[ISN] Stolen code shop back in business - on Usenet

From: InfoSec News (isn@private)
Date: Tue Jul 20 2004 - 05:12:55 PDT


Paul Roberts
IDG News Service

An online group claiming to have the source code for two popular
computer programs for sale opened its doors for business again on

An e-mail message that claims to come from "larry hobbles" and the
Source Code Club was sent to the Full-Disclosure security discussion
list. The message said that the group has moved operations to Usenet,
the network of online bulletin boards that makes up part of the
Internet, where interested customers can buy the source code for the
Dragon intrusion detection system (IDS) software from Enterasys
Networks Inc. and peer-to-peer server and client software from Napster
LLC, now owned by Roxio Inc.

The club made headlines last week after posting messages to online
discussion groups that advertised a Web site selling the source code
and design documents for Dragon and Napster. By Thursday, the group's
Web page displayed a message saying the club had ceased operations due
to "fears our customers faced."

A subsequent "newsletter" from the club dated July 17 and posted to
the Usenet group alt.gap.international.sales at 10:28 PM Pacific
Standard Time called Usenet the "official home" of the Source Code
Club and said the informal network was "better suited" to the club and
would give potential customers two ways to contact club members:  
through a club e-mail address and through messages posted in the
Usenet group.

The newsletter claims that the Source Code Club soon hopes to go
underground and stop offering code for sale in public, but is offering
the Dragon and Napster code "to authenticate our skills." The
Enterasys code would allow purchasers to understand the "secrets
behind Dragon," whereas the Napster code could give "any company
interested in breaking into the online music industry" a jump-start,
the newsletter said.

The club also expressed regret for the "public fiasco that ensues when
you publicly offer source code," an apparent reference to media
attention to the group's unveiling.

The club also posted instructions for potential customers to purchase
the stolen code.

Customers are encouraged to contact the group using e-mail and PGP
(Pretty Good Privacy) encryption to disguise their requests. Source
code for the Dragon software was priced at US$16,000 and Napster for
$10,000, with payments made through one of a number of online payment
services. Those wary of sending money to the club have the option of
buying the source code in $500 increments to build confidence.

Enterasys is working with the U.S. Federal Bureau of Investigation and
reviewing the club's claims. The company claims that its product code
was lifted off stolen media, such as a compact disc or computer hard
drive, rather than stolen directly from its computer network,
according to Kevin Flanagan, an Enterasys spokesman.

A Napster spokeswoman said last week that while Roxio owns the rights
to the original Napster code being sold by the club, the current
Napster online service does not use any code from the original, free
music swapping service and is not affected by the alleged theft.

Help InfoSec News with a donation: http://www.c4i.org/donation.html

This archive was generated by hypermail 2.1.3 : Tue Jul 20 2004 - 07:51:12 PDT