Did major cable outfit host leaked WinXP code?
Oops. But if it did, it's gone now...
One of Microsoft's biggest worries is that software will become 'Napsterised,' and that universal broadband connectivity will result in its intellectual property whizzing untrackably and unpaid for throughout the Web. And actually, if you were watching the right place at the right time this afternoon, you might have concluded that Microsoft (and practically any other software company that isn't open source already) really does have something to worry about.
As far as we can gather, illicit WinXP beta code was briefly available on the FTP server of a major cable company, which we will choose not to name. We got there too late to confirm that it had been there, but we did catch some IRC chatter that suggested that the code had been in a folder named XP uploaded to the incoming directory of the company's server.
If this was actually the case, the company concerned seems to have got the lid on it relatively quickly, but you'd surely expect that. After all, even if your server is prepared to accept an upload of 500-plus megs from somebody logging in on some kind of scout's honour system (anonymous, with "your email ID" as password, but only for logging purposes, and no apparent checking) you're surely going to notice when download traffic from your incoming directory suddenly goes through the roof.
For starters, you might possibly be wondering why people can actually see anything to download. That directory (we checked with a fictitious email ID) does currently seem to be accepting uploads, but they're not visible after you've uploaded, which is as it should be if you're a cable company anxious to avoid electing yourself to warez heaven.
But consider what warez heaven could be, and why Microsoft has reason to be worried. If you don't actually own the code you're offering for download, then from the point of view of self-preservation you're not going to want people to be able to find out who you really are, and a part of that is not actually having any trackable connection with the site you're telling people they can download from.
So quite a bit of this business goes on via sites whose owners don't actually find out they're hosting swiped code (or indeed porn) until they figure out why everything's going so slow. But by the time that's happened the purveyors have just moved on to somewhere else where security isn't all it should be. So combine the growth of broadband, always on connectivity with the kind of widespread slack security that's already prevalent, and what have you got? Not exactly Napsterisation, but certainly a world where very large chunks of code can be copied at will without the owners being able to do much about it.
So what about code that you can copy if you like, but that won't work until you've been verified as having a legitimate licence? You can kind of see the point, can't you? ®
Sponsored: 2016 Cyberthreat defense report