EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.31.09

Security FUD Against GNU/Linux

Posted in Apple, FUD, GNU/Linux, Microsoft, Security, Windows at 1:59 pm by Dr. Roy Schestowitz

Mask

Summary: Sightings of security FUD against GNU/Linux in the news

MICROSOFT WINDOWS never had the reputation of a secure platform. In fact, just a short while ago a new kernel vulnerability was found in Windows. To give the gist of the issue:

A local user can invoke NtUserConsoleControl() in ‘win32k.sys’ to execute arbitrary code on the target system with elevated privileges.

There is also this new report from Heise and many more that we shared over the past few days (the last one came yesterday morning).

Microsoft has issued updates for Internet Explorer and Visual Studio “out of band”, between the regular monthly patch days, to mend the ActiveX support of Internet Explorer. Additionally, these updates plug another three critical security vulnerabilities in the browser. All versions, including Internet Explorer 8, are affected.

This brings us to the following new article from Forbes, which states:

Virtual machines, which perform like physical machines but are simulated with software, have fewer sources of entropy: Linux-based virtual machines, for instance, gather random numbers only from the exact millisecond time on their internal clocks. And that source isn’t enough to generate strong keys for encryption, Stamos argues. “Normally there’s enough variation that after a while your operating system can gather up the entropy it needs to provide you with secure random numbers,” he says. “The fundamental issue is that with virtualized hardware, many of those random variations don’t exist.”

[...]

If a malicious hacker were to set up his or her own Linux virtual machine in Amazon’s EC2 cloud service, for example, he or she could use that machine’s entropy pool to better guess at the entropy pools of other recently created Linux-based virtual servers in Amazon’s cloud, Stamos posits.

What does that have to do with GNU/Linux? Why does Forbes conveniently assume that only “Linux” can suffer from this co-allocation issue? If it is not intended to daemonise GNU/Linux, then it might be worth correcting.

Carla has just found another new example that she wrote about in length. She addresses the whole “obscurity” argument, noting that:

Linux permeates every possible segment of tech– routers and networking devices, home and business automation, security and surveillance systems, phones, netbooks and other consumer mobile devices, desktops, vehicles, media servers and settop boxes; it’s already a major player in the datacenter, server room, mainframes, clusters, and supercomputing. Linux runs on multiple CPU architectures. So a Windows-type Trojan horse or worm on Linux should have a much more catastrophic effect because of Linux’ much greater reach.

According to Roughly Drafted Magazine, Rupert Murdoch’s Fox is taking shots at Mac OS X as well.

Fox News reports new Mac virus that is neither Mac nor viral nor new

A report published by Fox News says that “online criminals are apparently so impressed with its scorching sales they are sending Macintosh computers an attack typically aimed at” Windows PCs. The story then falls apart in series of inept contradictions.

The press loves pretending that Windows is never the culprit, despite compelling evidence that these very same outlets/publications are most certainly aware of the culprit.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. The EPO is Collapsing. Attacks on Journalists, Interns as Staff, Patents on Plants, and Bureaucratic Red Tape...

    A look at some of the latest issues surrounding the European Patent Office, whose insistence on denying the problems and instead attacking those who bring up legitimate concerns, will spell its doom



  2. Ignore the Bristows UPC Echo Chamber, the UPC is Not Happening

    Response to some of the latest UPC promotion, courtesy of some of the usual suspects, who stand to benefit financially if the UPC ever becomes a reality



  3. British Media Slams Battistelli for Attempting to Cover Up 2 Years of Juridical Abuses With Help From the Administrative Council of the EPO

    A growing voice of concern about the integrity of the European Patent Organisation, whose management appears to be in cahoots (overseers/regulators included) so as to cover up its own serious abuses



  4. Boards of Appeal Still Under Attack From Team Battistelli While the EPO Proceeds to Granting Patents on Carlsberg BEER!

    The lunacy of the EPO with its patent maximalism will likely go unchecked (and uncorrected) if Battistelli gets his way and turns the EPO into another SIPO (Croatian in the human rights sense and Chinese in the quality sense)



  5. Memo “Deliberately Leaked to Cover up the UPC” With Its Many Associated Issues Amid Brexit

    Some eye-opening updates about the awkward move from Lucy Neville-Rolfe, who made promises (expression of intent) she can neither fulfill nor justify to the British public



  6. Links 8/12/2016: Korora GNU/Linux 25, SparkyLinux 4.5.1

    Links for the day



  7. Links 7/12/2016: ROSA Desktop Fresh R8 Plasma 5, Ubuntu Touch OTA-14

    Links for the day



  8. The UPC Scam Part VII: A Fine Mess in the Making, as Nothing Can be Made of It Amid/After Brexit

    The final part in this multi-part series about UPC, which cannot be implemented in the UK as long as Brexit is on the agenda



  9. The UPC Scam Part VI: The Real Story Which People Missed Due to Puff Pieces Seeded by Battistelli-Bribed Media is That UPC Technically Cannot Come to the UK

    Another long installment in a multi-part series about UPC at times of post-truth Battistelli-led EPO, which pays the media to repeat the lies and pretend that the UPC is inevitable so as to compel politicians to welcome it regardless of desirability and practicability



  10. EPO Spiraling Down the Drain as Experienced Examiners and Judges Are Seemingly Being Replaced by Interns

    Implementing yet more of his terrible ideas and so-called 'reforms', Battistelli seems to be racing to the bottom of everything (patent quality, staff experience, labour rights, working conditions, access to justice etc.)



  11. A Lot of News From the Supreme Court (SCOTUS) Today, With Some Important Decisions on Patents Coming Soon

    A roundup of today's outcomes from the US Supreme Court, which intends to review and decide on important patent cases



  12. In Historic Blow to Design Patents, Apple Loses to Samsung at the Supreme Court

    A $399 million judgment against Android devices from Samsung, with potential implications for other Android OEMs, is rejected by SCOTUS



  13. Good Riddance. Ray Niro is Dead.

    The infamous father of patent trolling is dead, so we need to remember his real legacy rather than rewrite his history to appease his rich relatives (enriched by destroying real companies)



  14. EPO Suicides Greater in Number Than is Widely Reported, Unjust System a Contributor to These

    The horrible regime of Benoît Battistelli has an enormous human toll (fatalities), far greater than the Office is willing to publicly acknowledge



  15. Lobbying Disguised as 'Reporting' by the Patent Microcosm, Which Wants More Patents and More Lawsuits (Lawyers Needed)

    A rebuttal to some new articles about patents, especially those that strive to increase patent-related activities (usually for personal gain)



  16. USPTO Echo Chamber That Lacks Actual Software Professionals Deciding on Patentability of Software

    A look at yesterday's "Roundtable on Patent Subject Matter Eligibility," which lacked involvement from those actually affected by patents rather than those who sell, trade, and exploit these



  17. More Examples of Microsoft and Its Patent Trolls Taxing Linux, Even After Microsoft 'Joined' (Paid) the Linux Foundation

    A quick look at the past week's news and clues about Microsoft's (and its broad army of patent trolls) strategy for taxing Linux, or imposing bundling at zero cost (to Microsoft)



  18. Heiko Maas, the SPD “Cash for Access” Affair, and Suspicions of Unwarranted Censorship at IP Kat (Again)

    Unsayable views or just a glitch? Readers of IP Kat express concern about a culture of censorship at IP Kat



  19. Endgame for Battistelli at the European Patent Office (EPO)

    Battistelli turns bad into worse by spitting on the very notion of accepting justice (from the highest court in The Hague or even the UN in this case)



  20. Les Échos Chamber: Having Corrupted the Media (With EPO Money), Battistelli Now Uses It for More UPC Propaganda

    The lies about the Unitary Patent are now being broadcast (Battistelli given the platform) by the publication that Battistelli pays



  21. Rumour: EPO in Berlin the Next Casualty of Battistelli's 'Reform' (Organisational Suicide Plan)

    Months after we learned that a former staff representative in Berlin had been dismissed we come across an anonymous claim that Berlin's 'branch' of the EPO will be folded onto Munich's



  22. Caricature: the Maas App

    The failure of Maas to even bother with regulation of Battistelli (among others) earns him this cartoon



  23. Links 5/12/2016: Linux 4.9 RC 8, DeepMind as FOSS

    Links for the day



  24. Leaked: Battistelli Acknowledges Bunk 'Justice' in About 100 Cases at the Internal Appeals Committee of the EPO

    A look at Battistelli's response to the latest from the International Labour Organisation (ILO), exceptionally delivering two decisions at the very end of last month



  25. The UPC Scam Part V: Unitary Patent Regime a Fantasy of Patent Trolls

    "Good for trolls" is a good way to sum up the Unitary Patent, which would give litigators plenty of business (defendants and plaintiffs, plus commissions on high claims of damages) if it ever became a reality



  26. EPO at a Tipping Point: Battistelli Quarrelling With French Politicians, Administrative Council Urged to Act, Staff Unrest Peaking

    The latest messages about Battistelli's regime at the EPO, which faces growing opposition from more directions than ever before



  27. Quality of Patents at the EPO Dependent on the Appeal Boards When Battistelli Assesses Performance Using the Wrong 'Production' Yardstick

    A look at some recent articles regarding patent quality in the US and in Europe, in particular because of growing trouble at today's EPO, which marginalises the appeal boards



  28. Microsoft's Push for Software Patents Another Reminder That There is No 'New' Microsoft

    Microsoft's continued fascination with and participation in the effort to undermine Alice so as to make software patents, which the company uses to blackmail GNU/Linux vendors, widely acceptable and applicable again



  29. Links 5/12/2016: SparkyLinux 4.5 Released, Kondik Exits Cyanogen (Destroyed After Microsoft Deal)

    Links for the day



  30. Software Patents Continue Their Invalidation Process, But Patent Law Firms Try to Deny This in Order to Attract Misinformed (or Poorly-Informed) Clients

    A roundup of news about software patents and demonstration of the sheer bias in the media, which is mostly controlled or steered by the patent microcosm rather than actual inventors


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts