EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.10.10

Microsoft is Again “Sabotaging” Free Software on Windows (and Why Windows is the Least Secure Platform)

Posted in Free/Libre Software, Microsoft, Security, Windows at 9:12 am by Dr. Roy Schestowitz

Firefox search

Summary: Microsoft has once again pushed its own code into Firefox, without any consent from the users

Putting Free software only on Windows is not a smart decision. On Windows, Microsoft is in total control and Microsoft does abuse this control all the time.

When it comes to Mozilla Firefox, Microsoft is routinely tinkering with it without permission (assuming one runs it on Windows). The word “sabotaging” first came up here, with additional coverage in:

Microsoft is doing it yet again. Microsoft boosters are among the first report on it: (and yes, Ars Technica has at least two Microsoft boosters as well)

i. Microsoft hides mystery Firefox extension in toolbar update

As part of its regular Patch Tuesday, Microsoft released an update for its various toolbars, and this update came with more than just documented fixes. The update also installs an add-on for Internet Explorer and an extension for Mozilla Firefox, both without the user’s permission. As you can see in the Windows Update screenshot above, Microsoft does not indicate that the update will install anything for either browser. It’s also not really clear what the installed extension actually does.

ii. Is Microsoft pushing stealth updates to users again? This time, it’s toolbars …

I’m getting numerous reports from readers claiming that Microsoft is back to pushing stealth updates to Windows users via Windows Update. This time, the update seems related to its browser toolbars.

Readers started reporting this issue to me yesterday, when Firefox users started noticing that Extensions window was opening up when launching the browser and showing something new – Search Helper Extension.

When it comes to Microsoft’s security patches, there is a lot of secret behaviour such as the above. Microsoft claims to be handling 34 flaws this week, but there are actually more because of secret patches.

Ars Technica writes about Richard A. Clarke’s new book, which blames Microsoft for national and international security problems (Windows has a huge number and proportion of zombie PCs).

Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds? Ralph Nader? No, the author is former White House adviser Richard A. Clarke in his new book, Cyber War: The Next Threat to National Security and What to Do About It.

[...]

Money talks

Why has the national response to this problem been so slow? Lack of consensus on what to do and fear of the “R-word”—government regulation, Clarke contends. Then there’s Reason Number Five on his list, which basically boils down to “Microsoft.”

“Some people like things the way they are,” Clarke obliquely observes. “Some of those people have bought access.” Microsoft, he notes, is a prominent member of OpenSecrets.org’s “Heavy Hitters” political donor list. Most of the list’s stars are trade associations. “Microsoft is one of only seven companies that make the cut.”

The software giant’s largesse has shifted from Republicans back in the Clinton antitrust days to Obama, he continues, but the agenda is always clear: “Don’t regulate security in the software industry, don’t let the Pentagon stop using our software no matter how many security flaws it has, and don’t say anything about software production overseas or deals with China.”

Clarke tries to be fair. He notes that Microsoft didn’t originally intend its software for critical networks. But even his efforts at fairness are unflattering. Microsoft’s original goal “was to get the product out the door and at a low cost of production,” he explains. “It did not originally see any point to investing in the kind of rigorous quality assurance and quality control process that NASA insisted on for the software used in human space-flight systems.”

But people brought in Microsoft programs for critical systems anyway. “They were, after all, much cheaper than custom-built applications.” And when the government launched its Commercial Off-the-Shelf program (COTS) to cut expenses, Microsoft software migrated to military networks. These kind of cost cutting reforms “brought to the Pentagon all the same bugs and vulnerabilities that exist on your own computer,” Clarke writes.
Floating i-brick

The former White House advisor cites the 1997 USS Yorktown incident as a consequence. The Ticonderoga-class ship’s whole operational network was retrofitted with Windows NT. “When the Windows system crashed, as Windows often does, the cruiser became a floating i-brick, dead in the water.”

In response to this “and a legion of other failures,” the government began looking into the Linux operating system. The Pentagon could “slice and dice” this open source software, pick and choose the components it needed, and more easily eliminate bugs.

“Never mention Windows and security in the same breath,” writes Sam Varghese in the headline of another new article. It refers to the dishonest "damage control" from Microsoft after Google's mass-desertion, as seen last week.

If I had a dollar for every time Microsoft was forced to defend the abysmal security of its Windows operating system, I would probably be lying on a beach in the Bahamas and sipping a cocktail right now, with my financial future secured.

The latest defence, from Windows communications manager Brandon LeBlanc, has as many holes as Windows does in its security armoury.

As my colleague Jake Widman reported earlier today, LeBlanc took issue with a story stating that Google was moving its internal workstations away from Windows to OSX and GNU/Linux due to Windows’ poor security.

In his response, LeBlanc talks of security issues with the Mac and Google too. That isn’t the point – no system or company is perfect.

We are talking here about the relative security of various operating systems – and Windows is, without any doubt, the worst. Put it up against OpenBSD, Solaris, NetBSD, FreeBSD, GNU/Linux, OpenSolaris, or any other, Windows comes out last when it comes to security.

“Being virus and malware-free” is another new article about escaping Windows (like Google did, for security reasons). The haven from security problem really is seen as a reason to embrace software freedom, not just an afterthought or excuse.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 17/11/2019: Slax Beta and Arch Conf 2019 Report





  2. Understanding Thierry Breton: The “Cost-Killer” Tries to Tame the National Debt

    The oligarchic policy of Thierry Breton at Bercy



  3. Reactions to Last Week's Thierry Breton Hearing

    Nobody is particularly impressed by Thierry Breton except those who know little about him (and he contributes to this lack of knowledge by obstructing, omitting, and misleading)



  4. The Open Invention Network Has Become a Guard Dog of (Some) Patent Trolls and It Misrepresents Us Under the Guise of 'Open Source'

    The Open Invention Network (OIN), in collaboration with Fraunhöfer, is promoting software patents and all sorts of other nonsense as part of ‘open’ standards in a new paper sponsored by the EU and edited by the former EPO Chief Economist Nikolaus Thumm (not Battistelli's choice); this is another reminder of the fact that OIN misrepresents Free/Open Source software (FOSS) developers and their interests



  5. IRC Proceedings: Saturday, November 16, 2019

    IRC logs for Saturday, November 16, 2019



  6. Unitary Patent is Dead Partly Because the EPO Demonstrated That EPC is Being Routinely Violated, Illegal Patents Granted

    Some elements of Team UPC have given up, whereas others try to push the lie that Unitary Patent/Unified Patent Court (UPC) is not an EU thing and that therefore everything is fine



  7. USPTO Rewards Microsoft for Corruption at ISO by Teaching People Proprietary OOXML and Promoting Its Use

    The world's most important patent office promotes Microsoft lock-in, revealing not only corporate bias but also highlighting ways in which Microsoft crimes continue to pay off



  8. No, Startpage is Not Dutch Anymore

    Startpage is still clinging onto perceptions rather than truths; it means that Startpage isn't just betraying privacy but it's also dishonest and untrustworthy



  9. Understanding Thierry Breton: Chirac's Entrepreneurial “Joker”

    Minister in charge of the public treasury was not a career politician but an “entrepreneur” with a proven track-record as a financial wizard and “cost-killer”



  10. Links 16/11/2019: New Debian Release, Wine staging 4.20

    Links for the day



  11. IRC Proceedings: Friday, November 15, 2019

    IRC logs for Friday, November 15, 2019



  12. Microsoft Doesn't Love Linux, It Just Buys Linux

    Microsoft's takeover or abduction of its opposition's voice isn't an act of love but an act of occupation, a hostile colonisation that enables digital pillage and plunder



  13. Koch's Reply to EPO Through ILO and Techrights' Interpretation of Koch v EPO Documents Help Show That ILO-AT is Played by EPO Management

    Sending cases back and forth, without the complainant being involved, means that justice is in eternal ‘limbo’ and thus the abusive management of the European Patent Office (EPO) — first Team Battistelli and now Team Campinos — can get away with anything the bullies do (no judgment of substance being delivered)



  14. EPO Running ILO's Tribunal (ILO-AT) 'in a Loop' to Perpetually Delay and Drain the EPO's Complainants (Aggrieved Staff) Out of Money

    ILO’s Administrative Tribunal — a court for aggrieved EPO staff and other international organisations’ staff (usually known as ILO-AT for short) — is a major farce; when “time is money” and lawyers charge as much as 400 euros an hour the EPO’s management can exploit/misuse its cash reserves to also game justice and buy legal outcomes



  15. ILO is Not Functioning and ILO-AT Helps the Abusive Management of the European Patent Office

    It is becoming increasingly clear, based for example on Koch v EPO, that ILO-AT is where a lot of money will be spent on lawyers and rarely will that result in real justice (but it certainly helps EPO management pretend that staff has safeguards)



  16. Links 16/11/2019: Wine 4.20, Picolibc 1.1

    Links for the day



  17. Understanding Thierry Breton: Moral Responsibility for “a Capitalism That Kills”?

    "...France Télécom which had previously been defined by an ethos of public service, by egalitarian working conditions and by a sense of universal mission, had now been transformed into a "cash machine” whose sole purpose was to generate shareholder value on international financial markets."



  18. FOSSPatents Conference is Against FOSS, Promoting the FOSS-Hostile Construct Known as RAND or FRAND

    Do not be misled by the term Free/Open Source software (FOSS) in the name FOSSPatents and whatever relates to it (e.g. FOSSPatents Conference); it's not about FOSS but against FOSS, or pro-FRAND



  19. Europe is Under Attack

    European politicians or political candidates pretend to be 'candid'; but they're agents of Power, or put another way, they're there to make the rich and powerful class even richer and more powerful by passing new, ruinous laws in the name of 'the people' or 'for SMEs'



  20. Links 15/11/2019: New Opera and Brave, GNU/Linux Flatpa(c)ked

    Links for the day



  21. IRC Proceedings: Thursday, November 14, 2019

    IRC logs for Thursday, November 14, 2019



  22. Understanding Thierry Breton: Toxic Management Goes on Trial in France

    "In each of these cases, the suicide served as a symbolic act of protest to denounce workplace conditions at France Télécom and attract public attention to its practices."



  23. Thierry Breton's Video/Live Grilling is Over, But the Grilling Continues Online

    Elite politicians aren't reluctant to give Thierry Breton the high seat (or throne); but everyone else realises that this resembles a corporate takeover more than anything



  24. The EPO's Low Patent Quality is Not Just Suicidal; It is Illegal

    With help from the besieged Boards of Appeal (BoAs), which complain that they can no longer judge cases (appeals/referrals) autonomously and independently, the Office in Munich continues to grossly violate the EPC and mimic China's ridiculously low patent bar, which even formally permits patents on algorithms



  25. Links 14/11/2019: Mesa 19.2.4 and GCC 7.5 Released

    Links for the day



  26. Microsoft is Not an Open Source Company But Microsoft Bribed and Took Over Many Open Source Authorities (Rivals' Voice Hijacked)

    Free/Open Source software (FOSS) and GNU/Linux are being taken over by Microsoft moles, bought by Microsoft Corporation, and the collective voice of the alternative to Microsoft and Windows is being muzzled (they tell us they "love" us while they're attacking us and sometimes suing us)



  27. Techrights' Interpretation of Koch v EPO: The EPO's Management Still Attacks Staff Representatives

    The EPO hopes to get its victims (of EPO abuse) to not only foot their own bills but also the EPO's



  28. Understanding Thierry Breton: “Mister Cash” Arrives at France Télécom

    The psychological harassment of the France Télécom workforce led the "suicide wave" after Breton had left France Télécom



  29. The Breton-Battistelli Relationship and Breton Hiding His Employment Record at Rothschild & Cie Banque

    EPO scoundrels such as Battistelli are closer to Breton than most people care to realise; Breton is hiding part of his career ahead of today's grilling



  30. A Lot of EPO Staff on Dutch Land Protested (Despite Abusive Threats From Management) and a Strike is Reportedly Next

    EPO management in Rijswijk tried hard to prevent workers from protesting on their free time (lunch break), reaffirming that same old belief that nothing is changing at the EPO and nothing will change without truly disruptive action


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts