Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Insecurity of Security Software

Posted by Zonk on from the save-me-from-myself dept.

H316 writes "BusinessWeek is reporting that, despite a number of software products meant to safeguard Windows PCs from harm, a rising number of them endanger their hosts because of poor design and flaws. From the article: 'A new Yankee Group report, to be released June 20, shows the number of vulnerabilities found in security products increasing sharply for the third straight year -- and for the first time surpassing those found in all Microsoft products.'"

1 of 264 comments (clear)

  1. windows by Anonymous Coward · · Score: 5, Informative

    Windows seems to be responsible for that 40 million credit card breach:

    posted originally at groklaw:

    All of the marketing hype in the world cannot make Micro$oft a better system
    http://finance.messages.yahoo.com/bbs?action=m&boa rd=1600684464&tid=cald
    &sid=1600684464&mid=274625
    A Tucson Arizona credit card processor has been implicated in a security breach
    which resulted in fraudlent charges and the exposure of 40 MM accounts.
    CardSystems Solutions has helpfully posted a Computer Operator job listing. This
    makes it clear that the system breached was running M$ OS.
    www.cardsystems.com/careers/ComputerOperator_ 0410. pdf
    A seperate database developer job posting has a VBScript experience requirement,
    leading to the presumption that VBScripts were at the heart of the card
    processors data management.
    A quality assurance job posting required experience in Windows NT and Windows
    2000. Using these obsolete systems was part of the innovative "security
    through obscurity" policy of the part of the card processors.
    http://toolbar.netcraft.com/netblock?q=UU-63-83-95 ,63.83.95.0,63.83.95.255
    3330975
    www.cardsystems.com
    CardSystems Solutions, Inc., 6390 East Broadway, Tucson, 85710, United
    States April 1997
    Microsoft-IIS/5.0 Windows 2000

    Mastercard is running Apache on Solaris
    http://toolbar.netcraft.com/site_report?url=http:/ /mastercard.com
    Mastercard International
    2200 MasterCard Blvd OFallon MO US 63366
    Solaris 8 Apache/1.3.27 Unix mod_ssl/2.8.12 OpenSSL/0.9.7
    mod_perl/1.27 29-Jul-2003

    Was Mastercard to blame running a decent OS
    Or was CardSystems to blame for running Micro$oft crapware.