Microsoft and the U.S. Department of Energy are disputing claims that bugs in Microsoft's database software threatened nuclear security in the United States and Russia.
Earlier this month, Bruce Blair, president of the Center for Defense Information, a nonprofit military research organization based in Washington, D.C., wrote that Russian nuclear scientists last year found a bug in Microsoft's SQL Server database software that threatened the security not only of Russian nuclear weapons materials, but also of U.S. nuclear materials. Microsoft executives and Energy Department representatives scoff at the charge, saying Blair is making too much of a trivial matter. They say that the two bugs were never a threat, that no data was ever lost, and that the issues Russia had with the software have been resolved. U.S. nuclear data was never at risk, they say. |
At issue was software that the laboratory gave Russian researchers to help them protect their country's nuclear materials. Blair, in a column published in The Washington Post, said the Russians found a bug that caused some files to become invisible, though they remained in the database. The fear was that insiders could trace the invisible files and divert nuclear materials for dangerous ends, Blair wrote. Russian scientists alerted Los Alamos lab to the problem for fear that American nuclear materials were at risk, he wrote.
The problem was found in SQL Server 6.5. Russian scientists subsequently upgraded to SQL Server 7.0, a newer release of the database software, to help solve the problem. The scientists discovered that the same bug existed in the newer version, although in a less serious form, along with a new security flaw that could give unauthorized people easy access to information stored in the database, Blair told CNET News.com in an interview Friday.
Read the full story Here
Source: CNet
