Re: China next to get access to Microsoft source code

[InfoSec News <isn () c4i org>]

Date: Mon, 3 Mar 2003 06:40:12 -0500
From: Brooks Isoldi <bjisoldi () acsu buffalo edu>

As much as I hate to defend Microsoft, we can't damn them if they do
AND damn them if they don't.  The Open Source community has been
wanting Microsoft to open its code.  It's doing so on a very limited
basis, to governments only, maybe industry reliant on Microsoft
frameworks next. However, if Microsoft did this on a completely open
basis...China would still have access to it.  But...Sources and
Techniques was a great document and a good read.  Perhaps Sidewinder
would be another good read :-)


Brooks Isoldi
The Intelligence Network
http://www.intellnet.org
877-581-3724 [Voicemail/Fax]


-=-


Date: Mon, 3 Mar 2003 16:55:43 +0100
From: "leon @ kuunders" <leon () kuunders com>

> Russia, the U.K. and the North Atlantic Treaty Organization have
> already signed up to participate in the GSP, and Microsoft is in
> talks with more than 30 countries, territories and organizations
> about the program.

I don't know, but with a lot of "hacks" originating from Russia and
China, it doesn't seem like a wise idea to hand over a "smoking gun"
to these countries. I can think of numerous "what .. if" scenario's in
which knowledge of the source code of the #1 computer desktop
environment can be used to exploit these programs.

If Microsoft is handing the source to these countries, they might as
well publish it completely on the internet.

--Leon.


-=-


Date: Tue, 4 Mar 2003 02:56:04 -0600 (CST)
From: Anonymous

The Chinese already have access to the source code.  Microsoft
maintains an internal gateway to their office in Beijing from which
the employees in China can freely explore the MS internal network in
Redmond.

This became painfully clear when, in 1999, I traced a connection to my
build machine (an Alpha 21164 Rawhide) back to the Beijing gateway
from a chinese hacking tool called proxyhunter.  This was in July of
1999.  The PAL and HAL code for the Alpha family of processors was
compromised (stolen) from my build machine.  I reported this to MS,
they did nothing.  I reported this to my superiors at Digital.  There
was nothing they could do, the source code was gone.  Compaq had just
purchased Digital and by the end of August, NT on the Alpha platform
was history.  In October of 1999 the PRC announced that they had
cloned the Alpha processor (a great achievement, right?) and fairly
soon afterwards began testing ICBMs that could reach the US from
China.

Plenty of people already have access to the source code for Windows.  
The question is, why would you want it?




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.