Feeds

MS partner fingered in Windows code leak, Linux box implicated

Bill was right after all: share stuff with these creeps and the whole thing goes to hell...

  • alert
  • submit to reddit

3 Big data security analytics techniques

Yesterday's Windows source code leak tracks back to long-term Microsoft partner Mainsoft, according to Betanews. An analysis of the code finds numerous references to Mainsoft's MainWin product, while a post-crash core dump file provides a possible smoking pistol pointing to a Linux machine likely to have been used by Mainsoft technology director Eyal Alaluf.

Mainsoft tells the world that "Mainsoft has unprecedented access to Microsoft Windows source code enabling the industry's highest level of Windows compliancy on Unix" - quite.

The company was one of two Unix-Windows interoperability specialists which had access to Windows source code under the WISE (Windows Interface Source Environment) programme, the other being Bristol. This three-cornered relationship and the circumstances which led Bristol to mount an antitrust suit against Microsoft are covered in possibly excessive detail here. But the rise of Linux and its growing perception by Microsoft as the threat means that almost four years on this old argument is acquiring renewed relevance.

As regards yesterday's escape, the circumstantial evidence would point to it having been an everyday story of cockups among coding folk. Companies licensed to build products via access to Windows source code are going to be using Windows source code, and it seems inescapable that they are going to put this source code on machines in order to use it. Prior to Microsoft deciding that source code was so darned important and secret that it was going to make a big deal of letting people look at it and spin it up into a Linux countermeasure, source code was just stuff, and we very much doubt Mainsoft staff felt the need to don bunny suits and submit to strip-searches prior to working with it.

You work with other people's source code because you have a need and a licence, and if you don't have a licence you don't work with it, because what you've used will show up in the products you build and you'll get fingered and sued. And if you are offered unlicensed access you're smart not to even look at it, because simply knowing how the stuff works compromises your ability to produce products independently, and renders you difficult/dangerous to employ in the relevant field.

That is why source code tends not to leak - it is not because it's kept in a big safe, no matter what Microsoft's marketing people tell us to the contrary.

Back at the partner with the source code licence, time passes, machines with the code on board change users, change owners, people lose track of where they put all the darn copies, what happened to the darn machines until... oops. It meets someone who knows what it is and they post it.

If this supposition is even partially right then we presume that the someone in question is at least aware of the possibility that it might be possible to construct an audit trail based on where a particular PC went, and that they could therefore find themselves in some considerable trouble over the matter. But as far as the rest of us are concerned, it's important to hold onto the fact that this leak is only important because Microsoft claims its source code is hugely important secret sauce/coke formula.

Whereas it's not really, it's just stuff, and not all of the stuff either. There's an outside chance it could give you information about how you could screw up the world's Windows installations, but the world's virus writers appear to be doing that splendidly without recourse to source access, and carrying on without such access is probably quicker than trying to benefit from it. Finally, this is very important: if you propose to continue working in the IT industry, and somebody offers you a look at Microsoft's source code, just say no. Remember - if you learn too much about the internals of Microsoft products, you may find yourself unable to work for anybody except Microsoft. Yikes. ®

Related Story

MS Windows source code escapes onto Internet

SANS - Survey on application security programs

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.