AS Microsoft founder Bill Gates rouses the company with a call for it to deliver “trustworthy computing”, a Computerworld reporter has fallen victim to a major Hotmail glitch. By deadline, several days after notifying Microsoft and ISP partner Xtra of the issue, no explanation had been offered as to the cause.
Reporter David Watson discovered the sent messages folder of his Hotmail account contained several emails that he hadn’t sent.
“Sitting in the file were 10 messages, sent under my name, to people I don’t know,” Watson says.
“The messages weren’t signed in my name, so it doesn’t look as if it was a case of someone getting access to my account name and password and passing themselves off as me; rather, the emails were all signed by other people and were bona fide messages from those people to institutions as diverse as training institutes, potential employers and hotels.”
Xtra spokesman Matt Bostwick says he contacted Hotmail soon after Watson queried him about the issue, but a few days later there had been no response. Bostwick has put in another request for action, this one urgent.
The random nature of the swag of emails wrongly sent under Watson’s name suggests some sort of technical fault rather than a deliberate hack by an individual.
Dunedin-based Pegasus Mail founder and former Computerworld columnist David Harris says “my first reaction would be something like a software fault resulting in some type of cross-linking between your mailbox and someone else’s, but I have way too little information to suggest that that’s what might actually be happening”.
The glitch comes as Microsoft’s Gates issued a rallying cry to the company’s 49,000 employees to make “trustworthy computing” their highest priority.
“In the past, we’ve made our software and services more compelling for users by adding new features and functionality, and by making our platform richly extensible,” he wrote in a memo to employees.
“We’ve done a terrific job at that, but all those great features won’t matter unless customers trust our software. So now, when we face a choice between adding features and resolving security issues, we need to choose security.”
The head of InternetNZ, Sue Leader, who last year urged internet users to avoid Microsoft products because of security concerns, has welcomed Gates’ call, but says implementation needs to be faster.
“I am concerned that Gartner’s prediction is that it will take 18 months before true implementation takes place,” Leader says.
“The interim solution, they suggest, is that software will ship with the security-threatening features turned off, rather than on, as is the current default. In my opinion this should have already been the standard practice as end-users are rarely aware of software vulnerabilities until it’s too late. I await developments with interest.”