Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Microsoft Windows IT Technology

Windows XP Source Code Leaked (gizmodo.com.au) 193

Artem S. Tashkinov writes: Gizmodo Australia reports: On Thursday, users on 4chan posted what they claimed was the source code of Windows XP. Posting an image of a screenshot allegedly of the source code in front of Window's XP iconic Bliss background, one user wrote 'sooooo Windows XP Source code leaked'. Another Redditor helpfully has uploaded the code as a torrent, assisting in its spread. While there is no confirmation that this code is definitely Windows XP, independent researchers have begun to pick through the source code and believe it stands up to scrutiny.

The Windows XP source code is not the only code which might have leaked. A screenshot of the torrent files contains files and folders named, Xbox, Windows Research Kernel, MS DOS 6.0, Windows NT 3.5 and 4 source code, Windows Embedded and CE and many others. If true, that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10, and as for Open Source, this leak could become a boom for Wine development because Microsoft is notorious for having a great number of internal APIs and various hacks in their APIs which make it difficult to reimplement them properly.

This discussion has been archived. No new comments can be posted.

Windows XP Source Code Leaked

Comments Filter:
  • Great, (Score:4, Interesting)

    by Mr. Dollar Ton ( 5495648 ) on Friday September 25, 2020 @09:47AM (#60543078)

    we can finally have a working wine.

    • Re:Great, (Score:5, Interesting)

      by nbritton ( 823086 ) on Friday September 25, 2020 @09:56AM (#60543124)

      Are you sure about that, this could end up being a poison pill. Microsoft could allege that any reverse engineered code was derived from the original source code. If Microsoft wants to be seen as friendly to the open source community, they're going to need to open source whatever code was apart of this disclosure or at least agree to not sue anyone for reverse engineered implementations. This significantly damages the ReactOS project, probably killing it dead. In theory, this could be an intentional act by Microsoft to damage various open source projects.

      • by JustNiz ( 692889 )

        Microsoft can allege all they like. Without direct proof they can't do shit.

        • Re:Great, (Score:5, Insightful)

          by ZiggyZiggyZig ( 5490070 ) on Friday September 25, 2020 @10:03AM (#60543158)
          With a lot of money and a good lawyer, you don't need direct proof to do shit.
          • by JustNiz ( 692889 )

            Why haven't they done it already then?

            • You can't allege that leaked source code was used to develop new code, if there isn't any leaked source code.

              But now there is leaked source code, so anything created on or after today could potentially be a target for legal harassment.
              =Smidge=

        • Re:Great, (Score:5, Insightful)

          by DarkOx ( 621550 ) on Friday September 25, 2020 @10:12AM (#60543196) Journal

          Are you sure about that these would be civil suits you realize. Microsoft has deep pockets to do what Caldera tried to do to IBM and Novel. They can sit and litigate every little file, and unusual data structure. That ties up a lot of lawyer, court, and discovery time. Gets expensive fast. The sort of expensive that cause OSS products without the wealth patron like IBM to just fold up. I don't how deep CodeWeavers pockets go but probably not Microsoft litigants deep.

        • Re: (Score:2, Funny)

          One month later and WINE suddenly has 100% compatibility...

      • Re:Great, (Score:5, Informative)

        by jittles ( 1613415 ) on Friday September 25, 2020 @10:13AM (#60543198)

        Are you sure about that, this could end up being a poison pill. Microsoft could allege that any reverse engineered code was derived from the original source code. If Microsoft wants to be seen as friendly to the open source community, they're going to need to open source whatever code was apart of this disclosure or at least agree to not sue anyone for reverse engineered implementations. This significantly damages the ReactOS project, probably killing it dead. In theory, this could be an intentional act by Microsoft to damage various open source projects.

        You probably should have disclaimed that with a "IANAL" because you clearly do not understand how this works. It is perfectly legal to reverse engineer [wikipedia.org] your competition's products. What is not legal is to use that reverse engineering effort to develop your own competing project and there is a very simple workaround. You have one team reverse engineer the product and draft a specification based on that effort. You have a second team perform the implementation. This has been done for decades. They can also go the route of relocating their project to a country that simply does not care where the material came from. This is very common in open source projects that may be subject to the DMCA - they ensure that all of their infrastructure and contributors are not bound by the DMCA and go on as if the law never existed.

        • See also: IBM PC compatible [wikipedia.org]
        • Re:Great, (Score:5, Insightful)

          by OrangeTide ( 124937 ) on Friday September 25, 2020 @11:39AM (#60543478) Homepage Journal

          IANAL but hiring a third party to reverse engineer and write you a spec is not illegal. Most of what is needed are not algorithms but interfaces and architectural behavior. Once you have a clean room spec the implementation can move forward.

          It's too bad if this third party decides to use some stolen code. That's a copyright violation. And entirely the third party's problem. Business relationships are usually insulating like that. We have numerous scandals of contractors using illegal practices and rarely is the original company found at fault. The key is you don't want to ever know for certain that your business partner is doing something shady. Don't have emails or voicemails that can show up in discovery.

          P.S. not only am I not a lawyer. I am not YOUR lawyer.

          • Re:Great, (Score:5, Informative)

            by sjames ( 1099 ) on Friday September 25, 2020 @12:57PM (#60543728) Homepage Journal

            Also IANAL, but there's nothing illegal about looking at leaked code and writing up a detailed description of the ABI. The person who gave you that code might have violated copyright, but you didn't.

            Unfortunately, that doesn't insulate you from a never ending train of civil suits alleging essentially "you didn't say Mother May I" and "I didn't say Simon Says". And it's more expensive than most people can bear even if they win every single time.

            Consider the crazy SCO lawsuit. Even when the plaintiff was reduced to just a CEO and a Lawyer with no hope of ever resuming business, the shambling zombie continued to be a time and money suck for 10 years. Even to this day, the rotting remains occasionally quiver as if trying to get back up. Even the revelation that they didn't actually own the copyright to the code they were suing over couldn't kill it.

        • Yeah, you also probably should have disclaimed that with an "IANAL" as well, because that strategy only works if you can prove the second team has never seen the source code, and now that the source code is public information, Microsoft can easily argue that any person writing new code snuck a peek at the original source code. The coder writing new code would for all intents and purposes need to try to prove a negative.

          https://www.amc.com/shows/halt... [amc.com]

          • Re:Great, (Score:5, Insightful)

            by jittles ( 1613415 ) on Friday September 25, 2020 @12:44PM (#60543674)

            Yeah, you also probably should have disclaimed that with an "IANAL" as well, because that strategy only works if you can prove the second team has never seen the source code, and now that the source code is public information, Microsoft can easily argue that any person writing new code snuck a peek at the original source code. The coder writing new code would for all intents and purposes need to try to prove a negative.

            https://www.amc.com/shows/halt... [amc.com]

            I don't know how your legal system works but in an MS lawsuit the plaintiff would most certainly have to prove that not only did the defendant do something wrong but that what they did somehow caused harm to the plaintiff. If you don't ever download the leaked code and you don't have any of the code samples on your machine how can MS ever prove that you saw the code? Your argument makes no sense whatsoever on the face of it because any clean room spec implementation would be impossible by that same token. The source code exists ergo it is possible that one of the clean room developers saw it. That's just absurd. Microsoft would have to prove that they saw the source code and used it as a reference, not the other way around.

        • by bws111 ( 1216812 )

          There is nothing illegal about using reverse engineering to develop a competing product (unless patents are involved, and your 'workaround' does not work in that case). The 'two teams' method is used when members of the first team (the ones who know how it should work) have been 'tainted' by exposure to the original source. This may happen, for instance, in the case of a joint development effort that ended. If they were to write the code, and should happen to create code identical to the original, it can

      • Microsoft could allege that any reverse engineered code was derived from the original source code.

        That's not how that works. APIs are not copyrightable, and thus the ability to copy their functionality is not something they can suddenly claim is infringing simply because someone could see how it worked in source code rather than reverse engineer it.

        this could be an intentional act by Microsoft to damage various open source projects.

        I think the 5G is getting to you. Best go burn down your local tower.

        • Re:Great, (Score:5, Informative)

          by tysonedwards ( 969693 ) on Friday September 25, 2020 @10:58AM (#60543340)
          Google v. Oracle would presently disagree with you. We are 13 days away from that being heard by the Supreme Court, so we aren’t too far away from a definitive answer on the matter.
        • by jabuzz ( 182671 )

          Unless you happen to be Oracle who think API's are copyrightable.

        • by kbg ( 241421 )

          That's not how that works. APIs are not copyrightable, and thus the ability to copy their functionality is not something they can suddenly claim is infringing simply because someone could see how it worked in source code rather than reverse engineer it.

          Unfortunately reality doesn't agree with you: https://en.wikipedia.org/wiki/... [wikipedia.org]

        • by sconeu ( 64226 )

          That's not how that works. APIs are not copyrightable, and thus the ability to copy their functionality is not something they can suddenly claim is infringing simply because someone could see how it worked in source code rather than reverse engineer it.

          Really? You might want to ask Oracle about that...

        • Re:Great, (Score:5, Interesting)

          by segin ( 883667 ) <segin2005@gmail.com> on Friday September 25, 2020 @12:31PM (#60543648) Homepage

          the ability to copy their functionality is not something they can suddenly claim is infringing simply because someone could see how it worked in source code rather than reverse engineer it.

          That's actually exactly how this works, at least in the US. In fact, this was one of the main points of the case Sega Enterprises Ltd. v. Accolade, Inc., 977 F. 2d 1510 (9th Cir. 1992) [copyright.gov]

      • Re:Great, (Score:5, Insightful)

        by SirSlud ( 67381 ) on Friday September 25, 2020 @10:47AM (#60543296) Homepage

        I seriously doubt MS gives a shit about Wine, they probably recognize it does their platform more good than harm - or has any meaningful effect on their bottom line at all. This is a company that long ago stopped putting all its eggs in how much money selling Windows licenses can make them. I expect rebuttals only from the folks who are in a spacetime bubble stuck at 20 years ago.

      • Re:Great, (Score:5, Interesting)

        by neilo_1701D ( 2765337 ) on Friday September 25, 2020 @10:53AM (#60543322)

        Are you sure about that, this could end up being a poison pill. Microsoft could allege that any reverse engineered code was derived from the original source code. ... This significantly damages the ReactOS project, probably killing it dead.

        And how does this happen, when the Windows 2000 source code leak didn't have these repercussions back in 2004?

        Also, does Microsoft even care about ReactOS? It's a nice little project and all, but hardly a threat to Windows 10 or Azure.

      • Exactly that. Codeweaver, for example, expressly states new hires must have no Microsoft source code experience. Their code MUST look different and be a clean room implementations. Else Microsoft could sue them and prove their code has been reverse engineered.

        And Wine and DXVK are very important pieces of steam play which are very important to Linux gaming.

        It will be harder to find developers "clean" of that knowledge.

      • Yeah Microsoft are *terrified* of ReactOS, an archaic & permanently alpha state OS used by 5 developers and their friend. Jesus, get a grip.

    • Until MS triumphantly finishes years of work for Windows 11, of which only 23% consists of hacks and internal APIs to not make Wine work.

    • Re:Great, (Score:4, Funny)

      by Jeremiah Cornelius ( 137 ) on Friday September 25, 2020 @10:00AM (#60543146) Homepage Journal

      Oh, no! Someone stole the golden turd!

    • by Kisai ( 213879 )

      Definitely not.

      Just like the "Nintendo Leaks" , at best someone who isn't part of an emulator project can pick through it and identify the bits that cause problems and then slip that description under the door to someone working on the emulator. The same for Wine/ReactOS.

      While it's certainly an interesting thing, it's also not really that valuable except to people looking for exploits. In which case as soon as it gets to someone who is actually knowledgeable and not just a bunch of script kiddie's, someone

  • by nagora ( 177841 ) on Friday September 25, 2020 @09:48AM (#60543080)

    That's going to be interesting, isn't it?

    • That's going to be interesting, isn't it?

      Yup... I have a sneaking suspicion that there will be a significant issue discovered here... Which if it turns out to be true, then the mighty M$ may end up putting the source into the public domain and be done with it.

      At which point, they will start rapidly rewriting all the code they can in their current products. It's OK, they can afford it I think.

      • by ClickOnThis ( 137803 ) on Friday September 25, 2020 @11:09AM (#60543394) Journal

        That's going to be interesting, isn't it?

        Yup... I have a sneaking suspicion that there will be a significant issue discovered here... Which if it turns out to be true, then the mighty M$ may end up putting the source into the public domain and be done with it.

        Leaked or not, the code is still copyright. By somebody, if not by Microsoft. So no, I don't see this going into the public domain.

        What I see as more likely is that MS will release what it can under a license that will protect its interests, even though the code is now visible. If MS has GPL code in its products, then it may (a) rewrite the offending code (as you suggested); or (b) welcome a showdown on the legal strength of the license. Companies in similar situations have opted for (a) up to now.

      • Which if it turns out to be true, then the mighty M$ may end up putting the source into the public domain and be done with it.

        It would mean that Microsoft would have to cease further distribution of Windows XP. That's probably not a big deal.

        Potentially there are damages possible. That's complicated. I don't know of any examples where an GPL project successfully claimed damages for a violation. But I wouldn't be surprised if there were discreet settlements.

    • by perpenso ( 1613749 ) on Friday September 25, 2020 @10:57AM (#60543336)

      That's going to be interesting, isn't it?

      Most likely, no, not at all. Researchers, professors and students, have had access to MS Windows (NT onward) source code for a long time. Microsoft grants access to certain researchers looking into things that also interests Microsoft. They have to keep the source secure but are free to publish their work. And Microsoft gets the right to incorporate their work if they care too.

      In short many eyeballs have been on the Windows source code outside of Microsoft, and that's just the legal eyeballs.

    • Why would they bother when they could use BSD code? Didn't they already use it for ftp.exe back in the NT days?

  • by OffTheLip ( 636691 ) on Friday September 25, 2020 @09:50AM (#60543090)

    that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10

    That explains a lot.

    • by Luckyo ( 1726890 )

      Yeah, that explains the stable, functional parts that aren't directly linked to windows update and occasionally fuck your machine.

    • by WeatherServo9 ( 1393327 ) on Friday September 25, 2020 @09:54AM (#60543106)

      that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10

      That explains a lot.

      If it ain't broke, don't fix it! Windows XP saw a lot of real world use over a number of years; sure, it had problems, but there's also probably a good amount of code essentially proven to be solid and reliable, so why wouldn't they want to leave well enough alone when possible?

      • Windows XP started out as a bug filled release with huge security holes. Took them years to find all the ways that it could be hacked and supply a patch. Now, it was better that the 95 based versions.
      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Friday September 25, 2020 @11:08AM (#60543386)
        Comment removed based on user account deletion
        • by AmiMoJo ( 196126 )

          XP was tolerated because there was no alternative for a lot of people. Mac OS only worked on Macs and Linux was pretty awful for non-techies in 2001.

          Nowadays, in no small part due to many things being web based and cross platform frameworks making software more widely available, Linux is a great alternative as a desktop OS.

      • that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10

        That explains a lot.

        If it ain't broke, don't fix it! Windows XP saw a lot of real world use over a number of years; sure, it had problems, but there's also probably a good amount of code essentially proven to be solid and reliable, so why wouldn't they want to leave well enough alone when possible?

        If Microsoft was relying on security-through-obscurity in this WXP code, and it is present in W10, then yes, it could spell disaster.

        Making the code visible may in fact be what breaks it.

      • One thing that has been important to Microsoft is backward compatibility - a Windows program I wrote 22 years ago still works. Contrast iOS and Android.

        XP *is* broken, very. Yet Microsoft chooses not to fix it. Both for backward compatibility and because fixing things costs time and money in the short term.

        Something we're dealing with right now is that while TLS 1.2 was released in 2008, Windows still uses 1.0 and 1.1 for important functionality. TLS 1.2 still isn't enabled in Windows by default, over

      • by Merk42 ( 1906718 ) on Friday September 25, 2020 @12:18PM (#60543606)
        This is Slashdot, Microsoft can do no right.
        If Microsoft were to have completely rewritten Windows 10 from scratch, people here would complain it was "change for the sake of change" and therefore bad.
        • Windows 10 would seem to be the worst of both worlds. Change for the sake of change sitting on top of layers of cruft.

    • Reading some comments elsewhere it seems this torrent was floating around in hacker circles for a long time and someone finally leaked it.

    • that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10

      That explains a lot.

      Microsoft is a slave to legacy. They have to maintain compatibility above all else for as long as they possibly can. That means they keep the same code base that works for a LONG time.

    • I'm currently working on a system that has 25+ year old C code way deep down inside. It works fine, all the bugs are well documented and dealt with, so why replace it?

      • by organgtool ( 966989 ) on Friday September 25, 2020 @02:01PM (#60543966)
        What you're describing sounds like a government system. There's nothing wrong with that, but if this is the case, you don't have to worry about a competitor showing up out of nowhere with a new codebase that does things that your code was never designed to do and can not be easily adapted to do.

        For instance, Chrome was written from the very beginning to use a separate process for each tab. Firefox had a very mature codebase at the time and has spent more than a decade attempting to adapt their own code to also use a separate process for each tab but it's proven incredibly difficult because adding support for it breaks almost every aspect of the browser and requires a complete shift in the foundation of the code. Therefore, the more competition you have, especially against apps/systems written from scratch, the harder it will be to adapt all of your existing code to offer features that competitors offer using their own fresh approach. That doesn't necessarily mean that you should rewrite your app/system from scratch, but it certainly adds a challenge of adapting all of your legacy code to offer something close to comparable.
    • Well, Windows is a huge project and you don't just throw all the code away and start from a clean sheet for every new version. A lot of time has gone by since Windows XP was last updated but I'm sure some parts of the code have seen little change since then
  • If Microsoft proprietary code turns up in Wine, they're proper fucked - criminal and civil liability to the tune of the GDP of the entire observable universe.
    • by MikeDataLink ( 536925 ) on Friday September 25, 2020 @09:56AM (#60543126) Homepage Journal

      If Microsoft proprietary code turns up in Wine, they're proper fucked - criminal and civil liability to the tune of the GDP of the entire observable universe.

      That's not how this works. They'll use the source code to discover the API's so they can engineer software that talks to them.

      • This was basically settled with Compaq v. IBM. One team reverses & documents, one team implements, and a third team ("Chinese Wall") only talks to the other teams.

        There can only be communication about how it works, no direct knowledge of code. As soon as one implementor sees the code, everything is destroyed.

        I seem to recall Compaq had different access-controlled offices too. For WINE it might be more difficult as access control is harder online. One slip-up could ruin everything.

        • This was basically settled with Compaq v. IBM.

          Nope. In that case they copied the code and made their own version of the BIOS. This isn't about copying the code, its about learning how to talk to the code.

      • That's not how this works. They'll use the source code to discover the API's so they can engineer software that talks to them.

        You had me until the word "they"

        Its inevitable. Dont be blind.

      • by Cid Highwind ( 9258 ) on Friday September 25, 2020 @10:49AM (#60543308) Homepage
        Windows code has leaked before (and sparked arguments on slashdot about what Wine should do with it before) their stance last time was they don't want contributions from anyone who touched it.
      • by orudge ( 458780 ) on Friday September 25, 2020 @12:31PM (#60543646) Homepage

        Wine has clean room guidelines (https://wiki.winehq.org/Clean_Room_Guidelines) which specifically forbid looking at Microsoft code (leaked or otherwise - e.g. Windows Research Kernel).

        In many cases I suspect the code would not be all that useful anyway - some of Wine’s glitches and foibles arise simply because of differences between Linux/macOS and Windows that can’t easily be accommodated. And an unknown user who suddenly dumped a load of code without otherwise building up their experience with Wine and so on would be looked upon very suspiciously.

  • by mysidia ( 191772 ) on Friday September 25, 2020 @09:54AM (#60543108)

    Windows 10, and as for Open Source, this leak could become a boom for Wine development

    If the Wine developers know what they are doing, they will steer clear from reading leaked source code.

    Obtaining sudden unexplained knowledge from the sources could later result in allegations to having read and incorporated non-literally copied code and trade secrets that were from materials leaked illegally... Its toxic and dangerous to touch that stuff, unless Microsoft responds to the leak by releasing the code as open source to encourage that others identify bugs and submit fixes.

    The more likely result however, is teams of investigators and lawyers going out to try and find where leaked code might have reached, and trying to get all misappropriated copies destroyed.

    That... and Microsoft will now have an excuse to re-write a whole bunch of OS code.. perhaps rewriting the old C++ code in C# or Rust, or Javascript, or something...

    • by dabadab ( 126782 )

      Well, there's a tried and true method of executing this, as demonstrated by Phoenix Software with the IBM PC BIOS: one team looks at the code and writes a functional specification based on it and the other team (the actual Wine developers in this case) implement this specification.

    • Obtaining sudden unexplained knowledge from the sources could later result in allegations to having read and incorporated non-literally copied code and trade secrets that were from materials leaked illegally...

      An act that isn't remotely illegal. You can't apply "trade secrets" to functionality implemented in an API. You can at best apply copyright to verbatim code.

      • by flink ( 18449 ) on Friday September 25, 2020 @10:37AM (#60543254)

        Obtaining sudden unexplained knowledge from the sources could later result in allegations to having read and incorporated non-literally copied code and trade secrets that were from materials leaked illegally...

        An act that isn't remotely illegal. You can't apply "trade secrets" to functionality implemented in an API. You can at best apply copyright to verbatim code.

        If the reverse engineer even unknowingly relies on knowledge of the copyrighted source code to implement the open version of the API, it can be alleged that the implementation is now a derivative work. Even if the argument doesn't hold up at the end of the day, it will be enough to support a protracted trial that would bankrupt just about any free software project.

        Any contributor to WINE should steer clear of these files, with the possible exception of header files, but those were probably available as part of SDKs anyway.

        • by sconeu ( 64226 )

          If the reverse engineer even unknowingly relies on knowledge of the copyrighted source code to implement the open version of the API, it can be alleged that the implementation is now a derivative work. Even if the argument doesn't hold up at the end of the day, it will be enough to support a protracted trial that would bankrupt just about any free software project.

          See Oracle v. Google

    • Heh, you think they'll be ashamed of their code being exposed to the world and suddenly decide to rewrite huge parts of it in another language?
      AFAIK Microsoft has already considered writing many low level parts of the OS in another language (I think I saw Rust mentioned somewhere). Also I guess some parts nowadays are written in C#.
      Anyway, C++ is evolving reasonably fast these days (official releases of the standard every 3 years) and is adding many improvements. That negates somewhat the need to rewrite
  • Right now WINE not going "poof" do to copyright infringement action pretty much comes down to it being clean room. If any of this code ever slips its way into the project it might spell real trouble. Talk about 'viral'

    • Let's fork WINE. We'll have a version that runs XP perfectly and a version that doesn't get sued by Microsoft.

  • Unrelated to Wine (Score:5, Informative)

    by Sun ( 104778 ) on Friday September 25, 2020 @09:55AM (#60543122) Homepage
    It's been a long while since I've programmed for Wine, but I doubt it changed any. It is not even the first leak.

    Wine has a clear policy of not going near MS source code.

  • Boon (Score:5, Informative)

    by sethmeisterg ( 603174 ) on Friday September 25, 2020 @10:01AM (#60543148)
    Not boom.
  • ... Quick! Contain it, before it infects your computer! We're all gonna die!

  • that could spell a disaster for Microsoft because large chunks of Windows XP source code are still used in Windows 10

    What "disaster"? How could this possibly harm Microsoft?

    No one is going to compete with them commercially based on this information. What harm is there in some geeks learning a few undocumented APIs? That they may now better understand, how something works — or implement their own app or widget better is good for Microsoft, as it makes their OS more attractive.

    One could suspect, Microso

    • by k6mfw ( 1182893 )

      Microsoft have arranged for the leak deliberately

      Kind of like a movie that is tanking at the box office, then somehow an unencrypted digital version is put into public files and gets huge headlines?

      "Screenshot of source code" doesn't make sense to me. I've never seen source code but I expect it is a bloatware of text that goes on an on. And just a portion doesn't seem valuable because what other portions of the total code that is referenced or subroutine (if such a thing is still done?).

      I still have three XP machines in use for personal stuff (intern

    • by DarkOx ( 621550 )

      The disaster is there is a lot of code in Windows that goes back all the way to NT4 and maybe even before that. Not just things like cmd.exe but things that are running as "local_system" and listening on network sockets; like those print spooler vulnerabilities that were published earlier this year.

      While people have no doubt fuzzed the crap out of windows that only reveals so much, and where it does turn you on to potential attack vector it does not always mean its clear or simple to turn it into something

  • NSAKey (Score:5, Interesting)

    by bill_mcgonigle ( 4333 ) * on Friday September 25, 2020 @10:11AM (#60543192) Homepage Journal

    Let's find out what the real story is behind NSAKey. Nobody believes Microsoft.

  • Maybe nice that the code leaked, but it's not possible to use the actual code in open source projects as it's illegal and would get the project in legal trouble.. Yes for extra insight into how something works it's ok, but using it directly is not possible.
    • "...it's not possible to use the actual code in open source projects as it's illegal and would get the project in legal trouble."

      A cynic might suggest there will have to be an exception for parts of the XP code that were ripped off from open source projects in the first place.

  • Closed source code is also a very sensitive material because it might (I mean surely) contain copypasted code from open source projects.

    • Closed source code is also a very sensitive material because it might (I mean surely) contain copypasted code from open source projects.

      Well that would have been BSD code so its not a problem, ex networking. At least for the legacy NT code, Linux was not terribly interesting back then.

  • Microsoft Loves Open Source [microsoft.com]. Just the next step in the process! I'm sure they'll embrace this with open arms.
  • This is the same source code leak from 2008! Old news

  • by smist08 ( 1059006 ) on Friday September 25, 2020 @10:55AM (#60543332)
    Most of Windows has already been decompiled using tools like Ghidra. Will be interesting to see which set of code is better documented.
  • The source for Win 95 has been around for ages. Can't wait to do a diff. Wonder if the do_nothing_loops() are optimized?

    https://fsinfo.noone.org/~abe/... [noone.org]

  • by twocows ( 1216842 ) on Friday September 25, 2020 @11:57AM (#60543540)

    this leak could become a boom for Wine development

    No it couldn't. FOSS projects are unable to used leak code, assets, or documentation because those things are still proprietary. They might be able to go off of write-ups by people who looked at the leaked information. I'm not sure about the legality of that. But they absolutely can't make direct use of Microsoft's leaked IP, that's very much illegal and would get them in a lot of trouble very quickly.

  • Microsoft has been pushing open source really hard the last few years.

    The wrongly named WSL: "Windows Subsystem for Linux" along with their seat on the Linux Foundation I think is a hint as to where Microsoft plans to take Windows.

    I think within the next 8-10 years, the NT kernel is going to be replaced with a modified Linux kernel that can handle NT Kernel system calls. Explorer will be re-written for linux, and backwards compatibility will be maintained, except, now Windows developers can use Linux APIs t

  • by xack ( 5304745 ) on Friday September 25, 2020 @01:27PM (#60543840)
    Windows XP is almost 20 years old, it has been out of support for six years and won't even boot on modern EFI only motherboards. Most use is among retro gamers and businesses with legacy code. Microsoft needs to get Windows XP out of the legal limbo it is in right now as there is no way to get a legitimate new licence.

    If they don't want to open source it then they should licence it out to a responsible company like ArcaOS was for OS/2. Now Microsoft is committed to Windows 10 as a perpetual service all previous Windows need a home somewhere.
    • Maybe it was a favor to the legacy community, knowing it would never officially be released, nor would anyone running today's computers really care.
    • by vux984 ( 928602 ) on Friday September 25, 2020 @04:57PM (#60544340)

      "Windows XP is almost 20 years old, it has been out of support for six years and won't even boot on modern EFI only motherboards. Most use is among retro gamers and businesses with legacy code. Microsoft needs to get Windows XP out of the legal limbo it is in right now as there is no way to get a legitimate new licence."

      Getting a license for XP is difficult but not impossible. Any retail license box can be legally transferred, and they're out there on the 2ndary markets.
      And while OEM licenses aren't transferable to new hardware, if the hardware the license is attached to still works, you can just buy the whole PC and use it.

      The problem I have right now is activation. I have retail XP licenses+product keys that I've been using with virtual machines for over a decade (to bridge modern networks to MSDOS with Netbios+Netbeui).

      With the last VM install I did, I actually couldn't get XP activated. Online activation is offline, and even the phone backup method-- which is tedious but still worked the last time I did it a couple years ago, also rejected it.

      There are hacks and stuff and that might be ok for the retro gamer crowd that's not an ideal option to say the least.
      And we've got 100s of thousands in industrial manufacturing hardware that run just fine with MSDOS+netbeui that may go another decade or more yet. That I'm not willing to scrap over windows XP activation issues.

  • by chill ( 34294 ) on Friday September 25, 2020 @05:30PM (#60544410) Journal

    For those to young to remember, this is all happened before [neowin.net].

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...