Yesterday morning, one of my Microsoft contacts popped open an Instant Messaging (IM) window and asked me whether I'd seen something he discovered online. He then showed me part of the Windows 2000 source code called WINVER.C, which was dated March 8, 1989. Within minutes, I was examining this and other source-code snippets, including one Windows NT architect David Cutler wrote. Within hours, the word was out: Partial source-code listings for Win2K and NT 4.0--the crown jewels of software code that are used to assemble those OSs into actual working software--had been leaked to the Internet. The IT world was suddenly abuzz with the potential ramifications of the leak. Microsoft finally acknowledged the leak. "On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet," the company wrote in a statement issued late yesterday. "It's illegal for third parties to post Microsoft source code, and we take such activity very seriously. We are currently investigating these postings and are working with the appropriate law enforcement authorities. At this point it does not appear that this is the result of any breach of Microsoft’s corporate network or internal security. At this time there is no known impact on customers. We will continue to monitor the situation." The Win2K portion of the source code is almost 700MB and includes more than 30,000 files but is reportedly just part of the code a person would need to assemble the bits into a working OS, assuming that person could also somehow conjure up the appropriate build procedure. (Microsoft says that the 30,000 files that have leaked are about 15 percent of the full source code.) And although the buzz about this leak will be huge for a few days, just about everyone should realize that the leak was inevitable. In recent years, Microsoft has opened its source code to educators, governments, and IT professionals in a bid to remove any latent fears about the company hiding suspicious functionality in its proprietary systems. Furthermore, experts who have already viewed the source code say that much of it appears to be code for Microsoft Paint, the free imaging application that ships in various Windows versions.
End of Article
C'mon! Experts say it's MS Paint?! Does anyone actually think that the source for MS Paint took up 660 MB? Or that Microsoft actually cares a whit if the source code for MS Paint leaks into the wild? Or that MS Paint is what governments and security professionals have had MS share with them?!
Avi Burstein February 13, 2004
Thanks god is not the whole code! :S
Daniel R. H. February 13, 2004
this:
"Microsoft says it's about 15 percent of the full source code."
followed by:
"experts who have already viewed the source code say that much of it appears to be for Microsoft Paint"
I had no idea that Paint was such a large part of windows.
Editor's note: It says "much of it," not "most of it" or "all of it." --Paul
Mark February 13, 2004
Well, it was bound to happen sometime. Just hope it doesn't affect the security and privacy for Win2K and XP. 'specially since most people use paint to draw and doodle. We'll see how it turns out in the future i guess.
Bruce Felt February 13, 2004
I've been reading online that mainsoft inc.(the company partly responsible for IE on the Uniz platform) could be the ones responsible for the source code leak.. If so they're in some deep ka-ka to say the least
JB February 13, 2004
Hi Paul
What I saw on the internet after a google search that it is much more than just the code of Paint. If the list I saw on the website is valid the compleet public and private library is out there and as far as I could see it includes the make files, headers files and .c files.
I found a listing on:
http://heim.ifi.uio.no/~mortehu/files.txt
but it has been taken out today. If it is valid Microsoft has a serious problem.
Regards Roger
Roger February 14, 2004
Once they started sharing it [ the source code ] with various governments and with universities they pretty much let the cat out of the bag no matter what they had people sign. Something like this was pretty much inevitable.
Furthermore, it is very likely, after showing various governments the Windows source, like Russia's for instance - the bastion of "let's copy America's stuff", that the cat was put well and truly out of the bag never to return.
'Sleuths' say it was a leak from one particular firm, but IMO the true culprit of the source code leak is Microsoft itself. Microsoft has already leaked it .. to Russia, China, Taiwan, Angola, Burma, Canada, Germany, Iraq, Iran, Yemen, Saudi Arabia, Ipistan, Applestan, Win32Terroristan whoever ..
Just my opinion. Stephen Remove the .Blue to email me.
Stephen February 14, 2004
Although some fear that this relatively widespread release of the source will result in more security issues for Microsoft (if that is possible) I'm hoping that the more responsible members of the user community will take this chance to fix the numerous security bugs that Microsoft doesn't have the time, resources or motivation to fix.
Sounds like Microsoft may unintentionally realize the superior security of operating systems like Mac OS X, which has benefited from a strong Open Source core via Darwin. Don't worry, x86 users, you can also experience Darwin goodness! Get more info at:
http://developer.apple.com/darwin/
John F. Braun February 15, 2004
Its the information I needed and hope u will mail me more details. Thanking You
Madhavan February 15, 2004
Arr. Pity Microsoft. Other organisations have their code publically viewable, and strangely enough they don't whine about it. It isn't a heck of a lot of code either, and you can't compile it so you can't verify what it does. If Microsoft are worried about this then they must be really worried about the security of Windows.
It isn't really big news at all, but considering that it has hit the headlines on the TV, radio and in newspapapers this seems to be an effort to get publicity of some kind. Unfortunately it only makes Microsoft look incompetent.
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
While Microsoft is still investigating a notebook battery life issue that was supposedly caused by Windows 7, some interesting trends have emerged. ...
Microsoft on Monday issued a lengthy statement about the recent Windows 7 battery controversy, echoing my assessment from earlier in the day, but backing it up with hard, cold evidence. Put simply, Windows 7 is not responsible for any battery life issues ...
Should Your Email Live in the Cloud? This Forrester report shows how-to calculate your on-premise email costs and compare with cloud-based alternatives and offers best practices for reducing email costs.
New from Left-Brain.com - Manage VMware with PowerShell Learn how to perform everything from simple ad-hoc reporting at the command-line to complex scripts that automate a massive deployment of hundreds of virtual machines. Solve your old problems using less code than you thought possible!
Register
Avi Burstein February 13, 2004