10.11.10

Gemini version available ♊︎

Microsoft Thinks That Tax and Arrests Will Make Up for Security Flaws in Windows

Posted in Microsoft, Security, Windows at 8:59 pm by Dr. Roy Schestowitz

No trespassing sign

Summary: Scott Charney from Microsoft wants some money because of security crises and others jail the exploiters rather than actually fix the issue they exploit

LET’S give some credit to Microsoft. It’s a very comical company. One of its satirists, Mr. Charney, has been making many good people laugh when he started preaching about help to Microsoft through taxpayers’ money. It began several months ago [1, 2, 3, 4, 5, 6, 7, 8, 9] and earlier this month he took the stage again [1, 2], telling a sob story and then appealing for donations. His employer created a monster with a back door and it cannot seem to get this monster under control anymore (it only keeps getting worse).

Over the weekend we presented yet another rebuttal and assorted reactions. Here are some more that caught our eye:

i. The day that Microsoft wore a tinfoil hat and shouted la, la, la

Let me run that past you again: if your computer (or network) gets infected by some malware and ends up being part of a botnet, quite possibly courtesy of some zero-day exploit taking advantage of a Windows vulnerability, then that computer (or network) should be forcibly disconnected and put into some kind of cyber-quarantine using an adapted public health model.

Charney clearly hasn’t thought this through. In his speech at the International Security Solutions Europe (ISSE) Conference in Berlin, and also in the accompanying Microsoft white paper “Collective Defense: Applying Public Health Models to the Internet” he pushes the whole public health model approach as a solution to the online security threat. Charney likens an infected computer to an infected individual who puts others at risk by not getting vaccinated, and argues that a public health model which tracks and controls the spread of infection, quarantining folk to reduce the spread, is the answer in the IT world.

ii. Microsoft Proposes Government Licencing of Internet Access

iii. The Sheer Hypocrisy of Redmond’s Stab at Internet Health

One of the benefits of being an 800-pound gorilla in this world is that you can use your strength and influence to help others.

So, apparently, seems to be the altruistic thinking at Microsoft (Nasdaq: MSFT) these days. Not content to rule the world — or at least try to — with its Windows desktop dominance, the software behemoth has now apparently paused to propose a way to tackle the Internet’s malware problems too.

The fundamental issue here is that Microsoft wants the public to cover up the costs of its own disaster. What does it think it is? BP?

Anyway, for Microsoft to think that an Internet tax can bring about a solution is to totally ignore the fact that this money will do nothing to actually fix the root of the issue, namely Windows. And why should the public ever take the burden? Microsoft hardly pays any tax and according to Associated Press, it wants to pay even less.

In a statement released Wednesday, executives for the Boeing Co. and Microsoft Corp. say I-1098 would harm businesses by raising costs for suppliers and making it harder to attract talent.

They already reject local talent and offer no benefits because it’s cheaper. That’s just more baseless lobbying and an increasing number of citizens of Seattle/Washington comprehend this over time.

Let’s go back to the original subject. Under similar posts from the weekend [1, 2] — ones about the Zeus plague [1, 2, 3, 4, 5] and the arrests it led to — that’s again an example where rather than addressing the security issues in Windows, the side-effects get handled. “Zeus Arrests Won’t End Fraud” is the headline of this new article which challenges the approach:

U.S. officials have charged 92 suspects believed to have been involved in cyber attacks that stole $70 million from bank accounts over the last four years. Meanwhile, authorities in London arrested 19 people who allegedly stole more than $9 million in just over three months using the same malware. Police in the Ukraine arrested five suspects on September 30.

But will 116 arrests make a dent into the international banking fraud being perpetrated via Zeus? Don’t get your hopes up, say industry experts.

Microsoft has been trying to get attention off Windows insecurity and it’s working quite well because the media no longer deals with Windows as an issue. The next post will be dedicated to Stuxnet, which is an excellent new example of the severe damages sometimes caused by Windows.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

2 Comments

  1. kozmcrae said,

    October 12, 2010 at 7:18 am

    Gravatar

    “Charney likens an infected computer to an infected individual who puts others at risk by not getting vaccinated…”

    Our immune systems have the benefit of millions of years of adaptation. We are under attack, literally, every second. If our immune systems were as faulty as Microsoft’s operating systems, one third the population of the Earth would be on their death beds.

    Dr. Roy Schestowitz Reply:

    If our development process had no adaptation, we would acquire no immunisation either and thus be sensitive to attack, and moreover mass extermination (which lack of variability leads to).

    The Irish suffered massive famine because they once believed in one form of agri-monoculture with potatoes.

DecorWhat Else is New


  1. Links 31/01/2023: GNOME 44 Wallpapers and Alpha

    Links for the day



  2. Free and Open Source Software Developers' European Meeting (FOSDEM) and KU Leuven Boosting Americans and Cancellers of the Father of Free Software

    The Free Software Foundation (FSF) and its founder, Richard M. Stallman (RMS), along with the SFLC one might add, have been under a siege by the trademark-abusing FSFE and SFC; Belgium helps legitimise the ‘fakes’



  3. Techrights in the Next 5 or 10 Years

    Now that I’m free from the shackles of a company (it deteriorated a lot after grabbing Gates Foundation money under an NDA) the site Techrights can flourish and become more active



  4. 60 Days of Articles About Sirius 'Open Source' and the Long Road Ahead

    The Sirius ‘Open Source’ series ended after 60 days (parts published every day except the day my SSD died completely and very suddenly); the video above explains what’s to come and what lessons can be learned from the 21-year collective experience (my wife and I; work periods combined) in a company that still claims, in vain, to be “Open Source”



  5. IRC Proceedings: Monday, January 30, 2023

    IRC logs for Monday, January 30, 2023



  6. Taking Techrights to the Next Level in 2023

    I've reached a state of "closure" when it comes to my employer (almost 12 years for me, 9+ years for my wife); expect Techrights to become more active than ever before and belatedly publish important articles, based on longstanding investigations that take a lot of effort



  7. The ISO Delusion: When the Employer Doesn’t Realise That Outsourcing Clients' Passwords to LassPass After Security Breaches Is a Terrible Idea

    The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that



  8. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day



  9. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”



  10. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day



  11. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023



  12. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"



  13. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.



  14. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software



  15. Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

    Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here's what that did to my life.



  16. Stigmatising GNU/Linux for Not Withstanding Hardware Failures

    Nowadays "the news" is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor 'report' about "Linux servers" failing to work



  17. Microsofters Inside Sirius 'Open Source'

    Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it



  18. Links 29/01/2023: GNOME 43.3 Fixes and Lots About Games

    Links for the day



  19. The Hey Hype Machine

    "Hey Hype" or "Hey Hi" (AI) has been dominating the press lately and a lot of that seems to boil down to paid-for marketing; we need to understand what's truly going on and not be distracted by the substance-less hype



  20. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023



  21. Unmasking AI

    A guest article by Andy Farnell



  22. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage



  23. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day



  24. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023



  25. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)



  26. This is What the Microsoft-Sponsored Media Has Been Hyping Up for Weeks (Ahead of Microsoft Layoffs)

    Reprinted with permission from Ryan



  27. [Meme] António Campinos Wants to Be F***ing President Until 2028

    António Campinos insists he will be EPO President for 10 years, i.e. even longer than Benoît Battistelli (despite having appalling approval rates from staff)



  28. European Patent Office Staff Losing Hope

    The EPO’s management with its shallow campaign of obfuscation (pretending to protect children or some other nonsense) is not fooling patent examiners, who have grown tired and whose representatives say “the administration shows no intention of involving the staff representation in the drafting of the consultant’s mandate” (like in Sirius ‘Open Source’ where technical staff is ignored completely for misguided proposals to pass in the dark)



  29. IRC Proceedings: Thursday, January 26, 2023

    IRC logs for Thursday, January 26, 2023



  30. Sirius Relegated/Demoted/Destined Itself to Technical Hell by Refusing to Listen to the Technical Staff (Which Wanted to Stay With Asterisk/Free Software)

    In my final year at Sirius ‘Open Source’ communication systems had already become chaotic; there were too many dysfunctional tools, a lack of instructions, a lack of coordination and the proposed ‘solution’ (this past October) was just more complexity and red tape


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts