Hi All,
Just look at this site…
http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109&tid=187
Good Luck,
Yogi<
Think Marriage! Think BharatMatrimony.com
This is not a “this site”, it is /.
Show a little respect 
Jamey
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of yatindra vaishnav
Sent: Thursday, February 12, 2004 4:19 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] MS Code leaked…
Hi All,
Just look at this site…
http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109
http:
&tid=187
Good Luck,
>Yogi<
_____
Think Marriage! Think http:
BharatMatrimony.com —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com</http:></http:>
This is to OP
, :-(, … ad infinitum.
There is a bunch of nice MS people answers our buring question(s). Would not
it be nice to unicast this sort of stuff to
one of them !!!. Rather than posting here …
Oh,well, pls pls pls don’t make a mistake like this.
-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Jamey Kirby
Sent: Thursday, February 12, 2004 4:44 PM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] MS Code leaked…
This is not a “this site”, it is /.
Show a little respect J
Jamey
–
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of yatindra vaishnav
Sent: Thursday, February 12, 2004 4:19 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] MS Code leaked…
Hi All,
Just look at this site…
http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109&tid=187
Good Luck,
Yogi<
–
Think Marriage! Think BharatMatrimony.com —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Sure, it is top secret and MS needs to be informed about it. Especially when
/. published it.
Go to google, search for windows source code and examine the top of page:
News: Microsoft Windows Source Code Spills Onto Web - CRN - 33 minutes ago
Rumours growing of Windows source code leaks - Sydney Morning Herald - 2
hours ago
Microsoft probes possible Windows source code leak - InfoWorld - 3 hours ago
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
From: xxxxx@garlic.com[SMTP:xxxxx@garlic.com]
Reply To: xxxxx@lists.osr.com
Sent: Friday, February 13, 2004 4:22 AM
To: xxxxx@lists.osr.com
Subject: RE: [ntdev] MS Code leaked…<<message: ugly formatted html message>>
>
></message:>
This is a known fact that writing something non-trivial for modern complex
OS is extremely tricky process because most of the time will be spent
DISASSEMBLING operating system code (thanks for IDA and symbols) and trying
to figure out what WAS in comments in original sources that we will never
have a chance to see unless we belongs to some list of chosen. For NT as
well as for Linux it’s impossible to simply use provided interfaces w/o
knowing what happens inside or how they interact with each other. Sure now
DDK has a perfect documentation, but any one who wrote i.e. their own
replacement for scsiport or at least one filesystem driver will agree that
driver will be much more stable, cheaper and made faster if particular
problem could be solved by a simple search through OS source.
Unfortunately MS leave the chance to WRITE drivers for their own
developers… and some others… and what the rest of the world should do is
to HACK nice operating system trying to improve it with our products.
Well, not sure we should really start another round of this !!!
First the issue is a Leak not Open. So it is leaked source…
IT IS BAD, DOES NOT MATTER WHAT IT IS, WHOSE PROPERTY IT IS, IT IS STOLEN
AND
THAT IS THE BAD PART…
If you ask "What time it is ? and try to figureout the answer(s) you
might
get all possiblities like —
- It’s 5 o’clock somewhere, if you listen to US country music.
- It’s none of your business, if you happen to be in and around
harlem/newyork
And obviously other places have other answers too :-).
I asked myself about this, and the answer (2) might be more appropriate,
since I
dont want to imagine what are the impacts
-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
Sent: Thursday, February 12, 2004 10:07 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] MS Code leaked…
This is a known fact that writing something non-trivial for modern complex
OS is extremely tricky process because most of the time will be spent
DISASSEMBLING operating system code (thanks for IDA and symbols) and trying
to figure out what WAS in comments in original sources that we will never
have a chance to see unless we belongs to some list of chosen. For NT as
well as for Linux it’s impossible to simply use provided interfaces w/o
knowing what happens inside or how they interact with each other. Sure now
DDK has a perfect documentation, but any one who wrote i.e. their own
replacement for scsiport or at least one filesystem driver will agree that
driver will be much more stable, cheaper and made faster if particular
problem could be solved by a simple search through OS source.
Unfortunately MS leave the chance to WRITE drivers for their own
developers… and some others… and what the rest of the world should do is
to HACK nice operating system trying to improve it with our products.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
What did you expect … A “Shared Source Initiative” is food for the dogs ( with all respect for the real animals … )
----- Original Message -----
From: yatindra vaishnav
To: Windows System Software Devs Interest List
Sent: Friday, February 13, 2004 1:19 AM
Subject: [ntdev] MS Code leaked…
Hi All,
Just look at this site…
http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109&tid=187
Good Luck,
Yogi<
Think Marriage! Think BharatMatrimony.com —
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@compaqnet.be
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hey! All,
It was just an informative note not more than that. So, shud not take further any more.
Good Luck,
Yogi<
From: “Christiaan Ghijselinck”
>Reply-To: “Windows System Software Devs Interest List”
>To: “Windows System Software Devs Interest List”
>Subject: Re: [ntdev] MS Code leaked…
>Date: Fri, 13 Feb 2004 15:10:24 +0100
>
>
>What did you expect … A “Shared Source Initiative” is food for the dogs ( with all respect for the real animals … )
>
>
> ----- Original Message -----
> From: yatindra vaishnav
> To: Windows System Software Devs Interest List
> Sent: Friday, February 13, 2004 1:19 AM
> Subject: [ntdev] MS Code leaked…
>
>
> Hi All,
>
> Just look at this site…
>
> http://slashdot.org/articles/04/02/12/2114228.shtml?tid=109&tid=187
>
> Good Luck,
>
> >Yogi<
>
>
>
>------------------------------------------------------------------------------
> Think Marriage! Think BharatMatrimony.com —
> Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@compaqnet.be
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>—
>Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
Easiest Money Transfer to India. Send Money To 6000 Indian Towns. Easiest Way To Send Money Home!
Andrey:
I guess if you’re a moron and/or thief you DO need to disassemble anything
that comes your way. Linux bozos like you should be kicked off this list.
Bill Casey
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
Sent: Friday, February 13, 2004 12:07 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] MS Code leaked…This is a known fact that writing something non-trivial for modern complex
OS is extremely tricky process because most of the time will be spent
DISASSEMBLING operating system code (thanks for IDA and symbols)
and trying
to figure out what WAS in comments in original sources that we will never
have a chance to see unless we belongs to some list of chosen. For NT as
well as for Linux it’s impossible to simply use provided interfaces w/o
knowing what happens inside or how they interact with each other. Sure now
DDK has a perfect documentation, but any one who wrote i.e. their own
replacement for scsiport or at least one filesystem driver will agree that
driver will be much more stable, cheaper and made faster if particular
problem could be solved by a simple search through OS source.Unfortunately MS leave the chance to WRITE drivers for their own
developers… and some others… and what the rest of the world
should do is
to HACK nice operating system trying to improve it with our products.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as: xxxxx@virtualscsi.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
And how many days do you think you’ll last as a Windows filesystem
filter developer without ever once digging into kernel DDI’s with WinDbg
and a copy of the Intel IA32 Reference Manual? My previous employer is
looking for a NT filter dev right now; how about we make a bet? They’ll
give you a couple of nasty NTFS/EFS/filter interaction bugs to fix, and
you’ll fix them without stepping into a kernel DDI. Up for it?
Bill Casey wrote:
Andrey:
I guess if you’re a moron and/or thief you DO need to disassemble anything
that comes your way. Linux bozos like you should be kicked off this list.Bill Casey
>-----Original Message-----
>From: xxxxx@lists.osr.com
>[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
>Sent: Friday, February 13, 2004 12:07 AM
>To: Windows System Software Devs Interest List
>Subject: Re:[ntdev] MS Code leaked…
>
>
>
>This is a known fact that writing something non-trivial for modern complex
>OS is extremely tricky process because most of the time will be spent
>DISASSEMBLING operating system code (thanks for IDA and symbols)
>and trying
>to figure out what WAS in comments in original sources that we will never
>have a chance to see unless we belongs to some list of chosen. For NT as
>well as for Linux it’s impossible to simply use provided interfaces w/o
>knowing what happens inside or how they interact with each other. Sure now
>DDK has a perfect documentation, but any one who wrote i.e. their own
>replacement for scsiport or at least one filesystem driver will agree that
>driver will be much more stable, cheaper and made faster if particular
>problem could be solved by a simple search through OS source.
>
>Unfortunately MS leave the chance to WRITE drivers for their own
>developers… and some others… and what the rest of the world
>should do is
>to HACK nice operating system trying to improve it with our products.
>
>
>
>
>—
>Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@virtualscsi.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
>
–
- Nick Ryan
- Microsoft MVP for DDK
I personally consider this leak as a Good Thing, and will not be despiseful
enough to use the leaked code if I will get my hands on it. Anyway I did the NT
kernel code reverse-engineering for years to help myself and the community
developing drivers.
Anyway this leak will not harm MS financially in any way. In absolutely any
way. Windows competitors use absolutely other technological base and so cannot
benefit from the leak.
So, the only consequence of the leak is - improving the working conditions
for programmers working for Windows platform (which is GOOD for Microsoft in
the end).
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “Nick Ryan”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Saturday, February 14, 2004 12:21 PM
Subject: Re:[ntdev] MS Code leaked…
> And how many days do you think you’ll last as a Windows filesystem
> filter developer without ever once digging into kernel DDI’s with WinDbg
> and a copy of the Intel IA32 Reference Manual? My previous employer is
> looking for a NT filter dev right now; how about we make a bet? They’ll
> give you a couple of nasty NTFS/EFS/filter interaction bugs to fix, and
> you’ll fix them without stepping into a kernel DDI. Up for it?
>
> Bill Casey wrote:
> > Andrey:
> > I guess if you’re a moron and/or thief you DO need to disassemble anything
> > that comes your way. Linux bozos like you should be kicked off this list.
> >
> > Bill Casey
> >
> >
> >
> >>-----Original Message-----
> >>From: xxxxx@lists.osr.com
> >>[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
> >>Sent: Friday, February 13, 2004 12:07 AM
> >>To: Windows System Software Devs Interest List
> >>Subject: Re:[ntdev] MS Code leaked…
> >>
> >>
> >>
> >>This is a known fact that writing something non-trivial for modern complex
> >>OS is extremely tricky process because most of the time will be spent
> >>DISASSEMBLING operating system code (thanks for IDA and symbols)
> >>and trying
> >>to figure out what WAS in comments in original sources that we will never
> >>have a chance to see unless we belongs to some list of chosen. For NT as
> >>well as for Linux it’s impossible to simply use provided interfaces w/o
> >>knowing what happens inside or how they interact with each other. Sure now
> >>DDK has a perfect documentation, but any one who wrote i.e. their own
> >>replacement for scsiport or at least one filesystem driver will agree that
> >>driver will be much more stable, cheaper and made faster if particular
> >>problem could be solved by a simple search through OS source.
> >>
> >>Unfortunately MS leave the chance to WRITE drivers for their own
> >>developers… and some others… and what the rest of the world
> >>should do is
> >>to HACK nice operating system trying to improve it with our products.
> >>
> >>
> >>
> >>
> >>—
> >>Questions? First check the Kernel Driver FAQ at
> >>http://www.osronline.com/article.cfm?id=256
> >>
> >>You are currently subscribed to ntdev as: xxxxx@virtualscsi.com
> >>To unsubscribe send a blank email to xxxxx@lists.osr.com
> >>
> >
> >
> >
>
> –
> - Nick Ryan
> - Microsoft MVP for DDK
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
I agree with max. Whatever is required to acomplish a task in lack of resources we need to find the way to overcome that. We are not using that code of MS in our code, we just want to understand the internal mechanism that is it.
YOGI
From: “Maxim S. Shatskih”
>Reply-To: “Windows System Software Devs Interest List”
>To: “Windows System Software Devs Interest List”
>Subject: Re: Re:[ntdev] MS Code leaked…
>Date: Sat, 14 Feb 2004 22:14:08 +0300
>
> I personally consider this leak as a Good Thing, and will not be despiseful
>enough to use the leaked code if I will get my hands on it. Anyway I did the NT
>kernel code reverse-engineering for years to help myself and the community
>developing drivers.
>
> Anyway this leak will not harm MS financially in any way. In absolutely any
>way. Windows competitors use absolutely other technological base and so cannot
>benefit from the leak.
>
> So, the only consequence of the leak is - improving the working conditions
>for programmers working for Windows platform (which is GOOD for Microsoft in
>the end).
>
>Maxim Shatskih, Windows DDK MVP
>StorageCraft Corporation
>xxxxx@storagecraft.com
>http://www.storagecraft.com
>
>----- Original Message -----
>From: “Nick Ryan”
>Newsgroups: ntdev
>To: “Windows System Software Devs Interest List”
>Sent: Saturday, February 14, 2004 12:21 PM
>Subject: Re:[ntdev] MS Code leaked…
>
>
> > And how many days do you think you’ll last as a Windows filesystem
> > filter developer without ever once digging into kernel DDI’s with WinDbg
> > and a copy of the Intel IA32 Reference Manual? My previous employer is
> > looking for a NT filter dev right now; how about we make a bet? They’ll
> > give you a couple of nasty NTFS/EFS/filter interaction bugs to fix, and
> > you’ll fix them without stepping into a kernel DDI. Up for it?
> >
> > Bill Casey wrote:
> > > Andrey:
> > > I guess if you’re a moron and/or thief you DO need to disassemble anything
> > > that comes your way. Linux bozos like you should be kicked off this list.
> > >
> > > Bill Casey
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: xxxxx@lists.osr.com
> > >>[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
> > >>Sent: Friday, February 13, 2004 12:07 AM
> > >>To: Windows System Software Devs Interest List
> > >>Subject: Re:[ntdev] MS Code leaked…
> > >>
> > >>
> > >>
> > >>This is a known fact that writing something non-trivial for modern complex
> > >>OS is extremely tricky process because most of the time will be spent
> > >>DISASSEMBLING operating system code (thanks for IDA and symbols)
> > >>and trying
> > >>to figure out what WAS in comments in original sources that we will never
> > >>have a chance to see unless we belongs to some list of chosen. For NT as
> > >>well as for Linux it’s impossible to simply use provided interfaces w/o
> > >>knowing what happens inside or how they interact with each other. Sure now
> > >>DDK has a perfect documentation, but any one who wrote i.e. their own
> > >>replacement for scsiport or at least one filesystem driver will agree that
> > >>driver will be much more stable, cheaper and made faster if particular
> > >>problem could be solved by a simple search through OS source.
> > >>
> > >>Unfortunately MS leave the chance to WRITE drivers for their own
> > >>developers… and some others… and what the rest of the world
> > >>should do is
> > >>to HACK nice operating system trying to improve it with our products.
> > >>
> > >>
> > >>
> > >>
> > >>—
> > >>Questions? First check the Kernel Driver FAQ at
> > >>http://www.osronline.com/article.cfm?id=256
> > >>
> > >>You are currently subscribed to ntdev as: xxxxx@virtualscsi.com
> > >>To unsubscribe send a blank email to xxxxx@lists.osr.com
> > >>
> > >
> > >
> > >
> >
> > –
> > - Nick Ryan
> > - Microsoft MVP for DDK
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>—
>Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
Post Classifieds on MSN classifieds. Buy and Sell on MSN Classifieds.
Well, since some of the top guns are already contributing to this, why not
me then !
I’ve read quite a few articles on it, based on whatever comes over the
internet …
Personal view:: I’ve no objection using open source. But I’ve every
objection on Leaked source. It is very dubious and difficult to
prove whether it is been wacked/hacked away to put in the internet, or it
was intentionall. But on both account, it is not what
MS officials wanted to do willingling, and that is why they were
investigating, and obviously putting money for all these investigation.
But then also it all depends on what was exposed, and how valuable to the
developers ( and by default white-hatters). On the other hand,
how useful could it be to the Black-hatters. If it is very very useful, then
I’m not sure what side I would want to take. I could turn into a
Black-hatter. Then what ?. MS could/would change the OS code if they think
they need to, and that would be derived from the delegence of
Black-hatter with significant amount of code availability… So me as a
white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE MY
EXPERTISE anyway (even after having access to the gold-pot). And me as a
Black-hatter, would possibly have only the hat w/o head. So I will be
looser eitherway. Hence, I dont find much reason to believe that Leaking is
good. Open source is really a different topic altogether. You submit the
code
to open, and it is more like showing your One-way hash algorithm along with
hashed key. Having both of them would not be of much use to adversaries to
find the value passed into hash ( pass-word etc).
Learning the internals has an obvious advantage, but that also need many yrs
of work, and that’s what some people are paid for. Even with massive code
base
being open would require quite a bit of time to become expert, but the
Black-hatter(s) are sometime far more determined to hack the hell out, and
make a massacare. Lot of time I hear Linux might have a better security,
well we never had the test bed where almost all the desktops are Linux
based, then we will know how robust it is, the source code is free, and I
bet my life that we would not be able to do anything to prevent massive
hacks. Some govt. are going for Linux because they are affraid of Windows
backdoors. Sure that is the right first step, but there are million more
steps ahead of them, and they will not dare to put those systems out on the
open for anyone’s access, they just want to make sure they have the control.
And rightly so, that’s their decison, but lot lot more is there to get
their sytem(s) secured.
I do reverse engineering whenever needed and in my earlier days with Win32
based OS, I was specially debugging lot of internal stuff written by others,
often it was
quite painful to look thru just assembler code(s), lot of time even modules
were not mapped correctly so 4 hours of illusion(s) was totally wrong etc.,
etc. Sure source could have been a little help, if available. But it is far
more important to me that the base code is safe and sound for many many
people. It is being used every where. Yesterday I was in an hospital for my
kids Nasal adenoid surgery, and it is surprising that how NT family of
system(s) being used, almost like a pencil to an office, what if some of
these systems are hacked, I dont think I would be able to pardon me for my
thinking that Leaked code is good, so that I can be an expert on NT.
It is a hard challenge, as far as I can streach my imagination. Middle-age
lecturing, even my kids get tired of it once in a while :-).
-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of yatindra v aishnav
Sent: Saturday, February 14, 2004 3:56 PM
To: Windows System Software Devs Interest List
Subject: Re: Re:[ntdev] MS Code leaked…
I agree with max. Whatever is required to acomplish a task in lack of
resources we need to find the way to overcome that. We are not using that
code of MS in our code, we just want to understand the internal mechanism
that is it.
YOGI
From: “Maxim S. Shatskih”
>Reply-To: “Windows System Software Devs Interest List”
>To: “Windows System Software Devs Interest List”
>Subject: Re: Re:[ntdev] MS Code leaked…
>Date: Sat, 14 Feb 2004 22:14:08 +0300
>
> I personally consider this leak as a Good Thing, and will not be
despiseful
>enough to use the leaked code if I will get my hands on it. Anyway I did
the NT
>kernel code reverse-engineering for years to help myself and the
community
>developing drivers.
>
> Anyway this leak will not harm MS financially in any way. In
absolutely any
>way. Windows competitors use absolutely other technological base and so
cannot
>benefit from the leak.
>
> So, the only consequence of the leak is - improving the working
conditions
>for programmers working for Windows platform (which is GOOD for Microsoft
in
>the end).
>
>Maxim Shatskih, Windows DDK MVP
>StorageCraft Corporation
>xxxxx@storagecraft.com
>http://www.storagecraft.com
>
>----- Original Message -----
>From: “Nick Ryan”
>Newsgroups: ntdev
>To: “Windows System Software Devs Interest List”
>Sent: Saturday, February 14, 2004 12:21 PM
>Subject: Re:[ntdev] MS Code leaked…
>
>
> > And how many days do you think you’ll last as a Windows filesystem
> > filter developer without ever once digging into kernel DDI’s with
WinDbg
> > and a copy of the Intel IA32 Reference Manual? My previous employer is
> > looking for a NT filter dev right now; how about we make a bet?
They’ll
> > give you a couple of nasty NTFS/EFS/filter interaction bugs to fix,
and
> > you’ll fix them without stepping into a kernel DDI. Up for it?
> >
> > Bill Casey wrote:
> > > Andrey:
> > > I guess if you’re a moron and/or thief you DO need to disassemble
anything
> > > that comes your way. Linux bozos like you should be kicked off this
list.
> > >
> > > Bill Casey
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: xxxxx@lists.osr.com
> > >>[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
> > >>Sent: Friday, February 13, 2004 12:07 AM
> > >>To: Windows System Software Devs Interest List
> > >>Subject: Re:[ntdev] MS Code leaked…
> > >>
> > >>
> > >>
> > >>This is a known fact that writing something non-trivial for modern
complex
> > >>OS is extremely tricky process because most of the time will be
spent
> > >>DISASSEMBLING operating system code (thanks for IDA and symbols)
> > >>and trying
> > >>to figure out what WAS in comments in original sources that we will
never
> > >>have a chance to see unless we belongs to some list of chosen. For
NT as
> > >>well as for Linux it’s impossible to simply use provided interfaces
w/o
> > >>knowing what happens inside or how they interact with each other.
Sure now
> > >>DDK has a perfect documentation, but any one who wrote i.e. their
own
> > >>replacement for scsiport or at least one filesystem driver will
agree that
> > >>driver will be much more stable, cheaper and made faster if
particular
> > >>problem could be solved by a simple search through OS source.
> > >>
> > >>Unfortunately MS leave the chance to WRITE drivers for their own
> > >>developers… and some others… and what the rest of the world
> > >>should do is
> > >>to HACK nice operating system trying to improve it with our
products.
> > >>
> > >>
> > >>
> > >>
> > >>—
> > >>Questions? First check the Kernel Driver FAQ at
> > >>http://www.osronline.com/article.cfm?id=256
> > >>
> > >>You are currently subscribed to ntdev as: xxxxx@virtualscsi.com
> > >>To unsubscribe send a blank email to
xxxxx@lists.osr.com
> > >>
> > >
> > >
> > >
> >
> > –
> > - Nick Ryan
> > - Microsoft MVP for DDK
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>—
>Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
–
Post Classifieds on MSN classifieds. Buy and Sell on MSN Classifieds. —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
That makes three people whose work, as expressed on this list, I
respect, who have come out admitting that they regularly reverse
engineer pieces of Windows. Not fly-by-night newbie developers, either
- MVPs - people who Microsoft has publicly thanked for being good
third-party representatives of their comapny. People who Microsoft has
called out as role models.
This is a serious question (not at all meant to be a flamebait): do you
honestly believe that you’re not violating the EULA by
reverse-engineering Windows?
This area seems to represesnt a significant mismatch between written
rules and common practice. I’d really like to hear from Microsoft that
this practice is OK, given (as pointed out) that it’s almost a
requirement for nontrivial driver work.
I don’t see how it would hurt Microsoft to formally approve this sort of
thing either, but maybe I’m just a naive programmer. Some clarity in
one direction or another would be appreciated, though.
Microsoft: can we get a formal statement of position?
Sorry for contributing to an OT…
-sd
On Sat, 2004-02-14 at 20:18, Prokash Sinha wrote:
Well, since some of the top guns are already contributing to this, why
not me then !I’ve read quite a few articles on it, based on whatever comes over the
internet …Personal view:: I’ve no objection using open source. But I’ve every
objection on Leaked source. It is very dubious and difficult to
prove whether it is been wacked/hacked away to put in the internet, or
it was intentionall. But on both account, it is not what
MS officials wanted to do willingling, and that is why they were
investigating, and obviously putting money for all these
investigation.But then also it all depends on what was exposed, and how valuable to
the developers ( and by default white-hatters). On the other hand,
how useful could it be to the Black-hatters. If it is very very
useful, then I’m not sure what side I would want to take. I could turn
into a
Black-hatter. Then what ?. MS could/would change the OS code if they
think they need to, and that would be derived from the delegence of
Black-hatter with significant amount of code availability… So me as
a white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE MY
EXPERTISE anyway (even after having access to the gold-pot). And me as
a Black-hatter, would possibly have only the hat w/o head. So I will
be
looser eitherway. Hence, I dont find much reason to believe that
Leaking is good. Open source is really a different topic altogether.
You submit the code
to open, and it is more like showing your One-way hash algorithm along
with hashed key. Having both of them would not be of much use to
adversaries to
find the value passed into hash ( pass-word etc).Learning the internals has an obvious advantage, but that also need
many yrs of work, and that’s what some people are paid for. Even with
massive code base
being open would require quite a bit of time to become expert, but the
Black-hatter(s) are sometime far more determined to hack the hell out,
and make a massacare. Lot of time I hear Linux might have a better
security, well we never had the test bed where almost all the desktops
are Linux based, then we will know how robust it is, the source code
is free, and I bet my life that we would not be able to do anything to
prevent massive hacks. Some govt. are going for Linux because they are
affraid of Windows backdoors. Sure that is the right first step, but
there are million more steps ahead of them, and they will not dare to
put those systems out on the open for anyone’s access, they just want
to make sure they have the control. And rightly so, that’s their
decison, but lot lot more is there to get
their sytem(s) secured.I do reverse engineering whenever needed and in my earlier days with
Win32 based OS, I was specially debugging lot of internal stuff
written by others, often it was
quite painful to look thru just assembler code(s), lot of time even
modules were not mapped correctly so 4 hours of illusion(s) was
totally wrong etc., etc. Sure source could have been a little help, if
available. But it is far more important to me that the base code is
safe and sound for many many people. It is being used every where.
Yesterday I was in an hospital for my kids Nasal adenoid surgery, and
it is surprising that how NT family of system(s) being used, almost
like a pencil to an office, what if some of these systems are hacked,
I dont think I would be able to pardon me for my thinking that Leaked
code is good, so that I can be an expert on NT.It is a hard challenge, as far as I can streach my imagination.
Middle-age lecturing, even my kids get tired of it once in a while
:-).-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of
yatindra v aishnav
Sent: Saturday, February 14, 2004 3:56 PM
To: Windows System Software Devs Interest List
Subject: Re: Re:[ntdev] MS Code leaked…I agree with max. Whatever is required to acomplish a task in
lack of resources we need to find the way to overcome that. We
are not using that code of MS in our code, we just want to
understand the internal mechanism that is it.YOGI
>From: “Maxim S. Shatskih”
>Reply-To: “Windows System Software Devs Interest List”
>To: “Windows System Software Devs Interest List”
>Subject: Re: Re:[ntdev] MS Code leaked…
>Date: Sat, 14 Feb 2004 22:14:08 +0300
>
> I personally consider this leak as a Good Thing, and
will not be despiseful
>enough to use the leaked code if I will get my hands on it.
Anyway I did the NT
>kernel code reverse-engineering for years to help myself and
the community
>developing drivers.
>
> Anyway this leak will not harm MS financially in any
way. In absolutely any
>way. Windows competitors use absolutely other technological
base and so cannot
>benefit from the leak.
>
> So, the only consequence of the leak is - improving the
working conditions
>for programmers working for Windows platform (which is GOOD
for Microsoft in
>the end).
>
>Maxim Shatskih, Windows DDK MVP
>StorageCraft Corporation
>xxxxx@storagecraft.com
>http://www.storagecraft.com
>
>----- Original Message -----
>From: “Nick Ryan”
>Newsgroups: ntdev
>To: “Windows System Software Devs Interest List”
>Sent: Saturday, February 14, 2004 12:21 PM
>Subject: Re:[ntdev] MS Code leaked…
>
>
> > And how many days do you think you’ll last as a Windows
filesystem
> > filter developer without ever once digging into kernel
DDI’s with WinDbg
> > and a copy of the Intel IA32 Reference Manual? My previous
employer is
> > looking for a NT filter dev right now; how about we make a
bet? They’ll
> > give you a couple of nasty NTFS/EFS/filter interaction
bugs to fix, and
> > you’ll fix them without stepping into a kernel DDI. Up for
it?
> >
> > Bill Casey wrote:
> > > Andrey:
> > > I guess if you’re a moron and/or thief you DO need to
disassemble anything
> > > that comes your way. Linux bozos like you should be
kicked off this list.
> > >
> > > Bill Casey
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: xxxxx@lists.osr.com
> > >>[mailto:xxxxx@lists.osr.com]On Behalf Of
Andrey Shedel
> > >>Sent: Friday, February 13, 2004 12:07 AM
> > >>To: Windows System Software Devs Interest List
> > >>Subject: Re:[ntdev] MS Code leaked…
> > >>
> > >>
> > >>
> > >>This is a known fact that writing something non-trivial
for modern complex
> > >>OS is extremely tricky process because most of the time
will be spent
> > >>DISASSEMBLING operating system code (thanks for IDA and
symbols)
> > >>and trying
> > >>to figure out what WAS in comments in original sources
that we will never
> > >>have a chance to see unless we belongs to some list of
chosen. For NT as
> > >>well as for Linux it’s impossible to simply use provided
interfaces w/o
> > >>knowing what happens inside or how they interact with
each other. Sure now
> > >>DDK has a perfect documentation, but any one who wrote
i.e. their own
> > >>replacement for scsiport or at least one filesystem
driver will agree that
> > >>driver will be much more stable, cheaper and made faster
if particular
> > >>problem could be solved by a simple search through OS
source.
> > >>
> > >>Unfortunately MS leave the chance to WRITE drivers for
their own
> > >>developers… and some others… and what the rest of
the world
> > >>should do is
> > >>to HACK nice operating system trying to improve it with
our products.
> > >>
> > >>
> > >>
> > >>
> > >>—
> > >>Questions? First check the Kernel Driver FAQ at
> > >>http://www.osronline.com/article.cfm?id=256
> > >>
> > >>You are currently subscribed to ntdev as:
xxxxx@virtualscsi.com
> > >>To unsubscribe send a blank email to
xxxxx@lists.osr.com
> > >>
> > >
> > >
> > >
> >
> > –
> > - Nick Ryan
> > - Microsoft MVP for DDK
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
xxxxx@storagecraft.com
> > To unsubscribe send a blank email to
xxxxx@lists.osr.com
>
>
>—
>Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to
xxxxx@lists.osr.com
Post Classifieds on MSN classifieds. Buy and Sell on MSN
Classifieds. —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to
xxxxx@lists.osr.comQuestions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as:
xxxxx@positivenetworks.net
To unsubscribe send a blank email to xxxxx@lists.osr.com
In the absence of having source code for debugging, it’s often the path
of least resistance to step into someone else’s (e.g. Microsoft’s)
function to figure out why you’re having trouble with it. Does this
qualify as “reverse engineering”? And if the source code was available
to begin with – for debugging purposes only, mind you – this wouldn’t
be necessary. An example that comes to mind is MFC, which I admit to
having used on several occasions. If the source wasn’t available for
debugging, I would have given up in frustration early on due to the
number of issues I encountered with MFC. Did providing the source code
hurt Microsoft or MFC in any way? No. In fact it probably helped quite
a bit, since developers like me could figure out what the problem was
and overcome it more easily than if they didn’t have access to the
source code. Did I use my knowledge of MFC internals to make better
Windows products? Yes. Did I steal portions of the MFC to make a
competing product? No. Did someone else steal MFC code? Perhaps
(though personally I never found the MFC code worth stealing). If so,
did it hurt Microsoft?
Chuck
----- Original Message -----
From: “Steve Dispensa”
To: “Windows System Software Devs Interest List”
Sent: Sunday, February 15, 2004 12:26 PM
Subject: RE: Re:[ntdev] MS Code leaked…
> That makes three people whose work, as expressed on this list, I
> respect, who have come out admitting that they regularly reverse
> engineer pieces of Windows. Not fly-by-night newbie developers,
either
> - MVPs - people who Microsoft has publicly thanked for being good
> third-party representatives of their comapny. People who Microsoft
has
> called out as role models.
>
> This is a serious question (not at all meant to be a flamebait): do
you
> honestly believe that you’re not violating the EULA by
> reverse-engineering Windows?
>
> This area seems to represesnt a significant mismatch between written
> rules and common practice. I’d really like to hear from Microsoft
that
> this practice is OK, given (as pointed out) that it’s almost a
> requirement for nontrivial driver work.
>
> I don’t see how it would hurt Microsoft to formally approve this sort
of
> thing either, but maybe I’m just a naive programmer. Some clarity in
> one direction or another would be appreciated, though.
>
> Microsoft: can we get a formal statement of position?
>
> Sorry for contributing to an OT…
>
> -sd
>
> On Sat, 2004-02-14 at 20:18, Prokash Sinha wrote:
> > Well, since some of the top guns are already contributing to this,
why
> > not me then !
> >
> > I’ve read quite a few articles on it, based on whatever comes over
the
> > internet …
> >
> > Personal view:: I’ve no objection using open source. But I’ve every
> > objection on Leaked source. It is very dubious and difficult to
> > prove whether it is been wacked/hacked away to put in the internet,
or
> > it was intentionall. But on both account, it is not what
> > MS officials wanted to do willingling, and that is why they were
> > investigating, and obviously putting money for all these
> > investigation.
> >
> > But then also it all depends on what was exposed, and how valuable
to
> > the developers ( and by default white-hatters). On the other hand,
> > how useful could it be to the Black-hatters. If it is very very
> > useful, then I’m not sure what side I would want to take. I could
turn
> > into a
> > Black-hatter. Then what ?. MS could/would change the OS code if they
> > think they need to, and that would be derived from the delegence of
> > Black-hatter with significant amount of code availability… So me
as
> > a white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE MY
> > EXPERTISE anyway (even after having access to the gold-pot). And me
as
> > a Black-hatter, would possibly have only the hat w/o head. So I will
> > be
> > looser eitherway. Hence, I dont find much reason to believe that
> > Leaking is good. Open source is really a different topic altogether.
> > You submit the code
> > to open, and it is more like showing your One-way hash algorithm
along
> > with hashed key. Having both of them would not be of much use to
> > adversaries to
> > find the value passed into hash ( pass-word etc).
> >
> > Learning the internals has an obvious advantage, but that also need
> > many yrs of work, and that’s what some people are paid for. Even
with
> > massive code base
> > being open would require quite a bit of time to become expert, but
the
> > Black-hatter(s) are sometime far more determined to hack the hell
out,
> > and make a massacare. Lot of time I hear Linux might have a better
> > security, well we never had the test bed where almost all the
desktops
> > are Linux based, then we will know how robust it is, the source code
> > is free, and I bet my life that we would not be able to do anything
to
> > prevent massive hacks. Some govt. are going for Linux because they
are
> > affraid of Windows backdoors. Sure that is the right first step, but
> > there are million more steps ahead of them, and they will not dare
to
> > put those systems out on the open for anyone’s access, they just
want
> > to make sure they have the control. And rightly so, that’s their
> > decison, but lot lot more is there to get
> > their sytem(s) secured.
> >
> > I do reverse engineering whenever needed and in my earlier days with
> > Win32 based OS, I was specially debugging lot of internal stuff
> > written by others, often it was
> > quite painful to look thru just assembler code(s), lot of time even
> > modules were not mapped correctly so 4 hours of illusion(s) was
> > totally wrong etc., etc. Sure source could have been a little help,
if
> > available. But it is far more important to me that the base code is
> > safe and sound for many many people. It is being used every where.
> > Yesterday I was in an hospital for my kids Nasal adenoid surgery,
and
> > it is surprising that how NT family of system(s) being used, almost
> > like a pencil to an office, what if some of these systems are
hacked,
> > I dont think I would be able to pardon me for my thinking that
Leaked
> > code is good, so that I can be an expert on NT.
> >
> > It is a hard challenge, as far as I can streach my imagination.
> > Middle-age lecturing, even my kids get tired of it once in a while
> > :-).
> >
> > -prokash
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com]On Behalf Of
> > yatindra v aishnav
> > Sent: Saturday, February 14, 2004 3:56 PM
> > To: Windows System Software Devs Interest List
> > Subject: Re: Re:[ntdev] MS Code leaked…
> >
> >
> >
> >
> >
> > I agree with max. Whatever is required to acomplish a task
in
> > lack of resources we need to find the way to overcome that.
We
> > are not using that code of MS in our code, we just want to
> > understand the internal mechanism that is it.
> >
> >
> > YOGI
> >
> >
> >
> > >From: “Maxim S. Shatskih”
> > >Reply-To: “Windows System Software Devs Interest List”
> > >To: “Windows System Software Devs Interest List”
> > >Subject: Re: Re:[ntdev] MS Code leaked…
> > >Date: Sat, 14 Feb 2004 22:14:08 +0300
> > >
> > > I personally consider this leak as a Good Thing, and
> > will not be despiseful
> > >enough to use the leaked code if I will get my hands on it.
> > Anyway I did the NT
> > >kernel code reverse-engineering for years to help myself
and
> > the community
> > >developing drivers.
> > >
> > > Anyway this leak will not harm MS financially in any
> > way. In absolutely any
> > >way. Windows competitors use absolutely other technological
> > base and so cannot
> > >benefit from the leak.
> > >
> > > So, the only consequence of the leak is - improving
the
> > working conditions
> > >for programmers working for Windows platform (which is GOOD
> > for Microsoft in
> > >the end).
> > >
> > >Maxim Shatskih, Windows DDK MVP
> > >StorageCraft Corporation
> > >xxxxx@storagecraft.com
> > >http://www.storagecraft.com
> > >
> > >----- Original Message -----
> > >From: “Nick Ryan”
> > >Newsgroups: ntdev
> > >To: “Windows System Software Devs Interest List”
> > >Sent: Saturday, February 14, 2004 12:21 PM
> > >Subject: Re:[ntdev] MS Code leaked…
> > >
> > >
> > > > And how many days do you think you’ll last as a Windows
> > filesystem
> > > > filter developer without ever once digging into kernel
> > DDI’s with WinDbg
> > > > and a copy of the Intel IA32 Reference Manual? My
previous
> > employer is
> > > > looking for a NT filter dev right now; how about we make
a
> > bet? They’ll
> > > > give you a couple of nasty NTFS/EFS/filter interaction
> > bugs to fix, and
> > > > you’ll fix them without stepping into a kernel DDI. Up
for
> > it?
> > > >
> > > > Bill Casey wrote:
> > > > > Andrey:
> > > > > I guess if you’re a moron and/or thief you DO need to
> > disassemble anything
> > > > > that comes your way. Linux bozos like you should be
> > kicked off this list.
> > > > >
> > > > > Bill Casey
> > > > >
> > > > >
> > > > >
> > > > >>-----Original Message-----
> > > > >>From: xxxxx@lists.osr.com
> > > > >>[mailto:xxxxx@lists.osr.com]On Behalf Of
> > Andrey Shedel
> > > > >>Sent: Friday, February 13, 2004 12:07 AM
> > > > >>To: Windows System Software Devs Interest List
> > > > >>Subject: Re:[ntdev] MS Code leaked…
> > > > >>
> > > > >>
> > > > >>
> > > > >>This is a known fact that writing something
non-trivial
> > for modern complex
> > > > >>OS is extremely tricky process because most of the
time
> > will be spent
> > > > >>DISASSEMBLING operating system code (thanks for IDA
and
> > symbols)
> > > > >>and trying
> > > > >>to figure out what WAS in comments in original sources
> > that we will never
> > > > >>have a chance to see unless we belongs to some list of
> > chosen. For NT as
> > > > >>well as for Linux it’s impossible to simply use
provided
> > interfaces w/o
> > > > >>knowing what happens inside or how they interact with
> > each other. Sure now
> > > > >>DDK has a perfect documentation, but any one who wrote
> > i.e. their own
> > > > >>replacement for scsiport or at least one filesystem
> > driver will agree that
> > > > >>driver will be much more stable, cheaper and made
faster
> > if particular
> > > > >>problem could be solved by a simple search through OS
> > source.
> > > > >>
> > > > >>Unfortunately MS leave the chance to WRITE drivers for
> > their own
> > > > >>developers… and some others… and what the rest of
> > the world
> > > > >>should do is
> > > > >>to HACK nice operating system trying to improve it
with
> > our products.
> > > > >>
> > > > >>
> > > > >>
> > > > >>
> > > > >>—
> > > > >>Questions? First check the Kernel Driver FAQ at
> > > > >>http://www.osronline.com/article.cfm?id=256
> > > > >>
> > > > >>You are currently subscribed to ntdev as:
> > xxxxx@virtualscsi.com
> > > > >>To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > > > >>
> > > > >
> > > > >
> > > > >
> > > >
> > > > –
> > > > - Nick Ryan
> > > > - Microsoft MVP for DDK
> > > >
> > > > —
> > > > Questions? First check the Kernel Driver FAQ at
> > >http://www.osronline.com/article.cfm?id=256
> > > >
> > > > You are currently subscribed to ntdev as:
> > xxxxx@storagecraft.com
> > > > To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > >
> > >
> > >—
> > >Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> > >
> > >You are currently subscribed to ntdev as:
xxxxx@hotmail.com
> > >To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> >
> >
______________________________________________________________
> > Post Classifieds on MSN classifieds. Buy and Sell on MSN
> > Classifieds. —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@garlic.com
> > To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
> > xxxxx@positivenetworks.net
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@cbatson.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
MS knows where it came from. It was only a small portion. Who cares? Bosse
stole my code and GPL’d it under his name. It is a tough world out there. Is
anyone going to use it to write a competing OS? I doubt it!
Jamey
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Prokash Sinha
Sent: Saturday, February 14, 2004 6:19 PM
To: Windows System Software Devs Interest List
Subject: RE: Re:[ntdev] MS Code leaked…
Well, since some of the top guns are already contributing to this, why not
me then !
I’ve read quite a few articles on it, based on whatever comes over the
internet …
Personal view:: I’ve no objection using open source. But I’ve every
objection on Leaked source. It is very dubious and difficult to
prove whether it is been wacked/hacked away to put in the internet, or it
was intentionall. But on both account, it is not what
MS officials wanted to do willingling, and that is why they were
investigating, and obviously putting money for all these investigation.
But then also it all depends on what was exposed, and how valuable to the
developers ( and by default white-hatters). On the other hand,
how useful could it be to the Black-hatters. If it is very very useful, then
I’m not sure what side I would want to take. I could turn into a
Black-hatter. Then what ?. MS could/would change the OS code if they think
they need to, and that would be derived from the delegence of
Black-hatter with significant amount of code availability… So me as a
white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE MY
EXPERTISE anyway (even after having access to the gold-pot). And me as a
Black-hatter, would possibly have only the hat w/o head. So I will be
looser eitherway. Hence, I dont find much reason to believe that Leaking is
good. Open source is really a different topic altogether. You submit the
code
to open, and it is more like showing your One-way hash algorithm along with
hashed key. Having both of them would not be of much use to adversaries to
find the value passed into hash ( pass-word etc).
Learning the internals has an obvious advantage, but that also need many yrs
of work, and that’s what some people are paid for. Even with massive code
base
being open would require quite a bit of time to become expert, but the
Black-hatter(s) are sometime far more determined to hack the hell out, and
make a massacare. Lot of time I hear Linux might have a better security,
well we never had the test bed where almost all the desktops are Linux
based, then we will know how robust it is, the source code is free, and I
bet my life that we would not be able to do anything to prevent massive
hacks. Some govt. are going for Linux because they are affraid of Windows
backdoors. Sure that is the right first step, but there are million more
steps ahead of them, and they will not dare to put those systems out on the
open for anyone’s access, they just want to make sure they have the control.
And rightly so, that’s their decison, but lot lot more is there to get
their sytem(s) secured.
I do reverse engineering whenever needed and in my earlier days with Win32
based OS, I was specially debugging lot of internal stuff written by others,
often it was
quite painful to look thru just assembler code(s), lot of time even modules
were not mapped correctly so 4 hours of illusion(s) was totally wrong etc.,
etc. Sure source could have been a little help, if available. But it is far
more important to me that the base code is safe and sound for many many
people. It is being used every where. Yesterday I was in an hospital for my
kids Nasal adenoid surgery, and it is surprising that how NT family of
system(s) being used, almost like a pencil to an office, what if some of
these systems are hacked, I dont think I would be able to pardon me for my
thinking that Leaked code is good, so that I can be an expert on NT.
It is a hard challenge, as far as I can streach my imagination. Middle-age
lecturing, even my kids get tired of it once in a while :-).
-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of yatindra v aishnav
Sent: Saturday, February 14, 2004 3:56 PM
To: Windows System Software Devs Interest List
Subject: Re: Re:[ntdev] MS Code leaked…
I agree with max. Whatever is required to acomplish a task in lack of
resources we need to find the way to overcome that. We are not using that
code of MS in our code, we just want to understand the internal mechanism
that is it.
YOGI
From: “Maxim S. Shatskih”
Reply-To: “Windows System Software Devs Interest List”
To: “Windows System Software Devs Interest List”
Subject: Re: Re:[ntdev] MS Code leaked…
Date: Sat, 14 Feb 2004 22:14:08 +0300
I personally consider this leak as a Good Thing, and will not be
despiseful
enough to use the leaked code if I will get my hands on it. Anyway I did
the NT
kernel code reverse-engineering for years to help myself and the community
developing drivers.
Anyway this leak will not harm MS financially in any way. In
absolutely any
way. Windows competitors use absolutely other technological base and so
cannot
benefit from the leak.
So, the only consequence of the leak is - improving the working
conditions
for programmers working for Windows platform (which is GOOD for Microsoft
in
the end).
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
----- Original Message -----
From: “Nick Ryan”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Saturday, February 14, 2004 12:21 PM
Subject: Re:[ntdev] MS Code leaked…
> And how many days do you think you’ll last as a Windows filesystem
> filter developer without ever once digging into kernel DDI’s with WinDbg
> and a copy of the Intel IA32 Reference Manual? My previous employer is
> looking for a NT filter dev right now; how about we make a bet? They’ll
> give you a couple of nasty NTFS/EFS/filter interaction bugs to fix, and
> you’ll fix them without stepping into a kernel DDI. Up for it?
>
> Bill Casey wrote:
> > Andrey:
> > I guess if you’re a moron and/or thief you DO need to disassemble
anything
> > that comes your way. Linux bozos like you should be kicked off this
list.
> >
> > Bill Casey
> >
> >
> >
> >>-----Original Message-----
> >>From: xxxxx@lists.osr.com
> >>[mailto:xxxxx@lists.osr.com]On Behalf Of Andrey Shedel
> >>Sent: Friday, February 13, 2004 12:07 AM
> >>To: Windows System Software Devs Interest List
> >>Subject: Re:[ntdev] MS Code leaked…
> >>
> >>
> >>
> >>This is a known fact that writing something non-trivial for modern
complex
> >>OS is extremely tricky process because most of the time will be spent
> >>DISASSEMBLING operating system code (thanks for IDA and symbols)
> >>and trying
> >>to figure out what WAS in comments in original sources that we will
never
> >>have a chance to see unless we belongs to some list of chosen. For NT
as
> >>well as for Linux it’s impossible to simply use provided interfaces
w/o
> >>knowing what happens inside or how they interact with each other. Sure
now
> >>DDK has a perfect documentation, but any one who wrote i.e. their own
> >>replacement for scsiport or at least one filesystem driver will agree
that
> >>driver will be much more stable, cheaper and made faster if particular
> >>problem could be solved by a simple search through OS source.
> >>
> >>Unfortunately MS leave the chance to WRITE drivers for their own
> >>developers… and some others… and what the rest of the world
> >>should do is
> >>to HACK nice operating system trying to improve it with our products.
> >>
> >>
> >>
> >>
> >>—
> >>Questions? First check the Kernel Driver FAQ at
> >>
> >>You are currently subscribed to ntdev as: xxxxx@virtualscsi.com
> >>To unsubscribe send a blank email to xxxxx@lists.osr.com
> >>
> >
> >
> >
>
> –
> - Nick Ryan
> - Microsoft MVP for DDK
>
> —
> Questions? First check the Kernel Driver FAQ at
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@hotmail.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Post Classifieds on MSN classifieds. Buy and Sell on MSN Classifieds.
http: —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com</http:>
I think the rev.eng statement is applicable to all on this list. Have you
not stepped into the debugger past your code into an OS call and followed it
to find where bad pointer is gets referenced in the OS?
Trust me, our flagship product would have not been possible without seeing
how the OS calls into he FS to mount a volume.
Jamey
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Steve Dispensa
Sent: Saturday, February 14, 2004 9:27 PM
To: Windows System Software Devs Interest List
Subject: RE: Re:[ntdev] MS Code leaked…
That makes three people whose work, as expressed on this list, I
respect, who have come out admitting that they regularly reverse
engineer pieces of Windows. Not fly-by-night newbie developers, either
- MVPs - people who Microsoft has publicly thanked for being good
third-party representatives of their comapny. People who Microsoft has
called out as role models.
This is a serious question (not at all meant to be a flamebait): do you
honestly believe that you’re not violating the EULA by
reverse-engineering Windows?
This area seems to represesnt a significant mismatch between written
rules and common practice. I’d really like to hear from Microsoft that
this practice is OK, given (as pointed out) that it’s almost a
requirement for nontrivial driver work.
I don’t see how it would hurt Microsoft to formally approve this sort of
thing either, but maybe I’m just a naive programmer. Some clarity in
one direction or another would be appreciated, though.
Microsoft: can we get a formal statement of position?
Sorry for contributing to an OT…
-sd
On Sat, 2004-02-14 at 20:18, Prokash Sinha wrote:
Well, since some of the top guns are already contributing to this, why
not me then !I’ve read quite a few articles on it, based on whatever comes over the
internet …Personal view:: I’ve no objection using open source. But I’ve every
objection on Leaked source. It is very dubious and difficult to
prove whether it is been wacked/hacked away to put in the internet, or
it was intentionall. But on both account, it is not what
MS officials wanted to do willingling, and that is why they were
investigating, and obviously putting money for all these
investigation.But then also it all depends on what was exposed, and how valuable to
the developers ( and by default white-hatters). On the other hand,
how useful could it be to the Black-hatters. If it is very very
useful, then I’m not sure what side I would want to take. I could turn
into a
Black-hatter. Then what ?. MS could/would change the OS code if they
think they need to, and that would be derived from the delegence of
Black-hatter with significant amount of code availability… So me as
a white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE MY
EXPERTISE anyway (even after having access to the gold-pot). And me as
a Black-hatter, would possibly have only the hat w/o head. So I will
be
looser eitherway. Hence, I dont find much reason to believe that
Leaking is good. Open source is really a different topic altogether.
You submit the code
to open, and it is more like showing your One-way hash algorithm along
with hashed key. Having both of them would not be of much use to
adversaries to
find the value passed into hash ( pass-word etc).Learning the internals has an obvious advantage, but that also need
many yrs of work, and that’s what some people are paid for. Even with
massive code base
being open would require quite a bit of time to become expert, but the
Black-hatter(s) are sometime far more determined to hack the hell out,
and make a massacare. Lot of time I hear Linux might have a better
security, well we never had the test bed where almost all the desktops
are Linux based, then we will know how robust it is, the source code
is free, and I bet my life that we would not be able to do anything to
prevent massive hacks. Some govt. are going for Linux because they are
affraid of Windows backdoors. Sure that is the right first step, but
there are million more steps ahead of them, and they will not dare to
put those systems out on the open for anyone’s access, they just want
to make sure they have the control. And rightly so, that’s their
decison, but lot lot more is there to get
their sytem(s) secured.I do reverse engineering whenever needed and in my earlier days with
Win32 based OS, I was specially debugging lot of internal stuff
written by others, often it was
quite painful to look thru just assembler code(s), lot of time even
modules were not mapped correctly so 4 hours of illusion(s) was
totally wrong etc., etc. Sure source could have been a little help, if
available. But it is far more important to me that the base code is
safe and sound for many many people. It is being used every where.
Yesterday I was in an hospital for my kids Nasal adenoid surgery, and
it is surprising that how NT family of system(s) being used, almost
like a pencil to an office, what if some of these systems are hacked,
I dont think I would be able to pardon me for my thinking that Leaked
code is good, so that I can be an expert on NT.It is a hard challenge, as far as I can streach my imagination.
Middle-age lecturing, even my kids get tired of it once in a while
:-).-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of
yatindra v aishnav
Sent: Saturday, February 14, 2004 3:56 PM
To: Windows System Software Devs Interest List
Subject: Re: Re:[ntdev] MS Code leaked…I agree with max. Whatever is required to acomplish a task in
lack of resources we need to find the way to overcome that. We
are not using that code of MS in our code, we just want to
understand the internal mechanism that is it.YOGI
>From: “Maxim S. Shatskih”
>Reply-To: “Windows System Software Devs Interest List”
>To: “Windows System Software Devs Interest List”
>Subject: Re: Re:[ntdev] MS Code leaked…
>Date: Sat, 14 Feb 2004 22:14:08 +0300
>
> I personally consider this leak as a Good Thing, and
will not be despiseful
>enough to use the leaked code if I will get my hands on it.
Anyway I did the NT
>kernel code reverse-engineering for years to help myself and
the community
>developing drivers.
>
> Anyway this leak will not harm MS financially in any
way. In absolutely any
>way. Windows competitors use absolutely other technological
base and so cannot
>benefit from the leak.
>
> So, the only consequence of the leak is - improving the
working conditions
>for programmers working for Windows platform (which is GOOD
for Microsoft in
>the end).
>
>Maxim Shatskih, Windows DDK MVP
>StorageCraft Corporation
>xxxxx@storagecraft.com
>http://www.storagecraft.com
>
>----- Original Message -----
>From: “Nick Ryan”
>Newsgroups: ntdev
>To: “Windows System Software Devs Interest List”
>Sent: Saturday, February 14, 2004 12:21 PM
>Subject: Re:[ntdev] MS Code leaked…
>
>
> > And how many days do you think you’ll last as a Windows
filesystem
> > filter developer without ever once digging into kernel
DDI’s with WinDbg
> > and a copy of the Intel IA32 Reference Manual? My previous
employer is
> > looking for a NT filter dev right now; how about we make a
bet? They’ll
> > give you a couple of nasty NTFS/EFS/filter interaction
bugs to fix, and
> > you’ll fix them without stepping into a kernel DDI. Up for
it?
> >
> > Bill Casey wrote:
> > > Andrey:
> > > I guess if you’re a moron and/or thief you DO need to
disassemble anything
> > > that comes your way. Linux bozos like you should be
kicked off this list.
> > >
> > > Bill Casey
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: xxxxx@lists.osr.com
> > >>[mailto:xxxxx@lists.osr.com]On Behalf Of
Andrey Shedel
> > >>Sent: Friday, February 13, 2004 12:07 AM
> > >>To: Windows System Software Devs Interest List
> > >>Subject: Re:[ntdev] MS Code leaked…
> > >>
> > >>
> > >>
> > >>This is a known fact that writing something non-trivial
for modern complex
> > >>OS is extremely tricky process because most of the time
will be spent
> > >>DISASSEMBLING operating system code (thanks for IDA and
symbols)
> > >>and trying
> > >>to figure out what WAS in comments in original sources
that we will never
> > >>have a chance to see unless we belongs to some list of
chosen. For NT as
> > >>well as for Linux it’s impossible to simply use provided
interfaces w/o
> > >>knowing what happens inside or how they interact with
each other. Sure now
> > >>DDK has a perfect documentation, but any one who wrote
i.e. their own
> > >>replacement for scsiport or at least one filesystem
driver will agree that
> > >>driver will be much more stable, cheaper and made faster
if particular
> > >>problem could be solved by a simple search through OS
source.
> > >>
> > >>Unfortunately MS leave the chance to WRITE drivers for
their own
> > >>developers… and some others… and what the rest of
the world
> > >>should do is
> > >>to HACK nice operating system trying to improve it with
our products.
> > >>
> > >>
> > >>
> > >>
> > >>—
> > >>Questions? First check the Kernel Driver FAQ at
> > >>http://www.osronline.com/article.cfm?id=256
> > >>
> > >>You are currently subscribed to ntdev as:
xxxxx@virtualscsi.com
> > >>To unsubscribe send a blank email to
xxxxx@lists.osr.com
> > >>
> > >
> > >
> > >
> >
> > –
> > - Nick Ryan
> > - Microsoft MVP for DDK
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
xxxxx@storagecraft.com
> > To unsubscribe send a blank email to
xxxxx@lists.osr.com
>
>
>—
>Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to
xxxxx@lists.osr.com
Post Classifieds on MSN classifieds. Buy and Sell on MSN
Classifieds. —
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to
xxxxx@lists.osr.comQuestions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256You are currently subscribed to ntdev as:
xxxxx@positivenetworks.net
To unsubscribe send a blank email to xxxxx@lists.osr.com
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
MFC is an abomination of C++ and object oriented design.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Chuck Batson
Sent: Saturday, February 14, 2004 10:42 PM
To: Windows System Software Devs Interest List
Subject: Re: Re:[ntdev] MS Code leaked…
In the absence of having source code for debugging, it’s often the path
of least resistance to step into someone else’s (e.g. Microsoft’s)
function to figure out why you’re having trouble with it. Does this
qualify as “reverse engineering”? And if the source code was available
to begin with – for debugging purposes only, mind you – this wouldn’t
be necessary. An example that comes to mind is MFC, which I admit to
having used on several occasions. If the source wasn’t available for
debugging, I would have given up in frustration early on due to the
number of issues I encountered with MFC. Did providing the source code
hurt Microsoft or MFC in any way? No. In fact it probably helped quite
a bit, since developers like me could figure out what the problem was
and overcome it more easily than if they didn’t have access to the
source code. Did I use my knowledge of MFC internals to make better
Windows products? Yes. Did I steal portions of the MFC to make a
competing product? No. Did someone else steal MFC code? Perhaps
(though personally I never found the MFC code worth stealing). If so,
did it hurt Microsoft?
Chuck
----- Original Message -----
From: “Steve Dispensa”
To: “Windows System Software Devs Interest List”
Sent: Sunday, February 15, 2004 12:26 PM
Subject: RE: Re:[ntdev] MS Code leaked…
> That makes three people whose work, as expressed on this list, I
> respect, who have come out admitting that they regularly reverse
> engineer pieces of Windows. Not fly-by-night newbie developers,
either
> - MVPs - people who Microsoft has publicly thanked for being good
> third-party representatives of their comapny. People who Microsoft
has
> called out as role models.
>
> This is a serious question (not at all meant to be a flamebait): do
you
> honestly believe that you’re not violating the EULA by
> reverse-engineering Windows?
>
> This area seems to represesnt a significant mismatch between written
> rules and common practice. I’d really like to hear from Microsoft
that
> this practice is OK, given (as pointed out) that it’s almost a
> requirement for nontrivial driver work.
>
> I don’t see how it would hurt Microsoft to formally approve this sort
of
> thing either, but maybe I’m just a naive programmer. Some clarity in
> one direction or another would be appreciated, though.
>
> Microsoft: can we get a formal statement of position?
>
> Sorry for contributing to an OT…
>
> -sd
>
> On Sat, 2004-02-14 at 20:18, Prokash Sinha wrote:
> > Well, since some of the top guns are already contributing to this,
why
> > not me then !
> >
> > I’ve read quite a few articles on it, based on whatever comes over
the
> > internet …
> >
> > Personal view:: I’ve no objection using open source. But I’ve every
> > objection on Leaked source. It is very dubious and difficult to
> > prove whether it is been wacked/hacked away to put in the internet,
or
> > it was intentionall. But on both account, it is not what
> > MS officials wanted to do willingling, and that is why they were
> > investigating, and obviously putting money for all these
> > investigation.
> >
> > But then also it all depends on what was exposed, and how valuable
to
> > the developers ( and by default white-hatters). On the other hand,
> > how useful could it be to the Black-hatters. If it is very very
> > useful, then I’m not sure what side I would want to take. I could
turn
> > into a
> > Black-hatter. Then what ?. MS could/would change the OS code if they
> > think they need to, and that would be derived from the delegence of
> > Black-hatter with significant amount of code availability… So me
as
> > a white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE MY
> > EXPERTISE anyway (even after having access to the gold-pot). And me
as
> > a Black-hatter, would possibly have only the hat w/o head. So I will
> > be
> > looser eitherway. Hence, I dont find much reason to believe that
> > Leaking is good. Open source is really a different topic altogether.
> > You submit the code
> > to open, and it is more like showing your One-way hash algorithm
along
> > with hashed key. Having both of them would not be of much use to
> > adversaries to
> > find the value passed into hash ( pass-word etc).
> >
> > Learning the internals has an obvious advantage, but that also need
> > many yrs of work, and that’s what some people are paid for. Even
with
> > massive code base
> > being open would require quite a bit of time to become expert, but
the
> > Black-hatter(s) are sometime far more determined to hack the hell
out,
> > and make a massacare. Lot of time I hear Linux might have a better
> > security, well we never had the test bed where almost all the
desktops
> > are Linux based, then we will know how robust it is, the source code
> > is free, and I bet my life that we would not be able to do anything
to
> > prevent massive hacks. Some govt. are going for Linux because they
are
> > affraid of Windows backdoors. Sure that is the right first step, but
> > there are million more steps ahead of them, and they will not dare
to
> > put those systems out on the open for anyone’s access, they just
want
> > to make sure they have the control. And rightly so, that’s their
> > decison, but lot lot more is there to get
> > their sytem(s) secured.
> >
> > I do reverse engineering whenever needed and in my earlier days with
> > Win32 based OS, I was specially debugging lot of internal stuff
> > written by others, often it was
> > quite painful to look thru just assembler code(s), lot of time even
> > modules were not mapped correctly so 4 hours of illusion(s) was
> > totally wrong etc., etc. Sure source could have been a little help,
if
> > available. But it is far more important to me that the base code is
> > safe and sound for many many people. It is being used every where.
> > Yesterday I was in an hospital for my kids Nasal adenoid surgery,
and
> > it is surprising that how NT family of system(s) being used, almost
> > like a pencil to an office, what if some of these systems are
hacked,
> > I dont think I would be able to pardon me for my thinking that
Leaked
> > code is good, so that I can be an expert on NT.
> >
> > It is a hard challenge, as far as I can streach my imagination.
> > Middle-age lecturing, even my kids get tired of it once in a while
> > :-).
> >
> > -prokash
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com]On Behalf Of
> > yatindra v aishnav
> > Sent: Saturday, February 14, 2004 3:56 PM
> > To: Windows System Software Devs Interest List
> > Subject: Re: Re:[ntdev] MS Code leaked…
> >
> >
> >
> >
> >
> > I agree with max. Whatever is required to acomplish a task
in
> > lack of resources we need to find the way to overcome that.
We
> > are not using that code of MS in our code, we just want to
> > understand the internal mechanism that is it.
> >
> >
> > YOGI
> >
> >
> >
> > >From: “Maxim S. Shatskih”
> > >Reply-To: “Windows System Software Devs Interest List”
> > >To: “Windows System Software Devs Interest List”
> > >Subject: Re: Re:[ntdev] MS Code leaked…
> > >Date: Sat, 14 Feb 2004 22:14:08 +0300
> > >
> > > I personally consider this leak as a Good Thing, and
> > will not be despiseful
> > >enough to use the leaked code if I will get my hands on it.
> > Anyway I did the NT
> > >kernel code reverse-engineering for years to help myself
and
> > the community
> > >developing drivers.
> > >
> > > Anyway this leak will not harm MS financially in any
> > way. In absolutely any
> > >way. Windows competitors use absolutely other technological
> > base and so cannot
> > >benefit from the leak.
> > >
> > > So, the only consequence of the leak is - improving
the
> > working conditions
> > >for programmers working for Windows platform (which is GOOD
> > for Microsoft in
> > >the end).
> > >
> > >Maxim Shatskih, Windows DDK MVP
> > >StorageCraft Corporation
> > >xxxxx@storagecraft.com
> > >http://www.storagecraft.com
> > >
> > >----- Original Message -----
> > >From: “Nick Ryan”
> > >Newsgroups: ntdev
> > >To: “Windows System Software Devs Interest List”
> > >Sent: Saturday, February 14, 2004 12:21 PM
> > >Subject: Re:[ntdev] MS Code leaked…
> > >
> > >
> > > > And how many days do you think you’ll last as a Windows
> > filesystem
> > > > filter developer without ever once digging into kernel
> > DDI’s with WinDbg
> > > > and a copy of the Intel IA32 Reference Manual? My
previous
> > employer is
> > > > looking for a NT filter dev right now; how about we make
a
> > bet? They’ll
> > > > give you a couple of nasty NTFS/EFS/filter interaction
> > bugs to fix, and
> > > > you’ll fix them without stepping into a kernel DDI. Up
for
> > it?
> > > >
> > > > Bill Casey wrote:
> > > > > Andrey:
> > > > > I guess if you’re a moron and/or thief you DO need to
> > disassemble anything
> > > > > that comes your way. Linux bozos like you should be
> > kicked off this list.
> > > > >
> > > > > Bill Casey
> > > > >
> > > > >
> > > > >
> > > > >>-----Original Message-----
> > > > >>From: xxxxx@lists.osr.com
> > > > >>[mailto:xxxxx@lists.osr.com]On Behalf Of
> > Andrey Shedel
> > > > >>Sent: Friday, February 13, 2004 12:07 AM
> > > > >>To: Windows System Software Devs Interest List
> > > > >>Subject: Re:[ntdev] MS Code leaked…
> > > > >>
> > > > >>
> > > > >>
> > > > >>This is a known fact that writing something
non-trivial
> > for modern complex
> > > > >>OS is extremely tricky process because most of the
time
> > will be spent
> > > > >>DISASSEMBLING operating system code (thanks for IDA
and
> > symbols)
> > > > >>and trying
> > > > >>to figure out what WAS in comments in original sources
> > that we will never
> > > > >>have a chance to see unless we belongs to some list of
> > chosen. For NT as
> > > > >>well as for Linux it’s impossible to simply use
provided
> > interfaces w/o
> > > > >>knowing what happens inside or how they interact with
> > each other. Sure now
> > > > >>DDK has a perfect documentation, but any one who wrote
> > i.e. their own
> > > > >>replacement for scsiport or at least one filesystem
> > driver will agree that
> > > > >>driver will be much more stable, cheaper and made
faster
> > if particular
> > > > >>problem could be solved by a simple search through OS
> > source.
> > > > >>
> > > > >>Unfortunately MS leave the chance to WRITE drivers for
> > their own
> > > > >>developers… and some others… and what the rest of
> > the world
> > > > >>should do is
> > > > >>to HACK nice operating system trying to improve it
with
> > our products.
> > > > >>
> > > > >>
> > > > >>
> > > > >>
> > > > >>—
> > > > >>Questions? First check the Kernel Driver FAQ at
> > > > >>http://www.osronline.com/article.cfm?id=256
> > > > >>
> > > > >>You are currently subscribed to ntdev as:
> > xxxxx@virtualscsi.com
> > > > >>To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > > > >>
> > > > >
> > > > >
> > > > >
> > > >
> > > > –
> > > > - Nick Ryan
> > > > - Microsoft MVP for DDK
> > > >
> > > > —
> > > > Questions? First check the Kernel Driver FAQ at
> > >http://www.osronline.com/article.cfm?id=256
> > > >
> > > > You are currently subscribed to ntdev as:
> > xxxxx@storagecraft.com
> > > > To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > >
> > >
> > >—
> > >Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> > >
> > >You are currently subscribed to ntdev as:
xxxxx@hotmail.com
> > >To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> >
> >
______________________________________________________________
> > Post Classifieds on MSN classifieds. Buy and Sell on MSN
> > Classifieds. —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@garlic.com
> > To unsubscribe send a blank email to
> > xxxxx@lists.osr.com
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as:
> > xxxxx@positivenetworks.net
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@cbatson.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
On Sun, 2004-02-15 at 03:02, Jamey Kirby wrote:
I think the rev.eng statement is applicable to all on this list. Have you
not stepped into the debugger past your code into an OS call and followed it
to find where bad pointer is gets referenced in the OS?
Sorry, didn’t mean to imply anything at all about what I do. I just
want to know what MS thinks about the practice. Clearly it’s almost
universal. Also, as I said a few months ago, I’m not sure I see the
line between WinDbg w/ symbols and something like IDA.
-sd
Well this is true, I was just being polite by refraining from saying so
bluntly. I used MFC as the first example of
source-provided-for-debugging that popped into mind. If you think my
post is about MFC then you didn’t read it.
Chuck
----- Original Message -----
From: “Jamey Kirby”
To: “Windows System Software Devs Interest List”
Sent: Sunday, February 15, 2004 4:03 PM
Subject: RE: Re:[ntdev] MS Code leaked…
> MFC is an abomination of C++ and object oriented design.
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Chuck Batson
> Sent: Saturday, February 14, 2004 10:42 PM
> To: Windows System Software Devs Interest List
> Subject: Re: Re:[ntdev] MS Code leaked…
>
> In the absence of having source code for debugging, it’s often the
path
> of least resistance to step into someone else’s (e.g. Microsoft’s)
> function to figure out why you’re having trouble with it. Does this
> qualify as “reverse engineering”? And if the source code was
available
> to begin with – for debugging purposes only, mind you – this
wouldn’t
> be necessary. An example that comes to mind is MFC, which I admit to
> having used on several occasions. If the source wasn’t available for
> debugging, I would have given up in frustration early on due to the
> number of issues I encountered with MFC. Did providing the source
code
> hurt Microsoft or MFC in any way? No. In fact it probably helped
quite
> a bit, since developers like me could figure out what the problem was
> and overcome it more easily than if they didn’t have access to the
> source code. Did I use my knowledge of MFC internals to make better
> Windows products? Yes. Did I steal portions of the MFC to make a
> competing product? No. Did someone else steal MFC code? Perhaps
> (though personally I never found the MFC code worth stealing). If so,
> did it hurt Microsoft?
>
> Chuck
>
> ----- Original Message -----
> From: “Steve Dispensa”
> To: “Windows System Software Devs Interest List”
> Sent: Sunday, February 15, 2004 12:26 PM
> Subject: RE: Re:[ntdev] MS Code leaked…
>
>
> > That makes three people whose work, as expressed on this list, I
> > respect, who have come out admitting that they regularly reverse
> > engineer pieces of Windows. Not fly-by-night newbie developers,
> either
> > - MVPs - people who Microsoft has publicly thanked for being good
> > third-party representatives of their comapny. People who Microsoft
> has
> > called out as role models.
> >
> > This is a serious question (not at all meant to be a flamebait): do
> you
> > honestly believe that you’re not violating the EULA by
> > reverse-engineering Windows?
> >
> > This area seems to represesnt a significant mismatch between written
> > rules and common practice. I’d really like to hear from Microsoft
> that
> > this practice is OK, given (as pointed out) that it’s almost a
> > requirement for nontrivial driver work.
> >
> > I don’t see how it would hurt Microsoft to formally approve this
sort
> of
> > thing either, but maybe I’m just a naive programmer. Some clarity
in
> > one direction or another would be appreciated, though.
> >
> > Microsoft: can we get a formal statement of position?
> >
> > Sorry for contributing to an OT…
> >
> > -sd
> >
> > On Sat, 2004-02-14 at 20:18, Prokash Sinha wrote:
> > > Well, since some of the top guns are already contributing to this,
> why
> > > not me then !
> > >
> > > I’ve read quite a few articles on it, based on whatever comes over
> the
> > > internet …
> > >
> > > Personal view:: I’ve no objection using open source. But I’ve
every
> > > objection on Leaked source. It is very dubious and difficult to
> > > prove whether it is been wacked/hacked away to put in the
internet,
> or
> > > it was intentionall. But on both account, it is not what
> > > MS officials wanted to do willingling, and that is why they were
> > > investigating, and obviously putting money for all these
> > > investigation.
> > >
> > > But then also it all depends on what was exposed, and how
valuable
> to
> > > the developers ( and by default white-hatters). On the other hand,
> > > how useful could it be to the Black-hatters. If it is very very
> > > useful, then I’m not sure what side I would want to take. I could
> turn
> > > into a
> > > Black-hatter. Then what ?. MS could/would change the OS code if
they
> > > think they need to, and that would be derived from the delegence
of
> > > Black-hatter with significant amount of code availability… So me
> as
> > > a white-hatter, and wanabe experts on NT’s inside/out WOULD LOOSE
MY
> > > EXPERTISE anyway (even after having access to the gold-pot). And
me
> as
> > > a Black-hatter, would possibly have only the hat w/o head. So I
will
> > > be
> > > looser eitherway. Hence, I dont find much reason to believe that
> > > Leaking is good. Open source is really a different topic
altogether.
> > > You submit the code
> > > to open, and it is more like showing your One-way hash algorithm
> along
> > > with hashed key. Having both of them would not be of much use to
> > > adversaries to
> > > find the value passed into hash ( pass-word etc).
> > >
> > > Learning the internals has an obvious advantage, but that also
need
> > > many yrs of work, and that’s what some people are paid for. Even
> with
> > > massive code base
> > > being open would require quite a bit of time to become expert, but
> the
> > > Black-hatter(s) are sometime far more determined to hack the hell
> out,
> > > and make a massacare. Lot of time I hear Linux might have a better
> > > security, well we never had the test bed where almost all the
> desktops
> > > are Linux based, then we will know how robust it is, the source
code
> > > is free, and I bet my life that we would not be able to do
anything
> to
> > > prevent massive hacks. Some govt. are going for Linux because they
> are
> > > affraid of Windows backdoors. Sure that is the right first step,
but
> > > there are million more steps ahead of them, and they will not dare
> to
> > > put those systems out on the open for anyone’s access, they just
> want
> > > to make sure they have the control. And rightly so, that’s their
> > > decison, but lot lot more is there to get
> > > their sytem(s) secured.
> > >
> > > I do reverse engineering whenever needed and in my earlier days
with
> > > Win32 based OS, I was specially debugging lot of internal stuff
> > > written by others, often it was
> > > quite painful to look thru just assembler code(s), lot of time
even
> > > modules were not mapped correctly so 4 hours of illusion(s) was
> > > totally wrong etc., etc. Sure source could have been a little
help,
> if
> > > available. But it is far more important to me that the base code
is
> > > safe and sound for many many people. It is being used every where.
> > > Yesterday I was in an hospital for my kids Nasal adenoid surgery,
> and
> > > it is surprising that how NT family of system(s) being used,
almost
> > > like a pencil to an office, what if some of these systems are
> hacked,
> > > I dont think I would be able to pardon me for my thinking that
> Leaked
> > > code is good, so that I can be an expert on NT.
> > >
> > > It is a hard challenge, as far as I can streach my imagination.
> > > Middle-age lecturing, even my kids get tired of it once in a while
> > > :-).
> > >
> > > -prokash
> > > -----Original Message-----
> > > From: xxxxx@lists.osr.com
> > > [mailto:xxxxx@lists.osr.com]On Behalf Of
> > > yatindra v aishnav
> > > Sent: Saturday, February 14, 2004 3:56 PM
> > > To: Windows System Software Devs Interest List
> > > Subject: Re: Re:[ntdev] MS Code leaked…
> > >
> > >
> > >
> > >
> > >
> > > I agree with max. Whatever is required to acomplish a task
> in
> > > lack of resources we need to find the way to overcome
that.
> We
> > > are not using that code of MS in our code, we just want to
> > > understand the internal mechanism that is it.
> > >
> > >
> > > YOGI
> > >
> > >
> > >
> > > >From: “Maxim S. Shatskih”
> > > >Reply-To: “Windows System Software Devs Interest List”
> > > >To: “Windows System Software Devs Interest List”
> > > >Subject: Re: Re:[ntdev] MS Code leaked…
> > > >Date: Sat, 14 Feb 2004 22:14:08 +0300
> > > >
> > > > I personally consider this leak as a Good Thing, and
> > > will not be despiseful
> > > >enough to use the leaked code if I will get my hands on
it.
> > > Anyway I did the NT
> > > >kernel code reverse-engineering for years to help myself
> and
> > > the community
> > > >developing drivers.
> > > >
> > > > Anyway this leak will not harm MS financially in any
> > > way. In absolutely any
> > > >way. Windows competitors use absolutely other
technological
> > > base and so cannot
> > > >benefit from the leak.
> > > >
> > > > So, the only consequence of the leak is - improving
> the
> > > working conditions
> > > >for programmers working for Windows platform (which is
GOOD
> > > for Microsoft in
> > > >the end).
> > > >
> > > >Maxim Shatskih, Windows DDK MVP
> > > >StorageCraft Corporation
> > > >xxxxx@storagecraft.com
> > > >http://www.storagecraft.com
> > > >
> > > >----- Original Message -----
> > > >From: “Nick Ryan”
> > > >Newsgroups: ntdev
> > > >To: “Windows System Software Devs Interest List”
> > > >Sent: Saturday, February 14, 2004 12:21 PM
> > > >Subject: Re:[ntdev] MS Code leaked…
> > > >
> > > >
> > > > > And how many days do you think you’ll last as a
Windows
> > > filesystem
> > > > > filter developer without ever once digging into kernel
> > > DDI’s with WinDbg
> > > > > and a copy of the Intel IA32 Reference Manual? My
> previous
> > > employer is
> > > > > looking for a NT filter dev right now; how about we
make
> a
> > > bet? They’ll
> > > > > give you a couple of nasty NTFS/EFS/filter interaction
> > > bugs to fix, and
> > > > > you’ll fix them without stepping into a kernel DDI. Up
> for
> > > it?
> > > > >
> > > > > Bill Casey wrote:
> > > > > > Andrey:
> > > > > > I guess if you’re a moron and/or thief you DO need
to
> > > disassemble anything
> > > > > > that comes your way. Linux bozos like you should be
> > > kicked off this list.
> > > > > >
> > > > > > Bill Casey
> > > > > >
> > > > > >
> > > > > >
> > > > > >>-----Original Message-----
> > > > > >>From: xxxxx@lists.osr.com
> > > > > >>[mailto:xxxxx@lists.osr.com]On Behalf
Of
> > > Andrey Shedel
> > > > > >>Sent: Friday, February 13, 2004 12:07 AM
> > > > > >>To: Windows System Software Devs Interest List
> > > > > >>Subject: Re:[ntdev] MS Code leaked…
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >>This is a known fact that writing something
> non-trivial
> > > for modern complex
> > > > > >>OS is extremely tricky process because most of the
> time
> > > will be spent
> > > > > >>DISASSEMBLING operating system code (thanks for IDA
> and
> > > symbols)
> > > > > >>and trying
> > > > > >>to figure out what WAS in comments in original
sources
> > > that we will never
> > > > > >>have a chance to see unless we belongs to some list
of
> > > chosen. For NT as
> > > > > >>well as for Linux it’s impossible to simply use
> provided
> > > interfaces w/o
> > > > > >>knowing what happens inside or how they interact
with
> > > each other. Sure now
> > > > > >>DDK has a perfect documentation, but any one who
wrote
> > > i.e. their own
> > > > > >>replacement for scsiport or at least one filesystem
> > > driver will agree that
> > > > > >>driver will be much more stable, cheaper and made
> faster
> > > if particular
> > > > > >>problem could be solved by a simple search through
OS
> > > source.
> > > > > >>
> > > > > >>Unfortunately MS leave the chance to WRITE drivers
for
> > > their own
> > > > > >>developers… and some others… and what the rest
of
> > > the world
> > > > > >>should do is
> > > > > >>to HACK nice operating system trying to improve it
> with
> > > our products.
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >>—
> > > > > >>Questions? First check the Kernel Driver FAQ at
> > > > > >>http://www.osronline.com/article.cfm?id=256
> > > > > >>
> > > > > >>You are currently subscribed to ntdev as:
> > > xxxxx@virtualscsi.com
> > > > > >>To unsubscribe send a blank email to
> > > xxxxx@lists.osr.com
> > > > > >>
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > > –
> > > > > - Nick Ryan
> > > > > - Microsoft MVP for DDK
> > > > >
> > > > > —
> > > > > Questions? First check the Kernel Driver FAQ at
> > > >http://www.osronline.com/article.cfm?id=256
> > > > >
> > > > > You are currently subscribed to ntdev as:
> > > xxxxx@storagecraft.com
> > > > > To unsubscribe send a blank email to
> > > xxxxx@lists.osr.com
> > > >
> > > >
> > > >—
> > > >Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > > >
> > > >You are currently subscribed to ntdev as:
> xxxxx@hotmail.com
> > > >To unsubscribe send a blank email to
> > > xxxxx@lists.osr.com
> > >
> > >
> ______________________________________________________________
> > > Post Classifieds on MSN classifieds. Buy and Sell on MSN
> > > Classifieds. —
> > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as:
xxxxx@garlic.com
> > > To unsubscribe send a blank email to
> > > xxxxx@lists.osr.com
> > > —
> > > Questions? First check the Kernel Driver FAQ at
> > > http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as:
> > > xxxxx@positivenetworks.net
> > > To unsubscribe send a blank email to
xxxxx@lists.osr.com
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@cbatson.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@cbatson.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>