[Solar-general] Filtran en Internet parte del código fuente de Windows 2000 y NT

Mar Feb 24 14:03:17 CET 2004

On Fri, 13 Feb 2004 19:41:33 -0300
sebelk <sekinmor en yahoo.com.ar> wrote:

sekinmor> El Vie 13 Feb 2004 19:07, Daniel Coletti (dax escribió:
sekinmor> >DC  Para mi esto suena mucho a una estrategia de Microsoft en su campania
sekinmor> >DC  anti-Linux. Enviar por los medios el mensaje de que ``ahora los
sekinmor> >DC  _hackers_ van a ver en codigo y *por ende* van a conocer muchas
sekinmor> >DC  vulnerabilidades de nuestro software''. Lo que te deja un mensaje como
sekinmor> >DC  este (al oido comun de la gente) es que si el codigo esta visible
sekinmor> >DC  entonces es inseguro.
sekinmor> 
sekinmor> Jé! A mí también me huele a eso toda esta noticia, me parece que hay algo raro 
sekinmor> detrás... en fin...

Al final, terminó siendo un show mediático aprovechado por los que se
suponía más perjudicados..., nada más que eso... No hubo ninguna fuga de
código que realmente supusiera un riesgo para Microsoft...  Hoy recibí
este artículo donde aparentemente se aclara el asunto... 

Today's focus:  What happened to Microsoft's source code?

By Dave Kearns

Some Microsoft source code, specifically parts of Windows NT 4 
and Windows 2000, was posted on the Internet for downloading 
from multiple peer-to-peer networks over the past couple of 
weeks. As usual, most of the press over-reacted.

Headlines generally proclaimed: "Microsoft source code leaked 
onto Internet," but more than one would-be tabloid used some 
variant of "Microsoft source code stolen." It wasn't stolen. 
Technically, it wasn't even "leaked" (i.e., revealed by someone 
within Microsoft). It was simply made available.

The best evidence indicates that Microsoft partner Mainsoft 
( <http://www.mainsoft.com/> ) was the original source of the code 
that was made available on the Internet.

Mainsoft's chief product is "Visual MainWin," a utility to port 
Windows applications to Unix and Linux. Mainsoft would have 
access to parts of Windows source code to aid in creating the 
ports. Internal evidence in the downloaded source code appears 
to indicate that it originated from Mainsoft. Other evidence 
indicates that the two files (one with WinNT source, the other 
with Win 2000 source) were extracted from Unix core dumps, 
typically created when a system crashes. Since the size of the 
files is remarkably close to the capacity of a CD-Rom, it's also 
thought that the crash that created the core dump occurred while 
someone was either creating a CD or transferring the contents of 
a CD to the Unix boxes hard drive.

While it's possible that someone at Mainsoft deliberately 
released the code, more likely is that the computer (or the 
drive) on which the core dump existed was recycled with the 
drive being thoroughly degaussed to remove all data. Simply 
deleting the proprietary information would not have removed the 
core dump files. Whoever acquired the drive and/or system may 
have been poking around and discovered the dumps and recognized 
them for what they were. Of course, it would take a 
knowledgeable programmer/hacker to recognize Windows source code 
and, let's face it, the first reaction would be to tell a 
friend. The friend would want to see it, and the whole thing 
began to mushroom. Nothing illegal or criminal, so far.

Then someone discovered, within the source code, a 
buffer-overrun vulnerability in Internet Explorer 5.01. The 
"vulnerability" was fixed over two years ago, but that didn't 
stop the Chicken Littles of this world from declaring that 
Windows was now doomed. It isn't.

There is one thing we can take Microsoft to task for, though. In 
the wake of all the publicity, Microsoft decided to follow the 
course set by the record industry and release draconian warnings 
in an attempt to scare those who have downloaded the code.  
According to the Redmond behemoth, "Microsoft is sending letters 
explaining to individuals who have already downloaded the source 
code that such actions are in violation of the law." (See: 
<http://www.nwfusion.com/go2/0223nt1a.html> )

Except, of course, while it may be illegal to make the code 
available for download, there's nothing illegal about 
downloading it or reading it. You might be in trouble if you 
read it and subsequently use that knowledge to create software, 
but that would have to be proven in court. Commercial 
developers, though, should avoid even the appearance of seeing 
the code.

An accident occurred and some old, outdated source code was 
released into the "wild." It isn't the first time. Some years 
ago, DOS 6.02 source code was inadvertently released. That 
didn't damage Microsoft or its customers and this won't either.

RELATED EDITORIAL LINKS

Microsoft warns source code downloaders
IDG News Service, 02/18/04
http://www.nwfusion.com/news/2004/0218microwarns.html

Source code leak linked to Microsoft partner
Network World Fusion, 02/13/04
http://www.nwfusion.com/news/2004/0213mainsoft.html

Planets not aligned for Microsoft suite
Network World, 02/23/04
http://www.nwfusion.com/news/2004/0223jupiter.html

The Best Issue
Network World, 02/23/04
http://www.nwfusion.com/best/2004/
_______________________________________________________________
To contact: Dave Kearns

Dave Kearns is a writer and consultant in Silicon Valley. He's 
written a number of books including the (sadly) now out of print 
"Peter Norton's Complete Guide to Networks." His musings can be 
found at Virtual Quill <http://www.vquill.com/>. Comments on 
this newsletter should be sent to him at 
<mailto:windows en vquill.com>.

Kearns provides content services to network vendors: books, 
manuals, white papers, lectures and seminars, marketing, 
technical marketing and support documents. Virtual Quill 
provides "words to sell by..." Find out more by e-mail at 
<mailto:info en vquill.com> 

Perdón por la extensión del email... pero me pareció interesante
compartirlo con uds., dada la extensión del thread que disparó el tema... 

Saludos a todos,
-- 
Augusto J. Sacchetto <asacchetto en dld.net>