06.13.09

Gemini version available ♊︎

Even Microsoft Can’t Secure Its Windows-based Web Sites (MSN Canada Cracked)

Posted in Microsoft, Security, Windows at 11:09 am by Dr. Roy Schestowitz

New Web site

Summary: MSN Canada the latest to be compromised, Windows botnet tools put up for display

SOME weeks ago we learned that even 'amateur' users like the FBI are unable to dodge Windows viruses. Just a few weeks ago we also saw a Microsoft Web site (MSN New Zealand) falling victim to crackers and it has just happened again, proving that even Microsoft cannot secure its servers. How do they expect others like their clients to succeed?

MSN Canada Website Compromised by Hackers

[...]

Researchers from net security company Websense warn that a particular section of the MSN Canada website has fallen victim to hackers who injected rogue code into a page used for redirection.

In other news, CNET shows that even kids can now create their own Windows botnet.

The abstract concepts of “botnet” and “Trojan” just became a lot more concrete for me.

In less than an hour on Thursday, I was able to use programs readily available on the Internet underground for as little as $300 to infect several Windows clients and take complete control of them in a test environment.

No wonder so many teenagers are wreaking havoc across the Internet (some are too young to be held accountable by national law) and ~320,000,000 computers are estimated to be zombies. Some researchers are rather astounded by the fact that the Web keeps standing at all. But at what cost? Damages are huge. We too are among the victims.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

4 Comments

  1. Chips B Malroy said,

    June 14, 2009 at 2:35 am

    Gravatar

    I have to comment on this part:
    “Microsoft Announces It Will Ship Without IE in Europe – Reactions – Updated”

    So Roy,
    MS is taking a slightly different tack in strategy here with the EU, is what I noticed. It stopped with the endless delaying strategy, most likely only because it is ready to release Windows Seven soon Now it is looking to repeat the N strategy from previous EU decisions.

    At first look I think we agree that the decision, or rather the offer, to not include/bundle IE with Seven sounds great, but we just know that MS will strong arm the OEM’s to include a IE disk, or to install IE themselves, making it about the same tactic as the N without WMP case.

    The “strong arming” of OEM’s by MS in the past,has some documentation. Best example of this type of illegal behavior is MS charging IBM an extra $10 per OEM install because IBM was installing OS/2 on some of their systems for sale. If any company should have sued MS, it was IBM.

    Roy Schestowitz Reply:

    Dell was preinstalling Firefox on machines in the UK for a while (maybe it still does).

  2. Chips B Malroy said,

    June 14, 2009 at 2:45 am

    Gravatar

    Also, as I was saying for a long time over on MS Watch, removing IE completely from XP, actually improved XP, and there was only a few programs that had to have it. Removing IE completely, improved the security of XP by a good factor as well, but it was still basically unsound. Removing the other windows malware targets of WMP, Outlook (2nd biggest malware target), windows messenger, in addition to IE, also helped. Setting up a limited user account in XP also helped, sadly it was nowhere as easy as Linux or Mac which came that way out of the box, so to say. While you could get XP a lot better secured, it will still be untrustworthy in the long run. Just too many pieces of malware, and malware also written to elevate the user privileges, out their on the web waiting to attack it.

  3. Chips B Malroy said,

    June 14, 2009 at 5:47 pm

    Gravatar

    One more comment, removing IE, Outlook, WMP, and Windows Messenger from XP Pro, completely, seem to make XP a whole lot more stable. Some of these middleware apps, like IE and Messenger, were doing things like spying on windows users. It could that and ActiveX (a part of IE mostly) be the reasons why these middleware apps, caused stability problems in XP and other windows versions? While windows will never be as stable as Linux (in my opinion), it can be better by getting rid of these very bad apps completely. I had never bought into the story by softies that IE still installed, but not the default and/or used browser, is not doing things behind the windows user’s back.

DecorWhat Else is New


  1. Don't Fall for Microsoft's Spin That Says Everything is Not Secure and Cannot be Secured

    Microsoft keeps promoting the utterly false concept that everything is not secure and there's nothing that can be done about it (hence, might as well stay with Windows, whose insecurity is even intentional)



  2. At Long Last: 2,000 Known Gemini Capsules!

    The corporate media, looking to appease its major sponsors (such as Web/advertising giants), won't tell you that Gemini Protocol is rising very rapidly; its userbase and the tools available for users are rapidly improving while more and more groups, institutions and individuals set up their own capsule (equivalent of a Web site)



  3. Links 26/1/2022: Gamebuntu 1.0, PiGear Nano, and Much More

    Links for the day



  4. IRC Proceedings: Tuesday, January 25, 2022

    IRC logs for Tuesday, January 25, 2022



  5. Links 26/1/2022: No ARM for Nvidia, End of EasyArch, and WordPress 5.9 is Out

    Links for the day



  6. Why the Unified Patent Court (UPC) is Still Just a Fantasy and the UPC's Fake News Mill Merely Discredits the Whole Patent 'Profession'

    Patents and science used to be connected; but now that the patent litigation 'sector' is hijacking patent offices (and even courts in places like Texas) it's trying to shove a Unified Patent Court (UPC) down the EU's throat under the disingenuous cover of "community" or "unity"



  7. Links 25/1/2022: Vulkan 1.3 Released, Kiwi TCMS 11.0, and antiX 19.5

    Links for the day



  8. Gemini Milestones and Growth (Almost 2,000 Known Gemini Servers Now, 39,000 Pages in Ours)

    The diaspora to Gemini Protocol or the transition to alternative 'webs' is underway; a linearly growing curve suggests that inertia/momentum is still there and we reap the benefits of early adoption of Gemini



  9. [Meme] Get Ready for Unified Patent Court (UPC) to be Taken to Court

    The Unified Patent Court (UPC) and Unitary Patent system that’s crafted to empower EPO thugs isn’t legal and isn’t constitutional either; even a thousand fake news 'articles' (deliberate misinformation or disinformation) cannot change the simple facts because CJEU isn’t “trial by media”



  10. The EPO Needs High-Calibre Examiners, Not Politicians Who Pretend to Understand Patents and Science

    Examiners are meant to obstruct fake patents or reject meritless patent applications; why is it that working conditions deteriorate for those who are intellectually equipped to do the job?



  11. Free Software is Greener

    Software Freedom is the only way to properly tackle environmental perils through reuse and recycling; the mainstream media never talks about it because it wants people to "consume" more and more products



  12. Links 25/1/2022: Git 2.35 and New openSUSE Hardware

    Links for the day



  13. IRC Proceedings: Monday, January 24, 2022

    IRC logs for Monday, January 24, 2022



  14. Links 25/1/2022: GPL Settlement With Patrick McHardy, Godot 4.0 Alpha 1, and DXVK 1.9.4 Released

    Links for the day



  15. Proprietary Software is Pollution

    "My daughter asked me about why are we throwing away some bits of technology," Dr. Andy Farnell says. "This is my attempt to put into words for "ordinary" people what I tried to explain to a 6 year old."



  16. Microsoft GitHub Exposé — Part XV — Cover-Up and Defamation

    Defamation of one’s victims might be another offence to add to the long list of offences committed by Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley; attempting to discredit the police report is a new low and can get Mr. Graveley even deeper in trouble (Microsoft protecting him only makes matters worse)



  17. [Meme] Alexander Ramsay and Team UPC Inciting Politicians to Break the Law and Violate Constitutions, Based on Misinformation, Fake News, and Deliberate Lies Wrapped up as 'Studies'

    The EPO‘s law-breaking leadership (Benoît Battistelli, António Campinos and their corrupt cronies), helped by liars who don't enjoy diplomatic immunity, are cooperating to undermine courts across the EU, in effect replacing them with EPO puppets who are patent maximalists (Europe’s equivalents of James Rodney Gilstrap and Alan D Albright, a Donald Trump appointee, in the Eastern and Western Districts of Texas, respectively)



  18. Has the Administrative Council Belatedly Realised What Its Job in the European Patent Organisation Really Is?

    The "Mafia" which took over the EPO (the EPO's own workers call it "Mafia") isn't getting its way with a proposal, so it's preventing the states from even voting on it!



  19. [Meme] Team UPC is Celebrating a Pyrrhic Victory

    Pyrrhic victory best describes what's happening at the moment (it’s a lobbying tactic, faking/staging things to help false prophecies be fulfilled, based on hopes and wishes alone), for faking something without bothering to explain the legal basis is going to lead to further escalations and complaints (already impending)



  20. Links 24/1/2022: Scribus 1.5.8 and LXLE Reviewed

    Links for the day



  21. IRC Proceedings: Sunday, January 23, 2022

    IRC logs for Sunday, January 23, 2022



  22. [Meme] Team UPC Congratulating Itself

    The barrage of fake news and misinformation about the UPC deliberately leaves out all the obvious and very important facts; even the EPO‘s António Campinos and Breton (Benoît Battistelli‘s buddy) participated in the lying



  23. Links 24/1/2022: pgBadger 11.7 Released, Catch-up With Patents

    Links for the day



  24. The Demonisation and Stereotyping of Coders Not Working for Big Corporations (or 'The System')

    The war on encrypted communication (or secure communications) carries on despite a lack of evidence that encryption stands in the way of crime investigations (most criminals use none of it)



  25. On the 'Peak Hacker' Series

    Hacker culture, unlike Ludditism, is ultimately a movement for justice, for equality, and for human rights through personal and collective emancipation; Dr. Farnell has done a good job explaining where we stand and his splendid series has come to a close



  26. Links 23/1/2022: First RC of Linux 5.17 and Sway 1.7 Released

    Links for the day



  27. Peak Code — Part III: After Code

    "Surveillance perimeters, smart TVs (Telescreens built to Orwell's original blueprint) watched over our living rooms. Mandatory smart everything kept us 'trustless'. Safe search, safe thoughts. We withdrew. Inside, we went quietly mad."



  28. IRC Proceedings: Saturday, January 22, 2022

    IRC logs for Saturday, January 22, 2022



  29. Links 23/1/2022: MongoDB 5.2, BuddyPress 10.0.0, and GNU Parallel 20220122

    Links for the day



  30. A Parade of Fake News About the UPC Does Not Change the General Consensus or the Simple Facts

    European Patents (EPs) from the EPO are granted in violation of the EPC; Courts are now targeted by António Campinos and the minions he associates with (mostly parasitic litigation firms and monopolists), for they want puppets for “judges” and for invalid patents to be magically rendered “valid” and “enforceable”


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts