What happened to Microsoft’s source code?

Some Microsoft source code, specifically parts of Windows NT 4 and Windows 2000, was posted on the Internet for downloading from multiple peer-to-peer networks over the past couple of weeks. As usual, most of the press over-reacted.

Headlines generally proclaimed: “Microsoft source code leaked onto Internet,” but more than one would-be tabloid used some variant of “Microsoft source code stolen.” It wasn’t stolen. Technically, it wasn’t even “leaked” (i.e., revealed by someone within Microsoft). It was simply made available.

The best evidence indicates that Microsoft partner Mainsoft (https://www.mainsoft.com/) was the original source of the code that was made available on the Internet.

Mainsoft’s chief product is “Visual MainWin,” a utility to port Windows applications to Unix and Linux. Mainsoft would have access to parts of Windows source code to aid in creating the ports. Internal evidence in the downloaded source code appears to indicate that it originated from Mainsoft. Other evidence indicates that the two files (one with WinNT source, the other with Win 2000 source) were extracted from Unix core dumps, typically created when a system crashes. Since the size of the files is remarkably close to the capacity of a CD-Rom, it’s also thought that the crash that created the core dump occurred while someone was either creating a CD or transferring the contents of a CD to the Unix boxes hard drive.

While it’s possible that someone at Mainsoft deliberately released the code, more likely is that the computer (or the drive) on which the core dump existed was recycled with the drive being thoroughly degaussed to remove all data. Simply deleting the proprietary information would not have removed the core dump files. Whoever acquired the drive and/or system may have been poking around and discovered the dumps and recognized them for what they were. Of course, it would take a knowledgeable programmer/hacker to recognize Windows source code and, let’s face it, the first reaction would be to tell a friend. The friend would want to see it, and the whole thing began to mushroom. Nothing illegal or criminal, so far.

Then someone discovered, within the source code, a buffer-overrun vulnerability in Internet Explorer 5.01. The “vulnerability” was fixed over two years ago, but that didn’t stop the Chicken Littles of this world from declaring that Windows was now doomed. It isn’t.

There is one thing we can take Microsoft to task for, though. In the wake of all the publicity, Microsoft decided to follow the course set by the record industry and release draconian warnings in an attempt to scare those who have downloaded the code.  According to the Redmond behemoth, “Microsoft is sending letters explaining to individuals who have already downloaded the source code that such actions are in violation of the law.” (See: https://www.microsoft.com/presspass/press/2004/Feb04/02-12windowssource.asp)

Except, of course, while it may be illegal to make the code available for download, there’s nothing illegal about downloading it or reading it. You might be in trouble if you read it and subsequently use that knowledge to create software, but that would have to be proven in court. Commercial developers, though, should avoid even the appearance of seeing the code.

An accident occurred and some old, outdated source code was released into the “wild.” It isn’t the first time. Some years ago, DOS 6.02 source code was inadvertently released. That didn’t damage Microsoft or its customers and this won’t either.