So What If Windows Code Has Been Leaked?
from the question-of-the-day dept
If you’ve been reading the various techie sites this afternoon, you’ve surely seen the rumors that source code from Windows NT and Windows 2000 have leaked onto the internet. Am I the only one who don’t think this is that big of a deal? My only surprise is that it didn’t happen sooner. As for the direct impact, if true, I imagine it would be small. People are still going to buy Windows. There already are illegal copies on the market, and the company is doing just fine. However, the indirect impact, could be a big deal. Ed Felten points out that, if anything, this has all the downsides of open source software, without the upsides. That is, anyone with bad intent can hunt through the code for vulnerabilities, but they no longer have the large community ready to fix up such vulnerabilities as soon as they’re discovered. Update: Microsoft has now confirmed that portions of the code were released – though, they don’t believe it’s the whole thing.
Comments on “So What If Windows Code Has Been Leaked?”
Change - wave 3.
I consisder this #3
When Garrison Keeler poked fun at Windows on his radio show. Before that time, I’d have to explain WHY windows ‘sucks’ – now the users agree, but instead of calling my preception as bad, just say ‘fix it’
Wave #2 and #3 are stacked in less than a week.
The announcement of the ‘effects NT/2000/XP’ bug at the beginning of the week. Notice how the AP newswire had the story BEFORE the ‘geek press’ had the story? Normally I hear about any Windows viral/security problem DAYS later on the news.
This is a change – I don’t know if its a trend yet, but if this continues the observant admins should notice….
The src leaking today means the malware will get so much better that users/admins will step up looking at other alternatives.
To answer your question – better malware. Oh joy.
No Subject Given
Maybe SCO will sue them saying they’ve infringed on their copyright … 😀
No Subject Given
It would be interesting to see if there’s any OpenSource IP in that code.
If any of it is licensed under the GPL, I wonder what would happen?
Re: GPL code in Windows
No big deal: MS would have to take the GPL code out. They would owe the copyright owner for having used copyrighted code without permission. At worst they could be sued for it.
MS would not be under obligation to GPL all their source, unless they wanted to continue to use the GPLed code without paying royalties.
No Subject Given
I’ve always been taught that if the security of a system is dependent upon keeping the source code secret, then the system is not secure. We all know that already. It’s Microsoft that not only chooses to ignore this common bit of wisdom, but also, they attack those who follow it.
In our office we’re stuck with Windows machines until they die. However, wherever we can we’re using open source apps on the workstations. As workstations die they are replaced by Macs or Linux. Our server is Mac OS X. When I go to sleep at night I don’t worry about the security of our system. When I am on the road I don’t get nervous when I read about a new virus going around.
Re: the security of OS X
Your post makes no sense. While I am not the biggest MS supporter, to imply that MS chooses to ignore keeping source code secret is clearly incorrect.
Your second paragraph also conflicts your first point – using open source WILL increase the the ability of people to hack your machines. The only reason the virus writers haven’t targetted Apple is market share…
Re: Re: the security of OS X
um… Will, your post makes no sense … Joe is not saying MS don’t attempt to keep source code secure only that if a system depends on keeping its source code secure then … it’s not secure.
And the oft-quoted view about the tiny MacOS X share explaining why it’s not hacked.
a – that’s a theory parded as fact
b – it ignores the fact (not theory) that MacOS X is inherently more secure (maybe not secure enough but more secure…)
c – ‘malware writers’ (great phrase! I can think of so many writers I would describe as producing malware!) should target the computers that matter to business (i.e. the ones that make money). So, do you target the myriads of Windows machines typing out letters and memos or the smaller numbers of Macs doing graphics, publishing, video, music (i.e. making product)? Maybe MacOS is under more threat than Windows machines because the stuff done with these machines is more significant than the market share would imply. This is only a theory but as valid as the ‘small marketshare few attacks’ one.
d – it is monday and I’m bored so maybe I should just have let this go…
Re: Re: Re: the security of OS X
Are you people high?
This is a huge deal. Not for the maulware standpoint, you don’t need source code for that. But rather, the big deal lies in that this is the win32 api. The one thing that can add native Windows support to Linux. Look what the people at Mainsoft were using it for. They were building Win32 support for Unix. Linux is very very similar.
If so inclined, a developer can essentially borrow the methods from this code, and re-create a native win32 api clone for linux that actually works.
Remember, it’s only a dirivitive work if there is actual source code from the original product there. This could potentially kill microsoft in the long run. And I think they know it.