EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

04.01.10

Eye on Security: Windows Malware, Emergency Patches, and BeyondTrust’s CEO from Microsoft

Posted in Antitrust, GNU/Linux, IBM, Microsoft, Security, Vista 7, Windows at 8:54 am by Dr. Roy Schestowitz

Summary: Security holes — some of which highly critical — continue to be found in Microsoft software; Justification of skepticism when it comes to new ‘research’ from former Microsoft staff, based on Microsoft-supplied data

OVER the past few days we have gathered more evidence to show that security problems only affect/target Windows and that those who flatter Windows for security are often tied to Microsoft (Window Snyder is just one example).

Windows-only Threats

Download Squad has this new post which compares Norton’s Security Scan to malware (it sure takes up a lot of resources). Those who think it’s bizarre should check out this minor piece of FUD and the rebuttal from The Source.

Right, so the Murphy’s Law headline is “Stop Supporting Open-Source Bloat“, where the author goes on to decry shady tactics of several programs, like:

* Revo Uninstaller
* Digsby
* ImgBurn

…NONE OF WHICH ARE OPEN SOURCE

Ignorance or deliberate deception? Either way, it looks bad for Maximum PC. Windows problems are now being described as “Open-Source” for no apparent reason.

TechDirt shows how copyright scare is being used to install malware/back-doors on people’s Windows machines. This relies on the infamous click-to-execute mentality that’s so prevalent in the Windows world. Actually, Microsoft software also tends to execute arbitrary code when one just visits a Web page (Active X is notorious for this reason).

Microsoft Emergency

The security flaws are so serious that Microsoft has just released an “emergency” patch for no less than 10 holes in Internet Explorer (which Microsoft neglected to patch for many months, leading to otherwise-preventable chaos [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12]).

From The Inquirer:

SOFTWARE INSECURITY SISYPHUS Microsoft has released an out-of-cycle patch for users lazy or ignorant enough to still be using an old version of Internet Explorer.

It’s generally rare that threats are deemed serious enough for Microsoft to not wait until its next Patch Tuesday, which would be April 13th now, but a vulnerability hit Internet Explorer 6 and 7 that left them open to potential remote code execution.

More at CNET:

Microsoft issued an emergency security update on Tuesday to plug 10 holes in Internet Explorer, including a critical vulnerability that has been exploited in attacks in the wild.

The cumulative update, which Microsoft announced on Monday, resolves nine privately reported flaws and one that was publicly disclosed. The most severe vulnerabilities could lead to remote code execution and a complete takeover of the computer if a user were to view a malicious Web site using IE, Microsoft said in the bulletin summary.

Internet Explorer 8 is also affected.

BeyondTrust is Hard to Trust

BeyondTrust logo

Judging by previous incidents, past Microsoft employees who become 'researchers' typically produce output that's biased in Microsoft's favour. That’s why we decided to take a careful look at BeyondTrust. Their web site is all Microsoft stack-based (showing the lower probability that they understand security) and their CEO “spent seven years at Microsoft Corporation in a variety of executive sales and marketing positions,” according to the company’s own pages. “Sales and marketing,” eh? Now, we have already covered security problems Vista 7 suffers from, in a wide range of posts including:

“Statistics must not depend on Microsoft’s own data and presented in a favourable way by design.”This brings us back to BeyondTrust (wow, what a name!). Their latest promotion of Windows for security is quoted a lot by Microsoft boosters like Emil this week. They are measuring the wrong thing by wrongly assuming that Microsoft tells the truth about its patches. Microsoft is patching its software secretly a lot of the time. We saw that many times before and thus we urge people to be skeptical. Statistics must not depend on Microsoft’s own data and presented in a favourable way by design. Remember that there are “lies, damned lies, and statistics,” according to Benjamin Disraeli and others. There may also be reason for bias here.

Speaking of potential connections to Microsoft, an anonymous reader told us to “beware that TurboHercules might be financed by Microsoft”. This reader has not produced evidence to show what led to such suspicions (it may give away the identity), but as we recently showed, TurboHercules did join a Microsoft front. It aligned itself with Microsoft and companies/campaigns that are partly owned by Microsoft.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. IBMFanboyMSHater said,

    April 1, 2010 at 11:18 am

    Gravatar

    I really liked the Hercules Software. Alas!

What Else is New


  1. Reactions to Last Week's Thierry Breton Hearing

    Nobody is particularly impressed by Thierry Breton except those who know little about him (and he contributes to this lack of knowledge by obstructing, omitting, and misleading)



  2. The Open Invention Network Has Become a Guard Dog of (Some) Patent Trolls and It Misrepresents Us Under the Guise of 'Open Source'

    The Open Invention Network (OIN), in collaboration with Fraunhöfer, is promoting software patents and all sorts of other nonsense as part of ‘open’ standards in a new paper sponsored by the EU and edited by the former EPO Chief Economist Nikolaus Thumm (not Battistelli's choice); this is another reminder of the fact that OIN misrepresents Free/Open Source software (FOSS) developers and their interests



  3. IRC Proceedings: Saturday, November 16, 2019

    IRC logs for Saturday, November 16, 2019



  4. Unitary Patent is Dead Partly Because the EPO Demonstrated That EPC is Being Routinely Violated, Illegal Patents Granted

    Some elements of Team UPC have given up, whereas others try to push the lie that Unitary Patent/Unified Patent Court (UPC) is not an EU thing and that therefore everything is fine



  5. USPTO Rewards Microsoft for Corruption at ISO by Teaching People Proprietary OOXML and Promoting Its Use

    The world's most important patent office promotes Microsoft lock-in, revealing not only corporate bias but also highlighting ways in which Microsoft crimes continue to pay off



  6. No, Startpage is Not Dutch Anymore

    Startpage is still clinging onto perceptions rather than truths; it means that Startpage isn't just betraying privacy but it's also dishonest and untrustworthy



  7. Understanding Thierry Breton: Chirac's Entrepreneurial “Joker”

    Minister in charge of the public treasury was not a career politician but an “entrepreneur” with a proven track-record as a financial wizard and “cost-killer”



  8. Links 16/11/2019: New Debian Release, Wine staging 4.20

    Links for the day



  9. IRC Proceedings: Friday, November 15, 2019

    IRC logs for Friday, November 15, 2019



  10. Microsoft Doesn't Love Linux, It Just Buys Linux

    Microsoft's takeover or abduction of its opposition's voice isn't an act of love but an act of occupation, a hostile colonisation that enables digital pillage and plunder



  11. Koch's Reply to EPO Through ILO and Techrights' Interpretation of Koch v EPO Documents Help Show That ILO-AT is Played by EPO Management

    Sending cases back and forth, without the complainant being involved, means that justice is in eternal ‘limbo’ and thus the abusive management of the European Patent Office (EPO) — first Team Battistelli and now Team Campinos — can get away with anything the bullies do (no judgment of substance being delivered)



  12. EPO Running ILO's Tribunal (ILO-AT) 'in a Loop' to Perpetually Delay and Drain the EPO's Complainants (Aggrieved Staff) Out of Money

    ILO’s Administrative Tribunal — a court for aggrieved EPO staff and other international organisations’ staff (usually known as ILO-AT for short) — is a major farce; when “time is money” and lawyers charge as much as 400 euros an hour the EPO’s management can exploit/misuse its cash reserves to also game justice and buy legal outcomes



  13. ILO is Not Functioning and ILO-AT Helps the Abusive Management of the European Patent Office

    It is becoming increasingly clear, based for example on Koch v EPO, that ILO-AT is where a lot of money will be spent on lawyers and rarely will that result in real justice (but it certainly helps EPO management pretend that staff has safeguards)



  14. Links 16/11/2019: Wine 4.20, Picolibc 1.1

    Links for the day



  15. Understanding Thierry Breton: Moral Responsibility for “a Capitalism That Kills”?

    "...France Télécom which had previously been defined by an ethos of public service, by egalitarian working conditions and by a sense of universal mission, had now been transformed into a "cash machine” whose sole purpose was to generate shareholder value on international financial markets."



  16. FOSSPatents Conference is Against FOSS, Promoting the FOSS-Hostile Construct Known as RAND or FRAND

    Do not be misled by the term Free/Open Source software (FOSS) in the name FOSSPatents and whatever relates to it (e.g. FOSSPatents Conference); it's not about FOSS but against FOSS, or pro-FRAND



  17. Europe is Under Attack

    European politicians or political candidates pretend to be 'candid'; but they're agents of Power, or put another way, they're there to make the rich and powerful class even richer and more powerful by passing new, ruinous laws in the name of 'the people' or 'for SMEs'



  18. Links 15/11/2019: New Opera and Brave, GNU/Linux Flatpa(c)ked

    Links for the day



  19. IRC Proceedings: Thursday, November 14, 2019

    IRC logs for Thursday, November 14, 2019



  20. Understanding Thierry Breton: Toxic Management Goes on Trial in France

    "In each of these cases, the suicide served as a symbolic act of protest to denounce workplace conditions at France Télécom and attract public attention to its practices."



  21. Thierry Breton's Video/Live Grilling is Over, But the Grilling Continues Online

    Elite politicians aren't reluctant to give Thierry Breton the high seat (or throne); but everyone else realises that this resembles a corporate takeover more than anything



  22. The EPO's Low Patent Quality is Not Just Suicidal; It is Illegal

    With help from the besieged Boards of Appeal (BoAs), which complain that they can no longer judge cases (appeals/referrals) autonomously and independently, the Office in Munich continues to grossly violate the EPC and mimic China's ridiculously low patent bar, which even formally permits patents on algorithms



  23. Links 14/11/2019: Mesa 19.2.4 and GCC 7.5 Released

    Links for the day



  24. Microsoft is Not an Open Source Company But Microsoft Bribed and Took Over Many Open Source Authorities (Rivals' Voice Hijacked)

    Free/Open Source software (FOSS) and GNU/Linux are being taken over by Microsoft moles, bought by Microsoft Corporation, and the collective voice of the alternative to Microsoft and Windows is being muzzled (they tell us they "love" us while they're attacking us and sometimes suing us)



  25. Techrights' Interpretation of Koch v EPO: The EPO's Management Still Attacks Staff Representatives

    The EPO hopes to get its victims (of EPO abuse) to not only foot their own bills but also the EPO's



  26. Understanding Thierry Breton: “Mister Cash” Arrives at France Télécom

    The psychological harassment of the France Télécom workforce led the "suicide wave" after Breton had left France Télécom



  27. The Breton-Battistelli Relationship and Breton Hiding His Employment Record at Rothschild & Cie Banque

    EPO scoundrels such as Battistelli are closer to Breton than most people care to realise; Breton is hiding part of his career ahead of today's grilling



  28. A Lot of EPO Staff on Dutch Land Protested (Despite Abusive Threats From Management) and a Strike is Reportedly Next

    EPO management in Rijswijk tried hard to prevent workers from protesting on their free time (lunch break), reaffirming that same old belief that nothing is changing at the EPO and nothing will change without truly disruptive action



  29. IRC Proceedings: Wednesday, November 13, 2019

    IRC logs for Wednesday, November 13, 2019



  30. Links 13/11/2019: Docker Enterprise Bought, WordPress 5.3, Qt 5.12.6 Released

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts