I'm sure this has been postulated at length already, but it's an interesting question.

Let's say that, for want of a better explanation, M$ send out a beta release of their newest Windows subspecies to a select few testers. For some reason there is a mix-up (again, based on their track record : we've heard about the various things that snuck onto NT service packs) and some Johnny No Stars accidentally puts the wrong CD in the wrong envelope and voila! (Or a disgruntled employee, or whatever. Basically, a complete, untraceable copy of the code.) The source hits the net, and sticks (tools like Gnutella and KaZaa/Morpheus/whatever making it impossible for M$ to totally stomp it). So what would happen next? WINE could be finished rapidly, for one thing. M$ could then slap a lawsuit on WINE (and whoever else makes use of the code), but could they claim a "clean room" reverse engineering took place? (The DMCA compounds the legal minefield.)

M$ surely have a plan in the event of this happening. Would M$ rush out a new version of Windows that breaks compatibility with all before it? (Like that could happen ... uh wait.) Would other software companies (I'm looking at you Sun, Lotus and Apple) get in on the act? And what kind of timescale would we be looking at for the whole drama to play out?

For added marks, a slight twist on the scenario : what if the DoJ (or equivalent) was to order M$ to release the source? This is the ultimate goal of a case being brought against M$ by Sun in Europe, as I understand it.

Q: Will this result in a proliferation of incompatible versions of Windows?

A: As opposed to the current situation you mean?

Apple has already had to deal with this problem. Well, sort of.

Back in 1989 a group of crackers calling themselves the Nu Prometheus League stole what Apple at the time hysterically called “the source code for MacOS”.

The motto of the Nu Prometheus League was Free the Mac!

After stealing the source code the crackers then energetically distributed it far and wide via what passed for the Internet back then – Electronic Bulletin Boards.

Apple went apeshit and somehow managed to enlist the aid of the US Secret Service.

Prime suspects (all fingered by Apple) in the theft included :

There was just one little problem : the crackers had only gotten away with a portion of MacOS, specifically the source code for QuickDraw.

Apple, however, continued to claim that the loss of their intellectual property would lead the firm to bankruptcy.

These unfounded allegations, in addition to several other highly publicised cracks at the time - many on the nations telephone infrastructure - all contributed to a profound sense of uneasiness in law enforcement circles.

And its easy to understand why. Cops like to be in control, and since even the FBI at the time had effectively zero knowledge of technology, they genuinely loathed all things even vaguely related to the hacker subculture.

All these forces came together in Operation Sundevil, the first nation-wide crackdown on the computer underground, with multiple raids taking place in early January 1990.

Unfortunately, not everyone raided was in fact a criminal, and many legitimate business (e.g., Steve Jackson Games) as well as individuals had their lives severely disrupted or even ruined by the activities of law enforcement, who demonstrated a total disregard for due process.

But of course for every action there is an equal and opposite reaction, and the general vagueness of legislation at the time for crimes of the digital variety led to the formation of the Electronic Frontier Foundation, or EFF.

EFF is dedicated to preserving human rights in the information age. EFF constantly raises debate around the freedom of press and "Intellectual Property" (e.g. software copyrights).

So the question was, how would Microsoft react if the source code for Windows was released into the public domain?

Well, my guess is they’d overreact, knowing the well documented personality of Mr Bill (not to mention his sidekick Steve Ballmer).

And then the interesting question would be – keeping the Apple case in mind – what would the reaction to their overreaction be?


ObDisclaimer:

I’m doing this off the cuff, from memory, so /msg me if I’ve messed up a date or name and I’ll fix it.
Also, I can’t recall the outcome but I don’t believe they ever publicly stated who stole the code and the resolution; one of those pesky out of court settlements no doubt.
Yes, I do know the difference betweeen a hacker and a cracker - I'm one myself but you gotta guess which.

Finally, I use Unix boxes at work (AIX, SunOS) and have only Macs at home so I am definitely not Apple bashing.

The Windows source code is already available from Microsoft Research Laboratories; to what extent, I don't know.

See http://www.research.microsoft.com/programs/NTSrcLicInfo.asp

Microsoft makes its source code available to Universities at a no charge basis. However, it seems to be unlikely that this would encompass all of Windows CE/9x/NT. I would really like to know if they make kernel available as source, as that seems to be the place where most of the improvements to Windows can be made.

If anyone has the exact license agreement that representatives from these Universities must agree too, I believe it'd be fascinating reading material. Everything that comes out of modifying the Windows Source would, of course, be nonprofit, but what exactly could be done with it? I'm sure the license is quite restrictive, but that remains to be seen.

What would happen if the windows OS source code was released to the public? Nothing. People would fix a few bugs if they could nail them down, but it must be millions upon millions of lines long. How much good would that do anyone in the next few years? Trying to document and tame that much source would simply be evil.

As far as the licencing is concerned, I think it's everything included. I hear MIT has it, and they work on parts of it to clean things up. The original Kerberos came out of some such agreement, I read somewhere. The NDA underneath it I hear is also quite killer.

If the Windows source code was released, initially it would be very similar to the DeCSS affair. Microsoft would be flinging lawsuits left and right under the same laws the MPAA has. Then there would be the "Windows source code mirror lists" all over the place as Microsoft continues to try to kill them all. Of course, they wouldn't be able to, so soon mutant Windows versions would be spreading around the internet. Groups devoted to creating their own version of Windows would be created (much like the open source groups today). When people finally looked at the programming, Microsoft would then be embarrassed as everyone saw how poor their programming was (at least thats what many people who have seen the code say). Also, with the windows API completely open, Netscape, Real, and other companies who have been bumped by Microsoft would once again gain steam being able to integrate directly into Windows.

There are some theories that if anyone found the true meaning of the universe, it would vanish and be replaced with something far more complex and confusing. There is evidence that this has already occured. -paraphrasing from Douglas Adams's Hitchhiker's Guide to the Galaxy

What would happen? Fairly simple. Certainly, the WINE project would be finished at an astonishing rate. People who still want to stick with Windows would enjoy numerous bug fixes floating around the net so that their OS of choice would be relatively stable for once. Companies that have formerly struggled with Microsoft's ability to integrate anything they do with Windows would find themselves able to compete again. Conversely, people who would rather do without all of Microsoft's 'convenient' integration would now be able to do so easily.

But for how many versions?

Certainly, after the entire source code fiasco was over, what would Microsoft do? Just concede defeat to the forces of openness and thereafter release all their versions of Windows as open source? Of course not. Part of Microsoft's success has been their deathgrip tight hold of their source code so that nobody can see how their system works so they can maintain a dictator-like control over everything that happens after Brian Eno's infamous 'Microsoft Sound' plays. They would lock down their code even harder than before.

Of course technology experts and code geeks would say that Microsoft's coding is sloppy and ameturish1. Of course instant compatibility with anything Windows-based would be avaliable for anything not Windows-based. But, when was the last time business owners and J. Random AOLler listened to actual technology experts or code geeks? They listen to the biggest guy with the flashiest ads, and in this case, that guy is Microsoft. In fact, Microsoft may throw around sufficient money and media clout to prevent the experts and geeks from even being heard.

So what would Microsoft do? They'd release another version of Windows quickly thereafter. And Microsoft's source is closed source, of course, of course. But, they'd release it with enough differences and incompatibilities between the most recent version of Windows (in this case, the now open source version) to make porting things very difficult again. And they would make shady deals with hardware manufacturers to have exclusive rights to certain technologies (Say, in theory, USB 3.0) so only their new Windows would run it. And, of course, they would certainly throw in enough flashy 'features' that users simply 'have' to own.

Now, you ask, who would be stupid enough to buy this, what with perfectly running clones of Windows running rampant in the world? The answer is: EVERYONE2. Remember what I said about business owners and J. Random AOLler listening to the biggest guy? For the longest of times, for better or worse, they've trusted the one biggest guy, and that's Microsoft. Even in light of better3 operating systems, Microsoft still maintains a stranglehold over the OS world. More and more people are using alternative operating systems, but not a sudden shift of millions upon millions of users. Many still trust Microsoft to do the Right Thing. And they wouldn't see the logic behind making something open source. All they'd need to see is the phrase "Microsoft has released a new version of Windows", and they'd buy it.

With tighter locks on the source code so that it isn't released to the public THIS time, Microsoft would restrict the people who know the code to even FEWER people, resulting in less eyes scrutinizing the code for bugs, resulting in more bugs. But, it's all irrelevant anyway, everyone would buy it and keep Microsoft the monopoly they are. And in time, the 'perfect' Windows emulators would fade into legacy emulators as programmers program for the next, closed version of Windows, entirely incompatible with present Windows emulators.

The end result? Maybe a bit of turmoil, maybe a small hit on Microsoft, but in the end, they'd still be there, sucking people dry.


1: Going on the theory that anyone who HAS seen the source code says that it is very shoddy programming.
2: Well... okay, not everyone.
3: This is admittedly a judgement call. I do consider nearly anything that is not Windows to be better stability and reliability-wise than Windows. Note that I did not mention a specific alternative OS in this writeup.
This may very well have just happened.

The news on this has just hit Slashdot. It first broke on neowin.net. Apparently, the source code to Windows NT and Windows 2000 has been leaked to the internet. It is floating around under the filename "Windows.Source.Code.w2k.nt4.wxp.tar", and there is also a torrent available for download. It still isn't clear whether the entirety of the source code is available, or if it is just more than Microsoft is comfortable with. The source code is only a partial copy.

The ramifications of this leak have yet to be realized. Either the the hacking community will get ahold of it, and help make it into something secure and usable, we can be expecting an entirely new onslaught of viruses and worms, or very possibly both.

A file list of the source tree is being bandied about. The address is 'http://heim.ifi.uio.no/~mortehu/files.txt'. The files listed under win2k/private/ntos do appear to be kernel material, even including .asm files. This doesn't appear to be the source tree for the entire operating system, but what is there does look legit.

More sources are popping up as we speak: ZDNet and Internetnews are both carrying articles on this, and Microsoft is officially investigating the issue. The source code files are 203 megabytes compressed, and expand to just under 660 megabytes. It is interesting to note that this is just about the capacity of a CD-R. Dragos Ruiu, a security consultant and the organizer of the CanSecWest security conference, has examined the code, and believes it to be authentic.

The file is currently available on IRC and peer-to-peer networks, and I have also verified that there is a torrent file available.

'http://www.sschmidt.info/w2k_source.torrent' is one source for the torrent file, but be aware that this link may go down at any time. I'll try to keep it updated.

There is also an ed2k link at 'ed2k://|file|windows_2000_source_code.zip|213748207|34BB9F3A3E8D3E0C4490A96EC30B 9F3C|/'.

There are several reasons why this is a very important event. From one viewpoint, consider how much damage worms and viruses have wreaked upon the Windows operating system *without* freely available, valid source code to base them from. Suddenly the idea of black hat hackers finding backdoors, security flaws, and other instances of bad programming and taking advantage of them is a much more common risk. Many webservers run off of Windows 2000, along with many government computers. This is what we would call a BAD THINGTM.

From another viewpoint, the availability of the source code to the public may allow many of these security flaws to be identified, documented and fixed.

Events are still developing, and I will be updating details as they become available.


After a few months, this appears to have been much ado about nothing. However, considering how prevalent Windows is as an operating system today, and how much Microsoft relies on security through obscurity, the situation could have been much worse.

Log in or registerto write something here or to contact authors.