Microsoft accused of placing metafile backdoor in Windows

Discussion in 'other security issues & news' started by Mele20, Jan 13, 2006.

Thread Status:
Not open for further replies.
  1. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Steve Gibson has just accused Microsoft of deliberately back dooring Windows from 2000 on and trying to cover this up with the recent WMF "patch" which is actually not a patch but removes the backdoor. The WMF "vulnerability" was the path to the backdoor. When someone discovered this, Microsoft tried to cover it up by "fixing" the vulnerability. He also says the the real reason Microsoft did not patch 98/ME/NT is because the backdoor was not placed until W2000.

    Listen to the full podcast before drawing conclusions. He also states that his research is not finished, but should be by next Thursday, and that there is the possibility he will come back to the next podcast with his tail between his legs, however, at this point he is sure enough of his research findings to make this very serious public accusation. He also states that there is, at present, no way to know (and may never be) if this backdoor was placed by a rogue programmer at MS (or group of programmers) or with the full knowledge and assent of Microsoft itself. Microsoft has been invited to come on the next show to present its side of the story. Steve Gibson has been accused of being flamboyant and too desirous of attention and while that may be some what true, I do not believe that he makes frivolous accusations in order to grab the spotlight. I actually hope that he is proved wrong on this by others or that his further research shows that he has drawn a too hasty conclusion. Because if true the implications are quite frightening.

    http://www.grc.com/securitynow.htm
     
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    I can hardly wait!...."Until next Thursday"
     
  3. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i listened to the podcast earlier and it's really good. i think they knew about it because they said from the very start they wouldn't be patching old PCs. that could be becuase they don't really support them or because MS knew old PC didn't have the vulnerable metafile.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Microsoft Disputes WMF Backdoor Claim

    Article and links
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Kewl....I was going to be busy next Thur anyway. Perhaps it's not potentially SO Important as some have made it out to be and Alcoa stock want be going up after all o_O
     
  6. erwewwe

    erwewwe Guest

  7. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    It's not just that section, the whole site does not load for me.... ShieldsUp! nada.

    www.grc.com a no go also...

    So I don't think it's because of the MS statement. :cautious:

    TAS
     
  8. eyes-open

    eyes-open Registered Member

    Joined:
    May 13, 2005
    Posts:
    721
    The Link http://www.grc.com/securitynow.htm works fine -

    The following options are available at that link:-

    Download "KnockKnock" – our backdoor tester (24 kb)
    Download a high quality MP3 audio file 19 MB
    Download a smaller MP3 audio file 4.8 MB
    View any supplementary notes 4.1 KB
    View text transcript as web page 63 KB
    Download a text format transcript 37 KB
    Download PDF format transcript 54 KB
     
  9. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    DDoS attack againt GRC.com and for a moment in time the BBR\DSLreport site was being used as a reflector of this traffic.

     
  10. dog

    dog Guest

    Guest Rickx;

    If you wish to make slanderous statements against Steve you will need to qualify them, otherwise they will be removed without notice from this point forward. There isn't any point in making baseless comments like these - your two posts have been taken offline.

    Regards;

    Steve
     
  11. westinghouse

    westinghouse Guest

    What I find strange is that there seem to be so many people flat out rejecting even the possibility that M$ could be in cahoots with homeland security and purposefully left the WMF flaw in place for them to use as a backdoor.

    Every other US business has to bow down to their will, so why not Micro$oft? Aren't they based in the US too? And with the way the US government has been behaving as of late, spying on everyone without any warrants, I wouldn't doubt it myself, and I wouldn't doubt there may be other as of yet undiscovered backdoors as well. I think it's time to explore other OSes like Linux IMHO, at least that's what I'll be doing. :)
     
  12. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,526
    Location:
    USA - Back in a real State in time for a real Pres
    Has anybody traced a log of traffic stemming from this vunerability? Where's it go, what's it taking, etc?:ninja:
     
  13. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Setting aside the widely varying degrees of paranoia that posters to this thread display, and setting aside the question of whether Steve Gibson is right or wrong in his suspicions, I have to observe that, so far, Steve Gibson has succeeded only in illustrating a complete lack of ethics and professionalism.

    *If* he was to obtain evidence that MS intentionally coded the WMF vulnerability to be exploitable (by themselves or others) - and he has as yet presented no such evidence - then the time at which to present this would be after he has actually obtained the evidence. Instead, he decided to publicise his suspicions (for that is all they are) without supporting evidence and - as he himself has freely admitted - well in advance of him even completing his own 'investigations'.

    Fuelling people's paranoia is hardly a responsible practice.

    Having 'egg on his face' may turn out to be the least of his worries when all this is over. If his claims turn out to be unprovable and MS decide to come down hard on him, it would be difficult to extend him any sympathy.
     
  14. eyes-open

    eyes-open Registered Member

    Joined:
    May 13, 2005
    Posts:
    721
  15. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    True enough.:D
     
  16. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I have to agree with that. Personally, if I were in that position, I would be very very very careful about how I presented this. I think that this point is also partially responsible for the reaction that the claim is bogus.. he almost makes it seem like the claim is being made lightly, despite his notes to the contrary. I have to (sadly) agree with westinghouse in that it's entirely plausible that Gibson is correct, but how he chose to present it just doesn't sit well.. at least for me, it made it easier to dismiss.
     
  17. dog

    dog Guest

    A few Off Topic posts have been removed from this thread. Let's please remain on the topic of the so-called 'metafile backdoor' and not spin this thread off into other directions/topics.

    Thanks for your co-operation and understanding;

    Steve
     
  18. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Mark Russinovich of SysInternals has published a typically competent analysis of the flaw, an analysis which rather undermines the credibility of Steve Gibson. You can read Mark's analysis here: http://www.sysinternals.com/Blog/. People like Mr. Gibson do no-one any favours, not least themselves, when they make unprovable claims based on patently poor analysis.

    While MS are clearly no angels, fuelling the overly paranoid and the consiparcy theorists in the apparent pursuit of fame is not the way to go. I wonder how magnanimous MS are feeling just now...
     
  19. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I agree completely.


    Again, if I were in his position, I would have left the facts as they were, and not tried to add any speculation about intentions. The more I go over that last podcast of his, the more convoluted it all seems. I dunno, I think Gibson just dealt a pretty heafty blow to his own credibility.. it's going to be hard to take any more of his announcements seriously at this point. He should have simply collected the facts and tried to bring them down to a level that everyone could understand, that would have given him a more positive boost than what he's left with now.. albeit less sensational. Russinovich's findings also leave a lot of question about the quality of Gibson's new tool "Mouse Trap".
     
Loading...
Thread Status:
Not open for further replies.