[Am-info] NewsSource, October 30 2000 / 2 of 8 / NETWORK BREAKIN

Paul Rickard pr@ms-bc.com
Wed, 8 Nov 2000 17:33:09 -0500 

      *For years, Microsoft executives have bragged about "eating our own 
dogfood," or using their own products for critical systems inside the 
company. But like real animal cuisine, Microsoft's software is proving 
itself a poor substitute for the real thing. On Wednesday, October 25, 
Microsoft reported a severe breach to one of its internal networks. 
According to statements, a Microsoft employee running an outdated version 
of Outlook received an viral attachment sometime during the summer. That 
virus spread across Microsoft's insecure dogfood-based network and slowly 
collected a wide array of employee passwords, which were sent to an MSN 
Hotmail account belonging to someone in St. Petersburg, Russia. That 
person (or persons) then used those passwords to dial in just like a 
telecommuting employee would, and had free reign of Microsoft's internal 
networks for at least a month. Microsoft was completely unaware of the 
breach until someone finally found something suspicious in server logs - 
a good three months after the infiltration began.

      Microsoft denounced the attack, called in the FBI to investigate, 
and vowed to beef up its security, but noone inside the company would 
specify what exactly the infiltrator had done while inside the corporate 
network. Steve Ballmer said source code for projects in development had 
been viewed, although he was not specific on which projects were 
involved. But with a month of uncontrolled access, we can assume that the 
persons involved gained access to almost all of Microsoft's crown jewels 
- current and future versions of Windows and Office.

      While we have advocated the release of Microsoft's source code for 
years, its possession by only one small group of outsiders presents a 
huge risk for everyone - not just Microsoft or users of its products. 
Microsoft has in the past included secret backdoors in its products, to 
allow software updates, check for software piracy, and (in one alleged 
case) provide a way for the government to check encrypted files. Close 
analysis of the code by skilled programmers would make any such backdoors 
obvious, and would make the openings easily accessible to any group in 
possession of the code.

      Since the breach was tracked back to Russia, it raises some 
significant concerns about who could now have the ability to enter into 
computer systems running Windows. By all appearances, this was carried 
out by a large well-organized group, most likely one of the well-financed 
mafias that have popped up across the Russian continent. Those groups are 
motivated by profit, and the best way to make a profit from valuable 
information like a Windows backdoor is to sell it - and the highest 
bidder would be a terrorist group or foreign government looking for an 
unfair advantage over developed countries that run everything with 
computers. Imagine if you will, Saddam Hussein or Osama bin Laden coming 
into possession of a secret back way into Windows - the same Windows that 
the United States Navy is quickly introducing into the navigation and 
weapons systems of its newest vessels. -|

            ALSO SEE:
      http://www.wired.com/news/culture/0,1284,39778,00.html
      http://news.cnet.com/news/0-1003-200-3308084.html
      http://www.wired.com/news/culture/0,1284,39805,00.html
      http://www.theregister.co.uk/content/1/14265.html
      http://www.salon.com/tech/log/2000/10/27/microsoft_crack/
      http://zdnet.com/zdnn/stories/news/0,4586,2646331,00.html



======== Paul Rickard, Editor of The Microsoft Boycott Campaign =======
--------------------------------[ Http://www.msboycott.com ]-----------

  "It's possible, you can never know, that the universe exists only for
   me. If so, it's going quite well I must admit." -Bill Gates