Microsoft Source Follow-Up 1090
shystershep writes "It's official. Microsoft admits that 'portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet.' No more details, although it seems clear that it is only a portion of the code. Microsoft is, naturally, downplaying its impact, while everyone else is busy speculating about how serious this could get." A lot of you apparently haven't read yesterday's story. An investigation of the code is already underway.
Of course! (Score:5, Interesting)
Of couse they are. They don't want to admit that its 203MB of files, they will just say its a small fragment.
Makes me wonder about all the weird e-mail files in the zip though...
NeoThermic
So the question is (Score:5, Interesting)
Lesson for the kids out there (Score:2, Interesting)
I hope the guys who left the f-words in will get a promotion or something for aiding the investigation.
Mainsoft is to blame... (Score:5, Interesting)
Analysis indicates files within the leaked archive are only a subset of the Windows source code, which was licensed to Mainsoft for use in the company's MainWin product. MainWin utilizes the source to create native Unix versions of Windows applications.
Mainsoft says it has incorporated millions of lines of untouched Windows code into MainWin.
WHAT?!?!!?!??
Re:Traces back to Mainsoft? (Score:5, Interesting)
This can't be the first time (Score:5, Interesting)
While discussing with friends today... (Score:1, Interesting)
Anyone wanna bet microsoft programmers are hoping that their code doesn't show up with their name on it, for fear of public embarassment? Of course programming for microsoft is probably embarassing enough. No bob, I'm not working for microsoft, I'm doing gay porn!
This isn't the first time their code was leaked... (Score:3, Interesting)
Structured insight: (Score:0, Interesting)
Today is the day after Windows NT becomes "Open Source", although not by choice. So far what's happened is... speculation and nothing else. As the roller coaster teeters at the top of the track, all walks of I.T. life are assessing the thrills and spills to come. Here follows a collection of views, insights and ruminations on the matter, collected from as many sources as possible.
Disclaimer: This is a summary of collected opinions on this issue. I am not claiming that any of this will happen, that these views are correct, or that I agree with them. If you spot anything particularly sensationalist or inaccurate here, please make suggestions and correct me.
Noung says re What will occur the day after Windows NT becomes open source : My understanding is that it hasn't exactly become "Open Source" (by choice or not), as we don't even know how much has been leaked... You should probably point that out as your write-up implies the whole thing is out.
jasonm says re What will occur the day after Windows NT becomes open source: it's hardly open source. it may be pirated source, but calling it open source misinterprets the term entirely
In reply to this I can only say that "open source" doesn't necessarily refer to openly licensed code released intently. Although I disagree with jasonm, I do believe that this is an issue which needs clarifying--the source certainly isn't open source in the same way that the Linux kernel or a typical openly licensed project is.
Microsoft Viewpoint
With everything out in the open, Microsoft's honesty regarding past issues is going to face heavy exposure. This might lead to legal battles for Microsoft itself, however, the leak is likely to have come from a separate company which the code was licensed to, and it is unlikely that Microsoft would be giving anything containing juicy secrets away to separate entities. Of course, the conspiracy theorists are already up in arms, voicing the possibility that Microsoft released this code their selves with the intention of converting Windows 2000 and NT users into purchasers of their latest operating systems. This is unlikely to be the case if common code is shared between 2000/NT and their latest releases, i.e. XP, else they would effectively be banging the gavel on this too. Microsoft may be forced to publish just how much of Windows XP stems from Win2K/NT.
archiewood says re What will occur the day after Windows NT becomes open source : You might've heard this already, but an interesting (likelihood of truth aside) theory is that Microsoft released the code deliberately, hoping Windows-derived code segments may eventually end up in Linux. Could be a perfect way to shut down their biggest competitor.
Already a popular idea is 'grep-ping' through the code for comments, and comparing the contents with released code from separate projects. The Slashdot crowd are literally frothing at the mouth at the thought of picking up on misconduct/incompetence in this code and exposing it. It's well-known that BSD network code exists (licensed) in Windows--a first stop for many will be to hunt this code down and ensure that it has been implemented legally and within terms of the license. This is an example of a known intellectual property issue; code monkeys are going to be much more interested in finding scandals of their own in the code.
Patches. Will Microsoft accept a more open approach to fixing problems in their code base? This may be a prime opportunity for them to re-license this code, and reap the benefits of the leak using a similar model to the Linux kernel code. However, with Microsoft's track record it's more likely that they will take an SCO-style approach and concentrate on protecting their own IP.
Hacker Viewpoint
Black hat, white hat... regardless of their choice in head wear, tinkerers from all disciplines are going to want a piece of the action.
White hats, the goo
Swearing? (Score:5, Interesting)
M$ Programmer: Well, nobody's going to read this anyway, so "\\f*ck this bullsh*t"
For personal projects, this is fine (I've vented a bit in my personal coding projects), but I would never do anything like that at work...
Re:Traces back to Mainsoft? (Score:5, Interesting)
should we be looking at this stuff? (Score:5, Interesting)
Seems like a good idea, but...
Was it ESR that made that nifty app to compare SCO and Linux sources? Could it be fiddled with to see if Linux or other free/open source code made it's way into windows?
It would be quite a coup if we could somehow legally show that they stole from the community without having to deal with the gnarly mess of windows code finding it's way into Linux.
I'm not implying that such a thing HAS happened, but we're presented with an opportunity here.
Re:From Rich Bowen's blog... (Score:5, Interesting)
Second, we're going to see lawsuits in the next 2 years where Microsoft identifies code in Linux, added after February 10, 2004, which are either copied from, or influenced by, the Windows source code. And, as absurd as this is, it will be used to have, as Microsoft would say, a chilling effect on innovation.
Hm. I bet Andrew Morton has better things to do then trawl through WinNT code. Staying away from it does seem safest, though...
Part of future kernen maintenance should probably include comparisons against this code, just to be safe. The worst possible thing would be for some witless idiot to include any of it into any OSS project and have this miss final review.
IMHO, rather than chortling over this disclosure, I'd rather have the code be kept completely secret by MSFT. Unfortunately, information is hard to keep secret when so may people have it.
GF.
This may sound crazy, but M$ would likely gain... (Score:3, Interesting)
One of Microsoft's big problems when introducing a new operating system (felt especially strongly when they released XP) is that they often have difficulty moving corporations and smaller companies to the new platform right away.
Many people still run 2000 (because it was M$'s first decent operating system) instead of XP because they have NO REASON to move to XP.
All of a sudden, 2000, and NT4 (which are holding strong in their pie-slice of the M$ OS world) have been subjected to enormous security liabilities.
Obviously the only answer for companies stuck with M$, move to XP! LOL.
Mighty convenient isn't it?
Re:You Should Not Be Cheering (Score:2, Interesting)
Fuck what happened to Stacker, Apple (quicktime) and all the other companies that MSFT stole from! Forget they perjury about the source code being a National secret (right before they let China have a copy)
Will this increase calls for stronger DRM? (Score:5, Interesting)
Given that so many companies outsource or collaborate with a far-flung global network of suppliers -- I'm sure MSFT need only whisper about the threat of leaked trade secrets to get corporate IT to adopt DRM/Trusted computing for everyday use.
Security through obscurity? (Score:5, Interesting)
However, good code wouldn't have this problem, string lengths would be checked, there wouldn't be hardcoded passwords, components that are not supposed to trust one another really don't, etc.
This exposure of the source may reveal just how crappy their code is. If its not crappy, I don't see necessarily how its more 'hackable'. Apache is open, and nobody hacks it to pieces on a daily basis. Can you imagine what would happen if the source of IIS was leaked?
Possible "culprit" found (Score:5, Interesting)
If this is true, then I suspect that the list of possible culprits is very short and some poor sap who didn't think things through is going to be in *very* hot water indeed early next week.
Re:source out on the open (Score:5, Interesting)
windows developers have had access to gpl'd source for well over a decade... but that hasn't legally impaired their ability to make their products.
any legal action against opensource projects by microsoft relating to these leaks will still have to demonstrate that:
Re:So the question is (Score:5, Interesting)
Furthermore, the most of the code in a given operating system belongs to the drivers. If it's the important 15%, then it could be completely irrelevant that you don't have the 85% that deal with graphics cards and similar.
Re:You Should Not Be Cheering (Score:5, Interesting)
I agree...just ask Burst.com [pbs.org]
Enderle is everywhere (Score:2, Interesting)
``It seems unlikely this is going to create a material, significant security problem,'' said Rob Enderle, a technology expert and principal analyst with the Enderle Group. ``It's more embarrassing than anything else because it makes it look like Microsoft can't control its code.''
It's disappointing to see such lazy reporting from the Times.
Re:Which is it? (Score:4, Interesting)
Bad for security... (Score:5, Interesting)
Since we all agree that all code has bug in them and since this code is out we can safely assume that some bugs will be found.
Now all the white-hat hackers are prevented by law to take a look at the code and since all black-hat hackers don't give a damn about that law, those who run windows are in a pretty bad place right now. Even worse than usual actually.
Oh well, the windows admins who like working overtime will love the coming year I suspect.
Re:Swearing? (Score:2, Interesting)
Someone else used this to calculate week starting dates going back 7 weeks. He basically took the current week number, and subtracted 1, 2, etc up to 7. It worked just fine for a few months, and then the new year rolled in. Suddenly his program was trying to use my utility to get week number -1, -2, -3, and so on, and then failing because it couldn't.
Since his logic had been put into place in several different places, it was decided that the simplest solution was to just enable my utility to calculate the few weeks at the end of the previous year rather than hunt down and fix every place he'd used his bad logic.
When I made the change, I put a comment in the header that read:
The phrasing in the actual code is not censored.
Sure it's unprofessional, but I was ticked off at the time and it slipped past my better judgement.
Re:source out on the open (Score:5, Interesting)
They had their "don't touch gpl" rule in place for quite a few years now. But they can access BSD licensed code and incorporate them freely.
Just because they had access doesn't mean MS employees are out to break the law
it works in reverse too. To microsoft, all this free linux code floating around on the net is a huge temptation for its employees to cut some corners and potentially land ms in big legal trouble
Is there any GPL Violating Software in it? (Score:4, Interesting)
Re:It was lifted from a Linux Box (Score:5, Interesting)
I've seen junk like that before, so it's entirely possible.
Entertainment value of media "experts" (Score:5, Interesting)
The funniest part of this whole thing has been the industry pundits explaining the ramifications of the source release in various media outlets.
The best I've seen today is on crn.com [crn.com] by some joker named Winell from Econium [econium.com]. He manages to say with a straight face:Mr. Winell has obviously never used Windows ME if he thinks Microsoft quality control prevents "bad releases". You know Econium must be a real player when the title of their home page is "Welcome to Econium who is a solutions provider."
The classic yesterday was Laura Didio from Yankee Group [yankeegroup.com] comparing OSS hackers to suicide car bombers. [internetnews.com]
Nothing like an embarassing Microsoft moment to get the "experts" out from under their rocks.
No step 2 necessary for step 3 (Score:1, Interesting)
THE FIGHT IS OVER!!!
MICROSOFT HAS WON!!!
All that they have to do is tie up the open source movments (specifically the mozilla, apache, wine, *BSD, Open Office, Linux, FreeDOS, samba and any other interoperable OSS project) in the legal system until they either fold or are marginalised.
Because of this leak, they now have the legal means to drage the Open Source world into a labyrinth court process which WILL KILL IT.
The fight is over, If Open Source is not now dead in the water, it will be before the year is out. I'd say before summer even gets here.
Re:Winsock API Included. (Score:5, Interesting)
right, betanews revealed it.. damnit. they could've at least credited me [slashdot.org]
bastards
Then why was the code in a "zip" archive? (Score:5, Interesting)
Zip files are rarely used for distributing source code amongst the Linux/Unix community because compressed tar files are far more efficient.
zip -r source.zip /usr/src/linux-2.4.22-1.2149.nptl /usr/src/linux-2.4.22-1.2149.nptl /usr/src/linux-2.4.22-1.2149.nptl
ls -l source.zip
-rw-rw-r-- 1 build build 49091705 Feb 14 06:20 source.zip
tar cjf source.tar.bz2
ls -l source.tar.bz2
-rw-rw-r-- 1 build build 31964979 Feb 14 06:23 source.tar.bz2
tar czf source.tar.gz
ls -l source.tar.gz rw-rw-r-- 1 build build 40689187 Feb 14 06:31 source.tar.gz
The resulting tarred archive compressed by bz2 is is around 35% smaller than the zipped source. With the exception of the the jar format for java classes, the zip format is rarely use by Linux/Unix developers for distributing source code.
IMO this points to the source code being lost by from a Microsoft based platform.
Re:source out on the open (Score:5, Interesting)
Let's do some math..and since we're talking conspiracy theory here, we only need to use addition!
* MS "kills off" the old OSs, but not enough corp users move
* MS goes security nuts and publicizes ever patch. Let's not mention that some patches take 6 months to come...
* Release the code through a "trusted partner" - MS supports lots of partners which, via programming, politics or press, support the beast in return.
* Frightened CEOs scream - CIOs look at updating to XPee vs. training staff on Linux and OpenOffice. Looks ok, until...
* Frightened CEO's PowerPoint presentation doesn't work right
SOLUTION:
* CEO - "Upgrade!"
* MS = PROFIT!
C'mon - add to the panic...It's Fun!
Re:You Should Not Be Cheering (Score:5, Interesting)
Imagine the impact, if, say, the following comment is found in the IE PNG rendering engine
(Disclaimer: this example is FICTIOUS. I do not have access to the code in any way. If such a comment is found, I hereby promise to imediately cease and desist watching Deadzone.)
stolen source as the culprit of all evil (Score:1, Interesting)
Now Microsoft can use the same excuse to force upgrades on people, harass other companies who happen to create similar code to theirs, excuse any future win2k/xp worms, and delays, et unpleasant cetera.
Re:I wonder how MS stock will react (Score:4, Interesting)
Microsoft is after all the largest tech company in the world, and windows is it's flagship product. I wonder why this isn't being covered more by the mainstream press. Maybe it's my geekiness talking, but this is a big story at least the biggest tech story of the day.
Re:Winsock API Included. (Score:5, Interesting)
comparing MS code to OSS code (Score:5, Interesting)
Re:This may sound crazy, but M$ would likely gain. (Score:5, Interesting)
No. Windows 2000 is NT 5.0, XP is 5.1 and Server 2003 is 5.2. Notice the minor version bump which indicates that all these releases share a lot a code.
It is reasonable to think they want to have users switch to Longhorn (does anybody know if it will be NT 5.3 or 6.O ?), but then the leak occured too soon, for they're not ready yet.
Re:Winsock API Included. (Score:3, Interesting)
Anyone else notice that the GNU PNG library was in the root directory? it looked as if it were put there by mainsoft devs though. but it was funny to find richard stallmans name associated with windows source code
Comment removed (Score:5, Interesting)
Yea, but what if..... (Score:5, Interesting)
.
.
Zipped contents of a CD-rom (Score:5, Interesting)
The expanded contents of the zip file is around the size of a single CD. This points to the contents being originally distributed from Microsoft on CD-rom.
Microsoft has made so much fuss about retaining control of the source code. In May 2002, under oath at the antitrust hearing Jim Allchin, group vice president for platforms at Microsoft, stated that, because the Windows operating systems contained inherent flaws, disclosing the Windows operating system source code could damage national security and even threaten the U.S. war effort. [eweek.com]
It's going to be interesting if it is subsequently found that Microsoft itself has been distributing said source code over the internet in zip format.
By the way, In February 2003, Microsoft signed a pact with Chinese officials to reveal the Windows operating system source code. Bill Gates even hinted that China will be privy to all, not just part, of the source code its government wished to inspect [com.com].
Dispite gaining more favored trading status with the USA, there remains many embargos over technology transfers which could put the US at future risk [newsmax.com].
Either Jim Allchin lied under oath, to prevent code revelation being any part of the settlement, OR the Microsoft corporation is behaving traitorously, by exposing national security issues to foreign governments.
The exposure of Microsoft source code put users at risk because of the inherent design and implimentation flaws built into the source code.
In comparison open source development practices [arxiv.org] enables open source distributions and users to evaluate the source code from the start. This forces developers to build in security from the early outset of each project or risk abandonment for more secure alternate solutions. End users can particpate in the development process.
I'm suprised no one has been saying this (Score:2, Interesting)
Let's not jump to conclusions here... (Score:2, Interesting)
Now, before you start thinking "zero-day" or any such doomsday thought, keep in mind that this stuff is almost four years old and does not figure even 1% of the total code. If it had been a solid 50% of XP's or Server 2003's code, I can understand the concern.
The best response in this case is still: Keep patching those servers and workstations, and watch for announcements from Redmond. There is no need to be any more alarmist if you are already running Windows and are following good security practices.
Re:DON'T TOUCH IT! (Score:3, Interesting)
Heh, I thought your comment was going to be a TIme Bandits reference.
More FUD within FUD? (Score:3, Interesting)
I think this is FUD within FUD, to try to generate some ill-will towards Linux, as if the computer running Linux had something to do with the code being put on the Internet by a HUMAN process.
Re:From Rich Bowen's blog... (Score:3, Interesting)
It needs a volunteer who agrees to screen patches, but does not contribute any code. That person would have to have legal access to Microsoft's code, using the leaked code would not be acceptable, and due to the MS NDA they have to sign, could probably only accept or reject patches in full without being specific about which parts of the code have been copied. But I expect that if a contributer was found to have been copying code, they would be considered untrustworthy and the maintainers would not want anything that is contributed by them anyway, so this is not really a disadvantage.
Re:Winsock API Included. (Score:3, Interesting)
Re:Doesn't sound as interesting as BSD or Linux. (Score:2, Interesting)
A question about source and product size (Score:3, Interesting)
Gotta love spin (Score:3, Interesting)
I don't know why I expected Microsoft to finally act like an honest company and tell the truth here, but they are in even worse denial then we oringally thought if they think we are buying the no big deal line.
BSD licence (Score:4, Interesting)
"Copyright (c) 1983 The Regents of the University of California. All rights reserved."
And I think the TCP/IP stack is also based on it (they would be really stupid to do otherwise)... But I think this is all old news...and it's all very legal in case you didn't know
Some interesting comments from the source (Score:1, Interesting)
Heh. Great job!
"// potentially off-by-1, but who cares..."
Yeah, who cares about security anyway?
The Xbox source code leaked over a year ago (Score:2, Interesting)
The forcedeth driver authors have ignored the many emails to them containing the nForce register list and documentation from the leaked Xbox source code.
WINE has ignored emails to them about the real name and purpose of the SystemFunctionXXX calls in advapi32.dll. (The header file doing the #define's to rename them was in the Xbox source, supposedly.)
anonymous woman
little problem here (Score:2, Interesting)
Some might believe MS has incorporated GPL'd code into windows.
However, in order to ascertain whether or not this is the case, and to provide proof, one would have to grep through the windows source. However, one cannot do that without violating MS's proprietary license. One cannot learn if MS is using GPL'd code without first subjecting oneself to a flurry of lawsuits...
But of course MS/SCO can look at GPL'd code whenever they want, and scream "They Stoled Our Source Codes" at the top of their lungs.....................
Interesting documents (Score:1, Interesting)
Misdirection maybe? (Score:3, Interesting)
Well, it seems to have worked.
A way to avoid legal problems = Source-Notaries (Score:4, Interesting)
The purpose of this closed-liscence division would be to run independant comparisons of new OSS contributions against a library of leaked closed-liscence code to ensure nothing gets slipped by the project managers and poisons the project source.
I was initially going to suggest that the project manager do this comparison, but that would be too risky for the project (closed-source legal teams might have a go at it). Instead using a trusted OSS community party to do the checking saves us the hassle of each project manager having to download all the latest leaked closed-source. The "source-notary" would have a central repository of leaked material, which would not be redistributed by them, only made available to the original authors and for use to run comparisons on new OSS project code submissions and therefore avoid having a company pay a developer to salt the OSS project with leaked code.
I think this is a pretty mature way of handling this and should satisfy all parties.
Re:alternate universe (Score:3, Interesting)
There was a science fiction short story I read that detailed that exact scenario. It was either in Omni or in a compilation in the early '80s, and it went somewhat like this:
In a future society, your career path is chosen for you soon after birth, by a semi-benevolent system that can tell what you'll like to do. The main character is chosen to be a musician, and creates beautiful music in complete isolation. But a shadowy figure lets the kid listen to a Bach fugue. The kid knows he's in deep doo doo, because the music has influenced him in a forbidden way. Despite his efforts, he's discovered -- because his compositions now have no fugues at all.
The story goes on to reveal the dark side of the supposedly benevolent society, showing what happens to those who don't fit in. Very dark story with an ambiguous ending, IIRC. Wonder what the name and author was?
Re:Let's not jump to conclusions here... (Score:4, Interesting)
Now, I haven't looked at the leaked (putative) Windows source code yet, but I did check some of the Linux kernel source, and the average seems to be more on the order of 20-30 characters per line.
If Windows source is statistically similar, 40 million lines would be close to 1 gigabyte (not 40), so the 650 or so megs of leaked code might indeed be a significant chunk of it. (I saw at least one claim that the leaked code comprises 13 million lines, which would be in line with these estimates.)
I find the "40 million lines" claim for Windows source code, even including all the drivers etc., a lot more credible than the "40 gigabytes" (which would imply something like a billion lines of code). Even then, it's a lot. For comparison, a recent Linux kernel on my machine is about 5 million lines of source code (and 150 megs), and an entire Linux distribution of around the same vintage as W2K, namely Redhat 7.1, is about 30 million [dwheeler.com] lines. The total functionality of W2K is arguably significantly less than that of an entire Linux distribution.
Kiscica
Re:wu-ftpd vulnerability strikes again! (Score:3, Interesting)
INFORMATIVE!?!?! You've been modded INFORMATIVE because you don't have any reading comprehension skills!? How do these people get mod points anyway?
was apparently removed from a Linux computer
Would you care to remove your foot from your mouth by explaining how "from" actually means "because of"? The guy could've accidentally ftp'd the damn thing to a public FTP server. Someone may have stolen it locally because he didn't lock his work station. A CORE DUMP COULD'VE BEEN CHECKED INTO A CVS ON A COMPLETELY DIFFERENT MACHINE THAN THE ONE THE CORE DUMP REFERENCES BY THE DIRECTOR BECAUSE HE WAS BEING CARELESS. It is not uncommon for people to check in bizarre shit that doesn't belong in the tree because they're not paying attention.
On top of that, if it really was an FTP flaw, would you care to explain how that's because of running Linux? Oh, I'm sorry, are there no FTP clients on UNIX? On Windows? Funny. I have a DOS FTP client right here.
On top of that, core dump files are SUPPOSED to make forensics trivial. The whole POINT is to provide valid information about the process at the time it crapped out so you can figure out what happened.
It is a POSSIBILITY that a Linux vulnerability exposed the code. Is is not LIKELY and there is no EVIDENCE at this point to even subtly suggest such a thing may be true. Before you go spouting such unbelievably warped bullshit, why don't you try analyzing the facts and firmly grounding yourself in reality first. If you'd done that, you'd realize that nobody knows exactly how it leaked at this point.
Unbelievable...
All ready happened (Score:3, Interesting)
Re:Mainsoft is to blame... (Score:1, Interesting)
I used to work for Mainsoft on that very product. I was the first, or close to the first, person working on the product to port source from Win NT into mainwin. In 1995.
What I found was that it was relatively easy to just import source code from Win NT source into Mainwin and have it just work. We'd also found that with modules such as Common Controls and the MFC layers, that we could just copy the source over, do a small number of tweaks, and use it.
The guys who began the mainwin product, Jose Luu and Gregory Popovitch, are fabulous software engineers. They created a great foundation through which they originally reverse engineered a lot of the Win32 system, and later that foundation proved solid enough to just reuse NT source code with little modification.
After the coup in which I was laid off, I heard that they were working hand-in-hand with Microsoft to port more and more NT source into mainwin so that the Internet Explorer port to Unix would be great.
- David Herron
Re:So the question is (Score:3, Interesting)
THere may not be enough code to build an OS, but what about the individual apps that come with it? If the source to notepad.exe is there, could someone build that?
Re:Winsock API Included. (Score:1, Interesting)
Re:You Should Not Be Cheering (Score:1, Interesting)
// BUGBUG we really should preserve the full 16-bit values
// for proper transparent calculation but our main client,
// MSHTML, doesn't preserve the RGB values at 16-bit resolution
// either so it doesn't matter.
private/inet/mshtml/imgfilt/pngfilt/sca nline.cpp:320
// alpha not gamma corrected
private/inet/mshtml/src/site/download
#if defined(PNG_READ_BACKGROUND_SUPPORTED)
/* replace any alpha or transparency with the supplied background color.
background is the color (in rgb or grey or palette index, as
appropriate). note that paletted files are taken care of elsewhere */
Re:here's my bet (Score:2, Interesting)
If it's the responsibility of the folks in charge of Foo_Project to ensure that none of the contributions to their code are actually from Windows...
Scenario A:
1. Evil kid contributes Windows source to Foo_Project.
2. Since they haven't seen the code, Foo_Project developers have no idea it's from the leaked Windows source.
3. Foo_Project developers cheerfully integrate the code.
4.
Scenario B:
1. Foo_Project developers look at source code.
2. Lawsuit ensues, and the developers have their hands dirty already.
.
Samba Shared, Half Life, (Score:3, Interesting)
You might have forgotton how recent last great leak of source code occured.
October 2003:Valve Software,Half Life 2 source,Microsoft Outlook
March 2000:Microsoft, "Whistler"/XP source code, QAZ Trojan [vnunet.com] The QAZ Trojan was confirmed as the source of the leak.Re:So the question is (Score:3, Interesting)
So they're claiming that the source code zipped at only about 33% compression. I haven't seen the code (nor am I inclined to, as just dealing with the incredibly shitty Windows API gives me a headache) but I'm extremely suspicious - source code usually achieves compression rates well in excess of 90%, with 95% - 98% not unheard of. So it is far more likely that this code expands to somewhere between 2 and 4GB.
Of course, this is Microsoft so who knows - they could be fucking up the compression in some really impressive way.
Re:Winsock API Included. (Score:2, Interesting)
But then again, that would make sense and this world has a way of doing the oposite of what makes sense.
Re:Source of the leak (Score:2, Interesting)
Did anyone listen to NPR? (Score:2, Interesting)
First of all, would Microsoft contract their code with curses to foreign governments and large corporations? If so is it possible that the copy was leaked directly from Microsoft or that the leaker inserted those comments?
Second of all, isn't it illegal even for a journalist to download illegally distributed source code?
Re:here's my bet (Score:2, Interesting)
Man, that SCO scam has really made people paranoid
Fortunately Groklaw obtained a nice and to-the-point clarification about the legal issues involved.
http://www.groklaw.net/article.php?story=200402
(No, OSS developers, you don't need to poke out your eyes now that windows source is out in the open.)
Re:Is there any GPL Violating Software in it? (Score:2, Interesting)
The TOS only applies to you if you install a Microsoft program or othwerwise explicitely agree to it. Any NDAs also dont apply to you if you did not sign them.
So looking at the source should be legal if you did not use any illegal means to obtain it
IANAL&co