Windows & .NET Magazine UPDATE--What the Windows Source Code Leak Means to You--February 17, 2004

This Issue Sponsored By

Free Event Log Management White Paper!
http://www.aelita.com/021704winnetUpdate

DISKEEPER(R): Maintain system speed automatically!
http://executive.com/diskeeper/dkland.asp?ad=wandnetnl21

===============

==== Sponsor: Free Event Log Management White Paper! ====


Event log management got you down? Is it your job to collect and analyze event logs to ensure a successful audit? Check out the free white paper from the experts at Aelita: "Event Log Management: A Guide to a Stress-free Audit". This paper will outline the needs, wants and solutions for managing your organization’s event logs. Get your free copy today!
http://www.aelita.com/021704winnetUpdate

==========

==== 1. Commentary: What the Windows Source Code Leak Means to You ====
by Paul Thurrott, News Editor, [email protected]

Last Thursday morning, I received an excited Instant Messaging (IM) alert from a friend at Microsoft: "Have you seen this?" he asked. He then sent me a file named "winver.c," reportedly part of the Windows 2000 source code. The source code for Win2K, as well as for Windows NT, he said, had leaked to the Internet. The file I was looking at was a source code listing for a short program written in the C language; it was described as the "Windows version program" and was written in March 1989 by someone identified as toddla. Several other C source code listings were leaked, including one purportedly written by NT architect David Cutler.

The notion that Microsoft's crown jewels might leak publicly wasn't surprising to me; after all, the company had opened its source code to an increasingly large portion of the public in recent years through its Shared Source program, a response to the open-source threat of Linux. Since first announcing the Shared Source program, Microsoft has regularly extended the program's reach, and now many governments, corporations, educational institutions, hardware and software development partners, and even individuals have signed nondisclosure agreements (NDAs), giving them limited-rights access to the source code for various Windows versions. The software giant has even publicly acknowledged that it was considering opening the source code to Microsoft Office also.

Microsoft disseminates its valuable source code to other institutions and individuals for various reasons. Historically, the company's hardware and software partners have received access to the source code to ensure that the products they develop work seamlessly with Microsoft systems. Under the Shared Source program, the reasons are a bit more varied. But one reason Microsoft has opened up its source code is to fend off competition from Linux and other open-source solutions, which provide users with modifiable source code. Microsoft doesn't let its Shared Source partners change the Windows source code and potentially make their own modified versions of Windows. Instead, the source code access provides suspicious governments with the evidence they need to prove that Microsoft isn't inserting back doors, especially US governmental back doors, into its software. And Microsoft has shown itself to be more, ahem, open to the notion of providing governments with specially tailored Windows versions when needed, as the company did recently with Thailand, although those will be developed inhouse, as the need arises.

But here's what we know so far about the leak. Contrary to early reports, only a small portion of the source code for Win2K Service Pack 1 (SP1) and NT 4.0 leaked. Experts differ about how much code leaked--I've seen estimates in the 1 to 15 percent range--but using the code to build a working version of Windows would be impossible. I did obtain the leaked Win2K source code so that I could analyze it and confirm it was real, but I've never seen the NT source code. I'll be destroying my copy of the source code after completing my analysis and have no intention of publishing major portions of it, of course.

At this time, a software company called Mainsoft is the most likely source of the leak, which means the leak had no ties to the Shared Source program. Mainsoft has had Windows source code access for years; longtime Windows & .NET Magazine UPDATE readers might recall my August 2000 revelation that Microsoft had hired the company to explore Linux ports of Office and Microsoft Internet Explorer (IE), for example--but uses the information for integration software development purposes.

The leaked source code I've seen includes code for the Windows Explorer shell, among other things, and an interesting wealth of documentation that shows Microsoft's developers how to move pre-IE 4.0 Windows shell code to the then-new IE integrated shell. The code occupies about 147MB of space and includes about 12,900 files, mostly C, C++, and assembly source files, as well as C and C++ header files. And for you conspiracy theorists, sorry, the code doesn't appear to include any proof that Microsoft stole source code from UNIX, Linux, or other sources in a bid to make its systems better. Open-source enthusiasts probably spent the weekend poring over the code just to find such evidence.

On a technical note, the source code is clean and well coded but is often devoid of useful comments. It's also quite frank in some places, with occasional swearing and name calling, usually aimed at Microsoft's own products. But what really stands out, is how often Microsoft must insert a minor coding change to accommodate the idiosyncrasies of one application. These hacks, as they're called in the code, are often aimed at third-party applications, letting the applications work after a bug or previous feature they've relied on has been eliminated. This is a good example of Microsoft going out of its way to ensure that its partners products work with Windows, a task the company has never received a lot of credit for.

When the source code leak was first reported, security experts opined that it would have damaging effects on Microsoft's credibility and could lead to a new generation of software exploits that take advantage of hackers' newfound knowledge of the Windows source code. However, little networking or security code is included in the leaked source I've examined, and because the code comprises such a small portion of the entire source-code base, it will be impossible to figure out the complex interworkings of code that make up the complete OS and find some systemic flaw. So from a technical standpoint, I think that, for now at least, the Windows source code leak shouldn't affect any rollout decisions, though arguably you'd be better off going with Windows Server 2003 and Windows XP over Win2K right now for various unrelated reasons anyway.

Indeed, with Microsoft's recent emphasis on upgrading to Windows 2003 and XP for security reasons, there's been some question about Microsoft's plans to adequately support Win2K going forward. For example, although both of these newer systems will get the improved Windows Firewall in service pack updates later this year, and Windows 2003 will get the roles-based Security Configuration Wizard, Microsoft hasn't said much about offering such improvements to Win2K users. For whatever it's worth, I do know that the company intends to soon reveal various Win2K security improvements that it will roll out this year, but I'm a little worried about its public silence thus far. I'm further concerned what the Win2K source code leak will do to put these plans on the back burner. It would be sad to see Microsoft take advantage of this episode to formalize its desire to deemphasize Win2K, years before the company should do so.

==========

==== Sponsor: DISKEEPER(R): Maintain system speed automatically! ====
FREE DOWNLOAD! Fragmentation is choking speed and decimates reliability on your servers and workstations. Manual defragmenters are too slow and labor-intensive to handle the problem. New DISKEEPER 8.0 is the automatic defragmenter that runs in the background, eliminating fragmentation while you use your systems. With dedicated versions for workstations and servers, plus an Administrator Edition for remote installations, scheduling, reports and alerts, DISKEEPER is designed expressly to maximize speed on every machine across your network. Try it FREE for 30 days – click the link below!
http://executive.com/diskeeper/dkland.asp?ad=wandnetnl21

==========

==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected]

Microsoft Settlement Attempts Fall Short in Europe
The European Union (EU) has rejected a Microsoft offer to settle its European antitrust case. Under terms of the proposal, Microsoft would have supplied competitors' media player products on a CD-ROM that PC makers could have shipped with new PCs, potentially opening up those products to a much wider range of consumers. Microsoft hoped the action would alleviate concerns that the software giant was abusing its monopoly power by bundling Windows Media Player (WMP) with Windows. But the EU felt that the CD-ROMs would do little to improve usage of competing media players. For the complete story, visit the following URL:
http://www.winnetmag.com/article/articleid/41774/41774.html

==== 3. Announcements ====
(from Windows & .NET Magazine and its partners)

Get the SQL Server 2000 System Table Map Poster!
If you're an administrator or developer and work with SQL Server, SQL Server Magazine can help you at work. Subscribe today and you'll gain access to a treasury of SQL Server experts, content, tips, code listings, articles, and more. Bonus--the System Table Map Poster. Click here for details:
https://secure.pentontech.com/nt/sql/index.cfm?promocode=psep2142sw

Download the Latest eBook--"Best Practices for Managing Linux and UNIX Servers"
This free eBook will educate systems managers about how to best approach the complex realm of Linux and UNIX management and performance monitoring. You'll learn core issues such as configuration management, accounting, and monitoring performance with an eye toward creating a long-term strategy for sustainable growth.
http://www.WindowsITlibrary.com/ebooks/managingunixlinuxservers/index.cfm

==== 4. Instant Poll ====

Results of Previous Poll: Magazine Back Issues
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "If you subscribe to Windows & .NET Magazine, how long do you keep your back issues for reference?" Here are the results from the 305 votes:
- 7% One month or less
- 15% More than 1 month, but less than 1 year
- 32% More than 1 year, but less than 5 years
- 5% More than 5 years
- 42% I never throw them away

(Deviations from 100 percent are due to rounding error.)

New Instant Poll: Source Code Leak
The next Instant Poll question is, "Do you believe last week's Windows source code leak will lead to major security problems and breaches?" Go to the Windows & .NET Magazine home page and submit your vote for a) Yes, b) No, or c) I don't know.
http://www.winnetmag.com/magazine

==== 5. Resources ====

Tip: Why am I receiving errors since I installed the Microsoft IntelliType Pro 5.0 and IntelliPoint 5.0 software on my Windows XP machine?
by John Savill, http://www.windows2000faq.com

A. After installing version 5.0 of either software package, you might encounter any of the following problems:
- The scroll wheel doesn't function.
- Neither horizontal nor vertical scrolling functions as expected.
- Programmable hot-key assignments don't function.
- Button assignments don't function.
- When you shut down your computer, you receive the error message "Type32.exe is not responding."
- When you shut down your computer, you receive the error message "Point32.exe is not responding."

These errors will appear if the machine isn't running Windows 2000 Server Terminal Services. To resolve this problem, you can either install a patch from Microsoft that's available at http://go.microsoft.com/fwlink/?linkid=22009 or start Terminal Services on your machine. To start Terminal Services from the command line, type

net start "terminal services"

To configure Terminal Services to start automatically at reboot, perform the following steps:
1. Start the Microsoft Management Console (MMC) Computer Management snap-in (go to Start, Programs, Administrative Tools, and click Computer Management).
2. Expand "Services and Applications," then select Services.
3. Right-click Terminal Services and select Properties.
4. Under "Startup type," change to Automatic, then click OK.

==== 6. Events Central ====
(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )

New Web Seminar--Realizing the Return on Active Directory
Join Mark Minasi and Indy Chakrabarti for a free Web seminar and discover how to maximize the return on your Active Directory investments and cut the cost of security exposures with secure task delegation, centralized auditing, and Group Policy management. Register now and receive NetIQ's free "Securing Access to Active Directory-A Layered Security Approach" white paper.
http://www.winnetmag.com/seminars/activedirectoryroi

==== 7. New and Improved ====
by Carolyn Mader, [email protected]

Connect USB Devices Through a Wired or Wireless Ethernet-Based LAN
Keyspan announced USB Server, which connects USB devices to a PC or Macintosh though a wired or wireless Ethernet-based LAN. Similar to the USB print server, the USB Server enables you to attach and use USB devices by client PCs on a LAN. In addition to printers, the USB Server supports other USB devices such as hard disks and scanners. The USB Server provides four ports and connects to 10/100 Ethernet networks through an RJ45 connector. The USB Server will ship in late first quarter 2004 for $129. Contact Keyspan at 510-222-0131.
http://www.keyspan.com

Learn More About DNS Security
O'Reilly released "DNS on Windows Server 2003," a book by Matt Larson, Cricket Liu, and Robbie Allen. The book is for administrators who manage zones and one or more name servers. The book addresses DNS security, including details about preventing unauthorized zone transfers, securing dynamic updates, and disabling recursion on delegated name servers. The book costs $39.95. Contact O'Reilly at 707-827-7000 or 800-998-9938.
http://www.oreilly.com

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Link ====

NetSupport
Free Trial - Fast and Easy Network Management. - NetSupport DNA
http://ad.doubleclick.net/clk;7276793;8214395;y?http://www.netsupport-inc.com/dna/netsupport_dna_overview.htm

==========

==== 8. Contact Us ====

About the newsletter -- [email protected] About technical questions -- http://www.winnetmag.com/forums About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]

===============


This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.
http://www.winnetmag.com/sub.cfm?code=wswi201x1z

View the Windows & .NET Magazine Privacy policy at
http://www.winnetmag.com/aboutus/index.cfm?action=privacy Windows & .NET Magazine a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All Rights Reserved.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish