This page shows the source for this entry, with WebCore formatting language tags and attributes highlighted.


MS Passport holes


<a href="">Wired</a> <a href=",1282,48105,00.html">reports</a> that there's a relatively gaping hole in the Microsoft's Passport service. This service holds all of a user's personal information and can also hold credit card and financial information. It's being touted as a keyring for the Internet, kept secure by Microsoft. If you have a HotMail account, you have a PassPort (it may or may not have your credit card information, though). However: <span class="quote"><q>In a demonstration of the exploit earlier this week, Slemko sent Wired News a specially crafted but innocent-looking e-mail. Moments after the e-mail was viewed using Microsoft's Hotmail Web-based e-mail service, Slemko rattled off, over the phone, the credit card number and contact information from the user's Passport wallet.</q></span> Oops. <span class="detail">This has been a <span class="reference">don't entrust your information to the one company that has repeatedly demonstrated that it has no clue about security</span> service announcement</span>.