|Microsoft XP SP1 Hack "frightening"|
|Microsoft executive calls the ease with which two British e-crime specialists managed to hack into a Windows XP computer as both "enlightening and frightening." |
The demonstration took place Monday at an event sponsored by Get Safe Online--a joint initiative of the U.K. government and industry. At the event, which was aimed at heightening security awareness among small businesses, two members of the U.K. government intelligence group Serious Organized Crime Agency connected a machine running Windows XP with Service Pack 1 to an unsecured wireless network. The machine was running no antivirus, firewall, or anti-spyware software and contained a sample target file of passwords to be stolen.
Microsoft XP SP1 Hack "frightening" [news.com]
Why would anyone continue to use XP SP1?
|The machine was running no antivirus, firewall, or anti-spyware software and contained a sample target file of passwords to be stolen. |
Come on... a 4th grader could steal from that computer. Jeeze. THIS is a demonstration? Come on... Go to DEFCON and learn a few things and do something cooler next time. If this makes news, a good Bluetooth snarf with an iPhone as the target would cause an uproar!
There is a reason for anti-virus, anti-spyware and firewalls. Of course the computer was easy to hack, it would have been even easier if it ran Windows 98..
|two British e-crime specialists |
lol - what's next, breaking into an unlocked server room in their mom's basement?
|Getting onto the unsecured wireless network, pinging possible IP addresses of other computers on the network, finding Andy's unpatched computer, scanning open ports for vulnerabilities, using the attack tool to build an exploit, and using the malware to get into the XP command shell took six minutes. |
I'd be throughly embarassed if it took me that long! Let's see... A max of 253 addressing need pinging; a dozen, maybe two, ports need to be scanned; exploits wouldn't be built "on-the-fly," they'd be "pre-rolled"; TFTPing a file is trivial & fast.
"Attack tools"? A very popular & cheap FTP program - used by many here at WebmasterWorld - has a "ProPack" add-on that has the "tools" needed for the job.
Uh, i"m stoopid... How would antivirus/spyware help in this case? Rhetorical question, as we all know they wouldn't help - the objective of the hack was theft, not infection.
Patched or unpatched means nothing to those who know what "zero day exploit" means.
The only thing about the article that I found scary was Microsoft admitting to being "enlightened" - C'mon! It's almost 2008! Have you had your heads up your hole in the ground since Bill discovered the 'net?
New installations are a serious problem. Do a new install on a poorly managed academic network and you'll be crawling with filth before you've got as far as downloading updates.
They should've used a fully patched machine with a firewall, antivirus and spyware remover. Still possible, might've taken longer, but message would have been stronger.
I am not sure the UK Govt. should be talking about security in any shape or form right now considering they just managed to lose 25 million peoples confidential details! [news.bbc.co.uk...]
[edited by: Visit_Thailand at 6:39 am (utc) on Nov. 21, 2007]
So? They lost two discs full of password-protected data.
I'd be worried if the data on the disks wasn't protected.
The disks were not even encrypted. This is the UK Government we are talking about with extremely confidential info. Encryption of any sensitive or confidential info should be a minimum security measure.
Plus of course we only have there word for it that it was password protected, even though we all know that if it falls into the wrong hands a password protected file will be impossible to get into! ;-)
[edited by: Visit_Thailand at 11:45 pm (utc) on Nov. 22, 2007]
Latest News: TNT say the package never even made it into their system.