A gaping security flaw in Microsoft's Passport identification system left the accounts of over 200 million subscribers open to hackers for seven months, according to news reports Friday.
The flaw was exposed by a Pakistani researcher whose own account was hijacked. He then took just a few minutes to discover that by typing in a certain Microsoft web address together with command he could access and change the information on any Passport account.
A passport account contains extensive personal identification information and credit card numbers. It was designed as a package which was to ease purchasing things online.
Microsoft Thursday admitted the flaw and said it had fixed it by limiting access to the web address to computers in its own network.
The company said that it had frozen all accounts that may have been tampered with but said that there was no evidence that any accounts had actually been seized.
The disclosure was highly embarrassing to the software giant which last year launched a "Trustworthy Computing Initiative" aimed at reducing the large amount of software bugs and security flaws that traditionally plague their programs.
Microsoft also faces the prospect of a hefty fine from the Federal Trade Commission.
Under an agreement reached with the FTC in mid-2002, Microsoft said it would take reasonable steps to protect Passport accounts, pledged to stop overselling the security of the sign-in system and agreed to pay if it failed in its duty.
Microsoft potentially faces an enormous fine if the full fee of 11,000 dollars per security lapse is applied by the FTC.
Microsoft touts its Passport identification system as a single, convenient method for people to identify themselves on the Internet, and hopes it will become the main tool people use for purchases online of movies, music, travel and banking services.
Closely tied to Microsoft's flagship Windows XP software, the company virtually forces uses of Hotmail, and other Microsoft services to register a Passport identity in which subscribers type in addresses, phone numbers, email accounts and credit card information.
The Pakistani researcher, Muhammad Faisal Rauf Danka, determined that by typing a specific Web address that included the phrase "emailpwdreset," he could seize any Passport account. He said he sent 10 e-mails to Microsoft explaining his findings but never received a response.
Taiwan Transport and Storage Corp (TTS, 台灣通運倉儲) yesterday unveiled its first electric tractor unit — manufactured by Volvo Trucks — in a ceremony in Taipei, and said the unit would soon be used to transport cement produced by Taiwan Cement Corp (TCC, 台灣水泥). Both TTS and TCC belong to TCC International Holdings Ltd (台泥國際集團). With the electric tractor unit, the Taipei-based cement firm would become the first in Taiwan to use electric vehicles to transport construction materials. TTS chairman Koo Kung-yi (辜公怡), Volvo Trucks vice president of sales and marketing Johan Selven, TCC president Roman Cheng (程耀輝) and Taikoo Motors Group
Among the rows of vibrators, rubber torsos and leather harnesses at a Chinese sex toys exhibition in Shanghai this weekend, the beginnings of an artificial intelligence (AI)-driven shift in the industry quietly pulsed. China manufactures about 70 percent of the world’s sex toys, most of it the “hardware” on display at the fair — whether that be technicolor tentacled dildos or hyper-realistic personalized silicone dolls. Yet smart toys have been rising in popularity for some time. Many major European and US brands already offer tech-enhanced products that can enable long-distance love, monitor well-being and even bring people one step closer to
RECORD-BREAKING: TSMC’s net profit last quarter beat market expectations by expanding 8.9% and it was the best first-quarter profit in the chipmaker’s history Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), which counts Nvidia Corp as a key customer, yesterday said that artificial intelligence (AI) server chip revenue is set to more than double this year from last year amid rising demand. The chipmaker expects the growth momentum to continue in the next five years with an annual compound growth rate of 50 percent, TSMC chief executive officer C.C. Wei (魏哲家) told investors yesterday. By 2028, AI chips’ contribution to revenue would climb to about 20 percent from a percentage in the low teens, Wei said. “Almost all the AI innovators are working with TSMC to address the
FUTURE PLANS: Although the electric vehicle market is getting more competitive, Hon Hai would stick to its goal of seizing a 5 percent share globally, Young Liu said Hon Hai Precision Industry Co (鴻海精密), a major iPhone assembler and supplier of artificial intelligence (AI) servers powered by Nvidia Corp’s chips, yesterday said it has introduced a rotating chief executive structure as part of the company’s efforts to cultivate future leaders and to enhance corporate governance. The 50-year-old contract electronics maker reported sizable revenue of NT$6.16 trillion (US$189.67 billion) last year. Hon Hai, also known as Foxconn Technology Group (富士康科技集團), has been under the control of one man almost since its inception. A rotating CEO system is a rarity among Taiwanese businesses. Hon Hai has given leaders of the company’s six