Hackers, software companies feud over disclosure of weaknesses

Tuesday, 15 July 2003, 7:26 AM EST

As Muhammad Faisal Rauf Danka recalls it, he tried 10 times to call a software maker about a devastating security flaw in one of its most popular programs.

"It is so simple it is funny," the Pakistani researcher says. But nothing happened. Then he took his findings to a global audience — a worldwide mailing list devoted to exposing and exploring software bugs.

Vindication came swiftly: Within days, Microsoft acknowledged that 200 million of its Passport accounts had been left open, apparently for months, allowing the easy hijacking of credit-card and other personal data. The company shut down the Passport system and fixed the hole.

To some, Danka is a hero for publicly prodding a big company into swiftly correcting an error. But to Microsoft, he is an "information anarchist" who makes it easier for malicious hackers to inflict havoc on the masses.

[ Read more ]

Related items




Spotlight

The big picture of protecting and securing Big Data

Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Aug 28th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //