| Leo: So you're saying intentionally or - Microsoft intentionally put a backdoor in Windows? Is that what you're saying? |
| Steve: Yes. |
| Leo: Well, that's a pretty strong accusation. Could this not have been a... |
| Steve: Well, it's the only conclusion... |
| Leo: It couldn't have been a mistake? |
| Steve: I don't see how it could have been a mistake. Again, I'm going to continue to look at it. But from what I've seen now, this had to be deliberate. It was not what we were led to believe. Well, and it's funny, too, because then I thought, okay, wait a minute, Microsoft has lied to us. I reread the original vulnerability spec in, you know, their vulnerability page. And they never say this isn't the case. I mean, they describe it as a vulnerability, which it certainly is. Nowhere, you know, is even what I'm saying contradicted by their page. |
| Leo: So you're saying Microsoft, or people at Microsoft maybe unbeknownst to Microsoft, intentionally put code in Microsoft Windows that will allow anybody who knew about it access any Windows machine, to get into any Windows machine and run any arbitrary code on it. |
| Steve: Well, it's not like a trojan, where they would be able to contact a remote machine. But, for example, if Microsoft was worried that for some reason in the future they might have cause to get visitors to their website to execute code, even if ActiveX is turned off, even if security is up full, even if firewalls are on, basically if Microsoft wanted a short circuit, a means to get code run in a Windows machine by visiting their website, they have had that ability, and this code gave it to them. |
| Leo: And there'd be nothing anybody could do about it or - and in most cases detect it. So it sounds like - and I really want to be careful here because this is a very serious accusation. It sounds like this was done on purpose by Microsoft or somebody at Microsoft. It sounds like it was accidentally discovered. Microsoft reacted and has pulled it out now. |
| Steve: Right. |
| Leo: Could there be other backdoors like this? |
| Steve: Well, yes. I mean, that's the problem with a closed source operating system like... |
Aucun commentaire:
Enregistrer un commentaire