lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 16 Feb 2004 10:08:49 +0530
From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh@...ine.gateway.technolabs.net>
To: <Valdis.Kletnieks@...edu>, "Lee" <cheekypeople@...33.com>
Cc: <ald2003@...rs.sourceforge.net>, <dotsecure@...hmail.com>,
   <full-disclosure@...ts.netsys.com>, <bugtraq@...urityfocus.com>
Subject: RE: Windows 2000 Source Leak Verified. Get ready for the havoc.



off topic, just some random thoughts

maybe ms will "release" the next batch of 1/3 code in some time for "peer review" so that they can remove all the bugs and security holes before the next release of windows - long horn is that it ?

as per ms windows is more secure because it has closed source now... so with the source in the open windows is not secure any more.

are we going to see mass dumping of windows machines due to this ?

-aditya



> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
> Valdis.Kletnieks@...edu
> Sent: Monday, February 16, 2004 4:28 AM
> To: Lee
> Cc: ald2003@...rs.sourceforge.net; dotsecure@...hmail.com;
> full-disclosure@...ts.netsys.com; bugtraq@...urityfocus.com
> Subject: Re: [Full-Disclosure] Windows 2000 Source Leak Verified. Get
> ready for the havoc. 
> 
> 
> On Sat, 14 Feb 2004 16:42:39 GMT, Lee <cheekypeople@...33.com>  said:
> > again its 1/100 of standardd MS code for a OS, lets get a grip 
> please... and
> > I think I see the company who let the source get loose come out and say
> 
> Most earlier estimates of the Win2K source were about 45M lines 
> of code (I think
> the "40 gig" being tossed around is the size of the 
> source-control-system database).
> And I've seen the number 12.5M lines of code escaped.  That's 
> closer to 1/3 than
> to 1/100.
> 
> And remember that there's a synergistic effect - when you have 
> THAT big of a chunk
> of the source, you can start making a lot more educated guesses 
> about what the
> other 2/3 are...
> 


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ