Hackers Skeptical Of Microsoft's "Holey War"

Call Karl Wehden a professional hacker. As a valley software architect, he spends his workdays unapologetically cracking open various company networks via the Internet. He's not there to damage or steal, just to learn from others' mistakes. Wehden and his colleagues slipped through a hole in Monster.com's network, gaining access to its entire database of jobs and résumés. Afterward, they notified Monster.com of the backdoor hole—which existed, Wehden says, because the job-matching site uses Windows.

Microsoft's operating systems are dangerously vulnerable. And the more products Microsoft pushes into the market, the simpler they are to exploit.

All of which is why folks like Wehden could only snicker when Microsoft made much ado earlier this year about focusing on security. Chairman Bill Gates issued an edict to Microsoft Nation to make its products impervious to attack, and he assigned 7,000 programmers to spend the month of February learning how to tighten safety bolts. "We must lead the industry to a whole new level of trustworthiness in computing," Gates wrote in a widely leaked company memo. "Eventually, our software should be so fundamentally secure that customers never even worry about it."

The memo made a media splash, but nowhere is there more skepticism than among hackers, who have largely been those responsible for exposing flaws in the company's products in the past decade. "Every time Microsoft talks about security, the security community sits back and waits for its claims to blow up in its face," says Neal O'Farrell, a former hacker who founded Hackademia, a security-consulting firm. "There's just no credibility. The hacker community is not going to let up on them. Microsoft is a real trophy for hackers."

To continue reading this story, please click to go to part 2: "The Privilege of Being Raped".

Copyright © 2002 Ziff Davis Media Inc. All Rights Reserved. Originally appearing in ExtremeTech.