Forwarded by: Gary Stock <gstockat_private> Here's a slightly stilted representation of the hidden Word revision history, using [CUT} and {ADD}, along with {NEW // OLD}. (It turns out that HTML is better than ASCII, too :-) I encourage you to see the original here: http://morons.org/articles/1/188 GS ----- Alcatel Fu - [filter kilter] - cks Up Bigtime posted by spatula on Apr. 14, 2001 Hidden in the bowels of their media update on the security vulnerability in their DSL modems, Alcatel makes some very revealing statements... Alcatel recently came under fire over a security vulnerability in one of their DSL modem products that could potentially allow a hacker to gain full control over a user's Internet experience. Many were shocked by Alcatel's subsequent remarks, especially that the company had no plan to release a patch for the flaw, suggesting only that users run firewall software. We have been informed that Alcatel's media update on the situation is a Microsoft Word document with its revision history still intact, although hidden. To see the full revision history, download the document, select "Track Changes" from the "Tools" menu in Word, choose "Accept or Reject Changes" and then click "Changes with Highlighting". The most interesting comments are in parenthesis in blue text. Alcatel is likely to remove this document as soon as word gets out about its contents, so we've saved a copy of it. Here are some interesting quotes from the document's hidden history: ----- {CUT} As a result, Alcatel has started an initiative to qualify firewall software that will provide users with the highest possible degree of security. (When and where will the firewall software be available? CERT has said that they don’t believe that installing a firewall is the answer. What are you doing to provide a legitimate fix?) {/cut} ... To increase the security of its products, {CUT} , in particular for the more information sensitive Small Office / Home Office market, {/cut} Alcatel [had previously//already] implemented additional security measures to avoid direct interference with its modems by remote users. This Firmware Protection is available in Alcatel Speed Touch [Home and PRO // modems]. {ADD} Alcatel ships the modems from its [F//f]actories with the [FP // Firmware Protection enabled] {/add} {CUT} , {PRO with Firewall….. It is switched on by default when the modems leave the Alcatel factories. . (This paragraph worries me a bit. It could be taken as us favoring a segment of customers (SOHO). There’s an argument to be had that everyone’s information is sensitive. Why don’t we provide this level of security to all of our customers? Why don’t we switch on firewalls by default for all of our customers?) {/cut} ----- Why indeed? Why don't you provide this level of security to all your customers? Why don't you switch on firewalls by default for all your customers? It sounds an awful lot like Alcatel knows that it has a lot more trouble than it is willing to let the public know about. [and this is yet another reason not to post MS Word documents on the web. Use HTML! Honestly!]---Nick ---------------------------------------------------------------------- Gary Stock gstockat_private UnBlinking http://unblinking.com/ "The first thing you'll notice is, when the camera's plugged in..." Bill Gates, launching Windows XP Earthquake, Seattle, 28 Feb 2001 ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 02:31:29 PDT