non-issue. But it isn't, it is crap internally, and the transition could be painful.
Cheers,
Ben
"good ideas and bad code build communities, the other three combinations do not"
- [link|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html|Stefano Mazzocchi]
|
Post #141,642
2/13/04 12:41:55 PM
|
I recall MS had 2million lines of code stolen
from an outside cracker. Since the all the code is 50 million lines Im not sure this listing is complete. Does anyone else remember in windows for workgroups clicking on share and then seeing all of the redmond c drives :-)?
thanx,
bill
and everywhere the great Curse of the New World, the American Child, in all its raucous, spoiled, undiciplined, selfish ghastliness, the female specimens keeping up an incessant high-pitched whine and the male infants racketing like cowpokes on payday. There's nothing wrong with grown Americans, by and large you wont find heartier men or bonnier women anywhere, but the only remedy I can see for the children is to run Herod for President.
Sir Harold Flashman esquire VC OBE
questions, help? [link|mailto:pappas@catholic.org|email pappas at catholic.org]
|
