Windows2000 and NT go open source! (inadvertently) - slashdot.org

Posted by CmdrTaco on Thursday February 12, @04:43PM
from the making-the-rounds dept.

PeterHammer writes "Neowin.net is reporting that Windows 2000 and Windows NT source code has been leaked to the internet. More on this as we hear it."

(snip)

A quick peek around indeed shows something named Windows.Source.Code.w2k.nt4.wxp.tar circulating, but this had to happen sooner or later, considering the number of institutions with access to the source. Wonder how long it'll take before a torrent of new worms using newly discovered security holes tear up the net.

(snip)

"The server is too busy at the moment. Please try again later."

Later isn't going to work, since the server was down even before it hit the Slashdot front page. I empathize with their server.

I did, however, managed to grab the news blurb (but not the, at that point, 214 comments) from the intermittent front page:

Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

more...
http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109&tid=187

Most voting systems have some form or another of Windows in them.

Crap. Well it guarantees IT employment for a few more years.

and 2000 over to XP/2003...aren't they?

Winddows 2000 is Windows NT 5, XP/2003 are NT 5.1

because now... keeping malicious code out of a windows box is going to be like trying to eat soup with a fork.

XP is from the same same code base, no?

Give it a try.

Bootable CD

www.knoppix.org

Other people could do the same for the benefit of those who don't have CD burners. (hint, hint)

Edit: typo

I love my MAC!!

Never have we paid so much for so little to look really good doing it.
--anon

but some of the discussion is just plain crazy.

One guy's claiming the source is 20 gb. That's just plain ridiculous. Everybody in the universe typing for 20 years couldn't generate 20 gb of text.

...and stated that the actual source was 200GB! I find that somewhat inconceivable, even uncompressed and laid out ready to build. Even after it's been built (though object code is huge).

After doing about 30 min of poking around, including reading almost all of the /. thread, it sounds like the archive that's going around is about 208 MB. I found a copy of the file listing of that archive, and uncompressed, it totals up to about 600+ MB.

For comparison, the source code to the 'guts' of the Mac OS X operating system, Darwin, are about 160MB or so compressed (the last time I downloaded it). That's without the interface, the 'eye candy' and the built in applications -- just the Unix parts.

The alleged file listing for the W2K archive is very large, about 2.3 MB, and is a long, long tar archive listing. It's huge, and the listing looks about how I'd expect it too, but I haven't spent a lot of time staring at it in detail.

One person said that they did download the whole archive, and looked through many of the files. They said they appeared authentic, although it seemed like some were missing when they spent some time to get it to compile (but they gave it up before they were successful).

Another person stated they had seen/worked with the code at one point, and didn't see a bunch of files that should be included in the listing.

I'd say that if what was leaked is authentic, then it's probably not the entire source code.

One way know if it's real, short of obtaining it and building it, is to watch if a whole buttload of new Windows viruses and worms appear over the next few weeks. If so, then it was probably authentic, whether partial or or the whole code...

Still a noob, but I'm learning. Using Fedora Core 1, and Knoppix when I need its partitioning tools.

Linux is fantastic, too. Unfortunately most offices are still locked into Windows hell.

The thought of looking at Windows source code makes me ill. It's like finally confronting your tormentor after all these years.

And it's as Red-Hat-ish as you can get. Based on RHEL. http://www.taolinux.org/

No question about Knoppix, it rocks.

Microsoft relies heavily on dlls, which are individually compiled and not resident in source code. You may be able to see references to them, but that's about it.

I downloaded the Wolfenstein 3d source code from ID for free, tried to compile it but no dice. It was missing all of the include files. It only had the .c files... no .h's.

I've also had to play clean-up after a programmer quits or gets fired. You'll be surprised how many useless loops and pointless recursive functions are thrown in there just to throw off other programmers that will take their place. Multiply that by a couple hundred and you'll get an idea of what the source code probably looks like.

Then there's the hoaxers who like to create a 208mb file labeled "Win2kPro-Cracked-by-L1BeRAcE" and it ends up being a bunch of setup files for command and conquer and sim city.

Anyway, most of the "hackers" out there can't hang with hardcore code. They'll just write a routine that uses an already existing function, but make it do malicious things... like the mass-mailing worms. You can go to vbcode.com and create your own "virus" using perfectly legitimate, benign code: Retrieve an address book, Send email, open shared drives on the network, return user names, change access permissions, copy files, delete files etc etc. All-in-all, they're not that talented.

But i could be wrong and civilization could end as we know it, but at least i'll admit i was wrong!

From LBN:
http://www.democraticunderground.com/discuss/duboard.php?az=show_topic&forum=102&topic_id=361876

SEATTLE - Microsoft Corp. said late Thursday that portions of its Windows source code — the tightly guarded blueprint of its dominant computer operating system — had been leaked over the Internet.

Microsoft spokesman Tom Pilla said in an interview with The Associated Press that some incomplete portions of the Windows 2000 (news - web sites) and Windows NT4 source code had been "illegally made available on the Internet."
(snip)

Thems the hazards of closed source.

Relevant to BBV issue.