EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Another Reason to Avoid Mono: Security

Posted in GNU/Linux, Microsoft, Mono, Novell, Security, Windows at 5:27 pm by Dr. Roy Schestowitz

“At Microsoft I learned the truth about ActiveX and COM and I got very interested in it inmediately [sic].”

Miguel de Icaza

For reasons and factors that make OOXML not secure, Mono is a security hazard as well. For those who are not yet convinced, there is this brand-new article which highlights the architectural failures of .NET and their impact on security. Read it.

Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.

Also in the news today is this alarming issue of 7 “critical” flaws (the highest level of severity) in Microsoft software.

Does anyone want GNU/Linux to inherit this nightmare? Is this something which belongs in the operating system which NASA, the NSA and the Department of Defense use? What about the cost implications? Beyond the issue of acquisition cost also exist the costs of maintenance, repair, and damage control. Losses incurred by leaks (espionage) and data loss are sometimes invaluable.

A few hours ago, one reader sent us the following message regarding the consequences of poor security.

Note that the bad engineering promoted by Bill Gates and his movement is probably costing Joe Sixpack upwards of 8 hours lost effort per week from malware, instability and poor interoperability. With the US in the economic situation it is in, that may be enough to knock the floor out of the recession. The failure that is Microsoft Vista may be the last straw and take down what’s left of the economy.

“The failure that is Microsoft Vista may be the last straw and take down what’s left of the economy.”Until recently, Microsoft people have been able to stifle security information. However, the EFF’s recent win paves the way forward for better technology to become more visible.

I look forward to the seeing Back-To-School Security Packets in Walmart, Best Buy, and others consisting of Xubuntu CDs.

The last 10 years have shown us nothing if not that FOSS helps make your business more recession-proof.

What we have here is an old and odd spin trotted out yet another time. The spin tries to be negative, but at the end of the day, use of FOSS has boosted the economy there by some $60 billion on unnecessary sunk costs.

Further, since were FOSS tends to lead, it leads due to better performance, quality, interoperability and maintenance, not just cost. So that leads to secondary and tertiary savings. After all, if the IT team is not having to spend all its time chasing fires, it can be far more than $60 billion in savings once the total cost of ownership is settled.

Sure a small wedge of the software sellers might have lost, but the large part of the pie consists of software users. We win here.

1) “EFF Wins Protection for Security Researchers” (2007)

2) “Vista’s Security Rendered Completely Useless by New Exploit” (2008)
“… a technique that can be used to bypass all memory
protection safeguards that Microsoft built into Windows
“… the work is a major breakthrough and there is very little
that Microsoft can do to fix the problems…”

3) “This Bug Man Is a Pest” (2008)
“…His syllabus is partly a veiled attack on McAfee,
Symantec and their ilk, whose $100 consumer products he
sees as mostly useless. If college students can beat
these antivirus programs, he argues, what good are they
for the people and businesses spending nearly $5 billion
a year on them? …”

4) “USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius” (2007)

For those wondering about highly-restrained criticism of Microsoft/Windows security, a mandatory background would be the smear campaigns against security researchers. Smear campaigns are something that Microsoft is intimately familiar with [1, 2, 3, 4, 5, 6, 7, 8, 9]. Remember the Geer saga, too [1, 2] (little more in [1, 2, 3]). He lost his job for saying the truth about Microsoft’s security shortcomings and the horrific state of the Web, caused largely by Microsoft and its back doors.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. EPO Staff to Disrupt Administrative Council Meeting With Public Demonstration That Raises Awareness of Abuses

    The perception of collusion between the Administrative Council (AC) and the European Patent Office (EPO) leads to staff actions demanding investigation of illegal Board of Appeal (BoA) suspension/s (among many other things)

  2. OIN Turns 10, IDG Floods the Web With Puff Pieces That 'Normalise' Software Patents

    The Open Invention Network (OIN) commissions or helps produce puff pieces in the corporate media because it has an anniversary and corporate interests to push forth (including the idea that software patents can coexist with Linux)

  3. Hypocrite Forks the Linux Kernel Because of Cultural Characteristics That He Himself is Guilty of

    Forking of Linux is misleadingly reported in the media because of a couple of very loud people, who are not even quitting their jobs

  4. Željko Topić Attacks EPO Staff for 'Daring' to Legally Challenge the EPO's Management Over Its Gross Abuses in Europe

    Benoît Battistelli's right-hand man, Željko Topić, is under the false impression that yet more threats against staff of the EPO will help contain the crisis rather than further inflame it

  5. Media Reports Based on New Patents Suggest That Microsoft Continues to Attack Google and Android/Linux, Trying to Tax and Delete Android

    Reports and patent applications serve to show that Microsoft not only tries to infiltrate ("embrace") Android to put its apps there ("extend") but ultimately to delete ("extinguish") Android

  6. Commenters Provide Possible Explanations for Mr Van der Eijk Being on Unlimited Sick Leave

    Rumours are swirling around Wim Van der Eijk's absence, suggesting that he too may be a victim of Benoît Battistelli's iron fist

  7. Links 6/10/2015: Linux 4.3 RC4, HP OpenSwitch, Wind River Linux 8

    Links for the day

  8. With Software Patents in Europe (and Pushes for the Same Thing in Australia and India) Patent Trolls Now Come to Europe, Attack Android/Linux

    Worst-case scenarios are becoming a reality as Android backers officially attacked by patent trolls using standard-essential patents in London, England

  9. New Information on Limbo in the Enlarged Board, Courtesy of Illegal Actions by the EPO's Benoît Battistelli

    Battistelli's bullying of people whom he is not even allowed to bully turns out to have gone on for a lot longer than promised, and there is no sign of light at the end of this tunnel

  10. Microsoft Customers Complain About 'Inevitable' Vista 10 Because Microsoft Nearly Forces Botched 'Upgrades'

    In a desperate effort to spread Vista 10, sometimes even against people's will, Microsoft really upsets loyal customers, who are eventually eager to explore alternatives

  11. Dr. Ingve Björn Stjerna Explains Why the UPC (“Unitary Patent“ System) is an Undemocratic Sham Whilst UPC Silently Advanced by Patent Lawyers and Politicians

    European patent laws are being covertly overridden so as to allow broader scope of litigation, higher financial damages, speedy injunctions, and even software patents; the European public is intentionally kept in the dark about it, hence kept unable to express scepticism or issue truly effective objections

  12. IRC Proceedings: September 13th, 2015 – October 3rd, 2015

    Many IRC logs

  13. Article Explains Why SUEPO Went Silent Well Over a Week Ago: Nobody is Allowed to Talk to Journalists Without Permission From Battistelli

    More threats from Benoît Battistelli (threats of termination and legal actions on top of it) help hide the abuses of Battistelli and his fellow thugs at the EPO

  14. A Linux World: After Billions of Dollars in Losses Microsoft Changes How It Reports Financial Results

    The abusive monopolist is trying very hard to hide its growing difficulties, especially in an effort to bamboozle non-technical shareholders who cannot understand how Linux has essentially taken over

  15. Microsoft Continues to Extort Linux and Android OEMs Using Software Patents, This Time ASUS (Forced to Pre-Install Microsoft Spyware With OOXML)

    A roundup of news illustrating that Microsoft is still very much in a total war against Android, (mis)using federal regulators and even software patents to get its way

  16. Links 4/10/2015: Linux 4.2.3 , 4.1.10; MPlayer 1.2 released

    Links for the day

  17. Links 2/10/2015: Qubes 3.0, Linux.Wifatch

    Links for the day

  18. Microsoft-Connected Firm Net Applications Used to Mislead About Vista 10 Share and Mock GNU/Linux

    People who are connected to Microsoft (some being former staff) link to a firm that is connected to Microsoft in order to create the illusion that Vista 10 market share grew to 6.63%

  19. Chairman of the Enlarged Board of Appeal (EBoA) and EPO Vice-President of DG3 Suspiciously on Unlimited Sick Leave After Benoît Battistelli's Unprecedented Attacks on Other EBoA Staff

    Rumours suggest that Benoît Battistelli's affairs at the EPO may have something to do with Wim Van der Eijk's longterm absence

  20. Microsoft's Secret Special Relationship With EPO Illustrates Serious Corruption at Microsoft and the EPO

    A big story about the EPO and Microsoft working in a sort of collusion-type setup so as to serve Microsoft's patent agenda, which involves aggression, even against European software that is Free (as in freedom)

  21. Links 1/10/2015: LFS 7.8, Calculate Linux 15 Released

    Links for the day

  22. The 'Microsoft Loves Linux' Baloney is Still Being Floated in the Media While Microsoft Attacks Linux With Patents, New Lawsuits Reported

    Despite Microsoft's continued assault on Linux and on Android (using software patents, which it still discreetly lobbies for), some figures in the media are perpetually peddling the Microsoft-serving lie that 'Microsoft loves Linux'

  23. The Microsoft Botnet Goes Bonkers and ATMs Running Windows Spew Out Cash

    The terrible security (by design) of Microsoft Windows is causing all sorts of very serious and collectively expensive issues

  24. Black Duck Continues to Pile FUD on Free/Libre Software

    Having spent nearly a decade promoting the fear of Free software licensing, Black Duck now does the same regarding Free software security

  25. Links 30/9/2015: New Kernels, Nexus Devices

    Links for the day

  26. Links 28/9/2015: Last News Catchup Before Resumption

    Links for the day

  27. Links 25/9/2015: GNU/Linux in Indian Government, NeoKylin in China

    Links for the day

  28. Süddeutsche Zeitung Explains Imminent Federal Scrutiny Against Battistelli's EPO in Germany

    The German newspaper Süddeutsche Zeitung reveals that actions by the German government may be imminent against the EPO's cliquish management, including its ringleader Benoît Battistelli

  29. EPO Managers, Patent Lawyers, Commissioners and Other Non-Technical Personnel Tackle Democracy, Alter Laws in Bulk and in Secret

    The reckless assault on European democracies and long-established laws across Europe are now lucidly demonstrated when it comes to patents

  30. Europe's Acceptance of and Resistance to Software Patents, Courtesy of Corporate Front Groups and Courtrooms Respectively

    A snapshot of recent developments and upcoming developments in Europe, regarding software patents in particular


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time


Recent Posts