Feeds

back to article Microsoft Twitter accounts, blog hijacked by SEA

Microsoft had two Twitter accounts and an official blog compromised over the weekend in another embarrassing security incident for the Redmond giant. Attackers claiming to belong to pro-Assad group the Syrian Electronic Army (SEA) managed to crack the @MSFTnews and @XboxSupport accounts on Saturday and post various messages hash …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Amazing

American companies with their shoddy products & back doors have becoming a major source of "emba"rass"ment " & liability to their software industry.

Tip... hire the SEA,,,, or the Chinese,,,, or the Russians to secure your crap Microsoft & Twitter & Face Book but just know they will put a backdoor. After all, what good is your software or hard/firmware without a backdoor? Are you all not seriously ashamed of yourselves? No little pride? WOW!!!!!

If you all don't start to take this serious the day will come when your enemy will be able to take out your president while he/she is being transported & the limo or air force 1 gets hacked & ,,, well you can use your imagination, I need not say anymore.

4
4
Bronze badge

So let me get this straight... Security of Skype and twitter directly affects the security of the American president?

Stop sniffing glue and go to school.

5
3

This post has been deleted by its author

Anonymous Coward

sniffing glue

No,,, just the concept of Americans not being able to see the potential dangers & the damage that can be done by leaving cheesy back doors in products.

Maybe you need to sniff some glue & use a little more commonsense to get enlightened.

If you want I can send you some of my glue

6
3
Bronze badge

Re: sniffing glue

"If you want I can send you some of my glue"

I find paint easier to get hold of in larger quantities and you are not asked so many questions if you go through a lot of it.

I think that the proportion of Americans who realise the dangers of backdoors placed in a product is probably the same as any other nation, eg fairly poor over the whole population. I would assume that if you ask the man in the street whether they want a security hole in the online service they use they would probably say no. The thing is that backdoors are generally not known and not usually advertised (Back Orifice anyone?)

The issues are:

Lazy coders

Bugs.

Backdoors created for testing unintentionally left in. (See first point)

Malicious coders.

Mandated back doors, whether company or Government based.

Bugs in code related to, but not written for, the system in question.

Systems the system in question relies on but has no control over.

And the most common: Poor system design with respects to security.

Probably a lot more but I have yet to drink coffee. I think that the Americans are aware of security, hence the NSA and their greedy, pilfering persona shown naked, and the ironic attempting banning of China owned companies from being allowed into governmental facilities.

My point I was, far too subtly, making in my first response was the great big general sweeping generalisation you made that linked MS having their twitter and blog accounts hijacked/hacked and linking that to Presidenticide.

MS are *just* a company. They are no better than any other company as regards security in house, it seems, sadly. (btw, I assume the the Twitter account was hijacked (and the blog maybe) by the password being gleaned/reset as opposed to a back door which you suggested? If you know better then please tell the Reg as there would be a lot interest in the article!)

1
1
Anonymous Coward

Re: sniffing glue

You have just validated my point in so many ways its not funny..

As long as you leave a door unlocked someone will get in.

Even when just locked people can get in.

An honest person might not try the door but how many potential thieves/hackers are out there?

You better quit since you had no coffee yet. After do a little research on SEA, GCHQ & many of the USA's & Isreal's criminals & you will see. Remember stuxnet?

That was created to wreck havoc on Iran's nuclear system.

It does not take too much to do a lot of damage if you are so inclined. It would make it a whole lot better if American companies did not act so carelessly & make it easier for their enemies.

1
1
Silver badge

Re: sniffing glue

Did my research and as far as I can see the SEA,tend to do little more than deface pretty basic stuff, to pretty standard web facing server, so it's a bit like spraying graffiti on a wall of a bank as opposed to going in and cleaning the place out.

Hardly causing havoc is it?

Serious full on hackers? Publicity whore is probably a closer discription

0
0

As stated by m0rt, it is probably more likely that the compromised accounts had poor passwords (p@ssw0rd1, mic0s0ft1, etc) and it has nothing to do with the quality of the products per se. Unfortunately, you can create the most secure system in the world but if it is password protected, simple human laziness will defeat you every time unless you have a decent blacklist of rubbish passwords.

I'm not defending allowing poor passwords of course, but it's important to note that the people setting these passwords are probably marketing people who have post-it notes on their monitors with all their passwords, as opposed to the people writing the software itself.

The various court orders and secrecy agreements Microsoft and others are forced to abide by don't offer them any remuneration for data they provide. Again, this doesn't make it okay, but it's important to draw the distinction between being legally forced to hand data over to a government agency and willingly selling it. These two things are not the same.

0
1
Bronze badge

>The various court orders and secrecy agreements Microsoft and others are forced to abide by don't offer them any remuneration for data they provide.

The point is there were/are no court orders ... NSA simply siphons the data - did you not read the article about the NSA catalog ? Apparently, Microsoft is also known to always offer a helping hand, again, without court orders, to hand other any data that the agencies want and that has managed to get through the dragnet.

Then again, all this has nothing to do with the article which should have had the title: "Window cleaners lack the intellect for strong passwords"

2
0

Whose side are they on?

What's going on here? Security advice from the Syrian Electronic Army...these guys are clearly dedicated to public service

0
0
Anonymous Coward

SEA are the best! suddenly.

Upvote if you think the SEA are just the finest hackers nobody knew about

Downvote if you think it may be a false flag designed to justify war.

0
0
Anonymous Coward

Re: SEA are the best! suddenly.

If they are really a false flag operation, then they'd need to up their game well beyond script kiddie Twitter account hijackings to produce a reaction, surely. And if they're for real, well their overall effectiveness is about as good as "La Résistance" from South Park:

"We should prank call a bunch of policemen and have pizzas sent to them that they didn't order... Viva La Résistance!"

2
0

Yet Microsoft have the...

Audacity to claim, at Microsoft we value your privacy. Complete and utter hypocrites

1
2
Gold badge

LastPass Enterprise. FFS, Microsoft, the solution is COTS!

0
0
This topic is closed for new posts.