Bugging out over e-mail
|
|
August 7, 1998: 10:58 a.m. ET
Not much can be done about e-mail security flaws, analysts say
|
NEW YORK (CNNfn) - Just when you thought it was safe to open your e-mail
In the past week, the top three makers of e-mail software have reported their products are vulnerable to security flaws that could wipe out a user's system. And, according to analysts, there's not much companies can do to prevent would-be hackers from breaking into their products.
Last week, Microsoft Corp. said its Outlook 98 and Outlook Express 98 packages are susceptible, as well as Netscape Communications Corp.'s Netscape Mail software. The security flaw, which manifests itself as an attached file with an extremely long file name, was first reported last week.
Qualcomm Corp., maker of the most popular e-mail software, Eudora, said it was not vulnerable to the security flaw. Late Thursday, however, the company said Eudora's most recent Windows versions -- 4.0, 4.0.1 and the soon-to-be released 4.1 -- are vulnerable to a different type of flaw.
Unlike the bugs affecting Outlook and Netscape Mail, Eudora's flaw manifests itself when a malicious programmer inserts a seemingly harmless link to an Internet location. Clicking that link would launch the destructive code.
Qualcomm said earlier Windows versions and Macintosh versions are unaffected.
Microsoft and Netscape posted software patches, or remedies, to counter the flaw on their sites last week. Qualcomm said it planned to make a patch available Friday afternoon on its site.
But the latest news raises an interesting point: If Eudora was immune to one type of flaw but susceptible to another, how many other potential security breaches are there?
"This is nothing new and it will continue to be a problem," said James Preissler, an analyst at PaineWebber. "The fact of the matter is, these programs can be easily fooled. If someone wants to get in, there's nothing you can do to stop them."
Some industry experts have taken these companies to task for not doing enough to prevent these types of security holes. But Preissler said there isn't much that can be done.
"It's a matter of how quickly you can come up with a solution," Preissler said. "Microsoft and Netscape had patches up that day. And if someone comes up with a new way to break into your program, just come up with a new fix as quickly as possible."
Preissler said all the dire news about e-mail security flaws would have no effect on investors' outlook on those companies.
But Rick Berry, an analyst at J.P. Morgan Securities, said some companies could experience a drop in their stock prices if investors choose to cast a more critical eye when looking at the technology.
"I think you're going to see a lot more user problems like this," Berry said. "These are just examples of some privacy invasions that happen over the Internet. Investors have discounted anything negative about Internet companies. But this technology is still so new that people should be concentrating on the potential pitfalls."
Microsoft (MSFT) shares fell 1-3/16 to 105-11/16 in early trading. Netscape (NSCP) shares were up 1-1/2 at 25-1/2. Shares of Qualcomm (QCOM) gained 1-9/16 to 60-7/8.
-- by staff writer John Frederick Moore
|
|
|
|
|
|