A flaw which was found in Debian has stirred up a lot of discussion about security. People tend to forget where the real problem lies however, so here is just a quick clarification. I’ve personally accumulated literally hundreds of references about this, but here are a couple of more recent ones that provide the gist of it all:
USA TODAY REPORTS that on an average day, 40 per cent of the 800 million computers connected to the Internet are bots used to send out spam, viruses and to mine for sensitive personal data.
How much money is being stolen by cybercriminals? No one knows, and no one even knows how to go about coming up with that number, IronPort’s Peterson said.
The reason for posting this off-topic story is actually a bit of input from one of our readers, who talks about Microsoft’s back door-happy policy. Looking at this latest article, which in essence shows Microsoft and its buddies at the Partner [sic] Group saving face, he paraphrases: “Microsoft Windows does not need a back door. Crackers, malware code writers and forensic investigators need not worry because Microsoft Windows is so insecure there is no need for a back door.” He also points out this recent Slashdot discussion, adding:
“Crackers, malware code writers and forensic investigators need not worry because Microsoft Windows is so insecure there is no need for a back door.”“It reminds me of the laptops captured near the beginning of Bush’s ongoing wars. The initial boast was that it was insignificant effort to crack the systems because they were running Microsoft Windows. Subsequent boasts steered clear of that and focused on the data captured.
“If you have trouble from the police, then you have bigger worries, with or without data. For the rest of us, there is an important warning:
“Police are never early adopters and usually adopt tools and methods only after they are in widespread use. Those that are stupid enough to default to Microsoft Windows and the compound that by connecting to the net, are asking for trouble from the various criminals and criminal organizations that made cracking Microsoft Windows popular enough for the police to pick up on it.”
It is worth highlighting some recent stories about police departments that have moved or are moving to GNU/Linux and/or Free software. Examples include:
- French police deal blow to Microsoft
- Mail and Safari banned from the French gendarmerie
- Germany Police Union Wants GNU/Linux
- Police Career – Linux Computer Systems in Law Enforcement
- Swedish Police Commission Introduces Open Source (in Swedish)
- Swedish police saves 400 cars by using MySQL
- The Swedish National Police Move to an Open Source Infrastructure With MySQL Enterprise Unlimited
- Linux cuts Kent Police system costs by 90%
There are many more such examples.
Other stories of interest:
- Police hack into PM’s computers
- Skype encryption stumps police
- Microsoft could be teaching police to hack Vista
- Microsoft hosts its own police academy
The impact of poor security on the police is only a small part of a colossal problem. Our reader later adds: “It’s even more severe for large companies. Corporate espionage is multi-billion dollar business and can make or break products and even product lines. It still gets under reported, perhaps in part to Bill Gates’ lobbying.”
As the recent article from USA Today showed, 40% of all PCs are zombies. Sarcastically, asks the reader: “40% of all PC’s or 40% of Microsoft Windows PCs?” It’s quite a rhetorical question.
The Partner [sic] Group was mentioned at the start because it helps Microsoft extinguish the fire, so to speak, whenever that’s required. It achieves this by messing about with people’s perception. We’ve already shown in the past some lies from Jim Allchin about Vista security, fueled by the Partner Group, Rob Enderle and the usual suspects who cite one another for pseudo peer-review and validation. They orchestrate a blitz in vapourware-like fashion. The Microsoft-obedient press has for quite some tried not to incite public panic by unleashing the real figures and Mr. Geer even lost his job for ‘daring’ to suggest that “in zombies we trust.” In vapourware and deception need we trust instead? █
“In the face of strong competition, Evangelism’s focus may shift immediately to the next version of the same technology, however. Indeed, Phase 1 (Evangelism Starts) for version x+1 may start as soon as this Final Release of version X.”
–Microsoft, internal document