Passport's Pocket Picked
emmons writes: "It looks like there's another hole in MS Passport according to Wired. This one allowing a user to steal another user's Passport Wallet, credit cards and all, by getting them to open a hotmail message. Nice." What happens when someone steals the basket with all your eggs?
great... the single greatest magnet for spam is also an open book to your credit cards. I can see it now: "Hot dirty sex... you've paid for it already, so you might as well cum see!"
"You've already paid the fee to get in on our bogus pyramid scheme, so now it's YOUR turn to go steal from someone else!"
Inconceivable!
Where did your wallet go today?
-Zane
This sig is worse than my last.
In fact, Microsoft was actively contacting reporters to let them know about the issue and try to put their spin on it even before I released my exploit.
A number of Microsoft employees also leaked it to their friends after I reported it to Microsoft, and it started spreading from there.
And even Microsoft's lawyers were in on the gig of making sure everyone knew about it.
But seriously... Microsoft has been, and almost always is, very good about timely responses to security reports. Their problem is in dealing with them without having to be told by some Joe User that they have problems.
I am in the process of preparing a personal injury lawsuit against Microsoft.
A few weeks ago, I happened to see their advertisement promising "99.999% uptime". The subsequent expulsion of my carbonated beverage through my nose injured my delicate nasal passages and frightened my cat.
When I become Emperor of the Universe, Microsoft's advertisements will have to bear a Surgeon General's Warning.
k.
"In spite of everything, I still believe that people are really good at heart." - Anne Frank