A while ago, Microsoft accidently leaked Tulalip. Some social network experiment that could be
If it was a smoke test, it was both cleverly planned and very silly at the same time.
Why? Because the timing would have been too obvious (15th of July, shortly after the Google+ launch).
Well Microsoft was already working on it since a while as a Google search reveals:
(the search results have already been removed in the meanwhile)
You can see several instances of the same application.
The Google cache shows me that the site was already crawled on the 27th of June 2011
The biggest rookie mistake was to forget to exclude the site from being crawled by using a simple robots.txt
(sorry for the hindsight, such things can happen, I know)
Another reference I found was the use of a free load-test (see here
http://loadimpact.com/result/tulalip-scratch.cloudapp.net/-6234fd9c421156d2dab04dcadedcddbe ) performed on the 17th of June 2011 for the domain tulalip-scratch.cloudapp.net
And now the pages just show plain and simple a message from (or on behalf of) the dev. team:
Furthermore there is one single very interesting fact:
The domain share-film.com is the host for a warez page and.. surprisingly also the host of an older version of Microsofts social net.
Hm. Funny... the image-preview shows a different design and the original name of the social network...
Makes sense after the leak was discovered on www.socl.com
ser.sharefilm.com has also some different footprints here on the web...
Ok ok, whatever... all this isn't so important.
More important is, what we can learn about Microsoft's way of testing and developing products.
Tulalip/Socl is basically a smaller project created by a small dev. group... creative, but not that experienced. I'd say they are mostly fresh from University or school.
If it were a well-funded project, it wouldn't have leaked in that way. They'd have security experts having an eye on the project... making sure that it isn't indexed by the Googlebot.
Furthermore, they'd consider a different way of testing their software than to just use a free load-test somewhere on the web that compromises the security of your project by posting the URL and the results on the web.
Microsoft would have it's own testing software for that...
Too many rookie-mistakes for a well experienced dev-team or a project with a big budget.
Microsoft has most likely multiple small groups working on different projects, all hosting on cloudapp.net (I guess some kind of AppEngine made by Microsoft, hosting .net projects)
There are two subdomains I found on cloudapp.net, referring to Socl/Tulalip:
- tulalip.cloudapp.net
- tulalip-scratch.cloudapp.net
I guess one was the testing version and the other one was the dev-version.
So, if someone interested in leaks might want to hunt, the best way to get started is to analyze habits, best practices and procedures of a company or developers.
In this case I guess the hunt wouldn't make much sense as the group seems to be not really "into" or tied to company internal best practices... but, if I'd want to hunt for THEM, I'd try to find every possible subdomain on cloudapp.net.
It is highly unlikely that they have simply shut down the application. It is more likely that they moved/renamed the instance somehow (this would cause way less trouble than to move it to a completely different server)
My best guess is, that it is still hosted somewhere on cloudapp.net... I just have to wait for Google to index it again. (if they haven't learned from their mistakes... they are rookies)
The rename from socl to tulalip (even if they had the domain socl.com) also tells me, that it is not a primary focus of Microsoft. (no money, no lawyers)
The reason why they had to rename it can be found here:
http://socl.tntlab.org/index.php?title=The_SOCL_Project:_Social_networking_for_Online_Community-based_Learning
Yep.. Ooops. (dated 4th of July 2011)
Well... now I know where Microsoft might have leaks... cloudapp.net.... I'm watching you.
And my other guess: they might set up a second serverfarm for internal development too... hmm.. we'll see.
BTW... Warez site? WTF? I hope the guy who upped the early build of socl has a very good explanation for that!
I like the design and I hope they don't slash the project just because of some... stupid mistakes.
I probably won't use it... but hey, it looks great :)
A while ago, Microsoft accidently leaked Tulalip. Some social network experiment that could be
If it was a smoke test, it was both cleverly planned and very silly at the same time.
Why? Because the timing would have been too obvious (15th of July, shortly after the Google+ launch).
Well Microsoft was already working on it since a while as a Google search reveals:
(the search results have already been removed in the meanwhile)
You can see several instances of the same application.
The Google cache shows me that the site was already crawled on the 27th of June 2011
The biggest rookie mistake was to forget to exclude the site from being crawled by using a simple robots.txt
(sorry for the hindsight, such things can happen, I know)
Another reference I found was the use of a free load-test (see here
http://loadimpact.com/result/tulalip-scratch.cloudapp.net/-6234fd9c421156d2dab04dcadedcddbe ) performed on the 17th of June 2011 for the domain tulalip-scratch.cloudapp.net
And now the pages just show plain and simple a message from (or on behalf of) the dev. team:
Furthermore there is one single very interesting fact:
The domain share-film.com is the host for a warez page and.. surprisingly also the host of an older version of Microsofts social net.
Hm. Funny... the image-preview shows a different design and the original name of the social network...
Makes sense after the leak was discovered on www.socl.com
ser.sharefilm.com has also some different footprints here on the web...
Ok ok, whatever... all this isn't so important.
More important is, what we can learn about Microsoft's way of testing and developing products.
Tulalip/Socl is basically a smaller project created by a small dev. group... creative, but not that experienced. I'd say they are mostly fresh from University or school.
If it were a well-funded project, it wouldn't have leaked in that way. They'd have security experts having an eye on the project... making sure that it isn't indexed by the Googlebot.
Furthermore, they'd consider a different way of testing their software than to just use a free load-test somewhere on the web that compromises the security of your project by posting the URL and the results on the web.
Microsoft would have it's own testing software for that...
Too many rookie-mistakes for a well experienced dev-team or a project with a big budget.
Microsoft has most likely multiple small groups working on different projects, all hosting on cloudapp.net (I guess some kind of AppEngine made by Microsoft, hosting .net projects)
There are two subdomains I found on cloudapp.net, referring to Socl/Tulalip:
- tulalip.cloudapp.net
- tulalip-scratch.cloudapp.net
I guess one was the testing version and the other one was the dev-version.
So, if someone interested in leaks might want to hunt, the best way to get started is to analyze habits, best practices and procedures of a company or developers.
In this case I guess the hunt wouldn't make much sense as the group seems to be not really "into" or tied to company internal best practices... but, if I'd want to hunt for THEM, I'd try to find every possible subdomain on cloudapp.net.
It is highly unlikely that they have simply shut down the application. It is more likely that they moved/renamed the instance somehow (this would cause way less trouble than to move it to a completely different server)
My best guess is, that it is still hosted somewhere on cloudapp.net... I just have to wait for Google to index it again. (if they haven't learned from their mistakes... they are rookies)
The rename from socl to tulalip (even if they had the domain socl.com) also tells me, that it is not a primary focus of Microsoft. (no money, no lawyers)
The reason why they had to rename it can be found here:
http://socl.tntlab.org/index.php?title=The_SOCL_Project:_Social_networking_for_Online_Community-based_Learning
Yep.. Ooops. (dated 4th of July 2011)
Well... now I know where Microsoft might have leaks... cloudapp.net.... I'm watching you.
And my other guess: they might set up a second serverfarm for internal development too... hmm.. we'll see.
BTW... Warez site? WTF? I hope the guy who upped the early build of socl has a very good explanation for that!
I like the design and I hope they don't slash the project just because of some... stupid mistakes.
I probably won't use it... but hey, it looks great :)
[ABOUT LEAKS] What I can tell from a simple mistake.
No comments:
Post a Comment