The hunt is on to determine how a pirated version of a forthcoming Microsoft operating system found its way onto the Internet earlier this week.
Microsoft acknowledged Friday that a copy of an internal build of the follow-on to Windows 2000, code-named Whistler, was posted on the Internet illegally. Originally the company said it could not locate the software on the Web. "Microsoft did confirm that a build of Whistler turned up on the Internet," a company spokeswoman told ZDNet News.
The software firm is still investigating the apparent theft of the software, she said.
It is believed a copy of the OS, which is being tested internally by the company, came directly from Microsoft's internal Web site. It is not unusual for software in Microsoft's public beta testing program to show up on the Web, but it is unusual for software that is still being tested internally, known as internal builds, to show up there.
Pirating an inside job Currently, Whistler "is only available from Microsoft's internal Web site. It's not in open beta testing yet," said Robert Stein, president of Active Network, owner of Activewin.com, one of the sites that first reported the pirated copy of Whistler.
That means "a developer or someone who has access to the (Microsoft) intranet had to have downloaded it," he said.
The OS is more than 400MB, making it likely that the pirated version of Whistler was loaded onto a CD and taken from a Microsoft office. It is unlikely that someone would upload a copy of the software directly from an internal Microsoft server to the Web, Stein said.
It is not clear whether the same person who downloaded this copy of Whistler, known as Build 2211.1, is the same person who first posted it on the Internet. It is equally unclear whether Microsoft employees commonly leave the company's offices with development builds of software that is not yet in public beta. Microsoft declined to comment on these issues.
It didn't take long for Whistler to find its way around the Net. The copy was posted to the Web last Tuesday and was quickly discovered by sites, including Activewin and BetaNews.com.
Microsoft denied build existed Initially, after an unsuccessful attempt to locate a copy of the OS on the Net, Microsoft denied that the copy in question existed.
On Thursday, though, BetaNews and Activewin stepped in. Via email, the two sites contacted Microsoft Group Vice President Jim Allchin with evidence of the validity of the copy of the Whistler build circulating on the Net.
Allchin, who is in charge of Windows development, acknowledged the existence of the OS build, confirming that Microsoft had issued a Build 2211.1.
"You are the first person who has written and stated directly that you have seen it with your own eyes. Given this I will assume that it was out there and fully distributed as you said. If you want to quote me on this, this is fine," Allchin told BetaNews' Webmaster, Nate Mook.
Microsoft officials said it was too early to speculate on whether they will prosecute Whistler's pirates, if they can be located. However, the company does have a project, the Internet Monitoring program, whereby it uses search-engine technology and a group of company staffers to monitor Web sites that are distributing its software illegally. Last January, for example, the company shut down 100 Web sites that were illegally distributing copies of Windows 2000, said Janice Block, a Microsoft corporate attorney. It does so by contacting those Web sites' Internet service providers, which generally close the sites within 48 hours. It also looks into prosecuting the proprietors of those sites, if they can be located.
While Microsoft doesn't typically go after consumers, leaving that to the Business Software Alliance, Block said it is illegal to download pirated copies of its OSes because "the downloading of that software is a copyright infringement."
"I think it's much easier for them to see the sites that are posting (Whistler builds). ... That, for sure, is illegal," Stein said.
Microsoft would not comment on the status of the investigation. However, it has at least one or two leads.
Activewin furnished Microsoft with information on where to find the OS and also email from individuals who may have had something to do with its posting on the Web, Stein said.
Take me to the Hackers News Special