[ISN] Microsoft cracks down on source code traders

From: InfoSec News (isn@private)
Date: Thu Feb 19 2004 - 02:18:33 PST

  • Next message: InfoSec News: "[ISN] FBI Shutters Web Host"

    http://news.com.com/2100-7355_3-5161205.html
    
    By Robert Lemos 
    Staff Writer, CNET News.com
    February 18, 2004
    
    Microsoft has sent several letters to people known to have posted 
    Windows source code on the Internet, warning them to stop offering the 
    files and erase any copies. 
    
    The letters explain to the individuals that downloading or using the 
    source code is a violation of the law. Part of reason for taking the 
    tack is to educate people who may be curious about the operating 
    system source code that the files are proprietary and valuable, 
    Microsoft spokesman Tom Pilla said Wednesday.
    
    "I'm sure that there are many people that don't know that it is 
    illegal to share our source code," he said, adding that the letters 
    are just the logical next step in Microsoft's stated goals of 
    protecting its trade secrets. "We have said from the beginning that we 
    would take all appropriate action with regards to our intellectual 
    property." 
    
    Last week, Microsoft acknowledged that two 200MB files containing 
    compressed partial copies of the company's Windows 2000 and Windows 
    NT4 source code had been leaked to the Internet. Some evidence seems 
    to point to Microsoft partner Mainsoft, a developer of Unix tools for 
    Windows, as the source of the leaked code. 
    
    Microsoft is now attempting to put the genie back in the bottle. In 
    addition to the warning letters, the software giant has posted alerts 
    on several peer-to-peer file-sharing networks where it believes that 
    illegal sharing of the source code has taken place. Those warnings 
    will appear when a user searches the network using certain keywords 
    related to the source code, Pilla said. 
    
    In a statement posted to its Web site, Microsoft stressed that the 
    source code files are both copyrighted and protected as a trade 
    secret. 
    
    "As such, it is illegal to post it, make it available to others, 
    download it or use it," the company said in a statement. "Microsoft 
    will take all appropriate legal actions to protect its intellectual 
    property. These actions include communicating both directly and 
    indirectly with those who possess or seek to possess, post, download 
    or share the illegally disclosed source code." 
    
    The company's position could deter independent security consultants 
    and hackers from analyzing the code for vulnerabilities. Many security 
    researchers have expressed concerns that the leaked code would prove 
    to be a good tool for hackers who try to find vulnerabilities in 
    Windows code. However, the source code is more than two years old and 
    doesn't appear to include server or network services, which could have 
    been analyzed for vulnerabilities that would lay systems open to 
    remote attack.
    
    "The whole thing is more of an embarrassment for Microsoft," said Marc 
    Maiffret, chief hacking officer for software firm eEye Digital 
    Security. 
    
    At least one vulnerability has been found by analyzing the source 
    code. After a security researcher found a flaw in Internet Explorer 5, 
    Microsoft urged customers to upgrade to the latest version of the 
    browser, Internet Explorer 6 Service Pack 1. 
    
    Maiffret said he didn't believe that Microsoft's pursuit of copies of 
    the source code would stop the trading. 
    
    "It seems like a pretty wasted endeavor," he said. "People are still 
    going to use the code." 
    
    Microsoft wouldn't comment on whether the company would go as far as 
    suing security researchers who found vulnerabilities by analyzing the 
    source code. 
    
    "Our message is that we appreciate the sentiment of those that are 
    well intentioned, but it doesn't change the fact that...no one should 
    use it for any purpose," Pilla said. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Feb 19 2004 - 18:05:30 PST