Original URL: http://www.theregister.co.uk/2004/11/12/microsoft_source_code_sale_was_setup/

Defendant: Microsoft source code sale was a setup

'They're using me as an example'

By Kevin Poulsen

Posted in Media, 12th November 2004 10:50 GMT

A 27-year-old Connecticut man facing felony economic espionage charges for allegedly selling a copy of Microsoft's leaked source code for $20 says he's being singled out only because the software giant and law enforcement officials can't find the people who stole the code in the first place.

"They're using me as an example, to show if you do something like this, they're going to [work] you over," said William Genovese, in a telephone interview Thursday. "Why go after me? Why not go after the guy who took the code? Why not go after the guy who released it on the net?"

In February, two 200 megabyte files containing incomplete portions of the source code for the Windows 2000 and Windows NT operating systems appeared on websites and peer-to-peer networks around the world. Evidence in the files pointed to Microsoft partner Mainsoft, a developer of Unix tools for Windows, as the original source, but how the files were leaked, and by whom, remains a mystery.

What distinguishes Genovese from perhaps thousands of other curious computer geeks who shared the proprietary source code at the time is a short message he posted to his website, illmob.org - a hacker destination from which he distributes open source intrusion tools written under his handle, "illwill."

"Everyone was throwing up Bit Torrent links and downloading it on IRC," says Genovese. "I wrote on my website, joking, I have it, and if anybody wants it they can donate to my site."

Genovese claims he meant it as a joke, and he was surprised when someone actually responded a few days later and asked how much he should donate. "I was laughing, because I thought it was somebody stupid who wanted it and didn't know how to download it," he says.

The stranger gave Genovese $20 through the PayPal donation button on his website, and Genovese let him download a copy of the source code from his server. In July, the same man contacted Genovese again. "He emailed me again and said he had formatted his computer and basically he wanted to download the source again," says Genovese. "I didn't have it any more, and he said if you can find it I'll send you more money just for the hassle." Genovese says he found the files easily on a peer-to-peer network, and again provided them to the donor.

He isn't laughing any more.

According to court records, the mysterious donor was actually an investigator with an unnamed online security firm that Microsoft had hired to track people sharing the source code online. After the first "sale" was complete, Microsoft reported Genovese to the FBI.

The Bureau took the case seriously, and the Microsoft investigator arranged the second transaction at the FBI's request.

'Economic Espionage'

Armed with a federal criminal complaint out of Manhattan, FBI agents converged on Genovese's Connecticut home early Tuesday morning, searched his condo and arrested him. Now free on a $50,000 signature bond, Genovese stands accused of violating the 1996 Economic Espionage Act.

Passed to meet the perceived threat of foreign espionage against American companies, the Economic Espionage Act carries up to ten years in prison for stealing trade secrets for personal financial gain, or for a third party's economic benefit. For the first five years of its existence the law could only be used with approval from the Justice Department in Washington -- a limitation that was lifted in March, 2002.

The $20 payment is what opened the door for prosecutors to invoke the rarely-used law, says attorney Jennifer Granick, executive director of the Stanford Center for Internet and Society. "The statute requires you to act for the economic benefit of someone other than the trade secret owner," she says.

"The real question is whether this information remains a trade secret after it is globally available to anyone with an Internet connection," says Granick. "This is something that the courts have been grappling with, so it's pretty shocking that the government would pursue criminal charges for something that the civil courts can't even agree on."

Government offices were closed Thursday for Veteran's Day. Microsoft declined to comment for this story.

Although the complaint describes him as a "vendor" of stolen source code, Genovese says the only person who took his website post seriously was Microsoft's undercover agent. He claims that the same person later purchased another widely-traded underground file, the Paris Hilton video, for a $15 payment, though the transaction escaped mention in the complaint.

If convicted, under federal sentencing guidelines Genovese's sentence would be based on the value of the source code, if any, and his criminal history: Genovese has a conviction for intruding into private user's computers in 2000 and spying on their keystrokes, for which he was sentenced to two years of probation. "It happened right after I got my computer," he says. "I started using Trojan horses and stuff like that, and I ended up getting in trouble."

Copyright © 2004, SecurityFocus logo

Related Stories

MS source code fence busted
Source code loss excluded from insurance, says court
Sun deputizes Versora for Microsoft attack