Archive of UserLand's first discussion group, started October 5, 1998.

Re:HotMail Hole: MSN Mess design?

Author:Sidney Markowitz
Posted:8/30/1999; 1:04:22 PM
Topic:Tim Bray on the HotMail Hole
Msg #:10259 (In response to 10258)
Prev/Next:10258 / 10260

You don't have permission to access /cgi-bin/start on this server

/cgi-bin/start on that server was a cgi program that allowed access to a Hotmail account without knowing the password. It makes sense that the first step in dealing with the security hole would be to disable access to the cgi. People are criticizing Microsoft for taking so many hours to do it, they shouldn't be criticized for disabling some useful funtionality while they figure out what to do.

It remains to be seen how long it will take to restore the functionality that MSN Messenger was using. But this is a whole lot better than bringing down all of Hotmail while working on the security hole.

There are responses to this message:

This page was archived on 6/13/2001; 4:52:16 PM.

© Copyright 1998-2001 UserLand Software, Inc.