See your link here
Tinfoil hats, Gather criticism (and Darth pix)
In today's IT Blogwatch, we look at serious allegations that the recent WMF vulnerability was actually a deliberate Microsoft backdoor in Windows, and also at how startups 'gather' funding. Not to mention what happens when Darth Vader gets his passport photo done...
Steve Gibson -- love him or hate him, you have to admit he knows how to get attention. In his Security Now! podcast, co-hosted by Screensaver alumnus Leo Laporte, Steve all but accused Microsoft of inserting a backdoor into Windows NT 4.0, 2000, XP, and 2003. He later wrote it up, going into great technical detail but we'll condense this down: "MetaFiles are not 'printed', to do that you need a 'printer Device Context', which is different from screen contexts and metafile contexts. So it makes no sense to set an abort proc ... What you would expect ... [is] an argument specifying a Device Context and a second argument pointing to a user-provided function that is to be executed in the event of a printing abort. But that's not what happens ... Windows simply jumps to the next byte in the file and begin executing the code found there ... It was only when I deliberately mis-set the record's length to exactly ONE -- zero didn't work, two didn't work, nothing else worked ... The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows. WHY it was put in and WHO knew about it, and WHAT they were expected to use it for ... we'll never know." [A serious allegation -- I wonder what Microsoft has to say for itself]
» Stephen Toulouse, at Microsoft's Security Response Center parried with more technical detail, but let's cut to the chase: "There’s been some speculation that you can only trigger this by using an incorrect size in your metafile record and that this trigger was somehow intentional. That speculation is wrong on both counts. The vulnerability can be triggered with correct or incorrect size values."
» Gibson retorts with his latest findings, summarizing with: "nothing about this has the appearance of any kind of inadvertent 'bug'."
» Dave, Tangent is sitting on the fence: "These accusations are pretty wild, and would be immediately discounted as paranoia if they came from anyone else (in a hippy-conspiratorial tone: “the NSA maaaade them do it, maaaannn…”). But, Steve Gibson has been a part of the mainstream security community for decades, and is widely respected ... Microsoft gives a plausible explanation for the WMF hole. However, it does not directly address a number of points raised by Gibson."
» Richard Stiennon, Threat Chaos: "He hypothesizes that Microsoft could have put it in for a situation where they had to bypass admin settings, firewalls, AV, to execute code on the machines of visitors to their website via an image file ... Lots of old code hanging around Windows. Mr. Gibson is being spooked by ghosts of the past."
What's the point of Gather.com? Asks Mathew Ingram: "I don’t want to dump on Gather.com, which has ... received $6-million in financing from Lotus founder Jim Manzi and VC group Allen & Co. ... Still, I have to wonder what Gather.com has that’s worth $6-million (or maybe I have an unrealistic view of how much $6-million is nowadays). I've checked the site out several times, and apart from a garish and cluttered design that I find hard on the eyes, I don’t see much to make it stand out from the crowd ... Will any of these startups find success, or will they all? It’s a bit of a crapshoot at the moment. Fun to watch, but nerve-wracking to work in, I imagine. Steve Rubel says there is a Web 2.0 crash coming."
» Chris Brogan: "In a weird way, sites that use humans to move content up to a level that gets more people's attention are like the humans rebelling against the robots in Terminator. Someone has decided that Google does an okay job with its uber-smart math-based finds of sites, but hey- nothing beats a human pointing out a story to another human. I admit that it's what grabs me about it. Instead of searching Google for interesting content, I search del.icio.us or Technorati or Reddit."
» Antony Mayfield: "As Gather's founder puts it: 'The challenge [with blogs] isn't getting people to publish ... The challenge is helping people find really great content.' It's a model where recommendations and participation earn users points that can redeemed for rewards. I like the idea of aggregation services and I understand that people are going to try all sorts of things out, but rewards sends a shiver up my spine and makes me think of Beenz ... dotcom hype incarnate, rather than Heinz."
Buffer overflow:
- Peter Pollack: US Government begins testing e-Passports
- Richi Jennings: LinkedIn users are revolting
- Brian Krebs: Florida Leads Nation in Sony Rootkit Victims
- Harry Waldron: Use of Rootkits in Symantec AV products is exaggerated
- Doc Searls: From consumerism to producerism
- Gary Price: Tools that Optimize Web Content for Mobile Web
- Doug Burns: Peter Robson on the Temporal Database seminar
- Mary Jo Foley: Vista Gets Its First Security Patches
- Frank Hayes: Aw, how bad could a little 'virus' be?
- Robert L. Mitchell: What's not on your hotel card key
- Martin McKeay: Security breaches affect real people
- Joyce Carpenter: 11 reasons to date a female geek
- Shark Tank: So THAT'S what it's for!
And finally... Darth gets his passport photo done
Richi Jennings is an independent technology and marketing consultant, specializing in email, blogging, Linux, and computer security. A 20 year, cross-functional IT veteran, he is also an analyst at Ferris Research. Contact Richi at blogwatch@richi.co.uk. Also contributing to today's post: Judi Dey, our very own Antipodean.
Reply
Print
Email this
Digg this
