EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

03.08.10

Apache Shows Why GNU/Linux is Safer Than Microsoft Windows; Microsoft Makes Batteries Dangerous

Posted in Free/Libre Software, GNU/Linux, Microsoft, Security, Windows at 12:41 pm by Dr. Roy Schestowitz

Battery charger

Summary: Windows shows that it not only brings security problems to Apache but also to battery chargers

THE thing about Windows is, the underlying operating system is less secure than UNIX and Linux. Here is nice new proof of this, straight from the news. Our reader renamed it (the headline) “Windows bug prompts Apache update advice”

“The vulnerability means that you can take complete control of the web server remotely with system privileges — which is the highest privilege on Windows,” Edelstein told ZDNet.com.au. “An attacker could gain access to, modify and take away data.”

Edelstein advised users running Apache on Windows platforms to upgrade immediately as users have no way of knowing if their web servers have been compromised. The company’s security advisory can be accessed here.

[...]

“A proof of concept remote exploit has been written by Sense of Security, and it is feasible that others could write a similar exploit to completely compromise a Windows system,” said Brett Gervasoni.

As most Apache users run it on UNIX and Linux, the above is probably nothing to panic or worry about.

Charged With Malware

“Microsoft, the company that made battery chargers dangerous,” called it the reader who sent this next item from the news:

The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access.

In an advisory, the US-CERT warned that he installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory.

When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.

“The danger of Open Source software is that you don’t know if it contains malware,” jokingly said our reader.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

3 Comments

  1. your_friend said,

    March 8, 2010 at 9:55 pm

    Gravatar

    Ha ha, it went undetected for three years. The Windows version of that Energizer Bunny has been pulled from the market.

    Regardless of when it was created, its discovery prompted Energizer to announce March 5 that it was discontinuing the sale of the product and removing the site from which the software could be downloaded. In addition, the company is urging consumers who downloaded the Windows version of the software to uninstall it.

    It’s amazing how popular the wipe and reload becomes when Microsoft needs to sell a new version of Windows. Thanks for all the nice links.

  2. Needs Sunlight said,

    March 9, 2010 at 5:53 am

    Gravatar

    @your_friend : it did not go undetected for three years, Microsoft did not publicly acknowledge it for three years, or more. There is a lot of difference there.

    Wipe and reload becomes popular when Microsoft needs to sell new versions of Windows or when third party packages, of any kind, become too popular. Wipe and reload ensures that the 3rd party packages are knocked down at least a couple points in marketshare. It is to Microsoft’s advantage that they are so many decades behind Linux, OS X or even Solaris in regards to package management.

  3. uberVU - social comments said,

    March 11, 2010 at 5:51 pm

    Social comments and analytics for this post…

    This post was mentioned on Identica by schestowitz: #Apache Shows Why #GNU #Linux is Safer Than #Microsoft #Windows http://boycottnovell.com/2010/03/08/battery-chargers-and-malware/

What Else is New


  1. Links 30/8/2016: Fedora 24 Reviewed, Ubuntu Patched

    Links for the day



  2. Links 29/8/2016: Linux 4.8 RC4, Maru OS Source Code

    Links for the day



  3. Let Them Eat Patents

    A reality check regarding software patents and regarding those who truly benefit from an expensive patent system with an even more expensive litigation process/proceedings



  4. Nothing Whatsoever Has Improved at the European Patent Office, It's Just Summer's Recess (and Silence)

    The European Patent Office (EPO) has done absolutely nothing to improve the work atmosphere, it just alters the marketing strategy somewhat



  5. Links 28/8/2016: Q4OS 1.6, ConnochaetOS 14.2

    Links for the day



  6. The United States Has Gotten Over Software Patents

    A roundup of new articles about software patents in the United States, 2 years into the post-Alice era (the US Supreme Court deeming patents on software too abstract to have merit)



  7. More Lies From President Benoît Battistelli and the EPO Crisis Which Continues to Deepen

    The European Patent Office (EPO), collectively speaking, is still wrestling with a Battistelli infiltration (a circle of high-level managers) which habitually lies and viciously attacks those who dare counter these lies



  8. Links 27/8/2016: Torvalds and GPL, “DOD Must Embrace Open-Source Software”

    Links for the day



  9. Links 26/8/2016: Maru OS Resurfaces, Android More Reliable Than 'i' Things, PC-BSD Becomes TrueOS

    Links for the day



  10. Good Job, David Kappos, Says the 'Boss' (IBM)

    Responses to the latest call against Alice (eliminator of many software patents), courtesy of the man from IBM (still paid by IBM) who was responsible for the policy that blindly approved a lot of software patents in the US



  11. Being for Patent Quality or Against Patenting Excess Does Not Make You Anti-Patents

    Like IAM, which tries to portray sceptics and critics of software patents as "anti-patents", IP Watchdog (or Watchtroll as we call it) is 'trolling' the Electronic Frontier Foundation, simply because it expressed an opinion that patent maximalists cannot tolerate



  12. Erosion of Patent Quality Enables Patent Extortion With Large Portfolios of Low Validity Rate

    Revisiting the EPO's vision of poor patent examination and the effect of discriminatory granting practices, favouring patent bullies such as Microsoft (which actively attacks Linux using low-quality and usually pure software patents)



  13. The EPO's Francesco Zaccà Presenting in Turin Alongside Patent Trolls (Like the Patent Mafia Sisvel) and Lobbyists/Front Groups for Software Patents, UPC

    Benjamin Henrion (FFII) on seeing the EPO alongside patent trolls and other nefarious actors, doing what they do best, which is undermining public interests and harming patent quality



  14. The EPO, USPTO, and Patent Microcosm Peddle Myths About Patents in Public Universities and Research

    Tackling some of the commonly-spread myths about patents as "saving lives" and "promoting research" (in practice leading to the death of poor people and promoting trolls)



  15. Large Corporations' Lobbyist David Kappos Disgraces Former Employer USPTO by Meddling in Their Affairs on Software Patents, Downplaying the Supreme Court

    The latest lobbying from David Kappos, who blatantly exploits his connections in patent circles to promote software patents and work towards their resurgence after Alice v CLS Bank



  16. Journal of Intellectual Property Law and Practice Calls the European Patent Office “Rotten”, Other Sources Scrutinise Recent Moves

    The patent office which was once known for being the best bar none is rotting under the Frenchman Benoît Battistelli, who made himself and his friends the main clients of the Office



  17. PTAB Emerges as Hero of USPTO Because Quality of Patents Improves, Software Patents Are Effectively Dead (or Dying Once Reassessed)

    With help from the Patent Trial and Appeal Board (PTAB) -- not just patent courts -- software patents drop like flies by the thousands



  18. Creative Technology, Now Operating in 'Patent Troll' Mode, Shot Down by the ITC; Jawbone Too Shot Down

    Some good news from the U.S. International Trade Commission (ITC), which may have put an end to Creative's new war on Android (using old patents)



  19. Corporate Media in India Misrepresents Startups to Push for Software Patents

    A parade of misinformation as seen in Indian (but English-speaking) press this week as questions about patentability of software resurface



  20. Links 25/8/2016: Linux Turns 25, NetworkManager Turns 1.4

    Links for the day



  21. Links 24/8/2016: More From LinuxCon, Uganda Wants FOSS

    Links for the day



  22. Links 23/8/2016: GNOME 3.22 Beta, Android 7.0 Nougat

    Links for the day



  23. The Linux Foundation Gives Microsoft (Paid-for) Keynote Position While Microsoft Extorts (With Patents) Lenovo and Motorola Over Linux Use

    This morning's reminder that Nadella is just another Ballmer (with a different face); Motorola and Lenovo surrender to Microsoft's patent demands and will soon put Microsoft spyware/malware on their Linux-powered products to avert costly legal battles



  24. Not Just President Battistelli: EPO Vice-Presidents Are Still Intentionally Misrepresenting EPO Staff

    Evidence serving to show that EPO Vice-Presidents are still intentionally misrepresenting EPO staff representatives and misleading everyone in order to defend Battistelli



  25. Battistelli the Liar Causes a Climate of Confrontation in French Politics, Lies About Patent Quality (Among Many Other Things)

    Battistelli's lies are coming under increased scrutiny inside and outside the European Patent Office (EPO), where patent quality has been abandoned in order to artificially elevate figures



  26. The Collapse of Software Patents and Patent Law Firms Trying to “Overcome” Alice

    The United States continues its gradual crackdown on software patents (which are viewed as abstract and thus unpatentable), whereas in Europe things are murkier than ever



  27. Apple's Patent Wars Against Android/Linux Make Patent Trolls Stronger

    Apple's insistence that designs should be patentable could prove to be collectively expensive, as patent trolls would then use a possible SCOTUS nod to launch litigation campaigns



  28. Links 22/8/2016: Linux 4.8 RC3, Linux Mint 18 “Sarah” KDE Beta

    Links for the day



  29. Links 21/8/2016: Apple and Microsoft Down, Systemd Spreading to Mount

    Links for the day



  30. Links 20/8/2016: Android Domination, FSFE summit 2016

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts