Fool.com: What's Bad for Microsoft [News] November 1, 2000
oneHandle
issue would never have arisen without insider participation (with
insider participation ANY system can be gotten into).
"If it's not Scottish, it's crrrrrap!" - Saturday Night Live
"www.fool.com web2news.pl" <Use-Author-Address-Header@[127.1]> wrote:
>
>What's Bad for Microsoft
>
>The main risk in the hacking of Microsoft is that bad guys can add "backdoor" access to the computers
>that run the company's finished software. The main reason this matters is because Microsoft has
>already gained front-door access to those same computers.
>
> [ http://boards.fool.com/Find.asp?ticker=MSFT ] Microsoft
>
>By Nico Detourn (TMF Nico)
>
>November 1, 2000
>
>Five days after [ http://news.cnet.com/news/0-1003-201-3311366-0.html ] word broke that intruders
>had snuck into Microsoft's [ http://quote.fool.com/uberdata.asp?symbols=MSFT ] (Nasdaq: MSFT)
>corporate computers, it's still unclear what actually happened. That's not surprising. At this point,
>probably no one knows for sure, and those who might know have reasons to not spill the beans. Still,
>the information that is out there doesn't entirely add up, especially the chronology of what
>Microsoft knew and when they knew it.
>
>According to early reports, intruders initially broke into company computers and then used hacked
>passwords to gain deeper access to the system and eventually to the source code for Microsoft
>applications. The intrusion lasted five to six weeks. Citing unnamed sources, The Wall Street
>Journal said the break-in was discovered when security people detected passwords being sent to a
>computer in St. Petersburg, Russia.
>
>The paper said network logs showed source code for Microsoft software -- including the
>bread-and-butter Windows operating system and Office applications -- had been transferred outside
>the company's Redmond campus.
>
>Microsoft on Friday called the incident "a deplorable act of industrial espionage." It also said
>the incident was "narrower than originally thought" and the source code for Windows and Office
>remained untouched by hacker hands. "That is very good news," said Microsoft spokesperson Mark
>Murray.
>
> High-level access
>
>Over the weekend, certain details of the original story were updated, others were filled in, and
>new questions were raised.
>
>Microsoft now says intruders only saw source code for unidentified products that are still under
>development and years away from release. These files were neither changed nor damaged, Murray said.
>"We don't believe customers are going to be affected in any way."
>
>The period of the attack was similarly scaled down. Microsoft says that access to "high-level" areas
>and files was limited to a 12-day period between October 14 and 25, although it acknowledges that
>the intruder could have entered the system before then.
>
>Microsoft says it initially thought the attack might be related to a virus from some weeks earlier
>and that it did not want to underestimate how long the intruder had been worming through its
>computers. They now believe the two events are unrelated.
>
> Real-time hacker tracking
>
>Microsoft also now says it was aware of the intrusion from the get-go. Rick Miller, another Microsoft
>spokesperson, says the company tracked the hacker's movement through its network in real time and
>"knew what the person was doing."
>
>Presumably by way of reassurance and to further minimize the significance of the situation, Miller
>said that if attempts had been made to transfer source code files, they do not show up in the
>network's logs. But this suggests that such activity may not always be recorded, so one wonders
>about Microsoft's ability to actually know what did or did not happen.
>
>In addition, Miller says the size of the source code files make it unlikely that they were
>surreptitiously snatched. The company's reputation for "bloatware" notwithstanding, however, 12 days
>is more than enough time to mess with Microsoft's family jewels, according to security experts and,
>f
>
>Full text at: http://www.fool.com/news/2000/msft001101.htm
>
>Posted with: http://www.deja.com/getdoc.xp?AN=596972256&fmt=text
>
>http: www fool com news 2000 msft001101 htm web2news.pl