Interesting. Presumably, LAPSUS had access to Windows source code but still decided to go after comparatively low-fruit like Bing and Cortana instead of the digital gold that is Windows.

Wasn't Windows' source code leaked a number of times already?

I think Bing and Cortana will have some "algorithms" that might be worth a lot more for the right buyer. I mean Google's search algorithm is one of the best kept secrets in the industry.

Windows source isn't all that hard to see. I know they've made it available to some universities and large customers also can get access.

https://www.microsoft.com/en-us/sharedsource/enterprise-sour...

> I know they've made it available to some universities and large customers also can get access.

And, IIRC, infamously the Chinese government too, because they made it a pre-condition of them purchasing Microsoft licenses that they must have source code visibility.

"Infamously" ?

Well, there is for sure a lot to criticize about the CN government, but this precondition seems to me very natural (the OS is a very natural place for possible backdoors, otherwise...)

No government should buy closed source anything for obvious reasons.

> because they made it a pre-condition of them purchasing Microsoft licenses that they must have source code visibility.

Even the communist party in China is more up to date then my own government

10,000 enterprise windows licenses minimum... that's a big customer

Windows source code is fairly widely available, as in government agencies, universities and others already have access. I'm sure this means anyone motivated enough could get it if they really wanted to. Of course even looking at it is problematic if you want to work on open source operating systems later, so I'm not sure why you'd voluntarily choose to do this.

It can be useful even if you're not directly incorporating it into your code. For example you might want stronger guarantees than the API documentation offers (e.g. "this function will only ever return values between this and that in this particular version of Windows"), and being able to read the code to check if your assumptions are valid is very useful. I've worked in function hooking before and ReactOS has been a very useful resource on occasion.

When public documentation for the Hyper-V APIs sucks the way that it does, I'd be willing to risk not being able to write a operating system later if I could figure out a side project now ;)

Full disclosure, I work on Hyper-V. Are you thinking of these docs - https://docs.microsoft.com/en-us/virtualization/api/hypervis... - or something else?

I'm thinking of the HCS docs (https://docs.microsoft.com/en-us/virtualization/api/hcs/over...). There's very poor documentation of the different types of VMs/Containers you can launch and how to launch them, I'm not sure how much of this is intentional or due to the newer container APIs being too new, but it's super frustrating when you're trying to understand how WSL2 or Windows Sandbox work (or honestly, how to use Windows containers without Docker).

I think you misspelled "dumpster fire". Microsoft is known for going to extreme lengths to maintain backward compatibility, but for Windows in particular this means code that's been hacked on for decades.

Whilst it might be treasure for hacker, but for "learner" could I say any Windows are horrible precisely due to this baggage.

MS have multiple devops orgs separated by location i believe. Judging by the screenshot where it says MSASG, I believe that's the China/Asia one.

It does have other orgs in the screenshot, but all the leaks seem to be ASG related.

Windows source code must be huuuuge...