Windows 2000/nt Code Leaked?
SkulkBait
Join Date: 2003-02-11 Member: 13423Members
Join Date: 2003-02-11 Member: 13423Members
<div class="IPBDescription">This wont end well...</div> As reported <a href='http://www.neowin.net/comments.php?id=17509&category=main' target='_blank'>here</a> and on slashdot:
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.
This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.
We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.
<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Now, I'm not one who usually places alot of faith in 'News' sites that have slogans like "Where unproffessional news looks better", but at first glance this does seem to be legit. Granted, I didn't do a whole lot of digging but there seem to be torrents available.
My personal take: This is really really bad. Not just because of the massive ammount of new viri and worms it will unleash, but also because I don't trust Microsoft not to use it to their advantage agains Open Source. Imagine the following scinereo:
ReactOS (an Open Source implimentation of NT) makes some improvements that boost its compatability by a huge ammount. MS pulls an SCO and claims they stole code. ReactOS's developers, facing a lawsuit they can't afford, bow to the legal pressure and shut down.
Yeah I know, "go back to your sunlight deprived cave you commie linux zealot". But just remember what happened to Bnetd, and blizzard's code hadn't even leaked!
Here are some more reputable news links:
<a href='http://www.eweek.com/article2/0,4149,1526390,00.asp' target='_blank'>http://www.eweek.com/article2/0,4149,1526390,00.asp</a>
<a href='http://zdnet.com.com/2100-1104_2-5158496.html' target='_blank'>http://zdnet.com.com/2100-1104_2-5158496.html</a>
<a href='http://www.internetnews.com/ent-news/article.php/3312451' target='_blank'>http://www.internetnews.com/ent-news/article.php/3312451</a>
And some more:
<a href='http://news.google.ie/news?num=25&hl=en&ie=UTF-8&oe=utf-8&q=microsoft+windows+source+code+leak&btnG=Search+News' target='_blank'>http://news.google.ie/news?num=25&hl=en&ie...tnG=Search+News</a>
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.
This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.
We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.
<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Now, I'm not one who usually places alot of faith in 'News' sites that have slogans like "Where unproffessional news looks better", but at first glance this does seem to be legit. Granted, I didn't do a whole lot of digging but there seem to be torrents available.
My personal take: This is really really bad. Not just because of the massive ammount of new viri and worms it will unleash, but also because I don't trust Microsoft not to use it to their advantage agains Open Source. Imagine the following scinereo:
ReactOS (an Open Source implimentation of NT) makes some improvements that boost its compatability by a huge ammount. MS pulls an SCO and claims they stole code. ReactOS's developers, facing a lawsuit they can't afford, bow to the legal pressure and shut down.
Yeah I know, "go back to your sunlight deprived cave you commie linux zealot". But just remember what happened to Bnetd, and blizzard's code hadn't even leaked!
Here are some more reputable news links:
<a href='http://www.eweek.com/article2/0,4149,1526390,00.asp' target='_blank'>http://www.eweek.com/article2/0,4149,1526390,00.asp</a>
<a href='http://zdnet.com.com/2100-1104_2-5158496.html' target='_blank'>http://zdnet.com.com/2100-1104_2-5158496.html</a>
<a href='http://www.internetnews.com/ent-news/article.php/3312451' target='_blank'>http://www.internetnews.com/ent-news/article.php/3312451</a>
And some more:
<a href='http://news.google.ie/news?num=25&hl=en&ie=UTF-8&oe=utf-8&q=microsoft+windows+source+code+leak&btnG=Search+News' target='_blank'>http://news.google.ie/news?num=25&hl=en&ie...tnG=Search+News</a>
This discussion has been closed.
Comments
On topic this is nothing but bad news. If this is for real then a new wave of virii and worms is going to be unleashed. I'd expect some rather major Windows update patches to be released shortly.
Sure they do, just ask Monse <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html//emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif' /><!--endemo-->
Any, its a bit different because Linux knows that its code is open, its designed with that in mind. MS on the otherhand lives in a closed-source world, and so there software may not be as able to cope with having its inner-most secrets revealed.
Why am I failing to see the bad side to this? It's not like this has the same ramifications as valve's code leakage because the operating system market isn't exactly as competitive as the gaming one...
EDIT: Hope Monse posts here, it's enjoyable watching him go for the throats of linux supporters everywhere at every possible opportunity.... I know it's not really a fair of him to pick on unarmed opponents but it's fun while it lasts.
Perhaps I'm a cynical bastage, but this is great news. Perhaps micro$haft will have to get their butts into gear and make decent, quality products that dont have gaping security holes and dont suck up CPU cycles unnecessarily.
I take it back. I'm not a cynical bastage after all. I'm a bloody optimist.
Wait what?... *looks around to assure he is in the right thread* Sorry, but the LinvsWin thread is over there *points*.
On topic this is nothing but bad news. If this is for real then a new wave of virii and worms is going to be unleashed. I'd expect some rather major Windows update patches to be released shortly. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
Sorry, but that's a bit harsh. Large companies like Microsoft are hacker-magnets like no other; it's just a bad side-effect of being high-profile. Their security might be 99.9999% airtight, but you let one person slip by, be it former employee or the janitor, and you have a huge problem on your hands. And there's still the possibility that it was leaked by a company who licensed the NT/2k sourcecode.
Cognitive dissonances/oxymorons in this post:<ul><li>Microsoft putting out a prompt patch</li><li>No 'real' damage, just because NT/2000 aren't the newest whatsit (MOST companies will stay on NT/2000 for a few more years rather than upgrading immediately)</li><li>2K and NT being stable OR secure</li></ul>
Of course, if you're into the black helicopters and wild conspiracies, you'll probably believe that MS engineered this leak to stop the 3rd party sharing. Especially pertinent given the recent upsurge in malware. But then those that believe this will probably have downloaded the alien autopsy video and believe it to be real regardless of whether you can see the mould joins on the alien.
Lets just wait and see before we all start using words like "shocking" and "devastating" and running round waving our arms in the air.
And I'll not be reading sites like Neowin if that's the quality of their reporting.
My understanding is this: Win2k is NT with DirectX. XP is Win2k with a teletubbies interface and a firewall. In less sarcastic terms, they're all close iterations of the same kernel.
And it really does depend on what has been leaked. Let's wait until someone reliable has actually seen the code. If it's on the web, I suspect someone here has seen it already ...
My understanding is this: Win2k is NT with DirectX. XP is Win2k with a teletubbies interface and a firewall. In less sarcastic terms, they're all close iterations of the same kernel. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
Well, your pretty close. 2000 is basically NT version 5 (in fact, it identifies itself as such somewhre, IIRC). And XP is basically 2000 with some kludgy support for 9x applications... and a teletubbies interface.
At least, thats what my limited knowledge in Windows leads me to believe. Monse or somebody will probably correct me later.
Yes, XP is NT 5.1 (more or less) NT, 2k and XP have much code in comon (see the last big exploit..)
Well....... we will see what happens.. some new exploits, perhaps some GPL code will be spotted in the source (it wouldnt surprise me).
But im on Linux, so, no worrys for me.
Hmm... wonder what would happen if someone in the open source camp did find GPL code. Would it be a catch 22 situation? If they reveal this information, they can hurt MS, however, by revealing that they do have this knowledge, they could be sued by MS for having their IP (the source codes).
<a href='http://www.theinquirer.net/?article=14126' target='_blank'>Windows NT, 2000 code leaked into wild - report </a>
<a href='http://www.theinquirer.net/?article=14129' target='_blank'>More attacks likely after Microsoft code leaks </a>
<a href='http://www.theinquirer.net/?article=14134' target='_blank'>Now Office XP SP3 software beta leaks</a>
<a href='http://www.theinquirer.net/?article=14135' target='_blank'>Microsoft stolen code "came from Mainsoft"</a>
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> <a href='http://www.microsoft.com/presspass/press/2004/Feb04/02-12windowssource.asp' target='_blank'>http://www.microsoft.com/presspass/press/2...ndowssource.asp</a>
Statement from Microsoft Regarding Illegal Posting of Windows Source Code
REDMOND, Wash., Feb. 12, 2004 -- On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. It’s illegal for third parties to post Microsoft source code, and we take such activity very seriously.
We are currently investigating these postings and are working with the appropriate law-enforcement authorities.
At this point it does not appear that this is the result of any breach of Microsoft’s corporate network or internal security.
At this time there is no known impact on customers. We will continue to monitor the situation. <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
And if all the Linux guys are right, having your source out there should mean absolutely nothing bad can happen, right? If it is going to cause a problem, then everything I've ever heard about the open source movement is wrong.
An important quote from the Register:
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->The weirdness here is that although Windows source code might be obscure, it's not exactly secret, nor has it ever been. Microsoft now does the shared source stuff, but it has been giving outside companies access for years. There are plenty of people out there who do know something about Windows source code, and under shared source deals plenty people can look at Windows source, but there's not a lot of point looking if you can't do anything much with the knowledge, and if you don't have a legal, development reason to look you're not exactly going to volunteer to do so. <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Source: <a href='http://theregister.com/content/4/35547.html' target='_blank'>http://theregister.com/content/4/35547.html</a> (much more reputable than the Inquirer, I might add, which is the news-equiv of the Slashdot forum trolls).
On topic this is nothing but bad news. If this is for real then a new wave of virii and worms is going to be unleashed. I'd expect some rather major Windows update patches to be released shortly. <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
And way to assume it was due to a security breach at MS. In other news, all arrested people are automatically guilty and there are no needs for investigations. <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html//emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif' /><!--endemo-->
Your virii point does not bear out in practice, otherwise Linux would have far more viruses than anyone.
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Any, its a bit different because Linux knows that its code is open, its designed with that in mind. MS on the otherhand lives in a closed-source world, and so there software may not be as able to cope with having its inner-most secrets revealed. <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Ehhh, speaking as an engineer and programmer, this certainly does not make the slightest sense. If anything, formerly closed code will be much harder to figure out, as it was not written with easy understanding of thousands of developers in mind, and more likely a core experienced code team. If only by human nature. That has been a long-running complaint of the linux faithful (although quite a hypocritical one, as they find ancient bugs in code that was too complex, cumbersome, or boring to bear much scrutiny - like a Kerberos authentication bug that allowed rooting a server and had been unchanged for almost 10 years).
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->My understanding is this: Win2k is NT with DirectX<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Your understanding is not correct.
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Well, your pretty close.<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
No, he is not. Here is your predicted correction. <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html//emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif' /><!--endemo-->
The Open Source 'camp' have their code available for viewing as they're fairly sure that it doesn't have GLARING security holes, which would be understood and brought to light by looking over the source. So it's more a matter of confidence in the code, as well as making it available if anyone does notice a flaw, for patching.
If this is only a portion of the code, there isn't much to worry about, really. Would a mechanic know how to build a prototype vehicle if he got the plans for the seats?
One potential risk is the development of new, hyper-advanced, almost undetectable rootkits. A few years ago, I had to deal with a Linux box which had been comprehensively hacked and was running various new kernel modules for hiding both processes (such as a password sniffer) and kernel modules themselves. The hidden stuff only betrayed itself by being not completely compatible with the kernel version - there were complaints in the logfiles about a t0rnsniff using deprecated IOCTLs. The diversity of Linux saves the day! <!--emo&;)--><img src='http://www.unknownworlds.com/forums/html//emoticons/wink.gif' border='0' style='vertical-align:middle' alt='wink.gif' /><!--endemo-->
While you could get some way from reverse-engineering the compiled Windows NT innards, some (helpfully commented) source code would be even better. It may be a few years old, but I doubt core functionality will have changed significantly since then. Imagine replacements for key system files which are so deeply ingrained into the operating system that opening, say, a DLL file for computing its checksum would divert a virus checker to a clean version, helpfully squirrelled away elsewhere in the filesystem. If you're in at such a low level, you can do anything you like. Only physically disconnecting the hard disk and scanning it on a safe machine, or analysing detailed logs of all network traffic (assuming it's talking over the network at all) would reveal what was going on.
So now, Windows has many of the disadvantages of being open source, but with none of the advantages. When should we expect the official source release? <!--emo&:)--><img src='http://www.unknownworlds.com/forums/html//emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /><!--endemo-->
Because it's of course impossible MS might want to keep it's code closed for proprietary reasons? It can only be a security conspiracy! Bah, complete opinion. Do you really think that the guys that wrote an entire OS that domainates the earth are completely incompetent and utterly inferior to the linux kernel devs? Wow, such amazing luck they had becoming so popular! It's all luck and evil! EVIL!!!
Fight the double-standard people. It makes the baby jesus cry.
That would imply that they were off said bandwagon at some point in history....
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->
If this is only a portion of the code, there isn't much to worry about, really. Would a mechanic know how to build a prototype vehicle if he got the plans for the seats?<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Microsoft (AFAIK) hasn't stated how big the leaked portion was. What if they got everything but the seats?
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin--> Well....... we will see what happens.. some new exploits, perhaps some GPL code will be spotted in the source (it wouldnt surprise me).<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
IIRC someone did find source that appeared to be from GZip (apparently in a folder called 'gzip') but was actually just Zlib. It would surprise me greatly if Windows source had GPL'd code in it, I just don't think Microsoft is stupid enough to do that.
Well...I don't know much about this industry, but as source codes are rather important, how else would a thief have obtained this information without a security breach at Microsoft? I mean, Valve clearly had a security breach when their source for Hl2 was stolen, even if that breach was simply in the mailing service they were using.
My point was that these source codes are pretty important things that companies invest a lot of time and money in developing and, in most cases, keeping secret. If they're leaking out, there are security flaws. If there weren't any security flaws or breaches then there wouldn't be stolen source code flying around the net and we'd all be playing HL2 <!--emo&:p--><img src='http://www.unknownworlds.com/forums/html//emoticons/tounge.gif' border='0' style='vertical-align:middle' alt='tounge.gif' /><!--endemo-->
EDIT: <!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Your virii point does not bear out in practice, otherwise Linux would have far more viruses than anyone.
<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
I wouldn't really say that's a just comparison. Firstly, Windows is targetted by a great number of hackers who seem to have a problem with Microsoft; take the recent MyDoom virus which specifically targets Windows. There are few hackers who want to target Linux, probably because they don't see any reason in doing so, plus they most likely use it themselves.
Secondly, Windows does have a pile of security flaws, as shown by Microsoft's continuing list of patches and updates that I download on a nigh weekly basis. If someone had the source code, could they not quite easily find much deeper security flaws and exploit them? I believe that much of the uproar over the HL2 source being leaked was that with such information new cheats could be written that would be almost impossible to detect. Linux however, from all accounts, is very secure (I'm glad I'm sitting behind a Linux firewall for example). It's source being on the internet probably doesn't matter because there are no deeper security flaws to expose; it's been developed so well with regards to security that it's almost immune to attack. At least that's what all the Linux fan-bois say <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html//emoticons/biggrin.gif' border='0' style='vertical-align:middle' alt='biggrin.gif' /><!--endemo-->
Because (as was posted earlier, forum rule violator) MS hands out the source code to Windows all the time to a variety of companies. Just not *everyone*.
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Firstly, Windows is targetted by a great number of hackers who seem to have a problem with Microsoft; take the recent MyDoom virus which specifically targets Windows. There are few hackers who want to target Linux, probably because they don't see any reason in doing so, plus they most likely use it themselves.
<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Fewer, not few. Go ask the Debian Linux guys, who had their software repository rooted by hackers.
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Secondly, Windows does have a pile of security flaws, as shown by Microsoft's continuing list of patches and updates that I download on a nigh weekly basis<!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
So do all OS's, which you are not using and thusly are ignorant of. All OS's have tons of patches, and all download on a weekly basis. ALL.
<!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>QUOTE</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->It's source being on the internet probably doesn't matter because there are no deeper security flaws to expose; it's been developed so well with regards to security that it's almost immune to attack. At least that's what all the Linux fan-bois say <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
They do, but they are wrong. As for Linux being immune to attack, that's utterly laughable - the same laughing applies to all OS's. You're just regurgitating the linux brochure here without having worked on it, Ryo, and it's looking a tad silly. You really should go read the entire Linux-windows thread before continuing, as you are waaaaayyyyyy out in left field.
Go back and read what I said here first though: Linux constantly says that to be secure, you must reveal your source. They say that MS is less secure because the source is closed. Hence, if the 2000 source were to be released and all the holes seen, it would thusly become more secure, according to the linux devout. Either way you slice it, the linux guys have nothing to add here without defeating the entire purpose of the open source movement.
And if you're behind a linux firewall and you have not been downloading patches every week just like MS, you're open to attack as we speak. <!--emo&;)--><img src='http://www.unknownworlds.com/forums/html//emoticons/wink.gif' border='0' style='vertical-align:middle' alt='wink.gif' /><!--endemo-->
Bottom line, when the topic gets networking and computer-related, come prepared to play ball and do your research. Nothing will make me flip out faster than ignorance.
Come to think of it, that's pretty much how I feel about all topics in here. Oh well. <!--emo&:D--><img src='http://www.unknownworlds.com/forums/html//emoticons/biggrin.gif' border='0' style='vertical-align:middle' alt='biggrin.gif' /><!--endemo-->
Well, i think the leak is something bad for linux. Projects like wine or samba will have a hard time now. They have to watch very good if there is some windows code that gets in theyr code, wich would be very good for windows