EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

06.15.10

“Tens of Thousands of [Microsoft IIS] Sites” Are Being Compromised

Posted in Database, FUD, GNU/Linux, Microsoft, Windows at 2:29 am by Dr. Roy Schestowitz

Weird poem

Summary: Another live example of Microsoft ‘security’ at work; debunking the latest Linux lies from Ed Bott

“SECURITY through obscurity” sounds like a good idea in theory. As we recently found out (and had confirmed by Microsoft), part of this obscurity is lack of disclosure. Microsoft is silently patching flaws that it never discloses, which is dishonest if not fraudulent when Microsoft issues security reports based on such oversight.

According to this new article, “tens of thousands of sites” running Microsoft’s software are paying the price for having ‘secret’ vulnerabilities:

There’s a large-scale attack underway that is targeting Web servers running Microsoft’s IIS software, injecting the sites with a specific malicious script. The attack has compromised tens of thousands of sites already, experts say, and there’s no clear indication of who’s behind the campaign right now.

The attack, which researchers first noticed earlier this week, already has affected a few high-profile sites, including those belonging to The Wall Street Journal and The Jerusalem Post. Some analyses of the IIS attack suggest that it is directed at a third-party ad management script found on these sites.

This must be the latest example of why nobody gets fired for avoiding Microsoft.

Speaking of Windows security, “Juniper Networks Protects Customers From New Microsoft Vulnerabilities” after Juniper became filled with Microsoft managers [1, 2, 3]. It’s just something to bear in mind.

There is some bad FUD about Linux security at the moment (coming primarily from Ed Bott). SJVN has already responded to this FUD:

Here’s what really happened. UnrealIRCd, a rather obscure open-source IRC (Internet Relay Chat) server, wasn’t so much hacked as the program it was letting people download has been replaced by one with a built-in security hole. Or, as they explained on their site,

Microsoft boosters like Bott have been desperate to show that GNU/Linux is not more secure than Windows. As companies like Google dump Windows for security reasons, Microsoft will carry on with this FUD campaign but rely on peripherals/extensions (like Bott) to do the attacks]. That’s just how Microsoft operates when it needs FUD. See the “smoking gun” below.

“As discussed in our PR meeting this morning. David & I have spoken with Maureen O’Gara (based on go ahead from BrianV) and planted the story. She has agreed to not attribute the story to us….

“[...] Inform Maureen O’ Gara (Senior Editor Client Server News/LinuxGram) or John Markoff (NYT) of announcement on Aug 28, 2000. Owner dougmil (Approval received from BrianV to proceed)

“Contact Eric Raymond, Tim O’Reilly or Bruce Perrins to solicit support for this going against the objectives of the Open Source movement. Owner: dougmil [Doug Miller]. Note that I will not be doing this. Maureen O’Gara said she was going to call them so it looks better coming from her.”

Microsoft uses reporters as attackers

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Microsoft-Connected Patent Trolls Are Increasingly Active and Microsoft is Selling 'Protection' (Azure Subscriptions)

    There are several indications that Microsoft-connected shells, which produce no products and are threatening a large number of companies, are inadvertently if not intentionally helping Microsoft sell "indemnification" ("Azure IP Advantage," which echoes the Microsoft/Novell strategy for collecting what they called "patent royalties" one decade ago)



  2. Yes, RPost is Definitely a Patent Troll and Its Software Patents Are at Risk Thanks to Alice

    The latest whitewashing (or reputation-laundering) pieces from Watchtroll, which tries to justify patent-trolling activities with software patents, typically in the Eastern District of Texas



  3. The Latest Scams in the Patent World

    Examples of 'dirty laundry' of the patent microcosm, which it understandably does not like covering (as it harms confidence in their services/advice)



  4. Patents Are Becoming a Welfare System for the Rich and Powerful

    A culture of litigation and more recently the patenting of broad industry standards may mean that multi-billion dollar corporations are cashing in without lifting a finger



  5. Unlike the Mobile Domain, When it Comes to Cars Patent Lawsuits Remain Rare

    An optimistic note regarding the relatively low-temperature legal landscape surrounding advanced automobiles, even though patents are being amassed on software in that domain



  6. The Federal Circuit Rules (Again) in Favour of Section 101/Alice, Koch-Funded CPIP Tries to Overturn Alice at the Supreme Court

    The US Supreme Court's decision on Alice continues to have a profoundly positive impact (except for trolls) and Koch-funded academics try hard to compel the US Supreme Court to reverse/override Alice (so far to no avail)



  7. Next Director of the USPTO Parrots Talking Points of Patent Extremists and Their Lobbyists

    The next USPTO boss (still subject to official confirmation) may be little more than a power grab by the litigation and patenting 'industry', which prioritises not science and technology but its own bottom line



  8. Raw: Three Years for 'Justice' (to be Disregarded by Benoît Battistelli) at ILO and Over a Decade at the EPO

    The delays associated with ‘justice’ at the EPO (usually neither justice nor compliance with rulings) have become so extraordinary that immunity should long ago have been stripped off and Battistelli et al been held accountable



  9. Raw: Scuttling of the General Advisory Committee and Battistelli Stacking the Deck to Have 'Yes Men' as Representatives

    How the EPO broke down resistance to Battistelli’s oppressive policies not only at the Council, disciplinary committees and auditory divisions but also staff representation (symptomatic of Battistelli’s notion of justice)



  10. The Patent Trial and Appeal Board Will Endure Supreme Court Test and Overcome the Tribal Immunity “Scam”

    The Patent Trial and Appeal Board (PTAB), based on the latest news, is still winning the argument and justifying its existence/importance



  11. Phones/Mobility (Trillion-Dollar Market) May Have Become Infested and Encumbered by Aggressive, Dying Companies

    The tough reality that new entrants/entrepreneurs are facing now that a few dying giants look to "monetise" their patents rather than create anything



  12. Links 9/12/2017: Mesa 17.3, Wine 3.0 RC1, New Debian Builds

    Links for the day



  13. Like the EPO, Taiwan/China (SIPO) Harm SMEs With a Policy of Patent Maximalism Which Fosters Litigation, Not Innovation

    A culture of patent maximalism breeds plenty of lawsuits in China (good for the legal ‘industry’), but small companies that are innovative lose focus and resources, just like in Europe where SMEs are discriminated against



  14. Bristows Continues to Lie About Unitary Patent (UPC) in Britain Only to Get Rebutted in Comments, As Usual (Criticism Not Deleted Yet)

    The latest wave of posts (typically from Bristows) which herald an arrival of UPC in Britain are not just delusional but also constitute terrible legal advice



  15. The European Union Now Repeats Paid Propaganda From the EPO (Regarding the Unitary Patent)

    The EPO's push for UPC, which has already involved payments to media and academia, is spreading to the EU, which unfortunately fails to uphold the Rule of Law and the spirit of the EPC



  16. European Media Covers the Latest EPO Scandal and the EPO's Refusal to Obey Orders of a Court

    European media is starting to catch up with the latest from ILO and the great importance not only of the rulings but also the EPO's response to these



  17. Antonius Tangena From the European Patent Institute (EPI) 'Aids' Željko Topić's Appointment at the European Patent Office (EPO)

    An E-mail from Antonius (Tony) Tangena reveals a degree of coordination between the EPI and the EPO -- a potentially inappropriate action that can be seen as a cover-up attempt



  18. SUEPO Announces Protest, EPO Distracts From the Scandal, and Readers Spill the Beans

    Readers have sent some additional details regarding the EPO "backstory" that we wrote about this morning



  19. EPO Scandal Spills Over to Irish Media, So It's Time for the Backstory

    A lot more is being revealed by the media this week (regarding the EPO's "war on judges") and now that it's a more 'mainstream' subject we can shed light on the background to it



  20. Battistelli's EPO is Once Again Caught in Very Gross Violation of the European Patent Convention (EPC)

    The tyranny of the EPO is made abundantly clear for all to see -- ILO included -- but will there be consequences for repeated violations by Team Battistelli?



  21. Links 7/12/2017: Qt 5.10, ReactOS 0.4.7, Guix and GuixSD 0.14.0

    Links for the day



  22. Less Than 24 Hours Later the EPO Already Refuses to Obey Court Orders From ILO (Updated)

    As expected by realists (or pessimists), the EPO continues to act as though it's above the law and even judges suffer miscarriage of justice against them



  23. ILO Said Give the Judge His Job Back, But Christoph Ernst's Administrative Council Will Likely Let Him Go (Unemployed)

    Another potential EPO scandal in the making, as after waiting for 3 years the illegally-suspended judge might get his job back for only 3 weeks



  24. Watchtroll, AIPPI, Bristows and Others Keep Pushing Software Patents Agenda (in Spite of the Ban)

    Pressure groups and front groups of the patent microcosm (e.g. AIPPI) -- sometimes even the patent microcosm acting directly -- are still trying to make software patents legitimate, usually behind closed doors, e.g. in private events where only the patent microcosm can debate the subject (no software developers allowed)



  25. Meanwhile in Eponia, Tyrant Battistelli Must be Seeking Advice on How to Refuse to Obey Court's Orders (Again)

    People already speculate about how Battistelli will attempt to come up with excuses for noncompliance (and ongoing violation of the EPC as well as ILO code)



  26. Battistelli's 'Mole' Lucy Neville-Rolfe is Still Trying to Push Unitary Patent (UPC) Through in the United Kingdom

    Lucy Neville-Rolfe is back only to tell a bunch of lies about the UPC in British Parliament and Team UPC -- the prosecution 'industry' which has been driving this entire monster -- could not be happier



  27. ILO is 'Forcing' Team Battistelli to Compensate the Banned Judge and Give Him Back His Job

    ILO has, for a change, done some justice, but it comes three years too late and the compensation level (after salary got halved) is laughable, especially considering costs associated with legal fees and moral/reputational damage



  28. International Labour Organisation/ILOAT for UPC Yet Another Problem for Unitary Patent-Style Regime

    Seeing systematic misuse and abuse of justice at the EPO, people come to realise that Europe cannot afford to create a structure like the Unified Patent Court (UPC)



  29. CEIPI and EPO: The Story So Far

    Battistelli's dubious French connection and Christoph Ernst's obvious need to step in (not that he would ever do that)



  30. The Electronic Frontier Foundation (EFF) is Calling for Greater Transparency at USPTO and US Patent Courts

    Digital rights groups such as the Electronic Frontier Foundation still insist that it is difficult to tackle patents, challenges (e.g. at PTAB) and legal actions given the current tools and publicly available data


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts