more on Release of Windows Coding Is a New Worry for Microsoft

[Dave Farber <dave () farber net>]

Delivered-To: dfarber+ () ux13 sp cs cmu edu
Date: Sat, 14 Feb 2004 08:31:13 -0500
From: Bob Drzyzgula <bob () drzyzgula org>
Subject: Re: [IP] Release of Windows Coding Is a New Worry for Microsoft
To: Dave Farber <dave () farber net>

Dave,

A slightly different spin on this.

--Bob Drzyzgula

http://www.washingtonpost.com/wp-dyn/articles/A40843-2004Feb13.html

| Tech Experts Downplay Theft of Windows Code
|
| By Mike Musgrove
| Washington Post Staff Writer
| Saturday, February 14, 2004; Page E01
|
| Computer security experts continued to debate
| yesterday the significance of the theft and Internet
| posting of portions of Microsoft Corp.'s software
| coding for the Windows operating system earlier
| this week.
|
| Though two computer files containing some of the
| raw programming used for Windows 2000 and NT 4.0
| were still being downloaded from hacker Web sites
| yesterday, the early consensus among computer
| engineers who study security is that the incident
| may be more of a public relations embarrassment than
| a looming security crisis for the software maker and
| its customers.
|
| "It's certainly a big deal for Microsoft," said Bruce
| Schneier, founder of Counterpane Internet Security
| Inc. "But, as a security guy, I have a hard time
| convincing myself we are going to see lots and lots
| of vulnerabilities as a result of this."
|
| Schneier said he thinks it unlikely the incident would
| lead to a major uptick in security incidents. "Finding
| vulnerabilities in Microsoft code is so easy anyway,"
| he said.
|
| Microsoft said it has contacted the FBI about
| the release. The company has suffered a number of
| security-related embarrassments over the past several
| months; the theft this week marked the third security
| issue this month. The Redmond, Wash.-based software
| giant had previously issued two separate advisories
| about flaws in its software and offered users patches
| to correct them.
|
| Marc Maiffret, a former hacker who started a computer
| security company, said the wide availability of
| portions of the Windows source code may make it
| easier for hackers to write malicious software attacks
| against parts of the operating system. But, he said,
| most of the code that is now being downloaded across
| the Web does not appear to reveal the inner workings
| of Windows networking or data-sharing protocols --
| which are of the highest interest to hackers.
|
| "The code that got out isn't the very-important code
| that people would've wanted," he said.
|
| Ken Dunham, director of malicious code at Reston-based
| iDefense Inc., said he monitors hacker discussion
| groups and chat rooms as part of his job and that
| discussions about the stolen source code have gone
| "through the roof" since the files surfaced Thursday
| afternoon.
|
| Dunham said that, from preliminary looks, it appears
| that the Windows code was stolen 18 months before it
| was released to the Internet. He also said that it
| looks like hackers may have edited or "played with"
| parts of the code before releasing it.
|
| Though a culprit for the theft and Internet posting
| has not been found, some of the lines of programming
| contain notes that appear to have been made by
| employees of a tech company named Mainsoft Corp. --
| leading some to believe that the files circulating
| the Web were stolen from the company.
|
| The San Jose-based technology company is a Microsoft
| partner that has helped make versions of Microsoft
| products such as Internet Explorer, Outlook Express
| and Windows Media Player run on the Unix operating
| system.
|
| Mainsoft released a statement from its chairman,
| J. Michael Gullard, saying that the company would
| "cooperate fully with Microsoft and all authorities
| in their investigation."
|
| Microsoft declined to comment on Mainsoft yesterday. A
| spokeswoman for the company estimated that Microsoft
| has shared parts of its code with 3,000 partner
| companies and organizations. 

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/