05.30.09

Gemini version available ♊︎

Microsoft Windows as Matter of National Insecurity

Posted in Microsoft, Security, Windows at 2:34 am by Dr. Roy Schestowitz

Lock

Summary: Security news roundup

THE United States military is repeatedly being invaded by crackers (example from December). This is caused by the use of Windows and the latest incident too alludes to the failure of anti-virus software, which gives clues away.

Anti-U.S. Hackers Infiltrate Army Servers

[...]

The hacks are troubling in that they appear to have rendered useless supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches. The department and its branches spend millions of dollars each year on pricey security and antivirus software and employ legions of experts to deploy and manage the tools.

When foreign enemies enter your premises and access your data — especially in an age of modern warfare — this can be critical. As the following new article from The New York Times suggests, choice of software and its maintenance can determine winners or losers in a dispute or even war. Weapons become digital.

The Pentagon plans to create a new military command for cyberspace, administration officials said Thursday, stepping up preparations by the armed forces to conduct both offensive and defensive computer warfare.

[...]

“It’s the domestic spying problem writ large,” one senior intelligence official said recently. “These attacks start in other countries, but they know no borders. So how do you fight them if you can’t act both inside and outside the United States?”

Looking elsewhere in the news, Microsoft now acknowledges that its software is under attack and there is no patch available to fix this. Coverage includes:

The Register: Critical Windows vulnerability under attack, Microsoft warns

Microsoft has warned of a critical security bug in older versions of its Windows operating system that is already being exploited in the wild to remotely execute malware on vulnerable machines.

Heise: Microsoft warns about critical DirectShow vulnerability

Microsoft has found a critical vulnerability in the DirectX library for Quicktime video playback, and it appears that the flaw is now being actively exploited. The software giant has issued a security advisory which contains quite detailed information about the vulnerability.

It is rather surprising that the Obama administration even considers Windows for its operations, especially gives that the army is moving from Windows to GNU/Linux (mostly Red Hat), for security reasons at the very least. Todd Bishop makes the following new claim:

Obama reforming online security

[...]

The government report (PDF) cites Microsoft repeatedly, but not in a bad way. Instead, it refers to testimony and research from the Redmond company to back up its contention that sweeping changes are needed in government coordination.

Given that Microsoft — with help from its front, the BSA — put its staff on top of the Department of Homeland Security [1, 2, 3], such an outcome should not be so shocking. In fact, given the lobbying and pressure Microsoft puts on the Democrats [1, 2, 3, 4, 5, 6, 7, 8], decisions that are driven by favours rather than rationale are only to be expected.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

2 Comments

  1. Needs Sunlight said,

    May 30, 2009 at 6:56 am

    Gravatar

    Should be easy to trace. Any government purchases, especially for the military, have a paper trail in triplicate. The individuals involved in bringing MS products onto the military bases are going to be clearly documented so prosecution can begin any time really.

    Look at just a single Windows worm, conficker, which in its first months has done over 9.1 billion dollars in damage:

    http://www.tgdaily.com/content/view/42101/108/

    and it is still growing, even at Microsoft. The company itself still has infections, which puts a bullet in the myth that the company’s products can be secured if one “knows enough”

    http://www.networkworld.com/news/2009/052109-conficker-still-infecting-50000-pcs.html

    Even a teeny Windows worm like Slammer/Sapphire caused over a billion in cleanup.

    To add the personal factor to it, MS products have gotten shoved into hospitals and been causing major outages there on a frequent basis. Just for the sake of argument, if you say that there are 1500 hospitals with MS products and they go down twice each and one death results per outage, you have 3000 deaths.

    Deaths + Lost money = air strike

    We have the Internet’s equivalent of Osama bin Laden walking around on free foot: leader and a group costing tens of billions in unnecessary economic harm, plus thousands of direct and indirect deaths, per year all because of an ideology. Why is the military not even begining to move against the headquarters, the ringleaders or henchmen? Or is it a larger job requiring NATO to get involved? Or is this a case where the regional, unofficial militia need to rise to the occasion?

    That is not counting the economic harm caused by egregious, apparently intentional, failures in interoperability — even within the product line…

    Nor does it count the mafia style activities which keep the market from cleansing itself of these types.

    Get rid of MS products and tens of billions are saved immediately on just the malware problem. The savings easily cover the cost of any conversion or migration issues. The only loose end is finding a place in society for MSFTers so that they are not in a position to cause any more damage. Like an embezzler can’t work in accounting, a junky in a pharmacy and a pedo in daycare, MSFTers can’t stay in IT. The temptation for recidivism is too high as we see in Ohloh and other farces.

  2. Needs Sunlight said,

    May 30, 2009 at 7:37 am

    Gravatar

    For what it’s worth, the quick way to deal with the DirectX exploit is to stay with the established industry standard, OpenGL

    http://www.opengl.org/documentation/

    That includes watching out for traps like Picasa which use helper tools like Wine as vectors to spread DirectX vulnerabilities even to other platforms.

DecorWhat Else is New


  1. IRC Proceedings: Saturday, November 27, 2021

    IRC logs for Saturday, November 27, 2021



  2. Links 27/11/2021: Nvidia’s DLSS Hype and Why GNU/Linux Matters

    Links for the day



  3. [Meme] Linus Gabriel Sebastian Takes GNU/Linux for a (Tail)'Spin'

    If you’re trying to prove that GNU/Linux is NOT Windows, then “haha! Well done…”



  4. GNU/Linux is for Freedom and It'll Gain Many Users When (or Where) People Understand What Software (or Computing) Freedom Means

    Software that respects people's freedom (and by extension privacy as well) is an alluring proposition; those who choose to try GNU/Linux for the wrong reasons are likely the wrong target audience for advocates



  5. Amid Reports of Microsoft's Competition Crimes in Europe...

    European companies are complaining, but they seem to overlook the principal aspect of an imperialistic system with bottomless pockets (almost 30 trillion dollars in debt already; US national debt soared again last month); Microsoft is shielded by a political system with military (“defence”) as bailout budget to help cushion international expansion for data grab and technical leverage, as we've seen in the case of EPO (this is all political, not technical, and should thus be treated as a political/corruption issue)



  6. Is Linus Trolling the GNU/Linux Community?

    This new video responds to what many sites have been provoked into amplifying



  7. Links 27/11/2021: Tux Paint 0.9.27 and SeaMonkey 1.1.19 in EasyOS

    Links for the day



  8. [Meme] Keeping Our Distance From Microsoft

    The OSI is the dagger, the Linux Foundation is the knife, and many others are the sword by which Microsoft tries to get into the very heart of GNU/Linux and extinguish the Free software movement



  9. Microsoft Edge Encourages Indebted Americans to Guilt-spend Just in Time for Christmas

    Guest post by Ryan, reprinted with permission



  10. IRC Proceedings: Friday, November 26, 2021

    IRC logs for Friday, November 26, 2021



  11. 38+ Years of GNU and 19+ Years of FSF Associate Membership

    “On November 25, 2002,” Wikipedia notes, “the FSF launched the FSF Associate Membership program for individuals.” As the above video points out, it all started almost 40 years ago.



  12. Gemini as a Platform for Gamers

    Contrary to what people often assume (or are led to assume), even without client-side scripting Gemini can accomplish a great deal; early adopters, many of whom are technical, test the limits of the very minimalistic (by design and intention) specification



  13. Improved Workflows: Achievement Unlocked

    Today we've completed a bunch of small projects that can make us more efficient (e.g. more Daily Links per day, more articles); the above video was recorded many hours ago to accompany the outline below



  14. Links 26/11/2021: New Complaint About Microsoft Competition Crimes in Europe, EuroLinux 8.5, GhostBSD 21.11.24, and Kiwi TCMS 10.5 Released

    Links for the day



  15. Links 26/11/2021: F35 Elections, Whonix 16.0.3.7, OSMC's November Refresh With Kodi 19.3

    Links for the day



  16. IRC Proceedings: Thursday, November 25, 2021

    IRC logs for Thursday, November 25, 2021



  17. IRC Proceedings: Wednesday, November 24, 2021

    IRC logs for Wednesday, November 24, 2021



  18. Links 25/11/2021: PHP 8.1.0 Released and Linux 5.15.5

    Links for the day



  19. IBM as Master of Hypocrisy

    Free software projects and Free software developers have long been humiliated by corporations of Western misogynists, falsely claiming that the Free software community isn’t inclusive enough (these are shameless projection tactics; as a matter of public record, the exact opposite is true) and even the eradication of supposedly offensive language isn’t something IBM takes seriously



  20. Links 25/11/2021: LibreOffice 7.2.3 and Mesa 21.2.6 Released

    Links for the day



  21. [Meme] So Desperate That Edge Cannot Even Exceed 4% That They Block Rival Web Browsers

    Linux/Android/Free Software/GNU (they go by very many names/brands) may continue to grow to the point where Windows is as irrelevant as Blackberry; this means that Microsoft’s grip on the Web too has slipped — to the point where Microsoft frantically uses 'bailout' money to hijack LinkedIn, GitHub, etc. (it also rebrands almost everything as "Azure" or clown to fake a perception of growth)



  22. Windows Vista Service Pack 11 (Vista 11) Has Failed to Curb the Growth of GNU/Linux

    Windows market share continues to decrease in spite of billions of dollars spent bribing the media for fake hype, especially in light of a new Windows Service Pack (SP), Vista SP 11



  23. Links 25/11/2021: Proton 6.3-8 and Linux Mint Compared to Ubuntu

    Links for the day



  24. 3.5 Years Later the 'Master' of Fedora is Still Microsoft and IBM Cannot Be Bothered to Alter Git Branch Names (Refuting or Ignoring Its Very Own Directive About Supposedly Racially-Insensitive Terms)

    Today we demonstrate the hypocrisy of IBM; years after telling us that we should shun the term "master" and repeatedly insisting it had a racist connotation at least 65 Fedora repositories, still controlled by Microsoft, still use "master"



  25. Changing the Arrangement While News is a Bit Slow(er)

    I've made it easier for myself to keep abreast of things like IRC channels and networks (incidentally, a day ago Freenode reopened to anonymous logins) and I've improved monitoring of the Web sites, Gemini capsule etc. (this video is unplanned and improvised)



  26. Links 24/11/2021: Alpine Linux 3.15 and Endless OS 4.0 Released

    Links for the day



  27. [Meme] Jimmy Zemlin Loves Microsoft

    It’s funny, isn’t it? Lying for a living and sucking up to the liars pays off; you get to plunder actual Linux users while leaving Linux morally and financially bankrupt



  28. Links 24/11/2021: PHP Foundation and Flatpak Criticisms

    Links for the day



  29. IRC Proceedings: Tuesday, November 23, 2021

    IRC logs for Tuesday, November 23, 2021



  30. Links 24/11/2021: Rust Crisis and Team UPC Still Faking 'Progress'

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts