Reply to post: Re: An Adobe Wannbe?

Cisco's WebEx Chrome plugin will execute evil code, install malware via secret 'magic URL'

Black Helicopters

Re: An Adobe Wannbe?

>was this deliberate?

Yeah, that's a good question. The assumption most of you have so far is that it was just a nitwit or dishonest dev. Just because this is a massive fail doesn't mean it didn't take time to set up and why would a dev do it on her/his own initiative? That stupid? And it never got caught by QA/reviews?

On the other hand, could it be a magic, lazy, get-out-of-jail free feature? Just in case something goes really wrong and you want to figure out what's going on, customer-side. You have a backdoor and you use it.

Not really different from a secret hardcoded, unchangeable, root password, is it? And we never see those either, of course. But, if that's the case, then don't call that a bug, please, because it would have been sanctioned at higher levels than individual incompetent devs.

Of course, the fact that it nukes security is irrelevant. It's more important that it solves Cisco/insert-other-dodgy-vendors' support problems.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2021