Flaw and Exploit in Latest Windows and Windows Server? Check.

Posted in Microsoft, Protocol, Security, Servers, Vista, Windows at 7:19 pm by Dr. Roy Schestowitz

Chess peon

Summary: A critical vulnerability lacking any real patch has now an attack code which puts in jeopardy Windows Vista Service Pack 1, Service Pack 2, even Windows 2008 Service Pack 1 (soon 2)

For context, see: Microsoft ‘Fixes’ Windows Vista and Windows Server 2008 by Disabling Entire Features

Now comes this:

Exploit published for SMB2 vulnerability in Windows

A fully functional exploit for the security vulnerability in the SMB2 protocol implementation has been published. It can be used to discover and attack vulnerable Windows machines remotely. By integrating the exploit into the Metasploit exploit toolkit, attackers have access to a wide range of attack options, ranging from issuing a warning to setting up a convenient backdoor on a user’s system.

Hackers release new attack code for Windows

On 18 September Microsoft released a Fix-It tool that disables SMB 2, and the company said then that it was working on a fix for its software.

Pressure on Microsoft, as Windows Attack Now Public

Metasploit developer HD Moore said Monday that the exploit works on Windows Vista Service Pack 1 and 2 as well as Windows 2008 SP1 server. It should also work on Windows 2008 Service Pack 2, he added in a Twitter message.

Will Microsoft do better than with XP?

IRC: #boycottnovell @ FreeNode: September 29th, 2009

Posted in IRC Logs at 6:52 pm by Dr. Roy Schestowitz


Read the log

Enter the IRC channel now

To use your own IRC client, join channel #boycottnovell in FreeNode.

Links 29/09/2009: Microsoft Researches Linux, Dell Puts Linux on Board

Posted in News Roundup at 6:38 pm by Dr. Roy Schestowitz

GNOME bluefish



  • Barrelfish, My Thesis!

    Yesterday, I read about a new OS called Barrelfish in this article in OS news. It is a collaboration between researchers at ETH Zurich and Microsoft Research, an open source multikernel operating system. I liked the idea and decided to get it; I was pretty shocked when I was reading its README file and saw that the OS is created on Linux! As an OS related to Microsoft, I didn’t expect it! :P

    Anyway, it seems that this project is not much related to Microsoft itself, so being developed under Linux is not that shocking!

    Well, now I’m much more interested in the OS as I can investigate it in Linux :) .

  • Ubuntu – good enough for grannies and girlfriends

    My girlfriend, who is in no way interested in computers or open source, now complains about having to use Windows in university, because Ubuntu is so much easier and faster to use. I can imagine the same story is playing out all over the world. Hopefully at least :-)

  • Desktop

    • F/OSS Marketing: Attracting Users AND Contributors

      How do I convince my neighbor to switch?

      Within the F/OSS community we frequently want to tout the virus-free nature of Ubuntu and how it’s free. In some ways I believe we’ve already converted most of the adventurous folks we can convert by using these arguments and randomly giving out LiveCDs

    • Monday, 28 September, 2009

      When I got back from doing that, I got a phone call from one of my sisters. I had given her my mom’s old machine with Ubuntu Linux installed on it, and she had a bunch of questions. I was able to answer all but two of them. Those two I had no experience with. Her first question was how do you install a printer driver on Linux? I had her bring up the Printers support dialog and her printer was already there. She was amazed, considering her experience with Windows on that subject.

    • Dell releases ‘Latitude ON’ alternative Linux OS for laptops

      Tiny system-on-a-chip module combines fast-boot Linux OS and ARM processor to check email, browse the Web and run for days on a standard laptop battery.

  • Server

    • HP-UX gets biannual face-lift

      Update 5 for HP-UX also has also embedded the open source Bastille security lockdown tool inside the HP-UX operating system. Since 2002, HP has offered it as an add-on, using the Linux version and making tweaks to graft it onto HP-UX. The latest iterations of Bastille allow it to automatically harden an operating system, locking down ports and other kinds of unauthorized access.

  • Kernel Space

    • Plymouth Gets A DRM Renderer Plug-In

      There is a generic DRM renderer plug-in that was committed containing non-driver/hardware specific code and then following that was initial support for NVIDIA, Intel, and AMD hardware with this DRM plug-in.

  • Games

    • Quake Live

      Also, Quake Live is surprisingly 100% more fun than Farcry 2. Sad but true.

  • Desktop Environments

    • How Will Users React to GNOME 3.0?

      GNOME Shell’s ambiguous potential lies in the fact that it is an attempt to redraw the computer desktop. Since users neither seem greatly dis-satisfied with the current state of the desktop nor in any agreement about how it could improved, this departure is risky. Some users will undoubtedly reject it simply because it is different, no matter how innovative or useful it is, much as they did with KDE.

  • Distributions

  • Devices/Embedded

    • HD-ready set-top player offers NAS functionality

      The NMP-1000 incorporates NAS technologies found in Qnap’s Linux-based Turbo NAS servers, such as the SS-439 Pro Turbo NAS.

    • Real-time JVM rev’d with BeagleBoard support

      PERC Ultra’s AWT/Swing implementation is supported on Linux/x86, Linux/ppc with hardware floating point, and Linux/arm-eabi with hardware floating point, says the company.

    • Phones

      • Irate Android devs aim to replace Google’s proprietary bits

        Google has angered the Android enthusiast community by sending a cease and desist notice to a third-party developer who is building a popular custom version of the open source platform. Google doesn’t want its proprietary bits included in cooked ROMs.

      • The Android-Cyanogen kerfluffle

        What began as a story of evil Google seeking a monopoly on Android apps has become a kerfluffle.

        The opening shot was a cease-and-desist letter issued by Google against Steve Kondik, aka Cyanogen, Kondik was producing a modified Android ROM that included proprietary Google applications.

      • The Android/Cyanogen Dispute Takes Android in New Directions

        Kondik has responded to Google’s cease-and-desist letter by agreeing to develop a workaround, through which he will release a version of his Android-based framework minus Google applications, but allow anyone who has Google applications on, say, a phone, to reinstall them on his own software framework. That’s a creative solution.

    • Sub-notebooks

      • Acer Aspire One Linux Netbook

        Netbooks have very much become an integral part of our hyperconnected lifestyles. These smaller computers slot right in between the functionality of a proper smartphone and a larger laptop, making them an affordable way to gain access to the “real” Internet without lugging around a big notebook. While a lot of people prefer to take the route of Windows or even a Hackintosh’d Mac OS X-powered netbook, the cheapest and least resource-heavy route is that of Linux.

Free Software/Open Source

  • Forget Candy, Buy Open Source Software for Charity

    Cybersource has packaged a bundle of open source software on CD that includes popular applications like Audacity, Celestia, Blender 3D, and OpenOffice. It also includes fun apps like Tux Paint and Battle for Wesnoth. Cybersource provides a pamphlet [PDF] that explains the CD’s contents and the concept of open source to potential donors, along with artwork for the CD and jewel case.

  • Open Source vs. Proprietary – Free’s Not Free

    And just like PC vs. Mac, the open source vs. proprietary decision involves considerations that go beyond pure preference. Let’s discuss these considerations and look at how you can make a better decision for your company.

  • 7 Best Free and Open Source Vector Graphics Editors for Linux

    A software application that gives users the ability to compose and edit vector graphics images interactively on a computer is called a vector graphics editor. CorelDRAW and Adobe Illustrator are some of the most popular proprietary vector editors for Windows. But if you are looking for a capable free alternative that can also work on your Linux box, there are a lot to choose from.

  • What if microsoft were to go Open Source?

    The microsoft programs would be ported to run on more architectures and processors. There would be native versions of msoffice, visio, etc. running on Linux, BSD, Solaris and MacOS. I also think that microsofts programs would get a thorough going over with a fine toothed comb and become more efficient with many bugs and security problems being fixed. There would also be faster and more timely patches being released resulting in less zero day exploits.

  • Mozilla denies it will ‘ribbonize’ Firefox

    Mozilla today denied that it will “ribbonize” upcoming Windows versions of Firefox, saying that its plans to eliminate the traditional menu bar will result in something much less complicated than Microsoft’s often-derided user interface.

  • OpenOffice.org

    • Results of the Renaissance Prototype Survey

      66% responded that they agree or agree totally with this statement about the prototypes, whereas only 14% said they disagree or disagree totally. That means, that in these early stages of the project, conformity with user expectations is pretty good. From the comments (see Calc file), the live previews for formatting changes seem to have been especially well received.

    • Yet another city

      Lyngby-Taarbaek switches to OpenOffice: Will prevent illegal downloading

      All students and teachers in Lyngby-Taarbaek Municipality is now offered free office suite OpenOffice. It may be the same, and students are not tempted to illegal downloads of Microsoft Office, says the CIO.

  • Licensing

    • Linux and the Licensing Two-Step

      One way to meet the intent of the LGPL is to provide the object code for your application and a makefile that re-links your object files with any updated Linux libraries covered under the LGPL. A better way to satisfy the LGPL is to use dynamic linking, in which your application and the library are separate entities, even though your application calls functions in the library when it runs. With dynamic linking, users immediately get the benefit of any updates to the libraries without ever having to re-link the application.

  • Openness

    • Art Geeks and Tech Geeks Come Together at New Workspace

      Open Source is the name for what used to be called the Free Software Movement. Their motto was free as in “freedom”, not free as in “beer”. It was a revolution in grassroots collaboration, and together, as a global team, sharing what they knew and building upon the work of their fellows, they created a computer operating system called Linux. The idea of the GNU license is that you can have it for free, use it, build on it, and even sell it, but you can’t turn around and be all proprietary about it. You, in turn, have to allow your work to be freely built upon.


  • Bank of America Sued for 1,784 Sextillion Dollars

    Assuming that the second comma is a typo, and that Chiscolm actually demanded 1,784 billion trillion dollars, to my knowledge that is at least a new record for stupidly large lawsuit demands. In 2008, someone sued the federal government for more than three quadrillion dollars, but a quadrillion is only a thousand trillion. These days, maybe that just doesn’t seem like a lot of money to people.

  • IBM Supplies Cloud System for Chinese City

    The municipality of Dongying will deploy IBM’s new CloudBurst software and services package to run the region’s planned Yellow River Delta Cloud Computing Center.

  • IBM

    Clearly, IBM has been an important contributor to the GNU/Linux community and has played a major role in facilitating adoption of GNU/Linux in business.

  • AstroTurf

  • Censorship/Web Abuse

    • Tor partially blocked in China

      On September 25, 2009, the Great Firewall of China blocked the public list of relays and directory authorities by simple IP address blocks. Currently, about 80% of the public relays are blocked by IP address and TCP port combination. Tor users are still connecting to the network through bridges. At the simplest level, bridges are non-public relays that don’t exit traffic, but instead send it on to the rest of the Tor network.

  • Intellectual Monopolies

Digital Tipping Point: Clip of the Day

Internet Video Celebrity Caitlin Hill 02 (2007)

Digital Tipping Point is a Free software-like project where the raw videos are code. You can assist by participating.

Patents Roundup: Patents Harm Innovation (Again), Government Intervenes in Bilski Case and Still Hides ACTA

Posted in Intellectual Monopoly, Patents at 10:13 am by Dr. Roy Schestowitz

Bright idea with clipping path

Summary: Patents are found to be harmful to rapid development and the role of the United States government may help change this, despite lack of transparency and corporate bias

THE CORRELATION between innovation and patents is a subject we explore regularly and one that in the past year we’ve covered in, e.g.:

Here is another new article/analysis which concludes with:

Its true that if you put your labor into an idea then you should be allowed to consume the fruits of it, but the only reason why you put that much labor into that idea(or innovation or discovery) is because you were excluded from using someone else’s labor. Intellectual Property is a classic solution created by the problem itself, just like everything else in the world done by the government.

Mike Masnick adds:

What Kind Of Innovation Do Patents Encourage?


Petra Moser’s research comparing innovation in countries with patents to those without patents has shown that countries without patents tend to be just as innovative, but that the innovation takes different forms. Thus, patents tend to divert from the natural market of innovation to areas that are more easily “protectable.”

Of particular interest to us is the patentability of software, which according to Groklaw may finally be facing resistance from the United States government.

The Government Files its Bilski Brief: Argues For ‘Particular Machine or Transformation of Matter’ Test


What about software, then? I read the brief as sending a mixed message, or more accurately an unfinished one, and indeed the brief states that Bilski isn’t the right case to decide that issue anyway, since it’s about a method of hedging commodities trading without any computer connection.

I’m afraid I can’t make much sense out of what it says about software.

Obama’s administration has thus far been rather favourable towards intellectual monopolies. It even hides the ACTA [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13], so Masnick has this to say about the issue:

USTR: We Can’t Be Open About ACTA Because We Promised We Wouldn’t Be (*Lobbyists Not Included)


The USTR’s answer is really a convenient non-answer. It basically says that it can’t reveal the details because everybody promised not to do so. Of course, that doesn’t explain why so many lobbyists have such detailed access to the info, and why other countries have revealed the details of the negotiations.

Here is a list of some of the companies that receive access to the otherwise-super-secretive ACTA negotiation process.

Mono and Moblin as the Microsoft-approved “Open Source Solution”

Posted in GNU/Linux, GPL, Hardware, Microsoft, Mono, Novell, OSI at 9:37 am by Dr. Roy Schestowitz

Handshake communication

Summary: Is “Open Source” simply where Free software meets Microsoft’s software patents and other “compromises”? In some cases, it sure seems like a terminological fit

Recent attacks on Richard Stallman [1, 2, 3] are a direct outcome of remarks that he made about Mono and the person behind Mono, with whom there is this unofficial interview.

On the one hand, there is good output coming from Mono, but on the other hand there is obvious advantage to Microsoft if this route is taken. GreyGeek has responded to this issue of attacks on “Free software”, noting that:

Diluting the meaning of Open Source and HIDING the GPL in a forest of several dozen pseudo GPL licenses which do NOT offer the FOUR FREEDOMS of the GPL has been the total business of the OSI, of which Microsoft is now a member. The OSI’s “compromise” to “go mainstream” was to allow the corporate member to monitor THEIR OWN COMPLIANCE with the “Open Source” requirements defined by the OSI, as weak as the OSI requirements are. It is ALL about MONEY, and the OSI is handing out Tux Suits for cash to proprietary software houses as they try to decieve the consumer about the meaning of the GPL and the Four Freedoms.

Assuming that Moblin, for example, is encumbered by Microsoft patent tax [1, 2] (evidence does suggest so [1, 2]), then the following new analysis of “why Microsoft won’t fight moblin” makes a lot of sense. It only seems to be missing the point about software patents and it concludes with:

Moblin is the solution to the problem of Intel: providing a free, lightweight and powerful OS to sell cheaper netbooks and devices. This allows Microsoft to get out of the “bargain basement OS” market and to focus on a more expensive, higher end market with Windows 7. The differentiation between both OS is large enough to ensure that most people won’t buy a Moblin device to replace their computer but to complement it. It suits Microsoft better if consumer purchase a Windows 7 desktop AND a Moblin netbook than if their purchase only a cheap Windows XP netbook.

It is worth noting that Microsoft broke competition laws to exclude GNU/Linux from many sub-notebooks (elimination of choice) only to then complain that it was losing money by doing so. It is akin to a burglar breaking into shop, emptying the register, only to complain to the shopkeeper that there is not “enough” money at the shop and the refrigerator has no soda.

Related posts:

Apple Mimics “Shovelware” Tactics from Microsoft, European Commission Unable to Mitigate Impact

Posted in Antitrust, Apple, Microsoft at 8:59 am by Dr. Roy Schestowitz

Gardening series

Summary: Apple quietly pushes more software into people’s PCs; Microsoft almost escapes justice in Europe

ACCORDING to The Register, cybercrime rises sharply, but the measured unit is frequency or volume of phishing attacks. Now, a lot of people may not remember that Mozilla slammed Apple for using malware-like techniques to advance itself and envisioning a duopoly with Microsoft. SJVN is now reporting that Apple repeats an offence by shoving uncalled-for software down people’s throats.

Apple may have recently shoved an unsafe update down your PC’s throat, but the broader problem is Apple, or anyone else, installing any unnecessary program on your PC.


I didn’t think anything more about it. I don’t install programs I don’t need or plan on testing. Others though did and they discovered that this completely unneeded Apple shovelware for 99.9999% of all users installs not just a configuration program, but the Apache Web server as well. For the tiny number of people who do need it, this lets corporate iPhone users ‘phone’ in to the business Web server for updates.

This type of behaviour is more characteristic of a company north of California. In fact, Microsoft is managing to get away with bundling (similar to "shovelware") because another term is ending. Opera is rightly upset.

The chief European critic of Microsoft’s Windows-IE bundling says the company’s proposed web browser ballot screen compromise is a sham, accusing Redmond of packing the screen with “threatening and confusing” questions.

Microsoft is also "threatening" against the use of ODF by displaying “confusing” messages.

The FSFE has just addressed the European Commission, asking politely that nothing should be done hastily because Microsoft has not complied yet and it continues to reap the benefits of market share it obtained illegally.

High Noon in Brussels. At the end of her term, competition Commissioner Neelie Kroes is wrapping up two open cases against Microsoft. The company offered to settle in July 2009.

FSFE is involved in both of cases. We are concerned that the Commission may end up reversing years of successful antitrust work if Neelie Kroes settles for far too little in order to close a deal, any deal. That would mean that Europeans remain stuck with the present Microsoft monopoly in most areas of the desktop. Even worse, that monopoly would have the Commission’s official seal of approval, effectively ruining many years of outstanding work by Ms Kroes and her team.

If the Commission cannot police the non-Free software industry, who can? Even the Commission itself is being influenced by lobbyists and those who are harbouring them.

Microsoft Hits Two Glass Houses with One Stone

Posted in Microsoft at 8:27 am by Dr. Roy Schestowitz

Glass office architecture

Summary: Both Dynamics AX and Dynamics NAV ERP (mobile versions) are axed by Microsoft; reasons not given

THE OTHER day we wrote about Microsoft canceling and burying yet another product; there is a small correction to be made though. Not one product was discontinued but two. And according to Mary Jo Foley, Microsoft is unable to provide an explanation (excuse).

Microsoft officials notified the company’s partners on September 1 that Microsoft is discontinuing the mobile versions of its Dynamics AX and Dynamics NAV ERP products.

(Word of the move trickled out broadly last Friday, via a report from IDG News Service.)

What is still not clear is why Microsoft officials made the decision to phase out the two products. I asked why Microsoft decided to discontinue the mobile clients for the Dynamics products, but received an answer from a spokesperson that elaborated on the “when,” but omitted the “why.”

This usually means that the truth hurts; Microsoft is borrowing money.

Vietnam Makes it Official with OpenDocument Format (ODF)

Posted in Asia, Free/Libre Software, GNU/Linux, IBM, Open XML, OpenDocument, Standard, Ubuntu at 8:13 am by Dr. Roy Schestowitz

Vietnam flag at How Lung Bay

Summary: Vietnam has just made ODF a national standard whilst other new gains are noted

BACK in June we wrote about ODF heading towards a "national standard" status in Vietnam, all after struggles against OOXML and foreign interests. Well, ODF is now an official standard in Vietnam, as revealed by this new document [PDF] which Rob Weir is waving, followed by many who are enthusiastic about the news. IBM is also promoting ODF in Africa through its new Canonical/IBM desktop push, which was advertised under the headline: “IBM, Canonical and Partners Launch Cloud- and Linux-based Netbook Software in Africa”

The news about Slovakia choosing ODF is over a year old, but Wikipedia was only changed to reflect on this a few days ago. There are also some official ODF icons being spread at the moment and John Cody, an attorney at the New York State Office of the Chief Information Officer/Office for Technology, declares that “ODF has clearly won.” There are other positive experiences and the relevance to curation and preservation is noted as follows:

Other formats that are suitable as LTPFs include Open Document Format (ODF), HTML, XHTML and XML. For digital images, JPEG, TIFF or PNG are recommended, and FLAC for digital audio.

None of the above is a Microsoft format; at Microsoft, digital obsolescence and single vendor control are part of the business plan.

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts