decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books
Your contributions keep Groklaw going.
To donate to Groklaw 2.0:

Groklaw Gear

Click here to send an email to the editor of this weblog.


To read comments to this article, go here
Microsoft Denies Leaked Code -- UPDATE: Now MS Confirms
Thursday, February 12 2004 @ 07:08 PM EST

UPDATE:

Now Microsoft confirms but says it isn't massive:

Microsoft spokesman Tom Pilla said in an interview with The Associated Press that some incomplete portions of the Windows 2000 and Windows NT4 source code had been "illegally made available on the Internet."
According to one security expert, it's about a CD's worth:
The 203MB file contains the code that appears to be from Microsoft's enterprise operating system, but the code is not complete, said Dragos Ruiu, a security consultant and the organizer of the CanSecWest security conference, who has examined the file listing. . . .

The 203MB file expands to just under 660MB, he said, noting that the final code size almost perfectly matches the capacity of a typical CD-ROM. The entire source code, he said, is believed to be about 40GB, meaning that the file circulating Thursday would be only a fraction of the full code base . . .


Original Article:You probably heard that Slashdot has a story that there may have been a massive leak of code from Windows 2000 and NT. Microsoft denies it.

Groklaw normally doesn't report rumors, but in this case, it seems appropriate to say something early. If there is such a leak, I hope nobody looks at this code. Not one peek.

Here's why, taken from Franklin Pierce's "Copyright for Computer Authors" by Thomas G. Field, Jr. on avoiding copyright infringement:

As discussed earlier, copyright gives owners the exclusive right, for example, to reproduce protected subject matter (such things as ideas and facts being excluded). Sometimes a question arises as to whether a second, similar work was copied or independently created. If the person creating a second work had access to the original work and the works are virtually identical, copying is likely to be presumed even if the chance of access is remote.
Anyone looking at this code could bring to an end any opportunity to contribute to FOSS software in the future.

That's just copyright issues. Copyright isn't the only issue. Patents, trade secret, it's just a minefield. I hope the rumor is false, but if it isn't, please speak to your attorney and to FSF prior to even thinking about looking at such code.

And that isn't even addressing the Big Lie issue, with proprietary software companies trying to convince the world that open source coders are dying to steal software and use it to "attack" companies. Exhibit A, Ms. DiDio. If I put my tinfoil hat on, I'd wonder if this "leak" was deliberate, judging by the speed with which the PR machine went into gear, predicting that this leak will lead to such problems. Here is an example of what I mean, an article blatantly setting forth that open source leads to foul play the very same day the story of the MS "leak" occurs. It has the smell of an organized campaign, but I hope not. For now, let's just hope it didn't happen in the first place.

As for an increase in security problems, I think that might be hard to achieve. Microsoft has announced more security problems, one of which it took them half a year or so to fix. Some say it's the worst yet. The headline in the LA Times [sub req'd] says it all: "Peril in Microsoft's Laxity." In other words, Microsoft appears well able to achieve world records for security problems all on its own.

So much for security through obscurity.

Gartner's has an interesting report too. It seems a lot of customers are not upgrading:

Microsoft's controversial software licensing scheme has delivered little value and many users will not renew their agreements when they expire this year, according to Gartner.

The analyst estimates that 30 per cent of contracts with Microsoft's biggest customers for the Software Assurance (SA) maintenance programme will be up for renewal in the next six months.


  View Printable Version


Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )