Windows XP source code is leaked across the internet

The internet is much like a museum—and source codes are like artifacts.

By Leah Alsept (@leah_0913)

Windows XP may not be an operating system (OS) that’s on many people’s minds with the retirement of the OS by Microsoft in 2014.

The 19-year-old OS has made a return to the news cycle in recent weeks because of news that’s much like unearthing a fossil—the source code has been leaked across the internet.

The leak was allegedly started on 4Chan, a notorious variety forum whose technology section is labeled as “/g/”. There is yet no clear person who uploaded the Windows XP source code.

Microsoft launched its Government Security Program in 2003 which “provides participants with the confidential security information and resources they need to trust Microsoft’s products and services,” as stated on their webpage. The GSP offers Transparency Source Offering, Information Sharing and Exchange Offering, Technical Data Offering, and Online Source Code Offering. Participants much be a “legal entity of a national government or recognized international organization” to participate in this program.

Online Source Code Offering “enables access to product source code such as Windows, Office, SharePoint Server, and Exchange Server.”

One YouTuber under the name “NTDEV” downloaded the XP source code, getting it working to the point of publishing a video on YouTube. This video has been copyright claimed by Microsoft Corporation when visiting the YouTube link NTDEV posted to his Twitter.

NTDEV also claimed the XP source code “might not be as complete as we previously thought, as it doesn’t compile a critical file, winlogon.exe,” which, according to Editor-in-Chief of HowToGeek Chris Hoffman, is critical to logging in your user profile into the Windows system, and Windows would be unusable without it.

Dr. Dennis Acuña, Adjunct Professor of Computer Science at UF, says that when source code is leaked, it’s more susceptible to “bad actors,” which are defined in computer science lingo as hackers or people wanting to do harm to a computer system, sending malware or ransomware to the machines running it. Windows XP becomes more vulnerable to attacks with the source code available for anyone to view it, he said.

Dr. Helen Schneider, Associate Professor and Co-Chair of the Computer Science Department and at the University of Findlay believes it is morally unethical for the source code to be leaked online.

“The idea is—if I’m putting out that operating system code, I’m also giving you a peek into the way Windows machines tend to operate,” she said.

“You still build certain things the same fundamental ways,” Schneider said. “An operating system still has to do all the file management, it still has to be able to run programs, it has to be able to swap between different processes that are running at the same time. So, some of those things in the background are probably similar.”

Acuña used an example of a small business owner with an XP machine. “Like any business, you’re gonna have limited resources here, you’re not gonna spend all your money on technology and so if you had a machine that you had for years running XP and it worked fine,” he said. “The danger would be if you actually had that XP machine connected to your wireless network at home or somehow connected to the internet, then there’s a possibility they [bad actors] could attack it and steal your customer base.”

“You can bet there’s probably little bits of it [XP source code] somewhere that is still done basically the same,” Schneider said.

The internet is a museum, collecting and storing data on its servers, much like a museum collects and stores artifacts on its shelves. It may not be known—at least soon—whoever released the Windows XP source code, but with the unpredictability of the world wide web, we can be sure that truth is stranger than fiction.


Leave a Reply

Your email address will not be published. Required fields are marked *