EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.31.09

Security FUD Against GNU/Linux

Posted in Apple, FUD, GNU/Linux, Microsoft, Security, Windows at 1:59 pm by Dr. Roy Schestowitz

Mask

Summary: Sightings of security FUD against GNU/Linux in the news

MICROSOFT WINDOWS never had the reputation of a secure platform. In fact, just a short while ago a new kernel vulnerability was found in Windows. To give the gist of the issue:

A local user can invoke NtUserConsoleControl() in ‘win32k.sys’ to execute arbitrary code on the target system with elevated privileges.

There is also this new report from Heise and many more that we shared over the past few days (the last one came yesterday morning).

Microsoft has issued updates for Internet Explorer and Visual Studio “out of band”, between the regular monthly patch days, to mend the ActiveX support of Internet Explorer. Additionally, these updates plug another three critical security vulnerabilities in the browser. All versions, including Internet Explorer 8, are affected.

This brings us to the following new article from Forbes, which states:

Virtual machines, which perform like physical machines but are simulated with software, have fewer sources of entropy: Linux-based virtual machines, for instance, gather random numbers only from the exact millisecond time on their internal clocks. And that source isn’t enough to generate strong keys for encryption, Stamos argues. “Normally there’s enough variation that after a while your operating system can gather up the entropy it needs to provide you with secure random numbers,” he says. “The fundamental issue is that with virtualized hardware, many of those random variations don’t exist.”

[...]

If a malicious hacker were to set up his or her own Linux virtual machine in Amazon’s EC2 cloud service, for example, he or she could use that machine’s entropy pool to better guess at the entropy pools of other recently created Linux-based virtual servers in Amazon’s cloud, Stamos posits.

What does that have to do with GNU/Linux? Why does Forbes conveniently assume that only “Linux” can suffer from this co-allocation issue? If it is not intended to daemonise GNU/Linux, then it might be worth correcting.

Carla has just found another new example that she wrote about in length. She addresses the whole “obscurity” argument, noting that:

Linux permeates every possible segment of tech– routers and networking devices, home and business automation, security and surveillance systems, phones, netbooks and other consumer mobile devices, desktops, vehicles, media servers and settop boxes; it’s already a major player in the datacenter, server room, mainframes, clusters, and supercomputing. Linux runs on multiple CPU architectures. So a Windows-type Trojan horse or worm on Linux should have a much more catastrophic effect because of Linux’ much greater reach.

According to Roughly Drafted Magazine, Rupert Murdoch’s Fox is taking shots at Mac OS X as well.

Fox News reports new Mac virus that is neither Mac nor viral nor new

A report published by Fox News says that “online criminals are apparently so impressed with its scorching sales they are sending Macintosh computers an attack typically aimed at” Windows PCs. The story then falls apart in series of inept contradictions.

The press loves pretending that Windows is never the culprit, despite compelling evidence that these very same outlets/publications are most certainly aware of the culprit.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Latest High-Profile Patent Cases Against Apple and What These Mean to Linux-Powered Competitors of Apple

    A look at the latest patent news and developments surrounding Apple products (and the possible ramifications for OEMs that directly compete against Apple)



  2. “Reprehensible” Rodney Gilstrap Continues to Snub the US Supreme Court by Refusing to Let Non-Texan Companies Move Out of Texas

    Some of the latest news about patent trolls in the United States and China (where they tend to prey on US companies)



  3. The 'New' IP Kat on Patents: A Front Group for Team UPC (Bristows) and CIPA (British Patent Microcosm)

    Another quick look at today's output from IP Kat, which turned from a proponent of EPO staff into a proponent of Battistelli's oppressive agenda



  4. The Latest Lies From the EPO (Regarding Quality) and the Reason the UPC Won't Happen (Any Time Soon at Least)

    Lies are being intentionally spread inside the EPO (from the management downwards) and sobering reality about the UPC gradually sets in



  5. Lufthansa Leaks? Nokia Leaks? Prepare for Further Digging Into EPO Scandals

    Techrights to explore -- as a matter of priority -- corruption that is connected to the EPO and involves governments and corporations



  6. The Patent Microcosm Tries to Persuade the Headless USPTO to Crush Alice

    In another effort to bring software patents back to the US (they are currently being swatted like flies in the courts), the lobby of the patent 'industry' gangs up with former officials of the USPTO -- now in lobbying capacity -- and a new report is issued regarding Section 101



  7. Links 25/7/2017: KStars 2.8.0 is Out, Flash Will Die

    Links for the day



  8. How the EPO's Terrible Decisions May Implicate the Government of Germany and Lufthansa

    The role played by German authorities throughout the scandal involving Željko Topić, a notorious Vice-President at the European Patent Office (EPO)



  9. Patent Maximalists Continue to Warp the Debate/Media Coverage About Patents in Britain

    Just like in most places, including the English-speaking media in north America, British journalists omit voices of reason or simply give the podium to those seeking to increase the number of patent lawsuits (and breadth of these)



  10. In 2017 Software Patents Are Barely Valid in the United States

    Today’s simple reality is, even if the USPTO grants (or granted) a software patent, the prosecution certainty is notoriously low



  11. Patent Troll Uniloc Lost a Software Patent Case Owing to PTAB, Microsoft-Connected Troll Finjan Holdings Keeps on Suing

    The latest troll cases in the US and where they have gone (all about software patents, as usual)



  12. Links 24/7/2017: Linux 4.13 RC2, Mesa 17.2 RC1, Akademy Coverage

    Links for the day



  13. Qualcomm-Apple Dispute Escalates Further (Lawsuits Come to Europe) With the Cost of Linux-Powered Devices Also at Stake

    Another catchup with a high-profile case (complaints and lawsuits ad infinitum) that will help determine one's ability to leverage patents in bulk -- including software patents -- against phone-making OEMs



  14. Section 101/Alice: Latest News and Views

    A § 101 change which effectively strikes out software patents (if not at the patent office, then in appeal boards and courts) continues to alter the litigation landscape much to the chagrin/regret of various circles



  15. STRASBOURG: Representative of Lufthansa Accused of Corruption

    According to some international sources, it was on account of the corrupt and criminal tendencies with which he has been endowed by nature and which he used to assist international corporations in protecting dubious patents in the Republic of Croatia that Željko Topić was rewarded with a position at the EPO in Munich, although his skills and mindset indicate that he does not belong there. This is also indicated by the fact that this complex-ridden individual recently changed his place of residence in Zagreb.



  16. IBM and Watchtroll, Together With Microsoft, Among the Driving Forces for Resurgence of Software Patents

    A look at who keeps lobbying against Alice and where/how; also our assessment of why such lobbying won't be getting them anywhere any time soon



  17. Alice/U.S.C. § 101 is a Done Deal, Meaning Software Patents Are Effectively Dead in the US

    A look back at this summer’s patent cases where software patents are consistently (almost without exception) invalidated by courts, owing to § 101 (U.S.C./SCOTUS/Supreme Court)



  18. Patents Roundup: Cisco and Arista, MP3 Liberated, and 'Phone (Patent) Tax' Estimated

    Some of the very latest reports about patents in the US and how these impact the market (costs, availability, and viability of Free/Libre Open Source software)



  19. Links 23/7/2017: Wine 2.13, Krita 3.2.0 Second Beta, KDE Applications 17.08 Beta, GNOME 3.25.4, Debian 9.1 and 8.9

    Links for the day



  20. Patent Troll MPEG-LA Expands From Software Patents to Patents on Life While USPTO is Virtually Headless

    The travesty of software patents, such as patents on multimedia compression and playback, may soon be made worse as patents on genome are being aggregated by a notorious patent aggressor



  21. Lack of Independence of the Boards of Appeal at the European Patent Organisation (EPO) a Fatal Blow for the UPC

    Issues associated with the EPC, namely the lack of separation of powers at the EPO, may mean that the UPC is merely a zombie waiting to accept its permanent death



  22. [DE] STRASBOURG: Vertreter der Lufthansa wegen Korruption angeklagt

    Laut manche internationale Quellen wurde Željko Topić gerade wegen korruptiven und kriminellen Neigungen, mit welchen er von Natur begabt ist und mit welchen er den internationalen Korporationen beim Schutz von zwielichtigen Patenten in der Republik Kroatien geholfen hat, eigentlich belohnt mit der Arbeitsstelle in EPO in München, obwohl er laut seine Kenntnisse und seine Mentalität dorthin nicht gehört. Dafür spricht auch die Angabe, daß er als Person mit Komplexen neulich seinen Wohnsitz in Zagreb geändert hat.



  23. Links 21/7/2017: New Wine, Ubuntu EoL

    Links for the day



  24. The Bizarre World of US Patents and Ongoing Pursuit/Granting of Software Patents in Spite of Section 101

    A survey of recent patents that are either far too trivial, pertain purely to software, promote surveillance, or are pursued purely for vanity (when a court is likely to deem these invalid anyway)



  25. Battistelli's EPO Abuses May Soon Lead to the Death of the UPC and Return of the Old Order ('EPO Glory')

    Having severely damaged the EPO, in a selfish effort to make Europe attractive to patent trolls and bullies, Team Battistelli gradually goes away along with the UPC



  26. Links 20/7/2017: Qt Creator 4.4 Beta, Libgcrypt 1.8.0

    Links for the day



  27. Microsoft is Googlebombing “Linux” This Week in Order to Sell Proprietary Software That Does Not Run on GNU/Linux (and While Blackmailing OEMs Over Linux)

    A reminder of the fact that Microsoft very much hates GNU/Linux, lobbies against it (e.g. in Munich), blackmails companies that distribute it (using software patents) and shares all data stored by its software through back doors (for access by the NSA and other Western spy agencies)



  28. PTAB Persists and AIA Dominates in Spite of Smears and Bullying From Patent Extremists Including Watchtroll

    The America Invents Act (AIA) and the Patent Trial and Appeal Board (PTAB) maintain and gain prominence in spite of nefarious tactics of attack sites such as Watchtroll



  29. Patent Reform in the United States is Led by the Supreme Court, Not Industrial Lobbies

    Although lobbying by large corporations has served to change the patent landscape in the US, a lot of the big changes become possible because Justices with no vested interests (in patents and patent lawsuits) overturn decisions from the Court of Appeals for the Federal Circuit



  30. Unified Patent Court (UPC): A Conspiracy of Lies and Silence

    The impasse which makes impossible any progress on the Unified Patent Court (UPC) is simply being ignored -- as if it never happened -- by Team UPC


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts