LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Letters page

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

MSFT Code and BugTraq

[Posted February 18, 2004 by corbet]

From:  Robert J Taylor <rjamestaylor-AT-cox.net>
To:  lwn-AT-lwn.net
Subject:  MSFT Code and BugTraq
Date:  Mon, 16 Feb 2004 11:40:19 -0800

Jonathan,
 
Like you I had and have no desire to see the stolen and revealed Windows
source code. Actually, it makes me ill that this has occurred. But
today I realized that it will be very difficult *not* to see the code --
in snipits, anyway. The reason is that I subscribe to BugTraq.
 
Revelations of vulnerabilities usually are accompanied with proofs of
concept and, when available, analysis of the code in question. Today's
revelation of a bug in bitmap handling (!) in Internet Explorer 5.0 was
accompanied by a supposed (supposedly, because how could I know for
sure?) portion of Internet Explorer's source code.
 
Thus, from illegitimate means surely, begins the cultural assimilation
of Windows source code. Not by me, not by the vigilant, but by the
general programming population.
 
How far do those not wishing to be tainted with knowledge of illicit
code have to go to remain pure? Will BugTraq subscribers now be banned
from Open Source development?
 
This is disastrous and puts Microsoft in a strong position to challenge
everyone involved in every Microsoft-competing project, Open or Closed.
 
Worried,
 
Robert J Taylor

(Log in to post comments)

Don't let them control your language

Posted Feb 19, 2004 6:40 UTC (Thu) by proski (subscriber, #104) [Link]

Nobody can be tainted by knowledge. Don't let them control your language.

If you plan to work on a project that specifically forbids people with certain knowledge to participate (in case of Microsoft code that would be Samba and Wine, I believe), then they can say jokingly that you are "tainted" (although a snippet of bad code on bugtraq would hardly disqualify you). Not a big deal, there are other projects you can work on.

You should never, ever feel inferior to others because of a knowledge that you have and others don't.

MSFT Code and BugTraq

Posted Feb 19, 2004 12:28 UTC (Thu) by ballombe (subscriber, #9523) [Link]

Why something should be different for Microsoft code than for GPL code ?
Copyright apply the same way to both.

If bugtrack subscribers are banned from free software development, they
are also banned from proprietary development, since they have seen a
larger amount of GPL code.

MSFT Code and BugTraq

Posted Feb 21, 2004 6:00 UTC (Sat) by stock (guest, #5849) [Link]

I left BugTraq looong time ago.

Why? I was reading about fixes on software projects and products whom
no-one ever heard off. Even stronger i smelled that the list was abused
to draw some commercial attention to otherwise unknown stuff.

It went like this: "Easy Router soft today released a new router firmware
image 1.21. This version solves the remote exploit described ELSEWHERE
found present in firmware image 1.20."

Not only was i commercially spammed with this stuff, analysis of the
offending code in question and exploit examples/discussion disappeared
from the BugTraq list.

And now apparently they paste Windows source code on the list, which
certainly ain't a example of good code to look at as an example in the
1st place.

Yuck!

Robert

Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds