EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.31.09

Security FUD Against GNU/Linux

Posted in Apple, FUD, GNU/Linux, Microsoft, Security, Windows at 1:59 pm by Dr. Roy Schestowitz

Mask

Summary: Sightings of security FUD against GNU/Linux in the news

MICROSOFT WINDOWS never had the reputation of a secure platform. In fact, just a short while ago a new kernel vulnerability was found in Windows. To give the gist of the issue:

A local user can invoke NtUserConsoleControl() in ‘win32k.sys’ to execute arbitrary code on the target system with elevated privileges.

There is also this new report from Heise and many more that we shared over the past few days (the last one came yesterday morning).

Microsoft has issued updates for Internet Explorer and Visual Studio “out of band”, between the regular monthly patch days, to mend the ActiveX support of Internet Explorer. Additionally, these updates plug another three critical security vulnerabilities in the browser. All versions, including Internet Explorer 8, are affected.

This brings us to the following new article from Forbes, which states:

Virtual machines, which perform like physical machines but are simulated with software, have fewer sources of entropy: Linux-based virtual machines, for instance, gather random numbers only from the exact millisecond time on their internal clocks. And that source isn’t enough to generate strong keys for encryption, Stamos argues. “Normally there’s enough variation that after a while your operating system can gather up the entropy it needs to provide you with secure random numbers,” he says. “The fundamental issue is that with virtualized hardware, many of those random variations don’t exist.”

[...]

If a malicious hacker were to set up his or her own Linux virtual machine in Amazon’s EC2 cloud service, for example, he or she could use that machine’s entropy pool to better guess at the entropy pools of other recently created Linux-based virtual servers in Amazon’s cloud, Stamos posits.

What does that have to do with GNU/Linux? Why does Forbes conveniently assume that only “Linux” can suffer from this co-allocation issue? If it is not intended to daemonise GNU/Linux, then it might be worth correcting.

Carla has just found another new example that she wrote about in length. She addresses the whole “obscurity” argument, noting that:

Linux permeates every possible segment of tech– routers and networking devices, home and business automation, security and surveillance systems, phones, netbooks and other consumer mobile devices, desktops, vehicles, media servers and settop boxes; it’s already a major player in the datacenter, server room, mainframes, clusters, and supercomputing. Linux runs on multiple CPU architectures. So a Windows-type Trojan horse or worm on Linux should have a much more catastrophic effect because of Linux’ much greater reach.

According to Roughly Drafted Magazine, Rupert Murdoch’s Fox is taking shots at Mac OS X as well.

Fox News reports new Mac virus that is neither Mac nor viral nor new

A report published by Fox News says that “online criminals are apparently so impressed with its scorching sales they are sending Macintosh computers an attack typically aimed at” Windows PCs. The story then falls apart in series of inept contradictions.

The press loves pretending that Windows is never the culprit, despite compelling evidence that these very same outlets/publications are most certainly aware of the culprit.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 19/4/2014: Slow Easter News Day

    Links for the day



  2. Links 18/4/2014: New KDE, Kubuntu, and More

    Links for the day



  3. Some Perspective on Heartbleed®

    Our views on the whole Heartbleed® bonanza, which seems like partly a PR stunt (for multiple stakeholders)



  4. Microsoft is Leaving Windows -- Including Vista 8.1 -- Vulnerable to Non-Government Crackers, Not Only to NSA

    Microsoft makes it ever more evident that securing users of Windows is not at all a priority, and perhaps not even a desire



  5. Links 17/4/2014: Android RDP, New Ubuntu, RHEL 7 Milestone

    Links for the day



  6. Racing to 1984: Mass Surveillance, Cracking, 'Targeted' Assassinations, and Illegal Torture

    Links for the day



  7. More Microsoft Subsidies to Patent Troll Intellectual Ventures

    Microsoft hands money to Bill Gates' close friend who is the world's largest patent troll



  8. Aiding Microsoft Under the Disguise of 'Pro-FOSS'

    Not everything which is FOSS necessary becomes, by virtue of existence, a positive contribution, as we are constantly reminded by projects that help proprietary software and/or restrictions get a strong grip on FOSS



  9. Links 16/4/2014: Red Hat PR, Ubuntu LTS Imminent

    Links for the day



  10. Links 15/4/2014: Lots of PCLinuxOS Releases, Ukraine Updates

    Links for the day



  11. Apple and Microsoft Actively Lobbying Against Patent Reform in the US

    Apple and Microsoft are reportedly intervening/interfering with US law in order to ensure that the law is Free/libre software-hostile



  12. Lawsuit by Microsoft Shareholder Targets Fine for Crimes Rather Than the Crimes Themselves

    A new lawsuit by a Microsoft shareholder shows everything that's wrong with today's model of accountability, where those who are responsible for crimes are accused of not avoiding fines rather than committing the crimes



  13. Public Institutions Must Dump PRISM-Associated Software

    Another reminder that taxpayers-subsidised services should refuse, as a matter of principle, to pay anything for -- let alone deploy -- proprietary software with back doors



  14. GNU/Linux News: The Opportunities Amid XP EOL

    Links for the day



  15. Microsoft Gets Its Money's Worth From Xamarin: PlayStation 4 Now Polluted by Microsoft

    The Trojan horse of Microsoft, Xamarin, is pushing .NET into Microsoft's console competitor



  16. After Brendan Eich Comes Chris Beard

    Having removed Brendan Eich using bullying and blackmail tactics, his foes inside Mozilla achieved too little as we have yet another man (coming from inside Mozilla) acting as CEO



  17. Healthcare News: Free Software in Health, Humanitarian Causes

    Links for the day



  18. Links 14/4/2014: MakuluLinux, Many Games, More Privacy News and Pulitzer Prize for NSA Revelations

    Links for the day



  19. TechBytes Episode 87: Catching up With Surveillance (NSA, GCHQ et al.)

    The first audio episode in a very long time covers some of the latest happenings when it comes to privacy and, contrariwise, mass surveillance



  20. Server News: KVM, ElasticHosts, Other GNU/Linux Items, and Open Network Linux

    Links for the day



  21. Hardware News: Freedom, Modding, Hackability on the Rise

    Links for the day



  22. Distributions News: GNU/Linux Distros

    Links for the day



  23. GNOME News: Financial Issues, Mutter-Wayland, West Coast Summit, Community Participation

    Links for the day



  24. KDE News: Kubuntu at the Centre Again KDE Applications Updated

    Links for the day



  25. Techrights Rising

    Effective immediately, Techrights will do what it takes to bring back old volume and pace of publishing



  26. Links: Surveillance, Intervention, Torture and Drones

    Links for the day



  27. Mobile Linux Not Just Android: Jolla, WebOS, and Firefox OS News

    Links for the day



  28. Google's Linux Revolution: New Gains for Android, Chrome OS (GNU/Linux)

    Links for the day



  29. Free/Libre Databases News: MongoDB, NoSQL, and MySQL Branches/Forks

    Links for the day



  30. Open Access on the Rise: Textbooks, Journals, Etc.

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts