Microsoft follows Valve? (Win2K/NT Source Code Leaked)
Page 1 of 4 123 ... LastLast
Results 1 to 10 of 40

Thread: Microsoft follows Valve? (Win2K/NT Source Code Leaked)

  1. #1
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324

    Microsoft follows Valve?

    Sigh. MS is ending up an awful lot on the front page these days...

    http://neowin.net/comments.php?id=17509&category=main

    Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

    This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

    We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.
    *ouch*

    I wonder a) how true this is b) what kind of impact this might have on security (specifically Win2K, which is certainly better than NT) c) long term affect. I'm also curious as to how this happened.. perhaps the MSIE which was touted as being the most secure.. isn't as secure as claims make it out to be?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #2
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,528
    So, to precis this, the source code could be checked to find MORE exploits. And, of course, the repoter does NOT want to be sensationlist ???
    who knows, perhaps MsM has caught the nux of this, in that IE might , just possibly, not be as secure as they were saying. Would that mean someone is telling 'porkies' surely not,
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  3. #3
    wow,

    that can really cause some very serious ramifications in the computer security industry.

    however, on the other hand, people have the source code to *nix and you dont see many exploits. Yes, i know this is because not many use a *nix system and that *nix isn't as a big target as M$ is.

    and i'm with you MsM, i wonder how true this is.

  4. #4
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    It looks like MSM got her "Full disclosure". The leak at valve has proved to be devastating. The software in question is still not released after that incident. Is the delay related? I would think so. I guess to protect your source form rogue and trusted persons would be to strip search all the employees coming and going.

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Well, I did some searches on Google (using windows+source+code) and got reminded that MS did open it's source code to various sources (apparently) in an attempt to convince them to us Windows over Linux. If that did happen, what's prevents them (notably Asian-continent where pirating software is just as much a standard practise as here) from doing an "oopsie.. didn't mean to send it out" kind of error?

    P.S., I'm a big "Full Disclosure" fan after BugTraq's went heavily moderated.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    wow.. that thread over there is growing in "leaps and bounds"

    still, many there are doubting all this because Neowin hasn't posted any sources as to the legitimacy of the claim.. is it really the full source code ? or just pieces ?

    I still see nothing via google about this claim.. but it wouldn't surprise me if it were true.

  7. #7
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by TheTempest
    wow,

    that can really cause some very serious ramifications in the computer security industry.

    however, on the other hand, people have the source code to *nix and you dont see many exploits. Yes, i know this is because not many use a *nix system and that *nix isn't as a big target as M$ is.

    and i'm with you MsM, i wonder how true this is.
    I'm going to have to disagree with you on this one. I remember someone once posted stats here and there are more *nix exploits than their are MS exploits, the MS exploits are just more publicised.

    However it will be interesting to see if it's true. I'd also be interesting to see the code. I guess only time will tell.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  8. #8
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    if neowin was just looking to gain a bit of attention, he's got it.. his server is overloaded..

    The server is too busy at the moment. Please try again later

  9. #9
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Gawd Full Disclosure is fun... http://amo.net/NT/01-20-03MSFT.html

    From January 20, 2003
    Having the ability to see and modify source code in an operating system gives governments the ability to not only control how the system runs, but gives an added security sense for using it on highly sensitive computer systems or networks with top secret data. For instance, if the government body locates code they find is a security risk, they can pull it out and recompile the Windows Platform without it.

    Obviously, with the more governments signing on to the Microsofts' Government Security Program, there is a higher probability that one government will have the source code leaked to the general public. If the code is leaked in an unencrypted form, it is possible there will be thousands and potentially millions of "customized" Windows platforms running worldwide.

    The total size of the source code package given to Russia represents approximately 30 million lines of computer code language.
    [/edit]

    More sources: WinBeta Forums
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  10. #10
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    still.. nothing said at winbeta can really confirm it.. chatter could be just that.. chatter.

    this one person at neowin's place posted his supposed index of the source..

    you can't see the post as neowin's place is still overloaded but here's the link.

    http://home.hccnet.nl/pacjack/src/INDEX

    edit: damn.. that link is dead now.. shoulda saved the contents.

    it was only a directory listing.. not the source code itself.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •