This week's book giveaway is in the Functional programming forum.
We're giving away four copies of Functional Design and Architecture and have Alexander Granin on-line!
See this thread for details.
Win a copy of Functional Design and Architecture this week in the Functional programming forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Microsoft Code Stolen??? Time for a change...

 
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The OS which is omnipresent, the discovery of the code being accessed by the HACKERS could be fatal, leading to more attacks , Microsoft whole business model is based on maintaining the secrecy to code have not only opened the debate how secure are our application / business are on WINDOWS platform. Unlike LINUX (being Open-source) there is no verify how susceptible is windows to brute-force attack, its TIME TO MAKE WINDOWS an OPEN-SOURCE
 
Ranch Hand
Posts: 1936
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
AFAIK, it�s only a couple of thousand lines of code, not the entire code base that�s stolen. This could give away how things hold together, but I doubt if that would be substantial enough to learn about the entire OS and do things around it (unless its some core/kernel stuff).
Well, I wonder is it really possible for MS security issues to get any worse!?
 
Ranch Hand
Posts: 897
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you look at Windows Server 2003, Microsoft have certainly cleaned up their act. There are a few critical updates, but far less than previous iterations.
As far as making Windows open source, dont count on it. How exactly do you plan on forcing Microsoft to open the source to their operating systems?
 
Ranch Hand
Posts: 1907
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Even if people get some code,what are they going to do with that?How many companies will hire extra people to understand that code ,build up and use for their businesses?
 
Ranch Hand
Posts: 2823
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Isn't also code from an older release of windows?
 
Ranch Hand
Posts: 925
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The code is from 2000, including IE5
someone already found a problem in the .bmp loader in IE5 (that was fixed in IE6) that was never patched by M$ - even though they new about the problem..
 
Ashok Mash
Ranch Hand
Posts: 1936
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Some of the leaked Microsoft code

 
Ranch Hand
Posts: 5093
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I wonder...
Why is it such a critical weakness allowing crackers to invade every single Windows machine that a few thousand out of millions of lines of code of Windows were leaked by someone?
Why at the same time do you claim it's a strength of Unix that millions of lines of code for that are available to those same crackers?
Seems to me (and reality agrees) that there's a far greater threat from Unix exploits than there is from Windows exploits.
Of course Windows exploits hit more people because more people run Windows, but the number of DIFFERENT exploits for Unix and their potential for causing trouble is larger simply because more core machines on the net run Unix.
Packages like sendmail are so riddled with security holes they're a disgrace, yet the vast majority of Unix machines run them.
There's regular attacks on them, but they don't seem to care...
 
author and iconoclast
Posts: 24203
44
Mac OS X Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Jeroen Wenting:

Why is it such a critical weakness allowing crackers to invade every single Windows machine that a few thousand out of millions of lines of code of Windows were leaked by someone?
Why at the same time do you claim it's a strength of Unix that millions of lines of code for that are available to those same crackers?


Because open-source code is inspected by people who want to find bugs and fix them, and then the fixes are incorporated into the distribution. Do you honestly think anyone is going to find a bug in that leaked MS code, send it to MS and say "I found a bug in the leaked code, it seems to still be in XP, here's the patch" and MS is going to patch XP and send out an update quickly? Doubtful, since MS has been sending threatening snail-mail letters to people it suspects of having downloaded the code in the first place. There are black hats looking at the open-source code too, of course, but they're outnumbered by the good guys. Microsoft is guaranteeing that there are no good guys.
Despite what you said about sendmail (and sendmail is far from perfect, I agree,) UNIX server admins tend to apply patches with regularity, and patches for new security holes come out quickly. Also, there are many other MTAs available, so not all sites run sendmail. And of course, sendmail, qmail, and all the other open-source MTAs run on multiple hardware platforms, so there's quite a variety of different systems. This tends to slow trojans, viruses, and hackers down; any given security hole only affects a fraction of systems, just as biodiversity creates a healthy ecosystem. You can contrast this to the Microsoft monoculture in which a single virus can spread around the globe in hours.
You know that saying about "If you outlaw guns, then only outlaws will have guns?" In open-source, everybody's got a gun. With MS, only the sheriff and the bad buys do -- everybody else is standing around, helpless, waiting to become a collateral damage statistic.
 
Ranch Hand
Posts: 4716
9
Scala Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
im glad to hear someone say 2003 server is safer...i already like the fact it has a smaller "footprint"
reply
    Bookmark Topic Watch Topic
  • New Topic