http://www.nytimes.com/2004/11/10/technology/10soft.html By ERIC DASH November 10, 2004 A Connecticut computer hacker was arrested yesterday and charged with selling copies of Microsoft Windows proprietary source code. The United States attorney's office said the hacker, William O. Genovese Jr., 27, of Meriden, Conn., used a Web site to unlawfully distribute the programming blueprints behind the Microsoft NT 4.0 and Windows 2000 operating systems. "This is someone who stole and attempted to sell for profit some valuable asset of Microsoft," said Tom Rubin, the associate general counsel for Microsoft. "It is our secret recipe, our secret formula like the Coke formula." The arrest is the most significant legal action to emerge from an F.B.I. investigation into the theft of Microsoft's source code; the inquiry began earlier this year and is continuing. Though sometimes Microsoft has provided its source code to business partners and government agencies, access is tightly guarded because it can allow software developers to replicate the program and hackers to exploit vulnerabilities in the operating system, which is used on hundreds of millions of computers. In mid-February, the complaint said, Mr. Genovese obtained a stolen copy of the Windows source code and posted a message on his Web site that he was willing to sell it. At about the same time, an investigator from an online security firm hired by Microsoft sent an e-mail message to Mr. Genovese, who was using an alias, and asked for a copy, the complaint said. Mr. Genovese requested that $20 be sent to a PayPal account and when the payment cleared, the investigator was given access to an Internet address where he could download a file with the source code. Mr. Rubin said that Microsoft then contacted federal authorities, who conducted a similar investigation with the company's help. This is not the first time Mr. Genovese has been at the center of a computer crimes case. In March 2003, he was convicted of eavesdropping and sentenced to two years of probation after gaining unauthorized access to computers in Connecticut. There has been another case this year involving a large technology company's having its proprietary software code published on the Internet. In September, Cisco Systems, the networking equipment manufacturer, said British authorities made an arrest after a four-month investigation. _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Wed Nov 10 2004 - 03:39:52 PST