Source code protection at Microsoft

Here's another question about 开发者_JAVA百科source code protection... So far I haven't been convinced with the answers to similar questions found on this site (NDAs on the legal side, trusting employees vs. protected code, etc.) So I'd like to formulate it in a different manner:

How do large companies do to protect their source code? E.g. I have never heard that the Windows, MS-DOS source code was ever stolen, reverse engineered? What steps does a large company like Microsoft take to protect their code?

One very important factor is that working with complex source code requires solid domain knowledge. So complex code becomes largely useless without the people that wrote it. Even if some third party steals all the code it will likely be unable to make alterations to it or use it.

One good example is SQLite - all its code is public domain and published. How much time will someone without solid knowledge of its inner workings need to make any alterations or analysis of that code? And SQLite is not a very big piece of software. Yet people developing it support it and publish updates all the time.

I have never heard that the Windows, MS-DOS source code was ever stolen, reverse engineered?

Well, than you haven't been listening very carefully. Reverse engineering Microsoft's operating system code happens all the time. Go read books like "Undocumented Windows 2000 Secrets: A Programmer's Cookbook" or "Windows NT/2000 Native API Reference" by Gary Nebbet. Or remember what Cogswell and Russinovich did before being bought by Microsoft.

Also, around 6 years ago, (parts of) the source code of Windows 2000 was leaked:

http://www.wired.com/science/discoveries/news/2004/02/62282

First, they pay enough and have big enough legal and security teams to make it not worth it for most employees to think of taking the risk of leaking it. Second, they limit the access to their source control systems based on the portions of the codebase that particular developers need access to.