Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : How high will Microsoft fly? -- Ignore unavailable to you. Want to Upgrade?

To: RTev who wrote (28900)	8/30/1999 5:41:00 PM
From: Mitch Blevins	Respond to of 74651

>>Read the comments to this story and you'll see that it does present a more general PR problem.<< True. The problem was not the fault of the underlying OS, which was BSD or Solaris, but the layman may read the story and attribute the lack of security to WinNT simply because MSFT owns the site. Many are also blaming the new Microsoft Passport(R) feature for the security hole, but that is also wrong. It was simply a programming mistake by some over-worked web designer. It was a big, stupid mistake on a high-volume site, but still just a mistake and not the result of some underlying security design flaw. Unfortunately (or fortunatly, depending on your trading positions), it will be seen by many as a bad reflection on MSFT in general, especially when coupled with the other security blunders that have happened recently. The only fault I can find with MSFTs actions was their slowness to take the site down to plug the hole. The exploit was published on many high-traffic news sites for several hours (including CNN) before Microsoft shutdown the site. This gave practically anybody on the Net access to anybody elses hotmail account during that time. Just by randomly polling accounts, I was able to turn up several username/passwords to other sites that require registration, including a trading account. I have little doubt that many people had important information compromised. -Mitch

To: RTev who wrote (28900)	8/31/1999 9:22:00 AM
From: Jill	Read Replies (1) \| Respond to of 74651

Speaking of security breaches, was discussing the Hotmail problem w/ a friend last night, and he is an accountant who had hired a young guy to help him out during tax season; the guy turned out to be a hacker who was annoyed at a woman. The hacker sent her a Trojan w/ Back Orifice in it; she didn't know; it got onto her computer; he had a cable modem that was always on, and notified him when she got onto her computer; he jumped up and went to his computer, did whatever was necessary (I don't know a lot about Back Orifice) and then went through her entire computer. My friend was there at the time and said he asked, "What are you going to do, wipe out her hard drive?" The hacker laughed and said, "That would be too simple." My friend found this perturbing to say the least. My friend advised me to continually update my OS via Microsoft's website, for possible security breaches. I also went onto the web to research Back Orifice, as one can protect against it (though I don't know what happens if you have WIndows 2000). It's clear that although this Hotmail breach was widespread and provides bad PR, that security is a huge issue--I mean, after all, the Fed is going to have the right to monitor all computers and cellphones etc-- There is a program called AtGuard which I use, it cost $30 to purchase, and blocks cookies, ads, and one can create one's own firewalls. If you don't selectively block cookies, there will be a traceable trail of everywhere you've gone on the web. Sites use it for marketing pruposes and who knows what else. When I went onto the new SI it wouldn't work, and I finally figured out it was because I had my cookies blocked. The new SI therefore won't function unless you enable cookies, which means they can keep track of the various threads/pages you use.