Microsoft Twitter accounts, blog hijacked by SEA Microsoft had two Twitter accounts and an official blog compromised over the weekend in another embarrassing security incident for the Redmond giant. Attackers claiming to belong to pro-Assad group the Syrian Electronic Army (SEA) managed to crack the @MSFTnews and @XboxSupport accounts on Saturday and post various messages …
This post has been deleted by its author
This post has been deleted by its author
This post has been deleted by its author
"If you want I can send you some of my glue"
I find paint easier to get hold of in larger quantities and you are not asked so many questions if you go through a lot of it.
I think that the proportion of Americans who realise the dangers of backdoors placed in a product is probably the same as any other nation, eg fairly poor over the whole population. I would assume that if you ask the man in the street whether they want a security hole in the online service they use they would probably say no. The thing is that backdoors are generally not known and not usually advertised (Back Orifice anyone?)
The issues are:
Lazy coders
Bugs.
Backdoors created for testing unintentionally left in. (See first point)
Malicious coders.
Mandated back doors, whether company or Government based.
Bugs in code related to, but not written for, the system in question.
Systems the system in question relies on but has no control over.
And the most common: Poor system design with respects to security.
Probably a lot more but I have yet to drink coffee. I think that the Americans are aware of security, hence the NSA and their greedy, pilfering persona shown naked, and the ironic attempting banning of China owned companies from being allowed into governmental facilities.
My point I was, far too subtly, making in my first response was the great big general sweeping generalisation you made that linked MS having their twitter and blog accounts hijacked/hacked and linking that to Presidenticide.
MS are *just* a company. They are no better than any other company as regards security in house, it seems, sadly. (btw, I assume the the Twitter account was hijacked (and the blog maybe) by the password being gleaned/reset as opposed to a back door which you suggested? If you know better then please tell the Reg as there would be a lot interest in the article!)
This post has been deleted by its author
Did my research and as far as I can see the SEA,tend to do little more than deface pretty basic stuff, to pretty standard web facing server, so it's a bit like spraying graffiti on a wall of a bank as opposed to going in and cleaning the place out.
Hardly causing havoc is it?
Serious full on hackers? Publicity whore is probably a closer discription
As stated by m0rt, it is probably more likely that the compromised accounts had poor passwords (p@ssw0rd1, mic0s0ft1, etc) and it has nothing to do with the quality of the products per se. Unfortunately, you can create the most secure system in the world but if it is password protected, simple human laziness will defeat you every time unless you have a decent blacklist of rubbish passwords.
I'm not defending allowing poor passwords of course, but it's important to note that the people setting these passwords are probably marketing people who have post-it notes on their monitors with all their passwords, as opposed to the people writing the software itself.
The various court orders and secrecy agreements Microsoft and others are forced to abide by don't offer them any remuneration for data they provide. Again, this doesn't make it okay, but it's important to draw the distinction between being legally forced to hand data over to a government agency and willingly selling it. These two things are not the same.
>The various court orders and secrecy agreements Microsoft and others are forced to abide by don't offer them any remuneration for data they provide.
The point is there were/are no court orders ... NSA simply siphons the data - did you not read the article about the NSA catalog ? Apparently, Microsoft is also known to always offer a helping hand, again, without court orders, to hand other any data that the agencies want and that has managed to get through the dragnet.
Then again, all this has nothing to do with the article which should have had the title: "Window cleaners lack the intellect for strong passwords"
If they are really a false flag operation, then they'd need to up their game well beyond script kiddie Twitter account hijackings to produce a reaction, surely. And if they're for real, well their overall effectiveness is about as good as "La Résistance" from South Park:
"We should prank call a bunch of policemen and have pizzas sent to them that they didn't order... Viva La Résistance!"
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
