EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

04.17.10

First Time, Shame on You — Second Time, Shame on Microsoft

Posted in DRM, Microsoft, Security, Windows at 5:17 pm by Dr. Roy Schestowitz


Direct link

Summary: Microsoft’s Restrictions Management Service is broken again and Windows XP is again left vulnerable with Microsoft unwilling to address the issue

Microsoft’s Restrictions [sic] Management Service (RMS) is broken yet again, proving — as always — that Microsoft cannot handle encryption properly because it is not reusing good code like Free software typically does. From The H we learn that:

An implementation flaw allows attackers to bypass the encryption mechanism used for Microsoft Office documents. Although this isn’t news, having been made public in 2005, no (officially acknowledged) attack or tool for exploiting the vulnerability has existed until now. Which probably explains why Microsoft has never fixed the problem with an update for older versions of Office.

French crypto expert Eric Filiol in his presentationPDF at the recent Black Hat security conference emphasised that the situation has now changed. He says his tool can decrypt a document within a few minutes. Filiol said he began working on the statistical analysis of the RC4 algorithm used in Office back in 1994. Talking to heise Security, the expert explained why he has only now published his results: “I was employed by the French military at the time. Everything I did was classified. Now I am free speak about it.”

In other news, Microsoft is seemingly blaming users for flaws in Windows that enabled rootkits to be installed. More curiously, “Microsoft refuses to patch infected Windows XP machines,” according to PC Pro. [via]

Microsoft has revealed that its latest round of patches won’t install on XP machines if they’re infected with a rootkit.

Back in February, a security patch left some XP users complaining of endless reboots and Blue Screens of Death. An investigation followed and Microsoft discovered the problems occurred on machines infected with the Alureon rootkit, which interacted badly with patch KB977165 for the Windows kernel.

This would not be the first time that Microsoft leaves XP permanently unpatched, even by choice. Such utter negligence [1, 2, 3] can lead to loads of zombie PCs that everyone — not just Windows users — will suffer from and pay for. So where is the liability? Microsoft insists that the public should pay the price for Microsoft’s negligence [1, 2, 3, 4, 5, 6, 7] and some people are currently paying the price in the form of blackmail. [via]

PCs using file-share sites and publishes the user’s net history on a public website before demanding a fee for its removal.

The Japanese trojan virus installs itself on computers using a popular file-share service called Winni, used by up to 200m people.

Suffice to say, this “Japanese trojan virus” would not install itself on anything other than Windows, but the article above is from the MSBBC [1, 2, 3, 4, 5, 6, 7, 8] and thus it addresses toddlers who equate “computers” with “Windows”. it’s like stating that cars in general — not just Toyota cars [1, 2] — have a fatal flaw.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New

  1. Benoît Battistelli's 'Dowry' From the Administrative Council of the EPO

    The dreadful state of the EPO, where one man controls everything and mismanages money (sending a huge amount of money to his other employer, giving himself a massive bonus or a "golden parachute", allegedly paying for national delegates' votes and gambling with EPO budget), won't be improved until the entire organisation removes "Team Battistelli" (the manifestation of Battistelli's 8-year rogue regime)

  2. Patent Extremism -- Like All Extremes -- Leads to Bad Outcomes

    Religiously believing in the value of all granted patents is a form of extremism which actively puts many lives at risk; the sooner this is realised, the better off society will be

  3. Even After SAS Institute, Inc. v Iancu (Decision on PTAB) There's No Stopping the Crackdown on Bogus US Patents

    Technology firms take advantage of PTAB, eliminating patents that should never have been issued by the US patent office in the first place; that makes it incredibly difficult for patent maximalists (led by Iancu) to phase PTAB out, more so after Oil States Energy Group v Greene’s Energy

  4. Can Alice/35 U.S.C. § 101 Stop Microsoft-Connected Patent Trolls in the US?

    The latest lawsuits and inter partes reviews (IPRs) which deal with Microsoft-connected trolls and other potentially-suspicious activities

  5. TC Heartland is Still Deterring and Suppressing Patent Trolls in the United States

    Eastern Texas is being 'evacuated' in the wake of TC Heartland, which continues to be brought up by legal defense teams

  6. The ILO Tribunal: Is It Still Worthy of Our Trust?

    Trusting ILO-AT has become a lot harder in light of its handling of EPO scandals

  7. The Dangerous Adoption of Patents on Life and Nature

    In the face of pressure from patent maximalists, as well as an appointment of a patent maximalist to the top of the US patent office, lawyers/law firms which strive to extend patent scope to life itself (or nature) seem to be getting their way

  8. Stronger Patents or None at All: How the Greed of Patent Law Firms and the Patent Office Contributes to Bogus Software Patents Being Amassed

    Alice Corp. v CLS Bank continues to be the sole recent reference for handling of software patents; that being the case, it's rather disturbing that patent law firms continue to recommend patenting of software and offer lousy excuses for that (mainly because they profit at the expense of those foolish enough to believe them)

  9. Patent Strengthening Would Necessarily Mean Lowering the Number of Patents Granted After Alice/35 U.S.C. § 101

    The concept of patent strength is being distorted in all sorts of ways and acronyms like IPR still being used not to describe the process by which bad patents get eliminated but to spread propaganda like 'intellectual' 'property' 'rights'

  10. Watchtroll's Reaffirmed Hatred Towards Science and Technology, Shattering the Myth About Patent Law Firms Trying to 'Help' Innovation

    The anti-technology rhetoric (what they call derogatorily "Big Tech") of patent maximalists is ruining their old narrative which goes something along the lines of helping inventors

  11. Nearly Half of Patent Applications at the EPO Are (at Least Partly) Software Patents, According to the EPO, and Not Many Patents Are European (Foreign, Not Domestic)

    With lack of care for examiners, for European businesses and for science in general the EPO carries on unabated; its agenda seems to be steered by Team UPC, which is looking to profit from lots of foreign lawsuits across Europe (relying on low-quality patents that wouldn't pass muster in national courts)

  12. Patent Factory Europe (PFE) is a Patent Troll's Publicity Stunt, Attempting to Frame a Predator as the Small Businesses' Friend and Ally

    Patent troll "France Brevets" with its tarnished name (it's the shame of France, a major source of shame other than Battistelli) has decided to do a charm offensive which characterises it as a friend of small firms (SMEs)

  13. Alice, Which Turns Four, Has Saved Billions of Dollars Previously Wasted on 'Protection' Money (Notably Patent Trolls)

    Alice has turned 4 (just five days ago) and software patents have never looked weaker (close to impossible to enforce in high courts in the United States), lowering the incentive to pursue such patents in the first place

  14. Links 23/6/2018: Kodi 18 Alpha 2, Peppermint 9, Wine 3.11

    Links for the day

  15. Somewhat Underwhelming Reception for US Patent Number 10,000,000 (Which Actually Isn't)

    While US patent number 10,000,000 did, in fact, get issued (several days ago) there are un-ignorable reminders that a lot more patents exist and the high number says more about neglected quality than actual, objective success

  16. The United States' Supreme Court Takes the Side of Patent Maximalists, for a Change

    WesternGeco LLC v. ION Geophysical Corp. reaches its conclusion; while it has zero effect on patent scope, it does serve to show that the US Supreme Court (SCOTUS) isn’t inherently biased against patents in general

  17. Mainstream Media in Germany Covers Battistelli's Corruption at the EPO Just as He Leaves

    Mainstream German media writes about Battistelli's scandals that nobody seems eager or wishes to discuss, let alone bring up; law-centric German media covers the now-famous open letter from German law firms (Grünecker, Hoffmann Eitle, Maiwald, and Vossius & Partner)

  18. Links 22/6/2018: PulseAudio 12.0, Krita 4.1 Beta, LabPlot 2.5, Git 2.18.0

    Links for the day

  19. “Dr Ernst Should be Forced by National Politicians to Step Down With Immediate Effect” After Battistelli's Latest EPO Scandals

    Further discussions about the horrible legacy of Battistelli and his protectors, who seem to be interested in a patent trolls-friendly patent system which devalues workers and consciously lowers the patent bar (at all costs, even violation of laws and constitutions)

  20. Links 21/6/2018: Microsoft's 'Damage Control' Amid Role in ICE Scandals, 11-Hour Azure Downtime (Again), GNOME 3.29.3, and More GNU/Linux Wins

    Links for the day

  21. Battistelli and Topić Lose Their Bogus 'Case' Against Judge Corcoran After They Defamed Him and Ruined His Career/Life

    The SLAPP action against Judge Patrick Corcoran, who has so far won all cases involving the EPO, is finally dismissed in Germany; what remains is an ugly legacy at the EPO, wherein everyone bold enough to say something about corruption at the top is having his or her life — not just career — destroyed

  22. Even Media of the Patent Microcosm Mentions the Decline in Quality of Patents at the EPO, Based on Its Very Own Stakeholders, While IAM Ignores the News

    The whole world basically accepts, based on patent examiners as well as those whom they interact with (patent agents), that patent quality at the EPO has sunk; but the EPO and IAM continue to vigorously deny that as it threatens some people's nefarious agenda

  23. Links 20/6/2018: Qt 5.11.1, Oracle Solaris 11.3 SRU 33, HHVM 3.27.0, Microsoft Helping ICE

    Links for the day

  24. Patent Extremists Are Unable to Find Federal Circuit Cases That Help Them Mislead on Alice

    Patent extremists prefer talking about Mayo but not Alice when it comes to 35 U.S.C. § 101; Broadcom is meanwhile going on a 'fishing expedition', looking to profit from patents by calling for embargo through the ITC

  25. What Use Are 10 Million Patents That Are of Low Quality in a Patent Office Controlled by the Patent 'Industry'?

    The patent maximalists are celebrating overgranting; the USPTO, failing to heed the warning from patent courts, continues issuing far too many patents and a new paper from Mark Lemley and Robin Feldman offers a dose of sobering reality

  26. The Eastern District of Texas is Where Asian Companies/Patents/Trolls Still Go After TC Heartland

    Proxies of Longhorn IP and KAIST (Katana Silicon Technologies LLC and KAIST IP US LLC, respectively) roam Texas in pursuit of money of out nothing but patents and aggressive litigation; there's also a Microsoft connection

  27. EPO Insiders Correct the Record of Benoît Battistelli’s Tyranny and Abuse of Law: “Legal Harassment and Retaliation”

    Battistelli’s record, as per EPO-FLIER 37, is a lot worse than the Office cares to tell stakeholders, who are already complaining about decline in patent quality

  28. Articles About a Unitary Patent System Are Lies and Marketing From Law Firms With 'Lawsuits Lust'

    Team UPC has grown louder with its lobbying efforts this past week; the same lies are being repeated without much of a challenge and press ownership plays a role in that

  29. The Decline in Patent Quality at the EPO Causes Frivolous Lawsuits That Only Lawyers Profit From

    The European Patent Office (EPO) will continue granting low-quality European Patents under the leadership of the Battistelli-'nominated' Frenchman, António Campinos; this is bad news for science and technology as that quite likely means a lot more lawsuits without merit (which only lawyers profit from)

  30. What Battistelli's Workers Think of His Latest EPO Propaganda

    "Modernising the EPO" is what Battistelli calls a plethora of human rights abuses and corruption

CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts