Forgot your password?
typodupeerror
Microsoft

Microsoft Warning Leaked Code Traders 833

Posted by CmdrTaco
from the thats-a-bit-creapy dept.
An anonymous reader writes "Broadand Reports notes that Microsoft is now sending snail mail warnings to downloaders of the leaked source code. They're also apparently working in conjunction with several un-named peer to peer vendors to send out legal warnings to any users who search for the leaked code. The notice on Microsoft's website has been updated to reflect the new warnings."
This discussion has been archived. No new comments can be posted.

Microsoft Warning Leaked Code Traders

Comments Filter:
  • Traders or Traitors? (Score:5, Interesting)

    by monstroyer (748389) * <devnull@slashdot.org> on Thursday February 19, 2004 @04:38PM (#8331302) Homepage Journal
    [tin_foil_hat]

    I think the title should have read "MS Warns Leaked Code TRAITORS" considering that the code probably got leaked from one of their own.

    From the MS Notice page:

    Customers running Windows XP Service Pack 1 or Windows Server 2003 who have installed all of the latest updates are not impacted

    In other words: "Dear companies running on W2K, please pay for upgrades ASAP. We would like more money. Thanks."

    [/tin_foil_hat]
  • by frenetic3 (166950) * <houston AT alum DOT mit DOT edu> on Thursday February 19, 2004 @04:40PM (#8331326) Homepage Journal
    is kazaa one of the vendors? is there anything they can do about emule [sf.net] or edonkey [edonkey.com] users?

    the latter seem to traffic especially in things like leaked source RARs, and since most of the central servers are overseas and operated independently (and 'overnet' seems truly peer to peer with no central servers), it would be tough to crack down on them, besides having a bunch of fake clients that harvest IPs. anyone know if they do this?

    (i imagine the same concept would apply for bittorrent [bitconjurer.org] downloaders -- except BT relies on central tracking servers which would be comparatively easy to shut down.)

    seems like a natural, uh, application, for the freenet project ;) [sourceforge.net]

    ah well. it's kinda scary that even the largest/richest software co in the world can't stop the spread of their IP, and that it takes only one person.

    -fren
    • by W2k (540424) <wilhelm.svenseli ... om minus painter> on Thursday February 19, 2004 @04:45PM (#8331425) Homepage Journal
      ah well. it's kinda scary that even the largest/richest software co in the world can't stop the spread of their IP, and that it takes only one person.

      Not scary at all. I'd say it is a good thing that not even one of the most powerful forces on this planet can stop information from spreading across the web. Information wants to be free, remember?
    • by Saeger (456549) <farrellj@@@gmail...com> on Thursday February 19, 2004 @06:10PM (#8332745) Homepage
      I haven't downloaded the leaked source (because I don't care), but I *DID* search for it [jigle.com] (on Jigle and NovaSearch) for shits'n'giggles.

      I can't believe that Microsoft is actually threatening to "send out legal warnings to any users who search for the leaked code." Even SEARCHING for it? Please bite me.

      According to Jigle, over 1,600 people are currently sharing the source on the edonkey network, which is quite a lot when compared to the average file (including pr0n vids).

      --

  • by AvantLegion (595806) on Thursday February 19, 2004 @04:40PM (#8331333) Journal
    You download it, you gotta run it!

  • by Anonymous Coward on Thursday February 19, 2004 @04:40PM (#8331335)
    Once its leaked on the Internet, you can't take it back. People WILL take a peek at it. If Microsoft really needs to be convinced, they should talk to Pam and Tommy :)
  • by glen604 (750214) on Thursday February 19, 2004 @04:41PM (#8331341)
    Dear Sir, Please, please, please don't look for more exploits in our code! We've got enough already to keep us busy for the next decade or so. Signed, Your pals at Microsoft.
  • by Erratio (570164) on Thursday February 19, 2004 @04:41PM (#8331342)
    Probably a package that weighs 5 pounds, doesn't open right, has about 2 sentences of actual use, and then crubmles while being read.
  • silly question (Score:5, Insightful)

    by deadmongrel (621467) <karthik@poobal.net> on Thursday February 19, 2004 @04:41PM (#8331346) Homepage
    how are they able to know who's downloading the files from p2p network?
    is that you big bro?
    • Re:silly question (Score:5, Informative)

      by GerritHoll (70088) <gerrit@nl.linux.org> on Thursday February 19, 2004 @04:52PM (#8331554) Homepage
      Most p2p network have search facilities. The search is done on a server, and the server is able to (and probably already does) log who searches for what. A server hosting a torrent can do the same, but since those are more often volunteers themselves, they probably won't.

      Now that the source code is leaked, MS will probably get a lot safer, with all those hackers and crackers exploiting their bugs and thus revealing them ;-)

  • Warnings? (Score:5, Interesting)

    by Xeed (308294) on Thursday February 19, 2004 @04:42PM (#8331377) Journal
    I thought the thing to do nowadays was to sue the pants off downloaders. Is M$ trying to play good guy warning downloaders rather than suing them?
  • by Anonymous Coward on Thursday February 19, 2004 @04:44PM (#8331399)
    They're also apparently working in conjunction with several un-named peer to peer vendors to send out legal warnings to any users who search for the leaked code.

    Oh my God, that's great.

    Anyone want to suddenly start hopping on kazaa and posting spoofed search requests for "leaked windows 2000 code" which appear to be coming from the IP addresses of the White House, the Dennis Hastert re-election campaign, various randomly selected people, entire blocks inside of Time-Warner...

    It could be like a p2p reverse honeypot.

    Once a few thousand people start getting threatening legal notices from MS for something they didn't do, what happens next?
  • by junkymailbox (731309) * on Thursday February 19, 2004 @04:44PM (#8331400)
    This has got to work even better than security through obscurity.
  • Wait. (Score:5, Funny)

    by Omni Magnus (645067) on Thursday February 19, 2004 @04:45PM (#8331417)
    Does this mean that Windows is open source. Is it cool to use Windows yet?
  • by wardomon (213812) on Thursday February 19, 2004 @04:45PM (#8331419)
    But it was kinda buggy.
  • I'm skeptical (Score:5, Interesting)

    by Doesn't_Comment_Code (692510) on Thursday February 19, 2004 @04:45PM (#8331431)
    While it may be illegal to steal source code that is privately held. I don't know that it is illegal to view it once it has been released. Perhaps someone has a more educated viewpoint. But this seems like a scare tactic without much legal standing.
    • Re:I'm skeptical (Score:5, Insightful)

      by leerpm (570963) on Thursday February 19, 2004 @05:10PM (#8331864)
      It is not illegal to view it. It is illegal to download it.
      • Re:I'm skeptical (Score:5, Insightful)

        by Bagheera (71311) on Thursday February 19, 2004 @06:36PM (#8333045) Homepage Journal
        Actually, I believe it's illegal to upload it, rather than download it.

        This is roughly the same as picking up a set of photocopies you see sitting on the curb. Copywritten or not, you haven't done anything wrong by picking them up, as you didn't violate the author's copyright.

        The person who made the copies is violating the copyright (originally two words, godamnit!) not the person who picked them up.

        This is one of the issues with the RIAA going after Recipients, rather than Source.

        If I buy stolen goods at a garage sale, and the cops find me, they take them away and give them back to the owners. They arrest the thief, not the poor sucker who bought the goods.

        I'll at least give Redmond credit for issuing warnings rather than subpoenas. Though "Searching for phrase != downloading files I shouldn't have access to."

  • by maxbang (598632) on Thursday February 19, 2004 @04:46PM (#8331445) Journal

    I was wondering why when I tried compiling it, it stopped halfway through and I heard Madonna's voice scream, "What the fuck do you think you're doing?"

  • by jonfromspace (179394) <[moc.liamg] [ta] [snikliwnoj]> on Thursday February 19, 2004 @04:46PM (#8331455)
    Dear Peer-to-Peer user,

    Please do not download our source code or we will be forced to sue you. We are not kidding, we will sue you. Seriously, we'll sue...

    Sincerly,

    Bill Gates

    Reply
    Dear Bill.

    Please stop poluting the internet with your crappy source. Every time I search for porn now, I get coppies of some crappy pile of shit called winedows or something. Furthermore, don't even talk to me about frivilous litigation bub. I wrote that book.

    Besides, your source leak is stealing my valuable press. How am I supposed to dump my stock if I can't pump it first.

    P.S. Thanks for the license fees.

    Yours in infamy,

    Darl.
  • by Lovepump (58591) on Thursday February 19, 2004 @04:47PM (#8331460)
    ... or just using the P2P networks, PeerGuardian can help. I reject about 250 requests per day on the Emule network from tracking companies. Here's about 40 minutes worth:

    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:49:19)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:50:00)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:50:42)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:56:11)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:56:55)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:57:37)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:59:00)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 17:59:44)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:00:26)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:08:53)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:09:35)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:10:16)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:18:51)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:19:34)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:20:14)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:28:40)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:29:24)
    Connection Rejected: 12.222.39.72 - Communications Resources PGIPDB (02-19-2004 @ 18:30:06)

    You can get it from Methlabs.org. Windows only as far as I know.

  • ms warning (Score:5, Funny)

    by theMerovingian (722983) on Thursday February 19, 2004 @04:47PM (#8331469) Journal

    I must have found one of these warnings - when I downloaded "Windows_source_code.zip", all it contained was a .wav file of Bill Gates cussing at me.

  • by Fishstick (150821) on Thursday February 19, 2004 @04:49PM (#8331501) Journal
    On Monday, February 16, Microsoft began investigating a reported exploit on versions of Internet Explorer allegedly discovered by an individual studying the leaked source code. This exploit is a known issue that Microsoft had discovered internally and addressed with the latest release of Internet Explorer -- Internet Explorer 6.0 Service Pack 1.

    Um, don't usually like to argue semantics, but what was discovered was a security vulnerability (bug) in the code, not an "exploit".

    Devising and revealing a method to take advantage of this problem (a virus, worm, bitmap) is an "exploit", right?
  • by ZHaDoom (65485) on Thursday February 19, 2004 @04:52PM (#8331562) Homepage
    For those of you still looking for the leaked source code here it is:

    #include "windows.h"
    #include "system_errors.h"
    #include "stdlib.h"
    #include "msdos_bugs.h"

    char make_prog_look_big[1600000];

    main()
    {
    if (detect_OS2())
    freeze();

    if (detect_cache())
    disable_cache();

    if (fast_cpu())
    set_wait_states(lots);

    set_mouse(speed, very_slow);
    set_mouse(action, jumpy);
    set_mouse(reaction, sometimes);
    set_icons(UGLY);

    print("Welcome to Windoze 3.11111");

    if (system_ok())
    crash(to_dos_prompt);
    else
    system_memory = open("a:\swp0001.swp", O_CREATE);

    while(1) {
    sleep(5);
    get_user_input();
    sleep(5);
    act_on_user_input();
    sleep(5);
    if (rand() < 0.9)
    crash(complete_system);
    }
    return(unrecoverable_system);
    }
  • by kyshtock (608605) on Thursday February 19, 2004 @04:53PM (#8331579)
    Subsequent investigation has shown this was not the result of any breach of Microsoft's corporate network or internal security, nor is it related to Microsoft's Shared Source Initiative or its Government Security Program, which enable our customers and partners, as well as governments, to legally access Microsoft source code. Microsoft reaffirms its support for both the Shared Source Initiative and the Government Security Program.

    I just don't get it. No security breach. Not related to the SSI, nor GSP. Then how did it leak???? Psychics?

  • by boris_the_hacker (125310) on Thursday February 19, 2004 @04:54PM (#8331587) Homepage
    ... because they put up an archive called "kernel-source-2.6.3.tar.bz2"

    No one actually checked what it contained but blindly assumed it was windows. Heh. Funny world.
    • by cant_get_a_good_nick (172131) on Thursday February 19, 2004 @05:06PM (#8331807)
      Don't know if you were joking, but some folks really got MS Office war3z letters from the BSA for putting up OpenOffice downloads.
      • by KidSock (150684) on Thursday February 19, 2004 @10:34PM (#8335557)
        Don't know if you were joking, but

        It's no joke:

        Subject: [linux-elitists] Microsoft goes after Linux kernel downloaders?
        Date: Mon, 16 Feb 2004 20:15:28 -0600

        I went trolling, and it seems I caught the biggest fish of them all.

        When the story about the MS leak appeared on Slashdot this past week,
        I thought I'd have a bit of fun. A post entitled "Kernel source here,"
        which pointed to a torrent of Linux 2.6.2, was all it took to hook
        about a thousand would-be NT and 2000 source downloaders.

        "You can find the build applications and such with Google already."

        I trickled the torrent out at about 1k/s for the first few hours, then
        let it go full-speed once we'd crossed over 600 active
        participants. Let 'em all have the punchline at once.

        Imagine my surprise when my DSL stops working this morning, I call my
        provider, and I learn that I've been accused of copyright
        infringement. I argued that I was doing absolutely nothing wrong, and
        they turned service back on. After I asked to see the accuser's email,
        they forwarded the below. Sure enough, it's a bona fide valentine from
        MS Legal:

        J.K. Weston
        Microsoft Corporation
        One Microsoft Way
        Redmond, WA 98052
        jkweston@microsoft.com
        Tel: (425) 703-5529

        14 Feb 2004

        URGENT/IMMEDIATE ATTENTION REQUIRED
        VIA ELECTRONIC MAIL

        [My ISP]

        Re: NOTICE OF POTENTIAL UNLAWFUL DISTRIBUTION OF MICROSOFT SOURCE
        CODE AT: [one of my IPs]

        Date of Infringement: Detail below.

        Dear [My ISP]:

        We have received information that one of your users as identified
        above by the SITE/URL [My IP] may have engaged in the unlawful
        distribution of Microsoft's source code for Windows 2000, and/or
        Windows NT4, by distributing and offering for download these source
        code files via a peer-to-peer network.

        Since you own this IP address, we request that you take appropriate
        action against the account holder under your Abuse Policy/Terms of
        Service Agreement.

        The IP they chose wasn't the tracker, it was a system participating as
        a torrent peer. This makes me wonder if there are a thousand other
        P2P Linux 2.6.2 downloaders enjoying MS' Feb 14 love.

        Now, admittedly I was just asking for it by hinting at something that
        might offend the big giant. Still, it took them three or four days to
        issue this letter. In the meantime, shouldn't they have been able to
        find someone capable of cracking open a .tar.bz2? Did nobody raise the
        question of how a leaked CD fits into a 32m file?
        ___________________________________________ ____

  • by sootman (158191) on Thursday February 19, 2004 @04:55PM (#8331596) Homepage Journal
    A: Why oh why did I register with Insta-Trace?!?
  • by cthulhubob (161144) on Thursday February 19, 2004 @04:55PM (#8331607) Homepage
    Holy crap, Microsoft can find your physical mailing address if you download their source code...

    Does that mean those people I laughed at in high school for circulating that thing about Bill Gates sending you $100 for forwarding this email were RIGHT?!

    Damn, now I wish I'd been stupid enough to send that thing on - I could use an extra hundred bucks.
  • by Anubis333 (103791) on Thursday February 19, 2004 @04:55PM (#8331609) Homepage

    It had a EULA shrinkwrapped to it that said "Upon opening this letter I am hereby agreeing to..." so I just tossed it in the trash. I guess I'll wait till one of the letters gets leaked online, then I can just download it.
  • by imsabbel (611519) on Thursday February 19, 2004 @04:59PM (#8331671)
    The code is out, it wont come back.
    There are hundreds and hundreds of sources in emule, and thousands have been downloading (5k requests the last 5 days). Not to mention irc, ftps, kazaa , winmx and the other stuff.

    As an educated guess i would say that at least 50-100.000 people have the source currently on their harddisc.
    Whoever wants it now has it....
  • by Bull999999 (652264) on Thursday February 19, 2004 @04:59PM (#8331682) Journal
    We should respect MS copyrights just as we expect MS to respect GPL. Sure MS may be dirty, but we are better than them.
    • by DragonMagic (170846) on Thursday February 19, 2004 @05:04PM (#8331771) Homepage
      The parents is what people should be saying here. Respect others as you would have them respect you, regardless of how evil/vile they are. MS may be a convicted monopoly and leveraging computer and software companies, but trading their copyrighted code illegally is not justified.

      Don't go to their level. Be better.
    • Yadda yadda yadda (Score:5, Insightful)

      by gosand (234100) on Thursday February 19, 2004 @05:39PM (#8332315)
      We should respect MS copyrights just as we expect MS to respect GPL. Sure MS may be dirty, but we are better than them.

      I don't have their code, nor do I want it. But I realize that even if every single Linux user/GPL supporter refused to look at it or download it, it would still spread like wildfire. People download stuff like this just to say that they have it. I have a friend who is somewhat of a "collector" of things like this. He has no programming background whatsoever, he just wants to say that he has it. (ironically, he is actually in school getting a law degree with a concentration in Intellectual Property)

      The cat-genie is out of the bag-bottle.

  • Horse (Score:4, Funny)

    by RetroGeek (206522) on Thursday February 19, 2004 @05:03PM (#8331745) Homepage
    Barn Door
    Close

    Oh wait.....
  • by jon787 (512497) on Thursday February 19, 2004 @05:06PM (#8331799) Homepage Journal
    After I get my network connection killed
  • by Doobian Coedifier (316239) on Thursday February 19, 2004 @05:11PM (#8331888)
    When the news of the leak broke, I jumped on edonkey and downloaded it. Got this email via my ISP a couple days later, I've since deleted the code (it's not that interesting to me anyway. Bunch of BSD code in there tho...)


    Microsoft Corporation
    One Microsoft Way Redmond, WA 98052
    14 Feb 2004 18:45:44 GMT
    URGENT/IMMEDIATE ATTENTION REQUIRED VIA ELECTRONIC MAIL
    Re: NOTICE OF POTENTIAL UNLAWFUL DISTRIBUTION OF MICROSOFT SOURCE CODE AT: [my IP address]
    Date of Infringement: Detail below.

    Dear [my ISP]: We have received information that one of your users as identified above by the SITE/URL [my IP address] may have engaged in the unlawful distribution of Microsoft's source code for Windows 2000, and/or Windows NT4, by distributing and offering for download these source code files via a peer-to-peer network. Since you own this IP address, we request that you take appropriate action against the account holder under your Abuse Policy/Terms of Service Agreement. We also kindly request that you forward this notice promptly to the user of the IP address listed above at the time and date stated.

    To the user at [my IP address]: The unauthorized copying and distribution of Microsoft's protected source code is a violation of both civil and criminal copyright and trade secret laws. If you have downloaded and are making the source code available for downloading by others, you are violating Microsoft's rights, and could be subject to severe civil and criminal penalties. Microsoft demands that you immediately (1) cease making Microsoft's source code available or otherwise distributing it, (2) destroy any and all copies you may have in your possession, and (3) provide us any and all information about how you came into possession of this code. Microsoft takes these issues very seriously, and will pursue legal action against individuals who take part in the proliferation of it source code. We look forward to your prompt cooperation. Should you need to contact me, I can be reached at the address above or at someguy@microsoft.com.
    Very truly yours,

    Initial Infringement Timestamp: 14 Feb 2004 05:01:23 GMT
    Recent Infringement Timestamp: 14 Feb 2004 05:01:23 GMT

  • by pclminion (145572) on Thursday February 19, 2004 @05:14PM (#8331931)
    Ballmer: "Hey, Bill. Some intern from down in engineering came up with this great idea. No, don't worry, I fired him -- how dare he propose such a thing <grins evilly>"

    Gates: "Interesting Steve... What's this idea?"

    Ballmer: "Well, suppose we leaked the 2K and NT4 sources on the Internet."

    Gates: "I'm not sure I follow."

    Ballmer: "Think about it. We've got stagnating revenue streams from companies who are still using NT4 and 2000. We've got people continually hacking our software. Are you seeing the connection here?"

    Gates: "Sure, I get you: release the source code, so hackers can analyze it to find all the holes. We get free QA, and in the meantime, we can pressure our customers to upgrade to XP, because it's not vulnerable to these source code attacks. Thus, getting more money for us, from people who wouldn't have otherwise upgraded. Brilliant!"

    Ballmer: "You're catching on. And hey, I just thought of an extra bonus! We can track down people who actually download the source code and sue them. That way, we get another auxiliary revenue stream from court, make ourselves look good by appearing to 'fight hackers,' and strengthen the hostile attitudes held toward open source software by linking them to our stolen source code! Another inch closer to having a lock-hold on the Supreme Court when they finally make the big decisions about the validity of intellectual property!"

    Gates: "Why, this could have a favorable impact on the outcome of the SCO case, could it not?"

    Ballmer: "Sure. Those stupid Linux fanboys and their 'take over the world' nonsense. They don't understand who they're playing ball with."

    • by swillden (191260) * <shawn-ds@willden.org> on Thursday February 19, 2004 @06:05PM (#8332673) Homepage Journal

      Another inch closer to having a lock-hold on the Supreme Court when they finally make the big decisions about the validity of intellectual property!

      Funny, but it's worth pointing out that the USSC is not going to be making any big decisions about the validity of intellectual property... the US Constitution explicitly provides Congress with the right to make IP laws and even provides a brief rationale for them.

      What Congress should be looking at, though, is whether or not the current laws make any sense at all. What is really bizarre to me is this notion that you can keep something secret and yet still have copyright protection on it.

      The original reasoning behind copyright as we know it (as opposed to the true original reasoning, which was about facilitating censorship by the British Crown) was to enable authors to retain limited control of their published works, in order to encourage them to publish. When you publish a book, the content is out there for the world to see and potentially copy; there's no way to publish a book and keep it secret at the same time, so some legal protections are necessary if we want to enable authors to control and profit from their work.

      These "legal protections" are really limitations on what society is allowed to do with the work, in other words, freedoms we choose to give away, and the reason this is a good trade is because (a) it makes more material available now for people to read, learn from and build off of and (b) it ultimately puts more material in the public domain for anyone to use however they see fit when the copyright expires.

      Patents are really the same idea applied to a different space: Getting the details of inventions published for everyone to read theoretically encourages more invention. With patents, there's a *requirement* that the details be published, because unlike a book, it often is possible to keep secret the details of a piece of machinery.

      Even for copyrights, there is and always has been a sort of a requirement to publish -- under current law you cannot sue over copyright unless you have registered your work with the copyright office, and doing that requires you to submit a copy to them, placing it in the public record. Kind of. In the case of code, you only have to submit a few pages from the beginning and the end. The rationale behind copy registration was primarily to establish ownership, not to publish, because when all of this was set up publishing was just a given. Because that was the rationale, when code copyrights came along it was deemed too burdensome to deal with full printouts of the registered code (because they're really, really big) and, of course, the copyright office wouldn't have had any idea what to do with magnetic media.

      So now we've arrived at a situation that cannot have been expected or planned by the designers of the system: You can obtain copyright protection on something that you never published and never have to publish, even when you go to court to enforce your rights. The "trade" is no longer a trade, because society no longer gets to benefit from seeing what it is giving you protection for. There's no requirement that the code *ever* be published, even after the copyright has expired (assuming current copyrights ever will expire).

      In my opinion, it should only be possible to obtain protection for what you publish. If you want to keep your source secret and only publish binaries, fine. You get copyright protection for the binaries and you can use trade secret law to protect your source code -- but remember the caveat in trade secret law that once it's published it's no longer a secret, so you can only go after the person who gave it away the first time.

      On the other hand, if you want the full protection of copyright law applied to your source code, then you have to publish the code, at least before going to court over it. Publish *all* of it. I don't think the US Copyright Office of 2004 will have any trouble at all understanding how to manage data delivered on a stack of DVD-ROMs.

  • Stomp out IP (Score:5, Insightful)

    by deathofcats (710348) on Thursday February 19, 2004 @05:14PM (#8331933) Homepage
    Microsoft says that it working with the FBI. How many DIY programmers could ever claim that they were getting help from the FBI to track down people who had pirated their software? This is an example of how intellectual property only exists to benefit the rich and powerful who can get the authorities to do their policing for them. Microsoft has the FBI. I guess the rest of us would have to resort to rent-a-cops and DIY cease-and-desist letters.
  • Not Just P2P (Score:4, Informative)

    by kaschei (701750) on Thursday February 19, 2004 @05:19PM (#8332030)
    I got two calls yesterday from my on-campus network administrator's office asking to speak to my room mate. This is odd because I believe he downloaded it through a DC++ connection, as he seems to avoid bittorrent for some reason. All they asked was that he removed the source from his computer, I don't think there were any other consequences. Anyone else have a similar experience?
  • Makes you wonder... (Score:4, Interesting)

    by ValourX (677178) on Thursday February 19, 2004 @05:37PM (#8332296) Homepage
    why Microsoft isn't so rabid about stopping the spread of Windows XP and 2000 ISOs on filesharing services...

    -Jem
  • by Ponfyr (191266) on Thursday February 19, 2004 @05:45PM (#8332404)
    ...to poison the Wine Project [winehq.org] I tell you! Microsoft will claim wine dev team all had access to source-code! It's a trap, Wine developers must pull their net access cables from the walls immediately before it too late! Sign-off now!!!!!! We will contact you later by smoke signal to let you kow when its all clear.

    Trust no one!

    .signature

  • Makes you think... (Score:5, Insightful)

    by mtwalkup (745000) on Thursday February 19, 2004 @05:53PM (#8332518)
    Statement from Microsoft Regarding Illegal Posting of Windows Source Code


    Last updated: Feb. 18, 2004, 9:00 a.m. PST

    REDMOND, Wash., Updated Feb. 18, 2004 -- On Thursday, February 12, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet. Subsequent investigation has shown this was not the result of any breach of Microsoft's corporate network or internal security, nor is it related to Microsoft's Shared Source Initiative or its Government Security Program, which enable our customers and partners, as well as governments, to legally access Microsoft source code. Microsoft reaffirms its support for both the Shared Source Initiative and the Government Security Program.


    Now heres the thought-provoking question of the day:

    If the leak was not caused by a network security breach, a physical security breach, a troubled-employee, or it's code sharing initiatives; how the hell was the code leaked? They said it wasnt network security, and it wasnt internal security (which takes away a physical security breach or a troubled employee), and it wasnt't its code sharing initiatives... Makes you wonder... how the hell did the code get out?

    Answer this and get a cookie.
  • by Penguinshit (591885) on Thursday February 19, 2004 @06:18PM (#8332839) Homepage Journal

    From Kuro5hin... [kuro5hin.org]

  • by ztirffritz (754606) on Thursday February 19, 2004 @06:52PM (#8333218)
    Has anyone noticed that the RIAA has tried for two years to figure out how to connect an IP address to a snailmail address with out resorting to subpeonas, yet M$ did it in about 4 days? Has this not raised any eyebrows, made anyone look over their sholder, or consider buying a Mac, Unix, Linux, OS/2, anything not Microsoft box. In fact I'm probably putting myself at risk just by typing this. Oh crap, there here already...
  • by Nom du Keyboard (633989) on Thursday February 19, 2004 @07:34PM (#8333743)
    One way Microsoft could be finding P2P users would be to be running clients on all P2P networks with a copy of the leaked code being shared. Then:

    Copy down the IP address of anyone who starts a multi-source download
    Kill the download
    Whois lookup
    Letter to the ISP.

    Of course if they're distributing it in that manner so that the hash codes match, does that qualify as them legally giving it away?

    So has it made it onto Usenet yet?

A bug in the code is worth two in the documentation.

Working...