Slashdot Mirror
al Qaeda Hacks XP?
acaird writes "According to this article at Newbytes, members of al Qaeda may have worked for Microsoft and planted "trojans, trapdoors, and bugs in Windows XP"."
This stuff screams of hoax to me, but it is showing up on the Washington
Post.
You's think that with all the headlines you could spell their organization's name correctly!
If this goes on..."Next week on Jerry Springer: Bill Gates is sleeping with my sister!"
Carousel is a lie!
In other news, the moon landings were faked, Linux is quickly taking over the desktop, and Nintendo's GameCube has surpassed the PS2 in sales.
I live in the states and can't get DSL, but they can get hack Microsoft from caves? Anything IS possible though
Speaking as a programmer who works for a big software company, it's unlikely that anything like that would be able to get through.
Code generally goes through peer reviews and quality assurance before it is accepted into the main stream. Say waht you want about MS, but I'm sure they do these things (they can afford it!)
To bypass these failsafes would require a lot of people along the line allowing it to slip through.
I heard they also worked for Firestone and sabotaged their tires!!!
"Emersive" and now this...
oh shit, so it's not really microsoft that you have to ring up and give your details to!
i knew little billy couldn't be behind something like that!
Unless they commented there code:
security_hole();       /*b1n l@d1n r00lz!*/
Objects in the blog are closer then they ap
c'mon, this is such a pile of bullshit it's ridiculous.
Microsoft spokesman Jim Desler said Afroze's claims about the company were "bizarre and unsubstantiated and should be treated skeptically."
for once, we can all agree with a Microsoft spokesman.
And they even left OVER 700 SEKRET MESSAGES IN THE SOURCE CODE!
/usr/src/linux | wc -l
Observe:
% grep -ir 'a.*l.*q.*a.*e.*d.*a'
704
Time to outlaw leenuks, I say.
// zyqqh
From the article:
According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code
I can sleep easier now.
Sigs are so 1990s. No way would I be seen dead with one.
These backdoors, trojans, etc. are rendered useless by the backdoors, trojans, etc. the NSA placed in XP.
And monkeys might fly out of my butt.."
Thank you.
Knowing Microsoft's track record, I wonder how much more damage some terrorist can add.
Consistency is overrated.
Do Microsoft let new employees check code into their products without a code review?
I thought not.
Mmmmmmm
I have a LOT of trouble believing that such things could have happened. Any reputable software vendor has a system of quality control that would make it nearly impossible for these things to slip through to the end user. Even at Microsoft (insert your favorite joke about IE here). So unless a very large number of MS employees are al Quaeda members, it seems impossible for this to have happened.
This may well be a hoax. It may well be a wild speculation based on general public paranoia. But there's a fairly strong point to be made concerning 'security through obscurity' here - it only takes one Evil Infiltrator to compromise a lot of systems, and if this story was publicised enough the point would be made that this _could_ happen, even if in this case it almost certainly hasn't.
So thats who coded Outlook! 10 bucks says they were in on the whole Passport thing too!
If it ain't a Model M, it's a piece of crap.
...at least, if he was part of the Outlook team.
You dont need al Qaeda members to plant bugs on MS products.
Hehe, who's up for looking for a locating a AL_KEY somewhere in the Windows binary jungle :).
Now we know the _real_ reason for all the bugs.
Should I read the BSOD backwords to get their message?
Excuse me for not bashing Microsoft (I'll try to in my next post, don't worry), but wouldn't it be just as easy to plant "trojans, trapdoors, and bugs" in Linux? What with Linux being open-source, anyone can hack it, and unless those who review the code go over it line by line, it may be possible to slip something in. And if not in the Linux kernel, what about another Open Source program? Be wary, Linux users....
When you force someone to give a confession, doesnt this usually happen.. The person makes things up to get a lighter sentence?
It would never get past MS I dont think.
-ajf
This page left intentionally blank.
Must be some arabic programmer somewhere, now if Al Qaeda actually managed to do this, I would be surprised.
Fuck Ajit Pai
"This stuff screams hoax to me, but it's showing up on the washington post"
Can we mod down a statement in an article as being redundant? The washington post all but invented "ready-shoot-aim" journalism.
There are some people that if they don't know, you can't tell 'em.
...most of these terrorist guys seem pretty dull. Obviously, some are very bright, but there are many idiots. With that said, as I read this posting I started to laugh (just think about Bert is Evil and Bin Laden posters and you'll understand my point of view).
"trojans, trapdoors, and bugs in Windows XP"
trojans = condoms
trapdoors = things you fall into
bugs = cockroaches
Windows XP = All of the above
then the terrorists have won.
I'm starting to believe the FBI are actually the good guys these days... YIKES!
--Mike--
How could we not have noticed this!
.NET Passport is really a way to sneak terrorists across the border!
Terrorists have hijacked my laptop! That's why it crashed into my filing cabinet! That's why it never lets me buy anything online, the goernment's frozen the assets of any account that goes through it!
Geeze, guys. Don't you know that Osama Bin Gates is really just a nice, freedom-loving buisnessman and innovator and not a murdering monopolist?
This just found in winsock.dll in XP:
seineewerastsisrorretadeuqla
just = (My)Opinion.toCents();
It screams of a hoax, so let's put it on the front page. Way to be part of the problem, Taco.
last time I checked, these afganhis were hacking and downloading movies with a commodore 64 (http://slashdot.org/article.pl?sid=01/11/17/20420 7&mode=thread)
...no other explanation needed.
Skiers and Riders -- http://www.snowjournal.com
Hiding in Reymond.
To hide he is pretending to be an OS programmer.
Except he only writes in Visual Basic.
This is why XP is so bad!!
"I mean, if I went around sayin' I was an emperor just because some moistened bink had lobbed a scimitar at me they'd put me away! "
- Dennis the Filth Collector.
In his last book The Bear and the Dragon, Tom Clancy writes about how some programmers working for Microsoft really were working for the CIA. They planted code in Windows to help index and transmit the contents of a hard drive back to the laptop of a CIA operative.
If people will sell out to the CIA other will sell out to a terrorist organization.
Given the closed nature and wide distribution of windows, it is the perfect place for government agencies and terrorist organizations to operate.
Hey Dubya, Osama isn't hiding in caves in Tora Bora, he's hiding in a conference room in Redmond!
BigCat79
"The dead have risen and are voting Republican!" --Bart Simpson
-Swannie
:q!
A bit of paranoia never hurt anyone ... euh maybe it did ;)
... hurt someone else or let's just say another organization? Maybe just by sending the person or the organization on a wild goose chase. A wild american goose chase, what a concept ;)
Now how can someone use paranoia to
With every creation process comes a destruction process.
I'm sorry, but this sort of statement is just plain silly. Any 'newly hired engineers' would hardly be in a position to place any sort of major bugs in such a large project. EVEN IF THEY COULD, since XP is relatively new, bugs placed on purpose would be no worse then any existing bugs simply due to the nature of newly released software.
Perhaps, just perhaps, a few well placed bugs could have an effect on the end product, but I see no reason why such an orginization would want to target such a thing. I can see the reason to want to make such false statement to cause yet more public doubt as to their safety, though. The likelyhood this is a ploy to crete more doubt is much greater then the likelyhood that they actually did such a thing.
On the other hand, it could very well be true. It is so out there that it just might be truely something that happened. It most certainly is no more out there then the very same network obtaining Anthrax from a US source, and mailing it all over the country..
-- I'm the root of all that's evil, but you can call me cookie..
I mean, look at Windows' track record: Somebody must have done more than just plant bugs ... they also spread fertilizer, built little winter shelters, talked to it, and possibly purchased infomercial-type MiracleGro!
"I, Mudd" was on sci-fi last night. I see a rewrite, something like this:
I, Ashcroft
"...XP is the only OS that can protect us from terrorists.
But XP was *made* by terrorists"
Fzzt... Pop....
Jesus was all right but his disciples were thick and ordinary. -John Lennon
Would anyone be able to tell the difference between the bugs, trapdoors, and whatnot that al Queda put in there vs the ones Microsoft did?
-sig
I always wondered why one of the default backgrounds was called "Pile of AK-47s"
has found the following phrase:
"!seineeW era tnemnrevoG SU"
mp3's are only for those with bad memories
If they *did* plant trojans/backdoors/whatever nonsense - then what exactly would they do? Come on, it is highly unlikely that there'll be fibre optics being piped into Tora Bora.
.gov box. Woo-hoo. Alot of damage done there...
Also, what the heck would they do? Bring down power stations? Governments? Residential suburbs more like. What kind of damage can you do do joe users computer apart from teaming thousands of infected boxen and DDoS some
-
I'd rather have a bowl of coco-pops.
I heard that members of al Qaeda had infiltrated Slashdot and were sabotaging the quality of reporting.
Oh wait, Taco has always posted retarded stuff.
So, does this mean goodbye to the "Bluescreen of Death" and hello to the "Bluescreen of Holy Vengeance?"
If it ain't broke, it doesn't have enough features yet.
So, you think al Qaeda *need* to put any more holes in any Microsoft product?
Sounds like preemptive marketing from Micro$oft to me... I can just see it:
"I'm sorry Ms Reno, it wasn't our fault, it was those evil towel-heads from al Qaeda who're to blame for our many security holes."
- Steve bin Ballmer
:)
How would we know the difference?
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben
Well now that they've routed the enemy, we can expect future versions of MS OSes to be bug and exploit-free.
BWAHAHAHAHAA
m00.
Yeah, and I hear they made linux really secure, too! Those bastards are destroying the American economy by making our most beloved corporations look bad!
Money I owe, money-iy-ay
"See!" screams Steve, "I told you it isn't our fault, it's those damn terrorists! This is why we need more software to monitor people and secure all their personal information! I suggest using our fine product, Passport! (tm)"
But seriously, this one is really stretching for a story...
=-=-=-=-=-=-=-=-=
Oh bother.
A-HA! So everything that is wrong with Windows XP is all al Qaeda's fault!
Maybe this story should have been filed under It's funny, laugh.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
Forget Al Qaeda, I have something that will really terrify people: I heard that members of Microsoft may have worked on XP.
Doesn't it seem more likely that Magic Lantern is already part of the XP codebase ? Why would the CIA need to send out a trojan when in the name of anti-terrorism, imerialism and the American Way(TM) they could simply ask Bill to include an extra DLL ?
So we can all sleep soundly in the knowledge that if Al Queda have backdoored your PC, the CIA will be in there waiting for them.
Veg
Microsoft can put bugs, trojans and viruses in XP all by itself It doesn't need al Quaeda to do that at all :-)
My journal has hot
How anybody could fall for such a transparent and obvious hoax as this is beyond me.
324006
Just put this in a .REG file and the evil will be revealed...
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08- 00AA002F954E}]
@="Recycle Bin Laden"
The article refers to al-Qaida members "posing as computer programmers". Surely they are computer programmers if they managed to do this?
So, when you said that XP was made by the devil, you weren't kidding?
Yes, my girlfriend is a BitchX
2 months ago when the local TV station did an interview with me about 'Cyber Terrorism and how it could effect local businesses', I figured it was under control quite well. I somehow doubt the story myself. But, if you think about it, this would be the ultimate in Cyber Terrorism. But obviously, wouldn't you think that their are a few people that set XP up on a network and packet sniffed for days just to prove something like that?
Then again.. Bin Laden managed to knock down two very large towers in a NY.. I'm not going to say he couldn't get past MS's security....
If it is someone attacking MS just to make them look bad.. well.. send them to Afgahnistan, and then we'll see how funny it is.
Can all fish swim?
Does this mean we can drop a few 'Daisy Cutters' on Redmond?
We'll know it terrorists slipped code into XP, because if they do, they'll make it support raw port access for non-priviledged users. Clearly only a terrorist would do that, so it'll be a dead giveaway.
Stories like these show that news is far too important to be gotten from news organizations and they people they employ. Even though we all know there was no script kiddie in Afghanistan dowloading movies on a Comodore, we'll always remember that story, right? Just like we'll all remember that XP is full of Al Queda code. This misinformation is out there for a reason--don't let the media mess with your head!
I'm much funnier now that I'm a subscriber.
A press release from Microsoft today is trying to address all the security holes and bugs of its software.
"Apparently, all these holes and bugs are created by one terrorist member who infiltrated our company. We've always been wondering WHY all the holes are found in our software - as you know, we always try produce high quality, flawless software - and this explain where all the bugs come from. They are not our fault."
I makes sense.
The costly bugs are not because M$ is more of a PR company that a software development company.
The buggy features in all of M$ products are because of terrorist gremlins. Someone should make a movie about this.;)
I wonder how Ashcroft and M$ response to this threat/hoax?
Laugh at my ignorance while I learn Rails - a Real ne
We should all know about the wonderful editorial integrity of the Washington Post.
Not a typewriter
According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code
Oh well, in that case!
Does anyone have the link to the fore mentioned Washington Post article ?
morcego
Oh no, I can see the anti-MS headlines now: "Microsoft coding with the enemy" and other such crap.
Well, I guess this is our chance to really see how well MS' coding processes prevent malicious code.
And before you bash MS, remember that theoretically terrorists and other such people could be programming in open source as well and creating malicious code for Linux, so this isn't necessarily a windows specific security risk.
Although I believe it's crap and untrue.
--- I used to moderate, then I read the -1 articles and decided having to filter through them was not worth it.
So the rumors that XP will refuse to load "unauthorized" audio device drivers, were really just rumors.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I don't think Microsoft would need any help in placing Bugs in their software.
They are quite capable of doing this themselves, without the assistance of all those ANTI-INTERNET hackers in the Al Qaeda!!
Prasad, moderator of an Internet mailing list on south Asia security and information warfare, told Newsbytes that Afroze made the claims in a police confession.
Even if the story is true, and the guy "confessed"... I know I'd confess to writing windows XP if faced with a rubber hose.
Think about it...
Funny how /bin/laden has passed from mere mortal to a incarnation of evil, and as such responsible for all bad things.
Yesterday he was responsible for crashing the US economy. Today he is responsible for bugs in XP. Tommorow he will be responsible for sour milks, bad weather, disrespectfull children...
Ok, but seriusly, Even I dont beleive M$ is this stupid and so I will treat this article with extreme scepticism. Is these suppsoed trojans and what not were really in palce wouldn't the terrosits be attmepting to expliot them? And how long could they do that without detection?
I kind wish this were true, since it would be great ammo for people arguiing agianst security by obscurity, since this is a prime example of the potential problems of the model. However, as I said, I am highly sceptical.
In Soviet Russia you dant have to put up with these crappy jokes
"...members of Osama bin Laden's Al Qaeda network, posing as computer programmers, were able to gain employment at Microsoft" - so, you can "pose" as a computer programmer, and get to modify M$'s source, can you? You don't actually have to be a programmer?
Also, I liked "According to Desler [an M$ spokesman], Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code." Well, it's worked so far, hasn't it? Maybe they're just talking about how difficult it is to add intentional bugs. That, I can believe.
The very suggestion that M$ needs help adding "trojans, trapdoors, and bugs in Windows XP," is the laughable bit here.
(Outside of an Al Queda recruitment center)
"OK, people. Line to the left is suicide bombers, center line is front line soldiers, right-hand, nefarious computer geeks."
or
(2 terrorists meet to discuss their accomplishments)
"I have struck a great blow against Satan! I have planted bombs and anthrax!"
"I, too, have stuck a great blow!"
"What did you do?"
"Improper bounds checking in msetl23.dll! I used my own hasty, roll-your-own strcpy()! And as a final coup de gras*, I stole 3 product activation keys and gave them to Best Buy employees"
Please.
* terrorists may not actually use phrases like this. Consult your manual.
ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
Like we need terrorists for there to be problems like that that with windows? The Terrorists probably inadvertently fixed some of the "FEATURES" that come with Windows
"All I can tell the "lesser of two evils" folks is that if they keep voting for evil, they'll keep getting evil."-Lp.org
The guy sure sounds loco to me.
So how long before a squadron of B-52 Stratofortress long range bombers is dispatched from Minot AFB to a certain location in the state of Washington?
Bush Lies Watch
As if anyone would notice if Windows XP had a few more holes.
Besides, it looks fairly clear to me after reading the article that this guy was simply delusional.
Oceania has always been at war with Eastasia.
i agree, it sounds like another form of astroturfing on the part of linux enthusiasts. on the other hand, it's a good thing all those governments are switching to linux.
And I put a buffer overflow in the network layer that gives me remote root on machines running XP. Actually, they would call it "ability to run arbitrary code," but that's what it is. I no longer work for Microsoft (I couldn't stand the way they don't respect their customers), but it is easy for me to imagine that other people could have done the same thing.
Hell, we all know how well Windows runs, anyway. Hard to think that POS really HASN'T been hacked for terrorist purposes since its inception. It's certainly kept quite a few of us hostage already! :)
...
Vos teneo officium eram periculosus ut vos recipero is.
As someone who has been through the Microsoft interview process, I find it highly doubtful that some random terrorist programmers could make it though.
Unless, of course, Al Qaeda makes learning how to get 5 gallons of liquid using 3 and 7 gallon containers part of their training.
"It's not XP crashing, XP is perfect, it's those darn terrorists! Damn you Osama!"
or...
"It's not a bug, it's an 'Al Quaedean Feature'"
Now whenever an appication crashes I get a picture of Bert from Sesame street!
According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code.
Hahaha... that's how you can be sure this article's a hoax.
Developers: We can use your help.
... the first caricatures of Bill Gates with beard and turban start to appear.
Say no to software patents.
Not to mention that the whole story is hanging on very tentative ground.
In the first place, I notice that man is a "suspected" Al Qaeda member. From what I've been seeing lately, anyone who has the wrong kind of accent or a copy of the Koran is a suspected Al Qaeda Member.
Secondly, if this man really is a member of the organization, it should be noted that bravado and misinformation are prime terrorist tactics. It's a lot easier to spread rumours about having planted bombs, or for that matter created software bugs, than it is to actually do it. And you still get the result of people being afraid to fly or afraid to use Windows.
Thirdly, as you said, even if some programmers with less than noble intentions did manage to get employed at Microsoft, the chance that they would be able to intentionally slip in a trojan horse without it being caught in testing are pretty low.
On the other hand, i suppose they couls just sabotage the american way of life by writing bad code, but then Microsoft pays people to do that anyway.
lysergically yours
Look at the effect they've already had on the global airline and tourist industries, based on a net increase in danger that's insignificant compared to road deaths. Score one for the terrorists.
And here come the ill considered security measures and infringements of civil liberties. We defend Freedom by taking it away. Score two.
Then it was time to target the the government, postal service and law enforcement with a few packets of a not particularly lethal virus (sympathies to the victims though). Again, the big impact is from the FUD, as law enforcement chase hoaxes and benign packages all over the country. Score three.
Now it's software. "All your code base belong to us!" they rant. Expect the hoaxers to jump on this and a new rash of bin Laden themed virii and worms to appear. It's pure FUD, but the problem is reassuring easily frightened and confused non-techies that it isn't true. How do you disprove the existence of allegedly hidden code?
And so for once I'm actually going to get on the bandwagon with Microsoft and give this zero credibility. This pathetic piece of bluster should not be allowed to put anyone off using XP. There's plenty of real reasons for not using it, but this isn't one of them.
If you were blocking sigs, you wouldn't have to read this.
P.S. If anyone's interested, I've set up a petition to have FUD declared "economic terrorism". Hey, at worst, nothing'll happen. At best, we get to see the USAF drop a Daisy Cutter on Microsoft HQ, before the army storms what's left.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Well, it would explain his current cheerful demeanour :-)
--This isn't a man who is leaving with his head between his legs.
pronoblem
Probably nothing more than an indication that al-Qaeda are Linux buffs and wanted to see their names on /.
# chflags noschg /bin/laden
/bin/laden
/bin/laden removed. Will replace with something even more evil.
/bin/microsoft /bin/laden
/bin/laden
/bin/microsoft
/bin/laden
# rm -f
Warning: Utitilty
# ln
# chflags schg
# chflags schg
Thank you for removing
This page left intentionally blank.
Actually, something occured to me that makes it a little bit more possible. I once read somewhere on MSDN regarding the realease of localized versions of Microsofts OSes ad applications where generally localized by outside contractors, such as those used in India, etc..
This could have, indeed, made it a great deal easier to insert some hidden #ifdef inside of, say, a comment that looks funny, and cause some issues such as providing uid checks, etc..
Perhaps I'm just thinking to much. It's amazing how easy something appears to be if you can think about it long enough..
-- I'm the root of all that's evil, but you can call me cookie..
OK, who wants to take this one? They are just making this too easy for us! ;)
=-=-=-=-=-=-=-=-=
Oh bother.
Members of the militant group Hamas have claimed responsibility for file corruption issue found in the Linux 2.4.15 kernel.
Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code.
muahahaha, now, *THAT* was funny.
The largest case of FUD EVER!
My beliefs do not require that you agree with them.
According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code.
Which consists of releasing it to the public and ignoring the bug reports.
--Cam
All jocks think about is sports. All nerds think about is sex.
Too bad this is just a joke, if there were any truth to it and M$ actually had to go through their hundreds of millions of lines of code to find something like this.. they'd be doing it for a WHILE to come.
Liberty.
Jihad of Death
mp3's are only for those with bad memories
i am not an ms fan, in fact part of the reson this story will be successful is because of ms's history of poor quality management and it's closed source systems, but this article is most likely fud. after all, it's easier to *say* you've planted such things in xp then to actually do it. and since ms has a poor track record for security and since there is no public peer review of their code, it will certainly cause reasonable people fear, uncertainty and doubt about microsoft's software.
truly a case of reaping what you sow. ah, how amusing.
US Citizen living abroad? Register to vote!
Anyone got a link to it?
Best Slashdot Co
A well-crafted lie appears unquestionable - Dama Mahaleo
thank god slashcode at least is safe.
go get it
...for the saboteur to insert something into a product other than the kernel. Say, apache, or maybe samba. Or maybe mozilla. Or maybe even in a development product which is modified to turn a blind eye to certain types of defects, like buffer overruns.
Hell, just knowing the general class of vulnerability that one can expect to find is a big leg up for an attacker.
The point is that it could happen in any product. Really, how do you know that the spanky new game you're playing didn't open your system to attacks? It really isn't complicated and getting someone into a game company to do that sort of thing wouldn't be difficult.
But the real question is, what then? The contaminated code in question would need to execute in some sort of proximity to a resource that matters (think banks here).
Please mod this post only if you think others should/n't read this. I have enough ego^H^H^Hkarma. Thanks!
But I don't understand how people thought it was Off Topic, I mean OBL is the ring leader of Al Quieda (sp?)
~ now you know
Younger readers may not be familiar with a similar earlier threat to the American Way of Life.
Fluoridated water was widely suspected to a communist plot , mostly to induce widespread sterility.
Fortunately, alert citizens foiled the effort by placing their water in quart-sized glass jars on top of American flags in direct sunlight for several hours prior to drinking. As a consequence, the intended effect of sterility was mitigated and the only after effects of the threat have been the subnormal intelligence of offspring.
At least, that's what I heard from my father.
"Provided by the management for your protection."
Blatently a hoax - why would anyone bother planting bugs in a MS product?
That would explain the Teletubbies wallpaper.
Teletubbies, like the al Qaeda (sp?), live in a cave-like dwelling!
They have funny things on the tops of their heads!
"Would it kill you to put down the toilet seat?" -- Maya Angelou
Scottish invent pay toilet - expect huge returns.
French pad rifles to prevent damage when dropped.
Washington post source of credible news, CmdrTaco says.
Come on...
Mmmm... Pistol Whip...
It turns out that al Qaeda is actually a bitter DR-DOS user group.
Fill the 5 gal container.
Pour from the 5 gal into the 3 gal container.
Discard the 3 gal in the 3 gal container.
Pour the remainder into the 3 gal container
Refill the 5 gal container.
Why spend the time, money, and effort to sneak someone into Microsoft to add a back door? Look at the damage done by Goner, Sircam, LoveBug, and all the rest using the front door! Anyone talented enough to a) get a job at Microsoft (even as an H1B temp), b) add a back door or timebomb to the XP code, and c) do it in such a way that it doesn't get noticed, has enough talent to stay at home and write lovebug knockoffs.
Brian
Among the other pointless and redundant al Qaeda plots recently discovered:
I take drugs seriously.
With all the hype about XP embedded lately.
//as if this is a different code path
I can see the following code hidden:
if (hardware == plane)
crash();
Who needs to sacrifice pilots.
It this was true, Al-Qaeda would have already won the war by now.
For some reason, they want us to believe that Ben Laden and his Al-Qaeda group are more powerfull than they really are.
I'm as anti-Microsoft as the next guy (well, probably more anti-MS then most actually), but this has to be a hoax.
If a terrorist organization did succed in infiltrating MS and backdooring thier OS, why would they say anything? it much more useful to them to keep it quiet. On the other hand, if they didn't succed in do it, saying they have is the next best thing. Remember terrorism thrives on scare tactics, and convincing your enemy to chase ghosts.
the mear fact someone is taking credit for it before anyone else found out about it, means it probably didnt actually happen.
RA7
---
"Consistency is the hobgoblin of small minds" - RWE
Sounds to me like al-Qaeda is just looking to take credit for the chaos caused by others.
"You will feel our wrath in the endless bugs and security holes in Windows XP!"
What's next? "We will cause random car accidents in busy intersections and will lace cigarettes with deadly carcinogens!" OOooo, their prophecies are coming true, everybody! Head for the hills!
would it take to reduce the MS campus to a system of caves?
I wonder if Craig Mundie still thinks Linux is bad for companies and countries too.
if common sense was common, wouldn't everyone have it?
Since "al Qaeda" translates as "the base", I guess the XP easter egg is "al your Qaeda are belong to us". Or, given recent events, it might be more appropriate to say, "al your Qaeda are belong to U.S."
Reminds me of when Saddam Insane bought all those PS2s.
The GeekNights podcast is going strong. Listen!
Al Queda terrorists have broken into Microsoft in an attempt to add secret back doors and trojans into Microsoft Windows XP. Some of the features include and email client that can propagate viruses without user intervention. Other trojan like viruses include a "feature" that requires users to turn over personal information including social security and credit card numbers to be stored in an easily hackable online database. A new feature, also reportedly added by the terrorists, requires users to call Microsoft when the computers hardware is updated, causing costly delays to the users workday. Ones ecurity expert is quoted as saying "This Windows release is the best virus propagation tool I've ever seen." A noted business analyst commented "This product causes the largest decrease in worker productivity since the LoveBug."
According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code.
Obviously, this story is a hoax.
Microsoft is generously preparing a 'terrorist free' version that will be ready in a few years, and all current XP users will be forced (you don't want the terrorist version floating around do you?) to buy it for the nominal price of several hundred dollars.
Microsoft is just trying to compete with open source. It claims that open source is full of religious fanatics, so it's going all out and hiring even more extreme religious fanatics.
Dont tell *anyone*.
The events of september the 11th have shown us that al Qaeda are very, very good at keeping secrets.
Therefore this is a hoax or deliberate scaremongering tactics.
so they were the ones who implemented the forced activation, I always knew this was a backdoor :)
7:30p. This just in - We have learned that the alleged Al Qaeda computing complex was destroyed. US Marines were seen removing five hourglasses, an abacus, and a piece of aluminum foil that were allegedly behind a massive recent distributed denial of service.
So, now what should happen, is this guy should be flown to the Antitrust case hearings as a witness. Surely the courts will finally realize the harsh punishment needed, for a company that can actually brainwash even the most anti-capitalist of terrorist organizations into getting Microsoft in the news!
Oh and, after Microsoft releases an official press release on how this scenerio of planted bugs and holes in Microsoft is impossible, the public buys it all and is even MORE comfortable with the insecurity of XP. GREAT!
Media spin at its best.
Real men don't need signitures!!!
the only people using xp right now are regular users. no sensitive government information that could benefit al qaeda in any way will be put on xp for at least another 5 years, when most of the bugs have been rooted out of xp.
I guess Al Qaeda was hoping to implant code that would automatically hijack planes to do their dirty work.
posing as computer programmers, were able to gain employment at Microsoft and attempted to plant "trojans, trapdoors, and bugs in Windows XP," How can you pose as a computer programmer? How can a non-programmer slip inside Microsoft and just plant trojans, trapdoors and bugs? OK. The article obviously says the person is in need to psychatric help. Microsoft spokesman Jim Desler said Afroze's claims about the company were "bizarre and unsubstantiated and should be treated skeptically." Slashdot isn't quite the skeptic when it comes to Microsoft. Come on, some loony clamining ridiculous things gets a headline in ./?
It would be much easier for someone to just monitor the currently known security holes and act like a script kidie to exploit security holes. There are so many unpatched machines out there - why add your own holes?
they had to ADD bugs/security holes to XP!!!
bugs and security holes seem to appear there all by themselves;-)
As has been pointed aout alrady, this type of thing would not be hard to do for a well financed oganizatoin like AL Queda (getting someone hired t MS). And according to the article, this guy predicted the attack on the Indian Parliament which killed 7 people on thrusday. Surely this gives him a bit of credit, and his allegations should be investigated?
It HAS to be true!
Daniel J. Kelly
Windows XP found to be buggy and insecure! Industry insiders astounded!
You are not the customer.
You're all missing something here! The suspected Al Queda terrorist said a fellow member was at Microsoft putting these bugs in. Now most Al Queda terrorists aren't intelligent enough to understand the nuances of Visual Basic (much less C++ or Perl). Only one member of Al Queda is capable of doing this: Bill Mohammad Gates.
Slackware forever. Honestly, what else would you trust when it absolutely positively has to be stable, secure, and easy
Come on now people! Do you have nothing better to do than make up stuff like this?
Bill "Goat" Gates, that rapacious, materialistic infidel will be cowering on his knees before the wrath and pwoer of the children of Allah singing before I am done crushing his evil empire.
---Ahmed "Steve" Jobs Allah Akbar
I have worked for several major software companies, including Microsoft, as a co-op.
:)
The standard practices at Microsoft do not include a lot of code review (even for a co-op). You could easily sneak stuff in there.
That being said, I'll wait until I see proof before I believe this one.
I have nothing to worry about, however. My standard practice is to never install a Microsoft OS until it has been "in the field" for -at least- a year
Secondly, while I agree that it's unlikely that a terrorist would approach a 13-year old kid and say, "Hey, you should start excelling in Math and then attend college to get a CS degree so that 10 years from now you can go work at Microsoft for 4 years or so (enough to gain the confidence of your managers) and then start putting back doors and bugs in their OS," it's far more plausible that a terrorist would approach a already working programmer who's naive and idealistic -- and perhaps *already* working at and trusted by managers at Microsoft -- and say, "Hey, here's how you can really help your faith..."
Offtopic, but:
Only because people try to misuse it as a boolean function, which it ain't - its an order test. If you say
if (strcmp(username, "osama") == 0) or
if (strcmp(username, "oscama") != 0)
your code will be clearer - the == 0 or != 0 (or > 0 or < 0) is the same sense as the string comparison.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
"I'm sure they do it, but a few minutes using any of their products will show you how well they do it"
:)
No doubt, they do a great great job.
Want proof? Look at any open-source software. 90% of them are nothing more than second rate imitations of what MS has done.
I've used Win2K everyday in a heavy production environment for close to two years now. I can count with one hand the number of unexpected crashes and freezes I've had.
Time to get over it and move on, buddy.
The idea that MS releases shabby software is a myth that needs to die.
Apple released software (iTunes) that destroyed data! It actually deleted files!
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
Coals to Newcastle, if you ask me...
Also, don't forget the ones that are there by poor implimentation. You know, like sound files in email that get executed without warning.
Also, don't forget the ones that are there due to poor design. You know, like an email client that runs as root because there are no real user accounts and the underlying file system will not support that and ....
Don't forget to combine all of the above with poor judgement. Well, running M$ with anything but in single user non networked air gap protected mode is poor judgement. Worse judgement is attatching a camera and an always on high speed internet connection in your freaking bedroom, ha-ha(banned in Saudi Arabia).
Alah-Akbar. It's true you know.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Aside from the improbabilities of such a claim, it strikes me that this is pretty irresponsible reporting.
When journalists hear about these stories, they should ask themselves: a) Is there any reason why the public needs to know this? b) Will any harm be done by publishing this?
I can not think of a better way to play into the terrorists hands then print these trivialities. Yes, Microsoft should have been informed of this, but what does the public at large care?
As much as I would like to see fewer Windows users, I don't see this is a legitimate means to that end, and I can't see any other outcomes from printing this story.
I'll bet he kicks ass on Half-Life.
All your US are belong to Base.
Political Correctness is doubleplusungood.
Snowball did it!
Four legs good! Two legs baaaaad!!!
You see? You see? Your stupid minds! Stupid! Stupid!
Hacking will become synonymous with terrorism (MS was already hoping it would be), and before long will be prosecuted as such.
It's a good thing Skylarov got out of the country when he did. With Bin Laden nowhere to be found in Tora Bora, the hawks have GOT to be hungry for whatever scapegoats they can get their hands on.
--------
Bleah! Heh heh heh... BLEAH BLEAH!!! Ha ha ha ha...
Trojans and trapdoors and bugs, Oh My!
Trojans and trapdoors and bugs, Oh My!
-or-
SHOW ME THE BUGGIES!!!!!!!!!!!
Al Qaeda members aren't supposed to know what the other members are doing. Their own mission is revealed to them at the last moment.
In the article they mention the following : "authorities find some of his claims inconsistent and "too theatrical to believe.""
This guy is probably not even a member of Al Qaeda, he's just a crazy guy who's probably too dumb to even be a terrorist.
Sure. Whoever thought of this is full of crap. You cannot convince me that a bunch of cave men hacked into XP. We are talking about a bunch of people who do not clean themselves, use electricity, and fight battles for the same reasons we did MORE THAN 1 THOUSAND YEARS AGO!!! Give me a break. Next thing you know, they are going to crack the gene code, and move on to settle mars.
DISCLAIMER:
I don't believe what I write, and neither should you.
I'm sorry (maybe), but the mental images conjured up by this line
of a terrorist non-programmer attempting to bluff his way through a code review are hilarious. I would love to see what the Monty Python crew could do with this as the basis for a skit..."Bill Gates holds press release on Al Qaeda hacks in Windows XP."
Redmond- Bill Gates today held a press release to confirm the presence of "hacked" code in the Windows XP product, and admitted for the first time that all previous versions of Windows also had "hacked" code inserted maliciously by covert Al Qaeda operatives within the Microsoft Corporation. "We have confirmed the presence of this code in all versions of Microsoft Windows from 3.0 to XP. The code we have found was planted by covert Al Qaeda operatives who were employed by Microsoft for years. This was a long-term terrorist operation planned years in advance and executed with frightening efficiency. We have investigated the code and found it to be the cause of instability in Windows products. As a matter of fact, the infamous "Blue Screen of Death" was in fact an Al Qaeda trojan. We will be release a full list in the coming week of all the Windows problems that the Al Qaeda terrorists are responsible for after a full investigation of all the things that make Windows suck."
- For the complete works of Shakespeare: cat
If Microsoft tries to dismiss THESE as features, then we really have something to be worried about!
Berto
Now there's a bastion of quality journalism. Just like Slashdot.
Taco, are you really this much of an anti-Microsoft zealot? Use the brains you have in your head, will you? Your frontal lobes are practically atrophied.
... where this looney says they planned to attack the Houses of Parliament and Tower Bridge.
Parliament perhaps, but not Tower Bridge. If they were interested in tourist attractions in the US, they would have put a plane into the statue of Liberty. It doesn't fit their pattern. Tower Bridge isn't even that big a deal as a symbol of the City. The Tower itself, or St Pauls, or Buck Huse, would be more likely.
Canary Wharf, I could believe.
~~~~~ BigLig2? You mean there's another one of me?
I got a BSOD the other day and managed to scrawl this down before rebooting my hung box:
I thought it was a prank at first, or some weird virus. Also I remember a story a few days ago on"What is the sound of one belly slapping?"
In late-breaking developments, the U.S. Department of Justice now wants the Microsoft anti-trust proceedings moved from the Federal Court to a military tribunal.
"According to Desler, Microsoft has rigorous
processes in place during the development of Windows
to ensure the security and integrity of source code.
$5 / month hosted VPS on linux = awesome!
And I developed the internet, gave Linus the inspiration he needed to develop the Linux kernel, and founded IBM, HP, Sun, SGI, etc, etc, etc. MS is not my doing .. I think Al Gore did that one.
.. wild rantings from someone who wants to get there name in the paper.
:-P
I *believe* the story is "true" about the apparently confused person they caught *stating* these things, but that is all they are
Unless this is Bin Laden himself or something
-- Knowing too much can get you killed, but knowing who knows too much can make you rich.
This means that Microsoft has been harbouring terrorists. George W therefore has permission to bomb Redmond!
Has it right. Apparently Microsoft can find INTENTIONAL security problems, but can't find UNINTENTIONAL security problems ... like learning to fly, you have to not try to do it on purpose... I suppose a suitably mentally trained terrorist could insert the security loopholes as long as he didn't realize he was doing it.
"Microsoft spokesman Jim Desler said Afroze's claims about the company were 'bizarre and unsubstantiated and should be treated skeptically.'" I can see it now: "Those are completely wild allegations! That was a Microsoft idea, not an al Qaida one! "According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code." ...most of which involve asking programmers, "Are you SURE there aren't any bugs?"
No comment.
Who cares, XP does'nt work anyway so no one uses it.
Maybe the interrogators exacted the confession with physical force. People will often make up whatever they think the interrogator wants to hear when they are tortured.
Why the fuck would you waste a moderator point on this post? And why are you such a coward that you use "overrated" so nobody can metamoderate you down for being such a tool? You really should die. I mean, really. Eat some rat poison or something.
The story must be true, because I found a bug in XP.
.Net projects, too.
Based on my observations, Mr. Afroze seems to have worked on the Win 95/98/2000, Outlook, SQL Server, Office, VB Studio, and
What do geese have to do with terrorism?
You are in a maze of twisty little passages, all alike.
A couple years ago a book came out called "Format C:". It was a pretty good book if I recall - and it had some strange parallels to this and other things relating to XP...
Even worse: Al Quaeda members might have worked on Linux helping to make it better and more stable. Who cares for one more security hole in Micro$oft products? But I bet it would hit every americans' pride to even think of it.
Fight hunger. Filet a politician and send him to a 3rd world country of your choice.
Ahhh, it all makes sense now. No matter how hard I tried, I could never land properly in MS Flight Simulator.
If your looking for visual proof check this out ....
. jp g
http://darkfire.sourceforge.net/old-stuff/proof
This is one of the worst pieces of reporting I have ever seen... this is totally unsubstantiated... don't you think security professionals would have noticed something like this?
Chris
I'm sitting here on a Windows box right now, and the very idea that Al Qaeda could get jobs at MS, hack the s@$%%$#%#%Die American Scum@$#@$@#$ is just ludicrous. I mean, learning how to fly a plane is one thing but !Q%#@$^%@#$^#$$The blood of the infidels will run red in the streets!%@#$%%#$%$%getting a CS degree, getting hired by MS, and then slipping all those hacks through the system? That strains my credulity.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
These people also said the "storm of planes" will not stop, and that America is going to fall sooner than later. Now who's hiding in caves living like animals, and who's living their normal lives with hardly a hitch? The only thing these pieces of garbage were able to do was to commandeer one of OUR pieces of technology for a short duration while our guard was down. Big deal. I'm pretty tired of hearing what "geniuses" these people are - any 12-year old kid could learn how to fly a plane when you don't have to worry about taking off or landing properly. Give me a break.
Nice try, caveman. Watch out for those daisy-cutters.
Such as...............
All Your Base Are Belong To Us.
Remember that you are unique, just like everybody else.
More reason to look at linux as an alternative! :)
cus if america runs an OS that the al qaeda hacked, then the terrorists have won
what exactly would anyone want to steal from a person stupid enough to run winXP anyways. has anyone actually seen an epsisode of "tech TV" , more proof that the people using XP are too stupid to exist on their own. if our enemies stole from them it would probably be to our advantage, as the information they would get would be as half ass stupid as the people using XP.
Actually they improved XP. It wasn't hard.
--- What?
It's not me damnit!
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
I'm sure that Microsoft didn't need any help. The exploits were a guarantee with or without al Queda help. I'm sure that XP's unintentional exploits will be much better than anything anyone could have done purposefully. :-)
If we don't pass on every hoax story we see, the terrorists will have already won.
Of course, it's better to be safe than sorry, so patriots don't let patriots use XP!
I moderate at +3, Highest Scores, and I always mod down.
If you don't like it, vote me off the island.
At only $27,000 each, a Daisy Cutter would be both faster and cheaper than waiting for the courts to break up Microsoft.
Even Slashdot wants to hide some things
This is a perfect self fulfilling prophecy type thing. Now that someone from al Q has claimed that there are holes in XP deliberately put there by al Q, any hole that DOES show up can be claimed in the name of Osama and his cronies. Since the probability that there would be security holes in XP is high, there is a high chance of causing more doubt in the minds of consumers about this product.
"According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code. "
Ha!
Ha ha ha ha ha
Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha
ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha!
Boy, I needed that!
Thanks Desler.
..include designing Florida's vote counting system, running Britain's railway system and Ministry of Agriculture, building the Tacoma narrows bridge and supplying the Titanic with lifeboats.
... to learn to fly those jets! This is the most subtle aspect of the conspiracy yet!
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
The USA almost certainly has openings in M$. Script Kiddies doing the system and the desktop. Now, Al Qaeda might have backdoors as well. The funny part is that nobody, but nobody can really do anything because our systems are down from BSODs :). What a world. And M$ states that closed is better.
I worked as an intern in VS.NET over the summer of 2000. I was incharge of manual and automated testing of the DataList widget in WebForms. Any automation we wrote had to go through peer reviews before it could be checked into VSS.
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
the sort of bollocks you`d expect from someone being tortured by the Indian Police (Amnesty International will be able to tell you all about them), just to get them to stop.
Maybe we need Open Source Osama. Then we can "fix" the bugs more easily.
I think MS has PROVEN time and time again that
thy don't really need ANYBODY's help to plant bugs and backdoors in their products(WPA,outlook,etc etc etc)
Washington Post is an anagram of...
Town Gasp: "No Shit!"
Shouldn't that be Mr. Ashcroft now?
. . .
posing as computer programmers, were able to gain
employment at Microsoft
. . .
Isn't that how they all get their jobs there? ;)
They were planting features, not trojans or trapdoors.
Obviously this is a hoax, any terrorist worth two cents would know already that Microsoft doesn't NEED any sabotage to mess up their OS.
Of course, MS will probably stop calling every bug a 'feature' and claim its a terrorist attack - I'm surprised that, what with all the tack-ons to the antiterrorism bills being passed, MS hasn't tried to get Linux, BSD, Mac, or any other OS labelled as terrorist software.
Looks like the Post has rehired Janet Cooke.
If you don't know who that is, do a Google search.
if this wash. post is valid. i cannot help but wonder if working for the gate couldn't considered as being part of a para miltary organization? *grin*
Laugh.
- Idea is suggested, and everyone predicts it will fail.
- Idea is implemented, and everyone predicts it will fail.
- It fails.
You'd think record companies would start seeing a pattern here too.Let's just whine about it instead of moving on. Way to fill the page up with trash.
Hypocracy, see above.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
help! they're dying for allah and they're taking you with them. help! help!
Al-Qaeda does have a motive to introduce bugs into Windows XP, which will be deployed widely around the world, especially in the US. Al-Qaeda's leadership has stated that their goal is the destruction of America. To the extent that the American economy relies on Microsoft products, this alleged subversion would give Al-Qaeda information, the ability to disrupt systems over remote connections, and, when revealed as true, the ability to make the world's population panic and distrust their current set of leaders.
Al-Qaeda is known to have hatched many crazy schemes, including one involving a helium balloon that would have distributed anthrax in Washington, DC. This alleged subversion of Windows XP is crazy, but it fits with Al-Qaeda's modus operandi.
Al-Qaeda has different kinds of people on their payroll. It is conceivable that they hired experienced computer programmers who came under the cultish influence of Bin Laden.
Microsoft's software development proceeds not just in the US, but in other countries, too. This geographic diversity would make it easier for an Al-Qaeda operative to be hired by Microsoft.
Even if Al-Qaeda could not get its operative hired by Microsoft, it could have slipped the code into XP through a variety of means. Some people have mentioned third-party modules.
Another obvious choice would be to breach physical security at a Microsoft building, and insert the trojan or backdoor when no one else was around.
They could have cracked into Microsoft's core developer sites. This could have been accomplished via cracking techniques, social engineering, or breach of physical security combined with placement of of hardware or software that allowed the access. Any of these options would have allowed them to place the trojan horse or backdoor password.
As for Microsoft's code review process, there is little detailed public knowledge on how thorough it is. It does miss many security related bugs. No one individual can possibly look at all the XP code. Thus, the crucial part of the system is accountability, ensuring that trusted reviewers look at all the XP code. Has this been done?
Nevertheless, the story seems too unlikely. If Al-Qaeda carried out this alleged subversion successfully, why haven't we seen more ill effects from it yet? You'd think they would have already attempted to hack into sites and cause havoc and mayhem. That hasn't happened yet.
Nevertheless, I would hope that the security people at Microsoft are doing some double checking of the XP code.
I am not a lawyer. Do not take my words as legal advice. If you need legal advice, consult an attorney.
They already did it. Windows 95. That bizatch of an operating system cut US productivity in half overnight.
I think the US military should now be focused on finding and putting the Blue Screen Of Death on trial. It's worse than Bin Laden.
mogorific carpentry experiments
Let me see if I get this right. M$ has developed for years an OS that has literally cost our country BILLIONS of $'s. They have been found guilty of all sorts of illegal activity and are knowing for being the masters of FUD. And this is irresponsible reporting because a reporter tells what one prisoner said? No, this is very legitimate reporting. It was not put forward as the gosple. The public has a right to know a number of things that many ppl seem to be forgetting about. However, I think that we have become more "communist" (what we would normally call represive regimes) than many of the so-called communist countries ever were.
THey obviously used the excel easter egg flight simulator to train the hijakers!!!
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
Perhaps these guys have been instructed that if they feel the need to "spill the beans" they should spill 3 or 4 phony beans along with the real ones. That way, our security has to track multiple potential threats. I'm sure nothing would please them more than to see us spend the time and money required to audit all of the Windows code.
Perhaps there is a rational way to tell which threats are real; some kind of "threat profiling".
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
There is no way that you could try to put a terrorist-sized hole in XP without a lot of people noticing.
-For the months before the OS ships every line of code that is modified is examined on several levels; every bug that is found could potentially be investigated by any of dozens of people in any part of the organization...
-There's nearly a 1/1 ratio of Test/Dev in the critical parts of the system; to do this you would have to get the developer(s) and the tester(s) responsible for that chunk of code/functionality.
-Automated tools run by seperate groups review changes and record owners; try to sabotage something once & you won't get a second chance.
-Automated tools run by testers review code that's not exercised by test-passes, reporting on changes so that the hole can be filled.
This simply did not happen and it's embarrassing that this pseudo-technical forum is giving the report even a little credit. I would expect better from even the bitter/angry/biased-microsoft-haters that make up the such a vocal percentage of the slashdot crowd.
From my experiences with XP, it seems like Al Qeada haven't been the only ones putting bugs in XP.
Approximately 5835 winboxes crashed while you were reading this post. Thank you.
It's pure FUD, but the problem is reassuring easily frightened and confused non-techies that it isn't true. How do you disprove the existence of allegedly hidden code?
How about peer review of source code and check sums for compiled code? How else do you prove the intergrity of a thing, by a billion dollar advert budget? Yeah.
For years the softies have put out FUD about not being able to trust free software due to a lack of central control. True? Of course not. Yet it scares lots of people into a closed source surender of their rights and money. It's part of the reason they have all the piles of money they do from pushing some of the worst built, least secured software ever. They deserve to get this shoved right back at them.
The track record justifies a lack of trust, but they can blame terrorists if they want.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
in MS too,I'm sure. Also runs not just ISP but telcos. trojaning xp would be minor stuff. they'd target the us government communications like military. besides they have pakistan as their real base while afgh just a training camp.
Given the long-term planning that Al Queda is known for, and their penchant for using the tools of the West against the West, I would be unsurprised if they planted people into companies doing Y2K patchwork for major financial institutions or other mission-critical systems. Most of that code was NOT code reviewed due to time constraints, and the work was done overseas by the lowest bidders. This is a recipe for disaster and was predicted as such years ago. Now that we know exactly how crazy these motherfuckers are, the warnings seem a lot more important.
Just my paranoid guess.
-jon
Remember Amalek.
Where they've hit is already public knowledge...
--- Metamoderating abusive downgraders since my 300th post.
then this bug must have existed since 1998. Everyone knows there isn't any newly-written code in XP!
... as IF microsoft needed help doing that!
What's a terrorsist?
Hey, here's another...
Al-Qaeda managed to get one of their men into an area MacDonald's where he was able to skimp on ketchup packets and overcook the fries for a whole month before he was finally discovered.
Somehow...
Some FIENDISH way, Al-Qaeda planted one of their men at Warner Brothers (codename: "Chris Columbus") who was able to successfully render "Harry Potter" "lifeless, pretentious, and overblown with gaudy special effects."
The resultant disappointment left Americans bereft and emotionally haggard for a full 36 hours after opening night.
And during those crucial 36 hours, Al-Qaeda may well have succeeded in getting operatives on TV's popular new dating show "Elimidate."
Where will it end?! --
Spudnuts,
Anonymous Coward
That's what my teacher said. LOL! LOL! Taliban sucks my cockhead! LOL! LOL!
Bad News is that XP has been thoroughly hacked by Al-Quida.
Good news is the hacks have made XP the most stable and rugged OS for M$ since DOS 6.2.
Mod Karma -1: I sed bad wurds. If I cep my mouf shut, I wud be at riyses.
Yeah, but the boy can dance like no pasty overweight man before or since! ... "Give me an E!"
Hmm. Maybe that's it? Someone over at Redmond ought to ask Mr. Ballmer to pee in a cup...
Just because a few of us can read write and do a little math, doesn't mean we deserve to conquer the universe
So what are the QA procedures for Solitaire? I'm sure that gets almost as much runtime on most office machines as the networking stack.
I don't think they would have had to put a backdoor into the kernel for them to cause problems.
.
load "linux",8,1
It would be trivial to sneak code into almost any commerical non military project if you were a developer with code repository access.
Some would argue that these al Qaeda spies have been at Microsoft for years putting security holes in their software the whole time!!!
Wow, al Qaeda is evil, they worked for Microsoft!
Linux O Muerte!
You joke, but there's been real vulnerabilities in NetDDE (only known application is Hearts), and CharMap.exe Not to mention IE and WMP issues...
Caus' it's possible quite fast that "some" OS makers will be made liable for the bugs in the system.
That way MS can always charge another 4864 years jail on Oussama 8)
During interrogation, Afroze, 25, also claimed that a member or members of Osama bin Laden's Al Qaeda network, posing as computer programmers, were able to gain employment at Microsoft and attempted to plant "trojans, trapdoors, and bugs in Windows XP," according to Ravi Visvesvaraya Prasad, a New Delhi information systems and telecommunication consultant.
How does one pose as a computer programmer and attempt to plant trapdoors in software? I mean, if you can plant a trapdoor in a piece of software, you are ipso facto a programmer.
If this is the best news stories slashdot can come up with, I'll just start reading the enqiuerer.
PLEASE STOP POSTING CRAP!
Mike @ The Geek Pub. Let's Make Stuff!
Lets be honest, I am sure the general /. opinion is that even if this didn't happen, pretty much all Micro$oft products are full of bugs/holes and vulnerable to trjons anyway.
My policy is half of that: the first half!
Every true American knows what he must do. We must all dump WinXP and go open source. Only then, when we know that every dollar goes to a good American distro like Red Hat, instead of supporting terrorist code hidden in obscurity within XP, will we be safe.
It's time to bring in Bill G for questioning by the House Committee on UnAmerican Activities that Ashcroft has set up. We must root out al-Qaeda wherever they are. Some of us may have heard that they have successfully infiltrated their fundamentalist brethren who are in the White House. These people must be jailed immeadiately - their bibles could contain key decoding phrases for passing secret terrorist plans around, using biblical phrases. For example, John 12:16 means attack the Sears Tower.
No expense must be spared.
This is War!
-
--- Will in Seattle - What are you doing to fight the War?
Canary Wharf would be a great target if it were better known. Parliament and any of the castles would be likely choices, along with MI-6. Of course the IRA has already nicked that one once.
St. Pauls seems unlikely to me, because they've always avoided religious targets. They seem to really take aim at the flashy secular elements of western civ. Sbarro's pizza, the World Trade Center, the Pentagon, discos, etc.
if ($it != $onething) {$it = $another;}
That Bill G looks an awful lot like Osama bin Laden when he shaves of his beard and puts on glasses?
...
They even have that same rocking motion
-
--- Will in Seattle - What are you doing to fight the War?
Think about that handy Factory pattern, a great way to change the behaviour of a system at runtime.
Consider: you have a Java application that loads a properties file in order to determine what classes to load and instantiate to accomplish a task.
Edit the properties file, add a jar to the classpath, and boom, you can completely change the behaviour of a deployed system without ever having to go through peer reviews, and other such processes.
All you have to do is honor interface contracts or inheritence, what you do from then on is whatever you wish.
Uh, doesn't anyone think this is just some prisoner who knows he's screwed and is just trying to say anything he can to save his ass?
-- Hobbits suck!
Occam's Razor: The simplest answer is probably the right one.
In the current situation, which answer is more believable
Terrorist infiltration software industry from countries that are barely literate...
versus...
Incompetance caused by placing marketers in
charge of a software company with monopolistic practices.
PICK ONE.
Latest news reports advise that a cell of 4 terrorists have been operating at the Boeing Renton site. Police advised earlier today that 3 of the 4 have been detained.
Boeing security stated that the terrorists Bin Sleepin, Bin Drinkin and Bin Fightin have been arrested on immigration issues. The Police advise further that they can find no one fitting the description of the fourth cell member, Bin Workin, in the area. Police are confident that anyone who looks like Bin Workin will be very easy to spot in the plant.
Ask them questions they won't know the answers to.
Like talk about the Grey Screen of Death and see if they notice. Or see if they can tell you what TCP/IP stands for - hint - it's not Taliban Control Program/Intifada Protocol like they think.
And if they don't get all hot and bothered by the BSD booth babes, you know they must be terrorists.
-
--- Will in Seattle - What are you doing to fight the War?
They also corrupted our politicians and dumped dihydrogen monoxide into the water supply.
/. If the government wants us to respect the law, it should set a better example.
ObExplanation: somebody is in need of a scapegoat to take the blame for XP's security problems, instability, poor performance and design flaws.
Sure Bill. Sure. Something wrong with Windows? Must be the terrorists. Sure. Yawn.
Any chance we can convince them to put the EMP building in Seattle on their short list instead of the Space Needle? I wouldn't mind losing that building, and they'd be attacking Paul Allen, so they might find it more satisfying.
-
--- Will in Seattle - What are you doing to fight the War?
Microsoft is run by terrorists.
Linux? Hah - that's just totally Unamerican!
Heh, first it was greed, then it was spyware, NOW it's trojans/holes in the system? Wow...you really DO eXPerience everything with XP.
... it clearly shows how Open Source Software is more secure than proprietary software, contrary to Microsoft's favorite claim in defense of NT/XP servers.
Nobody could possibly claim a terrorist organization got its patches into the official releases of Open Source tools.
This message is provided under the terms outlined at http://www.bero.org/terms.html
Yeah, right, it's called Code Red Sircam.
I don't know about you guys, but how the hell to you "pose" as a programmer? Either you are, or your not!
lol
I think next week maybe I'll pose as a surgeon or a lawyer and get a raise!
Hey, maybe those islams are really about peace huh? They just like to bring peace about in violent ways!! too bad they're dead now.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
How can anyone just take this guy's word for it like that? Or is it that it makes some people happy to think XP has been penetrated by Al Qaeda?
eTrade SUCKS
So, are those who install Outlook aiding and abetting Terrorism? It sure is a huge hole in the system...
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
It's not a C64, numbnuts. Commodore made 486 PCs.
We've known for a long time that Osama bil Gates is a digital terrorist, the ring leader of the "Active Qaeda" terrorist network.
Tired of FB/Google censorship? Visit UNCENSORED!
Sure, the article says they put holes in XP...but what if they really put holes in the XBOX?!?!
Imagine...you boot up your xbox to play Dead or Alive. Instead of the game starting, a hypnotic image of Osama bin Laden appears telling you to buy more gasoline and heroin from his Islamic brothers.
But of course that won't be necessary because you must already be smoking crack to have purchased an xbox.
There is no gravity...the earth just sucks.
He wouldn't praise himself, he does it for Alah(?). Oh, who cares, this is /. and noone can spel anywayz.
;)
al-Qaeda is "The Base". Do you think it's a hint about all our base belong to them?
chmod 777 /bin/laden
Amazing. Several weeks ago, when I was stating the anthrax spore dust with electorstatic treatment was from a local american group, a number of ppl riped me and basically stated it had to be from Bin Ladin. That requires a knowledge that THINK. Is it likely that this guy is knows what he is talking about? no.
But is it possible for the Al Qaeda to slip in 1-5 ppl into Microsft and to get some backdoor into the > 100M loc without others knowing? Oh Yeah. Proof in point. The russians who were sneaking through their network for > 3 months.
Likewise, getting a job at Microsoft and doing the mods is far easier than bombing the WTC, building Nukes, Doing Chemicals, etc.
This is by far the most sensational article I've read. I mean, there has been no evidence to support this other than a testimony of a guy.
Secondly, I don't think this is any better at proving that Open Source is better than how Microsoft is doing it. Let give a generous estimate that 5 people infiltrated MS. With the system of code checking that they have at MS, it is almost impossible for these 5 people to implement something that will go unnoticed by thousands. The same thing could as likely to have happend in open source software.
_______________________________
"I'm not Conceited...I'm just a realist..."
SO I just finished reading through everyone's witty re-interpretation of the whole 'but XP already has security holes and trojans!' tripe.
Anyone care to point out these so-called backdoors?
Anyone?
Uh huh.
My roommate worked as MS over the summer, suffice to say, you little people have absolutely no idea how ignorant you sound. It's incredible.
'While I don't think it did happen, it certainly could!'
Right... if it helps you sleep better at night, keep thinking that.
Is it likely that this guy is knows what he is talking about? no.
But is it possible for the Al Qaeda to slip in 1-5 ppl into Microsft and to get some backdoor into the > 100M loc without others knowing? Oh Yeah.
Proof in point. The russians who were sneaking through their network for > 3 months.
Likewise, getting a job at Microsoft and doing the mods is far easier than bombing the WTC, building Nukes, Doing Chemicals, etc.
How long has this insider been working for Microsoft? I'd guess since Windows 1.0
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
... so let's see how they react when someone starting FUDding XP. My guess: it ain't gonna be pretty.
[this
Afroze also told investigators that the team that they had replaced George Bush with a mannican, converted Disney Land into an Al Qaeda terrorist training camp, and stolen all the pokemon toys out of Corn Flakes packets. Further claims that Al Qaeda had replaced the moon with a huge goat have been treated skeptically amoung Nasa officials.
in my opinion you are both communists
ed edwards
That sounds reasonable. However, by that logic there should never have been any exploits for a Microsoft product, right? Maybe you are assuming that the trojan would be glaringly obvious. I would assume the opposite - that it would be the kind of vulnerability we've already seen many times in IIS and Outlook. Something that could be called an honest mistake.
I still don't really believe the story, but I think you are dismissing it too lightly.
You must be joking. Everyone knows that microsoft code never has comments.
I believe that early on there was a bugged version of gcc that went undetected for years. (The binary didn't match to source, but whenever it was recompiled it patched itself to still contain the bug.)
I don't remember what the bug did. Or even, actually, whether this is folklore rather than truth, though I remember it as truth.
Still, even if it were folklore, it seems a feasible scenario (as long as one assumes that the compiler doesn't get renamed, e.g.).
.
I think we've pushed this "anyone can grow up to be president" thing too far.
Sounds like fud
It's al just FUD to cover up the Magic Lantern introduction. Really.
karma capped
what the heck, alqaeda doesn't even have internet connectivity at their so called main headquarters in bunch of tunnels in mountains of a country who can't even make glass (afghanistan). that's some hilarious shit. remote members of alqaeda in other countries might have done it but still, that's hoax to me.
my instinct is that youre probably not a progammer but a "people person"(i.e. someone who "studied" business, communications or marketing in school), but the fact that youre reading /. kinda nixes that theory. so youre probably legit, and i, and i assume the rest of the community as well, would like to know what software company you work for. any company which actually does everything you say before releasing code is #1 on my list.
Must be the compiler that buggers it up then...
"That's a fact, in my opinion" -some peacenik on CNN
I.e., while the code was being modified during the GA process, the result is the most "fit" bit across all iterations, included statically in the final program.
For example:
Juding from the number of serious bugs weve seen in m$ products over the years there must have been someone there for quite a long time... Or maybe lots of terrorist groups all have one person there!!!!!
"no evidence of malicious code in the operating system has been reported".
:}
Never attribute to malice that which can be adequately explained by stupidity.
Hand me that airplane glue and I'll tell you another story.
Don't employ muslims. Ever.
They're third-world animals anyway, and certainly don't deserve the scraps from the table of civilised man.
Watch them cry 'racist' now.
I hope you get my drift. Do I personally believe that terrorists have infiltrated Microsoft and planted bugs in the code? Not likely. Is the scenario conceivable? Absolutely.
Is this good? NO! Is it common? In my experience, in the literature of our industry, and of the opinion of most of the programmers I personally know (which is a large sample), it is the *rule* rather than the exception, unfotunately.
The 'real' employee's do this stuff anyway!
5 22 4&mode=thread
http://slashdot.org/article.pl?sid=01/12/11/212
This is why MSN Messenger/Passport is down again today!
Well, if you have GNU find and xargs, you probably have GNU grep too. In which case it is much simpler to
grep -r
instead, as in the original message.
First, reducing biodiversity, whether of wheat or windows, is a bad thing, because viruses spread quickly and do lots of damage. The simple fact is that we need redundancy in the forms of at least two different technologies.
Secondly, when we do go one way, there is an encumbered trust to ensure that all is safe. This appears to be lacking from the MS world, since their model is to force use of their product.
Let's face it, there is no reason why I should not be able to use any POP3 client to collect mail from Hotmail, rather than specific clients.
Even if the current threat is a joke, there is still underlying issues that need to be address.
I would suggest that we need to get some biodiversity, or face the rath of bugs, whether deliberate (eg malicious), exploited (eg viruses) or accidental.
Remember: Never attribute to malice what can be attributed to stupidity.
OS/2 - because choice is a terrible thing to waste.
becuse i`m using linux
:)
"If you loved me, you`d all kill yourselves today"
Spider Jerusalem
...and it comes from Microsoft. So they can say they were under attack by terrorists and their products were sabotaged by them, instead that "buggy by nature".
I'm fat, you're ugly. I can get slimmer, and you?
Suppose Al Qaeda could gain control over manufactoring plants by hacking into the XP controlled factory automation systems?
Boeing airplanes could be created with hacks built in, so next time no terrorists are required on board.
Publishing systems might be hacked resulting in the purging of all books not meeting suitability criteria!
Microsoft Phone or CE Pocket Computers disrupt networks on command, or convey user information to a terrorist homebase.
<TONGUE IN CHEEK>
A butcher's freezer with embedded XP controller might refuse to keep pork frozen.
Automated diaper machines might be hacked resulting in the a national supply of mass produced disposable Burkies!
</TONGUE IN CHEEK>
Could this just posibly be Microsoft's latest ploy to disguise all the bugs and problems that already exist in their programs?
CoyboyNeal is God
Presumably these safeguards are primarily designed to prevent mistakes, not intentional sabotage.
There's also the question as to how well the safeguards are actually tested. In almost any corporate/political system, procedures with have no practical consequence are very unlikely to be carried out properly.
So while I'm inclined to consider the claim of sabotage to be bogus, to bet your ass on that would be foolish.
No Battle Realms for you!
"-For the months before the OS ships every line of code that is modified is examined on several levels; every bug that is found could potentially be investigated by any of dozens of people in any part of the organization..."
That is the only one of your statements that could be likely to actually result in catching an intentional security hole, and I won't believe it at face value without supporting evidence, such as a description of the actual code review procedures. The typical code review in the industry (and I've seen other major operating system code and supposedly secure procedures in accordance with DoD standards) may be to check that the code being modified is in the area it purports to fix a bug or whatever and is by an engineer who knows that area. On occasion, a reviewing engineer may check the code to see that it changes the behavior in the way it is supposed to. Rarely would an engineer scrutinize the code to see if it subversively changed the code in a way it wasn't supposed to.
"-There's nearly a 1/1 ratio of Test/Dev in the critical parts of the system; to do this you would have to get the developer(s) and the tester(s) responsible for that chunk of code/functionality."
The conclusion of that statement does not follow from the first part. Only the developer needs to be an adversarial agent, because a tester is not necessarily going to catch an intentional security hole. I think it is not even likely, because a designed hole isn't going to show a lot of evidence. E.g., a buffer overrun error is an error whenever the buffer is overrun, whether by 1 byte or 1 million. A designed hole may show up only when certain data is presented, and testing would never catch such a hole. This is why I only believe your code-review claim would catch a hole, if there were a real, meaningful code review.
"-Automated tools run by seperate groups review changes and record owners; try to sabotage something once & you won't get a second chance."
All this means is that changes can only be made by persons assigned to work on that particular code and must be associated with a recorded bug fix or design specification. That is little impediment to adding a security hole; it just means the code implementing the hole has to be submitted to the source along with a recorded bug fix or design specification in the same area.
"-Automated tools run by testers review code that's not exercised by test-passes, reporting on changes so that the hole can be filled."
As above, testing will not catch a design hole.
This doesn't mean I believe there is a terrorist-planted hole in Windows, just that I don't believe Microsoft's procedures would be likely to catch one.
"According to Desler, Microsoft has rigorous processes in place during the development of Windows to ensure the security and integrity of source code."
Yeah, but not the security and integrity of Windows
-no broken link
It seems to me that if we'd caught a guy in August who claimed that two jet planes were going to be hijacked and used as flying bombs on the World Trade Center, our authorities might have dismissed such a claim as "too theatrical to believe." Hell, I had trouble believing it as it unfolded in front of me.
this has to be the lamest story slashdot has ever posted. even if it was posted in the washington post it should have been immediately rejected by the slashdot editors. get a life people.
Al Qaeda is an anagram for "A QA DEAL"
*lol*
I'm sorry but when I was reading this I looked at Al Qaeda and realised this funny anagram and I had to post it. Maybe GATES and Osama are working on some sort of Pinky and the Brain type of scheme for world domination! *lmao*
OK - there goes all my Karma...
[Connection closed by foreign host]
Incredible. You've just proved that I've been hallucinating for years.
You see, you're saying that no terrorist-sized hole could be possibly introduced in Windows. No chance. Security-related stuff is examined to death.
I submit that for five years MS shipping products (95, 98) have contained a massive security hole where computers running Windows File Sharing have trusted the remote computer as to the length of the password, reducing any password to under 8 bits of strength. In a minute, any unpatched (yes, years later they found the hole) 95/98 box can be zipped into. Just for kicks, I wrote a program that extracts passwords on shares from the boxes as well. This is *exactly* where a security hole would be placed -- in the password verification code -- and yet it slipped by MS for years and years.
All right, maybe that was a quirk. How about the fact that for *years*, 95/98 boxes would bluescreen upon trying to access the path NUL/NUL? Just about every 95/98 box running a server could be bluescreened by simply trying to access the directory NUL/NUL. Every fileserving program in the world was a sucker for that. The ability to remotely bluescreen any server.
I suppose that was a quirk too.
I'm not going to bother to mention all the possibilites for buffer overflows in IIS (which, being amazingly insecure, runs in Ring 0) and IE parsing code.
I'll grant you that something along the lines of "if (strcmp(password, "bobsbackdoor") == 0) return 1;" might have been noticed. But if you don't think that someone could have smuggled in backdoors, you're crazy.
It's not in the Washington Post; I think the reference was that Newsbytes is owned by the Post. Anyway the story itself is BS; it cites articles in the Times of India, Hindustan Times, and the Guardian. I've searched all their websites, and also looked on Nexis, and there is no such story in any paper. I emailed the author of the article asking him to produce the sources.
'nuff said.
Who did what now?
If they are going to stop working then they need to start working before cna!
I thought most afghans went to school to learn how to chant and rock back and forth.
In a country with little communications infrastructure, few if any computers, and unreliable electricity distribution. How could they possibly have anyone versed well enough in CS to write code?
The thought is funny though....
Now why would anyone want to sleep will Bill Gates? He's ugly, he wears glasses, he's created an evil multi-billion dollar corporation, he--oh, yeah.
[insert witty comment here]
Of all the people in the world, Bill Gates had to pick Bin Laden as his pen-pal :-\
Let's face it, Borgs give birth to more borgs
~=NeuroMorphus=~
python >>>
reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))
Developers! Developers! Developers! Developers!
As an employee who has worked in the OS division of Microsoft I would like to say unequivocally that this article is complete crap.
Just curious, have they fired the dudes who are responsible bunches of holes in IIS and Outlook?
I meant, I'm just curious. Thanks in advance, Bill.
Aren't Indians as American as you can get? In the politically correct sphere I believe they're referred to as native Americans though.
Help savingAmigaOS and a free PowerPC market
CmdrTaco: "Hmm, I need a story to whip up the /. crowd...lets see..."
/. crowd into a feeding frenzy. It's not hard, but last weeks MSIE "exploit" was damn well near a Pulitzer for Michael. "Whatever we do," says Taco, "it needs to be from a third party, outlandish, unsubstantiated, and hopefullly, as short on detail as possible, the less the better. Ambiguity is what drives those page views, boys."
/. is going to live to see another day.
Taco opens Konqueror and heads over to google. He begins to enter search terms.
Taco: "'Bill Gates and Goats'...heehee thats great! What!? No results?!? Hmm, Ok...'RMS eats baby'....shit, nothing."
This continues for awhile as Taco and the gang struggle to find something to really get the
Suddenly, Taco has a brilliant thought, and races back to his hacked DreamCast. He furiously types in the phrase "Osama bin Laden hiding in Bill and Melinda Gates' guesthouse". To his joy and surprise, he nearly falls over when he sees this fine work of journalism.
Taco posts it to the front page and watches the pirana gather for the frenzy. Looks like
At the moment we get every other day a new story about Al Qaeda plans. Just think up some new story and you will find yourself on the headlines of all big newspapers. The next story will probably be that Bin Laden has his men in the US Army and the CIA.
Lets just ignore those stories until they go away!
Nope, delivery is extra. Do you think finding someone to sign for it will be a problem?
Even Slashdot wants to hide some things
Since this terrorist was caught in Bombay we might want to think of contracting companies from this country that operate here in the U.S. There are these type of contracting companies doing software work. They work on many contracts for major BIG corporations. Remember sofware contractors do noot just work for software companies, they work for other companies that would really suprise you who. Yes I know fiirst hand and it scares me if you new what I do for a living.