|low graphics version | feedback | help|
|You are in: Talking Point|
Thursday, 2 November, 2000, 16:55 GMT
Microsoft hacking: 21st century epidemic?
The FBI is hunting computer hackers who managed to infiltrate Microsoft's network in the United States.
It is thought they may have been trying to steal blueprints of the company's newest products - including the latest versions of Windows and Office.
Microsoft won't say whether access has been gained to their secret codes. One former computer hacker, now turned consultant, Robert Schifreen, says that if the codes have been stolen, the results could be very serious for Microsoft.
Is any organisation safe? Is hacking becoming a 21st century epidemic? How can it be stopped?
This debate is now closed. Read a selection of your comments below.
Having worked in IT for over 17 years, and seen how computer security used to work in the "old" days (before Windows became so commonplace), I am always amazed at how little thought for security goes into Microsoft's products. For them to be the victim of their own poor approach to security is, to me, poetic justice.
Simon Moore, UK
This could signal the beginning of the long awaited end to Microsoft's unfortunate monopoly in the software industry. This near perfect and worsening monopoly is healthy for nobody but Microsoft.
In the Commons, we have Her Majesty's Loyal Opposition. In the computer corporate world, we have Hackers and Crackers. Vive La Revolution!
Whilst in Dubai I worked for an IT company and it transpired that the Directors were hacking into various networks to gain a business advantage. This was reported to the BSA who did nothing. It was also reported to Lotus and Microsoft - both organisations have been awarded business partner status. Live by the sword, you die by the sword!!
Neither hacking nor cracking are 21st century
epidemics, but loosely knit networks with little
or no security. I hope the recent attacks against
MS and others will lead to the conclusion that
network and computer security are vital to
our interconnected world.
Stephen Kenney, USA
Microsoft products (known as 'billware' in my firm) are renowned for bugs, vulnerability to viruses, and atrocious security. The company's trading methods have made it widely reviled in the industry - the only surprise is that it didn't happen sooner.
All organisations are vulnerable to hacking. It is possible to design secure systems but it does take more time and effort. How do you justify a more expensive quote to an organisation that doesn't understand your language? Most decision makers understand nothing about programming languages.
While anti-crime I am not anti-hacking - it is a science. Microsoft - of all people - should have had better security and I think that "Auntie Beeb" is blowing this out of proportion by referring to it as an "epidemic". The Internet was developed as a medium for the free exchange of knowledge. If there is any freedom anywhere in this world it is on the Internet - may it always be so - the Beeb's and even Microsoft's word on it count no more than the single user pounding away in a basement room.
Hacking has been about for years, I used to do a bit many years ago. But maybe an idea would be to make a contest out of it a company would lay down a challenge for you to hack into their system for prizes, offering a grand prize who ever reaches a central point
Simon Jones, UK
As computers are becoming more and more intertwined with out lives, in particular governments and financial establishments, hacking may become a future component of war. The fiasco with NATO's bombing plans on Kosovo on the internet could just be start!
If Bill Gates weren't so busy running down "The Road Ahead" he might look over his shoulder to check if his army of employees were following him. He avows "Ease of Use" of the Web - but have you tried Microsoft support lately? Hey Bill! There's no one there! Even for security.
I think to call "hacking" an epidemic is to blow the issue out of proportion, simply on the grounds that this is an instance of one of the biggest corporations in the world being hacked into. I agree with those who have said that hacking for the purposes of theft of source code is wrong and should be eliminated. But there are many individuals out there who hack software and systems simply for the challenge of doing so, without any malicious intent whatsoever. Some have even subsequently been employed by businesses and software firms to test the strength of their systems and help in finding loopholes in security. Undoubtedly hacking can be useful, and it will always exist - it is human nature to rise to the challenge it presents.
Reports suggest Microsoft detected their passwords being sent via email. Does that mean they search every email for their passwords?
It has long been feared that companies such as Microsoft have access to your computer, I have read reports on the internet about the way that these software companies can access data on what software is installed and used plus other personal data files, and then be sent every time you go online. Trojan horses are indeed a problem, but what if the operating system that most people use is in fact a Trojan horse itself? Hacking is a problem but only for people that have things to hide, and in theory why would someone waste their time to hack into Joe Blogg's computer, to see that they have just sent an email to their aunt. In some cases the hacker may not be the bad guy but the Robin Hood. Is it the pickpocket we fear or big brother? I let you decide.
Rob Hebron, UK
As a humble computer user who doesn't really know much about how it all works, I'm amazed by some of the prevalent attitudes on this page from some obvious geeks.
Hacking is breaking and entering, full stop. If you break into my house, I don't really care if you plan to steal anything or not. You shouldn't be there. I certainly won't excuse you just because you were curious, or wanted a mental challenge.
Also, why all this hate directed at Microsoft? Stop whining. The world is full of products that dominate without being the best. That's not an excuse to break into the factories that make them.
Hacking (breaking and entering) is not a new problem. What's new is this attitude that there's nothing wrong with it because a self-appointed e-elite has said they deserve it.
People are the weak link in any security system. It starts at the top - firstly senior management often don't see the value good information security brings. Instead they see it as a cost - they honestly believe something like this won't happen to them. In the Microsoft case they obviously do take security seriously however once again it's likely people were the weak link. The virus could be picked up, as people have said, by standard anti-virus software but it's likely update procedures failed. Someone also suggested the intruders had access for 3 months. If this is the case people are the weak link again for not choosing suitably strong passwords and not changing their passwords on a regular basis. Finally I would imagine people are responsible for the third and final area of weak security in the Microsoft case - the computers connected to the internet. The intruders had to come in from the Internet to transfer the files so either the authentication systems, firewalls or general system security is weak. This all comes down to people being sloppy and not doing a proper job in protecting, auditing and most importantly maintaining and upgrading systems.
Caught by their own bugs ... the irony is beautiful!
I agree that the term "hacker" is being misused here. It was originally a term used to describe any computer programmer and dates back to the early days of computing.
Albert P'Rayan, India/Rwanda
This is really rich when one considers
that Microsoft's products are a fertile
ground for viruses. I do not view "hackers"
as evil people. I think that the companies
that try to stifle creativity to increase their
own profits are the real evil. The Internet
is a virtual free land that is probably
one of the last bastions of true freedom
left in this world. Microsoft will benefit from
laws regarding information technology security
all the while stomping the competition
to bits with their own practices.
Concerning those who would try
to break through the virtual walls; people will try to climb
mountains because they are there. When
there are no challenges, there will be
In science we dissect and examine every piece, then we sit back and say why? and how? and when someone should find a flaw he is quick to expose it for accreditation amongst his colleges..
Hacking is a science!
Breaking into other people's computers is wrong, but having said that it does bring up the question of how secure Microsoft products are? P Willis is correct in stating the safest way to protect a computer is to be offline (also a good antiviral protection) and to me if a company has secrets to keep that's the place to keep them. As to the suggestion that Linux is the future, this will not happen unless other software companies support the software. All the software I have seen will only support Windows.
Let's say they changed the WinME code, now they could have access to everyone's new computer, let's say they changed an upgrade or patch for IE5, most users upgrade their browser regularly, so if they did they could easily bring down nearly every computer in the world, a scary thought.
Create new software to automatically delete the software of hackers during hacking time.
Josh Yanny, US
Industrial espionage and sabotage have been around for centuries, a new tool has been added, hacking. That is all that has been done, like physical breaking and entering hacking will continue to be used to steal commercial secrets.
Any operating system, including the beloved variants of UNIX will have a number of security holes; with the size of programs becoming as large as they are, it's a fact of life that unintended "functionality" will creep in.
With any luck the intrepid hackers will release a bug free version
of Windows on the net!
The IT infrastructure is a businesses most important asset - the repository for valuable IP; customer and supplier records and thereby imperative to brand integrity. Why isn't it protected in the same way other business assets are?
Tony Lofthouse, United Kingdom
A 21st century epidemic? What hyperbole. Industrial and commercial espionage and theft is as old as business itself. They have merely evolved along with business over the centuries. One day the clever geeks in business will realise that it is unwise to stow extremely sensitive information on systems that can potentially be accessed from the comfort of one's home. At least the physical theft of papers required inconvenience, discomfort and risk, which would have deterred many potential thieves.
Mark Evans, United Kingdom
The only way to stop this hacking is to stop the internet. Pandora's Box has already been open and there is no going back. I think the world in 100 years time will be a vastly different world to the one we live in today. Will it be better? I am not sure but the large corporations strangle hold on the planet may well come to an end.
The irony of this situation is that the hackers more than likely were using Microsoft software, at least to some degree. Microsoft, being the largest corporation in the world, are probably one of the most common targets for hackers, and should have implemented more secure security measures from such sensitive pieces of information.
If Microsoft can't keep their systems secure it shows just how secure the versions they sell the public really are. At least now they can blame all their bugs on someone else.
In the same way, if no one were to commit crime any more, it would be devastating to the economy. Just think of all the policemen and women, security guards, customs officials, military officers and even football stewards that would be out of work.
They wouldn't have the problem if their software were any good. First, the software would not allow hacking. Second, there would be far fewer people who dislike Microsoft enough to hack them. The anti-Microsoft feelings amongst most of us are not just down to them being rich (if they'd got rich honestly we wouldn't mind), but that they became rich by foisting rubbish software on the world.
Hacking has been with us since the dawn of the 'computer'. The only thing thats changed are the people who are affected. Since the home computer has become more accessible more people have started to use it, thus creating a larger playing ground for 'hackers'. The problem won't go away. Anyway, hackers do the system good by showing up flaws in so called 'security'.
If there are holes in software people will find them, since Microsoft's products are notorious for being badly written it makes Microsoft an easy target. When will large/small companies and home users learn that Linux/Unix is the future, out of the box with security as standard.
There are builders who are criminals, there are sports people who are criminals and there are managers who are criminals. This does not make all builders, sports people and managers criminals. There are criminals who are also hackers, in stealing code from Microsoft they performed a criminal act, not an act of hacking.
Hacking doesn't need to be stopped. It will be a poorer world without people trying to figure out how anything and everything works. it's crime that needs to be stopped.
No one is safe from hacking, just as no one is safe from getting the common cold. The trick is to realise that the problem is there, and to make backups; something I learnt the hard way.
Please get your terms right. A
Hacker is a top quality programmer
who enjoys programming for the
27 Oct 00 | Business
Microsoft software 'stolen'
19 Oct 00 | Sci/Tech
Cybercrime threat 'real and growing'
07 Jul 00 | Sci/Tech
Crackdown on computer criminals
The BBC is not responsible for the content of external internet sites
Other Talking Points:
Links to other Talking Point stories
|^^ Back to top
News Front Page | World | UK | UK Politics | Business | Sci/Tech | Health | Education | Entertainment | Talking Point | In Depth | AudioVideo
To BBC Sport>> | To BBC Weather>>
© MMIII | News Sources | Privacy