Microsoft hops in bed with NT hackers

Officials from Microsoft recently attended the "Black Hat Briefings" in Las Vegas, a hacker-only event staged each year. This strange event occurredso that Microsoft could meet with the people responsible for the L0phtcrackpassword-cracking hack that affected Windows NT earlier this year. In a unheard-of reversal of policy, Microsoft decided it made sense to minglewith hackers for the first time.

"We came here to look at the hackers' perspective, to understand what they're thinking and what their concerns are," said NT marketing director Carl Karanan. "It's good to look at things in perspective: this conference does that. We've opened up a dialogue. The hackers do a service. We're listening and we're learning,"

Apparently, the hackers agree.

"What we're trying to do as a community is point out some very serious problems with an operating system that is in use in corporate America and in governments worldwide, and we're pointing it out in a legitimate fashionby saying: 'Fix this'," said Yobie Benjamin, chief knowledge officer at Cambridge Technology Partners and self-described "experienced NT hacker."

The Black Hat Briefings included numerous Windows NT security briefings.The group called L0pht presented a new version of their L0phtcrack crackthat bypasses the fix Microsoft posted earlier this year. The "getadmin"crack was demoed by former Microsoft programmer Dominique Brezinski.

Using getadmin, "anybody can gain administrative access if you run it on a local machine," Brezinski said. After describing the Microsoft fix forgetadmin, Brezinski then explained that it could easily be rewritten totake advantage of one of numerous weaknesses caused by backwardscompatibility issues.

"Windows NT's backward compatibility always bites 'em on the ass." said"Mudge," a key member of L0pht.

Microsoft's Karanan noted that NT is a target now because it is so popular.

"If you look at the Computer Emergency Response Team advisories, you can see this has been going on with Unix for years. People are targeting NT nowbecause we have the volume. I think that our response is going to get better, and customers will get more protective also. If it's a top nationalsecret that you want to secure, you may not even use a password [system], you may want to use a secure ID token card or a one-time password [system].