Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers, Meet Microsoft

Posted by CowboyNeal on from the come-together dept.

Mz6 writes "The random chatter of several hundred Microsoft engineers filled the cavernous executive briefing center recently at the company's sprawling campus outside Seattle. Within minutes after their meeting was convened, however, the hall became hushed. Hackers had successfully lured a Windows laptop onto a malicious wireless network. 'It was just silent,' said Stephen Toulouse, a program manager in Microsoft's security unit. 'You couldn't hear anybody breathe.' The demo was part of an extraordinary two days in which outsiders were invited into the heart of the Windows empire for the express purpose of exploiting flaws in Microsoft computing systems. The event, which Microsoft has not publicized, was dubbed 'Blue Hat' -- a reference to the widely known 'Black Hat' security conference, tweaked to reflect Microsoft's corporate color."

18 of 496 comments (clear)

  1. "End of an era"? by TripMaster+Monkey · · Score: 3, Informative


    From TFA:


    "The security faults we are seeing could end up bringing an end to the era of personal computing," Kaminsky said. "The ability to customize our computers is under attack from those who are customizing it against our will."

    Funny...the Fedora install on my laptop seems fairly customizable and fairly secure all at once...
    --
    ____

    ~ |rip/\/\aster /\/\onkey

  2. a little niggle by JamesD_UK · · Score: 3, Informative

    Can people write, or the editors make sure that article summaries are just that, not cut and pasted paragraphs from the article? The posting makes it look like Mz6 wrote those paragraphs which is only true if she's Ina Fried .

  3. Re:Pay outs by Anonymous Coward · · Score: 0, Informative

    While finding the holes is important, fixing them in a way that doesn't break something else or make new holes is what really costs the money.

  4. Re:Corporate Color by nachoboy · · Score: 4, Informative

    The blue is actually a reference to the color of the square around your photograph on the Microsoft corporate cardkey. Only full-time employees of Microsoft have blue borders. Contractors and vendors have an orange border. Events for Microsoft employees only are typically referred to as "blue-badge only."

  5. Re:Pay outs by umofomia · · Score: 5, Informative
    They returned over 25 billion to their shareholders via tax free dividends.
    Where'd you get the impression that it was tax free? People who received the dividends still had to pay taxes on it (though it was treated separately from normal income).

    From http://www.microsoft.com/msft/FAQ/faqdividend.mspx :

    What is the tax treatment of the special dividend?
    The special dividend, along with the November 2004 quarterly dividend, was treated as "qualified dividend income" for U.S. federal income tax purposes. These dividends may also be considered "extraordinary" under the U.S. federal income tax rules depending on the facts and circumstances of the stockholder. Treatment as extraordinary may affect a corporate shareholder's basis in its Microsoft stock or, with respect to individual shareholders, may affect the tax characterization of a sale of their Microsoft shares. Thus, we strongly urge each stockholder to consult with their tax advisor regarding their specific tax treatment of these dividends including all applicable state, local, foreign and U.S. federal tax considerations.
  6. Engineers? by HydroCarbon10 · · Score: 5, Informative

    WTF is up with calling programmers engineers now? The term 'engineer' is regulated in all 50 states, and calling yourself an engineer without being licensed is worthy of a fine. There are some exceptions, but these vary from state to state, making it best to completely drop the title 'engineer' unless you're actually licensed in the state you're advertising in.

    --
    The best way to accelerate a windows box is at 9.8 meters per second square.
    1. Re:Engineers? by Anonymous Coward · · Score: 3, Informative

      The title Software Engineer is not regulated.

    2. Re:Engineers? by chapman_164 · · Score: 5, Informative

      Actually, calling yourself an engineer is fine. Calling yourself a "Professional Engineer" is what will get you in trouble unless you are appropriately licensed.

    3. Re:Engineers? by HydroCarbon10 · · Score: 2, Informative

      As an EIT, I can tell you that its actually extremely vague and varies from state to state. You may or may not be able to get away with just 'engineer' depending on which state your in, the phase of the moon, and who happens to be sitting on the regulatory board for your state. At least, that's my understanding of the issue based on a presentation given by someone who sits on the board in Texas and was attempting to clarify the issue.

      --
      The best way to accelerate a windows box is at 9.8 meters per second square.
    4. Re:Engineers? by JohnsonWax · · Score: 2, Informative

      It is in Texas.

      http://www.computer.org/software/articles/Speed.ht m

  7. Re:Can We Get Firefox Developers To Do This, Too? by Kirth · · Score: 3, Informative

    These things say to me that, within a few years, we're going to see some really damn secure stuff coming out of Microsoft.

    I don't think so. Of course they are now taking security a bit more serious, but there are so many big conceptual mistakes, so many design flaws, they won't and can't fix, or they would break thousands of applications which you can't just recompile...

    Like:
    - case insensitive but case-preserving filesystem (ambiguities in filenames)
    - active X and other unsafe scripting languages all over the place. Its not just the browser, its also word, excel and lots of other programs.
    - rpc for just about everything.
    - unsafe program interfaces. some application will happily accept any malformed events from some other components.
    - writeable windows\system and other writeable directories. ACLs are nice, but you do have to set sensible defaults..

    --
    "The more prohibitions there are, The poorer the people will be" -- Lao Tse
  8. Re:Good start by drsmithy · · Score: 4, Informative
    It would not supprise me to see Microsoft doing a Apple after Longhorn of creating a new Windows OS from scratch and praying that LH will hold untill it comes out.

    Apple didn't create a new OS from scratch, they bought an existing one - NeXT (although many will argue Apple bought Steve Jobs and NeXT was a nice bonus).

    Moreover, since NeXT was actually released for the first time way back in 1989, OS X's codebase is actually around 4 years *older* than Windows NT's.

    Apple didd this when small and surivived. And MS can do it now but cant pospone much longer.

    Microsoft will not create another from-scratch OS in the forseeable future. There is simply no need. Technically and architecturally NT is just as good as any of its contemporaries. 99% of problems in Windows come from legacy support (being phased out with .NET, x86-86 also providing a convenient excuse) and less than ideal default settings (hopefully on the way out with LH).

  9. Re:lured? by Effugas · · Score: 3, Informative

    http://blackhat.com/presentations/bh-europe-05/BH_ EU_05-Kaminsky.pdf

  10. Re:Good start by zbuffered · · Score: 3, Informative

    Like the article, your post contains no commentary on the actual nature of the specific Windows problems demonstrated at "Blue Hat".

    Using tools like void11, you can disconnect wireless clients. Windows automatically attempts to reconnect to the WAP. If you've got an identically-named WAP and you can overpower their WAP, they'll connect to yours instead. They won't be notified, and will think that they are on their own network. Which doesn't matter too much because you could alternately just sniff all their traffic (or even inject your own) without setting up a WAP of your own.

    There's a lot that MS can do about it, and code written 2 decades ago has absolutely no bearing on it.

    --
    Synergy is your friend
  11. Re:An extremely dangerous stunt by Jah-Wren+Ryel · · Score: 2, Informative

    If a hacker can gain access to a Windows machine via wireless (and they can according to this account), then they would be able to (and might have) accessed wireless networks outside the meeting room but inside the corporate firewall.

    Anyone doing even halfway decent wireless networking in the corporate environment is simply using the wlan as a transport layer for a VPN. Without the VPN you can't get anywhere.

    --
    When information is power, privacy is freedom.
  12. Re:Good start by Anonymous Coward · · Score: 1, Informative

    disclosure: I'm an intern at Microsoft.

    You know, you claim that Microsoft is insular, but I haven't seen that here. I mean in the few days I've been here, I've met people on my team who have worked at Sun, IBM, and BEA. I myself am a college intern and have worked for TI, Nortel, and a bunch of start-ups. Exactly where are you getting your information, from which you base your opinion? Or are you just making stuff up? I suspect it's the latter.

  13. Heh... read the sidebar by JavaRob · · Score: 1, Informative
    Yes, it's a puff-piece, and the writeup works pretty darn hard to paint the "hackers" as impressed with the technical know-how of the execs. This is even more poorly executed in the sidebar.

    Excerpted for your amusement; pay careful attention and watch to see what deep technical know-how Allchin actually demonstrates beyond "nodding knowingly" (honestly, the guy probably knows what MD5 is, but he comes across as pretty silly here in spite of the praise he's getting).
    "Who Was That Guy"

    During a recent talk in Redmond, security researcher Dan Kaminsky wasn't sure how geeky to get. After all, he was talking to a bunch of executives on the first day of Blue Hat, not Microsoft's rank-and-file engineers.

    So he kept his comments brief when it came to a flaw in something called MD5--a "hashing" algorithm, or a kind of fingerprint used to authenticate documents. He figured it was probably too esoteric for his audience. The rest of his presentation was focused on a different security topic.

    But when it came time for questions, "this one guy with a shock of white hair looks straight at me and just says, 'MD5.'" Kaminsky, who said the comment seemed more like an order than a request for information, complied by demonstrating how two Web pages could have the same "hash," as the man listened and nodded knowingly.

    A week later, Kaminsky learned that his interrogator was Jim Allchin--one of the highest-ranking executives at Microsoft and, as the person in charge of the Windows operating system, one of the leaders in the technology industry as a whole. Allchin's questions made clear just how deep the technical knowledge runs among the most senior ranks of the world's biggest software company.

    The brief encounter made a lasting impression on Kaminsky. "I was like, 'Who was that guy?'" he said.
  14. Re:Can We Get Firefox Developers To Do This, Too? by Tim+C · · Score: 2, Informative

    - case insensitive but case-preserving filesystem (ambiguities in filenames)

    How so? You can't create (for example) readme, README and ReAdMe all in the same directory on Windows, so you can't cause ambiguity like that.

    - writeable windows\system and other writeable directories. ACLs are nice, but you do have to set sensible defaults..

    Normal users don't have write access to the Windows of Program Files directories. Now, you can argue that MS hasn't exactly made it easy for people to run as normal users, but that's only partly true. NT has had ACLs from the beginning, and was released towards the tail end of the 90s - developers have had what, a decade to get used to the idea of user permissions on Windows? Even only counting from the release of XP, they've had 3 years or so. Yes, user-based security on Win 9x was non-exsitant, but come on.

    --
    It's official. Most of you are morons.