More on WMF, did Microsoft leave a backdoor?

Uncategorized 0 Minutes

Sigh, now I’m getting tons of email saying “how are you gonna explain that Microsoft left a back door that resulted in the WMF exploit?”

So, I sent those over to Stephen Toulouse and said “can you get the details on this claim?” He just posted that on his blog.

Advertisements

Published by Robert Scoble

I give you a front-row seat on the future. Focusing most of my efforts now on next-generation augmented reality and artificial intelligence, AKA "mixed reality." SUBSCRIBE TO MY NEWSLETTER: http://clevermoe.com/scobleizer-news/ BUY OUR NEW BOOK: https://www.amazon.com/Fourth-Transformation-Robert-Scoble/dp/1539894444 "The Fourth Transformation: How augmented reality and artificial intelligence will change everything." WATCH MY LATEST SPEECHES: State of VR with Philip Rosedale (done in VR itself, very cool): https://www.youtube.com/watch?v=2zAA1EVGUZU At GEOINT, June 2017: http://trajectorymagazine.com/glimpse-new-world/ Augmented World Expo, June 2017: https://www.youtube.com/watch?v=l4xHILvLD8E At Leade.rs, April 2017: https://youtu.be/52_0JshgjXI +++++++++++ BIO: Scoble gives you a front-row seat on the future. Literally. He had the first ride in the first Tesla. Siri was launched in his house. He's been the first to share all sorts of technologies and companies with you, from Flipboard to Pandora to Instagram. Today he's focusing on mixed reality, AKA "next-generation augmented reality" which will include a new user interface for EVERYTHING in your life (IoT, Smart Cities, driverless cars, robots, drones, etc). That's based on his view thanks to his past experience as futurist at Rackspace. Best place to find Scoble? On his Facebook profile at https://www.facebook.com/RobertScoble He has been a technology blogger since 2000, was one of five people who built Microsoft's Channel 9 video blog/community, worked at Fast Company Magazine running its TV efforts, and has been part of technology media businesses since 1993. ++++++++ SPEAKER PITCH: Apple and Facebook now have revealed their Augmented Reality strategies, which means your business needs one too. Rely on Robert Scoble, the world's top authority on AR, to bring to your conference what businesses should do next. SPEECH ABSTRACT #1: TITLE: The Fourth Transformation: What's next in mixed reality (AR and AI) and the future of technology? Here's an example of this talk at Leade.rs in Paris in April, 2017: https://youtu.be/52_0JshgjXI Why "the Fourth Transformation?" Soon we will have phones and glasses that do full on augmented reality. Everything you look at will potentially be augmented. This world is coming in late 2017 with a new iPhone from Apple, amongst other products. Microsoft is betting everything on its HoloLens glasses that do mixed reality and the industry is spending many billions of dollars in R&D and funding new companies like Magic Leap. This future will be the user interface for IoT, Smart Cities, autonomous cars, robots, drones, and your TV. This is a big deal and Robert will take you through what mixed reality is and how it will change every business. Learn more about Robert's speaking style and contact his agent at http://odemanagement.com/robert-scoble/Robert-Scoble.html ++++++++ SPEECH ABSTRACT #2: "The Next Two Clicks of Moore's Law." Over the next four years, or two clicks of Moore's Law, a ton about our technology world will change. Scoble will bring you the best from his travels visiting R&D labs, startups, and innovators around the world. He views the world through his rose-colored-mixed-reality glasses, which will be the new user interface for self driving cars, Smart Cities, IoT, and many other things in our world. He'll send you off with some lessons for companies both large and small. ++++++++ SPEECH ABSTRACT #3: "Personalized Meaning: What is Augmented Reality For?" As we enter a far more technological world where even cars drive themselves, I predict we'll see a blowback toward the analog, more authentic world. What role does augmented reality play in both worlds? Get Scoble's insight into where augmented reality is going, see tons of real-world demos, and understand what he means by 'personalized meaning.' CONTACT: If you are looking to contact me, email is best: scobleizer@gmail.com. ++++++++ ENDORSEMENTS: IZEA Top 25 Tech Influencers: https://izea.com/2017/07/07/25-top-tech-influencers/ Time: One of the top 140 Twitterers! FT: One of the five most influential Twitterers! Inc. Top 5 on list of Tech Power Players You Need to Know: http://www.inc.com/john-rampton/30-power-players-in-tech-you-need-to-know.html Next Reality: #4 on top 50 AR influencer list: https://next.reality.news/news/nr50-next-realitys-50-people-watch-augmented-mixed-reality-0177454/

Published

28 thoughts on “More on WMF, did Microsoft leave a backdoor?

  1. Pingback: The PC Doctor
  2. Pingback: The PC Doctor » Blog Archive » Microsoft releases some background on the WMF exploit

  3. I’ve never been a fan of Steve Gibson’s somewhat irresponsible ‘conclusions’. To say the evidence for a backdoor is “quite compelling” is one thing, but to later state clearly (and more than once) that Microsoft “intentionally put a backdoor in Windows” is, well… you really shouldn’t be taking flak for this Robert!

    Thanks for the link to Stephen’s post btw, v. interesting.

    Like

  4. I’ve never been a fan of Steve Gibson’s somewhat irresponsible ‘conclusions’. To say the evidence for a backdoor is “quite compelling” is one thing, but to later state clearly (and more than once) that Microsoft “intentionally put a backdoor in Windows” is, well… you really shouldn’t be taking flak for this Robert!

    Thanks for the link to Stephen’s post btw, v. interesting.

    Like

  5. Mr. Potato Head? Mr. Potato Head? Back doors are not secrets!

    I think it is possible, but not likely. Mr. Gibson can be a little paranoid. That’s his job.

    Like

  6. Mr. Potato Head? Mr. Potato Head? Back doors are not secrets!

    I think it is possible, but not likely. Mr. Gibson can be a little paranoid. That’s his job.

    Like

  7. Well it was really done because customers were asking tons of questions about it. Really the assertion by some people that there would be an intentional back door inserted into Windows which could only be used by first convincing the user to visit a website is pretty funny on the face of it. But hey letting people know the background is good too. People like to learn the same lessons we learn about software vulnerabilities so I hope you guys found it interesting.

    S.

    Like

  8. Well it was really done because customers were asking tons of questions about it. Really the assertion by some people that there would be an intentional back door inserted into Windows which could only be used by first convincing the user to visit a website is pretty funny on the face of it. But hey letting people know the background is good too. People like to learn the same lessons we learn about software vulnerabilities so I hope you guys found it interesting.

    S.

    Like

  9. I for one, do not believe that MS intentionally put a backdoor in WMF. As the old saying goes, “Never attribute to malice, what can be adequately explained by stupidity”.

    All the WMF issues are due to plain old incompetence.

    Like

  10. I for one, do not believe that MS intentionally put a backdoor in WMF. As the old saying goes, “Never attribute to malice, what can be adequately explained by stupidity”.

    All the WMF issues are due to plain old incompetence.

    Like

  11. Well, if Microsoft wanted a backdoor, would they have made it such that:
    a) didn’t require user interaction (opening webpage or image)
    b) not part of a public API
    c) make it targetable (pick an IP instead of indiscriminate)

    Hmm, screw that, conspiracy theories are much more fun! UFOs power MacOSX! Steve Jobs is an android powered by pure evil! Walt Disney was the antichrist!

    Like

  12. Well, if Microsoft wanted a backdoor, would they have made it such that:
    a) didn’t require user interaction (opening webpage or image)
    b) not part of a public API
    c) make it targetable (pick an IP instead of indiscriminate)

    Hmm, screw that, conspiracy theories are much more fun! UFOs power MacOSX! Steve Jobs is an android powered by pure evil! Walt Disney was the antichrist!

    Like

  13. Well it appears that this exact same flaw appears in the Wine implementation, which was written from the specs without access to the Windows source code – so did the Wine guys put the backdoor in as well?

    Pure nonsense ..

    Like

  14. Well it appears that this exact same flaw appears in the Wine implementation, which was written from the specs without access to the Windows source code – so did the Wine guys put the backdoor in as well?

    Pure nonsense ..

    Like

  17. It explains it well (and, for the first time, why legacy systems are not getting patched), but not how the vulnerability was missed by SP2. That’s still cause for concern.

    Like

  18. It explains it well (and, for the first time, why legacy systems are not getting patched), but not how the vulnerability was missed by SP2. That’s still cause for concern.

    Like

  21. It is amazing that you can find the same comments in every site that talks about this. First, the attack on Steve Gibson, with similar language. Second, the Wine argument, which is bogus, Wine tries to implement the features of Windows the best it can. It has to imitate behaviour! Finally, none of the comments answer the real concerns that Steve Gibson presented. He even answered them on his site…

    Like

  22. It is amazing that you can find the same comments in every site that talks about this. First, the attack on Steve Gibson, with similar language. Second, the Wine argument, which is bogus, Wine tries to implement the features of Windows the best it can. It has to imitate behaviour! Finally, none of the comments answer the real concerns that Steve Gibson presented. He even answered them on his site…

    Like

  23. Even more surprising is that the linked article by Stephen Toulouse doesn’t address the main concerns that Gibson brought up, namely that there is nothing useful you can do in the lonely thread that is spawned by this “feature” (you don’t have access to the DC of the metafile) and that the function does not work the way Stephen describes. The only reason Gibson found this was by trying to force the behavior to happen, and none of the “official” explanations worked.

    Since the 13th, when Gibson’s podcast aired, this has been the only response from MS. It would appear that a technically competent rebuttal is in order.

    Has someone come along and documented that Gibson’s findings (that the only way to trigger malicious code is by setting the file length to 1, and that the value of SetAbortProc doesn’t matter since the code that will be executed is immediately following the header)? Has anyone rebutted them?

    I’ll be the first to admit that Gibson has an ego the size of Montana (or at least San Diego), but silence on this does not do MS any good, and this appears to be something difficult to “evangelize” away, given all the security reviews that this code should have received enroute to XP SP2, and Vista. (Unless by “code review” they mean checking the filenames.)

    Tim

    Like

  24. Even more surprising is that the linked article by Stephen Toulouse doesn’t address the main concerns that Gibson brought up, namely that there is nothing useful you can do in the lonely thread that is spawned by this “feature” (you don’t have access to the DC of the metafile) and that the function does not work the way Stephen describes. The only reason Gibson found this was by trying to force the behavior to happen, and none of the “official” explanations worked.

    Since the 13th, when Gibson’s podcast aired, this has been the only response from MS. It would appear that a technically competent rebuttal is in order.

    Has someone come along and documented that Gibson’s findings (that the only way to trigger malicious code is by setting the file length to 1, and that the value of SetAbortProc doesn’t matter since the code that will be executed is immediately following the header)? Has anyone rebutted them?

    I’ll be the first to admit that Gibson has an ego the size of Montana (or at least San Diego), but silence on this does not do MS any good, and this appears to be something difficult to “evangelize” away, given all the security reviews that this code should have received enroute to XP SP2, and Vista. (Unless by “code review” they mean checking the filenames.)

    Tim

    Like

  25. Regarding the ‘you have to go to a particular website’ argument, an appropriately crafted email indistinguishable from any other spam would likely do the trick, if it is viewed in Outlook.

    Like

  26. Regarding the ‘you have to go to a particular website’ argument, an appropriately crafted email indistinguishable from any other spam would likely do the trick, if it is viewed in Outlook.

    Like

Comments are closed.