[driverdan]

Looks like there's some debate as to whether or not this has been exaggerated: https://www.betaarchive.com/forum/viewtopic.php?t=37282

So far I haven't seen any links to source code.

Quote from one of the admins:

> Yes I have no idea where they got the 32TB stuff. We had a big leak of Win10 builds yes, but these were all Windows Insider stuff that were collected over time available to all Windows Insider members at one time or another.

Edit: BA's official statement: https://www.betaarchive.com/forum/viewtopic.php?f=1&t=37283

[diodesign]

Hiya - I wrote the article. What's happened is that the Beta Archive folks have now deleted (or in the process of deleting) the private material that was uploaded to the BA FTP. There most definitely was non-officially-released internal Microsoft files in the archive, regardless of BA's intentions, such as the Shared Source Kit, the ARM64 Windows Server build, the Mobile Adaption Kit, and various prerelease versions of Windows.

We've updated the story to explain why things aren't what they seem. Essentially, the files at the heart of the matter were there (we screenshotted them and saved copies of the forum posts) at time of writing, and they were removed later on Friday.

In terms of the 32TB: that's the full decompressed dump of Windows files uploaded to BA. From what I understand, Microsoft hasn't released 32TB of public Insider material, so obviously there's extra sauce in the mix.

That includes, yes, copies of officially released Insider builds plus confidential private stuff that should never have left Microsoft, let alone turned up in BA. We make this clear in the story - I'm starting to feel the headline could have been better to make this clearer rather than grabbing the biggest figure. I am beginning to regret this.

BA can twist and complain all it likes - but stuff that was confidential within Microsoft ended up in their FTP archive (and some is still in there, such as the ARM64 stuff). The next stage of this story will be to uncover how exactly did this material escape Redmond.

C.

[withinrafael]

All the old builds of Windows 10 listed were presumably grabbed via public Unified Update Platform (UUP) infrastructure or the Ecosystem Engagement Access Program (EEAP), but I haven't confirmed yet. It's common knowledge in the Windows enthusiast community that builds (yes, even arm64 desktop Insider builds) can be pulled from Microsoft via these channels. It's not confidential, and not useful to share with anyone other than a build vault like Beta Archive.

Debugging symbols for most of those builds are available on symsrv.

The Windows Mobile Adaption kit (like the OEM Preinstallation Kits, OEM Adaptation Kits) is shared with a similarly sized audience, which used to include self-attested Microsoft Partners. Again, not confidential. Just gated stuff.

The Shared Source stuff is a slight unknown here because it's not clear what was in the ZIP. I presume this was a sampling of materials shared via the Shared Source Initiative (https://www.microsoft.com/en-us/sharedsource/), none of which includes high-value intellectual property, cryptographic code, third-party code, etc. It could still be damaging but Microsoft has clearly calculated the risk here; this stuff is shared with mere community MVPs.

So with all this knowledge, it's hard to digest the "omg more exploits coming" and "Microsoft lost 32TB of private IP" angles in The Register write up. I don't think there's a story here, frankly.

[ryanlol]

Clarify the 32TB and 8TB figures please. People with access to the archive who successfully downloaded the confidential stuff did not get nearly that much.

Do you consider windows installation images to be "compressed files" in this context?

[withinrafael]

Looks like the 32TB size reported is the total size of all the various Windows installation images, prior to de-dupe. 8TB after de-dupe. Not a very useful figure, however.

https://www.betaarchive.com/forum/viewtopic.php?p=420025#p42...

[diodesign]

Compressed, it is ~8TB. Fully expanded it is ~32TB. I think the bigger issue is not the final size, but that internal Microsoft material - particularly source code - has escaped into public FTP. That, to me, is the main thing, right?

C.

[kabdib]

Windows sources have escaped before. I doubt that Windows is buildable outside of Microsoft (and the bits are definitely not signable, since you need access to a key vault for that).

Useful for research, and finding security issues. Not much else.

[KekDemaga]

Might be helpful to the reactos and wine folks if unofficially.

[supergreg]

Actually the opposite. They can't work in the project of they've seen the actual MS code even if they write their own code.

[ryanlol]

>Compressed, it is ~8TB.

But what data does this 8TB refer to specifically? Is this the source + all the windows builds from a plethora of sources? Did you download 8TB of data from BA and expand it to 32TB or was this a figure provided to you by one of the raided hackers or their associates?

>think the bigger issue is not the final size, but that internal Microsoft material - particularly source code - has escaped into public FTP

Happens regularly, although usually it's MS employees leaving stuff in public FTPs or inside released ISOs, updates, whatever. redmond\ domain is huge and the (accidental or not) leaks never stop.

[withinrafael]

It's ~8TBs of deduplicated Windows installation media. The Shared Source Initiative material only amounts to ~1.2 GB, if that.

[my123]

It's 32TB of deduplicated data. You've to download the whole 32TB actually

[gpm]

There does seem to be some source, as (now, not when you posted) discussed in that thread. Here's a pastebin (taken from that thread) with some filenames, including, for example, usb drivers

https://pastebin.com/raw/VGEbWVSM

[KGIII]

If you really want to see some Windows source code. You can just ask them - and they will send it to you. It's not open source and there are limits to what you can do with it.

They call it their Shared Source Initiative. They want a reason for sharing it with you but I have used, 'I am just curious.' With that excuse, this was a long time ago when I still used Windows, I got the specific code I wanted for Outlook Express.

[Teever]

Do they share the code for the windows update mechanisms and the code for cortana and other spyware that is installed by default in windows?

[KGIII]

I have no idea. I haven't used Windows in a years. Give it a shot. The most they can do is tell you no.

[mmmnn]

Put some effort in and reverse engineer it, if you really want to know how it works.

Complaining about the lack of source code is just sheer laziness.

[wfunction]

How do you "ask them"? Do they have an email address for this? Or do you have to find the right guy on the team somehow?

[gtirloni]

Windows Shared Source initiative has existed for what, over 10 years now?

https://www.microsoft.com/en-us/sharedsource/

I think this "leak" is greatly exhagerated.

[afpx]

I haven't worked directly with Microsoft for well over 15 years, but this sounds similar to what I remember. Back then I worked for a partner who was doing direct integration work against low-level SQL Server and Windows libraries. Often when we encountered obscure bugs, they'd just give us the SQL Server or Windows source code and basically say, "Fix it, and we will release a hot fix." All of the comments would be replaced with white space which made things more difficult.

[wfunction]

None of those categories seem to include ordinary developers though?

[KGIII]

If your company, or you, have a relationship with Microsoft, try the Enterprise. They are pretty lenient, though not always rapid in their responses.

[withinrafael]

Even community MVPs get access to this stuff.