MS partner fingered in Windows code leak, Linux box implicated
Bill was right after all: share stuff with these creeps and the whole thing goes to hell...
Yesterday's Windows source code leak tracks back to long-term Microsoft partner Mainsoft, according to Betanews. An analysis of the code finds numerous references to Mainsoft's MainWin product, while a post-crash core dump file provides a possible smoking pistol pointing to a Linux machine likely to have been used by Mainsoft technology director Eyal Alaluf.
Mainsoft tells the world that "Mainsoft has unprecedented access to Microsoft Windows source code enabling the industry's highest level of Windows compliancy on Unix" - quite.
The company was one of two Unix-Windows interoperability specialists which had access to Windows source code under the WISE (Windows Interface Source Environment) programme, the other being Bristol. This three-cornered relationship and the circumstances which led Bristol to mount an antitrust suit against Microsoft are covered in possibly excessive detail here. But the rise of Linux and its growing perception by Microsoft as the threat means that almost four years on this old argument is acquiring renewed relevance.
As regards yesterday's escape, the circumstantial evidence would point to it having been an everyday story of cockups among coding folk. Companies licensed to build products via access to Windows source code are going to be using Windows source code, and it seems inescapable that they are going to put this source code on machines in order to use it. Prior to Microsoft deciding that source code was so darned important and secret that it was going to make a big deal of letting people look at it and spin it up into a Linux countermeasure, source code was just stuff, and we very much doubt Mainsoft staff felt the need to don bunny suits and submit to strip-searches prior to working with it.
You work with other people's source code because you have a need and a licence, and if you don't have a licence you don't work with it, because what you've used will show up in the products you build and you'll get fingered and sued. And if you are offered unlicensed access you're smart not to even look at it, because simply knowing how the stuff works compromises your ability to produce products independently, and renders you difficult/dangerous to employ in the relevant field.
That is why source code tends not to leak - it is not because it's kept in a big safe, no matter what Microsoft's marketing people tell us to the contrary.
Back at the partner with the source code licence, time passes, machines with the code on board change users, change owners, people lose track of where they put all the darn copies, what happened to the darn machines until... oops. It meets someone who knows what it is and they post it.
If this supposition is even partially right then we presume that the someone in question is at least aware of the possibility that it might be possible to construct an audit trail based on where a particular PC went, and that they could therefore find themselves in some considerable trouble over the matter. But as far as the rest of us are concerned, it's important to hold onto the fact that this leak is only important because Microsoft claims its source code is hugely important secret sauce/coke formula.
Whereas it's not really, it's just stuff, and not all of the stuff either. There's an outside chance it could give you information about how you could screw up the world's Windows installations, but the world's virus writers appear to be doing that splendidly without recourse to source access, and carrying on without such access is probably quicker than trying to benefit from it. Finally, this is very important: if you propose to continue working in the IT industry, and somebody offers you a look at Microsoft's source code, just say no. Remember - if you learn too much about the internals of Microsoft products, you may find yourself unable to work for anybody except Microsoft. Yikes. ®
Sponsored: Becoming a Pragmatic Security Leader