Re: Windows XP Beta

["Andrew G. Tereschenko" <tag () ibis odessa ua>]

Ingenius,

Just for you - read newsgroups and NDA first.

Just to prevent lame backdoor threads in news:

<statement>
This account/password is a random generated
and _designed_ for making system secure.
</statement>

<prove part="1">
From: "Justin Kwak[MS]" <jykwak () microsoft com>
Subject: Re: SUPPORT_NNNNNNxN account?
Date: Fri, 10 Nov 2000 12:11:28 -0800

To explain the need/usage of those accounts, I am going to talk about some
background information first

As you may know, in Whistler (and WinME), we change "HELP" a lot.  Now when
you click help, it will take you to Help and Support Center.  Help and
Support Center is point where users can find  all the resources for help
they may need.

Help and Support Center (from PCHealth team) services include Help Contents,
System Restore, System File Protection, Support Automation Framework, Remote
Assistance and many more.

Support Automation Framework is frame which OEM can be able to create their
help content easily and provide to the user thru Help and Support Center.
And because of security concern we ask OEM to do following step
1. OEM make their contents
2. Make a Cab file
3. Microsoft digitally sign the cab
4. OEM can "install" the cab into Help and Support Center

In WinME, help content are running under same privilege as user.  But in
Whistler we now need to thinking about user privilege.

If OEM contents are running same privilege as current user, what OEM help
content can do is very limited.  Specially those who need help are more
likely low privilege user.

We need to make OEM contents run different then current user's privilege.
So we create those account for each OEM contents writer.

Since each OEM contents provider has their own account, system admin can set
different privilege to those different content provider.  System admin has
full control of those accounts

I hope above explain make sense to you guys.  If you have further question,
feel free to post here

Thanks

</prove>

<prove part="2">
From: ericf () microsoft com ("Eric Fitzgerald [MS]")
Organization: Microsoft Corporation
Date: Wed, 14 Feb 2001 02:50:07 GMT
Subject: Re: SUPPORT_NNNNNNxN account?

This is an account added as part of our Help and Support Services
feature.  The password is random.  Don't take my word for it- do two
clean installations of Whistler and use PWDUMP to compare the password
hashes.

I'm investigating to see exactly how this account is used, and I'll
report back.

Eric Fitzgerald
Beta Technology Support
Microsoft Corporation
</prove>

<note>
Never, never post information you don't know.
Even if you know a few - keep silence, there
is always people who know this Subj better.
</note>

<postscript>
Probably this letter for VULN-DEV List.
</postscript>

=============================
Andrew G. Tereschenko
Software Engineer
tag () ibis odessa ua