Security Web Digest: Pirated Longhorn For Sale ... and More

RIAA suit moved to Federal court Analysts say MS security document not a guideline for masses New Red-M product manages/monitors wireless LANs Diebold agrees not to sue voting rights advocates who publish leaked documents

Intellectual Property

Software pirates in Malaysia are selling the next version of Microsoft Corp.s Windows operating system years before it is supposed to be on sale. CDs containing software Microsoft has code named "Longhorn" are on sale for six ringgit ($1.58) in southern Malaysia. The software is an early version of Longhorn demonstrated and distributed at a conference for Microsoft programmers in Los Angeles in October, Microsoft Corporate Attorney Jonathan Selvasegaram said.

A dispute between the Recording Industry Association of America and SBC Communications Inc. has been transferred to a federal court in Washington. SBC has sued record labels to stop a flood of court orders that seek to track down its Internet customers who may be illegally copying music. The RIAA noted that the Washington court handed it a victory earlier this year in a similar dispute with Verizon Communications.


A document called "Security at Microsoft," detailing how the company protects its global network, raised some eyebrows among security watchers. The document is seen by some as marketing collateral rather than a serious security white paper. "Its not that useful because its a pretty formulaic approach," said Marc Maiffret, Windows expert and chief hacking officer at eEye Digital Security. "Microsoft is an unusual company. Its a lot more homogenous than most companies of a similar size, many of which run dozens of different systems."


Red-M this week will unveil its product to manage wireless infrastructure, and monitor hardware and software usage by clients. Red-Vision is part of the companys Red-Detect intrusion detection system (IDS). The product uses hardware probes to monitor the airwaves for rogue 802.11a/b/g and Bluetooth access points.

Electronic Voting

Diebold Inc. has agreed not to sue voting rights advocates who publish leaked documents about the alleged security breaches of electronic voting. Diebold, which controls more than 50,000 touch-screen voting machines nationwide, had threatened legal action against dozens of individuals who refused to remove links to its stolen data. The companys battle began in March, when a hacker broke into the companys servers using an employees ID number, and copied a 1.8GB file of company announcements, software bulletins and internal e-mails dating to January 1999.