Friday, February 22, 2008

omg Microsoft releases protocol specs lol

http://msdn2.microsoft.com/en-us/library/cc216513.aspx

I've been reverse engineering undocumented features of Microsoft protocols since before most of today's hackers were born, so this is a pretty big deal for me.

One thing that should be made clear, however, is that these are NOT the full specifications. Inevitably, there are bugs in Microsoft's code that don't follow the spec. Either they produce packets that the specs say shouldn't be produced, or read packets in a way other than how they are supposed to be read. I predict that within the next year or two a Slashdot posting complaining about this. People will be complaining about how Linux stacks aren't completely compatible, and they will blame Microsoft for having a conspiracy hiding the complete technical details. The reality, of course, is that Microsoft doesn't know the complete technical details, since they aren't yet aware of the bugs in their own code.

This likewise means that we'll see vuln reports as implementors of open-source stacks find that Microsoft's stacks crash. Conversely, Linux implementors are likely to create their own bugs that hackers can exploit. Parsing protocols is inherently dangerous. Thus, the release of these specs will encourage hacking of both Microsoft and open-source stacks.

No comments: