|
<<
^
>>
Date: 2003-05-22
Gartner Group: Finger weg von M$ Passport
Die Gartner Group empfielt allen Kunden, Passport fix fallen zu lassen. Analysten nehmen an, das weitere und schwerwiegendere Sicherheitsluecken zu erwarten sind. Trotz vollmundiger Versprechen wuerde M$ Software kaum sicherer werden. Wenn man die Bugtrq Liste mitliest, mag man dem wohl glauben. Vorschlaege, Passport OpenSource zu machen, werden vom Konzern abgelehnt. "Security by Obscurity" scheint immer noch das primaere Sicherheitskonzept bei MS zu sein.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Gartner says 'ditch Microsoft Passport'
[...]
Gartner says its customers should "break all Passport connections until at least November 2003, until Microsoft can prove that its security is adequate. Or invest in an additional, more secure form of authentication".
Perhaps more radically, the article says "more vulnerabilities will likely surface in Passport," and even calls for an open-source review of the code
[...]
Russell disputed claims by the researcher who found the flaw in the first place that he had contacted Microsoft before details of the problem were made public. "We've got absolutely no record of it," Russell said.
[...]
Microsoft has found itself on the wrong side of Gartner's recommendations in the past. In September 2001, Gartner strongly urged its customers to scrap servers using Microsoft's Internet Information Server (IIS) component Web server software.
[...]
As for an open-source review, Russell says it's very unlikely.
[...]
[0] http://www3.gartner.com/resources/114900/114948/114948.pdf
Mehr:
http://news.zdnet.co.uk/story/0,,t460-s2134860,00.html
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by Abdul Alhazred
published on: 2003-05-22
comments to [email protected]
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|