EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

10.07.10

IRC Proceedings: October 7th, 2010

Posted in IRC Logs at 6:20 pm by Dr. Roy Schestowitz

GNOME Gedit

GNOME Gedit

GNOME Gedit

#techrights log

#boycottnovell log

#boycottnovell-social log

Enter the IRC channels now

Software Patent Lawsuits Around Linux (Roundup)

Posted in Apple, GNU/Linux, Google, Microsoft, Oracle, Patents, Red Hat at 6:09 pm by Dr. Roy Schestowitz

Watch the mines - billboard in Bosnia

Summary: The Nemesis of software freedom (or #1 threat to it) is summoned by Linux rivals like Microsoft and the Microsoft-occupied Acacia; Rebuttals come from the likes of Jason Perlow, Glyn Moody, Matt Asay, and Groklaw

THE world is upset to see Microsoft suing Linux-using companies. It just shows how incapable Microsoft is when it comes to producing real products. Jason Perlow receives praise for his response (he works for IBM) and Ghabuntu writes: “My friend calls him Steve “I’ll fcuking kill Google” Ballmer. And I think he is right. Microsoft has been rattling the saber at Android in the last week, demanding patent payment for all Android phones. To say this is an absurd claim is being very gentle.”

Microsoft appears to be double-dipping ActiveSync tax and FAT too is targeted (so Mono proponents should pay attention). Glyn Moody asks: “Is Microsoft running out of steam?”

One difference, of course, is that Watt’s patent at least related to a substantial technological development: in the case of Microsoft, we are dealing with the usual trivial and/or obvious patents – “scheduling meetings”, “changes in signal strength and battery power”. Even the synchronising email element, which presumably relates to Microsoft Exchange ActiveSync, is simply a question of dominant protocols, not market-enhancing improvements.

People forget that the central purpose of patents is to encourage real innovation, not simply reward people for being the first to file for even obvious ideas with over-stretched patent offices that set incredibly low bars. The world of patents has become perverted in recent years: patents are seen as valuable things in themselves – the more the merrier – irrespective of whether they do, truly, promote innovation. Worse: in the world of software, they are actually brakes on that innovation, particularly as they begin to interact and form impenetrable patent thickets.

As Moody has been showing for years, Microsoft is lobbying for RAND (along with its lobbyists) and it’s stuff like ActiveSync which shows the impact of RAND. Here is a nice diagram of patent lawsuits in the mobile space and another diagram of this kind. All these lawsuits contribute to the conclusion that patents are counter productive and hardly manageable, even for very large companies.

Motorola has meanwhile sued Apple for patent violations [1, 2, 3, 4, 5] and Moody responds to it by writing “welcome to the patent thicket”.

The legal landscape in mobile technology is getting a little bit crazy these days. Everyone is suing everyone, and keeping up with every claim and counterclaim is fast becoming a confusing endeavor.

Today, Motorola decided to keep the legal party going when it filed a complaint with the International Trade Commission (ITC) alleging that a number of Apple products infringe on 18 Motorola patents. Separately, Motorola also filed patent infringement lawsuits in the U.S. District Court for the Northern District of Illinois and the Southern District of Florida.

Here is the press release and accompanying LWN discussion (LWN has been disrupted by mobbyists recently).

We have also just learned that Apple is now suing Nokia in the UK, not just the US [1, 2].

According to Reuters, Apple has sued Nokia in Britain. Nokia said that it is investigating the claims, which appear to be based on nine implementation patents already in dispute between the two companies in the United States.

Microsoft’s CEO has just been in the UK where he urged to “harmonise” laws regarding so-called ‘IP’. In a new article from The Inquirer (titled “Ballmer gives LSE a masterclass in not answering questions”) it says: “Giving an indication of how hard any sort of global security architecture will be, Ballmer spoke of a need for the US, Europe and China to harmonise their laws to try to stop ‘piracy’.”

“Ballmer already has lobbyists working on these schemes of legalising software patents in Europe and they give the illusion that Microsoft is not involved.”He hopefully is not calling for patent law too to be harmonised. Ballmer already has lobbyists working on these schemes of legalising software patents in Europe and they give the illusion that Microsoft is not involved.

Then there’s the Oracle case, which is really about Java more than anything else. We wrote about it yesterday (the counterclaim) and now come some more sites [1, 2] including Groklaw [1, 2] with the analysis that’s mostly of interest to legalese lovers. We’ve heard even from a lawyer that Google’s papers are hard to follow/analyse.

Matt Asay, a lawyer by training, looks at this case from above and concludes that “Oracle is the least of Android’s patent woes, while Microsoft is the most offensive” (that’s his short summary). Here is his full punditry which says:

But Android particularly annoys Apple, Microsoft, and Oracle, albeit for very different reasons.

Apple, design purist that it is, disdains the momentum Android has seen. Apple is, of course, the early winner in the smartphone market, and its lawsuit against device manufacturer HTC seems to be a means to slow Android’s advances. It hasn’t worked. Not content to sit by and watch its market share erode as developers flock to open-source Android, however, Apple has loosened its grip on developers and is making a serious attempt to win in the market, not simply the courts.

Microsoft, a serial underachiever in mobile, despises Android for the same reason it has long wrung its hands over Linux servers: Microsoft doesn’t know how to compete with free. Google gives Android away, but Microsoft has repeatedly stressed that patent-encumbered Android isn’t free. As Microsoft CEO Steve Ballmer told The Wall Street Journal, “Android has a patent fee. It’s not like Android’s free. You do have to license patents.”

This is the same strategy Microsoft has employed in the server market, signing up licensees to its patent portfolio based on vague FUD (fear, uncertainty and doubt) that Linux violates its patents. If Microsoft can force Google to license its patents, it can make it harder for Google to keep Android free.

Wheeler talks about another one of Groklaw’s analyses and says that “so many software patents are patents of prior art”:

In short, “The bottom line is that patent applicants receive the benefit of favorable procedures and a resource-constrained review by the PTO and then assert presumptively valid patents that, according to the Federal Circuit, can be defeated only by clear and convincing evidence. That serves only to insulate patents of dubious quality from adequate scrutiny at any stage.”

A different brief shown in Groklaw was filed by the Electronic Frontier Foundation (EFF), Public Knowledge, Computer & Communications Industry Association (CCIA), and Apache. They point out some other unfair aspects of the patent process. In particular, they note that “patent owners assert that accused infringers must use the prior art’s source code to prove invalidity, but that source code is often unavailable years after the fact”.

Our reader Jose has read the submission from the Electronic Frontier Foundation and he argues that they defend software patents in principle, just not “bad” ones. If true, it’s akin to the position taken by the OIN. It would be wrong to suggest that Linux-using firms are all fundamentally against software patents. One of the biggest Linux-using aggressors is TiVo (notorious in Linux circles for other reasons), which has just gotten a shot in the arm because of a USPTO reversal:

The U.S. Patent and Trademark Office on Wednesday affirmed the validity of TiVo’s so-called Time Warp DVR patent, reversing the agency’s ruling this summer — after a second re-examination requested by EchoStar and Dish Network — that the patent was invalid because some of the claims were covered in two prior patents.

TiVo’s stock price shot up 9.7% for the day, to close at $10.08 per share Wednesday.

The decision by the PTO is final and cannot be appealed by Dish/EchoStar. Dish and EchoStar declined to comment on the latest ruling.

We covered the likes of these cases in [1, 2, 3]. TiVo deserves no sympathy here just because it uses Linux in its boxes.

Bradly Kuhn from the FSF has also just called Red Hat’s settlement with Acacia [1, 2] “Extremely disturbing” because they “bound themselves from saying how the[y] licensed/invented-around patent”. A reader of ours has explained that “Red Hat likely took the NDA approach and perhaps because Acadia/etc paid them.

“I’m not trying to get people off Red Hat’s back, but I would not want people to assume Acadia [sic] won because that could very well be the exact intended effect of an NDA and why Acadia would then have had to give Red Hat something of value.

“Yes, I don’t like NDAs. Maybe this one lasts for a modest term or Red Hat got something very valuable (that hopefully does not hurt the community or overly enrich their execs at our cost).”

We may never know the answer then. Either way, a Firestar lawyer has told me that when a Red Hat settlement extended to the whole community (see background in [1, 2, 3, 4, 5, 6, 7]) Red Hat bragged about it rather than signed an NDA. The silence around Acacia gives room for mobbyists to incite against Red Hat. Next time around, Red Hat ought to put transparency first. The person to push regarding the secrecy turns out to be Tiller, not Fontana. He may not be able to unsign an NDA, but the same mistake oughtn’t be repeated at a later date.

Mobbyists

Posted in Free/Libre Software, FUD, Microsoft at 4:45 pm by Dr. Roy Schestowitz

“Gathering intelligence on enemy activities is critical to the success of the Slog. We need to know who their allies are and what differences exist between them and their allies (there are always sources of tension between allies), so that we can find ways to split ‘em apart. Reading the trade press, lurking on newsgroups, attending conferences, and (above all) talking to ISVs is essential to gathering this intelligence.”

Microsoft, internal document [PDF]

Summary: Fake ‘friends’ of free/open source software are trying to crack the community and mock anything that’s associated with Microsoft’s competition; they use borderline “spam” tactics to achieve this

A

small group of disruptors is hijacking discussions in GNU/Linux-oriented forums, mass-mailing journalists, abusing the Free Software Foundation while pretending to be pro-FOSS, lobbying for software patents while pretending to be against them, and is now attacking LibreOffice too. To avoid personifying this issue we shall use the collective term mobbyists, which the FFII uses to combine “mob” with “lobby”. We no longer bring much attention to mobbyists because that it precisely what they want (and the reason they flood forums and journalists with nearly identical messages that contain lies).

Techrights encourages people not to feed the mobbyists because the more they are fed, well… the more they will probably be fed ($$$). Some mobbyists come from a career of paid-for lobbying, which is a euphemism for policy corruptors.

Patents Roundup: Opposition to Software Patents and General ‘Ownership’ of Software Ideas

Posted in America, Asia, Europe, Law, Patents at 4:24 pm by Dr. Roy Schestowitz

Location on Earth

Summary: An assorted collection of new articles about patents with more focus on software patents in Europe, the United States, and China

“Lenz tells a PA Horns why patents are no good for developers,” argues the FFII, which points to this new post from a European patent attorney. He says that:

There are myths about patents on computer-implemented inventions a.k.a. software patents which won’t ever die.

One of them is the allegation that patents are a tool to steal a software developer / programmer the hard-earned fruits of labor. The software is the developer’s / programmer’s own work and he or she should be entitled to some sort of ownership.

That is what copyrights are for. Ideas alone cannot ever be “owned” and it is dangerous to pretend that they should be. “Copying Ideas is Not Theft” says this new headline from Doctor Mo, who explains how absurd this notion of “stealing”/”theft” in the context of mere ideas has become:

Then we move onto the other set of people. The “every idea is owned” brigade that think that patents are for “encouraging innovation” and that using ideas or inventing similar ideas in the process of working on problems are somehow theft. Parents aren’t for encouraging innovation, they’re for ensuring inventions are documented in the public domain so progress isn’t locked away behind trade secretes.

It’s also not theft. Stealing is the re-appropriation of a fixed property, the possession moves. Copying ideas (even if you DID copy ideas instead of just inventing the same ones again) can’t be stealing because the idea is still in your head and not just in mine. The copying process means it _can’t_ be theft.

Patents are a social agreement who’s time is past. Society no longer gains anything from them and I have no faith in their original purpose. No inventor or programmer reads patents, they don’t ensure the progress of inventions any more. Sure software patents shouldn’t have ever existed, but more than that patents in all other areas have caused major problems and just silly regressions in progress and standardisation.

PolR from Groklaw has just published another relevant post which is titled “Why Software is Abstract”. From the introduction:

Following the ruling of the Supreme Court in Bilski, the USPTO asked, in substance, how to tell an abstract idea from an application of the idea. In this article I propose an answer to the question of what makes software abstract. It is a follow up to the previous article, Physical Aspects of Mathematics.

The logic is to look at why a mathematical calculation is abstract and then see if the same logic applies to software. It happens that it does. It is possible to show that software is abstract with references to the underlying mathematical aspects. This is not, however, the topic for this article. The argument is presented without any assumption as to whether or not software is mathematics. I work from the observation that a mathematical calculation solving a mathematical problem is abstract. Then I look at what makes it abstract. Then I observe that the exact same logic is applicable to all software whether or not the law sees it as an algorithm as defined by Benson. This is not surprising. Software is mathematics and this makes it abstract, but I don’t use or rely on this fact in making the arguments in this article.

Fortunately, software patents are not much of a problem in Europe, at least not yet. The president of the FFII has just explained that “The central EU patent court [...] has great chances to create caselaw in favour of software patents” and he also notes that:

The company that applied for the most patents in 2008 was China’s Huawei, probably a lot of software patents

Here is the new reference article from Slashdot:

eldavojohn writes “A lot of Westerners view China as little more than the world’s factory manufacturing anything with little regard to patents, copyrights and trademarks. But it seems as far as patents go, China is moving on up. According to the WIPO, the company that applied for the most patents in 2008 was not an American or Japanese company but China’s Huawei Technologies. And China has made astonishing ground recently moving up to third place with 203,257 patent applications behind Japan (500,000) and the United States (390,000). It remains to be seen if these patents applications will come to fruition for China but it is evident that they are focusing on a new image as a leader in research and development. The Korean article concentrates on 2008 but you can find 2009 statistics at the WIPO’s report on China along with some statistics breaking down applications by industry.”

Techrights was created just under 4 years ago (the anniversary is approaching) because of software patents, namely the Microsoft-Novell deal of November 2006 (it led to the “Boycott Novell” initiative). Ever since then, software patents have become a greater threat to software freedom for reasons we’ll cover in the next post.

More Software Patents Stockpiling at Facebook

Posted in Microsoft, Patents at 3:51 pm by Dr. Roy Schestowitz

Original Facebook
From hobby to monopolist

Summary: Zuckerberg is building a massive portfolio of software patents not just by applying for monopolies but also by buying some from other companies

The company created under controversial circumstances by Mark “dumb fucks” Zuckerberg has been getting eerily close to Microsoft over the past few years and not so long ago it actually bought a lot of patents, just like a true patent troll (Zuckerberg is reported to have had at least one private meal with the world's largest patent troll, who came from Microsoft).

“Patent Gives Facebook Broad Power Over Mobile Location Networking,” alerts BNET:

Early into a technology it is often possible to nail down broad patents that will make competitors weep. Facebook may have done just that with location-based social networking. A patent issued yesterday has broad claims that would seem to cover much of what Google (GOOG) Latitude, Foursquare, Gowalla, and others try to do in letting users share their locations with others.

This is already being discussed in Slashdot, which summarises the article thusly:

“Facebook just received a patent with broad claims that would seem to cover much of what Google (GOOG) Latitude, Foursquare, Gowalla, and others try to do in letting users share their locations with others. Patent number 7,809,805, called ‘Systems and methods for automatically locating web-based social network members,’ covers people manually entering a status, sending that and their location from a wireless device, and sharing both the status and location with others. Facebook’s corporate value just took a big jump — and a number of other companies might have to either challenge the patent’s validity or consider licensing deals.”

Facebook is a proponent of software patents and it gives many other reasons to be shunned. Facebook promotes OOXML, it is partly owned by Microsoft, and Microsoft has already attempted to acquire Facebook, which currently promotes Bong [sic] and Silver Lie [sic] (return on investment).

Please Tell the Open Web Foundation That It Is Not Compatible With Software Freedom

Posted in Free/Libre Software, GPL, Microsoft, RAND at 3:27 pm by Dr. Roy Schestowitz

Boxes for post

Summary: The Open Web Foundation, which is co-chaired by Lawrence Rosen and Microsoft’s David Rudin, puts out a draft which is not compatible with GPL-licensed software

“Submit your remarks about the usage of RAND term at Open Web Foundation,” says the FFII regarding this draft from the Open Web Foundation. The deadline is today (still some hours left in the US). The draft in the page says “royalty free license to my Granted Claims on reasonable and non-discriminatory terms” (RAND is not compatible with the GPL).

“Someone should propose a patch to remove the “reasonable and non-discriminatory terms” because it is an undefined term,” argues the FFII.

The Open Web Foundation Legal Committee Co-Chairs are Lawrence Rosen (lrosen@rosenlaw.com) and David Rudin (davidrud@microsoft.com). Do not let them make the Web less compatible with software freedom. Microsoft (and its lobbyists) loves RAND because it’s GNU/Linux Kryptonite. Be sure to check out this new article about Microsoft front group ACT lobbying for RAND by infiltrating EU panels:

The web site specializes in publishing secret reports and leaked documents on religious, corporate or governmental, Wikileaks has posted a file showing a plan to curb the free software in Europe.

This file shows that Jonathan Zuck, president of Association for Competitive Technology (ACT) –an organization with close ties to Microsoft–, and founder of Americans for Technology Leadership, had influenced the change of working documents of the European Union.

That lobbies to exert pressure against the government institutions under their interests no doubt, and this document published by Wikileaks is clearly demonstrated.

The document in question is a work project developed by experts from the European Commission. This document has been modified by the ACT and Comptia organizations that have been percolating in several working groups.

These two associations are doing everything in their power to try to stifle free software strategy of the European Union, and helping Europe to create a successful proprietary software sector.

This publication shows how pressure groups influence or attempt to influence the decisions made by the European institutions, but in this case is particularly striking one of these groups trying to influence against free software (ACT) has close ties Microsoft, the largest seller of proprietary software in the world.

The FFII’s president summarises the above by quoting:

RT @marcopolom #Wikileaks publishes documents that show a plan to curb the free software in the European Union. http://trunc.it/bpkf0

We covered this story last year in some of the posts below. For some unknown reason it’s back to the headlines this month.

  1. European Open Source Software Workgroup a Total Scam: Hijacked and Subverted by Microsoft et al
  2. Microsoft’s AstroTurfing, Twitter, Waggener Edstrom, and Jonathan Zuck
  3. Does the European Commission Harbour a Destruction of Free/Open Source Software Workgroup?
  4. The Illusion of Transparency at the European Parliament/Commission (on Microsoft)
  5. 2 Months and No Disclosure from the European Parliament
  6. After 3 Months, Europe Lets Microsoft-Influenced EU Panel be Seen
  7. Formal Complaint Against European Commission for Harbouring Microsoft Lobbyists
  8. ‘European’ Software Strategy Published, Written by Lobbyists and Multinationals
  9. Microsoft Uses Inside Influence to Grab Control, Redefine “Open Source”

Return of Charney’s Lunacy and Latest BBC Propaganda: Microsoft Will Save the World From Insecure “Computers”

Posted in Deception, GNU/Linux, Microsoft, Security, Windows at 2:44 pm by Dr. Roy Schestowitz

Security diagram

Summary: Microsoft’s Charney, whom the monopolist hired from the US DOJ (U.S. Department of Justice), is getting a lobby boost from incompetent press; a quick look at Microsoft’s very distinct security failures as of late

HERE they go again. Microsoft spin is being used repeatedly to describe the cause of great trouble (Microsoft) as an heroic rescuer and what better platform to distribute this spin than the MSBBC, which a lot of people perceive as trustworthy even though it’s run by many former managers of Microsoft UK. The type of spin we see here is akin to the recent Russian spin [1, 2] (Microsoft as a friends of NGOs rather than the enemy) and going back almost a couple of years we find a more similar example in Conficker. Microsoft was not only a cause but also the party which benefited financially from Conficker; in order to spin it all, Microsoft pretended that it was hunting down the ‘real’ culprit and offered a generous bounty. The mainstream press fell for it and then used Conficker to portray Microsoft is the defender against “computer viruses”. Here is some of our old Conficker coverage:

It was only last month that we saw Microsoft claiming credit for failing in security. Are journalists really so genuinely incapable of thinking? Why is spin being put in print so often? Why is the MSBBC, which British taxpayers pay for, playing along with this PR lunacy? It takes a lot of nerve to take this latest post from Microsoft’s lobbying blog (written by someone whom Microsoft hired from the government) and turn it into a widely damned article which is titled “Sick PCs should be banned from the net says Microsoft”. To quote some bits:

Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests.

The proposal is based on lessons from public health, said Scott Charney of the firm’s trustworthy computing team.

[...]

Networks can consist of a few hundred to a few thousand Windows machines. However, some can contain millions of PCs.

It may seem like they call out Windows, but the article as a whole is just a platform for Microsoft’s Charney to push forward his crazy plan of charging taxpayers to make up for Microsoft’s negligence [1, 2, 3, 4, 5, 6, 7, 8, 9]. While BBC got all the flak, there are other British articles on the same subject (e.g. [1, 2]) and Pogson responded quite sarcastically:

Amen! That’s about 60% of PCs that should have GNU/Linux installed ASAP. That would really put a dent in spam and DDOS etc. We could direct out-going requests from zombies to http://goodbye-microsoft.com until they start showing better User-Agents. Would the zombie-masters start shipping false User-Agents? Sigh. Well. It was just a thought… I suppose M$ will prefer to sell a product that certifies a clean installation of their OS.

Simon Phipps was among those who slammed for the BBC for an awful article and Carlo Piana, a lawyer who favours software freedom and no software patents (yes, there are some good lawyers out there), chatted about it as follows:

Phipps: “Another lame BBC story about malware omits that it’s pretty much all a Windows problem (& worse, hypes Microsoft)”

Piana: ” but read: “There may be some who would say that MSFT shouldn’t be on the internet until they get their own house in order”–Sophos”

Phipps: “I didn’t feel that was a clear enough caveat to the general reader – just sounded snarky.”

Piana: “yes, it was a poor example of journalism anyway and spinned too much in the wrong direction.”

Last night in IRC, Chips B. Malroy wrote: “Let me explain why I am against this. It would impose a malware test on all computers before hooking up to the Internet, even those who do not have the security problems of Windows.

“Should we assume that the ISP’s will do the ‘test.’ or will be be homeland security. Somebody has to scan your computer and this poses privacy problems as well. Since MS is admitting failure to protect computers (see first paragraph quoted) then MS should not be given this power.”

“I have the perfect solution, just ban Windows,” responded cubevector, “simple and effective :)

“A plan from MS, after they already admit to not being able to protect users computers. Why should we trust them with this power? And you just know they will abuse it in an entirely monopolistic unethical way as well,” Malroy expounded.

“[D]on’t you think MS wants the power to scan your Linux computer for ‘viruses’ as well and shut you down too? Somehow, if MS got that power, I think they would have some sort of glitch and you and other Linux users would be banned from the internet.”

cubevector replied by saying “my ISP runs Linux… kind of hard to ban Linux machines then” and Malroy ended by claiming; “We should be concerned with what MS does, they do it not as a courtesy but for a reason” (of course, they have shareholders).

“Canada Will Spend Peanuts on Cyber-Security” says this headline from Pogson, who resides in Canada just like cubevector. GNU/Linux seems to him like a good solution in this case:

If they really want to increase governmental security, they should plunk for GNU/Linux on desktop and server. The savings on licence fees will go a ways toward securing the system and that is way more than $3.5 million.

Glyn Moody has quickly crafted this wonderful response to Microsoft — a blog post which he shrewdly titled “Dr Microsoft: Time to Be Struck Off” (“Doctor” because Microsoft/BBC calls some PCs “sick” rather than mention the operating system).

So, we’re talking about computers “compromised with a bot”: now, which ones might they be? Oh look, that would be almost exclusively Windows users. And why would that be? Because no matter how diligent users are in installing endless security updates to the Swiss cheese-like applications known as Windows, Internet Explorer and Microsoft Office, there are always more critical bugs that pop out of the proverbial digital woodwork to lay them open to attack and subversion.

[...]

For a researcher at Microsoft to attempt to avoid this inevitable conclusion by pushing the blame for this endless series of security lapses onto end users this way, and to suggest they, rather than Microsoft, should be thrown into the outer darkness. is beyond pathetic.

In other news relating to security, Slashdot is one among many Web sites that disappointingly blame Android for behaviour of applications which merely run on Android. Slashdot‘s own founder went with the headline “Many More Android Apps Leaking User Data” which is interesting because when it’s “Windows apps” they say nothing about Windows; they usually just say something like “it’s a bad app” or “malware” and assume the reader knows it’s about Windows. Generally speaking, In the trade press, a Solaris bug is described as a “Solaris bug”, a Linux flaw is described as a “Linux flaw”, and a Windows virus is described as just a “computer virus”. It’s unjust as it is an unequal treatment which does not help buyers of computers understand the role of operating systems in security.

Only days ago we learned that Microsoft is issuing yet another emergency patch and the “flaw potentially affects millions of web applications and has been used in attacks already. The patch will fix the flaw in all versions of the .NET framework.”

We wrote about this in [1, 2, 3, 4, 5]. It’s an ASP.NET problem and here are some of the latest articles about it [1, 2, 3, 4, 5, 6, 7].

The Free software-hostile company [1, 2] known as Trend Micro is habitually mentioned in such articles right now and there are other security risks which only affect Windows even though writers neglect to say so (see [1, 2] for example). A Twitter.com flaw too turns out to be an Internet Explorer-only (and thus Windows-only) problem and few articles bothered to point this out. Here is one which did:

IE ‘Twitter rolling’ attack trivial to launch

[...]

An information disclosure threat in Microsoft’s Internet Explorer affects all supported versions of the browser and, among other things, makes it trivial for attackers to force victims to post attacker-dictated messages on Twitter, a security researcher said this week.

The “Twitter-rolling” attack, which was first described last month, is the result of the way the browser parses CSS, or cascading style sheets, security researcher Chris Evans said. In an update posted on Wednesday, he demonstrated just how easy it is to exploit the flaw and said that “Microsoft have not stated when users of IE6, IE7, and IE8 will be afforded protection.”

How can Microsoft honestly pretend that all operating systems are equally unsecured. In recent weeks we have been hearing about Zeus affecting and infecting millions of Windows users [1, 2, 3, 4, 5] and over 80 people are now being arrested rather than the flaw/s they exploited being fixed. It does nothing to prevent other people from doing just what they did. Those arrests which are reported mostly in the UK [1, 2, 3] address the wrong issue by going after the exploiter rather than the negligent party which is responsible for making it all possible, whether by design or through negligence (it should not matter much). “Zeus Trojan Arrests Show Cybercriminals Getting More Vulnerable” says this one headline, but cybercrime should be solved by hardening software, not by calling the police. It just does not scale and it’s extremely expensive (also to the public which covers these costs).

The damage can, at times, be much greater, especially if Windows flaws lead to nuclear warfare or famine. From India, where food is highly essential and less abundant than in other countries, we now learn that “Operations were shutdown for nearly 5 hours in “More” [food] retail outlets because of virus/bug/failure in Microsoft windows”. The site says:

Apart from a large range of national brands, shoppers will also find a section called the Best of India, which is an assortment of unique products sourced from across India.

Well, too bad Windows flaws put that food out of reach for almost 5 hours, eh? This is the type of thing that can happen in all stores under conditions of war. It is far too risky to put one’s weapons or food (human energy) in the hands of some overseas company with absolute control over the code. Bruce Schneier has finally gotten around to writing this long article about Stuxnet. He does not rule out the possibility that Stuxnet was crafted very much for a specific purpose.

Stuxnet was expensive to create. Estimates are that it took 8 to 10 people six months to write. There’s also the lab setup–surely any organization that goes to all this trouble would test the thing before releasing it–and the intelligence gathering to know exactly how to target it. Additionally, zero-day exploits are valuable. They’re hard to find, and they can only be used once. Whoever wrote Stuxnet was willing to spend a lot of money to ensure that whatever job it was intended to do would be done.

For more information we shared about Stuxnet, see the links below. Who is Microsoft to label PCs “sick”?

Microsoft Entryism Continues at Yahoo! as More Microsoft Managers Occupy the Shaken Ship

Posted in GNU/Linux, Google, Microsoft, Search at 1:19 pm by Dr. Roy Schestowitz

Entryism

Summary: More staff migrations are reported to have resulted in managers from Microsoft taking charge inside Yahoo! and Nokia is revisited as entryism candidate in its earlier phases

ENTRYISM becomes a strong tool for Microsoft to change the landscape of IT, especially now that so many Microsoft executives are leaving. One reader of ours, gnufreex, has asked for an article explaining what entryism is about and how it works. The Wikipedia article is broad and it focuses on entryism in the context of politics (Slated brought this analogy to wider public attention). Today we’ll give a quick update on Microsoft entryism and there is a lot more in our IRC channels (for those who are patient enough to open the logs and read them all).

“After talking [to] few ex and present Microsofties,” explained gnufreex, “I got to conclusion that those people are religious followers and they don’t know other company than Microsoft. That is their good. Wherever they go, they will still be working for Microsoft. There are two types of ex-Microsofties: One will stay faithful to the company and work for Microsoft cause when they move to another company. Other group will be professional and work for new company (not for Microsoft) but they will shape new company after proprietary principles they have been thought at Microsoft. So *any* company that contain ex-Microsofties in management, will be hostile to free software. They are like a plague. [...] There have been some rare exceptions. Some ex-Microsofties are completely sick of the ideas of MS. There have been guys that worked for Microsoft for 6 months and quit due to having to much common sense to accept their crap. One example, creator of CoyotOS and BitC. Shapiro. He have been hired away from CoyotOS when Hurd guys wanted to port Hurd servers to CoyotOS.”

“Wherever they go, they will still be working for Microsoft.”
      –gnufreex
As a timely example, we have documented quite thoroughly how Yahoo! got hijacked by Microsoft from the inside. That’s an excellent example of entryism, involving no less than several dozens of Microsoft managers entering a company that once rejected Microsoft and aggressively defended itself from Microsoft. Nowadays, after many Microsoft seniors managed to occupy key positions at Yahoo!, hostility towards Google at Yahoo! is greater and it is working out pretty well for Microsoft. “Microsoft Joins Yahoo In Criticizing Google Instant,” says this new headline and it’s not the first time we see such things. Yahoo dives into anti-Google agenda like Microsoft's marionette and Yahoo! may have patents too — ones that it can use to attack Google shall the former Microsoft managers who occupy Yahoo’s corpus callosum choose to do so (this possibility was covered before on several occasions).

As a reminder, Yahoo! and Google were almost allies before AstroTurfing (LawMedia) from Microsoft. Watch what Google’s CEO has to say about the antitrust claims which came through Microsoft allies recently:

Google boss Eric Schmidt has said that antitrust investigations targeting the company in the EU and Texas are “stimulated” by interested competitors and that — contrary to one of the complaints filed in the EU — the company’s “Universal Search” setup does not unfairly drive traffic to Google services at the expense of rivals.

The article addresses those accusations from Texas — accusations which Schmidt now attributes to competitors rather than just Microsoft as Google previously alleged [1, 2, 3] (those competitors are Microsoft partners for the most part).

Going back to Yahoo!, the company suffered a major exodus recently (Microsoft did too) and Yahoo! kept the press out of it. People who are not so muchly needed in Microsoft as much as they are needed for capturing a rival without acquiring it are entering Yahoo! again. More entryism in Yahoo? The Register says “Bing! man! drops! Microsoft! for! Yahoo! job!”

Mary Jo Foley at ZDNet reported Bradford’s departure, but Yahoo! hasn’t confirmed his job title yet. It’s not clear when he’ll be leaving Microsoft either.

[...]

Windows Live exec Blake Irving, Microsoft global ad sales man Bill Shaughnessy and John Metheny of Kin fame have all rocked up at Yahoo!’s Sunnyvale offices of late.

Here is what we wrote about Microsoft managers inside Yahoo! allegedly planning to bring more former colleagues from Microsoft as the company continues to sink [1, 2].

Yahoo! boss Carol Bartz confirmed that the company’s US head and two other execs were leaving the web outfit yesterday.

Hilary Schneider’s departure along with the resignations of media veep Jimmy Pitaro and audience wonk David Ko were announced by Bartz to all Yahoo!

This whole culture of entryism worries us greatly because the quicker Microsoft falls, the more Microsoft residue (of managers, not mere engineers) will spread to other companies.

“Examples of companies MS has bought a small share of (less than the 5% to report) but use to influence the board of said companies, is Netflix, Best Buy. Blockbuster had Carl Icahn the corporate raider to the same thing with that he did to Yahoo, most likely on M$ behalf,” Chips B. Malroy alleged. “Once that influence has worked and they get their people in, then MS can sell the stock,” he added.

The other day we wrote about what was happening in Nokia following the appointment of a Microsoft president (now Nokia's CEO). Not only did its key “Linux guy” (VP of Nokia’s MeeGo unit) resign but he also allegedly said “Me go now!” Yes, Ari Jaaksi resigned his position and he has not exactly given explanations to the press (it is a low-key departure). He only got “quoted as saying by Ilta-Sanomat that his departure was not linked to the naming of Stephen Elop as Nokia’s new managing director last month,” said one site. MeeGo is better than Android is many ways and Nokia’s lack of commitment will also harm Intel’s Linux plans.

“A stacked panel, on the other hand, is like a stacked deck: it is packed with people who, on the face of things, should be neutral, but who are in fact strong supporters of our technology.”

Microsoft, internal document [PDF]

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts