By Chris Nuttall
Published: February 13 2004 22:59 | Last Updated: February 13 2004 22:59
A small leak of source code from Microsoft's Windows operating system on Friday turned into a wave of illegal copies on the internet.
Once the data - enough to fill a CD-Rom disk - appeared on a file-sharing service on the net, copies were downloaded and passed on to other "peer-to-peer" (p2p) sites for the online world to scrutinise and pass judgment on.
On Slashdot.org, the "news for nerds" bulletin board, more than 2,500 comments were soon posted, many of them mocking Microsoft for yet another security lapse.
Those examining the code were amused by the plain-text profanities included by its programmers in the computer-language files they had created. There was also evidence of some sloppy habits in comments such as: "potentially off-by-1, but who cares".
But there were also clues to the possible source of the leak. A number of the 31,000 files, compressed into one larger file, contained references to Mainwin.
Mainwin is a software product belonging to a West Coast company called Mainsoft that specialises in converting Windows applications for use on other operating systems, such as Unix.
The code could have been stolen from a networked Mainsoft computer by a hacker breaking in, or may have been sitting on an insecure FTP (File Transfer Protocol) server - a computer that can make a company's files available for download over the internet.
Mainsoft had not commented on its possible involvement by last night and there were numerous other potential sources.
Microsoft has denied the leak was an internal one, but it has entered into agreements with a number of companies, academic institutions and governments to share parts of its source code.
Mainsoft was a partner in the Windows Interface Source Environment (WISE) programme, designed to help outside developers convert programs such as the Internet Explorer web browser to different operating systems.
Microsoft has been licensing its source code in specific circumstances since 1991 and in 2001 announced the Shared Source Initiative, which made 2,000 organisations and 59 governments eligible to view the source code of 20 Microsoft products. The move was aimed at helping others to adapt their own software to fit better with Microsoft's.
The leaked source code constitutes part of the Windows 2000 operating system, but although it consists of 13.5m lines of code, this is not considered to be a significant chunk of the program.
"In general, the leakage of source code of any application is not a catastrophe," says Steve Hunt, Forrester Research analyst.
"But Microsoft so rigorously limits the use and availability of its source code that any leakage is big news, and it's very exciting for hackers who love to examine source code and look for new opportunities to exploit an application."
Microsoft is therefore unlikely to suffer from the loss of any intellectual property or revenues due to its source code being exposed to the world. This portion could not be compiled into a working operating system and could not be extended to create a meaningful rival to Windows.
But the inside knowledge gained by hackers does represent a longer-term threat and could be used to develop programs delivered by e-mail that would have the potential to crash computers worldwide or turn them into "zombies" that can be controlled to attack websites such as Microsoft's.
The economic damage caused this month by the MyDoom virus is now estimated to stand at between $61.8bn and $75.6bn, according to mi2g, the London-based digital risk analysts. The virus slowed computer systems worldwide as it spread to account for more than one in 10 e-mails. It dwarfed the effect of last year's Sobig virus which inflicted between $33.6bn and $41.1bn of economic damage worldwide.
"The greatest damage here is not to Microsoft from a PR point of view," says Mr Hunt.
"It could yet come in the potential threat from hackers, and computer security firms around the world will be watching this carefully."