• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Security Alert: Microsoft Win10 Internal Build and Source Code Leak.

The narrative isn't that somehow gaining access to the source code for an OS makes it insecure? Linux and others are all open source and no one says they have tons of zero day (unknown) exploits.

If anything I'd argue leaking the source code of W10 will only help make it more secure, not less. Security by obscurity is no security at all.
 

riotous

Banned
If MS relies on being closed source for security, we all have bigger issues.

They generally don't; they do extensive code reviewing in-house, have build servers they scan for everything under the sun, etc.

It's not the same as open source, but they've improved massively over the last 15 years in that regard.
 

Rootbeer

Banned
As bad as this is... and it sounds pre-e-e-e-ty bad, Win10 is a lot better at getting your ass to install those Windows updates than previous versions. You have to go out of your way to disable things to not get them. They'll have to be working overtime to get those fixes out, though.
Maybe we'll know how MS is spying on us now.
That would be one interesting thing to find out, yeah. Just how integrated are the prism project requirements or whatever. For decades people have been saying Windows is not safe because of things like intentional backdoors or storing information in hard to remove ways that could be a problem for your security. If nothing else good comes of this... I want people to find out just how true some of this is.
 
This leaking is the least of MS trouble. Their OS have had security issues since it started, and that never really changed over the years. While this could show exploitable ways to hack the OS, there are also people who will look at the same things and report them. It works both ways.
 
Welp. My Gaming PC had a good run.

giphy.gif
 

Damaniel

Banned
Can someone explain? Should I not use my windows 10 matchine? I have a MacBook I can use, just wondering.

In the (very) short term, your Windows 10 machine is fine. Depending on the extent of the leak, it's possible that nefarious types may find new attack vectors to take advantage of for distributing their viruses and malware. It could be weeks before things start showing up, or it could be days.

Also, if Windows 10 is affected, many of the same issues found will affect Windows 7 and 8 also due to the large amount of shared code. All we can do is keep our patches up to date and wait to see what gets found.
 

Anion

Member
In the (very) short term, your Windows 10 machine is fine. Depending on the extent of the leak, it's possible that nefarious types may find new attack vectors to take advantage of for distributing their viruses and malware. It could be weeks before things start showing up, or it could be days.

Also, if Windows 10 is affected, many of the same issues found will affect Windows 7 and 8 also due to the large amount of shared code. All we can do is keep our patches up to date and wait to see what gets found.
Ah thank you, I'll just err on the side of caution. Thanks for this post!
 

Chris1

Member
Fix Win10's security from those who wish to abuse this leak. From what I understand the source code in its entirely has leaked, making it much easier for those with malicious intent to study it and attack the OS.

If MS was relying on being closed source for security we'd have much bigger problems to worry about than this leak
 

riotous

Banned
From what I understand the source code in its entirely has leaked.

It's right in the OP that this isn't the entire set of source code for the OS:

This is believed to contain the code for Shared Source Kit, which includes the source for Windows 10's hardware drivers alongside PnP code, USB and Wi-Fi stacks, storage drivers, and ARM-specific OneCore kernel code.
 

Somnid

Member
The security isn't any different, anything that would be found by nefarious actors would be there in any case and have to be patched when found. Decompilers are as old as compilers.

It's more a problem from code theft perspective, if that even really matters anymore.
 

riotous

Banned
The security isn't any different, anything that would be found by nefarious actors would be there in any case and have to be patched when found. Decompilers are as old as compilers.

It's more a problem from code theft perspective, if that even really matters anymore.

And every security expert on the planet will be reviewing this code to beat out hackers in finding exploits.

Just like MS does internally.

This isn't the freak out news that everyone seems to think it is IMO.
 

Syriel

Member

petran79

Banned
Windows XP 64-bit with DirectX11 support would have prolonged the life of old PCs significantly, making it the equivalent of PS3 consoles.

I'd prefer this over Windows 10.
 

LCGeek

formerly sane
I've been using it since 3.1, it sure as hell isn't my favourite. It doesn't take an expert to see the issues.
They may not care, which is why I tend to not complain about dozens of things Windows continue to miss inspite of apple or Linux improving on them.

Having a decent CPU scheduler, who gives a fuck
Various stutter inducing setting, here ya go let me leave my hpet setting and network settings on modes that fuck with my gaming due to how they slow up or hitch up the machine, don't give a fuck
We need gsync and free sync cause we know better than amd and nvidia nor do we want to fuck with legacy cause we are complacent cowards at microsoft
Let's not have a competent network stack that deals with bufferbloat, you know like bsd and Linux do.
Let's add more bloat via our services and not say its a problem
Let add services that add latency overhead to anything network related and then expect gamers to have smooth experiences when they game
Lets not have useful offloading and then remove only bringing it back for xbox x cause we want to do it right and charge for it behind our paywall.
Let's play more API games and not overhaul dx so that it's more like vulkan and can run on any version since xp
Did we at Microsoft mention how lovely our lovely our non debloated and airtime fixed wifi stack will fuck over anyone using wifi on windows.

It doesn't matter when your consumers don't know or don't care and you have legacy to support. Such progress windows 10 a nice malware infested shell of what windows has become instead of what it could. After seeing what linux small distorts that can fit on 16MB can do for network and on small gaming devices I'm ashamed of windows gamers or console Xbox gamers that put up with the shitty basterization of an OS that isn't built to serve us.

Despite all that I have to use it cause there is no other choice as gamer.
 

Lyriell

Member
Not that big a deal from a consumer perspective. Maybe exploits will be found... then they will get patched.

The bigger problem is intellectual theft from other companies taking their methods and recreating and obscuring them... basically giving your competitors an advantage to catch up. This isbespecially true of certain nefarious countries that do not respect IP rights.

On the bright side... someone at Microsoft is saying... "Thank god it wasn't office!!!"
 

Atilac

Member
I half a mind to go full linux, backslash linux. The only thing stopping me is the need for visual basic and other dev tools. UUUUUUGGGGHGGGGHGHHH
 

jstripes

Banned
The international IC's gonna have a field day with the source code. They'll have their top people looking for new, undiscovered exploits.
 
Top Bottom