ANALYSIS: Weekly Web Watch - For Microsoft, it is an endless chain of accusation and denial

Over the past few weeks, Microsoft has suffered not one but several PR disasters that would sink lesser companies. Towards the end of August, a team of computer scientists from Princeton and Xerox PARC uncovered a flaw in the Windows 95 and 98 operating systems that allows hackers to take control of a PC simply by sending an e-mail message. It allows an attacker to modify files or even to reformat the hard drive.

Over the past few weeks, Microsoft has suffered not one but several PR disasters that would sink lesser companies. Towards the end of August, a team of computer scientists from Princeton and Xerox PARC uncovered a flaw in the Windows 95 and 98 operating systems that allows hackers to take control of a PC simply by sending an e-mail message. It allows an attacker to modify files or even to reformat the hard drive.

Over the past few weeks, Microsoft has suffered not one but several

PR disasters that would sink lesser companies. Towards the end of

August, a team of computer scientists from Princeton and Xerox PARC

uncovered a flaw in the Windows 95 and 98 operating systems that allows

hackers to take control of a PC simply by sending an e-mail message. It

allows an attacker to modify files or even to reformat the hard

drive.



The team that discovered the security hole notified Microsoft straight

away and the company moved quickly to repair it. Nobody is known to have

exploited the bug in a malicious way and none of Microsoft’s customers’

computers were compromised. It was academics who discovered the defect

and not hackers. Yet tens of millions of Windows users have yet to

download the software fix

(http://www.microsoft.com/java/vm/dl_vm32.htm).



No sooner were the folks in Redmond breathing a sigh of relief over that

one than a piece of code was flying around the Net that allowed people

to read the e-mail of any user of Microsoft’s Hotmail (www.hotmail.com)

free e-mail service. What’s more, it wasn’t just skilled hackers who

could do this but anybody who cared to download the piece of code. It

has been described as the worst security breach in the history of the

Web. It is not known how many accounts were actually affected (Hotmail

is said to have 50 million users). Naturally, Microsoft scrambled to

plug this hole as well.



Most Hotmail users didn’t even know about it until they read an

announcement on Hotmail that their e-mail might have been

compromised.



All very reassuring, except that by September 3, Microsoft was again in

the denial game, this time over accusations that it had left a back door

open allowing the US National Security Agency (NSA) to access the

computer of any user of any of Microsoft’s more recent operating

systems.



The accusations follow the discovery of an obscure cryptographic key in

the Windows operating systems called ’_nsakey.’ Now, there is nothing to

prove that the letters ’nsa’ in ’_nsakey’ stand for National Security

Agency,’ but when it comes to Microsoft, it’s just too tasty a

possibility to pass over. So the not quite logical conclusion is that

the key allows the NSA into people’s computers without their

authorization.



Microsoft, of course, says it’s all a fuss over nothing. All that

’_nsakey’ does is signify that the software has passed NSA requirements

to do with the export of strong encryption, the company insisted. ’The

key in question is a Microsoft key. It is maintained and safeguarded by

Microsoft, and we have not shared this key with the NSA or any other

party,’ said a Microsoft statement. The problem is that nobody knows

what ’_nsakey’ actually does except Microsoft, and nobody believes what

Microsoft says.



The software giant has a problem stemming from its very size and

ubiquity.



It’s easy to pin conspiracy theories on an organization so spread out

and Byzantine. Whether any of Microsoft’s recent PR problems will damage

it in any significant way, however, remains open to debate. The same

qualities that make Microsoft a magnet for conspiracy theories enables

it to shrug off PR disasters that would cripple most other companies.

Microsoft has for years had a reputation for buggy, under-tested

software. But that has not stopped millions of people from using its

products.



It seems that the more people hate Microsoft, the more people will buy

its products. Or should that be the other way round?



- Stovin Hayter is editor of Revolution. All e-mails should be sent to

stovin@revolution.haynet.com.



Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Register
Already registered?
Sign in