Microsoft withdraws Sysinternals source code
Anyone involved in support or development on Windows platforms has almost certainly come across the excellent tools from Mark Russinovich and Bryce Cogswell, collectively known as SysInternals (free tools) and Winternals (pay tools).
These tools are well written, small, powerful and provide insightful information and control. The gems include Process Explorer – a powerful replacement for Task Manager that can show you which files are locked by which processes etc. the excellent RegMon and FileMon for keeping an eye on what files and registry entries applications are utilising and many other invaluable utilities for dealing with the trickiest situation.
SysInternals has been around since 1996, gradually improving their tools whilst they also demonstrated how to delve into the guts of Windows itself. Indeed these techniques formed the basis of Mark’s books Inside Windows 2000 and Microsoft Windows Internals which utilise a number of undocumented, and therefore unsupported, internal API calls to achieve these seemingly magical feats.
When Microsoft purchased SysInternals and Winternals as you can imagine a number of people were worried.
Techies feared loosing access to some great tools whilst developers about loosing the ongoing source and details of such powerful API’s that didn’t officially exist with SysInternal’s tools, source and books providing the best source of information.
There was no need to worry however the press announcement stated:
Customers will be able to continue building on SysInternals’ advanced utilities, technical information and source code for utilities related to Windows.
Good news there then. At least if it were true.
The replacement for SysInternal’s site came on-line a few days ago and included in the bunch of small updates and new Process Monitor application (replacement for RegMon and FileMon) was the following snippet hidden away in the Sysinternals Site Migration page.
Source Code: The number of source code downloads didn’t justify the migration, support, and possible integration problems it might cause with other Windows components down the road.
In other words “We lied”.
There has been some discussion that these internal APIs were being used for malware. I don’t see how denying the source now the malware authors know-how or the source and Windows Internals books are in free circulation.
I’ve posted a news article to Slashdot about it so my apologies if you’re already had my much shorter summary. They like em that way and I didn’t want them linking back here for fear of turning my Shuttle server into a melted heap with all the traffic.
Slashdot rejected it and went with Justin Long no longer being the Mac – a story that wasn’t even true.
Microsoft have usefully packed the whole Sysinternals suite up into a single download.