It looks like Microsoft could actually face a substantial fine for the latest security hole to plague its Passport service. The security hole had apparently existed for more than eight months, though Microsoft is claiming that only a small number of accounts were compromised and then only over the last month.
Regardless of how few Passport users were actually affected by the flaw, this latest security bug was almost too easy for would-be hackers to exploit. Armed with only an email address, it was possible to gain access to a Passport user's name, address, and credit card information by entering only a specific web address.
Security holes are nothing new for Microsoft or even other software and operating system vendors, so why could a fine result this time around? Because Microsoft may have overstated the security of its Passport service:
Under a settlement last summer, the government accused Microsoft of deceptive claims about Passport's security. In response, the company pledged to take reasonable safeguards to protect those accounts, submit to audits every two years for the next 20 years or risk fines up to $11,000 per violation.So far, it looks like the absence of reasonable safeguards is what let this massive Passport security hole slip through the cracks, exposing Microsoft to a potentially huge fine. Though the FTC has apparently never fined anyone more than $4.05 million, Microsoft may technically be liable for a maximum fine of up to $2.2 trillion. It seems incredibly unlikely that even a sizeable fraction of such a stiff monetary penalty will ever be imposed, but the threat alone could be enough to light a fire under the Trustworthy Computing initiative.
|AMD drops prices on the Radeon RX 460 and RX 470||40|
|Reports: Radeon RX 470D is a budget Polaris card for China||9|
|Examining reports of slow write speeds on the 32GB iPhone 7||27|
|Cellular Insights dissects iPhone 7 Plus modem performance||11|
|Deals of the week: scads of high-performance storage and more||9|
|Tobii's Eye Tracker 4C knows where your head is||4|
|GeForce driver 375.57 is prepared for Titanfall 2||8|
|Phanteks Eclipse P400 gets a tempered glass option||0|
|Radeon 16.10.2 drivers add support for October's big games||10|
|A real "console monitor" would be 720p @ 30 Hz ;P||+63|