Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Microsoft Admits Flaws in "E-Wallet" [Windows XP, Passport, Online Security]
Newsday ^ | 11/3/01

Posted on 11/03/2001 3:25:22 AM PST by 11th Earl of Mar

Edited on 09/03/2002 4:49:30 AM PDT by Jim Robinson. [history]

WASHINGTON -- Microsoft Corp. is making repairs after acknowledging that its "Passport" technology for safeguarding purchases on the Internet has a serious design flaw that might have allowed hackers to steal credit card numbers and personal information.

Microsoft said 2 million customers use the vulnerable "e-wallet" feature of Passport, and there was no evidence of actual theft. The company temporarily shut down access to virtual wallets Wednesday, inconveniencing buyers at roughly 70 e-commerce Web sites that support the technology, called "Express Purchase."


(Excerpt) Read more at newsday.com ...


TOPICS: Front Page News; News/Current Events
KEYWORDS:
Navigation: use the links below to view more comments.
first 1-2021-4041-56 next last
Sounds like Microsoft is taking a page from the Clinton spin machine- Release embarassing information on Friday night, after the evening news.
1 posted on 11/03/2001 3:25:22 AM PST by 11th Earl of Mar
[ Post Reply | Private Reply | View Replies]

To: CheneyChick; Bush2000; Sabertooth; Victoria Delsoul; ThinkDifferent
"It's an identity thief's dream come true to be able to grab the online credentials of someone simply by sending the victim an e-mail," said Jason Catlett, head of Junkbusters Corp., a New Jersey-based privacy organization.


OK Mr. Microsoft, what is the official Microsloth Marketing Department Response??

You may have to check your fax machine, to make sure you have the latest prevarication message.

2 posted on 11/03/2001 3:47:01 AM PST by gratefulwharffratt
[ Post Reply | Private Reply | To 1 | View Replies]

To: 11th Earl of Mar; *tech_index
There's a writeup on SlashDot with a pointer to this article on WIRED.

Is anyone really surprised by this?

3 posted on 11/03/2001 3:50:20 AM PST by TechJunkYard
[ Post Reply | Private Reply | To 1 | View Replies]

To: TechJunkYard
Here's Slemko's paper if you're interested.
4 posted on 11/03/2001 3:59:54 AM PST by TechJunkYard
[ Post Reply | Private Reply | To 3 | View Replies]

To: TechJunkYard
Is anyone really surprised by this?

LOL. I was avoiding signing up for passport, but did so yesterday to get into MSDN. They only have my email address..

5 posted on 11/03/2001 4:32:50 AM PST by EVO X
[ Post Reply | Private Reply | To 3 | View Replies]

To: TechJunkYard; blackbirtch
Is anyone really surprised by this?

No, not me.

Unless there is some ironclad guarantee of no liability, why would anyone in their right mind use this "service" considering the risk it imposes and the minor convenience ir promises? And then there's MS's recent slew of security snafus.

At least with a credit card (unlike a debit card) there's a $50 maximum on liability. It was deemed worthwhile by the credit card companies and the government to set this up because it furthers commerce. The users get convenience with limited risk, while merchants get more sales, and the credit card companies rack up fees and interest.

Without a similar protection, there's no incentive to upload all of your info. In a way, your risk is even greater, because you don't even know when its been stolen until the bills show up. At least with plastic, when you lose your wallet, you might notice.

6 posted on 11/03/2001 5:54:31 AM PST by Pearls Before Swine
[ Post Reply | Private Reply | To 3 | View Replies]

To: 11th Earl of Mar
Passport users could entrust Microsoft or another company to hold their personal information -- such as credit card numbers or medical records -- and make it available whenever needed.........SNIP

.....Microsoft responded that its Passport technology allows consumers to store their sensitive records with other organizations they trust, not just Microsoft.

I'm sorry, but anyone who follows this premise is a complete fool..

7 posted on 11/03/2001 6:29:07 AM PST by Dallas
[ Post Reply | Private Reply | To 1 | View Replies]

To: TechJunkYard
And it only took him '30 minutes' of thinking how to get around the Passport security. Imagine if he put an hour into it!
Oh and I love the MS statement on it that it couldn't be done by accident and required malicious intent (like all their security problems). That's like a door lock manufacturer saying that their lock is absolutely safe. Well except for people that want to get in.
8 posted on 11/03/2001 6:49:05 AM PST by lelio
[ Post Reply | Private Reply | To 4 | View Replies]

To: gratefulwharffratt
It will be interesting to see the WindozeXPusing, BlackHelicopterHating FReeper crowd will have to say about this....
9 posted on 11/03/2001 8:19:50 AM PST by CheneyChick
[ Post Reply | Private Reply | To 2 | View Replies]

To: 11th Earl of Mar
The thing that gets me about Microsoft is that they have unbelievable recourses to make great
software but always seem to really push the duds out.

Case in point Microsoft Office. Is there one person on the face of this earth that likes that stupid
paperclip guy? Every one I know hates and despises it. You can't turn it off quick enough. At the
same time, Word and Excel are great products. A testament to that is how little they have
changed over time.

This E-Wallet idea has great merit but now that the cat is out of the bag about this flaw who
is going to trust it?

Microsoft needs to slow down, do a better job of finding out what the public wants, and make
its implementation rock solid.

They are starting to be distrusted in the consumer market and that will soon trickle in to
the enterprise market.

They can't shut out every single competitor simultaneously anymore. Even they don't have the
resources for that.

Instead they need to just concentrate on making good products and let the costumer decide what to buy.

10 posted on 11/03/2001 8:39:47 AM PST by avg_freeper
[ Post Reply | Private Reply | To 1 | View Replies]

To: avg_freeper
and let the costumer decide what to buy

they can also let the customer decide what to buy too.

Not that I have anything against costumers.

11 posted on 11/03/2001 8:43:22 AM PST by avg_freeper
[ Post Reply | Private Reply | To 10 | View Replies]

To: CheneyChick
FReeper crowd will have to say about this


Do you have any doubts??

After wiping the MS flavored Kool-aid off their chins, they will commence to letting out a vociferous, indignant scream, lead by our friend, the Head Syncophant.

That will surely be followed immediately with ad hominem attacks against the Mac OS, and Linux.

Last but not least they will then reach around and pat each other on the backs for having 'put us in our place.'

Yawn...

12 posted on 11/03/2001 8:51:54 AM PST by gratefulwharffratt
[ Post Reply | Private Reply | To 9 | View Replies]

To: gratefulwharffratt
lead = led
13 posted on 11/03/2001 8:55:29 AM PST by gratefulwharffratt
[ Post Reply | Private Reply | To 12 | View Replies]

To: gratefulwharffratt
OK Mr. Microsoft, what is the official Microsloth Marketing Department Response??

Why don't you roll over to the Microsoft site and read for yourself, troll. That is, if you can.
14 posted on 11/03/2001 9:09:55 AM PST by Bush2000
[ Post Reply | Private Reply | To 2 | View Replies]

To: Bush2000; CheneyChick
and read for yourself, troll. That is, if you can.


CheneyChick, I am sorry. I left out part of the second step above.

Instead of:

"That will surely be followed immediately with ad hominem attacks against the Mac OS, and Linux."

It SHOULD read:

"That will surely be followed immediately with ad hominem attacks against the Mac OS, and Linux, AND ANYBODY THAT USES THEM."

15 posted on 11/03/2001 9:19:26 AM PST by gratefulwharffratt
[ Post Reply | Private Reply | To 14 | View Replies]

To: Bush2000
Why don't you roll over to the Microsoft site and read for yourself, troll. That is, if you can.


Will they let people using Netscape access their web-site???

Oh wait a minute, it was only MSN that wouldn't let non-IE browsers access their content. Now I remember.

16 posted on 11/03/2001 9:27:45 AM PST by gratefulwharffratt
[ Post Reply | Private Reply | To 14 | View Replies]

To: avg_freeper
Not that I have anything against costumers.

Yes. What would theater and Halloween be without them? Yikes...

17 posted on 11/03/2001 9:32:11 AM PST by CheneyChick
[ Post Reply | Private Reply | To 11 | View Replies]

To: gratefulwharffratt; Sabertooth; ThinkDifferent; bwteim; cmsgop; jimtorr; Mr. Thorne; sirgawain...
BTW, did you see that iTunes 2 is available for free download today? Some neat new stuff! Cheers, CC :)
18 posted on 11/03/2001 9:44:14 AM PST by CheneyChick
[ Post Reply | Private Reply | To 16 | View Replies]

To: CheneyChick
iTunes 2 is available for free download today?


Really?? Great news!

I will just have to click the 'home' button here in the Netscape browser on my PowerCenter Pro 180(That is right folks a VERY useable 6 year old 180 mhz machine running OS 9), and send a few packets out through my Linux based IP Chains/NAT server via DSL, and download it.

Thanks for the heads up.

You know, the only thing missing from the set-up I described above, is ANY faulty MS code. OS or otherwise. Hmmmm.

How is that possble??? You mean it IS possible to completely do away with MS?? I hope the world doesn't find out about this, it could change everything.

:-)

19 posted on 11/03/2001 10:03:09 AM PST by gratefulwharffratt
[ Post Reply | Private Reply | To 18 | View Replies]

To: gratefulwharffratt
You are funny!
20 posted on 11/03/2001 10:10:57 AM PST by CheneyChick
[ Post Reply | Private Reply | To 19 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-56 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson