EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

10.07.10

Return of Charney’s Lunacy and Latest BBC Propaganda: Microsoft Will Save the World From Insecure “Computers”

Posted in Deception, GNU/Linux, Microsoft, Security, Windows at 2:44 pm by Dr. Roy Schestowitz

Security diagram

Summary: Microsoft’s Charney, whom the monopolist hired from the US DOJ (U.S. Department of Justice), is getting a lobby boost from incompetent press; a quick look at Microsoft’s very distinct security failures as of late

HERE they go again. Microsoft spin is being used repeatedly to describe the cause of great trouble (Microsoft) as an heroic rescuer and what better platform to distribute this spin than the MSBBC, which a lot of people perceive as trustworthy even though it’s run by many former managers of Microsoft UK. The type of spin we see here is akin to the recent Russian spin [1, 2] (Microsoft as a friends of NGOs rather than the enemy) and going back almost a couple of years we find a more similar example in Conficker. Microsoft was not only a cause but also the party which benefited financially from Conficker; in order to spin it all, Microsoft pretended that it was hunting down the ‘real’ culprit and offered a generous bounty. The mainstream press fell for it and then used Conficker to portray Microsoft is the defender against “computer viruses”. Here is some of our old Conficker coverage:

It was only last month that we saw Microsoft claiming credit for failing in security. Are journalists really so genuinely incapable of thinking? Why is spin being put in print so often? Why is the MSBBC, which British taxpayers pay for, playing along with this PR lunacy? It takes a lot of nerve to take this latest post from Microsoft’s lobbying blog (written by someone whom Microsoft hired from the government) and turn it into a widely damned article which is titled “Sick PCs should be banned from the net says Microsoft”. To quote some bits:

Virus-infected computers that pose a risk to other PCs should be blocked from the net, a senior researcher at software giant Microsoft suggests.

The proposal is based on lessons from public health, said Scott Charney of the firm’s trustworthy computing team.

[...]

Networks can consist of a few hundred to a few thousand Windows machines. However, some can contain millions of PCs.

It may seem like they call out Windows, but the article as a whole is just a platform for Microsoft’s Charney to push forward his crazy plan of charging taxpayers to make up for Microsoft’s negligence [1, 2, 3, 4, 5, 6, 7, 8, 9]. While BBC got all the flak, there are other British articles on the same subject (e.g. [1, 2]) and Pogson responded quite sarcastically:

Amen! That’s about 60% of PCs that should have GNU/Linux installed ASAP. That would really put a dent in spam and DDOS etc. We could direct out-going requests from zombies to http://goodbye-microsoft.com until they start showing better User-Agents. Would the zombie-masters start shipping false User-Agents? Sigh. Well. It was just a thought… I suppose M$ will prefer to sell a product that certifies a clean installation of their OS.

Simon Phipps was among those who slammed for the BBC for an awful article and Carlo Piana, a lawyer who favours software freedom and no software patents (yes, there are some good lawyers out there), chatted about it as follows:

Phipps: “Another lame BBC story about malware omits that it’s pretty much all a Windows problem (& worse, hypes Microsoft)”

Piana: ” but read: “There may be some who would say that MSFT shouldn’t be on the internet until they get their own house in order”–Sophos”

Phipps: “I didn’t feel that was a clear enough caveat to the general reader – just sounded snarky.”

Piana: “yes, it was a poor example of journalism anyway and spinned too much in the wrong direction.”

Last night in IRC, Chips B. Malroy wrote: “Let me explain why I am against this. It would impose a malware test on all computers before hooking up to the Internet, even those who do not have the security problems of Windows.

“Should we assume that the ISP’s will do the ‘test.’ or will be be homeland security. Somebody has to scan your computer and this poses privacy problems as well. Since MS is admitting failure to protect computers (see first paragraph quoted) then MS should not be given this power.”

“I have the perfect solution, just ban Windows,” responded cubevector, “simple and effective :)

“A plan from MS, after they already admit to not being able to protect users computers. Why should we trust them with this power? And you just know they will abuse it in an entirely monopolistic unethical way as well,” Malroy expounded.

“[D]on’t you think MS wants the power to scan your Linux computer for ‘viruses’ as well and shut you down too? Somehow, if MS got that power, I think they would have some sort of glitch and you and other Linux users would be banned from the internet.”

cubevector replied by saying “my ISP runs Linux… kind of hard to ban Linux machines then” and Malroy ended by claiming; “We should be concerned with what MS does, they do it not as a courtesy but for a reason” (of course, they have shareholders).

“Canada Will Spend Peanuts on Cyber-Security” says this headline from Pogson, who resides in Canada just like cubevector. GNU/Linux seems to him like a good solution in this case:

If they really want to increase governmental security, they should plunk for GNU/Linux on desktop and server. The savings on licence fees will go a ways toward securing the system and that is way more than $3.5 million.

Glyn Moody has quickly crafted this wonderful response to Microsoft — a blog post which he shrewdly titled “Dr Microsoft: Time to Be Struck Off” (“Doctor” because Microsoft/BBC calls some PCs “sick” rather than mention the operating system).

So, we’re talking about computers “compromised with a bot”: now, which ones might they be? Oh look, that would be almost exclusively Windows users. And why would that be? Because no matter how diligent users are in installing endless security updates to the Swiss cheese-like applications known as Windows, Internet Explorer and Microsoft Office, there are always more critical bugs that pop out of the proverbial digital woodwork to lay them open to attack and subversion.

[...]

For a researcher at Microsoft to attempt to avoid this inevitable conclusion by pushing the blame for this endless series of security lapses onto end users this way, and to suggest they, rather than Microsoft, should be thrown into the outer darkness. is beyond pathetic.

In other news relating to security, Slashdot is one among many Web sites that disappointingly blame Android for behaviour of applications which merely run on Android. Slashdot‘s own founder went with the headline “Many More Android Apps Leaking User Data” which is interesting because when it’s “Windows apps” they say nothing about Windows; they usually just say something like “it’s a bad app” or “malware” and assume the reader knows it’s about Windows. Generally speaking, In the trade press, a Solaris bug is described as a “Solaris bug”, a Linux flaw is described as a “Linux flaw”, and a Windows virus is described as just a “computer virus”. It’s unjust as it is an unequal treatment which does not help buyers of computers understand the role of operating systems in security.

Only days ago we learned that Microsoft is issuing yet another emergency patch and the “flaw potentially affects millions of web applications and has been used in attacks already. The patch will fix the flaw in all versions of the .NET framework.”

We wrote about this in [1, 2, 3, 4, 5]. It’s an ASP.NET problem and here are some of the latest articles about it [1, 2, 3, 4, 5, 6, 7].

The Free software-hostile company [1, 2] known as Trend Micro is habitually mentioned in such articles right now and there are other security risks which only affect Windows even though writers neglect to say so (see [1, 2] for example). A Twitter.com flaw too turns out to be an Internet Explorer-only (and thus Windows-only) problem and few articles bothered to point this out. Here is one which did:

IE ‘Twitter rolling’ attack trivial to launch

[...]

An information disclosure threat in Microsoft’s Internet Explorer affects all supported versions of the browser and, among other things, makes it trivial for attackers to force victims to post attacker-dictated messages on Twitter, a security researcher said this week.

The “Twitter-rolling” attack, which was first described last month, is the result of the way the browser parses CSS, or cascading style sheets, security researcher Chris Evans said. In an update posted on Wednesday, he demonstrated just how easy it is to exploit the flaw and said that “Microsoft have not stated when users of IE6, IE7, and IE8 will be afforded protection.”

How can Microsoft honestly pretend that all operating systems are equally unsecured. In recent weeks we have been hearing about Zeus affecting and infecting millions of Windows users [1, 2, 3, 4, 5] and over 80 people are now being arrested rather than the flaw/s they exploited being fixed. It does nothing to prevent other people from doing just what they did. Those arrests which are reported mostly in the UK [1, 2, 3] address the wrong issue by going after the exploiter rather than the negligent party which is responsible for making it all possible, whether by design or through negligence (it should not matter much). “Zeus Trojan Arrests Show Cybercriminals Getting More Vulnerable” says this one headline, but cybercrime should be solved by hardening software, not by calling the police. It just does not scale and it’s extremely expensive (also to the public which covers these costs).

The damage can, at times, be much greater, especially if Windows flaws lead to nuclear warfare or famine. From India, where food is highly essential and less abundant than in other countries, we now learn that “Operations were shutdown for nearly 5 hours in “More” [food] retail outlets because of virus/bug/failure in Microsoft windows”. The site says:

Apart from a large range of national brands, shoppers will also find a section called the Best of India, which is an assortment of unique products sourced from across India.

Well, too bad Windows flaws put that food out of reach for almost 5 hours, eh? This is the type of thing that can happen in all stores under conditions of war. It is far too risky to put one’s weapons or food (human energy) in the hands of some overseas company with absolute control over the code. Bruce Schneier has finally gotten around to writing this long article about Stuxnet. He does not rule out the possibility that Stuxnet was crafted very much for a specific purpose.

Stuxnet was expensive to create. Estimates are that it took 8 to 10 people six months to write. There’s also the lab setup–surely any organization that goes to all this trouble would test the thing before releasing it–and the intelligence gathering to know exactly how to target it. Additionally, zero-day exploits are valuable. They’re hard to find, and they can only be used once. Whoever wrote Stuxnet was willing to spend a lot of money to ensure that whatever job it was intended to do would be done.

For more information we shared about Stuxnet, see the links below. Who is Microsoft to label PCs “sick”?

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. The European Patent Office “is Acting as Though the Law Does Not Apply to It.”

    An article from Nieuwsuur which provides the words of Liesbeth Zegveld (for SUEPO) and Guillaume Minnoye (for the European Patent Office), reaffirming the EPO's bizarre notion that it is above the law, even in the face of human rights violations and a court ruling against the EPO



  2. Microsoft-Connected FRAND Lobbying (Software Patents Against Free/Open Source Software) in Brussels

    Anti-Free/Open Source software (FOSS) talking points and FRAND (anti-FOSS) lobbying groups in Brussels as seen by proponents of FRAND, who also worked for Microsoft



  3. Latest Propaganda From the EPO's Management an Effort to Make the EPO the Tool of Megacorporations

    A quick roundup of some of the latest spin and paid-for (bought) coverage that helps introduce a distorted patent system whose beneficiaries are not European (or even people)



  4. 'Aversion to Change' Propaganda From the EPO Echoes or Parrots Lenin and Stalin

    The out-of-control EPO management is trying to fool the media by blaming staff representatives for getting fired, simply because they stood up to a highly abusive and megalomaniacal dictator



  5. The Gates Foundation Subjected to Criticism, But Over a Decade Too Late

    Reckoning and accepting the fact that even some in the media now openly speak about Bill Gates' corrupting influence in everything, including politics



  6. Links 8/2/2016: Zenwalk 8.0 Beta 2, Q4OS 1.4.7

    Links for the day



  7. SIPO (China's Patent Office) Taken Over by Patent Maximalists

    A look at China's race to the bottom (decline in quality) when it comes to patents, assuming quite wrongly that quantity is more important than quality and severe penalties for perceived infringement will spur innovation



  8. The Alice Case Continues to Smash Software Patents (This Time OpenTV's); Will the EPO Ever Pay Attention?

    The potency or the grip of software patents in the United States is quickly eroding, but the EPO continues to act as though software patents are legitimate



  9. EPO Staff Responds to Team Battistelli's Expansion to Include French Economic Propagandist on the Payroll

    With strings attached (like string puppets of Battistelli in various units including the Investigative Unit), can the new Chief Economist, who is French and paid by Battistelli, ever be trusted?



  10. UPC: To Understand Who Would Benefit From It Just Look at Who's Promoting It (Like TPP)

    The UPC, which is designed to aid patent trolls and aggressors (and their lawyers), is still being advanced by the EPO and some misinformed (but loyal to these former groups) politicians



  11. Trolls Molestos: Rovi (del famoso Angry Birds) Ayuda al Más Largo Troll de Patentes de Microsoft Intellectual Ventures (Corregido)

    Alguna vez conocido como hacedor de juegos y más tarde como vigilancia en masa en jugadores, Rovi ahora se ESTA ALIANDO CON EL MÁS GRANDE TROLL DE PATENTES



  12. Estadísticas de Invalidación de Patentes y Costos de Litigación de Patentes (incluso si son falsas) Muestran que la Esfera de Patentes y los Estándares de Examinación son un Probleman, No Sólo en Los Estados Unidos

    Demasiadas falsas patentes que no deberían haber sido otorgadas en primer lugar y fraudulentes jucios de patentes que terminan en favor del acusado sirve para mostrar el costo externo (o externalidad) cuando set trata de un bajisímo sistema de patentes que se esfuerza en otorgar muchas patentes irrespectivamente de su mérito.



  13. The 'Offenses' of EPO Staff Representatives Boil Down to Truth-Telling

    Dutch television examined the documents of the mock 'trials' against SUEPO leaders and concluded that whistle-blowing (i.e. exposing abuses by EPO management), not misconduct, is the reason for overzealous dismissals



  14. Rumours About Dismissal of Benoît Battistelli and New Letter From Union Syndicale Federale Blasting Battistelli's Behaviour

    hings have been heating up since the dismissal of staff representatives at the European Patent Office (EPO) and some even spread rumours about withdrawal/dismissal of the EPO's President



  15. VirnetX Case Against Apple Shows Not the Problem With Patent Trolls But With Software Patents

    What the media really ought to be talking about after the high-profile VirnetX case, rather than obsess about the status of Apple or patent trolls in the Eastern District of Texas



  16. Diápositivas de Nueva Charla Explican la Connección Entre la Corte De Patentes Unitarias (UPC) y Patentes de Software

    Benjamín Henrion habló el pasado Domingo acerca de las patentes de software europeas -una presentación que habla de la Corte Unitaria de Patentes, por la que la OEP aboga sin cesar y que es lo que significa para las patentes de software.



  17. Las Políticas de Microsoft Alienan Incluso a los Hinchas Más Acérrimos de Microsoft, Incluyendo Pro-Microsoft Web Sites

    El agresivo comportamiento de Microsoft y su BAJA CALIDAD DE PRODUCTOS dejan algunos de sus últimos restos de ´hinchas´ descorazonados y molestos.



  18. Links 6/2/2016: CoreOS Rocket 1.0, Scientific Linux 7.2

    Links for the day



  19. Maybe It's Time for Class Action Lawsuits Against Microsoft for Forced Vista 10 'Upgrades', Which Were Definitely No Accident

    The sheer arrogance of Microsoft, which silently changes the operating system on people's computers (without their consent), makes lawsuits imperative, not just a possibility



  20. Readers' Article: A Strange Conspiracy of Silence in the German Media (Part II)

    Željko Topić's allegedly dark background, which includes a suicide, a retreat of potential witnesses, German funds in Topić's private bank account and several more interesting bits



  21. Links 5/2/2016: Wine 1.9.3, Slackware 14.2 Beta 2

    Links for the day



  22. Links 4/2/2016: Red Hat Upgraded, Ubuntu Tablet

    Links for the day



  23. The Siege Continues: Patent Lawyers Want More Patents, Including Software Patents, In Spite of Alice

    Lawyers who make money from patent disputes make rather apparent their aspirations, which include patent saturation even in domains that are patents-exempt



  24. European Patent Office Pretends It's Business as Usual and Prepares New Vanity Pieces

    The PR strategy of the EPO, whose destructive patent strategy continues unabated (for now), latches onto Colombia and strives to manufacture mythology wherein the public, patent examiners and patent applicants are all very happy with the EPO



  25. The 'International' Trade Commission Imposes/Reinforces Software Patents to Establish Another Embargo

    The International [sic] Trade Commission is meddling in competition and allowing a US giant, Cisco in this case, to potentially block rivals (no imports from abroad) using software patents



  26. Readers' Article: A Strange Conspiracy of Silence in the German Media (Part I)

    The views of some of our readers regarding reluctance in the German media to challenge the EPO's violations of German law, probably because Germany benefits from being a host nation of the EPO



  27. Benoît Battistelli's EPO: From Show Trials and Mock Trials to a Self-Aggrandising Propaganda Event Later Today in Rijswijk

    A headsup from a reader regarding today's highly misleading event in Rijswijk (e.g. to mislead the media or seed positive media coverage in the Netherlands) and how it was set up



  28. Caricature of the Day: EPO President

    New caricature about Benoît Battistelli, his bodyguards, and the assault on free speech at the European Patent Office



  29. Company Known as European Patent Office Provides Tips on How to Patent Software in Europe

    The European Patent Office (EPO) uses its attendance at CeBIT, which is a corporate expo, to promote software patents in spite of the European Patent Convention (EPC)



  30. Links 3/2/2016: Dell GNU/Linux Laptop, Wine 1.8.1

    Links for the day


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts