Page 1 of 1
Windows goes open source....
Posted: Thu Feb 12, 2004 9:53 pm
by FlyingPenguin
http://slashdot.org/articles/04/02/12/2 ... 09&tid=187
PeterHammer writes "Neowin.net is reporting that Windows 2000 and Windows NT source code has been leaked to the internet. More on this as we hear it."
Posted: Thu Feb 12, 2004 9:57 pm
by Pugsley
from what i heard ist only one CD... out of how many i dont know.
Posted: Fri Feb 13, 2004 1:32 am
by TheSovereign
the microsoft private api's are now exposed
PREPARE FOR THE WAVE OF VIRII WORMS AND TROJANS TO FOLLOW
Posted: Fri Feb 13, 2004 3:50 pm
by PreDatoR
Thats what i was exactly thinking last night when i saw this on the news. Now all the assholes will really be targeting windows systems.
Posted: Fri Feb 13, 2004 3:57 pm
by TruckStuff
The Register had a good point about this: Virus writers seems to have done pretty well on their own without the source code. What are the odds that they are going to pour over 13.5 million lines of code when they can just continue doing things the way they always have?
Posted: Fri Feb 13, 2004 4:32 pm
by TheSovereign
they dont need to pour over it
they can just search for api's
the api's are direct windows control
Advanced Programming Interface or something like that
it uses built in windows shortcuts to do things
so now PRIVATE ms only api's are now exposed
god knows what they will do with that.....think about how powerfull those macro worms are and they only use api's for macros
Posted: Fri Feb 13, 2004 4:40 pm
by glassoftea
Wow,
What a good time for MS to "Speed Up" Longhorn and shove it down our throats......me think something strange this way comes......
Posted: Fri Feb 13, 2004 6:24 pm
by FlyingPenguin
Longhorn is still the NT engine under the hood.
It would take DECADES to write that complex an OS from scratch. There's code in XP dating back to NT 3.x days.
THAT'S why they keep having to patch stupid buffer overrun exploits. A lot of that is programming from the early days (although some of it is sloppy modern programming too). Back when memory was limited, and people weren't nefarious, so you wrote your code tight and small and didn't build in any error checking.
Posted: Sat Feb 14, 2004 11:00 am
by TruckStuff
Originally posted by TheSovereign
they dont need to pour over it
they can just search for api's
the api's are direct windows control
Advanced Programming Interface or something like that
it uses built in windows shortcuts to do things
so now PRIVATE ms only api's are now exposed
god knows what they will do with that.....think about how powerfull those macro worms are and they only use api's for macros
You're assuming that there are any APIs in the leaked code.
Besides, I'm betting most programmers are lazy like me: why spend lots of time on something that may/may not produce any results when I can simply go about my normal routine and achieve the same results?
Posted: Mon Feb 16, 2004 1:25 pm
by donk
Looks like we have our first exploit..
http://www.securitytracker.com/alerts/2 ... 09067.html
A vulnerability was reported in Microsoft Internet Explorer (IE) version 5. A remote user can execute arbitrary code on the target system.
It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.
The author states that this flaw was found by reviewing the recently leaked Microsoft Windows source code. The flaw reportedly resides in 'win2k/private/inet/mshtml/src/site/download/imgbmp.cxx'.
The report indicates that IE 5 is affected but that IE 6 is not affected.
Good thing nobody runs IE 5 anymore ...
Posted: Mon Feb 16, 2004 11:11 pm
by FlyingPenguin
A suprising number of people still use IE 5. I found that out when I went through the logs of my web server a few months ago.
Don't forget that there's still a 30% install base of Win98 users out there, then there's the WinME & Win2K users. Most people with Win98/ME have never bothered to upgrade to IE6. If you're on a dialup its an impractical update.
Yah..
Posted: Mon Feb 16, 2004 11:21 pm
by eGoCeNTRoNiX
The building I work in has a couple of OC3s (call center) and they have 500 computers all with IE 5.5 joy..