Linux Today: Linux News On Internet Time.

A Microsoft Windows Code Infection: How Likely Is It?

Oct 31, 2000, 10:55 (17 Talkback[s])
(Other stories by Paul Ferris)

By Paul Ferris, LinuxToday

What if?

Face it, few open source projects would really benefit from stolen Microsoft code. Most open source or free software projects are, in fact, based upon POSIX or other UNIX-like APIs, and it would be fairly pointless.

Only a couple of projects really come to mind: office products needing access to proprietary file formats (like Word and Excel documents), Windows API execution projects like WINE, and file sharing projects like Samba, for instance.

Could it really happen? What would be the impact if it did? I'd hate to speculate as to what the repercussions would be if copyrighted Windows code was found in a GPL'd open source project. It would be a bad thing all around, because the bearer of the license would have to remove the offending code. Possibly they might also suffer tangential side effects attempting to implement the features on which the code snippet was based.

But is it a likely scenario? I had to get a good idea, so I contacted Jeremy Allison of VA Linux. Allison is one of the lead developers on the Samba team, and he took time out of a busy day preparing for a tutorial on porting NT server applications to Linux at the SD/2000 developer conference.

"That couldn't happen. The internal infrastructure of our code is completely different from theirs," he explained. He also said the code would be fairly useless anyway, as Samba does things differently from Microsoft's server code.

Would anything from the Microsoft code base be useful at all? I had to ask this as well. Allison was pretty frank:

"Probably the one or two pieces that would actually help would be some of the header files. These would provide things we actually need, knowledge of bits on the wire."

He's referring to the undocumented SMB (Server Message Block -- the protocol Windows clients use by default when connecting to a server) protocol extensions Microsoft has been creating with practically every new version of their software for the past few years. But even this, Allison explains, would be easy to spot coming from some unknown source:

"It would be obvious. Win32 code is obvious. You can't mistake it when you see it. The notation is instantly recognizable. For one thing, Microsoft programmers have to go through massive work to make sure it's thread-safe. This isn't a problem with the Samba team faces -- this condition only exists on NT."

It's things like this that make you realize we're on pretty solid ground. Linux doesn't just provide a different way of designing and implementing software solutions -- it provides a cleaner way as well. The times I've found someone who has coded on both sides of the fence have pretty much vindicated this point of view. Microsoft's coding tools produce ugly code, with work-arounds for bad system design lurking under the hood and fingerprints to go with them.

While we may not be totally safe from a code infection, the reassuring facts are it won't happen by accident. The word is already out not to use any of the code, but should someone decide to do the dirty deed, it's not going to be easily committed.

Paul Ferris is the Director of Technology for the Linux and Open Source Channel at internet.com, and has been covering Linux and Open Source news for over 2 years. He is an editor for Linux Today and a contributing author on other channel sites. He has used Samba for years in a past life, and found it to be a wonderful piece of software.