Bonum Certa Men Certa

[Resurrected] 'We Are Morons': A Quick Look at the Win2k Source

The last copy of this article is in the Wayback Machine (the original was removed not long ago), so it's outside of search engines' reach. We're fixing that today.




Overview


Several days ago, two files containing Microsoft source code began circulating on the Internet. One contains a majority of the NT4 source code: this is not discussed here. The other contains a fraction of the Windows 2000 source code, reportedly about 15% of the total. This includes some networking code including winsock and inet; as well as some shell code. Some other familiar items include the event log, and some of the default screensavers.

The timestamps on the files generally say 25 July 2000. The source is contained in a Zip file of size 213,748,207 bytes, named windows_2000_source_code.zip, which has been widely circulated on P2P networks. Some dummy files of similar size, containing just strings of zeroes, have also circulated.



There has been some speculation that while the bulk of the source is genuine, some of the comments have been tampered with to embarrass Microsoft. This is difficult to disprove, but I find it implausible. The embarrassing comments occur on thousands of lines, in realistic places. Furthermore, if someone had done that, it would have been easy to make the comments far more incriminating.



Embarrassments
In the struggle to meet deadlines, I think pretty much all programmers have put in comments they might later regret, including swearwords and acerbic comments about other code or requirements. Also, any conscientious coder will put in prominent comments warning others about the trickier parts of the code. Comments like "UGLY TERRIBLE HACK" tend to indicate good code rather than bad: in bad code ugly terrible hacks are considered par for the course. It would therefore be both hypocritical and meaningless to go through the comments looking for embarrassments. But also fun, so let's go.



Curse words: there are a dozen or so "fucks" and "shits", and hundreds of "craps". Some dissatisfaction with the compiler is expressed in private\shell\shell32\util.cpp:

// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
// around the fucking peice of shit compiler we pass the last param as an void *instead of a LPITEMIDLIST


Some insight into Microsoft's famous daily build process is given in private\windows\media\avi\verinfo.16\verinfo.h:

* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* !!!!!!!IF YOU CHANGE TABS TO SPACES, YOU WILL BE KILLED!!!!!!!
* !!!!!!!!!!!!!!DOING SO FUCKS THE BUILD PROCESS!!!!!!!!!!!!!!!!
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


There are also various references to idiots and morons, some external, some within Microsoft. The file private\ntos\rtl\heap.c, which dates from 1989, tells us

// The specific idiot in this case is Office95, which likes
// to free a random pointer when you start Word95 from a desktop
// shortcut.


The file private\ntos\w32\ntuser\kernel\swp.c from 11-Jul-1991 points at

* for idiots like MS-Access 2.0 who SetWindowPos( SWP_BOZO
* and blow away themselves on the shell, then lets
* just ignore their plea to be removed from the tray


Morons also abound, as in this selection

private\genx\shell\inc\prsht.w:
// we are such morons. Wiz97 underwent a redesign between IE4 and IE5



private\shell\ext\ftp\ftpdrop.cpp:
We have to do this only because Exchange is a moron.



private\shell\shdoc401\unicpp\desktop.cpp:
// We are morons. We changed the IDeskTray interface between IE4



private\shell\browseui\itbar.cpp:
// should be fixed in the apps themselves. Morons!



Microsoft programmers also take their duty to warn others seriously. There are over 4,000 references to "hacks", mostly warnings. These include



private\inet\mshtml\src\core\cdbase\baseprop.cxx:
// HACK! HACK! HACK! (MohanB) In order to fix #64710 at this very late



private\inet\mshtml\src\core\cdutil\genutil.cxx:
// HACK HACK HACK. REMOVE THIS ONCE MARLETT IS AROUND



private\inet\mshtml\src\other\moniker\resprot.cxx:
// <HACK>
goto EndHack;
// </HACK>



private\inet\mshtml\src\site\layout\flowlyt.cxx:
// God, I hate this hack ...



private\inet\wininet\urlcache\cachecfg.cxx:
// Dumb hack for back compat. *sigh*

private\inet\wininet\urlcache\filemgr.cxx:
// ACHTUNG!!! this is a special hack for IBM antivirus software



private\ispu\pkitrust\trustui\acuictl.cpp:
// HACK ALERT, believe it or not there is no way to get the height of the current
// HACK ON TOP OF HACK ALERT,



private\ntos\udfs\devctrl.c:
// Add the hack-o-ramma to fix formats.

private\shell\shdoc401\unicpp\sendto.cpp:
// Mondo hackitude-o-rama.

private\ntos\w32\ntcon\server\link.c:
// HUGE, HUGE hack-o-rama to get NTSD started on this process!

private\ntos\w32\ntuser\client\dlgmgr.c:
// HACK OF DEATH:



private\shell\lib\util.cpp:
// TERRIBLE HORRIBLE NO GOOD VERY BAD HACK



private\ntos\w32\ntuser\client\nt6\user.h:
* The magnitude of this hack compares favorably with that of the national debt.



While surprisingly informal, there are limits to how far the programmers go. There are no derogatory references to Microsoft or Windows themselves. Bill Gates is never mentioned. There are no racist or homophobic slurs. I saw only one drug reference.

private\shell\ext\tweakui\genthunk.c:
* CallProc32W is insane. It's a variadic function that uses
* the pascal calling convention. (It probably makes more sense
* when you're stoned.)


Quality
Despite the above, the quality of the code is generally excellent. Modules are small, and procedures generally fit on a single screen. The commenting is very detailed about intentions, but doesn't fall into "add one to i" redundancy.



There is some variety in the commenting style. Sometimes blocks use a // at every line, sometimes the /* */ style. In some modules functions have a history, some do not. Some functions describe their variables in a comment block, some don't. Microsoft appears not to have fallen into the trap of enforcing over-rigid standards or universal use of over-complicated automatic tools. They seem to trust their developers to comment well, and they do.



However, not everything is so rosy. Some of the modules are clearly suffering from the hacks upon hacks mentioned earlier. As someone who struggled immensely trying to get the MSInet control working not long after this code was released, it's a relief to see that the inet code is as bad as I thought.



From the comments, it also appears that most of the uglier hacks are due to compatibility issues: either backward-compatibility, hardware compatibility or issues caused by particular software. Microsoft's vast compatibility strengths have clearly come at a cost, both in developer-sweat and the elegance (and hence stability and maintainability) of the code.



Open Source
It's been widely rumored for a while that Microsoft relies on stolen open source code. The rumor has faced widespread skepticism too. Microsoft has hundreds of millions of lines of code, most of it highly specialized. Hardly any of that could benefit from stealing: it hardly seems worth the legal risk. It's true that early versions of the TCP-IP stack were (legally) taken from BSD: but that was a long time ago, when Microsoft was much smaller.



Searching the code for "linux" and "GPL" finds no references. "BSD" finds only a couple of references to BSD-convention strings. "GNU" finds a lot of references to a GNUmakefile in private\genx\shell, which in turn mentions a "mode for Emacs." This is apparently legitimate: simply using a makefile does not apply the makefile's copyright to the resulting code.



Therefore, a superficial look at the code finds no evidence that Microsoft has violated the GPL or stolen other open source code. Closer examination might turn something up.

Favoritism
It's noticeable that a lot of the "hacks" refer to individual applications. In some cases they are non-Microsoft, such as this case: a Borland compiler came to depend on an existing bug, so their fix worked to preserve some of the bug's behaviour. But just as often these application-specific fixes are for Microsoft's own apps. There seems to be an informal hierarchy when it comes these: Microsoft apps take precedence, then major software companies like IBM and Borland.

It's also interesting to finally see references to the notorious undocumented features, which Microsoft application developers have long been known to use.

private\mvdm\wow32\wcntl32.c:
// These undocumented messages are used by Excel 5.0



private\mvdm\wow32\wgdi31.c:
// InquireVisRgn is an undocumented Win 3.1 API. This code has been
// suggested by ChuckWh. If this does not fix the s 2.0
// problem, then ChuckWh would be providing us with an private entry
// point.



private\mvdm\wow32\wgfont.c:
* This thunk implements the undocumented Win3.0 and Win3.1 API
* GetCurLogFont (GDI.411). Symantec QA4.0 uses it.
* To implement this undocumented API we will use the NT undocumented API



In some cases, the programmers themselves appear to have been frustrated or surprised.

private\ntos\w32\ntuser\kernel\mnpopup.c:
// Set the GlobalPopupMenu variable so that EndMenu works for popupmenus so
// that WinWart II people can continue to abuse undocumented functions.



private\windows\shell\accesory\hypertrm\emu\minitel.c:
// Guess what? Latent background color is always adopted for mosaics.
// This is a major undocumented find...



private\windows\shell\accesory\hypertrm\emu\minitelf.c:
// Ah, the life of the undocumented. The documentation says
// that this guys does not validate, colors, act as a delimiter
// and fills with spaces. Wrong. It does validate the color.
// As such its a delimiter. If...



Conclusions
The security risks from this code appear to be low. Microsoft do appear to be checking for buffer overruns in the obvious places. The amount of networking code here is small enough for Microsoft to easily check for any vulnerabilities that might be revealed: it's the big applications that pose more of a risk. This code is also nearly four years old: any obvious problems should be patched by now.



Microsoft's fears that this code will be pirated by its competitors also seem largely unfounded. With application code this would be a risk, but it's hard to see Microsoft's operating system competitors taking advantage of it. Neither Apple nor Linux are in a much of position to steal code and get away with it, even if it was useful to them.



In short, there is nothing really surprising in this leak. Microsoft does not steal open-source code. Their older code is flaky, their modern code excellent. Their programmers are skilled and enthusiastic. Problems are generally due to a trade-off of current quality against vast hardware, software and backward compatibility.

Recent Techrights' Posts

What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns)
Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too)
Where are the competition authorities (or regulators for that matter)?
Would You Trust a Liar?
Why lie about the authorship?
Sanctions Cause Fragmentation in Software
some Chinese Linux developers are already subjected to restrictions similar to Russians'
The Internet is Failing to Protect Democratic Processes and Human Knowledge
Amplifying lies, rewarding plagiarists
Links 05/11/2024: Criminal Referrals Regarding Patent Trolls and Disinformation About the Election Process (Already)
Links for the day
 
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com)
They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses
Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement
Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors)
Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa
In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux"
Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions
Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en
Links for the day
Mass Layoffs at Mozilla Announced During US Elections
Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played"
There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait)
US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication
KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed
Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024
IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux
Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security'
As a meme
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam)
Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day
Birthday Tomorrow
Many cakes and drinks are ready; we're one day away now
Gemini Links 05/11/2024: 'App' Needed for Parking, NNCP, Gomphotherium
Links for the day
How Voting Does Not Work
You cannot vote from an "app"
Saving the Planet With Honesty, Transparency, and Sharing (Not Only of Computer Code)
GAFAM is destroying the only habitat humans and other animals have and it'll only get worse
Disinformation About Election Outcomes Even Before Any Election Outcomes (or Election/Voting!)
seeding doubt about election outcomes
Links 05/11/2024: Bluesky and Enshittification, Pugad Baboy, and Lots of Disinformation Flooding the Web
Links for the day
[Meme] Sweaty Under the Belly
"OK, my critics are 'spam'"
Microsoft Bribing Canonical (to Stop Competing) and Bribing Users to Shun the Competition
Canonical is worth shunning
[Meme] The 2024 'Info Bros'
And prehistoric googling
Computers Getting Worse (for the User) Over Time
This is like Windows-ism coming to "Linux" through the hardware
[Meme] How NOT to Vote
Another form of (mostly-unspoken-of) election interference
An LLM Inside a 'Search' Engine Means That Companies Tell You What They Want, Not What Web Pages to Visit
The future of 'googling' things might be as unreliable as using Social Control Media as a source of information
Google's Debt Has Increased and 'Cash on Hand' Fell by 22.27% This Past Year
These are the numbers that the corporate media intentionally leaves out
Against Outsourcing of Sites and E-mail
Software Freedom is great, but it is not enough if you let someone else do it 'for you'
Drew DeVault: People Talking About My Attack Site (Against the Founder of GNU/Linux) is "Spam"
"Spam on sr.ht mailing lists"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 04, 2024
IRC logs for Monday, November 04, 2024
There's a Reason Why Techrights is Turning 18 and Tux Machines Will Turn 20.5 Next Month
I started advocating GNU/Linux when I was a teenager
"Oppose the Fascist"
what the founder of GNU/Linux said
Techrights Has a Long History of Fighting to Expose 'Team Mono' or Microsofters Inside GNOME
Never downplay the malice of Microsoft and its operatives
Halloween, All Saints Day & Swiss citizenship
Reprinted with permission from Daniel Pocock
Gemini Links 05/11/2024: Halloween Over, Intention and Implementation, Bookmark Syncing
Links for the day
Microsoft Lost Nearly Half of Its 'Cash Reserves' This Past Year
Is Microsoft (MSFT) the next Intel (INTC)?
The Year Isn't Over Yet, There Will be More Waves of Microsoft Layoffs
Nowadays Microsoft just tries to conflate/equate its energy waste with "value"
The Corporate Media Blasted Bitcoin for Destroying the Planet and Must Do the Same to Incite the Public Against the 'Great Rigging of Wall Street' (Under the Guise of "AI", the Latest Gold Rush)
"AI" is the next "metaverse" (trailing by a few months)
[Video] Richard Stallman is Back to Halo and Gown (in Peru) With 2+ Hours of a Public Talk
The globetrotting Richard Stallman gave many talks at the end of last month
Going Strong Against the Wind
the abuse serves to emphasise or affirm the importance of what we do
Links 04/11/2024: Squashing More Software Patents and Taiwan at Risk
Links for the day
Gemini Links 04/11/2024: Typing vs Writing and a Smol (Net) Pub
Links for the day
Links 04/11/2024: LibreOffice Had Adopted PeerTube, "Hey Hi" Hype is a Threat to the Energy Grids (Worse Than Fake-Coins)
Links for the day
[Meme] Social Control Telescreens With Microphone
Nineteen Eighty-Four
Shout-out to Christine From FOSSForce
Who noticed our short story
Not Boycotting Apple (Yet)?
"Apple Forces The Signing Of Applications In MacOS Sequoia 15.1"
statCounter This Month: Android Has Nearly Become Twice as Big as Windows
If it happened, it would be an unprecedented milestone
Why Technical Sites Need Not Make Political Recommendations or Endorsements
Except perhaps when it's for some purely technical role, e.g. FCC chief
[Meme] Apple Freedom
Freedom is... the ability to purchase as many 'i' things as you want
Apple's MacOS Shows Us the Vision of Computing That GAFAM Has for Us (Digital Prisons)
Freedom means "we the people" should be in control, not people being controlled by corporations (contemporary slaveowners)
"Active" as in One URL, One Emoji, and 4 Words in One Week
Diversity community in Fedora
Apple Vision Pro Has Failed, Just Like "Metaverse"
Vision Pro lacks software
Things That Can Improve Election Integrity
the first two relate to "tech"
Rigging Elections is Difficult, Cheating a Little is Not
Avoid social control media, it is the biggest rigger of all
"People who live in glass houses shouldn't throw stones"
On throwing stones in a glass house
Our Stance on Electronic (or Digital) Voting Machines
The simple activity of voting and counting ballots does not require thousands of complex machines with hundreds of millions of transistors and hundreds of millions of lines of code
Microsoft and "Retrospective Re-writing of History..."
in YouTube anyone can make stuff up (as one goes along)
This Coming Week
Go exercise your right to vote
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 03, 2024
IRC logs for Sunday, November 03, 2024
Reddit is (Still) Lying and Faking
Don't fall for this phony idea that the above sites are grassroots or edgy; they're not
GNU/Linux Users Are Not Cheaters
The bottom line is, most cheaters use Windows
Links 04/11/2024: FCC, Broadband Industry Spar Over Net Neutrality; Software Patent Squashed
Links for the day
Gemini Links 03/11/2024: Official MyGemini.Space Announcement
Links for the day