As a result of the break-in, Microsoft advised its beta testers to change their passwords late last week. However, company spokesman Rick Miller downplayed the significance of the incident, saying the online trespasser didn't get access to the company's crown jewels: its source code.
"They are not grabbing code; they are grabbing product, and it's going to be buggy and it's going to have problems," he said."This is obviously not good, but it's not terrible either."
However, the system does contain yet-unreleased versions of Microsoft's Windows products. In addition, the hacker would have had access to the comments posted by the beta testers, as well as the key used by the beta testers to activate their software, said Miller.
This is not the first time Microsoft's network has been breached. Microsoft's source code may have been accessed two years ago, when a hacker broke into some of the company's systems several times over three weeks. In January 2001, online vandals prevented many people from accessing Microsoft's network by flooding routers and servers with data.
At least one beta tester questioned the security of Microsoft's products.
"We were right in the middle of beta testing its .Net server and that's going to be a centerpiece of Microsoft's future," one tester told TechTV, which first reported the incident.
Microsoft has been laboring to improve the security of its products for several years now, but the efforts were given a higher priority in a January e-mail from co-founder Bill Gates to the company's employees. The products being tested on the Betaplace server include some of that work.
The software giant is treating the breach as a criminal investigation but Miller refused to comment on whether any law enforcement agency had been called in on the case.
It's time for the truth to come out from this story.
Earlier this month, WindowsBeta had this event called a 'Download Fair' in which beta testers were encouraged to test out the new HP Itanium 2 servers running a pre-RC2 (or perhaps even RC2) copy of Windows.Net Server 2003.
It is more than probable for somebody such as a hacker who monitors WindowsBeta from outside to have detected an enormous surge of traffic during the 5 hour 'download fair' period. The reason I say with confidence is because during the 'download fair', many beta testers experienced timeouts and dropouts with their downloads.
When Windows XP (codenamed Whistler) was in development last year, a similar scenario occurred when a beta ID and password were leaked on the Internet. As a result, the download servers were pounded heavily but warez kiddies.
The story behind this is that Windows.Net Server 2003 does not improve the required level of security. Microsoft is totally unethical when it comes to reporting stories like this... they hide a lot of information by throwing sweeteners saying nothing really happened. Well, one has to wonder where all the beta leaks come from.
Personally, I don't trust Microsoft anymore. There are so many negatives about the company. Even as a Microsoft 'Certitifed' Partner, I am ashamed to be working with a deceitful company. One can only expect a lot of *biff* and discontentment when Steve Ballmer holds an executive briefing with Microsoft Partners.