Slashdot Mirror

← Back to Stories (view on slashdot.org)

WMF Vulnerability is an Intentional Backdoor?

Posted by Zonk on from the take-with-a-grain-of-salt dept.

An anonymous reader writes "Steve Gibson alleges that the WMF vulnerability in Windows was neither a bug, nor a feature designed without security in mind, but was actually an intentionally placed backdoor. In a more detailed explanation, Gibson explains that the way SetAbortProc works in metafiles does not bear even the slightest resemblance to the way it works when used by a program while printing. Based on the information presented, it really does look like an intentional backdoor." There's a transcript available of the 'Security Now!' podcast where Gibson discusses this.

18 of 788 comments (clear)

  1. You can't Hack My Gibson by Anonymous Coward · · Score: 1, Funny

    You can't Hack My Gibson.

  2. NSA by Anonymous Coward · · Score: 5, Funny

    Well, how else is the NSA going to fight terrorism?

  3. Re:Another? by dr_dank · · Score: 4, Funny

    How about a link to information on the "other" intentional back doors that exist?

    *looks at clipboard*

    Ok Goatse linkers, thats your cue.

    --
    Where does the school board find them and why do they keep sending them to ME?
  4. obligatory Hackers quote by Anonymous Coward · · Score: 1, Funny

    "Hack the Gibson!"

  5. As Eddie Deezen would say... by east+coast · · Score: 2, Funny

    I can't believe it, Jim. That girl's standing over there listening and you're telling him about our back doors?

    You guys are so dumb, I'd go straight through Falken's Maze.

    I just hope David Lightman isn't reading this... we'd only have a few days until it was all over for us...

    --
    Dedicated Cthulhu Cultist since 4523 BC.
  6. Re:Length==1 by DaveCar · · Score: 2, Funny

    That seems like design

    Intelligent Design?

  7. Re:Another? by gbobeck · · Score: 3, Funny
    How about a link to information on the "other" intentional back doors that exist?


    Sure fine... Behold the Power of Google!

    Have Fun.
    --
    Navicula hydraulica plena anguilarum est. Omnes castelli tuus nostri sunt. Ed elli avea del cul fatto trombetta.
  8. Back door flaw? by digitaldc · · Score: 3, Funny

    If it is intentional, I don't see how it possibly got past the Microsoft Security Engineers.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  9. Re:Length==1 by BandwidthHog · · Score: 3, Funny

    To trigger the exploit, the length must be set to 1. Not 2, 3, 0, or some other equally invalid value, but only the value "1".

    And the counting of the length shall be ONE!

    Sorry, couldn’t resist.

    --

    Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?
  10. Backdoor Holes by RequiemX · · Score: 3, Funny

    Most backdoor hole problems can be patched with the application (of) Preperation H.

  11. When does Microsoft fix the exploit where... by blair1q · · Score: 2, Funny

    posting a URL on /. causes the server to crash?

  12. Right... by WiseWeasel · · Score: 2, Funny

    Yeah, right... trust the Chinese government to uphold our privacy rights. Anyone who runs Red Flag Linux voluntarily should have their head examined. I think Gentoo might be a safe bet...

    --
    "I like systems, their application excepted", George Sand (French)
  13. Re:Another? by lgw · · Score: 5, Funny

    You mean the urban legend about an NSA backdoor? There was *never* any evidence of a backdoor, only a registry key named "NSAKEY" and a bunch of paranoid fantasy. Because, you know, if the NSA did have a secret backdoor, they'd make sure is was called NSAKEY, in case they forgot where it was, or something.

    --
    Socialism: a lie told by totalitarians and believed by fools.
  14. Re:I would not be suprised at all. by QuietLagoon · · Score: 5, Funny
    The only sites that all windows machines access on a regular basis are Microsoft's.

    I presume you are willing to show the details of your extensive research that determined this factoid....

  15. Re:Another? by Anonymous Coward · · Score: 1, Funny

    Something like this?

    (=()=)
  16. Here's why by Anonymous Coward · · Score: 1, Funny

    I work at Microsoft, and know for a fact the exploit was put in for the purpose of determining who looks at illegal pr0n on Usenet. Ever wonder why the government dropped all the lawsuits against us? This kind of behind-the-scenes cooperation with the federal government is why.

  17. Waif by djdavetrouble · · Score: 3, Funny

    where you waif that right.

    I really think kate moss doesn't have anything to do with this, despite the recent press tizzy.

    --
    music lover since 1969
  18. Malice by uncle+mole · · Score: 2, Funny

    Never ascribe to malice that which is adequately explained by incompetence. Napoleon Bonaparte

    --
    better is the enemy of good