Sorry, that Winternals tool is available only to Genuine Windows users!
July 18, 2006 10:39 AM   Subscribe

Microsoft acquires Winternals Software. It's impossible to know what the repercussions will be, but you can be sure it won't take long for every possible worst-case scenario to be predicted. Any why wouldn't it? The possible loss of invaluable FREE tools like the Registry Monitor, Process Explorer, Port Monitor and File Monitor is a little scary - both have saved my developer hide on several occasions. Will they get folded into Vista? Will they still be available as PowerToys? Unknown. "Microsoft is still evaluating the best way to leverage the many different technologies that have been developed by Winternals" The site's a little slow right now - I wonder if that's people madly downloading copies of the current versions out of fear they'll go away any moment?
posted by phearlez (49 comments total) 1 user marked this as a favorite
 
These guys are probably the best Windows white-hat hackers out there. Losing them as an independent resource is a very bad thing for all of us.

It's probably, however, a very good thing for them, so I wish them well. They have saved my butt any number of times, and I hope they're rolling in cash from the acquisition.
posted by Malor at 10:47 AM on July 18, 2006


"As for Sysinternals, the site will remain for the time being while Microsoft determines the best way to integrate it into its own community efforts"

embrace, acquire, extinguish.
posted by mrbill at 10:49 AM on July 18, 2006


lol windows
posted by keswick at 10:52 AM on July 18, 2006


Yes, we should all panic because Microsoft acquired one of the many freeware tools available.

Not like there aren't a million others out there...
posted by tgrundke at 10:55 AM on July 18, 2006


One possibility off the top of my head: The utilities will be patched to hide certain kinds of action. So, for example, you wouldn't be able to see registry changes that MS didn't want you to see.

Paranoid? You bet! But hey, it's fun. Seriously. Long as you don't get carried away with it. Or spend too much time thinking about how much of your valuable time and attention has been wasted on crappy software from big companies over the past 15 years. OK, now I'm depressed....
posted by lodurr at 10:56 AM on July 18, 2006


The site's a little slow right now - I wonder if that's people madly downloading copies of the current versions out of fear they'll go away any moment?

See:

http://slashdot.org/article.pl?sid=06/07/18/1545258

So yeah, it hit Slashdot and now all the nerds are crushing the site. Oops.
posted by secret about box at 10:56 AM on July 18, 2006


I agree with phearlez and Malor. Sysinternals has saved my ass a hundred times, and I'm not even a Windows admin. I can only imagine how this will affect those who constantly use the tools.
posted by Plutor at 10:57 AM on July 18, 2006


Yes, we should all panic because Microsoft acquired one of the many freeware tools available.

Ever since Microsoft acquired ActiveState, the release quality has steadily declined; originally, it was excellent.

It has gotten to the point where a Windows Perl programmer cannot rely on the standard ActiveState module distribution and private repositories have stepped in to fill that role.

So, yeah, it does make me worried that MSFT has acquired the most helpful and professional winhackers around.
posted by sonofsamiam at 11:00 AM on July 18, 2006 [1 favorite]


Sigh. Time to download all the apps on the site!
posted by SirOmega at 11:03 AM on July 18, 2006


Oh good grief. Microsoft gives away a TON of stuff, so everyone can just stop their bellyaching and go hug their MAC and/or LINUX machine.
posted by tadellin at 11:05 AM on July 18, 2006


Yes, we should all panic because Microsoft acquired one of the many freeware tools available.

Not like there aren't a million others out there...
posted by tgrundke at 10:55 AM PST


Please post links to the 'millions'.
posted by rough ashlar at 11:09 AM on July 18, 2006


The utilities will be patched to hide certain kinds of action. So, for example, you wouldn't be able to see registry changes that MS didn't want you to see.

Prediction, practically guaranteed to be fulfilled: CoLinux and other virtualization software is going to grow in popularity, utility, and sophistication. Events motivating this trend include the TCPA BS, recent developments regarding some very advanced rootkits, and anti-DRM hacking.

Microsoft gives away a TON of stuff, so everyone can just stop their bellyaching and go hug their MAC and/or LINUX machine.

Yes. Team loyalty is what matters, not the practical outcomes of real events.
posted by sonofsamiam at 11:09 AM on July 18, 2006


My guess is that it'll go the way of the Sygate Personal Firewall -- a straight-up acquire-to-kill-as-freeware purchase. I can't blame the Winternals guys for selling though.
posted by clevershark at 11:12 AM on July 18, 2006


Noooooooooooooooooooooooooooo!
posted by TungstenChef at 11:19 AM on July 18, 2006


Thanks so much for posting this. I know it's on Digg or /. but MeFi is the one I hit daily. I about wet my pants, then got in line with wget.

To quote a poster on digg, 'NOooooooooooooooooooooo!!!'
posted by cavalier at 11:21 AM on July 18, 2006


On not using preview, shit, what Tungsten said!
posted by cavalier at 11:21 AM on July 18, 2006


wget, here I come!
posted by nlindstrom at 11:27 AM on July 18, 2006


Hi ho, wget, away!
posted by Godbert at 11:34 AM on July 18, 2006


wow, that sucks. process explorer is a great program.
posted by jimmy at 11:40 AM on July 18, 2006


NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!!!!!

This is horrible, horrible news.

Even worse is that I didn't know before today that MS had aquired ActiveState. At least now I know why it's so much worse now than it used to be.
posted by splice at 11:53 AM on July 18, 2006


Can someone point me to information about ActiveState being bought by Microsoft? It certainly doesn't look that way from their website...
posted by AaronRaphael at 11:59 AM on July 18, 2006


Even worse is that I didn't know before today that MS had aquired ActiveState. At least now I know why it's so much worse now than it used to be.

I'm pretty sure Microsoft didn't buy Activestate.

Sophos purchased AS, and then sold it back off. Currently, according to their website, AS is owned by their employees, and a private financial group
posted by WL at 12:03 PM on July 18, 2006




Man, oh man... that's it.

I am ***OFFICIALLY*** stabbin' angry.

When can we start the stabbin', and who can we stab?

Time to WGET while the WGETting is good.
posted by PROD_TPSL at 12:05 PM on July 18, 2006


lodurr: I'm sorry, they weren't 'acquired' like I said, they are not officially owned. They have received funding from MSFT for some years now.

The correlation of declining release quality with MSFT affiliation is my own, perhaps unfair, honest judgement. (but the releases have really been sucking in the last few years. packaged modules should not be version incompatible right out of the box.)
posted by sonofsamiam at 12:16 PM on July 18, 2006


I misunderstood you.
posted by lodurr at 12:17 PM on July 18, 2006


Malor writes "These guys are probably the best Windows white-hat hackers out there. Losing them as an independent resource is a very bad thing for all of us. "

Yep, like when l0pht got bought out.

Mikey-San writes "So yeah, it hit Slashdot and now all the nerds are crushing the site. Oops."

See, all MS has to do is buy something and it is immediately more popular.
posted by Mitheral at 12:19 PM on July 18, 2006


*cough*
posted by Mach5 at 12:21 PM on July 18, 2006


best windows utilities. evar.

personally, they have helped me nab pesky spyware & rootkits that "official" tools had no hope in catching.

on the upside, quality at MS will have to improve with the aquisition of one of a windows programming & security deity; ironically something MS couldn't produce themselves -- I honestly think Mark knows more about Windows than MS does.
posted by karson at 12:35 PM on July 18, 2006


The possible loss of invaluable FREE tools like the Registry Monitor, Process Explorer, Port Monitor and File Monitor is a little scary

Microsoft has a history of buying small companies, releasing their product for free, and forcing out any remaining competition from the marketplace. Say what you will about the strategy, I doubt that these free tools are going to become for-pay tools.
posted by SweetJesus at 12:57 PM on July 18, 2006


Never heard of them, I suppose I should take a look.
posted by juiceCake at 1:06 PM on July 18, 2006


If anyone has the latest versions of the tools could they please rapidshare or megaupload and post a link? I'm a-feared. :-(
posted by fleetmouse at 1:50 PM on July 18, 2006


Oh good, someone already torrented the tools + source here.
posted by fleetmouse at 2:08 PM on July 18, 2006


Why would you call them "White hat" though? I mean generally it's network hackers who are "White hat" or "Black Hat". Calling people who know a lot about how windows works at a low level "white hat" implies that there are "black hat" ways of using your own computer. Something I disagree with.
posted by delmoi at 2:19 PM on July 18, 2006


I think the term "white hat hacker" can more generally be applied to anyone who's getting down inside of a piece of software and leveraging his knowledge of its flaws and vulnerabilities to do good instead of evil (the "good" in this case being releasing tools that help you avoid or recognize the people exploiting said vulnerabilities in "bad" ways).

I never d/l'ed everything from sysinternals, because I just kind of figured it would always be around. Time to revise my estimate and go grab the lot of it. I'm gonna miss those guys. As a software developer on the Windows platform, I have a huge amount of respect for them. I certainly wish them well; they've provided a wealth of information and tools over the years.
posted by Brak at 3:48 PM on July 18, 2006


Well, ok, everyone's freaking out here, but Mark Russinovich & co have had a close relationship with MS folks for a long time. I suspect that this really just entails the Winternals products, which kick ass but are somewhat expensive, like the System Administrator's Pack. I wouldn't be surprised if the Sysinternals utilities end up being released as unsupported freeware through MS just like they are now. Furthermore, I suspect that the actual Winternals products will get incorporated directly into future versions of Windows and related MS products, which is a good thing for existing MS customers.
posted by me & my monkey at 4:13 PM on July 18, 2006


what m&mm said: Russinovich and Co. aren't just random guys being acquired by MS; their extremely close relationship to MS has been long-standing and very positive. Ferchrissakes, Mark along with Dave Cutler teaches an MS-internal-only class on Inside Windows!

MS acquiring them is like people who've been living together for years formally getting married down at the courthouse: not much will change, it's just a paper thing. Those great tools aren't going to go away or be sullied... they might even be enriched if sysinternals has even greater access (although at this point Russinovich probably has had access to any source or architecture info he could want for some time now).
posted by hincandenza at 4:39 PM on July 18, 2006


There's a million tools out there, sure.. but now there will be 50,000,000 totally useless Google results. If I had $5 for every time I've Googled for $PROBLEM and found that $SOLUTION needed some $DOWNLOAD that didn't exist anymore, I could have bought Microsoft myself.

Fortunately I don't have to dwell in Desktop Support land any longer.
posted by drstein at 5:34 PM on July 18, 2006


Fortunately I don't have to dwell in Desktop Support land any longer.

Don't worry, system administrators and developers have to deal with that too!
posted by flaterik at 8:13 PM on July 18, 2006


My understanding (and I've actually worked with Russinovich on a particular engagement) is that Mark has avoided source code access, so he could avoid getting covered by the MS NDA. But supposedly enough builds of Windows have come out with full debug symbols that he's been able to reconstruct whatever's he's needed.

I cannot *imagine* that anything from Sysinternals would be taken off the market. If anything, it'll probably be expanded, moved into either a powertoy or a resource kit, if not inbox in Vista Server.
posted by effugas at 9:01 PM on July 18, 2006


REMINDER: Never run binaries that you've downloaded from a peer-to-peer network on any machine you care about, unless you verify the individual binary files with an MD5 tool first using MD5 hashes provided by the software vendor in a difficult-to-spoof fashion.
posted by baylink at 9:07 PM on July 18, 2006


The set you can get from the Sysinternals site now is post-Microsoft, and so are the ones in two of the torrents. Code has been changed within July and there is a new, more restrictive eula.txt in each zip.

There is a torrent of the pre-Microsoft versions here.

What baylink says is good advice, of course.
posted by jam_pony at 9:27 PM on July 18, 2006


I enjoy the fact that I have only had to use the sysinternals tools once or twice, ever. Although I was looking for File Monitor the other day.

I'm switching to OS X as soon as possible, personally.
posted by blacklite at 12:12 AM on July 19, 2006


delmoi: ... implies that there are "black hat" ways of using your own computer. Something I disagree with.

And I for one would agree with your disagreement.

But there are definitely "black hat" ways of using other people's computers, or for other people to use yours. And many people's computers are certainly put to ethically questionable use ("grey hat"?) by software vendors on a daily basis. Tools like this give us some power to limit that use.

So I think "white hat" is a fair use.
posted by lodurr at 5:43 AM on July 19, 2006


jam_pony writes "Code has been changed within July and there is a new, more restrictive eula.txt in each zip."

See, that didn't take long.
posted by Mitheral at 8:01 AM on July 19, 2006


Get a copy of Knoppix Hacks, and you'll be able to fix even more than you could with the Winternals stuff.
posted by QIbHom at 12:59 PM on July 19, 2006


I'm switching to OS X as soon as possible, personally.

I run OS X at home, and I used to run various flavors of linux. But I'm a windows developer, so the niftiest tools I know of are... for windows.

Anyone know of something similar to Filemon for OS X? Not that I'd actually need it but I like being able to poke.
posted by flaterik at 11:40 PM on July 19, 2006


Try running lsof in a Terminal in OS X.
posted by blasdelf at 1:12 AM on July 20, 2006


From the website:
There’s nothing more satisfying for me than to see our ideas and their implementation have a positive impact.

That’s what makes being acquired by Microsoft especially exciting and rewarding.
Wha?
posted by Deathalicious at 10:44 AM on July 20, 2006


« Older Paul Reubens is my homeboy   |   No Capes! Newer »


This thread has been archived and is closed to new comments