CAA: Christian Anime Alliance

Taken from http://news.bbc.co.uk/1/hi/technology/3486011.stm :

Microsoft is investigating how part of its Windows operating system source code found its way onto the net. Microsoft spokesman Tom Pilla said it was not known how the chunks of Windows 2000 and NT code had leaked out.

"We are currently investigating these postings and are working with the appropriate law enforcement authorities," he said.

More than 90% of PCs use Microsoft software, so this leak of intellectual property is a concern for the company.

"It's illegal for third parties to post Microsoft source code, and we take such activity very seriously," added Mr Pilla.

Top secret

Source code is the basic language used to create programs. It is extremely valuable because it is similar to the blueprint to any system or design, and is a tightly-guarded secret.

How the leak could harm Microsoft
Access to the code could give its competitors a better understanding of how Microsoft's technology works. Microsoft said it did not yet know the source of leak, or how many people have access to it on the net, but confirmed it accounted for about 15% of the total code it uses. The code has appeared on several underground websites and net chat rooms. It has been widely downloaded across the net and being openly discussed on specialist technology websites.

"The source code leak spread quickly in the underground," said Ken Dunham of the security consultancy iDefense.

Microsoft said there was no indication the code leak was a result of a breach of Microsoft's corporate network. Instead it seems the leak could be a software developer, but the company has yet to to pinpoint a suspect. There is concern that hackers who get copies of the code could find it easier to break into systems running Windows software. But Microsoft said that was unlikely since the code comprised of relatively small proportion of the total source code.

Too early

Security experts have said computer users and companies running Windows 2000 and NT should not be concerned about the leaked code at the moment. The code contains valuable information about Windows
David Emm, security expert at McAfee's Avert research unit, told BBC News Online it was too early to say what the impact of the leak would be.

"It is a small amount, and Microsoft are suggesting it is not much good on its own. But it is very difficult to know whether it is something that could be used by the people to do harm," he said.

"The analogy to use is if someone wants to break into my house, they would not necessarily need a house plan. If they know there was a section of my house that had a window not covered by an alarm, that would make it easier for them."

But businesses have been advised to be vigilant and beef up their security teams.

"They should be keeping a careful eye on their IT systems and scrutinise their security systems for unusual traffic," said Tarek Meliti, technical director of server hosting company TDM Group.

It is the second security headache for the company in a week. On Tuesday, it admitted a flaw in its latest Windows operating systems that could allow hackers access to many of the hundreds of millions of computers worldwide.

I feel sorry for those poor souls running Windows 2000 webservers at the moment..

Heh. Like the reason Half-Life 2 got delayed...it's source code kept leaking out on the net. Lol...that's why there are so many demos.

Bout time.... now if only they did this on purpose like they should

Any MS OS delay is a good one in my opinion

I have to admit though, this brings back memories of trying to secure a WIN2K server... that was a nightmare. Also, I know of a number of law firms that use 2K and NT servers (I used to work for a legal software company), and I wonder how this will affect them. I'd hate to see the number of holes people are finding now that the entire source is available.

Thankfully, I don't use Windows 2000 or NT; but would this affect other versions of Windows?

It wouldn't affect the old Win-on-DOS architecture (this means Win 3.x *snicker*, 95, 98 and ME are probably going to be impacted very minimally, if at all). As a Mac user, the Windows version I find least offensive is Windows 98SE, which is what I prefer to run in Virtual PC. I do have a VPC mount with Windows 2000, but 98 is much snappier.

If you run a server, go NetBSD. "Of course it runs NetBSD."
http://www.netbsd.org/

What is CAA running on?

Rashiir wrote:What is CAA running on?

Redhat Linux 7.3 (a very popular standard with webservers)

is XP okay? man that bites...

XP's kernel builds on 2000's, so it probably has a lot of common or similar code in it.

well considereing that all i have is my one simple website, wouyld i have to worry?

Depends on what your website provider uses to host your site. Your own machine may also be vulnerable, which is why most people are strongly advised to use a firewall.

wahts a firewall?

A firewall is either a program or a dedicated system or machine that, in a nutshell, filters network traffic and tries to prevent harmful or potentially deleterious data from getting to a system that could be affected by it. For example, many Windows systems offer filesharing to their peer systems in a home or office, but you wouldn't want to offer this to the entire world, and you could use a firewall to make sure that not only would the computer not offer its shares to anyone outside (because the offer can't get out of the network), but also no one can get in to ask it.

Since a firewall is basically your security guard, it itself has to be fairly impermeable to network threats. There are some software firewalls you can buy for most PCs, but these are only token protection. A better solution is the built-in firewalls that many broadband routers now offer to shield an inside network from the outside, and allow all access going out but restrict access going back in. Even these, however, can have problems and may not fail safe, so you should do your research if your home network is important to you.

I was told to DL a patch that's related to this issue...anyone know if there is one and where to get it?

shooraijin wrote:It wouldn't affect the old Win-on-DOS architecture (this means Win 3.x *snicker*, 95, 98 and ME are probably going to be impacted very minimally, if at all). As a Mac user, the Windows version I find least offensive is Windows 98SE, which is what I prefer to run in Virtual PC. I do have a VPC mount with Windows 2000, but 98 is much snappier.

You'll be glad to know that 98 is my chosen development platform for The Traveller's Guide (though it'll run on 95 and later); and my web server runs on 98 as well. I think that of all the Windows versions I've used, 98 is my favorite. I'm glad to know that it shouldn't be affected by this. ^_^

> I was told to DL a patch that's related to this issue...anyone know if there is one and where to get it?

Presumably it's the one offered through regular Windows Update. I didn't do anything in particular other than this to update my emulated Windows 2000 partition.

(joke)

Open Source is the best thing that ever happened to world of computers... Microsoft should be happy to get a bump in hte right direction.... >: )

The Silence wrote:Open Source is the best thing that ever happened to world of computers... Microsoft should be happy to get a bump in hte right direction.... >: )

Your right microsoft is a very evil company. I read alot of books about GNU "Free software Foundation" and bill gates thought it was horrible idea to share source code. I will never forgive him.

Woah... windows mods... now that would be fun lol Someone could make something just like windows only have all the 'maximize' and 'minimize' animations and stuff look waayyy cooler and....

Would that be illegal? probably. meh

Personally, I'm too over-protective to go open-source with my programming projects, but maybe that'll change in teh future. It's certainly more fun for the consumer if they get the code along with the program

What are you talking about? Of course, there's something just like windows... in looks. I don't have clue if this exists still or not since the last I heard of them, they were getting their butts sued off by M$. Yes, Lindows. There was an operating system that worked like Windows, but was much more better. I'm not too sure which came first. The OS was IBM's OS/2.

Open Source rocks. I think over half the programs I have on my computer are Open Source, and I'm running Win98 SE.

Windows MODS?.

Yea there is alot of things in Linux that can make it look like Windows. Don't get Lindows thought there software really bad and it cost money.

Da Rabid Duckie wrote:I'd hate to see the number of holes people are finding now that the entire source is available.

Uh, I don't speak for any other geeks, but I sure wouldn't care to go through 97 billion lines of spegeti code looking for loop holes.

Volt wrote:Windows MODS?

Pet Peeve #275: incorrect capitalization of tech terms

MOD = an audio file
mod = (abbreviation "modification") any kind of alteration or change to a product by a third party, which may or may not be sanctioned by the original developers

[quote="shooraijin"]Pet Peeve #275: incorrect capitalization of tech terms

MOD = an audio file
mod = (abbreviation "modification") any kind of alteration or change to a product by a third party, which may or may not be sanctioned by the original developers

]


Unless capitals are merely added for EMPHASIS.

Let us add on

Don't worry, with such a large range, you're bound to find out at least a couple of them.