06.13.09

Gemini version available ♊︎

Even Microsoft Can’t Secure Its Windows-based Web Sites (MSN Canada Cracked)

Posted in Microsoft, Security, Windows at 11:09 am by Dr. Roy Schestowitz

New Web site

Summary: MSN Canada the latest to be compromised, Windows botnet tools put up for display

SOME weeks ago we learned that even 'amateur' users like the FBI are unable to dodge Windows viruses. Just a few weeks ago we also saw a Microsoft Web site (MSN New Zealand) falling victim to crackers and it has just happened again, proving that even Microsoft cannot secure its servers. How do they expect others like their clients to succeed?

MSN Canada Website Compromised by Hackers

[...]

Researchers from net security company Websense warn that a particular section of the MSN Canada website has fallen victim to hackers who injected rogue code into a page used for redirection.

In other news, CNET shows that even kids can now create their own Windows botnet.

The abstract concepts of “botnet” and “Trojan” just became a lot more concrete for me.

In less than an hour on Thursday, I was able to use programs readily available on the Internet underground for as little as $300 to infect several Windows clients and take complete control of them in a test environment.

No wonder so many teenagers are wreaking havoc across the Internet (some are too young to be held accountable by national law) and ~320,000,000 computers are estimated to be zombies. Some researchers are rather astounded by the fact that the Web keeps standing at all. But at what cost? Damages are huge. We too are among the victims.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

4 Comments

  1. Chips B Malroy said,

    June 14, 2009 at 2:35 am

    Gravatar

    I have to comment on this part:
    “Microsoft Announces It Will Ship Without IE in Europe – Reactions – Updated”

    So Roy,
    MS is taking a slightly different tack in strategy here with the EU, is what I noticed. It stopped with the endless delaying strategy, most likely only because it is ready to release Windows Seven soon Now it is looking to repeat the N strategy from previous EU decisions.

    At first look I think we agree that the decision, or rather the offer, to not include/bundle IE with Seven sounds great, but we just know that MS will strong arm the OEM’s to include a IE disk, or to install IE themselves, making it about the same tactic as the N without WMP case.

    The “strong arming” of OEM’s by MS in the past,has some documentation. Best example of this type of illegal behavior is MS charging IBM an extra $10 per OEM install because IBM was installing OS/2 on some of their systems for sale. If any company should have sued MS, it was IBM.

    Roy Schestowitz Reply:
    June 14th, 2009 at 2:42 am

    Dell was preinstalling Firefox on machines in the UK for a while (maybe it still does).

  2. Chips B Malroy said,

    June 14, 2009 at 2:45 am

    Gravatar

    Also, as I was saying for a long time over on MS Watch, removing IE completely from XP, actually improved XP, and there was only a few programs that had to have it. Removing IE completely, improved the security of XP by a good factor as well, but it was still basically unsound. Removing the other windows malware targets of WMP, Outlook (2nd biggest malware target), windows messenger, in addition to IE, also helped. Setting up a limited user account in XP also helped, sadly it was nowhere as easy as Linux or Mac which came that way out of the box, so to say. While you could get XP a lot better secured, it will still be untrustworthy in the long run. Just too many pieces of malware, and malware also written to elevate the user privileges, out their on the web waiting to attack it.

  3. Chips B Malroy said,

    June 14, 2009 at 5:47 pm

    Gravatar

    One more comment, removing IE, Outlook, WMP, and Windows Messenger from XP Pro, completely, seem to make XP a whole lot more stable. Some of these middleware apps, like IE and Messenger, were doing things like spying on windows users. It could that and ActiveX (a part of IE mostly) be the reasons why these middleware apps, caused stability problems in XP and other windows versions? While windows will never be as stable as Linux (in my opinion), it can be better by getting rid of these very bad apps completely. I had never bought into the story by softies that IE still installed, but not the default and/or used browser, is not doing things behind the windows user’s back.

DecorWhat Else is New

  1. Links 25/03/2023: Gordon Moore (of Moore's Law) is Dead

    Links for the day

  2. Links 25/03/2023: Decade of Docker, Azure Broken Again

    Links for the day

  3. [Meme] Money Deducted in Payslips, But Nothing in Pensions

    Sirius ‘Open Source’ has stolen money from staff (in secret)

  4. IRC Proceedings: Friday, March 24, 2023

    IRC Proceedings: Friday, March 24, 2023

  5. The Corporate Media is Not Reporting Large-Scale Microsoft Layoffs (Too Busy With Chaffbot Puff Pieces), Leaks Required to Prove That More Layoffs Are Happening

    Just as we noted days ago, there are yet more Microsoft layoffs, but the mainstream media gets bribed to go “gaga” over vapourware and chaffbots (making chaff like “Bill Gates Says” pieces) instead of reporting actual news about Microsoft

  6. Sirius 'Open Source' Pensiongate: Time to Issue a Warrant of Arrest and Extradite the Fake 'Founder' of Sirius

    Sirius ‘Open Source’ is collapsing, but that does not mean that it can dodge accountability for crimes (e.g. money that it silently stole from its staff since at least 12 years ago)

  7. Links 24/03/2023: Microsoft's Fall on the Web and Many New Videos

    Links for the day

  8. IRC Proceedings: Thursday, March 23, 2023

    IRC logs for Thursday, March 23, 2023

  9. Links 24/03/2023: Social Control Media Bans Advancing

    Links for the day

  10. Links 24/03/2023: GNU Grep 3.10 and Microsoft Accenture in a Freefall

    Links for the day

  11. Links 23/03/2023: RSS Guard 4.3.3 and OpenBSD Webzine

    Links for the day

  12. Experiencing 15 Years of LibrePlanet Celebration Firsthand as a Volunteer: 2023 - Charting the Course

    Article by Marcia K Wilbur

  13. [Meme] Grabinski the Opportunity

    Reports of European Patents being invalidated (judges do not tolerate fake patents) have become so common that a kangaroo court becomes a matter of urgency for the EPO‘s Benoît Battistelli and António Campinos; will the EU and the EPO’s Administrative Council go along with it, helping to cover up more than a decade of profound corruption?

  14. Union Syndicale Fédérale Cautions the EPO's Administrative Council About Initiating an Illegal Kangaroo Court System for Patents (UPC) While EPO Breaks Laws and Sponsors the Ukraine Invasion

    Union Syndicale Fédérale (USF) is once again speaking out in support of the staff union of Europe's second-largest institution, which lacks oversight and governance because of profound corruption and regulatory capture

  15. Investigation Underway: Sirius 'Open Source' Embezzled/Stole Money, Robbed Its Own Staff

    In light of new developments and some progress in an investigation of Sirius ‘Open Source’ (for fraud!) we take stock of where things stand

  16. [Meme] Sirius 'Open Source' Pensions: Schemes or Scams? Giving a Bad Name to Open Source...

    What Sirius ‘Open Source’ did to its staff is rightly treated as a criminal matter; we know who the perpetrators are

  17. Sirius 'Open Source' Under Investigation for Pension Fraud, Several Pension Providers Examine the Facts

    2 pension providers are looking into Sirius ‘Open Source’, a company that defrauded its own staff; stay tuned as there’s lots more to come. Is this good representation for “Open Source”? From a company that had many high-profile clients in the public sector?

  18. Links 23/03/2023: Sparky 2023.03 Special Editions and SUSE Changes CEO (Dirk-Peter van Leeuwen)

    Links for the day

  19. Links 23/03/2023: Linux 6.2.8 and XWayland 23.1.0

    Links for the day

  20. IRC Proceedings: Wednesday, March 22, 2023

    IRC logs for Wednesday, March 22, 2023

  21. Apple 'Porn' Filter

    Guest post by Ryan Farmer: Apple and US State Governments Developing System to Require People to Report Themselves for Watching Porn.

  22. 3.5 Years Later Gemini Protocol and Geminispace Are Still 100% Community-Controlled

    Community-centric alternatives to the World Wide Web have gained traction; one of them, Gemini Protocol, continues to grow in 2023 and we're pleased to report progress and expansion

  23. Windows Falls to 16% Market Share in India (It was 97% in 2009), Microsoft Layoffs Reach India Too

    This month’s picture from the world’s most populous nation does not look good for Microsoft (it looks good for GNU/Linux); anonymous rumour mills online say that Microsoft isn’t moving to India but is actually firing staff based in India, so it’s a case of shrinking, not offshoring. When even low-paid (much lower salaries) staff is discarded it means things are very gloomy.

  24. Links 22/03/2023: GNOME 44 “Kuala Lumpur”

    Links for the day

  25. Microsoft Has Also Infiltrated the OSI's Board of Directors After Rigged Elections

    Weeks ago we warned that this would happen and for the third or fourth time in 2 years the OSI’s election process broke down; today the Open Source Initiative (OSI) writes: “The polls just closed, the results are in. Congratulations to the returning directors Aeva Black…” (Microsoft employee)

  26. Links 22/03/2023: Official Thunderbird Podcast Starts

    Links for the day

  27. IRC Proceedings: Tuesday, March 21, 2023

    IRC logs for Tuesday, March 21, 2023

  28. Many More Microsoft Layoffs Later Today

    Yesterday we shared rumours about Microsoft layoffs being planned for later today (there were 3 waves of layoffs so far this year). There are several more people here who say the same. How much noise will Microsoft make in the “media” in order to distract? Will the chaffbot "ChatGPT" help create enough chaff?

  29. Links 21/03/2023: JDK 20 and GNOME 43.5

    Links for the day

  30. Germany's Lobbyists-Infested Government Sponsors the War on Ukraine via the European Patent Office (EPO)

    The chief UPC ‘judge’ is basically seeking to break the law (and violate constitutions, conventions etc.) to start a kangaroo court while dodging real courts, just like Vladimir Putin does

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts