You almost have to feel for Microsoft, considering both the push of the Justice Department's antitrust probe and its recent security problems. Now there's pressure on the software giant to release the results of a pending security review of Hotmail, since gaping privacy holes were discovered in the free e-mail service Microsoft bought almost two years ago.
Consumer advocates want disclosure. Otherwise, says Junkbusters founder Jason Catlett, forty million Hotmail users have no guarantee their e-mail accounts are safe. Microsoft says only that it will issue "some kind" of statement when the review is completed.
CNET has reported an outside audit of Hotmail was commissioned after the e-mail service was yanked offline last month when it was found accounts could be entered without passwords so long as the user name was known. Microsoft patched that hole the same day, but they're probing another bug which lets false passwords open Hotmail accounts, CNET says.
The independent security review, Microsoft and Web privacy seal program Truste say, prove computer industry self-regulation will improve online consumer privacy. But Microsoft also says it can't disclose just how deep the review is going or the final report because of accounting guidelines which govern the firm engaged to perform the review.
That spurred Catlett to contact Truste and the Federal Trade Commission, CNET says. "If they're going to hide the audit report," he tells the online news service, "it defeats the whole purpose."
--- Richard Shimonh
