And a very well-written rebuttal (by someone a hell of a lot more reputable
than Gibson):
http://www.sysinternals.com/blog/2006/01/inside-wmf-backdoor.html
Or, would you like to tell him he doesn't have his facts straight, either?
Is it possible Steve is right? Yeah, it is possible.
Is it anywhere near likely? Reading Mark's rebuttal, I think the answer is a
pretty definitive "hell no".
----- Original Message -----
From: "Brian Weeden" <[EMAIL PROTECTED]>
To: "The Hardware List" <hardware@hardwaregroup.com>
Sent: Friday, January 20, 2006 9:41 AM
Subject: Re: [H] Nutty Steve Gibson claims WMF bug was planted by Microsoft
Listen to episode 22:
http://grc.com/securitynow.htm
This was on Digg last week. Every person that I have heard saying
Gibson is a moron over this has not had their facts straight. Listen
to the podcast, look at his reports, hell look at his source code.
His arguement that you need 2 or 3 very specific things to happen to
trigger the WMF vulnerability, things that prevent the WMF files from
working as intended. Which in my mind is the exact definition of a
backdoor.
Of course M$ will deny it. The only other option is to say yes, one
of two things are true:
1. We have a rogue programmer who put their own backdoor in all
version of our software since win2k
2. We deliberately put in a backdoor so we can access and patch every
copy of windows in an emergency, even if they have firewalls and
autoupdate disabled.
--
Brian
