Slashdot Mirror


Microsoft Warning Leaked Code Traders

An anonymous reader writes "Broadand Reports notes that Microsoft is now sending snail mail warnings to downloaders of the leaked source code. They're also apparently working in conjunction with several un-named peer to peer vendors to send out legal warnings to any users who search for the leaked code. The notice on Microsoft's website has been updated to reflect the new warnings."

9 of 833 comments (clear)

  1. Traders or Traitors? by monstroyer · · Score: 5, Interesting

    [tin_foil_hat]

    I think the title should have read "MS Warns Leaked Code TRAITORS" considering that the code probably got leaked from one of their own.

    From the MS Notice page:

    Customers running Windows XP Service Pack 1 or Windows Server 2003 who have installed all of the latest updates are not impacted

    In other words: "Dear companies running on W2K, please pay for upgrades ASAP. We would like more money. Thanks."

    [/tin_foil_hat]

  2. Warnings? by Xeed · · Score: 5, Interesting

    I thought the thing to do nowadays was to sue the pants off downloaders. Is M$ trying to play good guy warning downloaders rather than suing them?

    --
    ...don't question it!!!
    1. Re:Warnings? by stratjakt · · Score: 5, Interesting

      What noone picked up on is MSFT is SNAIL MAILING downloaders.

      No matter the text of the letter, the implication in recieving a snail mail vs. an e-mail is obvious: "WE KNOW WHO YOU ARE AND WHERE YOU LIVE, MOFO!"

      --
      I don't need no instructions to know how to rock!!!!
  3. Re:kazaa, bittorrent, emule/edonkey? by W2k · · Score: 5, Interesting

    ah well. it's kinda scary that even the largest/richest software co in the world can't stop the spread of their IP, and that it takes only one person.

    Not scary at all. I'd say it is a good thing that not even one of the most powerful forces on this planet can stop information from spreading across the web. Information wants to be free, remember?

    --
    Quality, performance, value; you get only two, and you don't always get to pick.
  4. I'm skeptical by Doesn't_Comment_Code · · Score: 5, Interesting

    While it may be illegal to steal source code that is privately held. I don't know that it is illegal to view it once it has been released. Perhaps someone has a more educated viewpoint. But this seems like a scare tactic without much legal standing.

    --

    Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
  5. For those sharing the source... by Lovepump · · Score: 5, Interesting

    ... or just using the P2P networks, PeerGuardian can help. I reject about 250 requests per day on the Emule network from tracking companies. Here's about 40 minutes worth:

    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:49:19)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:50:00)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:50:42)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:56:11)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:56:55)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:57:37)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:59:00)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:59:44)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:00:26)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:08:53)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:09:35)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:10:16)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:18:51)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:19:34)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:20:14)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:28:40)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:29:24)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:30:06)

    You can get it from Methlabs.org. Windows only as far as I know.

  6. Re:Someone got kicked off their ISP... by cant_get_a_good_nick · · Score: 5, Interesting

    Don't know if you were joking, but some folks really got MS Office war3z letters from the BSA for putting up OpenOffice downloads.

  7. Re:Don't mess with MS by DickBreath · · Score: 5, Interesting

    Yeah, released source code is horrible for security. Look at OpenBSD, all those servers just waiting to get hacked in to. Maybe now Microsoft will actually have to, I don't know...eliminate exploits instead of waiting for them to appear, then fixing them after it's too late (if it isn't already).

    Here is the real crux of the problem. You are pointing at the wrong thing.

    It is not whether the source is open and available that makes it insecure or more secure.

    It is whether the soruce was developed as open source. It matters that all those eyeballs were watching while the source was being written. Taking a buggy closed source program and suddenly opening the source simply means that all of the bugs will be discovered, and exploited. Developing a program as open source means that those security problems often don't live long enough to reach a release. Even when they do, they are patched rapidly.

    In fact, it simply may say more about the users or "administrators" than the availability of source. Remember the Bind 8 vulnerability? Remember how many servers run Bind 8? Remember how fast everything was upgraded all over the planet? Remember <Microsoft virus of the week>? Remember how many servers were vulnerable to that? Remember how slowly those vulnerable servers were upgraded? Even when the fix was available before the exploit? Now which of these two widely used software program vulnerabilities caused a huge upheavel affecting society as a whole?

    --

    I'll see your senator, and I'll raise you two judges.
  8. Re:Don't mess with MS by GrodinTierce · · Score: 5, Interesting
    I'd definitely have to second the parent. I'm in high school, and I know a little C++ (I took the APCS AB exam and got a 5), and I've played around with Linux. Basically, I couldn't really do anything with the source (even if I should ever chance to look upon it) beyond reading the code, and I don't really have any desire to go beyond that anyway.

    Ultimately, like the parent said, it's the taboo that makes it interesting. If Microsoft had just posted the code on its website, I might not even be interested, but all the effort they're exerting has attracted my attention.

    --


    Tierce
    Who sponsors your feelings?