One of my major trophy achievement is attributed to the discovery of Microsoft Passport Flaw / Vulnerability (2003). Below are some of the links of its global media coverage and my interviews:

http://news.zdnet.co.uk/internet/0,1000000097,2134466,00.htm
http://www.cbsnews.com/stories/2003/01/30/tech/main538597.shtml
http://news.bbc.co.uk/2/hi/technology/3013665.stm
http://www.cnn.com/2003/TECH/biztech/05/09/microsoft.flaw.ap/index.html
several others…..

Note:

On the same day of my public release of this flaw/vulnerability (after a few good hours though) – a rather dilapidated Pakistani website claimed the discovery of the flaw and declared credit of the discovery to themselves.
I am not sure if this was just a coincidence (mind you that the flaw was very simple in nature anyway so it is quite possible) or was it a deliberate and slapdash attempt to tap into the potential media coverage of this flaw. Whatever it was, it was unsuccessful and subject to utter ridicule by the professional community – Global media looked into it, considered it and then decided to ignore the false claims and rightfully attributed the credit to whom it was due – ie, Yours Truly.

With the benefit of hind sight, I would say that the international media considered the facts that, (i) my release was comprehensive (ie, included real technical details not some generic mumbo-jumbo), (ii) it was made public a lot earlier than the false claim and (iii) most importantly I did not attempt to puff-up the issue – instead I stated in my interview to Associated Press that, the nature of the flaw was one of the most simplest form of input validation failures.

Advertisements

1 Response to “Microsoft Passport Flaw”


  1. 1 Khawar Nehal March 20, 2011 at 2:25 pm

    I remember those old good times in the ISPs.

    Crackers vs ISP admins and investors all stuck in a tangled web.

    Khawar


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s





%d bloggers like this: