On Friday 17 February 2006 09:50, Brandon Turner wrote:
<snip>
One day later
a developer says in the forum
http://www.reactos.org/forum/viewtopic.php?p=13239&highlight=#13239
"The biggest problem isn't disassembled code. The fact is that 4 of
the developers have had a copy of the leaked Windows source."
So, the biggest problem is, that some ROS-developer have looked in
leaked code.
I think this was when GvG thought that Alex had seen some of the stolen
NT Kernel Code. However, Alex did not see it, and this has been
clairfied with all parties, so really leaked code isnt a problem.
Okay, so I'm just sitting here waiting for news that ReactOS has gotten stable
enough to be used in production systems, but...
It wouldn't take me long to find the post where Alex did admit to having once
had a copy of the leaked source code. However he also denied ever using any
of it for ReactOS. I haven't looked up the relevant mail - my personal
archive is over 3000 mails deep and it'd take more than a half hour to find
said post - but I do remember seeing it.
More than that, Alex also said that some other devs had also seen the source
code or had copies of it.
> He have said that, and nobody have contradicted
it.
>
> But at
>
http://www.reactos.org/archives/public/ros-dev/2006-February/007832.html
> a developer says to me
> "The leaked source code was never an issue here, that was an
> escalation of
> the mail which was posted on the public list. The rumours which
> materialized
> from that were unfounded and untrue."
> and the cvs tree will be completly re-opend.
I think this is a statement made when someone forgot that Alex did say he and
some other devs (names removed from the mail I saw) had seen or had had
possession of the leaked source code.
<snip>
> somebody cite something where a Codewaever chef
says, that in ROS is
> stolen code.
No. I have yet to see a single line of code that is stolen (and I have a copy
of the pre-audit tree here - was and am studying it as an example of how a
micro-kernel works). If someone wants to claim it's stolen they are sadly
mistaken. Though ReactOS does share a lot of code with WINE - but then, why
reinvent the wheel? WINE is constantly advancing in their implementation of
the Windows API.
> And then ReactOS gives for me more questions then
answers.
>
> What does the Audit-process mean?
> You have - as somebody says - already seen, that no Windows-Code is in
> ReactOS.
> But you want with the audit look for code, which are integrated by
> (not clean room) reverse engineering.
> But how do you want to find it?
By comparing the code to sections of Windows code as seen through a debugger
or disassembly dump and looking for "Magic Numbers" and huge tracts of
assembler that is entirely uncommented.
This process does _not_ find all "bad" code, but it is the only one that can
be used, since ReactOS should share a lot of binary code with windows as one
is attempting to be a clone of the other and there are only so many ways to
do things.
> The clean room inverse enginering is like
re-writing an existing book,
> without reading the existing book itself. Only reading review,
> critiques and summaries about the book are alowed to read.
> But there existing some people who have reverse enginered, but not
> clean room. This is like someone, who have completly read the book
> itself and tries to write the book what he read then down in mind.
> But how do you want to become out, who have read the original book and
> who not?
That's what clean-room reverse engineering is all about. One person studies
the code, takes it apart and documents it. Another person comes along, looks
at the documentation and creates an implementation.
<snip>
Hope an outsider with attempts at a simple explanation have helped :)
DRH