Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Security: On A Path As Clear As It Is Reliable

Posted by ryuzaki0 on from the snap-crack-crack-crack-pop dept.

bobthemonkey13 writes: "It appears that Microsoft's 'secure' E-Book system has been cracked. MIT Technology Review is reporting that an anonymous programmer has figured out how to bypass the 'advanced antipiracy features' in Microsoft Reader. This sounds a lot like what Dmitry did except for two things: The MS E-Book hacker has (wisely) decided to remain anonymous, and he's not publishing his program. God bless the U.S., where moving a book from your home to your office is a federal offence." Along similar lines, an Anonymous Coward indicates this story at USA Today titled "Expert Hacks Hotmail in 1 Line of Code." "I'm in awe! Unless someone can figure out how to execute pseudocode or half a line this isn't beatable. I hope this get's fixed or the whole future of pay-per-view web services could be impacted. :-q" Good thing Microsoft isn't quite sure what to do with all this universal-password stuff. (Thanks to Sacha Prins.)

Jamie adds:

In other news about poor security where you least expect it, Kitetoa informed Veridian a little while ago that: "Any script kiddy can root your web site. And... By the way... Someone already did it (as you should have seen at www.veridian.com/upload/ if you knew anything about internet security)."

I don't know what that URL gives you now, but as of this writing, and for the last several hours, it's read:

fuck USA Government
fuck PoizonBOx
contact:sysadmcn@yahoo.com.cn

This is the same Veridian that the Defense Department picked to track computer network attacks on DoD systems, specifically attacks coming from China.

4 of 360 comments (clear)

  1. Re:3 == 1 ?! by tuj · · Score: 0, Redundant

    Hey chief, before you go spouting about bad reporting, why don't you read the first four sentences of the article?

    "It took just three lines of code for Grossman to breach Hotmail filters and access Passport ID and credit card data. The second time it took just one line."

    I'm not sure how this gets mod'd to 2. Sorry to be a bitch, but, well, if you can't read the article you deserve it.

  2. Re:3 == 1 ?! by Jester998 · · Score: 0, Redundant

    Did you actually *read* the article? Oh, wait, this is Slashdot, where less than 1% of users read past the 2nd line. In the third line of the article, it says:

    "The second time it took just one line."

    Sheesh... could they make it anymore obvious? CHRONOLOGICAL ORDER, people... Not "He cracked it in one line... Oh yeah, and the times before that it only took 3 lines of code."

    So, really, (1==1) if the pointer is located far enough into the document.
    - Jester

  3. Re:Actually, this brings up an interesting point. by OmegaDan · · Score: 1, Redundant

    you my good man are a fucking genius. This is the best suggestion I've heard against the DMCA so far! Someone mod this up and someone else make a webpage to organize this!

    --
    Free Techno/Jazz/DNB/MI Music by guys obsessed with monkeys!
  4. www.veridian.com/upload/ by ScumBiker · · Score: 0, Redundant

    Contains (somehow, not really sure how) the UNIX/Sadmind virus. At least our enterprise anti-virus software, Sophos Sweep detects that when I open the page. You guys might want to check out the links you supply with stories a little better. BTW, I still get the virus warning after the Veridian guys deleted the directory. Check it out at www.veridian.com/upload/ .

    --
    --- Think of it as evolution in action ---