- Related Stories
-
Microsoft staffer charged with stealing search code
July 9, 2004 -
Reheated Bagle comes with side of source code
July 6, 2004 -
Security experts play down Cisco leak
May 17, 2004 -
Microsoft cracks down on source code traders
February 18, 2004 -
Game's source code stolen in hacking
October 7, 2003 -
Microsoft hack puts spotlight on tech espionage
October 29, 2000
The group, which calls itself the Source Code Club, is offering what seems to be the stolen source code for an older version of Enterasys Networks' Dragon intrusion detection system and Napster's client and server software. The price: $16,000 and $10,000, respectively.
As proof that it has the code, the group has put a listing of the files online. By using e-mail drops and encryption, the group believes that it can keep both the buyer's and its own identity secret.
"A company can feel safe doing business with us, because everything related to our clients is encrypted...(and) after a transaction with a client is completed, all encrypted records are destroyed," said a person identifying himself as Larry Hobbles, who responded to a message sent to the contact e-mail address on the Web site.
The Napster software appears to be related to the original file-sharing service, not the current legal music service, according to a statement from Roxio, which bought Napster's intellectual property.
Enterasys said it has contacted the FBI and is investigating the authenticity of the group's claims. While it did not confirm that the Source Code Club has the source code, the security company said it had analyzed the listing posted on the group Web site and concluded that, if the files have indeed been stolen, the theft did not entail an intrusion of its network.
"The continuing investigation indicates that any possible misappropriation of the code would have been linked to a physical theft of media and not a breach of the network," Enterasys said in a statement given to CNET News.com.
Moreover, the company pointed out that the listing on the Web site indicated that the Dragon source code was two generations old.
Enterasys and Roxio would not be the first companies to have the blueprints to their crown jewels leaked or stolen.
In May, Cisco Systems discovered that the source code that powers many of its networking products had been stolen and posted online.
Earlier in the year, a significant portion of the code making up Microsoft's Windows 2000 and Windows NT4 operating systems began circulating around the Internet. And last week, authorities charged a Microsoft programmer with stealing code from AltaVista after he left the search company but before he began working for the software giant.
The Source Code Club said in statements on its Web site that Enterasys' code is not the only programming up for sale: The group also takes orders.
"If you are requesting something from a Fortune 100 company, there is a good chance that we might already have it," the group said. "If we do not have what you are looking for already, we will consider getting the said data for you, for a price. This could take our team up to two months to complete."
The Source Code Club appears to be setting up for long-term business. Whenever law enforcement agencies shut down its Web site, the group will move to a new one, it said, and advertise on software security mailing lists. That could make it hard for authorities to shut the group's trading down, despite its high-profile flaunting of stolen code.
"Although there is a possibility that our site may go down, it will only be short term," the group stated. "SCC is here for the long haul and will re-emerge as necessary."
- Why should anybody want this code?
- by July 16, 2004 4:02 AM PDT
- I wonder who would like to buy this code. If he
- Like this Reply to this comment
-
(4 Comments)switched to Libre Software (Free Software), he
could get high-quality code for his application
for free with the freedom to share and modify
it.
Note: Please do not tell me the reasons one may
want to have access to source code of
closed-source apps, I know them :)