The hacker group Cult of the Dead Cow has challenged Microsoft to recall Systems Management Server (SMS).
The Cult claims that SMS has the same stealth features as its own BackOrifice 2000 (BO2K) network utility.
The group also called for anti-virus software vendors to issue updates to scan for SMS. It issued an official statement last week, claiming that Microsoft is operating a "Do-What-We-Say-Not-What-We-Do" policy.
In its security bulletin to warn users about BO2K, Microsoft claims: "BO2K is intended to be used for malicious purposes, and includes stealth behaviour that has no purpose other than to make it difficult to detect."
However, in its own online documentation for SMS, Microsoft touts "the possibility of carrying out a remote control session (using SMS) without the user at the client being aware of it."
The documentation continues: "It is possible to configure a remote control (SMS session) where there is never any visible or audible indication that a remote control session is under way. It (SMS) has been made this flexible due to customer demands."
The Cult believes that Microsoft, in its efforts to portray BO2K as simply a malicious tool, had overlooked the fact that SMS provided similar features.
It also pointed out that Microsoft charges customers for SMS, whereas BO2K is "free, open source, and better constructed any way you measure it: size, efficiency, functionality, security."
Jack Clark, European product manager for anti-virus at Network Associates, derided the Cult's statement and said that Network Associates would not be updating its products to scan for SMS. "Because of its intentions, we will never take (Cult of the Dead Cow) seriously. We still consider it to be a hacking group," he said.
Kevin Street, technical manager at Symantec, said: "I do not think it is a legitimate challenge; (Cult of the Dead Cow) are pretty much taking the mick. The difference between SMS and BO2K is one of intent of use and consent of use. The fact that it is open source is both a good and a bad thing: although users can tweak it for their own network, so could others."
He also questioned BO2K's provisions for auditing, pointing out that in Symantec's PCAnywhere, administrators have the option of logging to a third server, to ensure that log files could not be tampered with. BO2K does not provide activity logging.
Microsoft declined to respond.
Also, what's a USB stick?
Gravitational waves become extremely weak by the time they reach the Earth and require highly sensitive equipment for detection
The reactor topped out at 100 million° C
Cosmic event will not cause any disruption on Earth, say scientists