It will make it marginally easier to find security holes, but so many are being found already without source access that I'm not sure it will be that big of a deal. It might also give virus/trojan writers ideas for making their products nastier, but once again, things are already quite nasty, as a quick check of your inbox during one of the last outbreaks would have shown.

This is Microsoft spin. They are worried that we will soon be seeing Nicrosoft Twindows, a knock off Korean PC OS that can do all that windows can for less. There is an effort to do this with Lindows, a Linux based windows knockoff, but that can only emulate functionallity. Twindows could give you the same Blue Screen of Death that Windows technology is so good at producing ;)

It's not that there aren't enough to keep the code kiddies and hack babies happy already.

The biggest impact is the imminent proliferation of open source OS's almost identical to Windoze.

It means Microsoft dropped the ball, and someone nicked a few prototype pies off the windowsill, that's all. The 'hacker' (actually, 'cracker') and virus angles were just added to 'sex up' the story. Don't expect reporters who report on computers to be any better read on their subject matter than the reporters that report on the military.

It's of minor significance. There's nothing truly groundbreaking in Win 2000 (far from it - if someone had thieved Apple's Quartz rendering engine, for example, that would be far more serious). A really high proportion of Microsoft's source code already circulates within the developer environment. There is, I suppose, a possibility of hitherto unknown security holes coming to light, but Windows already offers such an embarras de richesses that this is not a real problem.

I think the only real fallout is if some knowledgable software engineers get a look at the code and see how fantastically incompetent a lot of Microsoft's programmers are. MS has long been a watchword for sloppy coding - a while back I read of an effort to strip dead code of of IE, which turned a multi-megabyte executable into am 80K one. There's even a rumour that MS likes its code monkeys to be neophytes - they get more sucked into corporate culture that way and are easier to manage than the Big Swinging Dicks you get at places like Apple or Sun.

Not a big deal. Most all of Microsoft's products contain so many exploits, the worm kiddies haven't even begun to screw with them all.

The ones that are exceptionally nasty are those that can wander through firewalls and attack services that are routinely left open, such as http and smtp. If they got the IIS or exchange source code, well, suffice it to say I wouldn't want to be running a MS server for the next year or two.

Granted, I wouldn't want to in general, but still.

Those expounding upon the ramifications of this are blowing smoke until they know which branches of the source were leaked. I'm sure the source to notepad won't suprise anyone, or at least anyone who can use Spy++.

I guess I'm a real live security guru -- twenty odd publications, wrote a couple of books for the Navy and DoD and DARPA on the topic -- and I mostly agree with the others; the code itself is no big thing except for the embarrassment factor of people seeing what crap MS gets away with selling. The truth is that Windows is 20 to 30 times bigger than operating systems that do similar things or more -- for example OS/400, which does everything Windows does and has a virtual machine layer. And the rumor about MS coders is no rumor -- I watched them do it with people out of my undergrad classes when I was still an academic. (One of them ended up marrying Bill Gates, so it's not like there was no career path available.)

The story right now is that it was disclosed by someone throwing away a system at MainSoft, a Microsoft partner. The most amusing thing is that it was a Linux system, so apparently even MS partners don't like actually using the damn thing.

Companies haven't been upgrading to XP as fast as Microsoft would like...

Maybe they leaked it themselves, to scare customers into upgrading from NT and 2000 to "more secure" XP?

With all due respect to Venomous Kate, serious Open Source programmers are gonna stay away from this like the freakin' plague. The conspiracy minded think Microsoft did it on purpose to pull an SCO on OS developers.

(Basically, if you see the source code, if Microsoft finds similar code in any project you work on in the future, it'll mean a lawsuit. Whether or not they'd win is another matter, but if you looked at it you'd open yourself and your project to a liability.)

Really the only people who would work on a Windows clone from this source would be amateurs and script kiddies, people much more likely to be searching for exploits. (Would you download some version of Windows that some kid has screwed around with? If you're willing to do that, why not just download a copy of the real thing?)

Reports are that the version out there of W2K is the original release code. There's been three service packs and many other security fixes released for that -- so holes in that code may have already been patched.

As Charlie mentioned -- the chief embarrasment may be in seeing their bad coding practices come to life.

The source code leak is mostly useful to the envious and the maladapted "experts" who now get to bash MS. Windows security is no worse (and no better) than Linux, Unix or OS/400. All have vulnerabilities but, due to the parasitic and envious nature of the script kiddies and other assorted hackers who hate MS, Windows is by far the most heavily targeted.

Charlie, in particular, may know security but his statement that OS/400 "does everything that Windows does" shows that he hasn't a clue regarding software development. Windows runs on literally thousands of distinct hardware configurations. OS/400 runs on, what, 10 or 20 tightly constrained implementations?

Support for high-powered games with photo-realism? Support for multimedia? Support for hundreds of thousands of applications? Windows, yes. OS/400, No. Except for some multimedia, the same is true for *nix.

So, go ahead, flame away and keep on pretending that "any day now" the whole rest of the world will see your transcendent wisdom and abandon Windows in favor of Linux/Apple.

Before you take "photo-realism" out of context - yes, I know that *nix is often used for photorealistic graphics work. Indeed, I've done exactly this kind of graphics work on Unix myself...