Bonum Certa Men Certa

The Windows Security Theatre

Airport



Summary: Many security reports from The Register and little more of the rest

McAfee is far from a friend of Free software [1, 2] and its remedies for Windows may sometimes cause more harm than good. Here is a fresh new example of why this paradigm of sold-separately bolted-on security software simply does not work. To quote, "IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan were brought down when the anti-virus program attacked their core system files. In some cases, this caused the machines to display the dreaded blue screen of death."



One of our readers says that "admins use Knoppix to fix borked McAfee antivirus" and he points to this new example where someone suggests: "For servers with BSOD we have used knoppix live cd to move files from quarantine to original place..."

In other news, Microsoft is preparing patches for flaws that enable hijacking of Windows, probably remotely. These flaws are very serious. Some of them are already being actively exploited (without a solution available).

Microsoft on Tuesday plans to release updates patching three critical Windows security vulnerabilities, two of which are already under attack.


Attacks must always precede reaction in Microsoft's case.

Why might this happen? Well, maybe because, according to some more news, Microsoft has knowingly ignored a serious flaw for a year. It is so typical.

Microsoft knew of nasty IE bug a year before attacks



The disclosure comes as attacks targeting the MSVidCtl ActiveX control vulnerability have increased exponentially. On Monday, online ads distributed by through the Giant Realm network on popular gaming websites began including code that exploits the bug, according to security firm ScanSafe. The ads mean that anyone using IE to browse sites such as diii.net and incgamers.com are risk if they run the XP or 2003 versions of Windows and have not yet installed a quick fix.


We have already shown that Microsoft deliberately hides its flaws. Victims of this careless, selfish behaviour are all of us who receive spam from hundreds of millions of Windows zombies. To rephrase the news (The Register again), spam levels have returned to normal.

Victims may include more hospitals too, according to this last bit of news from The Register.

The leader of a malicious hacker collective who used his job as a security guard to breach sensitive Texas hospital computers has been arrested just days before his group planned a "massive DDoS" attack for the July 4 Independence Day holiday.


Hospitals are hit by Windows viruses on a very regular basis this year [1, 2, 3, 4] and according to this article from Sam Varghese Microsoft is profiteering from it.

How Microsoft benefits from Conficker



Microsoft experts were among consultants called in by the council - and they took home some of the €£1.2 million which the body paid out to get the problem resolved. Exactly how much was paid to the different consultants was not divulged.


In reference to some of these shocking figures, one of our readers asks, "What can be bought?" He uses Manchester as an example:

There was a recent article about the UK city of Manchester which just paid nearly $2.5 million in clean up for the Windows worm Conficker. That's one worm in one city.

If we take some numbers for the sake of argument and play with them, what could we buy with $2.5 million.

Say for the sake of argument that top developers (in several fields of computing) and UI designers cost $100,000 apiece including insurance, pensions, equipment and work space rental. That would provide for a team of 10 for 25 years, or a team of 25 for 10 years, etc.

So for a decade, for the same price, Manchester could work out a re-packaging of Fedora and some needed applications:

5 development engineers 5 deployement engineers 5 HCI specialists 10 half-time support 3 full-time support 2 managers / marketeers

The magnitude of the money lost pursuing the Windows ideology is mind-boggling.


Contrary to common belief (mind the interesting comments), Microsoft could really use some money which is made through its own incompetence. The reality of the matter is that Microsoft has faltered for years (even financially) and it now amasses some debt.

But going back to this subject of security, Heise reports show that Apple is no role model either, not with its proprietary, DRM-locked phones.

iPhone 3GS cracked



[...]

The Dev Team are well known for their free iPhone jailbreaking and unlocking tools (QuickPwn, PwnageTool, Yellowsn0W, etc.), however, they have yet to release a tool that's compatible with the 3GS and version 3.0 of the iPhone software.


Symbian faces challenges too. Symbian is still proprietary (in phases of transition).

Security on Symbian mobiles: Early signs of crumbling



[...]

At the recent Pwn2Own 2009 security contest, none of the competitors succeeded in hacking a Symbian mobile.


Free Software Magazine has a good new comic on that subject of security.

Comments

Recent Techrights' Posts

It's Hard to Trust People Who Worked - Not Only Those Who Still Work - at Microsoft
Bryan Lunduke is just what people would call an "arsehole of a person"
Links 06/07/2025: Climate Change and "The Right to Criticise"
Links for the day
The Mainstream Media Took 4 Days to Realise Microsoft Shut Down Its Operations in Pakistan and Fired Everybody
We estimate that Microsoft has had about 29,000 layoffs since January
“Twibel” Actions Against Comedians (and Why It's a Truly Low Blow)
they try to make up in quantities for a lack of merit or quality
 
Links 06/07/2025: Airlines Perils, Scams, and Breaches
Links for the day
Two Risks to Companies: The Microsoft Culture and the Microsoft Tools
Novell was killed by a form of "social engineering" by Microsoft
For the Second Time, Bryan Lunduke From Microsoft is Siccing Racist Trolls and Vandals at Me
You're only reinforcing the point we made yesterday
Links 06/07/2025: End to End Encryption at Risk, Reuters Twitter ("X") Account Withheld in India
Links for the day
Gemini Links 06/07/2025: Tinylog and Certification Rotation
Links for the day
PCLinuxOS Sites Coming Back, Gradually
let's just be patient
Social Control Media, Even If Based on Free Software, Still Has Many Problems
a distraction from what actually mattered and still matters
IBM is Not Your Master
IBM makes friends with people who exclude the majority of the population: women
Help Fund the Free Software Foundation (FSF)
If you have some dollars to spare, go support the FSF
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 05, 2025
IRC logs for Saturday, July 05, 2025
A Short History of Attacks on Techrights (and Boycott Novell Before That)
good opportunity to tell again the story of several (not all) attempts to silence us
Leadership in Free Software
Don't let IBM lead. It's a terrible flag bearer.
Linux Foundation Apparently Flirting With Slop (Marketing by LLM-Generated SPAM)
The Web is in a really bad state!
COVID-19 Sped Up Site Improvements in Techrights
A few months later we created our very own IRC network
Gemini Links 05/07/2025: Negative Questions and 'Touching Grass' (Going Outside)
Links for the day
Links 05/07/2025: Dalai Lama Succession as 90th Birthday Approaches, 40 deg C in China
Links for the day
Links 05/07/2025: Hungary and US Defecting to Russia, "Google's Hotseat Hypocrisy"
Links for the day
Gemini Links 05/07/2025: 4th of July 2025 and "Zig Roadmap 2026"
Links for the day
How to Combat the Exploitation and Abuse by Microsoft GitHub
Not to mention corruption and crimes against women
Bryan Lunduke is Actually Sending His Audience to Attack People
"[Lunduke] is actually sending his audience to attack people."
Even The Right Wing is Rejecting Bryan Lunduke
no wonder he became so irrelevant and marginal
Microsoft's MSN Helps Microsoft Spread Lies About the Layoffs' Scale (Well Over 25,000 People Laid Off This Year)
There seem to be monopolies on lies and on truth
The Death of X Has Been Greatly Exaggerated (by Compromised Media)
X.Org Server is alive and well
Rewriting Things in Rust
How far would you go?
In 2025 Everything is "AI". Remember Blockchains?
Talk about what companies and things (services, products, software) actually do, not the labels they use
Julian Assange Has Been Free for a Year
Julian Assange and I disagreed on some things
Monopolies and Scalping
Monopolies gravitate towards price hikes
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 04, 2025
IRC logs for Friday, July 04, 2025
Microsoft's August Layoffs Wave: "August is Confirmed for Additional Performance Based Cuts"
"August is confirmed for additional performance based cuts from the recent connects along with additional organizational cuts."
What Microsoft Reputation Laundering (With a Weaponised Law Degree) Looks Like in a Foreign Continent
You would expect this in uncivilised and primitive countries
Slopwatch: LLMs 'Write' Fake or Distorted 'News' About "Linux"
LLM slop disguised as news
Links 04/07/2025: Google Replaces the Web With Slop, "AI Might Kill Us All"
Links for the day
Gemini Links 04/07/2025: Mindfulness and F1
Links for the day
Weeks After Microsoft Bankruptcy in Russia the Company Shuts Down in Pakistan, Too
Last month Windows' share in Pakistan fell to an all-time low
Rob Musial's June 2025 Additions of Malware in Proprietary Software
Via the GNU Web site this week
Links 04/07/2025: Microsoft's H-1B Visa Applications Show Another Crisis Unfolding, Many More Deep Cuts and Shutdowns Revealed, Complete Microsoft Exits
Links for the day
Gemini Links 04/07/2025: A Day To Remember and "Stop Killing Games"
Links for the day
Crime and Corruption at Microsoft GitHub Cannot be Covered Up by SLAPPs in Another Continent
We'll write about this for a long time to come
Slop Videos Are Disappointing Garbage, Nothing New, Just Brute Force up on Display or a Pedestal of Slop
Slop videos aren't a new thing
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 03, 2025
IRC logs for Thursday, July 03, 2025
The War on Local Storage (People Hosting Their Files Locally and Privately)
There's nothing wrong with controlling one's computing
What Digital Independence Means
Independence in the digital realms means abandoning platforms like GitHub, not just rejecting proprietary software
NVidia is a Bubble
they temporarily see fortunes and wrongly assume perpetuity thereof
Fedora Does Not Care About Diversity and Inclusion, It's About Optics (Corporate Image)
any notion of inclusion is superficial and misleading
Don't Buy the Excuses for Microsoft's Mass Layoffs
Back in the 90s, Microsoft bought a lot of companies to get and stay ahead