The Archives of The Evil Empire2001 January
| ||
|
22 January: Mass hack takes out government sites by exploiting IIS security leak
A hacking spree last weekend saw military and government Web sites defaced on three continents in what its perpetrators claimed was the largest mass defacement in the history of mankind. The graffiti artists, known as Pentaguard, took out government Web sites in the United Kingdom, Australia, and the United States and defaced them with the same message. "All the UK sites were running NT and Microsoft IIS [web server] and were hosted by ISPs - which raises the question of who's responsible for the security of hosted sites," said Paul Rogers, a security consultant at MIS Corporate Defence, who said that all the other sites were running similar configurations using IIS4. 19 January: MS' antitrust backup plan: Net monopoly
If the appeals process should ultimately decide that Microsoft really does have to be broken up to rectify its software monopoly, the company - or companies, in that case - can always seek to monopolize something else crucial to computer users: access to software. With the role of software gatekeeper, or handmaiden to the world's software gatekeepers, in mind, the Microsoft .NET initiative continues to swell, reaching into more platforms and products. 19 January: MS gets hacked off with bug hunter
A row has broken out between Microsoft and veteran bug hunter Georgi Guninski after he publicised a vulnerability with Windows Media Player 7 before a software patch was available. A vulnerability involving the "skins" feature of the application exists which could allow hackers to read files on a victim's PC. According to Guninski, if the bug is properly exploited it could allow an attacker to gain control of a victim's machine. Michael Aldridge, a lead product manager in Microsoft's digital media division, told The Register that Guninski had only given the software giant a few days notice and said he acted "irresponsibly" in publicising the flaw. 18 January: Developers cry foul over new Microsoft language
Microsoft is touting the Visual Studio.Net suite as key to the Microsoft.Net vision of software as an Internet-based service. But a number of developers working with the first beta of one of the primary languages, Visual Basic.Net, are becoming increasingly vocal about their misgivings. Developers are worried that Visual Basic.Net is so different from the Visual Basic they have come to know and understand that upgrading will pose a major hurdle. Some say the .Net version bears so little resemblance to Visual Basic 6.0 and previous versions of the language that Microsoft shouldn't continue the name. "VB.Net, unlike other versions of VB, does not use the language syntax and behavior of MS Basic," said Daniel Barclay, head of Barclay Software, an Orange, Texas, technology-automation software vendor targeting the banking industry. "The new language looks familiar, but it is not the same." 18 January: Is Ashcroft antitrustworthy?
John Ashcroft, President-elect Bush's nominee for attorney general, couldn't have been more evasive when asked about the Microsoft antitrust case. "I don't know the facts of the Microsoft case," he said. "It is a very complex case, from what I've heard about the case." 17 January: Warning issued over Windows Media Player 7 bug
Veteran bug hunter Georgi Guninski has identified a potentially serious security vulnerability affecting Microsoft Windows Media Player 7 "skins", which control the look and feel of the application. The bug is said by Guninski to allow hackers to read "local files and browsing directories which in turn allows executing arbitrary programs" on victim's machines. Properly exploited it could allow an attacker to obtain complete control of a user's computer, he warned. Users of other browsers are not affected by the vulnerability whose affects are believed to be limited to a particular machine. 17 January: MS Whistler copy protection climb down begins - in Germany?
With Whistler Microsoft plans to introduce a new form of copy protection involving compulsory registration and resulting in 'single use' software. But there are signs of revolt among the troops - at least in Microsoft Germany. In today's edition of the Financial Times Deutschland, Microsoft Germany spokesman Tomas Jensen is quoted as describing Microsoft Deutschland as a special, sensitive case, and suggesting that although the rest of the world may be forced to put its hands up to the new "product activation" system, Germany could be let off. And we'll translate that stuff about the importance of Germany. These days it's strong for Linux, and if Microsoft gets too insensitive and kicks German users around too hard, a revolution in one of the company's biggest and most prosperous markets is a perfectly plausible scenario. As it stands, the system being tested with Whistler generates a code during installation. Via a phone or Web registration process this is then used to unlock the software. It's not absolutely clear what is used to generate the machine code, but it seems likely to be a combination of bios, graphics and various other bits of hardware kicking around in there. So if you swap out some of your hardware and try to reinstall the software, the unlock key quite probably won't work, and you'll have to phone up Microsoft and argue the toss. 16 January: MS pressure leads to Crossgain firings
Crossgain Corp., a high-profile Web start-up facing pressure from Microsoft Corp., abruptly fired about a quarter of its employees in an attempt to cool tensions with the giant software company, people familiar with the matter said. The unusual action Monday affected more than 20 of Crossgain's 80 workers, all of whom were former employees of Microsoft, including Crossgain's two founders and its chief executive officer. 14 January: IE 6 no longer available as free download?
The German magazine PC Welt reports that Microsoft has not yet decided how IE 6 will be distributed. Apparently it seems quite likely that the browser will no longer be available as a free download, but only as a separate commercial software package. [NOTE: This article is in German.] 14 January: Delphi dumps W2k, downgrades to NT4
Users of Delphi's free forums, plagued by downtimes, strange error messages and the like, have Microsoft Windows 2000 to blame for their problems, the firm has said. Striving to contain the rising ire of thousands of "communities" who have found themselves with nowhere to speak for quite some time, system administrators at the firm said they will go back to Windows NT 4. Tomorrow. 12 January: Microsoft bolsters anti-piracy measures
Microsoft says that when it comes to customer privacy, it has learned its lesson. Customers will decide whether that's true later this year, when Microsoft delivers its first release of the new Whistler version of Windows, featuring "product activation," a revised version of anti-piracy technology that was widely criticized in Office 2000. Product activation requires purchasers of Microsoft software--whether they obtain the product at retail or preloaded on PCs--to "activate" the product, either by phone or the Internet. 12 January: Microsoft up to its old tricks
According to The Register, Microsoft representatives have been busy calling journalists all over the United Kingdom telling them about a minor tech problem with Sony's PlayStation 2. The result was negative publicity for Sony in almost every newspaper in the UK. The Register feels that this could be connected with Microsoft's Xbox project. 11 January: Microsoft debates future of IE 6
"Where do you want to go today?" may be a Microsoft catch phrase--but the company seems unsure about where it wants to go with Internet Explorer. Not so long ago, Microsoft viewed its browser as being so key to its success that it went to court with the Department of Justice over the company's rights to bundle it with the Windows operating system. With Microsoft's marketing might behind it, and a price tag of free, Internet Explorer (IE) quickly grew to eclipse Netscape's Navigator as the No. 1 browser in market share. Now, while Microsoft is continuing to add new features and functions to IE, there is much rethinking internally at the company about how and where to position the product, according to a variety of industry sources close to Microsoft. 11 January: Windows NT: a hacker's best friend
Recent defacements of the NASA, the Communications Workers of America and Palminfocenter.com web sites, along with the embarrassing hack of the software giant's own corporate networks, probably helped Microsoft's Web server software win the title of most vulnerable to hackers. This was according to a survey posted this week at Attrition.org, a site that celebrates the exploits of hackers and points out the security holes of established companies. Of the defacements in December, 57.98 percent came on servers running Windows NT, while those using Windows 2000 were tallied at 9.96 percent. The servers running the Linux versions accounted for just more than 21.3 percent during December. Sun Microsystems' Solaris saw about 4.1 percent of the defacements. 9 January: Windows 2000 marketing head leaves Microsoft
Another high-ranking Microsoft veteran has quit, in a move some are interpreting as an indication that Microsoft is unhappy with how Windows 2000 has been marketed. Jim Ewel, a 12-year Microsoft employee who most recently handled product marketing of Windows 2000 Server, is the latest executive to defect. The timing of Ewel's departure is significant. Industry watchers have said they believe corporate sales of Windows 2000, especially on the server side, have not been as robust as expected. 9 January: Windows is most-hacked Web server
Microsoft has consolidated its lead as the Web server platform most vulnerable to hackers. Hacker site attrition.org today published its latest stats for defacements. Combined Windows NT and Windows 2000 defacements for the most recent full month of December hit more than two thirds of the total. Combined Linux servers account for 21.4 per cent of confirmed defacements. NT's defacement share had dipped alarmingly below 40 per cent last autumn, but made a strong recovery in time for Christmas. Since August 1999, Windows has accounted for 58 per cent of defacements, a figure far in excess of Windows market share, which is around 30 per cent of all Web servers. 3 January: Microsoft charged with racial bias
Seven current and former black employees of Microsoft Corp. are suing the technology powerhouse for $5 billion, alleging racial discrimination. The suit, which will be filed Wednesday in U.S. District Court in Washington, D.C., seeks class-action status on behalf of hundreds of current and former black employees of the Redmond, Wash., company. Attorneys for the plaintiffs accuse Microsoft of fostering a hostile work environment where black employees were discriminated against in evaluations, promotions and compensation. The suit also accuses the company of wrongfully terminating some African-American employees.
|
