Slashdot Mirror
Passport's Pocket Picked
emmons writes: "It looks like there's another hole in MS Passport according to Wired. This one allowing a user to steal another user's Passport Wallet, credit cards and all, by getting them to open a hotmail message. Nice." What happens when someone steals the basket with all your eggs?
and get a Passport. I was about to buckle under the pressure...
What happens when someone steals the basket with all your eggs?
You have nothing left for trick-or-treating with.
great... the single greatest magnet for spam is also an open book to your credit cards. I can see it now: "Hot dirty sex... you've paid for it already, so you might as well cum see!"
"You've already paid the fee to get in on our bogus pyramid scheme, so now it's YOUR turn to go steal from someone else!"
Inconceivable!
> In addition, the company has modified a software timer so that Passport users must re-enter their password anytime they attempt to access the wallet service.
:)
will be
> In addition, the company has modified a software timer so that Passport users must re-enter all the information associated with their passport account (including their Wallet account) anytime they attempt to access the wallet service.
Which might be shortly followed by the first time MS has ever been able to claim their technologies are relatively secure. (Yes, I'll avoid being a jerk and suggesting anyone can ever be 100% secure.
"Old man yells at systemd"
Where did your wallet go today?
-Zane
This sig is worse than my last.
Microsoft .Net and Passport to blame!
...
Bill Gates identified as culprit: "We of the Taliban shall never be defeated!" shouts the software terrorist as he is hauled off to a comfy cell.
More news as this story breaks
--- Will in Seattle - What are you doing to fight the War?
1. Terrorists DO benefit from anthrax, because it's scaring the shit out of the nation. That's, uh, the point of terrorism.
2. Saying OSS doesn't benefit from passport exploits implies that the Open Source Software movement is responsible for the exploits. They're not. Microsoft is. And through some twisted, delusional logic you assert that Microsoft benefits from building in exploits.
It's a well-known fact that CmdrTaco is trying to make it as easy as possible for trolls to post to slashdot, because he could use them as an excuse to further crack down on Joe Poster.
Also, hospitals won't treat you if they find you have an organ donor card -- they'll let you die because other people need your organs.
Furthermore, the entire world is an intricate conspiracy designed to repress you.
LOOK OUT! THEY'RE COMING NOW!
this is a sig.
>Quo bono?
He was the whiny-voiced guy in the mohair vest that sang with that tall gangly chick before she had a minimum 35% post-consumer recycled body.
Became a congressman and newest poster child for the Agony of Defeat(TM).
You are in a maze of twisty little passages, all alike.
eXport Privacy
You will be assimilated. Resistance is fut- HEY! Who took my wallet?
What happens when someone steals the basket with all your eggs?
Eggs? What you talkin' all about eggs for? Don't give me none of that Gibber-Jabber, or you best be tossed!
You took a wallet? I don't see no crazy wallet! You're talking like Face, crazy fool!
Besides, you don't need no wallet! Just dial
1-800-COLLECT and save a buck or two.
XP? That better mean Xtra Punishment, cause that's what I'm gonna do to that Gates fool! He can't escape me, cause my van's hella fast!
Don't do drugs! Drink milk!
Come here, sucka. I'll toss you!
In fact, Microsoft was actively contacting reporters to let them know about the issue and try to put their spin on it even before I released my exploit.
A number of Microsoft employees also leaked it to their friends after I reported it to Microsoft, and it started spreading from there.
And even Microsoft's lawyers were in on the gig of making sure everyone knew about it.
But seriously... Microsoft has been, and almost always is, very good about timely responses to security reports. Their problem is in dealing with them without having to be told by some Joe User that they have problems.
And I feel,
like I just got robbed,
And I feel...
I suggest the following for the next poll:
Would you trust Microsoft Passport with your credit card details:
* yes
* no
* I'd give them Cowboy Neal's credit cards instead.
HH
Dell Computer: $1099 .NET services: $19.95/mo
:p
Microsoft Windows XP: $219
Compaq IPaq with Windows CE: $499
Subscription to
Microsoft Passport: Free*
Having your MasterCard(TM) info on the net for anyone to see:
Priceless.
(*note: This is a parody of the successful "Priceless" MasterCard(TM) advertising venture. As a parody it is protected under the 1st amendment established by MasterCard(TM) v. Nader)
People shape laws. Not the other way around.
I am in the process of preparing a personal injury lawsuit against Microsoft.
A few weeks ago, I happened to see their advertisement promising "99.999% uptime". The subsequent expulsion of my carbonated beverage through my nose injured my delicate nasal passages and frightened my cat.
When I become Emperor of the Universe, Microsoft's advertisements will have to bear a Surgeon General's Warning.
k.
"In spite of everything, I still believe that people are really good at heart." - Anne Frank
so I would assume that, unless your statmenet is an extremely rare (like, say, 1% ;) case, what you just said is wrong or misleading.
// stupid_geek_humor()
don't you just love paradoxes?
}
"Don't blame me, I voted for Kodos!"
Let me know if/when you win. I'm going to come after your new found wealth for the same reason. I laughed so hard at your post, I fell out of my chair... :o)