hi


It is the second security breach for Bill Gates' company this week

Friday, 13 February, 2004

Computer software giant Microsoft says parts of the tightly guarded blueprints of its Windows operating system have been leaked over the internet.
Microsoft spokesman Tom Pilla said the company did not know how much of the source code had been leaked, or how many people may have access to it.

Hackers with the code could exploit the operating system and access machines running Windows.

It is the second major security breach announced by Microsoft this week.

Hackers

On Wednesday, it said there was a security flaw in certain Windows editions that allows hackers to access many of the hundreds of millions of computers worldwide that use the system.

The company could not immediately pinpoint the source of the latest leak, and has contacted law enforcement authorities.

It is thought to comprise parts of the source code for Windows 2000 and Windows NT.

Mr Pilla said there was no indication the code leak was a result of a breach of Microsoft's corporate network.

There was no known immediate impact to Microsoft customers, he said.

But the other threat to Microsoft is the fact that such access could provide a competitive edge to its rivals, who would gain a much better understanding of the inner workings of Microsoft's technology.

Bongme

Amongst other things the leak included MSHTML - the rendering engine used in Internet Explorer.

If this has leaked out on to the general internet (and I think it has) then we can expect an onslaught of viruses etc.. that make use of this knowledge.

er yes, it did leak quite widely

but if you really cared about the security of your computer, you wouldnt use windows, you'd use better, more secure & free alternatives, simple as that.

For me its either win2000 or linux.
I opted for win2000 a few months back, mainly because the installation was slightly more straight forward; not a very good reson but ill stick with it for now.
I dont like xp, i dont like the way the license is keyed to youre hardware and all that stuff.

These days Linux installation isn't difficult.
I am not sure there is much between SuSE and Mandrake, I would plump for Mandrake personally as I think its updated a bit more often (not sure though)

I have forgotten the reason why I dont use Linux on the desktop.. damn memory.

The most important question is what applications do you use? If you can't get them on linux you are likely to suffer productivity wise since you could get an alternative but then you might have to put up with bugs and learn to use a new application.

Most things I use e.g Firefox, thunderbird, xemacs are open source anyway. I wouldnt need AVG or a firewall under linux. I think there are chat clients that will deal with MSN Messenger so thats fine too though I rarely use it.

I'm off work next week I might try linux on the desktop again.

aye problem with linux is if yer an online gamer its goes oos with anyother user using a diff platform and as most ppl dont use linux its pointless for me to use it xp does me fine not the safest or most reliable but ive not been hacked and ive not had any mallicous viruses suppose its down to wot xtra protection ya use or am i talking total bollocks

With the UT2004 demo (and later full game) released for linux I would at least have a recent game to play on it.

pd 666 I am not sure your comment about OOS is accurate with all games, especially since many of the online FPS games have linux servers.

I have played UT2003 on linux and dont remember having unusual connection problems.

Actually maybe it would be good a bad thing to have decent games on linux, I would have more time to get more serious things done then. Having said that I suspect that random surfing wastes most time.

ya most of my games go oos if i play anyone other os linux 98 2000 all cause oos with me anyways well the games i play so it really isnt much use if it didnt go oos id prolly use it cuase its much more safer

Hi

Wee Add On...

Microsoft hunts source code leak


Mainsoft is helping with the investigation

Monday, 16 February, 2004

The hunt for who leaked Windows source code is centring on a small Silicon Valley firm called Mainsoft.
Analysis of the code circulating online suggests it was being used by Mainsoft to help it create its own programs.

Microsoft has confirmed that the source code has been leaked but said it was not due to a breach of its security.

The FBI has also confirmed that an investigative task force had been set up to look into the how the source code got on the internet.

Long look

Mainsoft has had access to the Windows source code since 1994 and until 2001 was one of only a very select band of firms that Microsoft trusted with the raw computer code for its operating systems.

Analysis suggests the source code was used to help Mainsoft create its MainWin program that many firms use to make Unix versions of Windows software.

In files found with the chunk of source code is information that points to Mainsoft engineers.

Attention is focussing on a file called a "core dump" that is created during a crash and helps programmers work out what went wrong.

Mainsoft said it would cooperate fully with the investigation into the leak.

"Mainsoft takes Microsoft's and all our customers' security matters seriously, and we recognize the gravity of the situation," said Mike Gullard, chairman of Mainsoft.

Experts say that a mention of Mainsoft in the code does not mean the company is the source of the leak.

The chunk of code circulating is 205MB in size and is believed to be about 15% of the raw code for Windows 2000 and Windows NT4.

If Mainsoft does not turn out to be the source of the leak, tracking down just who did leak it might be difficult.

This is because Microsoft has recently begun sharing Windows source code with an ever increasing pool of organisations.

Researchers as well as key customers and software resellers can get a look inside Windows under the Shared Source Initiative University started in 2001.

Although not all the code is shared with these organisations it is thought that up to 90% of the source code for Windows has been seen by people outside Microsoft at some point.

Under this initiative, thousands of organisations and probably tens of thousands of people have viewed the raw code for Windows' various incarnations.

In October 2003 Microsoft extended the source code sharing to include its 1200 Most Valued Professionals - key computer technologists who specialise in Windows.

When news of the leak first broke, some security experts expressed surprise that the code had not been leaked before given that so many people have seen and tinkered with it.

However, many of those that get access do so via a variety of security mechanisms. Some have to use a smart card to access the site and others are only allowed to view the code in Microsoft buildings using computers controlled by the software giant.

Bongme

redhat works fine for me & they dont have any dirty secrets to hide in their source ...

<spooky voice>
They're here....
</spooky voice>

The first of the vulnerabilities based on leaked code.