Security is a relative term. In a couple of days, leaked versions of the upcoming Windows 7 operating system are selling fast though pirate sites. More alarming is that 4,300 “seeders” (computers with full copies of stolen software) are operating.
The seeders have other outlets, too. Starting with Pirate Bay, they moved on to Mininova:
Computerworld:
Similar increases could be seen on other BitTorrent sites. For example, Mininova listed almost 20 Windows 7 BitTorrents — some of them duplicates of the ones that appeared in searches of Pirate Bay. Two of the torrents on the Mininova site had more than 4,500 seeders each.
For users, this means that Windows 7 will be a very well studied system when it comes out. This is in effect sabotage, on a huge scale. Any security flaws will be well known.
Microsoft hasn’t been too forthcoming about its actual release date beyond using January 13 as a release date for the beta version. That’s some sort of buffer, but what level of compromise this puts on Windows 7 is anyone’s guess.
There’s another issue. The recent massive compromising of computers around the world, and this huge number of seeders is unlikely to be a coincidence. This is another form of saturation attack, unstoppable without major clampdowns, and since these seeders can operate across multiple servers, highly disruptive.
In theory, the seeders can’t be shut down. The principle is that of the Hydra, multi headed, cut off one head, and others replace it.
However- A surprise attack from servers and ISPs isn’t out of the question, if they can arrange it. If they can identify, isolate, and rework servers to avoid the seeders with new security protocols, it might inconvenience a few thousand people, but not the whole world.
The leak at Microsoft also seems beyond any possibility of coincidence. The trouble with huge organizations is that security is always behind the eight ball, and has a job as big as the organization. Microsoft should compartmentalize Windows 7 for research and testing, so nobody can operate a full system.
It’s not impossible, but unlikely, that Windows 7 can be rebuilt entirely to reduce the impact of the beta versions on its defences.
This is a potential market minefield for Microsoft. Serious loss of faith in the new operating system, after Vista’s very mild enthusiasm, could open up the floodgates of dissatisfied, not to say worried, users.
There's a limit to how insecure people want to be. That's the relative effect.
