EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

11.16.09

Microsoft Won’t Secure Firefox/Chrome Users, Shows More Negligence

Posted in Microsoft, Security, Vista 7, Windows at 9:19 am by Dr. Roy Schestowitz

Web browser icons

Summary: ActiveX required by Microsoft’s OneCare; investigation into Vista 7 vulnerabilities a case of “too little, too late”

MICROSOFT pretends to have changed for the better. It pretends that it allows users of Windows to use Web browsers other than Internet Explorer, but the following post — artistically titled “Microsoft being a Onecare [Wanker]“ — suggests otherwise:

For starters, it uses an ActiveX control – Internet Explorer required in other words – that’s annoyingly hard to install. You get warnings galore from Windows 7′s UAC and IE about popups and do you really really really want to install something that has the potential to roger your system well and truly?

ActiveX was designed to restrict competition by supplanting Web standards. It ended up becoming one of the biggest security nightmares out there and Novell supports this.

Here is the new story of a man who has just been fired because of these practices from Microsoft:

Linux Contractor Fired for Using Firefox/Linux

[...]

The irony? The “compentency test” was a Security & Privacy test from the four letter credit card company that HAD to be taken on MS Windows with IE?

I’ll let you be the ones to point out the obvious…the fact that this large computer/server company with three letters in their name is reportedly a “friend to Linux”. I’ll let you talk about how a Linux Professional who uses Linux as their desktop environment was denied access to employment. Employment that was based on his knowledge of Linux. Yeah, the server side…but still…

Now let’s brag about how much ground Linux has made…

And a Linux Project Manager for said company asking the question:

“What’s this Foxfire thing?”

As a secondary item of news, some days ago we argued for Microsoft liability when it comes to the latest Vista 7 vulnerability. Microsoft deserves to be accused of negligence and the following article implies deception too.

Is Microsoft Overhyping Security In Windows 7?

[...]

Microsoft has been aggressively marketing the security improvements in Windows 7, but some security experts believe this strategy could leave the software giant open to some unpleasant repercussions.

Vista 7 has been breached before and to give some examples of insecurity, we have:

Now there is the SMB flaw that Microsoft finally acknowledges.

Microsoft on Friday said it is working on a fix for a vulnerability in the Server Message Block file-sharing protocol in Windows 7 and Windows Server 2008 Release 2 that could be used to remotely crash a computer.

It really took them too long, having waited for attack code to appear before properly investigating. That’s negligence and it is irresponsible. Gregg Keizer writes:

The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie last Wednesday, when he revealed the bug and posted proof-of-concept attack code to the Full Disclosure security mailing list and his blog. According to Gaffie, exploiting the flaw crashes Windows 7 and Server 2008 R2 systems so thoroughly that the only recourse is to manually power off the computers.

Why has Microsoft waited so long before looking into the problem? Could it be that lack of security and increased fear help Microsoft sell more ‘solutions’ to those very same problems? As we showed some days ago, is clearly profiting from Conficker, for example.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. Needs Sunlight said,

    November 16, 2009 at 11:17 am

    Gravatar

    A verdict of Negligence would assume a competency or willingness to fix the problem. Likely neither are present in any measurable quantity.

    From the outside it looks more like a case of further anti-competitive behavior.

What Else is New


  1. Actions Against EPO Corruption and Unitary Patent (UPC) Injustice/Lobbying

    The EPO is apparently going on strike again and an action against the UPC is scheduled for later this week (protest in Brussels)



  2. “The Fifth Freedom as a Meme”

    The issue with systemd (or SystemD) has provoked or at least stimulated discussions about the limits of the famous Four Freedoms



  3. IRC Proceedings: Monday, December 09, 2019

    IRC logs for Monday, December 09, 2019



  4. Demonstration Against Unitary Software Patents, Thursday 12 Dec in Brussels

    FFII's call to demonstrate against the UPC



  5. Links 9/12/2019: China on GNU/Linux, Canonical Wants Help to Improve Ubuntu

    Links for the day



  6. Links 9/12/2019: Linux 5.5 RC1, EasyOS Buster 2.1.9

    Links for the day



  7. IRC Proceedings: Sunday, December 08, 2019

    IRC logs for Sunday, December 08, 2019



  8. Mandatory Education for Those Who Use and Misuse Buzzwords Would Go a Long Way

    In an age of substitution — where marketing terms replace meaningful words and concepts — it has gotten more difficult to have honest debates, for example about the scope of patents



  9. Once Upon a Time Banter Was Allowed on Mailing Lists

    Hours ago Torvalds announced RC1 of the next Linux (kernel) release; it has been a while since he last said something ‘controversial’ (following his month at the penalty box); free speech deficit can make us weaker, not stronger (advantage to those who work in the dark)



  10. Links 8/12/2019: Debian Init Systems GR, NomadBSD 1.3

    Links for the day



  11. Can We Quit Celebrating DRM in GNU/Linux?

    Over the past couple of days various news sites and "Linux" sites expressed great satisfaction [1-5] over the passive embrace of Disney's DRM ploy (Disney+), even when Disney itself rejects DRM, seeing the harms practically caused by it [6,7]



  12. You Know WSL is Bad for GNU/Linux Because Anti-Linux People, Microsoft and Its Propagandists, Want People to Use That

    Microsoft and its boosters (and media partners) haven’t grown tired of spreading falsehoods to stigmatise and take control of GNU/Linux by creating their own versions and traps for it



  13. IRC Proceedings: Saturday, December 07, 2019

    IRC logs for Saturday, December 07, 2019



  14. 5 Years Ago the Linux Foundation Turned Linux.com Into a Non-Linux Site

    One can leverage the Internet Archive’s Wayback Machine to better understand how, over time, the Foundation called “Linux” deviated or diverged away from its mission statement for the sole purpose of raising corporate funds and selling influence to corporations (passing the community’s hard work to them — a form of tacit privatisation)



  15. Microsoft Redefining Ownership and Identity of GNU/Linux

    The idea that “Microsoft loves Linux” is as insane as it gets; but the lie which is “Microsoft loves Linux” is a powerful enabler of Microsoft entryism, e.g. if Greg steps down, does a Microsoft employee become the deputy of Linus Torvalds?



  16. Things That Cannot Be Said

    The limits on what we can say are mostly defined by what sources permit us to say publicly (for the sake of source protection)



  17. Fake European Patents (on Algorithms) Leading to Fake Embargoes

    Law firms have gotten their way in Germany; instead of supporting the productive workers the patent system is nowadays promoting the litigation 'industry' and it ought to be corrected



  18. From Moderate Advice to FUD and Misinformation: The Case of a VPN Vulnerability (CVE-2019-14899)

    What should have been a trivial bugfix in a variety of operating systems and bits of software — both proprietary and Free software — somehow became anti-Linux FUD, clickbait and worse



  19. Dangerous Thinker

    Society oughtn't be alarmed by people who say unusual things; it should be wary and sceptical of those corporations ever so eager to silence such people



  20. Unitary Patent (UPC) Died Along With the Credibility of Managing IP and the Rest of the UPC Lobby

    It is pretty astounding that Team UPC (collective term for people who crafted and lobby for this illegal construct) is still telling us lies, even in the absence of underlying supportive facts, and pressure groups disguised as "news sites" latch onto anything to perpetuate an illusion of progress (even in the face of a growing number of major barriers)



  21. IRC Proceedings: Friday, December 06, 2019

    IRC logs for Friday, December 06, 2019



  22. Links 7/12/2019: Fedora 31 Elections Results, Lots of Media Drama Over VPN Bug

    Links for the day



  23. Links 6/12/2019: DRM in GNU/Linux and Sparky Bonsai

    Links for the day



  24. The EPO Rejects Innovation

    The EPO ceased caring about the needs of scientists whose work involves invention; instead, EPO management crafts increasingly lenient guidelines that yield illegal European Patents (not compatible with the EPC) that heavily-besieged EPO judges are unable to stop



  25. Startpage CEO Robert Beens in 'Damage Control' Mode, Trying to Get Startpage Relisted After Selling to a Massive Surveillance Company

    PrivacytoolsIO is being lobbied by the CEO of Startpage to relist Startpage, based on no actual refutations at all



  26. IRC Proceedings: Thursday, December 05, 2019

    IRC logs for Thursday, December 05, 2019



  27. Links 5/12/2019: qBittorrent 4.2.0, Expensive Librem 5 and OpenBSD Bugs

    Links for the day



  28. Microsoft Staff Repeatedly Refuses to Tell How Many People Use WSL, Defends Patent Extortion and Blackmail of Linux Instead

    The people who develop WSL (mostly Microsoft employees) get easily irritated when asked how many people actually use this thing; but more interestingly, however, they reveal their disdain for GNU/Linux and support for Microsoft blackmail (for 'Linux patent tax')



  29. IRC Proceedings: Wednesday, December 04, 2019

    IRC logs for Wednesday, December 04, 2019



  30. Links 4/12/2019: Tails 4.1, UCS 4.4-3 and Proxmox VE 6.1

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts