HomeIT Management

Smart But Not Secure

InternetNews Staff
By InternetNews Staff

As the latest edition to MS’ flagship productivity suite, Office XP, Smart Tags
ostensibly facilitate the next level of business automation.


According to
Microsoft VP Steve Sinofsky, Smart Tags will allow for a kind of
multi-dimensional version of a hyperlink to be inserted into data files.
Seemingly you could, for example, Smart Tag a company name to associate it
with a stock ticker, and regular, live updates of its stock price. When you’re
working with a Smart Tagged item you’d be presented with a number of
associations or automatically carried out actions in short, innovative
hyperlinks that can branch off in many different directions.


For reasons of security Smart Tags won’t contain executable code but because
they’re dependent on that code to run, the tags will include a ‘downloadURL’ to
click on in order to collect the relevant code.


Numerous security breaches have already occurred through the mechanisms of
code being included in e-mails – Smart Tags are no different in this regard.
If untold numbers of seemingly well-informed people can be induced to click on
an executable with the “I love you” virus as a payload, then they’d just as
surely click on an endearing URL. In the case of Smart Tags (which can be
made to look far more interesting and inviting) the work of viral programmers
could extend into new and hazardous new arenas.

A whole plethora of potential e-commerce applications may just add additional
privacy concerns to the mix. These stylish tags could provide an avenue for
viral marketers and other, more crooked, types to gather personal data about
users and their contacts. Code could just as easily be induced to spread virally
via address books in a similar fashion to the techniques employed by a number
of todays viruses.


By blocking over 39 different file types by default and by relying on differences
between trusted and untrusted, signed and unsigned apps Office XP Outlook
hopes to overcome these and other security problems. Nonetheless even a
signed and trusted document could contain a link to a very devious external
file.


Despite Microsoft’s continued efforts at honing out security holes in their
software the responsibility still lies heavy on the shoulders of users,
administrators, business partners, and suppliers alike to ensure that unsolicited
code doesn’t enter through the corporate back door. Given the tasty target
that Microsoft apps have made for generations of hackers and crackers the fun
is far from over.

InternetNews Staff
InternetNews Staff
Previous article
Breakaway Cuts Workers, Offices
Next article
Handspring Revenues Grow Despite Losses

Similar Posts

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web

InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

Advertisers

Advertise with TechnologyAdvice on InternetNews and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2024 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.