ITrain Homepage

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear



Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy

Print this document

Google
Web ITrain.org

Blatent Disregard For Customer Safety

Hardware vendors goof big time with security snafu

ITinfo Sponsor

ERROR: Random File Unopenable

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Windows Ships With Gaping Security Holes

by Dave Murphy
ISSN 1535-3613

Dave Murphy, ITrain founder Some popular models of PCs from Compaq Computer Corp. and Hewlett-Packard that include pre-installed and configured Microsoft Windows are leaving the new owners at a significant risk of malicious intrusion via the Internet.

Microsoft Corp. and Compaq Computer Corp. on Friday confirmed the existence of several significant software security flaws that could enable intruders to gain access to the computers of millions of customers and to damage their data via email or through commands sent from a malicious website.

The security holes reported here primarily affect computers running Win95/98 and Microsoft's Internet Explorer (IE) web browser that have been configured to allow easy access by vendor support technicians during routine assistance or upgrades.

A Microsoft official said the company was at work creating a fix for the newly discovered security holes. "We take security issues very seriously," said Andrew Dixon, group product manager for Office at Microsoft. "Right now, we are working on testing a solution and steps for customers to take."

I wonder if the problem may stem from Microsoft's choice to integrate IE as a primary component of W98. Because of the tight integration I think third-party vendors may have a more difficult time offering software apps that will prevent just this type of crisis. For example, the tight integration of the Jet engine with MS Office apps prevents anti-virus programs from detecting many online attacks.

Compaq made the big boo-boo of signing an applet that allows it's technicians complete access to customer's computers via the net. But with the security door left wide open by Compaq, who's to say the technician who's diddling in your new Presario computer right now is from Compaq?

Got something to say on the subject? Leave your comments on the message center.

Microsoft
Compaq
HP
Message Center

Subscribe to ITinfo.
Receive computing and Internet news & tips
by subscribing to the ITinfo information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

Copyright © 2000 International Association of Information Technology Trainers, Ltd., All Rights Reserved

http://itrain.org/itinfo/1999/it990731.html
updated July 31, 1999