Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

We Are Morons: a quick look at the Win2k source

By Selznak in Technology
Mon Feb 16, 2004 at 07:38:15 AM EST
Tags: Software (all tags)

A quick, superficial look at the style and content of the leaked Windows 2000 source. I quote from the comments but not the code, so this should be safe for developers to read.

Several days ago, two files containing Microsoft source code began circulating on the Internet. One contains a majority of the NT4 source code: this is not discussed here. The other contains a fraction of the Windows 2000 source code, reportedly about 15% of the total. This includes some networking code including winsock and inet; as well as some shell code. Some other familiar items include the event log, and some of the default screensavers.

The timestamps on the files generally say 25 July 2000. The source is contained in a Zip file of size 213,748,207 bytes, named windows_2000_source_code.zip, which has been widely circulated on P2P networks. Some dummy files of similar size, containing just strings of zeroes, have also circulated.

There has been some speculation that while the bulk of the source is genuine, some of the comments have been tampered with to embarrass Microsoft. This is difficult to disprove, but I find it implausible. The embarrassing comments occur on thousands of lines, in realistic places. Furthermore, if someone had done that, it would have been easy to make the comments far more incriminating.

In the struggle to meet deadlines, I think pretty much all programmers have put in comments they might later regret, including swearwords and acerbic comments about other code or requirements. Also, any conscientious coder will put in prominent comments warning others about the trickier parts of the code. Comments like "UGLY TERRIBLE HACK" tend to indicate good code rather than bad: in bad code ugly terrible hacks are considered par for the course. It would therefore be both hypocritical and meaningless to go through the comments looking for embarrassments. But also fun, so let's go.

Curse words: there are a dozen or so "fucks" and "shits", and hundreds of "craps". Some dissatisfaction with the compiler is expressed in private\shell\shell32\util.cpp:

// the fucking alpha cpp compiler seems to fuck up the goddam type "LPITEMIDLIST", so to work
// around the fucking peice of shit compiler we pass the last param as an void *instead of a LPITEMIDLIST
Some insight into Microsoft's famous daily build process is given in private\windows\media\avi\verinfo.16\verinfo.h:
 *       !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 *       !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 *       !!!!!!!!!!!!!!DOING SO FUCKS THE BUILD PROCESS!!!!!!!!!!!!!!!!
 *       !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 *       !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
There are also various references to idiots and morons, some external, some within Microsoft. The file private\ntos\rtl\heap.c, which dates from 1989, tells us
// The specific idiot in this case is Office95, which likes
// to free a random pointer when you start Word95 from a desktop
// shortcut.
The file private\ntos\w32\ntuser\kernel\swp.c from 11-Jul-1991 points at
* for idiots like MS-Access 2.0 who SetWindowPos( SWP_BOZO
* and blow away themselves on the shell, then lets
* just ignore their plea to be removed from the tray
Morons also abound, as in this selection
// we are such morons. Wiz97 underwent a redesign between IE4 and IE5

We have to do this only because Exchange is a moron.

// We are morons. We changed the IDeskTray interface between IE4

// should be fixed in the apps themselves. Morons!

Microsoft programmers also take their duty to warn others seriously. There are over 4,000 references to "hacks", mostly warnings. These include
// HACK! HACK! HACK! (MohanB) In order to fix #64710 at this very late


// <HACK>
goto EndHack;
// </HACK>

// God, I hate this hack ...

// Dumb hack for back compat. *sigh*

// ACHTUNG!!! this is a special hack for IBM antivirus software

// HACK ALERT, believe it or not there is no way to get the height of the current

// Add the hack-o-ramma to fix formats.

// Mondo hackitude-o-rama.

// HUGE, HUGE hack-o-rama to get NTSD started on this process!



* The magnitude of this hack compares favorably with that of the national debt.

While surprisingly informal, there are limits to how far the programmers go. There are no derogatory references to Microsoft or Windows themselves. Bill Gates is never mentioned. There are no racist or homophobic slurs. I saw only one drug reference.
* CallProc32W is insane. It's a variadic function that uses
* the pascal calling convention. (It probably makes more sense
* when you're stoned.)
Despite the above, the quality of the code is generally excellent. Modules are small, and procedures generally fit on a single screen. The commenting is very detailed about intentions, but doesn't fall into "add one to i" redundancy.

There is some variety in the commenting style. Sometimes blocks use a // at every line, sometimes the /* */ style. In some modules functions have a history, some do not. Some functions describe their variables in a comment block, some don't. Microsoft appears not to have fallen into the trap of enforcing over-rigid standards or universal use of over-complicated automatic tools. They seem to trust their developers to comment well, and they do.

However, not everything is so rosy. Some of the modules are clearly suffering from the hacks upon hacks mentioned earlier. As someone who struggled immensely trying to get the MSInet control working not long after this code was released, it's a relief to see that the inet code is as bad as I thought.

From the comments, it also appears that most of the uglier hacks are due to compatibility issues: either backward-compatibility, hardware compatibility or issues caused by particular software. Microsoft's vast compatibility strengths have clearly come at a cost, both in developer-sweat and the elegance (and hence stability and maintainability) of the code.

Open Source
It's been widely rumored for a while that Microsoft relies on stolen open source code. The rumor has faced widespread skepticism too. Microsoft has hundreds of millions of lines of code, most of it highly specialized. Hardly any of that could benefit from stealing: it hardly seems worth the legal risk. It's true that early versions of the TCP-IP stack were (legally) taken from BSD: but that was a long time ago, when Microsoft was much smaller.

Searching the code for "linux" and "GPL" finds no references. "BSD" finds only a couple of references to BSD-convention strings. "GNU" finds a lot of references to a GNUmakefile in private\genx\shell, which in turn mentions a "mode for Emacs." This is apparently legitimate: simply using a makefile does not apply the makefile's copyright to the resulting code.

Therefore, a superficial look at the code finds no evidence that Microsoft has violated the GPL or stolen other open source code. Closer examination might turn something up.

It's noticeable that a lot of the "hacks" refer to individual applications. In some cases they are non-Microsoft, such as this case: a Borland compiler came to depend on an existing bug, so their fix worked to preserve some of the bug's behaviour. But just as often these application-specific fixes are for Microsoft's own apps. There seems to be an informal hierarchy when it comes these: Microsoft apps take precedence, then major software companies like IBM and Borland.

It's also interesting to finally see references to the notorious undocumented features, which Microsoft application developers have long been known to use.

// These undocumented messages are used by Excel 5.0

// InquireVisRgn is an undocumented Win 3.1 API. This code has been
// suggested by ChuckWh. If this does not fix the s 2.0
// problem, then ChuckWh would be providing us with an private entry
// point.

* This thunk implements the undocumented Win3.0 and Win3.1 API
* GetCurLogFont (GDI.411). Symantec QA4.0 uses it.
* To implement this undocumented API we will use the NT undocumented API

In some cases, the programmers themselves appear to have been frustrated or surprised.
// Set the GlobalPopupMenu variable so that EndMenu works for popupmenus so
// that WinWart II people can continue to abuse undocumented functions.

// Guess what? Latent background color is always adopted for mosaics.
// This is a major undocumented find...

// Ah, the life of the undocumented. The documentation says
// that this guys does not validate, colors, act as a delimiter
// and fills with spaces. Wrong. It does validate the color.
// As such its a delimiter. If...

The security risks from this code appear to be low. Microsoft do appear to be checking for buffer overruns in the obvious places. The amount of networking code here is small enough for Microsoft to easily check for any vulnerabilities that might be revealed: it's the big applications that pose more of a risk. This code is also nearly four years old: any obvious problems should be patched by now.

Microsoft's fears that this code will be pirated by its competitors also seem largely unfounded. With application code this would be a risk, but it's hard to see Microsoft's operating system competitors taking advantage of it. Neither Apple nor Linux are in a much of position to steal code and get away with it, even if it was useful to them.

In short, there is nothing really surprising in this leak. Microsoft does not steal open-source code. Their older code is flaky, their modern code excellent. Their programmers are skilled and enthusiastic. Problems are generally due to a trade-off of current quality against vast hardware, software and backward compatibility.


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


Quality of the Win2k source?
o Excellent 16%
o Very good 12%
o Good 18%
o Average 33%
o Poor 8%
o Very poor 2%
o Terrible 8%

Votes: 48
Results | Other Polls

Related Links
o this case
o Also by Selznak

Display: Sort:
We Are Morons: a quick look at the Win2k source | 180 comments (142 topical, 38 editorial, 4 hidden)
Code and copyright (2.14 / 7) (#5)
by marx on Sun Feb 15, 2004 at 07:31:45 AM EST

This is apparently legitimate: I'm told a makefile does not count as code.
I don't see why this is relevant. A book does not count as code, therefore I can copy it and distribute it?

Generally, I think the whole discussion about copyright and software has degenrated into theology. People are just making things up and are not using common sense.

Join me in the War on Torture: help eradicate torture from the world by holding torturers accountable.

And what have we learned from all of this? (2.50 / 16) (#7)
by BadDoggie on Sun Feb 15, 2004 at 08:00:36 AM EST

Microsoft programmers are no better or worse than most other programmers out there. They're not evil incarnate; they're not C gods. They're people working on massive projects and hacking together fixes for the unexpected, and the IBM anti-virus one is a good example.

As in all projects, other departments' code is even worse than your department's. Always. The OS group's objective is to make the platform run and stay afloat. The Office group's objectives are certain interactivities that clash with the OS's work, so they hack. That breaks something and the fight between the technical leads is on, determining who has to hack what to make it all work together.

The only thing that open source has over this is that there are more eyes to see it and more ideas to fix it. Of course, that's the whole point of open source, isn't it?


"Eppur si muove." -- Galileo Galilei
"Nevertheless, it moves."

Backwards Compatibility (2.80 / 15) (#20)
by Bad Harmony on Sun Feb 15, 2004 at 10:56:42 AM EST

When Windows 95 came out, I read comments from some of Microsoft's programmers about all of the ugly hacks that had to be added to Windows 95 so that older applications would still run. Many of these problems were severe bugs in the applications that had never been detected and fixed. They went unnoticed because they didn't damage anything critical in Windows 3.1. Rather than tell the vendors to fix the bugs in their applications, and the users to install a patch, Microsoft hacked up the operating system. I wonder how much of that junk has survived into current versions of their operating systems.

With UNIX, when some systems were patched to make page 0 read-only or inaccessible, many C programs with sloppy handling of NULL pointers had to be fixed.

54º40' or Fight!

Uh (1.05 / 20) (#35)
by Worker Bee on Sun Feb 15, 2004 at 03:46:23 PM EST

Where's the C# shit?


Incredible Disappearing Chinese Wall (2.90 / 33) (#36)
by localroger on Sun Feb 15, 2004 at 03:51:15 PM EST

Remember back when DOJ were accusing Microsoft of having an unfair competitive advantage and Microsoft swore upon a stack of Bibles and corporate forms that there was a "Chinese wall" between the applications developers (Office) and the OS developers (Windows)?

Well from all the comments about putting hacks in Windows to fix Office apps, it would appear that they were lying. Not that anybody who knows how software is written ever thought otherwise, but this makes it about as plain as it could be that the Office and OS guys work together to achieve their famous smoothness of operation -- an advantage writers of other office suites clearly don't have.

No wonder they're so upset about this going public. If we had a real attorney general instead of a fascist corporate toady they'd probably be back in court already over it.

What will people of the future think of us? Will they say, as Roger Williams said of some of the Massachusetts Indians, that we were wolves with the min

"Steal"? (2.60 / 15) (#56)
by Fen on Sun Feb 15, 2004 at 11:19:29 PM EST

It's not stealing if the original remains. It's copying, perhaps unauthorized copying.
+1, Rusty deserves the impending lawsuit. (1.92 / 13) (#62)
by For Whom The Bells Troll on Mon Feb 16, 2004 at 04:00:14 AM EST

Or more precisely, K5 deserves the flamewar between the aye and nay-sayers when he gets the takedown notice from MS' lawyer vultures and asks the community for its views on it.

We live in interesting times, ladies and gentlemen, not because we can glimpse into what the builders of one of the largest engineering projects ever were thinking when they built it, but because we might be in legal soup for doing so.

The Big F Word.

Strange (2.75 / 4) (#68)
by anonimouse on Mon Feb 16, 2004 at 06:27:08 AM EST

What I don't get is that a lot of hacks are for compatibility with bugs in Microsofts own older products. Would it not have been easier to release patches for $OLDPRODUCT to fix the problem?

Also whilst it is nice for them to be solving Borlands problems, if their product had a genuine bug, then Microsoft would have been well within their rights to say "it's for Borland to fix".
Relationships and friendships are complex beasts. There's nothing wrong with doing things a little differently.

This is all well and fine, yes, (1.36 / 11) (#72)
by STFUYHBT on Mon Feb 16, 2004 at 09:09:04 AM EST

But this article does not address the fact that Microsoft leaked its own source code.

Wait, scratch that.

"Of all the myriad forms of life here, the 'troll-diagnostic' is surely the lowest, yes?" -medham

Tainted developers (2.92 / 14) (#73)
by borderline on Mon Feb 16, 2004 at 09:29:27 AM EST

I see quite a few people claiming that developers must not so much as glance at the leaked code, to avoid accusations of copyright violations later on. Can it really be that bad? I mean, nobody refrains from reading novels because they plan to write one of their own some day. Is code given speacial treatment by copyright law? Otherwise I can't see any risk in reading the leaked code.

Documented hacks (2.80 / 10) (#74)
by WWWWolf on Mon Feb 16, 2004 at 09:37:56 AM EST

At heast they bothered to mark the Ugly Hacks as ugly hacks.

Could be worse - buggy or ugly code that is no way documented, or, even worse, several pages of garbage with comment "look at this, this is beautiful". =)

-- Weyfour WWWWolf, a lupine technomancer from the cold north...

undocumented API calls (3.00 / 5) (#76)
by cobra libre on Mon Feb 16, 2004 at 09:48:08 AM EST

In some cases, the programmers themselves appear to have been frustrated or surprised.

Not that it's altogether surprising that some developers at MS are going to be unaware of undocumented API calls -- it's a huge organization, after all -- but note that two of the examples there are from the Hyperterminal source, which I don't think originated from Microsoft. In fact, its About dialog mentions that portions of the code are licensed from a company called Hilgraeve.

Assrape reference? (1.53 / 13) (#82)
by BlowCat on Mon Feb 16, 2004 at 10:20:22 AM EST

// InquireVisRgn is an undocumented Win 3.1 API. This code has been
// suggested by ChuckWh. If this does not fix the s 2.0
// problem, then ChuckWh would be providing us with an private entry
// point.
Am I the only one who thought that ChuckWh will be providing his colleagues with a private entry point between his buttocks if the fix doesn't work?

-1. too MSian. (1.14 / 14) (#83)
by dimaq on Mon Feb 16, 2004 at 10:50:03 AM EST

don't you think?

Usage of open source and BSD code (2.90 / 11) (#98)
by trident on Mon Feb 16, 2004 at 02:46:40 PM EST

The article states that the author could not find traces of "BSD" code in the Windows 2000 source code that he had access to. This cursory glance does not find any evidence that Microsoft has "stolen" any open source code. While it obviously is something wrong with this terminology (you do not "steal" source code, and BSD-licensed code is intended to be used without particularly many restrictions), there is no doubt that Microsoft is using BSD licensed code in their Microsoft Windows product. And that I can say without having come anyway near the Windows source code.

So how can I be so sure about that Microsoft is using BSD licensed code? Well, the BSD license(s) require that the copyright holder is credited in documentation provided with binary distributions of the code. In their release notes for their Windows XP operating system, Microsoft credits a bunch of well-known copyright holders of open source products. It contains credits not only to the University of California at Berkeley, but also companies such as Hewlett-Packard and to individuals such as Luigi Rizzo and Phil Karn.

The conclusions are that there is no doubt that Microsoft are using open source in their products, that they are not afraid to show it, and that they are playing by the rules by crediting the copyright holders.

open source (none / 2) (#99)
by grant7 on Mon Feb 16, 2004 at 03:54:17 PM EST

vast subsystems of Windows like protocols, formats, conventions and approaches are based on "open source" prior art

perhaps the GPL is a response to this, in that it disallows use by proprietary projects which do not participate in the "works licensed to everyone" system (economics of plenty: favors cooperation & collaboration) but maintain their silly false hegemony (economics of scarcity: favors competition)

probably most of the historical instances predate this code... DCE threads, disk/network, compilers/interpreters, memory/resource management, drivers, etc. sharing is part of what software, and therefore computing, IS... the actual definition - you can't remove sharing, standing on the shoulders of giants, the collective consciousness.

but there's no way that this can be called stealing in a traditional sense, just non-participatory piracy (if they weren't pirates, they wouldn't be going around calling others pirates) by overtly hierarchical hostile tribes

we don't whine about this, we just change our approach to produce the desired results... and all those open source licenses (BSD, MIT/X, artistic, LGPL) simply provide a bridge to free software

Quality of code/first exploit (2.75 / 8) (#100)
by jobi on Mon Feb 16, 2004 at 04:26:36 PM EST

Despite the above, the quality of the code is generally excellent.

Well, maybe generally speaking. In instances, though, the programming is just sloppy.

The first exploit based on the code is in the wild now, and it is a simple signed/unsigned coding mistake that will generate a buffer overflow in Internet Explorer 5.0 just by it displaying a bitmap image.

"[Y]ou can lecture me on bad language when you learn to use a fucking apostrophe."
How to kill explorer (1.71 / 7) (#106)
by smallstepforman on Mon Feb 16, 2004 at 05:41:24 PM EST

<from another web forum>

Access Start->Shutdown, then while holding CTRL-ALT-SHIFT, left click on CANCEL.  This will kill Windows Explorer, leaving a system where you can only access the last application you used.  Great for Internet Caffee's and libraries, since you cannot access the TaskBar, StartMenu, Desktop or anything else.  Reminds me of BeOS without Tracker/Deskbar.

Unless you have a terminal open (or a scheduled wake up task), you wont be able to restart explorer, hence you'll be forced to reboot afterwards.  But that doesn't stop 50% of windows geeks from trying...

Hacks abound (1.12 / 8) (#115)
by CoolSpot on Mon Feb 16, 2004 at 07:31:58 PM EST

Its pretty funny that with all these references to hacks, that Windows still works better than Linux.

Windows NT 4 codebase is more complete + GAMES! (1.75 / 4) (#119)
by nickb on Mon Feb 16, 2004 at 08:52:58 PM EST

NOTE: I do not have the source, I have not even looked at at the single line of the codebase and don't intend to!

I've heard on IRC that NT4 codebase that was leaked is a lot more complete than 2K one.

Also, people are saying that NT4 codebase has a lot of UNRELEASED MS games. Some new (or is it old?) card games, tic-tac-toe and even Golf games!

Anyone know for sure of have screenshot of these games?

Hey, isn't the undocumented stuff illegal? (none / 3) (#122)
by mveloso on Mon Feb 16, 2004 at 11:35:53 PM EST

Wasn't the use of undocumented features of windows part of the anti-trust case? And hey, now there's evidence (that you can read) that Microsoft was hacking their OS for their apps. Of course, MS was also hacking its OS for other people's apps too.

So - all those people that said that MS wasn't taking advantage of their position as an OS/app provider - you're wrong. Doh!

You guys are missing the Point! (1.88 / 9) (#127)
by RMac on Tue Feb 17, 2004 at 05:27:33 AM EST

Sure, it's fun to peek inside the brains of the guys who wrote this monster, BUT... Gee, hasn't anyone noticed that: 1. Microsoft is making a LOT of fuss over code which has been privately circulated for years... 2. This ruckus is about a M$ product which has been replaced by a newer one... 3. M$ has never been able to convince a sh*tload of corporate PeeCee owners to upgrade to Windoze XP... 4. The obvious method of circumventing this Terrible Threat is to buy a newer operating system from M$?

Corporate crapcode (none / 1) (#136)
by A55M0NKEY on Tue Feb 17, 2004 at 03:21:09 PM EST

Notice how MS's flagship products have the mojo to force their OS team to crap up their code with ugly hacks. Problems with the apps get fixed in the OS instead of in the app as they are supposed to be. This would never happen with an open source OS like linux. Why? First, anyone with a crappy app can use the source and make their own hacked up version of the OS, and secondly, the rest of the world would remove any dirty hacks meant to cover the arse of a badly behaved app that they don't use and redistribute. The flawed app would either get it's act together and be fixed or people would use something else.

People are all worried about Microsoft having stolen GNU code. This is not nearly as worrying as the prospect of Microsoft, in subsequent years claiming that this leaked code has somehow been stolen and incorporated into GNU software. Think MS acting like SCO.

tabs to spaces (none / 0) (#138)
by nixmose on Tue Feb 17, 2004 at 05:35:28 PM EST

I find it more curious that somebody makes a comment about tabs to spaces messing up the build. I'd be a lot more pissed about how it messes up the source code control system. Maybe I presume too much. Do you think they use source code control?

Copyright versus trade secret (none / 1) (#150)
by swr on Wed Feb 18, 2004 at 02:41:07 PM EST

One thing I don't understand is, why is it assumed that the source code is copyrighted?

Don't you have to publish something for it to be copyrighted? As I understand it, that is a requirement, the idea being that once the copyright expires[*] the works become public domain, which to be at all useful the works need to be publicly available. To that end, it used to be necessary to file works with the copyright office, though that is no longer a requirement. But the principle still holds, doesn't it?

I'm no IP lawyer, but... shouldn't this source code fall under trade secret law instead of copyright law?

[*] Yes I know copyright doesn't expire anymore due to lawmakers repeatedly extending copyrights at the behest of the big media cartels.

Many choices (3.00 / 2) (#163)
by galway on Thu Feb 19, 2004 at 05:53:07 PM EST

Actually different groups use different source control programs. There are probably 20 different source control programs in use at Microsoft both built in house and commercial.

The code is always fingerprinted - think about it (none / 0) (#171)
by startxxx on Mon Feb 23, 2004 at 06:06:30 AM EST

Microsoft focuses their investigation arround an Israeli partner firm - Mainsoft, one of the 15 in Israel that has access to the sources of windows. MS says the code given to each firm is fingerprinted, hence (i guess) the white spaces thingy and all those funny comments. B.t.w, Does someone know what are those 750mb-1gb zip files of windows sources in eMule?
I try to correct myself because I always wildly exaggerate, well, I sometimes exaggerate a bit..
may be good (none / 0) (#178)
by keleyu on Mon Mar 21, 2005 at 02:40:05 AM EST

lyrics lyrics

We Are Morons: a quick look at the Win2k source | 180 comments (142 topical, 38 editorial, 4 hidden)
Display: Sort:


All trademarks and copyrights on this page are owned by their respective companies. The Rest © 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!