Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Windows NT 4/2k source code leak

Comments

  • Registered Users, Registered Users 2 Posts: 6,628 ✭✭✭Asok


    The site was having problems here is the text below

    From
    http://www.neowin.net/comments.php?id=17509&category=main

    Neowin has learned of shocking and potentially devastating news. It would appear that two packages are circulating on the internet, one being the source code to Windows 2000, and the other being the source code to Windows NT. At this time, it is hard to establish whether or not full code has leaked, and this will undoubtedly remain the situation until an attempt is made to compile them. Microsoft are currently unavailable for comment surrounding this leak so we have no official response from them at the time of writing.

    This leak is a shock not only to Neowin, but to the wider IT industry. The ramifications of this leak are far reaching and devastating. This reporter does not wish to be sensationalist, but the number of industries and critical systems that are based around these technologies that could be damaged by new exploits found in this source code is something that doesn't bare thinking about.

    We ask that for the wider benefit of the IT community that members and readers support Microsoft by forwarding anything they know about the leak to the Microsoft's Anti-Piracy department.


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,582 Mod ✭✭✭✭Capt'n Midnight


    Some quotes

    I wonder how long till hackers go in and fix some of the bugs. That's the real danger to microsoft, if the bugs were fixed people wouldn't have to upgrade.

    I doubt Microsoft would leak it deliberately, but this does open the door to a whole SCO-esque can of worms from now on.

    Could this be a ploy to spur Win2k+3 updates? Blame the hackers for making win2k insecure. Oops you gotta upgrade now, sorry,

    So, if any Micro$oft employees have ever looked at Linux kernel source, they are no longer allowed to work on Windows 'cause now they are tainted? Either the sword cuts both ways, or not at all.

    Imagine if somewhere hidden in the bowels of the Windows2000 source an intrepid SCO intern finds a sliver of SCO-owned Unix code. Then all hell would break loose...

    Sure the source code will make it easier to find exploits, but I've believed for a few years that "institutional hackers" those who have long ago reversed compiled Windows into something suitable for writting worms. How else does the Code Red author decide, "Hey! I found this buffer overflow routine in the unicode support for URLs in the IIS Indexing Server"?

    There are probably paranoid governments who have teams who do this just this kind of work just to make sure those fabled NSA back doors in either are or aren't windows.
    I think this is possible/probable

    I'm surprised nobody has sent them patches to fix security issues yet...

    A member of the Slashdot cult has admitted he has stolen the source code to Microsoft's Windows XP operating system. PickyH3D is the handle the low-karma hacker used when bragging of his accomplishment to the world. He has also issued a challenge to Microsoft's legal team with the statement that "there is no evidence". More on this as we hear it.

    I would be the most poetically ironic event ever if it turns out that it was a MS Win security hole that allowed a hacker to enter a server and steal the code.
    Doubly ironic if it was a hole that MS has known about for months and not bothered to patch.
    Triply ironic if someone finds said hole, patches it, and ships patched source back to MS.


  • Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Closed Accounts Posts: 1,637 ✭✭✭joePC


    Believe it I got the code long ass download 228Mb for 2K..........


  • Registered Users, Registered Users 2 Posts: 15,817 ✭✭✭✭po0k


    Originally posted by Capt'n Midnight
    I'm surprised nobody has sent them patches to fix security issues yet...

    Don't suppose you remember that crowd who released a 3rd-party patch for the IE URL exploit a few weeks back...and then had to retract it because it fubar'd something else? :)

    I see this as being a possible good thing for the Open-Source movement, but with probable bad short-to-medium-term effects on businesses, especially those who are pure Microsoft-shops.


  • Advertisement
  • Closed Accounts Posts: 1,006 ✭✭✭theciscokid


    http://www.internetnews.com/ent-news/article.php/3312451

    might explain it a bit better

    according to some src comments , its looks like mainsoft.com leaked it , if not by choice - an email worm..

    boy watching ppl beavering away over the code on irc is fun :)

    for educational purposes...

    [Your wish is my command. Don't do it again. --adam]

    mods - please delete if necessary


  • Closed Accounts Posts: 630 ✭✭✭LastIrishMonkey


    i wouldnt be one bit supprised if this is the end for microsoft operating systems as we know them .............................. doo doooo dooooooooooo ! :rolleyes:


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,582 Mod ✭✭✭✭Capt'n Midnight


    eh no - they are executing plan B
    http://www.theregister.co.uk/content/4/35503.html
    MS UK sponsors open source deployment workshop ;)

    Seriously - if XP source code is out there then it makes NT/2K release look academic. Then again there are a lot of white hats so maybe if it is genuine there will be a list of services to stop / ports to block / firewall rule updates.

    Is it possible to have a firewall do buffer bounds checks based on the port number of destination packet ??


  • Closed Accounts Posts: 7,230 ✭✭✭scojones


    long ass dl for 2k? the entire source is 50 gigs, this is only partial code.


  • Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Advertisement
  • Closed Accounts Posts: 1,456 ✭✭✭kida


    it3 over 600mb uncompressed - 20% apparently including some network code.


  • Closed Accounts Posts: 1,163 ✭✭✭Emboss


    Originally posted by daveirl
    I don't believe the story... .yet

    What about now ?

    http://www.microsoft.com/presspass/press/2004/Feb04/02-12windowssource.asp


  • Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Registered Users, Registered Users 2 Posts: 5,982 ✭✭✭Caliden


    its only 1/18th of the full source code but i bet bill is grinning :
    more upgrading people, c'mon hurry up, i wanna make my first trillion!!!!


  • Closed Accounts Posts: 1,006 ✭✭✭theciscokid


    apparently its 1/80th of the code

    but if you see what people can do with windows and its closed

    this compressed 203mb > 600mb file could and prob. will be devastating


  • Hosted Moderators Posts: 2,094 ✭✭✭halenger


    Neowin and all them had links to 2 websites that listed the files that had been released and from what they listed they were some major parts.

    It may not have been the whole thing or anywhere near it but it contained Kernel code etc. Stuff that is at the core. Even if it doesn't cause new hacks etc to be found it does release how exactly the internals of 2k work.

    We'll see how it pans out sure.


  • Registered Users, Registered Users 2 Posts: 3,312 ✭✭✭mr_angry


    Just found this article. Its nearly as good as the comedy quotes, except its for real.

    Some highlights:

    Security experts say that Windows users are unlikely to face any increased security risks as a result of a leak of Windows 2000 and Windows NT source code discovered on Thursday, mainly because it is a simple matter for hackers to find Windows vulnerabilities without recourse to the code.

    On Thursday, a 203MB file containing some of Microsoft's closely guarded source code was published on the Internet, representing around 1 percent of the code base of Windows 2000, the enterprise operating system on which Windows XP is based.

    David Emm, marketing manager at McAfee Avert, the antivirus company's research arm, told ZDNet UK that source code isn't necessary to plan an attack. "This has been amply demonstrated over the last few years," he said. "It is a bit like somebody wanting to break into my house--they don't necessarily need the floor plans to in order to see that there is an open window or a drain pipe to climb."

    Is Windows really a vaible OS now, if you are in any way worried about security?


  • Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Registered Users, Registered Users 2 Posts: 7,581 ✭✭✭uberwolf


    this may be of interest


Advertisement