[Year 12 SofDev] If you leave your back door open you never know who might get in
Mark
mark at vceit.com
Tue Aug 4 14:30:00 AEST 2015
(Stop sniggering. This is serious.)
Hi, disappointed sniffers of whiteboard markers
Another in my series of software development disasters.
As you know, programmers often include back doors in their code to allow
quick and easy high-privilege access during testing.
Unfortunately, they don't *always* remove the back door from the source
code before compilation and implementation.
This can happen to the smallest coders, and the biggest, such as Microsoft
in 1999.
This famous example might be worth mentioning to the kids.
"The handful of lines of simple HTML code that constitute the exploit took
advantage of a Hotmail login script called "start" that is not currently
used on the Hotmail welcome page, and the password "eh."
"After examining that code early Monday, outside security experts suggested
<http://www.wired.com/news/news/technology/story/21495.html> that the
problem might have been a backdoor inadvertently left open on Hotmail
servers by Microsoft engineers.
"Microsoft vehemently denied the backdoor suggestions, and instead
described the problem as "an unknown security issue."
Read more at
http://www.omgfacts.com/lists/12538/Hackers-in-1999-discovered-a-flaw-that-allowed-logging-into-any-Hotmail-account-with-the-password-eh-ab731-3
http://archive.wired.com/science/discoveries/news/1999/08/21503
https://en.wikipedia.org/wiki/Outlook.com
http://www.reddit.com/r/todayilearned/comments/1iv2jl/til_in_1999_hackers_revealed_a_security_flaw_in/
--
*My woman drives me to drink. I have to walk back home.*
Mark Kelly
http://vceit.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/sofdev/attachments/20150804/f3c67642/attachment.html
More information about the sofdev
mailing list