The code leaked at 4chan is authentic, says an IT technician from the USA: He claims to have created a working build of Server 2003.
Shortly after the alleged source code of Windows XP and Server 2003 appeared on the anonymous message board 4chan last week, the first analyzes had been made security researchers and Windows experts pointed to the authenticity of the leak.
These suspicions now seem to be confirmed: An IT technician from the USA, who uses the nickname NTDEV, claims to have successfully compiled parts of the leaked code . However, two videos in which he claims to have documented the process were removed from the YouTube video platform – at the instigation of Microsoft.
Almost complete Server 2003 installation
NTDEV described the results of its efforts to ZDNet: It had an XP installation – which, however, was not fully executable due to missing components, as well as a working Server 2003 installation succeeded. In the case of XP, at least certain files, such as the kernel and explorer, would have been easy to compile. However, other components such as Winlogon and numerous drivers would have been missing.
Nevertheless, NTDEV expressed the assessment that, apart from the missing components, all SKUS (stock keeping units, i.e. commercial versions) as well as could create free optimized retail builds.
The leaked code of Server 2003, on the other hand, is more complete than that of XP; however, he had to subsequently replace files for the Windows logon (winlogon) in order to create a fully functional version. NTDEV suspects that the fact that Winlogon code is missing, of all things, could also be intentional: This could be closely related to the initial activation process of the operating system and contain remote control mechanisms that Microsoft could use to track down illegally compiled versions.
Microsoft has possible video evidence removed
The most important finding from NTDEV’s analysis is ultimately the authenticity of the existing code. So far, Microsoft has still not commented.
The code details described to ZDNet are currently difficult to verify: two videos that are supposed to show the compilation process step by step have been removed from NTDEV’s YouTube channel . It is striking that the videos were blocked “due to a complaint of copyright infringement by Microsoft Corporation” of all things. was made. This could well be interpreted as a strong indication that they are in fact showing something that Redmond wants to keep from the general public.
The heise online editors have at least seen the video for XP. It shows a nearly 10 minute compilation process on an XP desktop; then (possibly) freshly compiled XP tools are executed. However, a binding statement on the actual probative value of the video or even on the authenticity of the code can hardly be made on this basis.