Bonum Certa Men Certa
Microsoft and Novell Starve in Land of Buybacks | Links 08/08/2008: More GNU/Linux Laptops, New Kernels

Another Reason to Avoid Mono: Security

"At Microsoft I learned the truth about ActiveX and COM and I got very interested in it inmediately [sic]."

--Miguel de Icaza



For reasons and factors that make OOXML not secure, Mono is a security hazard as well. For those who are not yet convinced, there is this brand-new article which highlights the architectural failures of .NET and their impact on security. Read it.



Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.


Also in the news today is this alarming issue of 7 "critical" flaws (the highest level of severity) in Microsoft software.

Does anyone want GNU/Linux to inherit this nightmare? Is this something which belongs in the operating system which NASA, the NSA and the Department of Defense use? What about the cost implications? Beyond the issue of acquisition cost also exist the costs of maintenance, repair, and damage control. Losses incurred by leaks (espionage) and data loss are sometimes invaluable.

A few hours ago, one reader sent us the following message regarding the consequences of poor security.



Note that the bad engineering promoted by Bill Gates and his movement is probably costing Joe Sixpack upwards of 8 hours lost effort per week from malware, instability and poor interoperability. With the US in the economic situation it is in, that may be enough to knock the floor out of the recession. The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.

“The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.”Until recently, Microsoft people have been able to stifle security information. However, the EFF's recent win paves the way forward for better technology to become more visible.

I look forward to the seeing Back-To-School Security Packets in Walmart, Best Buy, and others consisting of Xubuntu CDs.

The last 10 years have shown us nothing if not that FOSS helps make your business more recession-proof.

What we have here is an old and odd spin trotted out yet another time. The spin tries to be negative, but at the end of the day, use of FOSS has boosted the economy there by some $60 billion on unnecessary sunk costs.

Further, since were FOSS tends to lead, it leads due to better performance, quality, interoperability and maintenance, not just cost. So that leads to secondary and tertiary savings. After all, if the IT team is not having to spend all its time chasing fires, it can be far more than $60 billion in savings once the total cost of ownership is settled.

Sure a small wedge of the software sellers might have lost, but the large part of the pie consists of software users. We win here.

____ 1) "EFF Wins Protection for Security Researchers" (2007)

2) "Vista's Security Rendered Completely Useless by New Exploit" (2008) "... a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista..." "... the work is a major breakthrough and there is very little that Microsoft can do to fix the problems..."

3) "This Bug Man Is a Pest" (2008) "...His syllabus is partly a veiled attack on McAfee, Symantec and their ilk, whose $100 consumer products he sees as mostly useless. If college students can beat these antivirus programs, he argues, what good are they for the people and businesses spending nearly $5 billion a year on them? ..."

4) "USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius" (2007)



For those wondering about highly-restrained criticism of Microsoft/Windows security, a mandatory background would be the smear campaigns against security researchers. Smear campaigns are something that Microsoft is intimately familiar with [1, 2, 3, 4, 5, 6, 7, 8, 9]. Remember the Geer saga, too [1, 2] (little more in [1, 2, 3]). He lost his job for saying the truth about Microsoft's security shortcomings and the horrific state of the Web, caused largely by Microsoft and its back doors.
Microsoft and Novell Starve in Land of Buybacks | Links 08/08/2008: More GNU/Linux Laptops, New Kernels

Recent Techrights' Posts

The Real GNU Anniversary (Not Manifesto or Announcement) is Today
the development, not the manifesto
GNU/Linux Usage Said to Have Doubled in Oceania
it's hard to discount or dismiss Oceania as a bunch of "coconut islands"
No, Writing Isn't in Decline, Some of the Large and Centralised Platforms Are
Slop isn't really competition, just a passing fad and pure noise
The Reputation Issue Is Not Our Fault
Trying to squash words (and people) merely diverts more attention to them
 
Time for Microsoft to Rebrand to Fit the Vapourware (Ponzi Scheme)
something between Meta and Alphabet
Links 05/01/2026: Slop Ruining Children's Minds, "Complicity of the Press in US Violence"
Links for the day
Microsoft's Windows Falls Below 20% in the UK
After a lot of years of advocacy and hard work
There's No Such Thing as "AI Godfather", Stop Repeating This Pure Nonsense!
Infantile or corruptible media that plays along with slop or uses slop will perish
IBM's CEO Makes No Sense
"IBM CEO Aravind Krishna on what’s really driving tech layoffs"
Gemini Links 05/01/2026: "Poverty and Hunger", "Entrepreneurial Family", "Abandoning Obsidian for Logseq"
Links for the day
Links 05/01/2026: A Shrinking Canadian Economy, Brigitte Bardot's Environmentalism Recalled, Unredacted Epstein Files
Links for the day
Microsoft Allegedly Uses Performance Improvement Plans (PIPs) to Hide the Massive Scale of Company-Wide Layoffs
Just like IBM; they meanwhile talk a bunch of nonsense about "AI" to distract from their commercial calamity
Battles Are Won in the Court of Public Opinion
Many "systems" rely on the mere perception or appearance of legitimacy
GNU/Linux Share in Mongolia More Than Doubles
they probably lack any genuine excitement for "hey hi PCs"
Whistleblowing is About Understanding Boundaries and Risks
The bottom line is, people typically find out the truth at the end
EPO People Power - Part XXV - While EPO Managers Snort Cocaine the Staff Compiles 'Insurance Files' to Expose EPO Corruption
In this increasingly authoritarian world we need more whistleblowers
"The European Patent Reform" That Represents a Gross Violation of Laws, Constitutions, and Conventions (in Order to Make the Rich Even Richer, Mostly Outside Europe)
How far and how long will EPO corruption go?
GNU/Linux Distribution "Ultimate Edition" Fixes Its Web Site (Apparently Compromised Months Ago)
they dealt with the issue before media shame and a catastrophe of trust
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, January 04, 2026
IRC logs for Sunday, January 04, 2026
Gemini Links 04/01/2026: 64-bit Addressing and 39th Chaos Communication Congress
Links for the day
Windows Was Always the Punchline
What did we count to calculate taxes?
GNU/Linux Surges to About 4% in Peru This Year
one of the poorest counties in America
This Year Our Adoption of IRC Turns 18
We have used IRC for this site since 2008
The Doors Are Closing, Windows Closing Too
Microsoft wants more vendor lock-in, but at risk that this desire will simply alienate and drive away many users
The FSF's Program Manager, Dr. Miriam Sabrina Bastian, Left in October to Lead Climate School
We are not sure why Miriam Bastian decided to leave the Free Software Foundation (FSF)
Outline of Slop, LLMs, IBM, and Things to Come
This coming week and weekend will be very productive irrespective of how much "news" gets published by other sites
Links 04/01/2026: War Without Borders, "Large Hadron Collider Being Shut Down"
Links for the day
Links 04/01/2026: US Imperialism in Greenland and Venezuela, "Climate Protesters Face Greater Risk of Crackdown Amid Rising Authoritarianism"
Links for the day
2026 Should be the Year We All Stop Saying "AI" and Call Things What They Really Are
Don't give anyone the satisfaction of this misguided belief there's any intelligence there
Ponzi Schemes Are Useful (to Corrupt CEOs)
Pathetic, corruptible so-called 'media' is bagging bribes to perpetuate the lies about "AI" (slop)
GNU/Linux at All-Time High in Algeria
In 2026 it hit a new all-time high
Online Mobbing (and Worse) Disguised as 'Free Speech'
People who say they believe in "free speech" have been trying hard to silence RMS and squash the FSF
A 'Cancer That Attaches Itself' to Bulgaria?
"Cancer" is what Microsoft called GNU/Linux
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, January 03, 2026
IRC logs for Saturday, January 03, 2026
Body-Shaming Using Fakes
a lot of the people who casually claim "defamation" are themselves defaming loads of people every day
GNU/Linux "Market Share" in Switzerland More Than Doubled Last Year, Based on statCounter
GNU/Linux continues its considerable growth
EPO People Power - Part XXIV - Today or Tomorrow You Should Write to National Representatives (Delegates) at the EPO in Your Country
Keep up the pressure!
Red Hat and IBM Layoffs, Staff Kept Quiet About it, WARN Act Skirted/WARN Notices Avoided
What a terrible company to be in
XBox Layoffs Imminent, More Appalling Sales Figures Published
Expect many layoffs in the gaming division
Slop Still Rare
So far a good start for 2026
Gemini Links 03/01/2026: Climbing, Waking Up, and Social Control Media Woes
Links for the day
Links 03/01/2026: Growing Censorship, Another US Invasion, and Will Smith 'Cancelled'
Links for the day
Links 03/01/2026: Twitter Turns From Disinformation Powerhouse to Production and Dissemination of Child Pr0n, "New China Cybersecurity Law Becomes A Reality In 2026"
Links for the day
Gemini Links 03/01/2026: Formatting Text for Gopher and Text-only Websites
Links for the day
Unverified Claim: Mass Layoffs at Microsoft to Start Around Week 3 (or 4) of This Month
Let's wait and see if the claim above is from an insider who has inside knowledge
Firefox Fell Below 1% in Asia
less than 1 in 100 Web users is detected/assumed to be using Firefox
Links 03/01/2026: Ryanair Fines and Facebook Misleads Regulators
Links for the day
New Record High for GNU/Linux in Benelux in 2026
If the above trends stand (throughout the year), then we can begin talking more seriously about a post-GAFAM Europe
In the Search Engine Market, Microsoft is Falling Behind Russia's Yandex
The so-called 'AI industry' is a boy that cries wolf
A Year of Relaxation, But Also of Hardcore Whistleblowing
Expect industrial action some time soon
The More Influential Richard Stallman (RMS) Becomes, the More Aggressive Attacks on Him (and the FSF) Will Get
We've meanwhile noticed disinformation being spread in social control media
GNU/Linux Reaches All-Time High of 5% in Indonesia (Not Counting Chromebooks and Android)
There are also related events in Indonesia and SUSE in particular seems to have been popularised there
EPO People Power - Part XXIII - António Campinos Knows He's Extremely Vulnerable at This Time
Campinos should never have been put in charge
Gemini Links 03/01/2026: New Organisation System (Notebooks) and "2026 Already Off to an Amazing Start"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, January 02, 2026
IRC logs for Friday, January 02, 2026