NT4 and Windows 2000 source code leaked!!!

M

MaxiKana

Guest
http://www.neowin.net/comments.php?id=17509&category=main

The story:


"Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

"This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department."


Wonder how this happend?
 
Originally posted by MaxiKana
This reporter does not wish to be sensationalist, but
Click to expand...
...but I'm gonna be!

He does put a very sensationalist spin on the whole thing, does he not? Regardless, I'll believe it when I see it in cnn or in a statement from MS. We'll see.

Wonder how this happend?
Click to expand...
Outsourcing, I'd bet. Which would be irony of the highest order.
 
Neowin Message
The server is too busy at the moment. Please try again later


if true Im switchin to linux and openBSD
regardless of the learning curve involved
and leave my W2K as a standalone
 
heh

It'll be interesting to see how this plays out.
MS is just having a bad month if this is true.
Big IF there.
 
well I found it:

W2K source code

#include "win31.h"
#include "win95.h"
#include "win98.h"
#include "workst~1.h"
#include "evenmore.h"
#include "oldstuff.h"
#include "billrulz.h"
#include "monopoly.h"
#define INSTALL = HARD

char make_prog_look_big[1600000];
void main()
{
while(!CRASHED)
{
display_copyright_message();
display_bill_rules_message();
do_nothing_loop();
if (first_time_installation)
{
make_50_megabyte_swapfile();
do_nothing_loop();
totally_screw_up_HPFS_file_system();
search_and_destroy_the_rest_of_OS/2();
make_futile_attempt_to_damage_Linux();
disable_Netscape();
disable_RealPlayer();
disable_Lotus_Products();
hang_system();
}

write_something(anything);
display_copyright_message();
do_nothing_loop();
do_some_stuff();

if (still_not_crashed)
{
display_copyright_message();
do_nothing_loop();
basically_run_windows_3.1();
do_nothing_loop();
do_nothing_loop();
}
}

if (detect_cache())
disable_cache();

if (fast_cpu())
{
set_wait_states(lots);
set_mouse(speed, very_slow);
set_mouse(action, jumpy);
set_mouse(reaction, sometimes);
}

/* printf("Welcome to Windows 3.1"); */
/* printf("Welcome to Windows 3.11"); */
/* printf("Welcome to Windows 95"); */
/* printf("Welcome to Windows NT 3.0"); */
/* printf("Welcome to Windows 98"); */
/* printf("Welcome to Windows NT 4.0"); */
printf("Welcome to Windows 2000");

if (system_ok())
crash(to_dos_prompt)
else
system_memory = open("a:\swp0001.swp", O_CREATE);

while(something)
{
sleep(5);
get_user_input();
sleep(5);
act_on_user_input();
sleep(5);
}
create_general_protection_fault();

:p
 
http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109&tid=187

It's a TRAP!!! /Adm. Ackbar (Score:5, Interesting)
by Thud457 (234763) on Thursday February 12, @05:13PM (#8262930)
(http://127.0.0.1:82/ | Last Journal: Thursday May 08, @01:30PM)
Microsoft is sooooo obviously trying to pull an SCO here.
If you work on any Open Source project, DO NOT LOOK!
Click to expand...

:p


http://itvibe.com/default.aspx?NewsID=1283
"Windows 2000 source code leaked ? ...Technology
Posted on Thursday, February 12, 2004 at 22:32 by Rich Kavanagh

Rumours are rife on the Internet at the moment about the possibility of the source code for Windows 2000 and NT4 operating systems having been leaked onto the Internet for download.

If these rumours turn out to be true, it could be disasterous to many, many organisations.

The sheer number of exploits and viruses that could possibly be released just doesn't bear thinking about.

We must stress at this time, these are only rumours.

More news as we get it.


UPDATE:

Steve Ballmer, Chief Executive of Microsoft said in a statement,

"I can assure you that we know there has been no compromise of the integrity of the source code; that it has not been modified or tampered with in any way."

Panic over then.
Click to expand...

maybe Im unable to confirm
 
http://www.eweek.com/article2/0,4149,1526390,00.asp
However, officials at the Redmond, Wash., company insisted that the rumors were just that, but added that they were investigating whether any code had indeed found its way into the public domain.

"The rumor regarding the availability of Windows source code is based on the speculation of an individual who saw a small section of un-identified code and thought it looked like Windows code. Microsoft is looking into this as a matter of due diligence," a company spokesman said.

"If a small section of Windows source code were to be available, it would be a matter of intellectual property rights rather than security."

Interestingly, the inquiry into the alleged leak is being handled by the company's Shared Source Initiative, not Microsoft's security personnel. The Shared Source program was set up to give customers, partners and governments access to some of the Windows source code.
Click to expand...
 
http://www.infoworld.com/article/04/02/12/HNmicroleak_1.html
The supposed leak was reported by Microsoft enthusiast Web site Neowin.net, which called it "shocking and potentially devastating news." The source code of the two OSes (operating systems) are rumored to be spreading on a peer-to-peer file-sharing network as well as on IRC (Internet relay chat).

IDG News Service was shown Web pages that appear to contain a directory listing of the packages of Windows 2000 and Windows NT source code, as well as some actual source code that appears to be part of the Windows NT Task Manager. The contents of the pages could not immediately be verified.

"
Click to expand...

http://arstechnica.com/news/posts/1076628412.html
Our own internal analysis of the code is not conclusive, although we are currently rather skeptical that the leak is actually real. To be sure, the entire source code is not present. If the leak was generated from one of the customers who has recently licensed the code, it's reasonable to suspect that the build tree was not handed over to such customers in its entirety. The question is this: is what's out there partial code, or just a fake? Part of the problem lies in verifying what we can't see: few know what the Windows source code looks like, so there are a lot of guesses about what should be in the code. For example, are source references to MIPS and PPC appropriate to Windows 2000? They're "in the leak," but why wouldn't they have been removed from the NT4 days? A quick peek at the file listing shows some rather interesting entries.

"
Click to expand...
 
Well, if this is true. I am rather pissed. There goes my safe win2k box. I have not turned it off for a month, and I am not about to right now.
But I think I should get a better firewall set up, is a router good enough? recomend me some free, minimalist firewalls, and the rest of the win2k users out there.
 
I was reading that earlier and a few people on slashdot brought up a good point. What if Microsoft purposly "leaked" the code to pull a SCO and hope that Linux programmers use it to bridge compatibility a bit? Intellectual property court battles for years to come if it happened. On the other hand if it was an leaked by someone who had a licence for the code, which some do, then we can expect NT4/2K/XP/etc to be plagued even worse with virii and worms for years to come.
 
Originally posted by Ice Czar
well I found it:

W2K source code

#include "win31.h"
#include "win95.h"
#include "win98.h"
#include "workst~1.h"
#include "evenmore.h"
#include "oldstuff.h"
#include "billrulz.h"
#include "monopoly.h"
#define INSTALL = HARD

char make_prog_look_big[1600000];
void main()
{
while(!CRASHED)
{
display_copyright_message();
display_bill_rules_message();
do_nothing_loop();
if (first_time_installation)
{
make_50_megabyte_swapfile();
do_nothing_loop();
totally_screw_up_HPFS_file_system();
search_and_destroy_the_rest_of_OS/2();
make_futile_attempt_to_damage_Linux();
disable_Netscape();
disable_RealPlayer();
disable_Lotus_Products();
hang_system();
}

write_something(anything);
display_copyright_message();
do_nothing_loop();
do_some_stuff();

if (still_not_crashed)
{
display_copyright_message();
do_nothing_loop();
basically_run_windows_3.1();
do_nothing_loop();
do_nothing_loop();
}
}

if (detect_cache())
disable_cache();

if (fast_cpu())
{
set_wait_states(lots);
set_mouse(speed, very_slow);
set_mouse(action, jumpy);
set_mouse(reaction, sometimes);
}

/* printf("Welcome to Windows 3.1"); */
/* printf("Welcome to Windows 3.11"); */
/* printf("Welcome to Windows 95"); */
/* printf("Welcome to Windows NT 3.0"); */
/* printf("Welcome to Windows 98"); */
/* printf("Welcome to Windows NT 4.0"); */
printf("Welcome to Windows 2000");

if (system_ok())
crash(to_dos_prompt)
else
system_memory = open("a:\swp0001.swp", O_CREATE);

while(something)
{
sleep(5);
get_user_input();
sleep(5);
act_on_user_input();
sleep(5);
}
create_general_protection_fault();

:p
Click to expand...

LOL
 
i'm pretty sure its true. i think its kind of funny. funny in that 'i'm not installing 2k' type of way. i'm just wondering about the exploits. should be an interesting rest of the year ;p
 
well there shouldn't be any exploits since look at linux no real bad expoits (the odd one or two stack overflows that get patched pretty quickly) Noting on the scale of the RPC exploit/recent bug.

If there is a sudden increase in exploits against windows machines then that will be pretty conclusive that there are major problems with the NT kernel.

it was stated that up to 15% of active code was leaked to the public. that is a significant amount.
 
I dont know if im against the source being out or not!

yea sure it means all those exploites will be found sooner! but could it not be a huge benefit to the computer world? if the secrets of windows is known surely that might mean advances in Linux and all the others when it comes to support alongside/with windows
 
will this code in the wrong hands mean that it will be easyer to attack the average home user allot easier?
will this sourcecode leak prove to be a fatal blow to microsoft updates and how log they actually protect the user? or will it mean that there will be faster loopholes found around updates and posibly a chance of this people getting ahead of microsoft and stoping their updates from even working?
 
Originally posted by cuemasterfl
I think everyone's panicking over nothing. Whoopee!
Click to expand...
Oh, I'm not panicking. Far from it.

I'm enjoying the chaos, so to speak. My systems are well protected, so any nasty windows thing that comes from this, I don't really have to worry about ( beyond what I normally do ).

I will enjoy, however, watching MS dance on this one. Regardless of the true impact, it's the percieved impact they have to be covering right now.
 
Its apparently been reported (slashdot.org) that a Microsoft partner company called MainSoft is the company responsible for leaking the portions of the source code. Whether one of their employees decided to do it, or someone hacked a system is a different matter, but I'm sure MS will be a bit more anal on who they give copies to in the future..
 
You must log in or register to reply here.
Back
Top