05.30.09

Microsoft Windows as Matter of National Insecurity

Posted in Microsoft, Security, Windows at 2:34 am by Dr. Roy Schestowitz

Lock

Summary: Security news roundup

THE United States military is repeatedly being invaded by crackers (example from December). This is caused by the use of Windows and the latest incident too alludes to the failure of anti-virus software, which gives clues away.

Anti-U.S. Hackers Infiltrate Army Servers

[...]

The hacks are troubling in that they appear to have rendered useless supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches. The department and its branches spend millions of dollars each year on pricey security and antivirus software and employ legions of experts to deploy and manage the tools.

When foreign enemies enter your premises and access your data — especially in an age of modern warfare — this can be critical. As the following new article from The New York Times suggests, choice of software and its maintenance can determine winners or losers in a dispute or even war. Weapons become digital.

The Pentagon plans to create a new military command for cyberspace, administration officials said Thursday, stepping up preparations by the armed forces to conduct both offensive and defensive computer warfare.

[...]

“It’s the domestic spying problem writ large,” one senior intelligence official said recently. “These attacks start in other countries, but they know no borders. So how do you fight them if you can’t act both inside and outside the United States?”

Looking elsewhere in the news, Microsoft now acknowledges that its software is under attack and there is no patch available to fix this. Coverage includes:

The Register: Critical Windows vulnerability under attack, Microsoft warns

Microsoft has warned of a critical security bug in older versions of its Windows operating system that is already being exploited in the wild to remotely execute malware on vulnerable machines.

Heise: Microsoft warns about critical DirectShow vulnerability

Microsoft has found a critical vulnerability in the DirectX library for Quicktime video playback, and it appears that the flaw is now being actively exploited. The software giant has issued a security advisory which contains quite detailed information about the vulnerability.

It is rather surprising that the Obama administration even considers Windows for its operations, especially gives that the army is moving from Windows to GNU/Linux (mostly Red Hat), for security reasons at the very least. Todd Bishop makes the following new claim:

Obama reforming online security

[...]

The government report (PDF) cites Microsoft repeatedly, but not in a bad way. Instead, it refers to testimony and research from the Redmond company to back up its contention that sweeping changes are needed in government coordination.

Given that Microsoft — with help from its front, the BSA — put its staff on top of the Department of Homeland Security [1, 2, 3], such an outcome should not be so shocking. In fact, given the lobbying and pressure Microsoft puts on the Democrats [1, 2, 3, 4, 5, 6, 7, 8], decisions that are driven by favours rather than rationale are only to be expected.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2009/05/30/national-insecurity-windows/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

2 Comments

  1. Needs Sunlight said,

    May 30, 2009 at 6:56 am

    Gravatar

    Should be easy to trace. Any government purchases, especially for the military, have a paper trail in triplicate. The individuals involved in bringing MS products onto the military bases are going to be clearly documented so prosecution can begin any time really.

    Look at just a single Windows worm, conficker, which in its first months has done over 9.1 billion dollars in damage:

    http://www.tgdaily.com/content/view/42101/108/

    and it is still growing, even at Microsoft. The company itself still has infections, which puts a bullet in the myth that the company’s products can be secured if one “knows enough”

    http://www.networkworld.com/news/2009/052109-conficker-still-infecting-50000-pcs.html

    Even a teeny Windows worm like Slammer/Sapphire caused over a billion in cleanup.

    To add the personal factor to it, MS products have gotten shoved into hospitals and been causing major outages there on a frequent basis. Just for the sake of argument, if you say that there are 1500 hospitals with MS products and they go down twice each and one death results per outage, you have 3000 deaths.

    Deaths + Lost money = air strike

    We have the Internet’s equivalent of Osama bin Laden walking around on free foot: leader and a group costing tens of billions in unnecessary economic harm, plus thousands of direct and indirect deaths, per year all because of an ideology. Why is the military not even begining to move against the headquarters, the ringleaders or henchmen? Or is it a larger job requiring NATO to get involved? Or is this a case where the regional, unofficial militia need to rise to the occasion?

    That is not counting the economic harm caused by egregious, apparently intentional, failures in interoperability — even within the product line…

    Nor does it count the mafia style activities which keep the market from cleansing itself of these types.

    Get rid of MS products and tens of billions are saved immediately on just the malware problem. The savings easily cover the cost of any conversion or migration issues. The only loose end is finding a place in society for MSFTers so that they are not in a position to cause any more damage. Like an embezzler can’t work in accounting, a junky in a pharmacy and a pedo in daycare, MSFTers can’t stay in IT. The temptation for recidivism is too high as we see in Ohloh and other farces.

  2. Needs Sunlight said,

    May 30, 2009 at 7:37 am

    Gravatar

    For what it’s worth, the quick way to deal with the DirectX exploit is to stay with the established industry standard, OpenGL

    http://www.opengl.org/documentation/

    That includes watching out for traps like Picasa which use helper tools like Wine as vectors to spread DirectX vulnerabilities even to other platforms.

What Else is New


  1. Links 14/4/2021: EasyOS Dunfell 2.7, Tor Browser 10.5a14

    Links for the day



  2. EPOLeaks on Misleading the Bundestag -- Part 17: Jawohl, Herr Minister!

    A French-German co-production of "Yes, Minister!" starring Raimund Lutz, Heiko Maas and Christoph Ernst. Directed by Benoît Battistell.



  3. Over 1,000 EPO Workers Initiate Legal Challenge Against the EPO's Attack on Salaries (in Defiance of Assurances Made to Workers Who Relocate to Another Country With Whole Families)

    The EPO’s attack on workers and pensioners isn’t going ahead without challenge; while the “Mafia” (what EPO workers call the management) loots the organisation it takes away money from the workers — i.e. from besieged folks who do all the work and face growing workloads during a pandemic



  4. Who is Richard Stallman?

    Reproduced with permission



  5. IRC Proceedings: Tuesday, April 13, 2021

    IRC logs for Tuesday, April 13, 2021



  6. Links 13/4/2021: FreeBSD 13.0 Final, Slackware 15.0 GNU/Linux Beta Release and OpenMandriva Lx 4.3 Plans

    Links for the day



  7. IBM Stroking the Masters

    IBM continues to diminish its weakly-supported thesis about the word “Master” being inadequate in all contexts and IBM’s front group, the Linux Foundation, has just promoted more of that same self-serving agenda in the corporate media (screenshot below from 5 minutes ago)



  8. The 'Stallman Support' Web Site and How You Can Support Truth, Not Just Software Freedom

    The Stallman Support Dot Org Web site (stallmansupport.org, "In Support of Richard Stallman“), endorsed by Stallman himself, sets the record straight while the corporate media keeps peddling lies and distortions



  9. An Examination of Correspondence Between the Tweedledum-Tweedledee Duo, Lutz and Ernst

    A quick look at the letters and E-mails sent back and forth from the current VP5 and former VP5 of the EPO, Europe’s second-largest institution that the German government has let exist outside the rule/reach of any law



  10. EPOLeaks on Misleading the Bundestag -- Part 16: An Inimitable Duo

    How the efforts to reform the EPO's data protection framework were derailed by the actions of Lutz and Ernst



  11. How the GNU Operating System Really Started (Almost a Decade Before Linux Came Out)

    Later this year Linux turns 30, but Linux is just a component added to the GNU Operating System, developed a very long time earlier based on the design of UNIX (the mainstream media likes to distort that part of history); here’s the creator of the GNU Operating System, telling me his story here in the United Kingdom (we did many clips like these and this one seems very timely)



  12. Richard Stallman: The Other Things I Have to Say I Put on Stallman.org... Reject the Idea That You Have to Accept Something Like Facebook

    Transcript below



  13. An Ode to Dr. Ernst

    THE BUDGET is right...



  14. During Pandemic, With Rising Inflation, Corrupt EPO Management With Its 'Shadow Budget' Cracks Down on Education and Childcare Allowance

    While hoarding and misusing money (by basically granting lots of patents that ought not be granted) the management of the EPO hides it aside, then proceeds to crushing salaries and benefits of staff, even pensioners



  15. IRC Proceedings: Monday, April 12, 2021

    IRC logs for Monday, April 12, 2021



  16. In Support of Richard Stallman Normalizing Truth, Reason, Dialogue: Introduction

    Reproduced with permission.



  17. Lunduke: Stallman & The FSF Respond To The Mob!

    A video response in support of RMS



  18. Links 12/4/2021: RSS Guard 3.9.2 and IBM-Funded Hacks Keep Attacking RMS

    Links for the day



  19. EPOLeaks on Misleading the Bundestag -- Part 15: Different Strokes for Different Folks

    Dr. Ernst and Raimund Lutz colluded to protect EPO management from a much-needed investigation; Ernst has since then been rewarded with a do-nothing job by António Campinos



  20. EPO President Campinos Lying to JURI

    Benjamin Henrion recorded today's hearing and uploaded it. “Campinos,” according to him, claims that (to paraphrase) “London [is] irrelevant to get UPCA running” (that’s very obviously a lie), so what we have here is António Campinos lying on behalf of the entire EPO, just as Benoît Battistelli did. Campinos has decided to “have fun,” we’ve been told, speaking of UPCA “upper law” (which is meaningless junk) at around 51:00. He clearly didn’t come prepared and he mumbles a lot. What awful leadership for what was supposed to be the best of Europe’s science…



  21. Supporting RMS With a Meme!

    As the saying goes, a picture is worth a thousand words.



  22. If You Want to Support a Real Community...

    We’ve just mentioned the fake 'community' of openSUSE and now it’s time to examine what Fedora has truly become under IBM



  23. OpenSUSE Hates Your Freedom, But It Loves the Proprietary Software Reseller That Is the True 'Master' of OpenSUSE

    OpenSUSE is inclusive of Microsoft and other companies that attack human rights and [cref 141916 enable nationalists]; but apparently what bothers OpenSUSE very, very much is the people who started the operating system SUSE is selling



  24. Links 12/4/2021: Lagrange 1.3.2, Linux 5.12 RC7

    Links for the day



  25. IRC Proceedings: Sunday, April 11, 2021

    IRC logs for Sunday, April 11, 2021



  26. EPOLeaks on Misleading the Bundestag -- Part 14: The Notorious Revolving Door

    The Benoît Battistelli-António Campinos shuffle left some people in the EPO’s upper management better off; they’re being rewarded for complicity, so there’s no incentive to do the right thing but to do the wrong thing



  27. Links 11/4/2021: GnuPG 2.3.0, Linux 5.13 Additions

    Links for the day



  28. All EPO Articles Are Available Over Gemini Protocol

    For lighter and more privacy-preserving access to Techrights use the Gemini capsule instead of the Web site



  29. Judge and JURI

    The Committee on Legal Affairs, a.k.a JURI, meets the EPO tomorrow (in 24 hours); will abuses by António Campinos and Benoît Battistelli be brought up?



  30. EPOLeaks on Misleading the Bundestag -- Part 13: The Failed Promise of a “Good Governance” Guru…

    Before becoming an absent-minded Vice-President of António Campinos Christoph Ernst was posing as the very opposite of what he would become


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts