| |||||||||||
Digital Pearl Harbol looming on the horizonDigital Pearl Harbol looming on the horizonPosted Feb 13, 2004 18:08 UTC (Fri) by proski (subscriber, #104)Parent article: Microsoft grapples with leak of source code (CNN) Prepare to the worst. Make sure all your software can deal with extreme virus traffic, port scanning and other nasty things. In particular, mailing list software needs to be updated. It may be a good idea to learn and install antivirus software and strengthen firewall rules. Even if viruses won't infect your system, you don't want them to pound rather slow mailing list software or eat your CPU time on the systems where it's needed for other tasks. Maybe the smartest thing for Microsoft would be to allow free circulation of the leaked code to allow "good guys" the same acceess that "bad guys" already have. I don't mean changes in the copyright. They should just make it legal to distribute the leaked code without changes.
(Log in to post comments)
Digital Pearl Harbol looming on the horizon Posted Feb 13, 2004 18:17 UTC (Fri) by allesfresser (subscriber, #216) [Link] Why should we be any more concerned about Windows vulnerabilities than we already have been? There's plenty of breaches for the black hats to play with already; I'm not convinced that source code access would give them all that much more than they already have. And we don't know which particular parts of Windows the code pertains to, do we? I think the Pearl Harbor reference is going a bit over the top.
Digital Pearl Harbol looming on the horizon Posted Feb 13, 2004 18:17 UTC (Fri) by libra (guest, #2515) [Link] Microsoft can not do what you suggest because it would create a precedent. Anybody with access to Microsoft code could be tempted to leak it latter to then get a "free to see and speak about" right.So this won't happen.
Digital Pearl Harbol looming on the horizon Posted Feb 13, 2004 20:47 UTC (Fri) by Eudyptes (guest, #15589) [Link] >Microsoft can not do what you suggest because it would create a>precedent. Anybody with access to Microsoft code could be tempted to leak >it latter to then get a "free to see and speak about" right. >So this won't happen. Well, there's that annoying little clause in the law related to "trade secrets" and "due diligence". IANAL, but plainly put once a trade secret makes it into the public domain and becomes extensibly common knowledge it is not longer considered a "secret" and therefore most of (if not for all practical purposes entirely) the IP rights get muted. In otherwords, if one uses a direct word for word - symbol for symbol form of something M$ has in the source than it could get sticky - but if one looks at the code, understands what it's purpose is and the manner in which it folds into the code overall one could write a piece of code that preforms the same function without crossing the dreaded "IP" boundry. This is what M$ worries about overall, not to mention it could be damaging in more than one way related to years of contention that M$ has misappropriated others IP into there kernel - it's pretty hard to argue you didn't rip someone off when the code in question is sitting there in the kernel. This is the contention of M$' evil little brother... SCO - and they have an open code base to point to and haven't proven jack, but I digress. The point is that there are those that have absolutely no love loss where M$ is concerned that will be picking this apart - Let the games begin.
Digital Pearl Harbol looming on the horizon Posted Feb 13, 2004 20:36 UTC (Fri) by Max.Hyre (subscriber, #1054) [Link] Until we know what systems, what modules, and how much of it has been exposed, we haven't enough information to even guess how big a threat this is. It could very well be the code for Minesweeper, after all. :-) On the other hand, if it's on the loose, can anyone supply a pointer? I'm awfully curious how the quality compares to stuff I'm familiar with.
Digital Pearl Harbol looming on the horizon Posted Feb 13, 2004 21:03 UTC (Fri) by allesfresser (subscriber, #216) [Link] Please, please, PLEASE DO NOT post a pointer to the stolen code here! Don't be that stupid! Wouldn't that be convenient for Microsoft to point to LWN and say, "see, they're all software pirates and terrorists"? Also, if you happen to know where it can be found, don't look at it at all if you ever want to contribute to any Free Software project. Despite what the law about trade secrets says (as posted above), since when has actual truth and legal precedent mattered when it comes to Microsoft's lawyers and press hounds? Think before you do something all of us will regret mightily...
No pointers please Posted Feb 13, 2004 21:34 UTC (Fri) by corbet (editor, #1) [Link] I will second that request: please do not post pointers to stolen code here. We would probably have to remove them.Besides, anybody who is concerned with his or her ability to write free software in the future absolutely does not want to look at this code. You don't want its owner coming after you for having misappropriated it in any way. The best defense against any such charge is to have never seen the code in question.
No pointers please Posted Feb 14, 2004 0:16 UTC (Sat) by mmarq (guest, #2332) [Link] strange!!... but i've to agree that it could very well be a trap, since the code in question about portions of NT and 2000 dont really wort much "per se",..., are questionable the issues about value, but i'm very confident that Open-source from Linux to Mac Darwin passing trough the best of the BSDs, are already more advanced than what was exposed......hmmm,... not heaven a serious security breach for Windows, because if this news are reliable (http://www.betanews.com/article.php3?sid=1076674118), then with a SP4, the SP1 patch for win2000 is clearly outdated.
My sincere apology for asking for code location Posted Feb 19, 2004 18:20 UTC (Thu) by Max.Hyre (subscriber, #1054) [Link] Dear LWN: My request for pointers was mostly in jest, and completely tasteless. If I could retract it, I would, and I'm sorry for the stupid implications. Ashamedly yours,Max Hyre
|
|||||||||||