By most expert accounts, the unauthorized release of Windows 2000 and NT4 code is more of a nuisance than a threat to Microsoft and its customers. Nonetheless, the news was brimming this week with various angles to this story.
Here's a recap, in case you missed something:
- The FBI joins the hunt. Microsoft announced that the federal law enforcement body was investigating the leak as a criminal matter, and the software maker pledged full cooperation.
- Microsoft rules out shared source as the culprit. The "shared source initiative," first described by Microsoft vice president Craig Mundie during a speech in 2001 at NYU, was initially suspected as a possible source of the leak. Not so, Microsoft says. "Subsequent investigation has shown this was not the result of any breach of Microsoft's corporate network or internal security, nor is it related to Microsoft's shared source initiative," Redmond said in a statement issued Thursday. That directly contradicted a statement issued a day earlier by a longtime Microsoft partner. (See next item.)
- Accusing fingers point at Mainsoft. Early reports indicated, and Microsoft later agreed, that the real source of the leak was Mainsoft, a San Jose, Calif.-based maker of software to port Windows applications to other platforms, including Unix and Linux. A statement attributed to Mainsoft chairman Mike Gullard said, "Mainsoft has been a Microsoft partner since 1994, when we first entered
- a source code licensing agreement with Microsoft." Since the shared source initiative covers partners, governments and others, how can Microsoft say the leak has nothing to do with the program? Mainsoft's statement stopped short of admitting that the leak came from one of its computers.
- A related exploit appears. Analysts initially predicted that there weren't likely to be any security issues related to the source code leak. No sooner were those words spoken than the first exploit appeared. It wasn't a biggie -- the exploit was applied only to an old version of Internet Explorer -- but it did prove that the code could be mined with malicious intent. As far as the exploit goes, Microsoft said that users of IE 5 could protect themselves by downloading the existing IE 6 Service Pack 1.
- Microsoft warns downloaders. Early in this drama, Redmond made it clear that it wouldn't stand by while programmers merrily downloaded its prized intellectual property. By mid-week, it had already sent threatening letters to users that it discovered had grabbed the code off peer-to-peer sites. Those letters reportedly promised legal action against downloaders, a la the recording industry's crackdown on Napster users.
- A silver lining to the leak? No story like the source code flap is complete without someone finding the upside. That angle also emerged this week, when some analysts speculated along the lines of the Friedrich Nietzsche quotation, "What does not destroy me makes me stronger." The thinking goes that, with Linux breathing down Microsoft's neck, someone who sees the code may come up with a creative means of improving Windows that hadn't been thought of on the Redmond campus.
In other Microsoft news this week, a British consultancy thinks it has stumbled upon a way for customers to squeeze price concessions out of the software maker, a feat that few have managed. Netproject made the discovery when it helped the government of Newham -- a London borough -- with a formal tryout of a Linux system. When Microsoft got wind of the possible defection, it offered a 30% discount on Windows and Office upgrades, which Newham gladly accepted.
Officials in Munich must be wishing they took Steve Ballmer up on a similar offer a few months ago. The German city made a high-profile defection to Linux, despite the last-minute deal sweeteners extended by Microsoft's chief executive. Now there are reports from the German press that Munich has experienced some serious financial, technical and user-resistance problems during the migration.
New Office rival unveiled
New challenges to Microsoft on the desktop were on display this week at the International Data Group's Demo 2004 show in Arizona. The desktop productivity suite making the biggest splash was Evermore Integrated Office (EIOffice) from China's Evermore Software. The English-language applications, which have gotten high marks from reviewers, are designed to integrate with documents created in Microsoft Office apps, such as Word and Excel.
And, in an update to an older story, the Associated Press caught up recently with Dan Geer, the security expert fired from the AtStake consultancy in the wake of a report he co-authored that criticized Microsoft for helping to create a software "monoculture." The mutton-chopped critic of anti-diversity lost his job, but he started a discussion that lives on. "No matter where I look, I seem to be stumbling over the phrase 'monoculture' or some analog of it," he told the news service.
FOR MORE INFORMATION: