Slashdot Mirror


Word Vulnerability Compromised US State Dept.

hf256 writes "Apparently hackers using an undisclosed (at the time) vulnerability compromised the State Departments network using a Word document sent as an email attachment. Investigators found multiple instances of infection, informed Microsoft, then had to sever internet connectivity to avoid leaking too much data!"

5 of 207 comments (clear)

  1. Scary by nicolas.kassis · · Score: 5, Insightful

    The fact that a simple Word document can cause such a big problem is really sad. How can you tell a few thousand of people not to open word document attachment? I mean, where I work, users receive tons of documents (pdf, office, autocad) files by email from vendors and such, I guess the only defense is good email filtering but still a 0-day attack would make that useless.

    1. Re:Scary by mrbluze · · Score: 5, Insightful

      The fact that a simple Word document can cause such a big problem is really sad. How can you tell a few thousand of people not to open word document attachment?

      Of course this is a popular article because it's more evidence of how Microsoft's 'professional' products are so amateurish, but you're right, you can't tell thousands of people not to open an attachment.

      The root of the problem doesn't lie in Word documents, or Word for Windows. The problem lies in Windows, period. The operating system is practically incapable of separating important and sensitive data from junk-mail and untrusted documents from the outside. In such a place as the State Department, it's scandalous.

      Whilst hypothetically, Linux is also vulnerable (eg: through some flaw in Open Office), a properly configured system could protect itself without needing to rely on the end user to manually screen every bit of junk they come across. Sure there would potentially have been some corruption of data, maybe some low level leakage, but really, this all points to a hopelessly overcomplicated and poorly designed OS. Naughty Bill!

      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
  2. Only fooling themselves by drago177 · · Score: 5, Insightful

    At first, the hackers did not immediately appear to try stealing any U.S. government data. Authorities quietly monitored the hackers' activity, then tripwires severed Internet connections

    If you find evidence of a break-in, its possible the attackers are also connecting in a way you haven't yet detected. Hope they know what they're doing. Given their reputation, I doubt it.

  3. Re:Great news for open formats by boer · · Score: 5, Insightful

    > With open software, you can look at the source code and see exactly what it does

    I though even the OS community had realised by now how ridiculous this argument is. World economy would in effect come to a halt if every company and public office started to scan source codes for potential vulnerabilities. This is hardly a selling argument and being a wise-ass about it has never helped the OS movement.

    Having a goal of zero vulnerabilities is such complex software as an office suite is strikes as feasible only to an ideologist nerd. In practise there will always be vulnerabilities as long as human beings will be responsible for the design and programming. And having gazillions of eyes searching through the source code presumably on the company dollar is not effective way to remove those faults.

    --
    (This sig intentionally left blank)
  4. Re:Great news for open formats by mattpalmer1086 · · Score: 5, Insightful

    Parent is making a valid point, and is not a troll, whoever modded them that way. The 'more eyes' argument doesn't really work for me either. I use open source software all the time, and I rarely have a look at the source code, and even less frequently take the trouble to understand even a small part of it.

    What does work for me with open source is that the nature of open, distributed development tends to promote code modularity, which helps keep those defect counts down. And the fact that code is publicly available exerts an influence on developers to publish code they aren't be ashamed of (unlike what happens in proprietary software development with tight deadlines set by the sales team making unrealistic promises to clients - I have been there).

    However, there is a real distinction between defect-free software (probably does not exist) and software that intentionally includes back-doors. With open-source, you can have more confidence that there is no back door, spy-ware, or anything else that shouldn't be part of the application. But it certainly doesn't mean the software will be defect free.