Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

Windows 2000 & Windows NT 4 Source Code Leaks

Comments Filter:
  • by momerath2003 (606823) * on Thursday February 12, 2004 @04:43PM (#8262304) Journal
    "The server is too busy at the moment. Please try again later."

    Later isn't going to work, since the server was down even before it hit the Slashdot front page. I empathize with their server.

    I did, however, managed to grab the news blurb (but not the, at that point, 214 comments) from the intermittent front page:

    Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.


    This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

    We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.

    Please do not post any links/screenshots/hints or anything to do with the source code outbreak. Discussion is allowed but we will not condone people spreading this source code.


    Torrent, anyone? ;) (not like I would have any reason to want to have several lines of bug-infested code, as who knows to where the bugs might spread in my system)
  • by mpost4 (115369) * on Thursday February 12, 2004 @04:43PM (#8262305) Homepage Journal
    so here is the story

    Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

    This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

    We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.

    Please do not post any links/screenshots/hints or anything to do with the source code outbreak. Discussion is allowed but we will not condone people spreading this source code.
  • Mirror With Comments (Score:5, Informative)

    by RPoet (20693) on Thursday February 12, 2004 @04:46PM (#8262386) Journal
    Mirror with comments [student.uib.no].

    Hope it's all just a bluff.
  • by rritterson (588983) * on Thursday February 12, 2004 @04:48PM (#8262424)
    While you may not have heard of Neowin before, they are actually quite well known and are often placed in those '100 essential sites' lists.

    They focus primarily on windows tech, and have a knack for breaking stories about Windows- leaked builds of future versions, beta builds of service packs, etc. Whoever runs the site is well connected in Microsoft.
  • by momerath2003 (606823) * on Thursday February 12, 2004 @04:48PM (#8262426) Journal
    Also, someone on the comments posted an alleged 2.3 MB list of the files leaked [ifi.uio.no] as well (contains no source).

    It's allegedly from the file "windows_2000_source_code.zip."

    (Who knows if it's real, as it's too early to tell, probably)
  • by City_Idiot (715795) * on Thursday February 12, 2004 @04:49PM (#8262439)
    http://heim.ifi.uio.no/~mortehu/files.txt I'll wait till i can download it into a lab
  • Question is.. (Score:2, Informative)

    by DaLiNKz (557579) * on Thursday February 12, 2004 @04:49PM (#8262441) Homepage Journal
    I'm sure many of us want to pick at the code, but is it really worth it at the moment? Now that so many news orgs have made it well known, wouldn't it be fairly dangerous to try to grab a copy in the next comming hours? I mean, this must piss both MS and the US Gov off. ...with that said.. cant some troll be useful and..
  • by y0bhgu0d (168149) on Thursday February 12, 2004 @04:49PM (#8262456)
    Neowin is one of the pillars of the beta scene... they normally have news on leaked betas/previews/etc...
  • Download it HERE (Score:1, Informative)

    by dark-br (473115) on Thursday February 12, 2004 @04:50PM (#8262475) Homepage
    Here [canaljuizdefora.com.br] in the Download section...

  • by BrianCarlstrom (717058) on Thursday February 12, 2004 @04:57PM (#8262626) Homepage
    Second point: The odds of getting one's hands on the full source to NT4/2K are slim to none--even most Microsoft folks couldn't do that. The code is probably scattered across multiple servers in Redmond, for starters, and you'd only be given access to the parts you needed to work with.

    Microsoft gave a talk at usenix: Windows A Software Engineering Odyssey [usenix.org]

    This slide [usenix.org] indicates the full source is 50gb and took a week to setup and 2 hours a day to update.

    That implies to me that people could have the whole source but it would huge.

    Slide 24 talks about their new perforce [perforce.com] based system that only takes 3 hours to setup and 5 minutes to update.

  • by BaronAaron (658646) on Thursday February 12, 2004 @04:59PM (#8262666)
    Well that doesn't really look like the entire code listing for Windows 2000... Even if it's legit....

    This was interesting...

    win2k/private/shell/shdocvw/

    If it's real.. then someone has a good portion of the rendering engine behind IE....

    Hmmmm.....

    Also

    win2k/private/shell/explorer/

    Looks like there is the shell for windows also...

    I don't see any kernel level stuff though...

    Just a quick analysis though..

  • by ctr2sprt (574731) on Thursday February 12, 2004 @05:00PM (#8262676)
    Could this potentially help the WINE Project?
    No. If the Wine folks look at the actual Windows source code, they aren't reverse engineering any more, they're copying, which is illegal. Even copying from memory and not wholesale code lifting can be against the law. If even one person were to do it, it might taint the entire project, undoing years of work. I very much hope that no MS-copyrighted code ever finds its way into an open source project, both for practical reasons like the above and for moral ones. The same copyright that keeps Windows secret keeps Microsoft (and others) from just stealing GPL'ed projects.
  • by cethiesus (164785) <cethiesus@yaho o . c om> on Thursday February 12, 2004 @05:04PM (#8262748) Homepage Journal
    Partial mirror if you just want to see the general idea of it (still 950k worth of text):

    files.txt [bu.edu]
  • by Morten Hustveit (722349) on Thursday February 12, 2004 @05:05PM (#8262776) Homepage Journal
    http://folk.uio.no/mortehu/files.txt [folk.uio.no] is a much faster server.
  • by Anonymous Coward on Thursday February 12, 2004 @05:06PM (#8262800)
    http://www.windowsbeta.net/ is carrying the story (not slashdotted yet) and has a snippet from TaskManager up to prove validity.
  • by enosys (705759) on Thursday February 12, 2004 @05:07PM (#8262816) Homepage
    The files listed in win2k/private/ntos/ appear to be kernel stuff. Yes, even asm files in there.
  • Re:MOD PARENT UP (Score:3, Informative)

    by ArsonSmith (13997) on Thursday February 12, 2004 @05:09PM (#8262852) Journal
    google for litestep there are other explore.exe shell replacements that will change your windows desktop to other things. I haven't used them in years Win98 was the last time I used windows but give at a look.

  • Compressed mirror (Score:3, Informative)

    by delta407 (518868) <slashdot@nOSPAM.lerfjhax.com> on Thursday February 12, 2004 @05:09PM (#8262853) Homepage
    That's a 3 MB text file. Mirrored as:
    There ya go.
  • by Anonymous Coward on Thursday February 12, 2004 @05:10PM (#8262868)
    files.txt [ed2k]

    and since Slashcode mangles ed2k-links: here for copy&paste (remove any spaces)

    ed2k://|file|files.txt|2390731|959770f9507c332f268 91cade243c126|

    Oh and BTW, this is just a LIST of files, not the sourcecode itself. So don't get cocky about copyrights.
  • Mirror (Score:3, Informative)

    by jeroenvw (566364) <<ln.raalefflow> <ta> <neorej>> on Thursday February 12, 2004 @05:12PM (#8262913) Homepage
    mirror [wolffelaar.nl]
  • by MenTaLguY (5483) on Thursday February 12, 2004 @05:14PM (#8262942) Homepage

    that's like saying the beatles can sue every musician who ever listened to them for copyright infringement

    I personally think it's a bad analogy, but even that isn't as far-fetched as you might think.

    George Harrison (of Beatles fame) was succesfully sued for _subconsciously_ ripping off the song "He's So Fine" (in "My Sweet Lord"). See here [benedict.com] for more details.

    So, no, I don't think worrying about IP contamination from looking at Windows source code is paranoid at all.

  • by FunkyOldD (633953) on Thursday February 12, 2004 @05:15PM (#8262954)
    So we'll finally get to see NTFS driver that can write to the partition... SAMBA will be fully compatible with Active directory...
  • Re:So... (Score:2, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @05:16PM (#8262972)
    I've had some luck. It looks like a bunch of header files are omitted that are included with Visual Studio 6 and 5, and making all the empty directories it expects for the build is hellish.

    The biggest hurdle to get over was figuring out that each directory needed to be its own library, and you had to turn on PASCAL calling methods by default in Visual Studio's C preferences for all the directories not named "private"

    I found mine at http://www.skittlebrau.org/ring0_src.tar.bz2.torre nt but I don't know if that's still up.

  • by tepples (727027) <tepples@[ ]il.com ['gma' in gap]> on Thursday February 12, 2004 @05:17PM (#8262982) Homepage Journal

    As long as you do not copy the code verbatim you are not in violation of copyright law.

    Copying of nonliteral elements is actionable infringement. That's why many reverse engineering firms have two separate teams: one to describe a piece of copyrighted code and another to implement it.

    In any event, it is a myth that, simply by looking at, or even studying, one set of code one is somehow "tainted" and unable to contribute to another, competing project, be it free or proprietary. To violate copyright law one must copy, not just receive inspiration from.

    Try telling that to the estate of George Harrison, who lost in Bright Tunes v. Harrisongs. It's possible to copy without knowing you're copying, and it's still infringement.

  • by CaptBubba (696284) on Thursday February 12, 2004 @05:18PM (#8263004)
    Windows XP is based on the Win2k kernel IIRC. Assuming that code is part of what got leaked everything after Windows ME could be in for a world of hurt.
  • by Anonymous Coward on Thursday February 12, 2004 @05:20PM (#8263032)
    Sysinternals [sysinternals.com] has the layout of the XP source based on information in the checked builds. (Yes, it runs very slow)
  • Re:That is a MYTH (Score:5, Informative)

    by AKAImBatman (238306) <akaimbatman AT gmail DOT com> on Thursday February 12, 2004 @05:21PM (#8263053) Homepage Journal
    The idea of being "tainted" is actually from licenses that have "trade secret" clauses. Once you sign a license like that, you *are* tainted. That being said, it's a very difficult clause to enforce. Contracts that prevent someone from working in the field for which they are educated and experienced have often been found unenforceable by courts.

    (IANAL and this is not legal advice. Go talk to PJ. At least she's a paralegal.)

  • by justsomebody (525308) on Thursday February 12, 2004 @05:23PM (#8263085) Journal
    Agreed, but you forget one thing about size. Source code has very good compression ration. Almost every time ratio is 10:1 or more which would mean 1-5 GB, and considering Fedora dvd image i'm downloading right now 3.7GB, well nothing special about the size.
  • Re:ReactOS (Score:3, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @05:23PM (#8263093)
    No, I think this is actually bad for us. We now have to be even more careful about who we accept code from.

    Ge van Geldorp
    ReactOS developer
  • Code leaks not new (Score:5, Informative)

    by Jim Hall (2985) on Thursday February 12, 2004 @05:27PM (#8263147) Homepage

    Code leaks from Microsoft are not new. Check this article [cioupdate.com] at CIO Update about a code leak a year ago: (emphasis mine)

    Microsoft Corp. said it is tracing a key piece of code from its Windows Server 2003 software that was leaked onto the Internet, triggering concerns about piracy problems ahead of the company's scheduled product release later this month. The volume-licensing key in question allows for unlimited installations of Microsoft's Windows Server 2003 server operating system, the next upgrade from Windows NT that is slated for release on April 24.

    However, this seems only to be a partial leak, not comparable to this complete (if it's real) source code leak.

  • by Anonymous Coward on Thursday February 12, 2004 @05:28PM (#8263172)
    Most if not all valid NTRK tools.
  • by AHumbleOpinion (546848) on Thursday February 12, 2004 @05:33PM (#8263229) Homepage
    We have all heard the story of it being towed back to port.

    Many have heard the story, few have heard the truth. After all the early speculation (termed used by publisher who broke the story and later distanced themselves from it) by shoreside Unix advocates someone eventually talked to the Chief Engineer on board at the time and the software developer who wrote the code. They said it was not WinNT. If the OS had been Linux the ship would have been just as dead in the water. A naive server app corrupted it's own database and naive client apps (the infamous "LAN consoles" that crashed) needed that database to function properly and to operate equipment. In any case:

    http://www.sciam.com/1998/1198issue/1198techbus2.h tml

    "Others insist that NT was not the culprit. According to Lieutenant Commander Roderick Fraser, who was the chief engineer on board the ship at the time of the incident, the fault was with certain applications that were developed by CAE Electronics in Leesburg, Va. As Harvey McKelvey, former director of navy programs for CAE, admits, "If you want to put a stick in anybody's eye, it should be in ours." But McKelvey adds that the crash would not have happened if the navy had been using a production version of the CAE software, which he asserts has safeguards to prevent the type of failure that occurred."
  • Re:ed2k link? (Score:1, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @05:33PM (#8263237)
    No, you want the 1.09 GB file from e2dk.

    ed2k://|file|Windows_2000_Source_Code[NeoWin.Net ]. rar|1167616724|C60BD616078CE954AC05C7C7B94C0C2B|/

  • Re:That is a MYTH (Score:5, Informative)

    by SquarePants (580774) on Thursday February 12, 2004 @05:34PM (#8263244)
    IAAL. What you are saying is simply not true. Even if you don't copy verbatim you can be guilty of copyright infringement if you create a "derivative work" from copyrighted material. MS would probably argue that your "perusal" of their code and subsequent creation of a work based on such "perusal" would constitute creation of a derivative work. Its done all the time since only a complete moron would copy source code verbatim.

    Also, because the act of copying is incredibly hard to prove unless you are dealing with a complete moron, it is not necessary under the law today for a copyright plaintiff to actually prove the act of "copying." Generally speaking, it is sufficient for them to prove "access" to the copyrighted work and "substantial similarity" between the two works. There is tons of case law on this stuff.
  • by erikdotla (609033) on Thursday February 12, 2004 @05:35PM (#8263253)
    These don't look suspicious. They look like part of the Windows Resource Kit or Windows PowerToys. I remember reading that these were tools that Microsoft had wanted to get into the core OS, but for whatever reason didn't make it (no GUIs, etc.) However, they wanted to.

    The fact that these are in an alpha folder supports the idea that they were trying to get these in, and simply didn't. These probably never got built.

    The apache_install.eml is odd. However, elsewhere in the filelist are many .eml files. It appears that developers would dump an email they got from someone in the directory where things were built. Probably some primitive way of communicating stuff about that folder to anyone looking inside it.

    That's just that. But I'm still strongly leaning toward "hoax" myself. The filelist may even be legit, but that may be all there is.

    I think it's great that the world, and Microsoft, will be publicly discussing and simply thinking about the ramifications of a windows source leak.
  • by smoking2000 (611012) <linuxmindedNO@SPAMgmail.com> on Thursday February 12, 2004 @05:36PM (#8263263)
    According to the filesizes on the webpage the total bytesize = 1974344667 (1255.2545337677 MB)

    And has 4411 files of 0 bytes long ...

    Maybe it's real, maybe it's not

    Russian gov. gets full src windows http://amo.net/NT/01-20-03MSFT.html
  • by say (191220) <sigve@@@wolfraidah...no> on Thursday February 12, 2004 @05:38PM (#8263306) Homepage
    It is some asm, in the kernel code.
    Then there is a lot of c++.
    Most of it is c.

    Some other files exists, i dunno what they are.. .prf and .mib and friends.
  • by Anonymous Coward on Thursday February 12, 2004 @05:41PM (#8263339)
    The files.txt [lerfjhax.com] that was posted everywhere reads a sum of 658,114,889 bytes.
  • by pjrc (134994) <paul@pjrc.com> on Thursday February 12, 2004 @05:41PM (#8263346) Homepage Journal
    Link "litigious bastards" to www.sco.com on your webpage!

    Or better yet, update your link and sig to www.thescogroup.com, the litigious bastards [thescogroup.com].

  • Another link (Score:2, Informative)

    by cb8100 (682693) on Thursday February 12, 2004 @05:42PM (#8263355)
    I can't vouch for the reputation of the site (I've never come across it), but at the moment this is the only other site that appears to have any report on the source leak:

    http://itvibe.com/default.aspx?NewsID=1283

  • Re:MOD PARENT UP (Score:5, Informative)

    by svallarian (43156) <svallarianNO@SPAMhotmail.com> on Thursday February 12, 2004 @05:46PM (#8263411)
    Doesn't tweakUI have an option in it that gives you X-style window options?

    Steven V.
  • Re:That is a MYTH (Score:4, Informative)

    by Bootsy Collins (549938) on Thursday February 12, 2004 @05:46PM (#8263418)

    Correcting myself . . .

    > from what I understand copyright restricts the act
    > of copying (duplicating). You can study someone's
    > implimentation of something as much as you like,
    > then go impliment something similiar yourself.
    > As long as you do not copy the code verbatim
    > you are not in violation of copyright law.

    What you're saying about copyright is correct;

    [ snip ]

    No, it isn't, and I don't know why I said it was. Too much crack today or something. The law on derivative works would make this not true, at least according to my understanding of Brad Templeton's 10 Big Myths about copyright [templetons.com].

  • by Anonymous Coward on Thursday February 12, 2004 @05:50PM (#8263473)
    Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

    This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

    We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.

    Please do not post any links/screenshots/hints or anything to do with the source code outbreak. Discussion is allowed but we will not condone people spreading this source code.

    (The rest is just the comments, you know, crap like you get on /.)

  • by raodin (708903) on Thursday February 12, 2004 @06:01PM (#8263686)
    I don't know about mips, but there were alpha/ppc builds of NT4.. this is probably just left over.
  • by Anonymous Coward on Thursday February 12, 2004 @06:04PM (#8263732)
    Re-read that quote; he's not denying anything about leaked source, he's denying that there have been any intrusions into Microsoft's software sources themselves. Not the same thing at all.

    He's saying that the leaked code is the same as the code in their version control system ;-).
  • Re:SHORT THE STOCK? (Score:5, Informative)

    by mbshafer (751878) on Thursday February 12, 2004 @06:07PM (#8263783)
    To note if the leak is true and the stock gets pounded it's unlikely one would get the opportunity to short the stock. Ref SEC rule 10a-1 (aka "Uptick Rule). For Reference: http://www.forbes.com/2001/10/04/1004short.html But bottom fishing would certainly be in order. Question of course is where is the bottom when a stock takes a hit? :) Cheers!
  • by SquarePants (580774) on Thursday February 12, 2004 @06:08PM (#8263792)
    You raise a good point. The devil is in the details. Whether a work is a derivative is a factual question which generally only a jury should decide. But I will indulge you.

    17 USC 101 [cornell.edu] defines a derivative work as:
    "a work based upon one or more preexisting works, such as a translation, musical arrangement, dramatization, fictionalization, motion picture version, sound recording, art reproduction, abridgment, condensation, or any other form in which a work may be recast, transformed, or adapted. A work consisting of editorial revisions, annotations, elaborations, or other modifications which, as a whole, represent an original work of authorship, is a 'derivative work'."

    That really cleared things up, didn't it?

    But seriously, my point was that what the parent was stating as an absolute is actually untrue. You can be guilty of copyright infringement even if you dont "copy."
  • Re:ed2k link? (Score:1, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @06:09PM (#8263807)
    No, you want the 1.09 GB file from e2dk.


    ed2k://|file|Windows_2000_Source_Code[NeoWin.Net ]. rar|1167616724|C60BD616078CE954AC05C7C7B94C0C2B|/



    on bytedevils.net/?88

  • by ironfrost (674081) on Thursday February 12, 2004 @06:12PM (#8263841) Homepage Journal
    Oops! You're right, of course. How embarassing.

    Although, reading it again, I don't agree that "He's saying that the leaked code is the same as the code in their version control system". He's just saying that Microsoft's own copy hasn't been tampered with.
  • by blorg (726186) on Thursday February 12, 2004 @06:25PM (#8263989)
    ...when hackers broke into Microsoft's corporate network [bbc.co.uk]. Google [google.ie] is your friend.
  • Re:That is a MYTH (Score:3, Informative)

    by pclminion (145572) on Thursday February 12, 2004 @06:26PM (#8264000)
    What you're saying about copyright is correct; but that probably isn't what MS would come after you (and your open source project) for. It'd be patent and trade secret violations.

    There's no such thing as a "trade secret violation" unless you are bound by an NDA. If the source is leaked and people not under NDA see it, the jig is up -- your trade "secret" is fucked.

    That's the different between patents and trade secrets. With a patent, you must publish details of the invention publicly, but you have an exclusive right to license the use of that invention. With a trade secret, you have no legal protection against other people using it, but you don't disclose it publicly.

    It's kind of like security through obscurity. With a patent you rely on force of law. With a trade secret you rely on people keeping their mouths shut. You might manage to keep it under wraps for years, but once it's out, you are fucked. Even if the person who leaked it was under NDA, the only recourse you have is against that particular individual. Your secret is still out, and suing the hell out of someone won't change that.

  • Re:SHORT THE STOCK? (Score:5, Informative)

    by noisehole (300584) on Thursday February 12, 2004 @06:40PM (#8264135)
    found a torrent: ed2k://|file|windows_2000_source_code.zip.torrent| 16496|5506C49CCCA12204BAB6FE960CE5602C|/

    btshowmetainfo.py windows_2000_source_code.zip.torrent
    btshowmetain fo 20021207 - decode BitTorrent metainfo files

    metainfo file.: windows_2000_source_code.zip.torrent
    info hash.....: f03fc1e04869294d5644d3c8c5d0fb8f2d26aa59
    file name.....: windows_2000_source_code.zip
    file size.....: 213748207 (815 * 262144 + 100847)
    announce url..: http://alge.nlc.no:6969/announce

    maybe its that thing, atm 23 seeders, 239 downloading and it was created on 2/12/2004 11:16:13 PM, so looks good so far

    knock yourself out
  • by RancidBeef (412397) on Thursday February 12, 2004 @06:41PM (#8264142) Homepage
    Because Microsoft depends on "security through obscurity". Now the holes are allegedly there for the world to see.
  • by cps42 (102752) on Thursday February 12, 2004 @06:42PM (#8264149) Homepage
    Windows Update clients are hardly secure if you happen to modify the registry [experts-exchange.com] of the client system to use a differenet "WindowsUpdate" server...
  • Re:MOD PARENT UP (Score:3, Informative)

    by orthogonal (588627) on Thursday February 12, 2004 @06:58PM (#8264314) Journal
    I thought Litestep just replaces the shell (ie explorer.exe). Is there any way I can change the click-to-front behavior of Windows to use the Amigas (or WindowLabs) click-to-focus but not click-to-front model.

    TxMouse can almost do this. Its default settings are focus on hover but not bring to front; bring to front is accomplished by clicking on the window decoration (titlebar).

    TxMouse can also be set to autoraise after a settable delay.

    TxMouse can emulate an X-Windows mouse including copy-on-select and paste-with-third-button.

    It works a bit better than the PowerToys version too; the PowerToys one regularly screwed up one app (Microspell) when that app was activated by hotkey. TxMouse doesn't screw it up.

    On the assumption that a lot of you will want this, I'm going to go into some gory details not included in TxMouse's documentation now. If you have no desire to use TxMouse, you can skip the rest of this post in good conscience; I promise you won't be missing any anti-Ashcroft zingers.

    TxMouse also changes the mouse cursor change when select is copying, and allows you to turn off copying by pressing the third button.

    On my mouse, turning off copying doesn't work with the middle button, as the middle button gets physically trapped down until the left button is released. TxMouse allows you to set it up so that the right mouse button does all the work the middle would normally do, for people with two-button mice, but a better solution to my problem was to re-assign middle to right and right to middle in the Microsoft Intellimouse driver. So now the middle button drop down context menus, and the right button pastes, except in the browser, where the right works as a "back" button.

    The TxMouse mouse cursor that indicates text is being copied does not show up if the "Link Select" cursor is the default (the pointing finger); in that case the copy indicator is the "Handwriting" cursor. So you can customize what shows up on copy if you don't customize "Link Select", and vice-versa.

    TxMoue is free but not open source (which sucks, as I'd like to modify it -- any pointers to source for MS_Windows Mouse drivers is appreciated so I can replicate it), and can be found here [chalmers.se]. Get it while Ashcroft still lets you connect web sites in socialist Sweden.
  • Re:it's true (Score:5, Informative)

    by mmp (121767) on Thursday February 12, 2004 @06:59PM (#8264342) Homepage
    You remember incorrectly. That looks like zlib (which gzip is based on). zlib's license is very flexible:

    http://www.gzip.org/zlib/zlib_license.html [gzip.org]

    /* zlib.h -- interface of the 'zlib' general purpose compression library
    version 1.2.1, November 17th, 2003

    Copyright (C) 1995-2003 Jean-loup Gailly and Mark Adler

    This software is provided 'as-is', without any express or implied
    warranty. In no event will the authors be held liable for any damages
    arising from the use of this software.

    Permission is granted to anyone to use this software for any purpose,
    including commercial applications, and to alter it and redistribute it
    freely, subject to the following restrictions:

    1. The origin of this software must not be misrepresented; you must not
    claim that you wrote the original software. If you use this software
    in a product, an acknowledgment in the product documentation would be
    appreciated but is not required.
    2. Altered source versions must be plainly marked as such, and must not be
    misrepresented as being the original software.
    3. This notice may not be removed or altered from any source distribution.

    Jean-loup Gailly jloup@gzip.org
    Mark Adler madler@alumni.caltech.edu

    */
  • Re:it's true (Score:2, Informative)

    by DrPizza (558687) on Thursday February 12, 2004 @07:08PM (#8264422) Homepage
    gzip is the name of the compression format (RFC 1952) as well as the utility often used to create files using that format; as such a rewritten version is quite possible, and it wouldn't be surprising to find that the rewritten version is named something such as "gzip". And the zlib compression library itself (unlike the utility) isn't GPLed, in any case. It uses a sensible license instead. A cursory glance doesn't suggest that any of those files are from either project, however. elsewhere
  • by sICE (92132) on Thursday February 12, 2004 @07:14PM (#8264477) Homepage
    If the files.txt that is linked from another post is real, you might be very right. I checked the .ext there: C(4675), CPP(2257), ASM(148). But only MIB(28), PRF(39).

    Some more other interrestings extentions: BAT(123), CMD(65), JAVA(37), SED(29), PL(17), JS(16), M4(5), AWK(3), BAS(2), VBS(1).

    Documentations? EML(2213), TXT(382), HTM(212), HLP(23), RTF(9), PPT(3), PDF(1).

    Media: ICO(1304), BMP(803), GIF(165), AVI(141), ANI(34), MID(3), JPG(2).

    TOP11: H(5611), NoExt/Dirs?(4708), C(4675), CPP(2257), EML(2213), CXX(1466), ICO(1304), HXX(972), BMP(803), RC(702).
  • by cheekyboy (598084) on Thursday February 12, 2004 @07:14PM (#8264489) Homepage Journal
    http://www.sysinternals.com/ntw2k/info/xpsrctree.s html

    full source tree is free, and generatable from the debug/dlls etc....

    enjoy.

    yes this is 100% legal
  • by Anonymous Coward on Thursday February 12, 2004 @07:15PM (#8264499)
    The listing appears valid, but is only a subset.

    I lived for years with full source access at a MS partner company.

    Example of what's missing is the file systems (only the file system recognizers seem to be there, not the file system), the entire device driver tree, storage drivers, etc. Most of the core kernel functionality is there though, if pre-service pack levels.
  • by Anonymous Coward on Thursday February 12, 2004 @07:17PM (#8264514)
  • Re:Internet Explorer (Score:5, Informative)

    by helmutjd (568988) on Thursday February 12, 2004 @07:18PM (#8264522)
    Not that I'm advocating the use of IE (bleh!), but the author of that page appears to be talking out of his ass right from the start.

    The magical "hidden folder" that's "segregated from the main filesystem" and "doesn't seem to exist" (C:\DOCUME~1\YourName\Local Settings\History\History.IE5\) is really just a plain ol' system folder.

    Go to a command prompt and run:
    attrib -s C:\DOCUME~1\YourName\Local Settings\History\History.IE5\

    Wow, now the folder appears just like any other folder.

    As for the deeply mysterious "encrypted" file inside it, index.dat... it's just a plain ol' binary file. Open it up in any hex editor and you can read all of the URLs stashed inside just fine.

    The file "cannot be deleted by any normal means" because it's in use by Explorer (which is always running - it's your shell). If you've ever done any work with programming shell extensions, you'll have run into the same problem.

    Put the following into your autoexec.bat (or any similar startup file - anything that runs before Explorer starts) and you can delete it just fine:
    del C:\DOCUME~1\YourName\Local Settings\History\History.IE5\index.dat

    Granted, IE may not be worth its weight in spit, but this guy appears to be a little bit off his nut.
  • Re:it's true (Score:3, Informative)

    by michael_cain (66650) on Thursday February 12, 2004 @07:18PM (#8264534) Journal
    Do not, under any circumstances, modify this section. There is no documentation available for this section, and the individual who wrote it is no longer working here.

    MS isn't the first place where this has happened. For many years, Bell Labs would not modify the source code for "troff". The original author had died, and the code was so twisted that no one was willing to try making changes for fear of introducing bugs worse than the ones they were trying to fix. I believe that eventually there was a completely new implementation.

  • by blorg (726186) on Thursday February 12, 2004 @07:20PM (#8264557)
    They are denying it, but are investigating their Shared Source Initiative (suggesting that they have a lead, and that there is some truth to the leak - or perhaps it's just the obvious place to look). Apparently the rumoured code uncompresses to around the size of 1 CD, and would only be a small portion of the total 40gb code base. Although all the articles mention the security risks, MS insist it is just an IP issue:

    "The rumor regarding the availability of Windows source code is based on the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code. Microsoft is looking into this as a matter of due diligence," a company spokesman said. "If a small section of Windows source code were to be available, it would be a matter of intellectual property rights rather than security." - from Eweek [eweek.com].

    Also see ZDNet [com.com], InternetNews [internetnews.com] and Google News [google.ie]

  • .eml files (Score:1, Informative)

    by e r i k 0 (593807) on Thursday February 12, 2004 @07:31PM (#8264669) Homepage
    .eml files are Microsoft Outlook (Express) e-mails. They should be simply plain-text...
  • Source Torrent (Score:2, Informative)

    by djace (641019) on Thursday February 12, 2004 @07:33PM (#8264693) Homepage
    Torrent here. [homelinux.net]
  • other sources (Score:5, Informative)

    by beas+ mas+er (723133) on Thursday February 12, 2004 @07:35PM (#8264705)
    http://www.internetnews.com/ent-news/article.php/3 312451

    http://zdnet.com.com/2100-1104_2-5158496.html

    http://www.infoworld.com/article/04/02/12/HNmicr ol eak_1.html

    http://www.eweek.com/article2/0,4149,1526390,00. as p
  • by aarku (151823) on Thursday February 12, 2004 @07:39PM (#8264730) Journal
    according to this... [internetnews.com]
    When asked to comment, Microsoft responded by e-mail that "the rumor regarding the availability of Windows source code is based on the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code. Microsoft is looking into this as a matter of due diligence."
  • by AmunRa (166367) on Thursday February 12, 2004 @07:49PM (#8264815) Homepage
    As subject, this torrent is actually the linux kernel ver 2.6.2!
  • by PatrickThomson (712694) on Thursday February 12, 2004 @07:53PM (#8264856)
    Linux 2.6.2...

    har de har dar. well, it does what it says on the tin.
  • ed2k links (Score:0, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @07:55PM (#8264875)
    ed2k://|file|windows nt 4 source code .zip|241131483|afcb4b1fd05ed574e2ee77618222621d|

    ed2k://|file|windows 2000 source code .zip|213748207|34bb9f3a3e8d3e0c4490a96ec30b9f3c|

    ed2k://|file|Windows source code- evans|727875584|000a97a4c90a0eff2e579a82811332e9|

    ed2k://|file|Windows.Source.Code.w2k.nt4.wxp.tar .bz2|142290587|82c8f97acfaba434aeb7592a46dcc7d9|
  • by zenpiglet (708412) <zenpiglet AT hotmail DOT com> on Thursday February 12, 2004 @07:58PM (#8264896)
    All anyone seems to be pointing to is the source tree listing in a text file. Wow.

    Such a listing for XP has been available on the Sysinternals site for years:

    XP Source Tree [sysinternals.com]
  • Re:GNU make users? (Score:2, Informative)

    by TioHoltzman (709089) on Thursday February 12, 2004 @08:05PM (#8264952) Homepage
    8.3 filenames are *only* needed for ISO9660 CDRs. The source tree uses whatever filenames people want. No, my understanding was that it was microsoft policy to use 8.3 naming because of backward compatibility (with older filesystems, i.e. Win 3.1, DOS, etc). Any of the released code with VC6 (and I think VC7) is 8.3. And I remember reading them suggesting that people follow this as well, for their own code.
  • by tetrahedrassface (675645) on Thursday February 12, 2004 @08:07PM (#8264980) Journal
    Laura Didio: aka the SCO queen and her take on this development!!


    "Up until now it was more like the 70/30 rule, where 70 percent of the threats are bogus. Now it's more like 50/50," Didio said. "With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."
  • by rixstep (611236) on Thursday February 12, 2004 @08:11PM (#8265014) Homepage
    Lets not forget who first wrote SCO Unix. Microsoft.

    This is totally untrue. What happened was that Microsoft bought a compiler from Lattice which they retrofitted for Unix, and a source code licence from AT&T, but Microsoft did NOT, I repeat did NOT, work on that source code themselves.

    That source code was given to Santa Cruz, who 'developed' Xenix from that.

    And I am sorry, but the very thought that the dim-witted Microsofties would have 'written' their own Unix? Sorry, but that is just too laughable.

  • by afxgrin (208686) on Thursday February 12, 2004 @08:21PM (#8265128)
    http://www.sschmidt.info/w2k_source.torrent

    I haven't finished downloading this, but it's 200MB in size, has 944 peers! :-)

    The tracker is the same one you have listed:

    http://alge.nlc.no:6969/announce

    The hash is also the same.

  • by Anonymous Coward on Thursday February 12, 2004 @08:22PM (#8265133)
    I think you're confusing two different things. Windows NT/2000/XP is a more secure design in that it supports multiple users (like UNIX), allowing individual users to have restricted permissions, as opposed to being a single-user system like Win3/Win9x/MacOS1-9, where the single user has full control of the system. This means that, for example, a corporate desktop running Win9x is completely at the mercy of the user using it, while an NT/2000/XP desktop can be managed by corporate administrators, with the actual users limited in terms of what they can do.

    As for the track record of NT/2000/XP, it's arguably been more vulnerable to Internet attacks than Win9x, but that's simply because it offers more network services. It's the same reason the major Linux distributions have had so many more vulnerabilities than UNIX or BSD (which typically include fewer services), which in turn have had more than, say, Win9x or MacOS9 (which typically include even fewer).

    BSD (I know) and Linux (I think) learnt the Internet lesson pretty quickly, so these days typical distributions don't have many (if any) network services enabled by default, but that was a relatively recent change (within the last few years). If you enable tons of network services on a BSD or Linux system, you'll still be vulnerable to the numerous security holes repeatedly found in them.

    For reaons known only to MS, Windows still runs all sorts of network services by default, and that's the key difference. It doesn't run the really obnoxious ones like IIS, but it still runs RPC, etc. If those are turned off or blocked, it will be safe from network attacks by default (i.e. only vulnerable to user ignorance). Even today, Windows users who know what they're doing typically turn on the inbuilt firewall (or use an external one), thereby protecting their systems from Internet attacks. The non-technical ones, on the other hand, don't even know what a firewall is.

    At any rate, the main problem today is user ignorance, not vulnerabilities in OSes. Users have all the privileges necessary to propagate email worms, mount DoS attacks and so on, so all you have to do is trick a user into running your executable, and it's over. There are solutions to that too, but no mainstream OSes include any (yet). It will be interesting to see which major OS family (e.g. Windows, Linux, BSD, UNIX) is the first to include the necessary safeguards by default.
  • Re::: prediction :: (Score:1, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @08:23PM (#8265146)
    This is precisely what Pheonix (I think that was the company) did back in the 80's with the IBM BIOS. They had two teams physically separated in two different buildings. One team reverse-engineered the BIOS and documented how it all worked without writing a line of source code. Then, the descriptions were shipped over to the other building and that team wrote the source code for the first _legal_ IBM Compatible BIOS. Both teams, of course, documented everything for legal purposes, but the two teams weren't allowed to communicate both ways. Documentation on the reverse-engineered BIOS was the only thing to go on for development.

    I have no idea how this would all play out under the DMCA (the only major law that I know of not existent in the early 80's). Let's suffice it to say that someone documenting the source code would have to be completely cut off from communication in the other direction and would exclusively analyze the source code as well as being willing to be denied access to any open source implementation (e.g. to check to see if it was done right). They'd also need to live on their own island without any real laws.
  • by Zak3056 (69287) on Thursday February 12, 2004 @08:35PM (#8265256) Journal
    I know they have at least the TCP/IP stack from BSD. I would be interested to see if the copyright comments are still on the files.

    Err, yes, they are. How else do you suppose we know they're using BSD code? Running strings on the executables turns up the Regents copyright notice.

  • Re:nlc.no (Score:1, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @08:38PM (#8265277)
    alge.nlc.no is not affiliated with nlc.no, it is simply a forward given many years ago.
  • by Anonymous Coward on Thursday February 12, 2004 @08:41PM (#8265304)
    The company was actually called Spider, and the Spider TCP/IP stack (which was BSD-derived) was used in exactly one MS operating system: Windows NT 3.1 (1993-1994).

    Windows NT 3.1 was released in 1993, and replaced in 1994 by Windows NT 3.5, which was much smaller, much faster and used an MS-written TCP/IP stack (which was presumably smaller and faster than the BSD-derived Spider stack). The MS TCP/IP stack in NT 3.5 was then ported to Win9x for the release of Windows 95.

    The lifetime of NT 3.1 was very brief, and during that brief lifetime, hardly anyone used it (because it was too big, too slow and there was no Win32 software), so the fact that its TCP/IP stack was BSD-derived is not really something to brag about.
  • Information (Score:3, Informative)

    by MC68040 (462186) <henric AT digital-bless DOT com> on Thursday February 12, 2004 @08:46PM (#8265341) Homepage
    Here's some facts about the zip file that's on the run:

    The zip file is 208 mb (213 748 207 bytes)
    All the files with the "letts to children.eml" etc names are _completely_ empty.
    All files are commented, some are said to be public implention examples while others got "semi public" or no note of being pubblic in the headers.
    It doesn't really have any comments with personal twists etc, just facts from what I observed this far.
    It only includes the OS stuff (e.g. mplayer/iis/ie isn't there in full or at all)

    Got questions, just ask.
  • by Anonymous Coward on Thursday February 12, 2004 @08:49PM (#8265368)
    Maybe it also has to do with the fact NT based machines are made to be administered remotely. If you've ever tried to hack any Windows computers, you would know that a 9x machine isn't going to do much without you tricking the end-looser into doing it for you. I seriously doubt the punks that write this crap are sitting down and discussing their target demographic.

    Seriously, why is this insightful? Isn't it also possible that the punks I mentioned before don't know how to write code that would work on any other platform? The end result is the same, but you're making a big jump on the motivation.

    The crap being released today is pathetic. The idiots writing this stuff probably can't even spell their own names. They probably wouldn't recognize a boot-sector virus if you beat them over the head with the monitor it was displayed on.

    Whew, I feel better now.
  • by MrP- (45616) <rob@eli[ ]rp.net ['tem' in gap]> on Thursday February 12, 2004 @08:52PM (#8265390) Homepage
    Check http://www.betanews.com/article.php3?sid=107663251 5 [betanews.com] they saw source code.. including some funny comments such as "potentially off-by-1, but who cares..." found in the taskbar code
  • by Anonymous Coward on Thursday February 12, 2004 @09:09PM (#8265515)
    From ZDnet: The 203MB file contains the code that appears to be from Microsoft's enterprise operating system, but the code is not complete, said Dragos Ruiu, a security consultant and the organiser of the CanSecWest security conference, who has examined the file listing. "It was on the peer-to-peer networks and IRC (Internet relay chat) today," Ruiu said. "Everybody has got it; it's widespread now." The 203MB file expands to just under 660MB, he said, noting that the final code size almost perfectly matches the capacity of a typical CD-ROM. The entire source code, he said, is believed to be about 40GB, meaning that the file circulating Thursday would be only a fraction of the full code base--if it is authentic. http://www.zdnet.com.au/news/software/0,2000061733 ,39116114,00.htm
  • by n1ywb (555767) on Thursday February 12, 2004 @09:12PM (#8265543) Homepage Journal
    I read rotten.com, I think I'm about as fscking tainted as they come. It's absurd to think that there would be ground for a lawsuit against an open source project you worked on because you had at one point glossed over the NT kernel source or something. That's like homeopathics [rotten.com] who believe that remedies should contain miniscule quantities of active ingredients. In fact, the "strongest" formulations usually contain not a single molecule of the substances in question. Zero parts per billion -- pure water.

    I've seen the Windows CE source. Maybe I should never program again because MS could sue me! I think not.

    PS No offence to homeopathics, I don't care what crazy shite you belive in.

  • by Anonymous Coward on Thursday February 12, 2004 @09:27PM (#8265659)
    Think it absurd if you want; the law certainly allows for it. It works like this:

    1) You see some proprietary source, either legally or otherwise;

    2) You later work on some open source project;

    3) The copyright holder of the proprietary source in 1) looks at the open source project and decides that some sections of the code look strikingly similar to their own code. They further discover that you wrote or contributed to those sections. They call their lawyer. Now, it may well be a combination of "coincidence plus a limited number of ways to do X" that caused the similarity, but you're going to have to convince a judge and/or jury of that. The other side will have to convince them that you copied it. They've got the striking similarity plus the fact that you've seen their source. What have you got?

    Now, since you've seen the Windows CE source, why don't you ask the Samba project if you can join, and tell them you've seen MS source code (whether legally or not doesn't matter; seeing it is all that matters) and see if they will take you on as a developer.

    I bet they won't.
  • Re:it's true (Score:3, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @09:31PM (#8265683)
    This notice DOES appear in the Windows documentation, btw, so it's not exactly a state secret that they used zlib.
  • by Anonymous Coward on Thursday February 12, 2004 @09:39PM (#8265741)
    http://www.sschmidt.info/w2k_source.torrent -- Windows 2000 Source Code
  • by anubis__ (168382) on Thursday February 12, 2004 @09:51PM (#8265850) Homepage
    from washingtonpost.com Microsoft Confirms Windows Code Leak [washingtonpost.com]:

    "Microsoft Corp. on Thursday confirmed that the source code for its Windows 2000 operating system has been leaked, a security breach that could give hackers important intelligence about how to exploit flaws in software run by most of the world's computers.

    A Microsoft spokeswoman said someone had illegally posted incomplete portions of Windows 2000 on the Internet."

  • by duffbeer703 (177751) * on Thursday February 12, 2004 @09:52PM (#8265856)
    That may be true, but there is BSD code in Windows XP.

    open up a command window and type "strings c:\windows\system32\ftp.exe"

    This will return:
    @(#) Copyright (c) 1983 The Regents of the University of California.

    All rights reserved.

  • by Anonymous Coward on Thursday February 12, 2004 @09:53PM (#8265862)
    Windows Source Code Leaked Over Internet [komotv.com]

    "SEATTLE - Microsoft Corp. said late Thursday that portions of its Windows source code - the tightly guarded blueprints of its dominant operating system - had been leaked over the Internet."
  • by Anonymous Coward on Thursday February 12, 2004 @09:56PM (#8265887)
    If the files that are listed at 'http://heim.ifi.uio.no/~mortehu/files.txt' really do exist outside of the Microsoft firewall, then there is a complete enough tree to build Windows. It would require about a month of effort to get a working build, but it would be doable...and in fact worth every second for one reason - access to the underlying code of user32.dll (source of HMENU) and comctl32.dll (source of pretty much everything else GUI oriented - List boxes, tree controls, etc.). These two DLLs are black boxes and both result in millions of wasted hours every single year. I don't know of a single Windows programmer who isn't dying to get their hands on the source of just those DLLs. They could care less about the rest of the OS source...Microsoft, you reading this? Whoever leaked this has done every Windows programmer a _favor_...and you have actually hurt the open source community than helped it.

    Anyway, I digress. The following directories I recognize: kernel, GDI (where's GDI+?), comctl32, comdlg32, server/client separation, Microsoft Plus!, explorer, systray (I thought they would call it the Taskbar Notification Area internally...grr...stupid MSDN), walk (Dependency Walker?), built-in FTP, My Documents (something the world could do just fine without - I even see the COM object stuff there as well that makes it "permanent"), TweakUI, shell32, advapi (lots of NT-specific stuff in there that really should also be for 9x), MSGina, Video for Windows (and possibly Windows Media Player?), some codecs, the Windows Registry, all of the standard Accessory items (including a huge section for Hyper Terminal - and obviously MS Paint, Notepad, and OLE hooks into Paintbrush), Active Accessibility, Control Panel (and applets), Games, the _old_ Win3.x Program Manager, RegEdit, RegWiz (? Not quite sure what this refers to), and rundll32.

    Someone made a comment about the .eml extensions residing in the source tree...note that they are all zero bytes. This is probably for the ability to go back in time to specific versions without getting complaints from their versioning software.

    I'm getting around to my final analysis. Basically, what is here is a complete Windows 2000 _kernel_ and _user_ mode tree for the default installation of Windows 2000 (no Service Packs). This, however, does _NOT_ include any proprietary code such as drivers or the source code to DirectX/Direct3D/DirectShow (I know several programmers who would kill for the source to DirectX - it drives them bananas due to the lousy code on Microsoft's behalf). So, while someone _MAY_ be able to compile the whole thing, there are no drivers to go along with it and the Service Packs would overwrite any customization. Therefore, the OS, as a whole, is essentially worthless without the actual media that contains the drivers (and broken without at least SP1). However, there are components of the source code (that I've already mentioned) that Windows programmers would sell their souls for.

    I suspect that this source code will become a prized item to have in about two years when Microsoft cuts off support for all existing Windows OSes. Win98 support was just to test the waters to see when companies would be ready for Microsoft to dump them and accept it. You may think I'm joking, but my gut feeling says that Win98 was just a test...and with the source to 2000 floating around, MS can shrug their shoulders and say, "support it yourself," just don't distribute patches or we'll come after you.
  • Re:GNU make users? (Score:2, Informative)

    by spectecjr (31235) on Thursday February 12, 2004 @09:56PM (#8265890) Homepage
    No, my understanding was that it was microsoft policy to use 8.3 naming because of backward compatibility (with older filesystems, i.e. Win 3.1, DOS, etc). Any of the released code with VC6 (and I think VC7) is 8.3. And I remember reading them suggesting that people follow this as well, for their own code.

    Having worked at Microsoft, I beg to differ. Source filenames are whatever you want. Files which have to be distributed externally are 8.3 because of ISO9660 (and a slight efficiency increase on VFAT systems). But files used internally? That's personal preference.
  • by Sailsa (740130) on Thursday February 12, 2004 @09:59PM (#8265902)
    Microsoft has confirmed the leak.... According to the Associated Press in this article http://www.sunherald.com/mld/sunherald/business/79 41292.htm Microsoft Corp. said late Thursday that portions of its Windows source code - the tightly guarded blueprints of its dominant operating system - had been leaked over the Internet. Microsoft spokesman Tom Pilla said in an interview with The Associated Press that some incomplete portions of the Windows 2000 and Windows NT4 source code had been "illegally made available on the Internet."
  • Re:it's true (Score:3, Informative)

    by TheGrayArea (632781) <graymc @ c o x . n et> on Thursday February 12, 2004 @10:06PM (#8265952) Homepage
    Based on what I had seen in my time, the oldest code (ie the low level base stuff that Cutler was directly involved with and the 'base' stuff) is still fairly clean. There's a middle layer in there that gets pretty grungy. It's not all bad code, but commenting practices sure did change over the years. There's a lot with only comments in the top of the file about updates/etc. They made some more rigid standards about 99-2000 that made it better. It also depended on the group. The guys out of MS Israel (MSMQ, Proxy/ISA) wrote some really nice clean stuff. A lot of the Inet/IE stuff is really messy. The cluster code was really nice as I recall (bud of mine was cluster support). It all really depended on the group. Windows is broken down into a LOT of subpieces handled by specialized groups.
  • by ka55ad (571279) <ka55ad@gmail.com> on Thursday February 12, 2004 @10:09PM (#8265976) Homepage
    MS has confirmed that the code is real. Story here [washingtonpost.com] (washington post).
  • by Kinesthe (726726) <(RofregProgrammer) (at) (msn.com)> on Thursday February 12, 2004 @10:10PM (#8265979)
    Microsoft Confirms Windows Code Leak
    ---

    Microsoft Corp. on Thursday confirmed that the source code for two versions of its Windows operating system has been leaked, a security breach that could give hackers important intelligence about how to exploit flaws in software run by most of the world's computers.

    "Today we became aware that incomplete portions of Windows 2000 and NT 4.0 source code was illegally made available on the Internet," said Microsoft spokesman Tom Pilla. "It's illegal for third parties to post Microsoft source code and we take that activity very seriously."

    Pilla said the company does not know how much of the operating system code was compromised, but he said Microsoft believes it was not a complete version of either operating system.

    There was no indication that the code was stolen through a breach of Microsoft's internal network, Pilla said. He said the FBI is investigating the matter.

    Computer security experts said the release of Windows source code could pose a significant threat to Internet security, depending on what portion of the code was leaked.

    A leak of any portion of the Windows code "could dramatically increase the probability that new zero-day vulnerabilities will be found," said Alan Paller, director of research the SANS Institute, a security training group based in Bethesda, Md.

    "Zero day" exploits are highly effective attacks that occur when hackers discover a way to exploit a security vulnerability before or at the same time as a software maker learns of the flaw. Attackers can then use this information to launch a virus or worm that exploits the security hole before a patch can be released to fix the problem.

    Thor Larholm, senior security researcher at Newport Beach, Calif.-based PivX Solutions, said the Windows source code file being traded on the Internet appears to be roughly 660 megabytes in size, about the size of one CD-ROM's worth of data. That is far short of the estimated 40 gigabytes of data that makes up the entire 40 million lines of code in the Windows operating system.

    Even a partial leak "is a potentially very serious problem for Microsoft," Larholm said. "Just look at the vulnerabilities that are discovered by people who didn't have access to the source code."

    The origin of the leak is not currently known. The Redmond, Wash.-based software giant closely guards the computer code that comprises the company's operating system. But Microsoft does license portions of its programming code to security researchers and more than 50 universities under its "Shared Source Initiative."

    Microsoft last year said it would began sharing complete copies of its source code with governments around the world that want to validate the security of the software before deploying it in national defense and other sensitive areas. Microsoft signed an agreement in 2003 that lets the Australian government inspect the source code of Windows 2000, Windows XP and Windows Server 2003. Other counties, including India, are exploring similar arrangements.

    Unlike open-source software like the widely used Linux operating system, the code comprising Microsoft's Windows software is not open for public inspection. Linux users are encouraged to participate in an open, continuous cycle of modifications and upgrades that its proponents say results in systems that are more secure and reliable than those powered by proprietary code like Windows.
  • by LordKazan (558383) on Thursday February 12, 2004 @10:22PM (#8266071) Homepage Journal
    so far this month on my site (OS, Visits thus far this month, %)
    • Windows XP -- 40972 -- 53.8
    • Windows 2000 -- 12055 -- 15.8
    • Windows 98 -- 10602 -- 13.9
    • Windows Me -- 6461 -- 8.4
    • Linux -- 1469 -- 1.9
    • Unknown -- 1213 -- 1.5
    • Mac OS -- 1161 -- 1.5
    • Windows NT -- 1149 -- 1.5
    • Mac OS X -- 619 -- 0.8
    • Windows 95 -- 166 -- 0.2
    • WebTV -- 165 -- 0.2
    • NetBSD -- 3 -- 0
    • Sun Solaris -- 3 -- 0
    • Windows CE -- 1 -- 0
  • It's official... (Score:3, Informative)

    by Metroid72 (654017) on Thursday February 12, 2004 @10:27PM (#8266106)
    I guess MS confirmed: http://www.msnbc.msn.com/id/4253584/ From the MSnbc website.
  • Re:I know that... (Score:3, Informative)

    by trenton (53581) <trentonl&gmail,com> on Thursday February 12, 2004 @10:29PM (#8266121) Homepage
    The point is now they can claim that they had potentially had access to their trade secret...

    That's the double-edged sword that is the trade secret. Legal protection only lasts as long as you keep it a secret. So, once it's out, it's out. They could still claim copyright infringement on verbatim coping, but not derivative works.

    You can read all about trade secrets at Nolo.com [nolo.com].

  • by Anonymous Coward on Thursday February 12, 2004 @10:30PM (#8266130)
    Looked through it some. I would be very surprised if this code is not authentic, although what is up with the "bsc" directory? It contains a bunch of junk.
    But it's certainly not "complete", i.e. I can't find the NTFS filesystem driver (or at least anything that would look like such a beast...), but I could find code from MSIE for importing Netscape cookies and bookmarks, some of which was under the windows/shell/ hierarchy (maybe that's MS's basis that MSIE is integrated with the core OS?)
    I even saw some Java code referencing the "com.ms.xml" hierarchy, apparantly an XML parser MS wrote.
    Plus some .doc on GDI debugging, strings showed what seemed like a valid Word doc, complete with "Microsoft Confidential" as one of the phrases seen.
    Also, a core file under the 'security' folder, which was an ELF binary with some junk about Vi Improved 5.6 and some symbols starting with 'xterm'... maybe the guy working on that was using Linux?
  • Tracker (dead.) (Score:5, Informative)

    by algeliten (733634) on Thursday February 12, 2004 @10:34PM (#8266163)
    Hmm. That's my tracker. And it's dead now. I probably should learn to not have a public tracker.. *sigh*

    Anyway, at least 1000 people got it down, so it shouldn't be too hard for some of them to make a new torrent. But I'm definetly not going to host it anymore.

    --
    alge of flauna
    http://alge.nlc.no/
  • original quote (Score:3, Informative)

    by MegaFur (79453) <{moc.nzz.ymok} {ta} {0dryw}> on Thursday February 12, 2004 @10:42PM (#8266223) Journal
    ELWOOD: It's a 106 miles to Chicago, we've got a full tank of gas, half a pack of cigarettes, it's dark, and we're wearing sunglasses.
    JAKE: Hit it.

    ref: http://www.imdb.com/title/tt0080455/quotes
  • by Kalgash (158314) <jjmcook@gmail.com> on Thursday February 12, 2004 @10:49PM (#8266268) Homepage Journal
    See The BBC News [bbc.co.uk] for more details.

    My favourite quote:

    "But Microsoft's president and chief executive, Steve Ballmer, insisted they had not been able to tamper with any of the company's key programs."

  • by Anonymous Coward on Thursday February 12, 2004 @11:05PM (#8266398)
    All your FBI friends can come by here and have a nice cup of tea.

    ed2k://|file|windows_2000_source_code.zip.torrent| 16496|5506C49CCCA12204BAB6FE960CE5602C|/
  • by ncr53c8xx (262643) on Thursday February 12, 2004 @11:06PM (#8266406) Homepage
    win2k/bsc/.glimpse_filenames_index etc. Huh? What's with the "."? Are they using Unix?

    Possibly. glimpse is a program that will create a database so that you can quickly search through all of your files, in UN*X.

  • Confirmed by MS (Score:2, Informative)

    by k4_pacific (736911) <k4_pacificNO@SPAMyahoo.com> on Thursday February 12, 2004 @11:12PM (#8266435) Homepage Journal
    AP article on yahoo news here. [yahoo.com]

    See Shit.
    See fan.
    See shit hit fan.
    Duck!

  • by loconet (415875) on Thursday February 12, 2004 @11:19PM (#8266493) Homepage
    It seems like they've confirmed that indeed, part of the OS's have been leaked.

    source:
    http://www.washingtonpost.com/wp-dyn/articles/A376 48-2004Feb12.html [washingtonpost.com]

  • "The Source" :) (Score:5, Informative)

    by Anonymous Coward on Thursday February 12, 2004 @11:21PM (#8266501)
    Security bugs.. Nah...
    $ grep -r strcpy -i . | wc
    10454 42054 1069145

    Where it was ganked from:
    There is a core dump file inside the windows 2000 (sp1) archive, it clearly shows that the source was stolen from a system at Mainsoft. The following url confirms that they did have access to the leaked code. http://mainsoft.com/news/press_releases/2000_3_22_ 01.html

    The actual strings which confirm this:

    PWD=/usr/ms/win2k_sp1/private/security/msv_sspi
    DOMAIN=mainsoft.com
    REPLYTO=eyala@mainsoft.com
    ORGANIZATION=Mainsoft Co. Ltd.
    MWBATCH_SERVER=lod:8000
    MSOFTLM_HOST=@xor
    MAINSOFTLM_HOST=@xor
    XAPPLRESDIR=/il2/users/eyala /app-defaults
    EDITOR=vi
    BASE_LIBPATH=/usr/lib
  • by Anonymous Coward on Thursday February 12, 2004 @11:24PM (#8266521)
    AP [ap.org]
    Washington Post [washingtonpost.com]
  • by Anonymous Coward on Thursday February 12, 2004 @11:45PM (#8266639)
    The claimed Windows 2000 source code archive contains 30,915 files totaling approximately 13.5 million lines. The source is dated July 25, 2000, placing it after the official release of the operating system, which was rumored to contain between 35 and 50 million lines of code in its entirety.


    Early references to "Whistler" -- the code-name for Windows XP -- can be found in the files, which is consistent with the post-Windows 2000 time frame. An internal alpha version of Whistler leaked in March 2000.

    A Microsoft spokesperson told BetaNews that the company was looking into this as a matter of due diligence. "At this time, all we have to say is the rumor regarding the availability of Windows source code is based the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code," the spokesperson said. "If a small section of Windows source code were to be available, it would be a matter of intellectual property rights rather than security."

    Sources indicates the leak is valid, but incomplete. Comments -- which are added to track changes to source code during development -- refer to specific bugs, Microsoft employees, and even organizational charts. Product code names are abound, with references to Daytona, Cairo, and Memphis, as well as beta timetables. The archive contains graphics files for Windows 2000 and Internet Explorer 5.0 included in resource files, according to sources.

    Comments such as, "potentially off-by-1, but who cares..." are buried within code for the Windows Taskbar. Sources tell BetaNews there is no reference that calls Netscape developers "Weenies," as was alleged in court documents. Other comments range from mundane technical jargon to all out profanity.


    More at http://www.betanews.com/article.php3?sid=107663251 5
  • NTFS (Score:2, Informative)

    by e r i k 0 (593807) on Friday February 13, 2004 @12:07AM (#8266759) Homepage
    Looking through the file listing, I see no mention of NTFS (that's not in dead code) except for a few files dealing with ntfsrec. It appears that those files are the NTFS recognizer. Maybe NTFS wasn't included in this leak?
  • by response3 (751852) on Friday February 13, 2004 @12:07AM (#8266761)
    http://www.securityfocus.com/news/8037
  • by efextra (673412) on Friday February 13, 2004 @12:34AM (#8266877) Homepage
    if you happen to modify the registry of the client system to use a differenet "WindowsUpdate" server...
    Hmmm, thats a
    feature of Windows update [microsoft.com] that allows you you to set the update server (Search for SUS for info on this). This is to create local update servers and actually works pretty well (we use it on out network). It makes getting the updates so much faster.

    Windows update client installs *only* signed content from Microsoft whatever be the source.
  • by GridPoint (588140) on Friday February 13, 2004 @12:42AM (#8266920)
    Yes, Microsoft is acknowledging the use of BSD licensed code. I don't know if they are doing it in the source code, but since they are putting copyright notices in the release notes for their software [microsoft.com] they probably have copyright notices in the source code too. Look at the copyright information on their page, they not only honor Berkeley but also a lot of other people that have been actively contributing to various BSD software such as Luigi Rizzo [unipi.it].
  • Re:"The Source" :) (Score:5, Informative)

    by CoolVibe (11466) on Friday February 13, 2004 @12:54AM (#8266999) Journal
    Where it was ganked from: There is a core dump file inside the windows 2000 (sp1) archive, it clearly shows that the source was stolen from a system at Mainsoft. The following url confirms that they did have access to the leaked code. http://mainsoft.com/news/press_releases/2000_3_22_ 01.html

    Odd... That page doesn't exist anymore, and suddenly (according to their press page), nothing happened in March 2003.

    Guess who's in save-my-butt mode? :)

  • by Anonymous Coward on Friday February 13, 2004 @12:56AM (#8267016)
    Go check out Kazaa for "windows source"... you'll find hundreds of hits, and they will range in size from 10 MB to 1 GB. You can't possibly tell which one is the right one, even if you know the approximate size is around 200 MB because there are literally dozens of them in that range. To download the wrong one will end up wasting hours if not days of your time. As well, being on Kazaa for so long downloading these files is risky... who knows if it will open you up to getting raided by the FBI for downloading trade secrets?

    I must admit that they did a good job protecting themselves this way... Who says Microsoft isn't filled with clever people?
  • Re:it's true (Score:3, Informative)

    by harmonica (29841) on Friday February 13, 2004 @01:17AM (#8267127)
    How does one take a quick peek to see such a file is circulating?

    Some P2P network, I guess. Or one of the aforementioned IRC channels.
  • Re:"The Source" :) (Score:4, Informative)

    by Anonymous Coward on Friday February 13, 2004 @01:17AM (#8267128)
    Actually the page exists... Note a space in the url, you have to remove it, the press release is still there:

    Mainsoft(TM) extends strategic relationship with Microsoft(TM)
    Leading provider of cross-platform solutions for the enterprise to offer enhanced computing capabilities for the Unix environment; New source code available for CAD/CAM and Visual Simulation markets
    SAN JOSE, Calif. - March 22, 2000 - Mainsoft Corporation, the leader in cross-platform solutions for the enterprise, today announced expanded terms of their WISE agreement with Microsoft Corp. The WISE agreement, signed in 1998, provides Mainsoft access to source code for Windows NTO including the recently released Windows 2000. As part of the new terms, Mainsoft will receive additional source code for Windows to provide advanced graphical capabilities for industries, specifically the CAD/CAM and Visual Simulation markets, that require this functionality on Windows and Unix. Today's announcement underscores the two companies' commitment to cross-platform support of Windows-based applications through the Win32 APIs.

    Mainsoft's receipt of additional source code for Windows will provide leading technology capabilities for developers who rely heavily on extensive graphics applications. Based on Extensible Scene Graph (XSG) technology, Mainsoft will enhance graphic technology applications on Unix for the CAD/CAM and Visual Simulation industries. As the first deliverable of the "Fahrenheit" initiative, Microsoft's XSG technology offers modeling capabilities to provide a higher level of programming for developers to create consumer and professional 3D applications. XSG provides high-level data structures and algorithms that increase overall graphics performance to assist the development of sophisticated graphics-rich applications.

    "We're excited to continue to work closely with Mainsoft to deliver customers advanced graphics technology," said Jeffrey Friedberg, Graphics Program Manager at Microsoft. "Our collaboration will extend XSG functionality to customers who require the advanced graphics technology in a cross-platform environment. We are looking forward to joining forces with Mainsoft on projects for the CAD/CAM and Visual Simulation industries. "

    "Since 1994 when our relationship began with Microsoft, Mainsoft has delivered to the software development community a Windows platform for the Unix operating systems," said Yaacov Cohen, president of Mainsoft. "The availability of this new code launches the next logical stage in our alliance: into a new vertical category where we can offer our expertise to developers along with the Win32 APIs to work on Windows NT and port to Unix."

    Through its relationship with Microsoft, Mainsoft has had access to the source code for Windows to provide a Windows platform for Unix, called MainWin. This is the leading technology infrastructure for Independent Software Vendors (ISV's) and IT professionals to re-host Windows NT-based applications onto the Unix and Linux platforms. By utilizing MainWin, companies have the power to develop software on the Windows NT platform and deploy it to several different operating environments simultaneously.

    etc etc etc
  • new Working Torrent (Score:5, Informative)

    by Anonymous Coward on Friday February 13, 2004 @01:19AM (#8267131)
    http://torrent.spyderlake.com/download.php?info_ha sh=f03fc1e04869294d5644d3c8c5d0fb8f2d26aa59
  • by TKinias (455818) on Friday February 13, 2004 @01:34AM (#8267219)

    scripsit AstroDrabb:

    I am under the impression that copyright laws do not prevent you from creating a work based on knowledge of another work. As long as you do not use the original work verbatim. I can go and create a movie called Planet Wars with a lead character named Duke SlyStalker based on a very similiar theme as Star Wars. I can write a book with a theme just like LOTR with trolls, hobbits, elves, dwarfs, etc. I can paint my own version of very famous paintings. I can make music that sounds like other popular music.

    IANAL either, but I've had to deal with copyright issues in academe. You cannot create a derivative work -- that is part of the copyright-holder's monopoly. You needn't use a single line of text verbatim for it to be considered a derivative work; a movie adaptation which mangles the plot and doesn't use any of a book's dialogue is still a derivative work. So would a translation into Mandarin or a children's version.

    There are exceptions, I believe, for parody -- various Star Wars knockoffs (e.g., the Death Star Clerks animation) are apparently legal as parody. Otherwise, you can get into hot water with the kind of things you're talking about. You have to be able to convince a jury that your work is not derivative of the earlier copyrighted work or you are infringing.

    The painting one is an interesting example, because most of the `famous' paintings one would be inclined to make works derivative of are not in copyright any more. And when it comes to music, pop all sounds alike anyway, so it would be pretty hard to argue that anything is derivative of anything else, unless it copied bars on end of melody or something.

    Now, academic plagiarism and copyright infringement are not the same thing, but the rule-of-thumb I tell students about plagiarism still applies: If I read your work and I think ``Hmm, I've read this somewhere before,'' there's already a problem. There doesn't have to be verbatim copying of text. It might not be enough to convict, so to speak, but unwelcome attention has been drawn and a legal fight is a possibility.

  • posted on usenet (Score:1, Informative)

    by Anonymous Coward on Friday February 13, 2004 @02:38AM (#8267462)
    alt.binaries.cores
    alt.binaries.newsgroupcentral

    header:
    Windows.2000.source.code-NOGROUP - 2 of 2 - "windows_2000_source_code.zip"

    the file is 209.3MB. it was posted about 2 hours ago. most likely this is the same file that was being distributed via torrent ect... enjoy
  • by hingo (687307) <henrik.ingo@avoinelama.fi> on Friday February 13, 2004 @03:46AM (#8267666) Homepage
    While it's not news that MS doesn't see that there might be any security threats towards Windows, should we read more into this:

    "One main risk in having source code exposed to the public is the possibility that hackers could break into computers running Windows NT or Windows 2000 and destroy or steal data.

    "Although the company said that was unlikely, given the relatively small portion of code that had been circulating, a greater risk could come from others using the code as a base for developing software that competes with Windows."

    http://www.reuters.com/newsArticle.jhtml?type=te ch nologyNews&storyID=4351461
  • by djace (641019) on Friday February 13, 2004 @04:22AM (#8267752) Homepage
    From http://www.microsoft.com/presspass/press/2004/Feb0 4/02-12windowssource.asp

    Statement from Microsoft Regarding Illegal Posting of Windows Source Code

    REDMOND, Wash., Feb. 12, 2004 -- On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. It's illegal for third parties to post Microsoft source code, and we take such activity very seriously.

    We are currently investigating these postings and are working with the appropriate law-enforcement authorities.

    At this point it does not appear that this is the result of any breach of Microsoft's corporate network or internal security.

    At this time there is no known impact on customers. We will continue to monitor the situation.
  • Re:"The Source" :) (Score:1, Informative)

    by Anonymous Coward on Friday February 13, 2004 @05:29AM (#8267955)
    Odd... That page doesn't exist anymore, and suddenly (according to their press page), nothing happened in March 2003.
    You fucking morons who can't even link to a URL properly nor follow the slashdot mangled ones, here is the correct link - http://mainsoft.com/news/press_releases/2000_3_22_ 01.html [mainsoft.com]

    For fuck's sake learn some basic HTML. Slashdot adds a space in URL's normally to stop them from linking so you have to use the proper HTML tags for URL linking to work.
  • by Kehl (663202) on Friday February 13, 2004 @05:48AM (#8268007) Homepage
    Really, getting your hands on windows source can't be that hard if you're motivated & have some connections. I was student-admin at a v.small college (think 500ish students) a few years back and, while cleaning out the server room, found a copy of NT4 that nobody knew existed (it was the same cabinet as the VMS tapes).

    From what I can gather you must have found the NT4 Installation CDRom? The "leaked" precompiled source code for NT4 must be at least 15GB (10+CDRoms) and I severly doubt it would be sitting in a small college's tape backup cabinet!

    Just FYI ..... Not a flame! ;)

  • by Anonymous Coward on Friday February 13, 2004 @06:25AM (#8268112)
    no, the binutils and gcc/glibc comes from Cygwin. The rest of the userland tools comes from OpenBSD.
  • by filer (125517) * on Friday February 13, 2004 @07:09AM (#8268224)
    Ok folks... you can put down your pitchforks. Her ugly comments appear to have been snipped from the article.
  • mp3s on kazaa? (Score:2, Informative)

    by calyptos (752073) on Friday February 13, 2004 @07:32AM (#8268287) Homepage
    I've read in another thread that Microsoft released bogus files onto kazaa. I decided I'd try to get one of these bogus files and see what they were. I found a 100mb ZIP file which was obviously a fake, everything's saying it's zipped up to like 200mb and extracts to 600mb. Using my handy dandy "file" command I discovered it was an mp3. A 100mb MP3. I played it and it was some 3 hour long thing full of absolutely nothing. For those of you intrested, the filetype was: MP3, 80kBits, 22.05kHz, JStereo
  • by BenBenBen (249969) on Friday February 13, 2004 @07:49AM (#8268344)
    Work it out - "code" in this case means CD-Key.

    There was no Server 2003 source code leak.

    Who the hell mods these things?
  • by 0x0000 (140863) <<moc.xehorez> <ta> <xehorez>> on Friday February 13, 2004 @10:33AM (#8269576) Homepage
    I think it's worse than just a simple trap.

    The Reuter's article on Yahoo [yahoo.com] contains a number of inaccuracies that are clearly prejudicial, and are probably sourced within Microsoft.

    It (the story) amounts to an obvious attempt to spin up a scenario that will lead ultimately to criminal prosectution of persons involved in Open Source. And the story being such an obvious attempt at spin doctoring could lead one to believe there is more going on here than one poorly written news story...

    Apparently Gates & Co. have decided their civil case fronted by SCO is not quite strong enough, and are trying to establish criminal precedent in order that, whether the current SCO effort succeeds or fails, the next case will be criminal.

    One could hope that the courts will develop enough tech skillz to determine that the line

    for (int i=0; i < cnt; i++) {

    showing up in both windoze and Linux code does not constitute proof of theft under some Gatesien system of jurisprudence ...

    Examples of the (imo) prejudicial language in the story [emphasis mine]:

    ...copies of the source code [...] were being traded over the internet

    There is no evidence cited that the code is being "traded". It appears that it is being distributed, but I haven't seen any reports of it being exchanged for anything else. This is key, since the languaged used here implies a profit motive on the part of the alleged "traders"; necesary for the criminal prosectution because there is a need to establish that the code is worth a great deal...

    Source code is the ... lifeblood of any software company

    This sounds like it came straight out of a Microsoft publicist. It is an emotional appeal statement, designed to imply a henious threat to the alleged victim, Microsoft (and by implication, SCO).

    The statement is factually inaccurate, even as metaphore. Source code is a principle part of the products manufactured by most software companies, but expertise in the creation of source code is more properly the "lifeblood" of the company.

    Of course, Microsoft is a bit challenged in the expertise dept, but that should be applied to "any software company"....

    Microsoft has [...] shared its source code with close partners and carefully chosen organizations, with legal agreements that threaten litigation in the event of that any of is leaked.

    ...followed by...

    "It's illegal for third parties to post Microsoft source code [...]"

    If it is indeed "illegal" for 3rd parties to post the sources, then why would the aforementioned "agreements" require threat of civil action? If it's illegal, there should be no need to lititgate. The threats would be of prosecution, not litigation.

    Furthermore, the word "share" here is ridiculous. If you've ever looked at what it takes to get an NDA to look at M$ sources, there's no "sharing" to it. It's a business transaction, and it doesn't happen unless M$ gets the lions "share" of any potential benefit.

    Software companies that create programs running on Windows need access to source code to build their own products.

    WTF? Well, admittedly I haven't written any "programs running on Windows" in quite a few years, but I no idea things had changed quite that much... [that's sarcasm in case you can't tell; the statement is just plain wrong]

    Microsoft said that it was working with the Federal Bureau of Investigation and legal authorities to try and track the origin

  • by jrasmussen0 (239069) on Friday February 13, 2004 @11:50AM (#8270442) Homepage
    http://www.microsoft.com/presspass/press/2004/Feb0 4/02-12windowssource.asp [microsoft.com]

    REDMOND, Wash., Feb. 12, 2004 -- On Thursday, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. It's illegal for third parties to post Microsoft source code, and we take such activity very seriously.

    We are currently investigating these postings and are working with the appropriate law-enforcement authorities.

    At this point it does not appear that this is the result of any breach of Microsoft's corporate network or internal security.

    At this time there is no known impact on customers. We will continue to monitor the situation.

No user-servicable parts inside. Refer to qualified service personnel.

Working...