12.02.10

Gemini version available ♊︎

Wikileaks Reveals Microsoft Involvement in US Security Policy

Posted in Microsoft, Security, Windows at 7:10 pm by Dr. Roy Schestowitz

Summary: Wikileaks and Microsoft discussed, especially in the context of security

OUR daily links this week have been filled with reports about Wikileaks. That site’s fate is important to us because we too host material from close to 10,000 confidential Microsoft documents. It’s not about whether Wikileaks is “irresponsible” or not; it is about freedom of information and freedom of speech.

One new Wikileaks leak caught our attention because it speaks about the Iraq war (invasion in some people’s eyes) and it says that “Karim Ramadan (Microsoft) praised the historic role of USAID in Egypt” (we have mentioned USAID in relation to the Gates Foundation as USAID is accommodated by former Gates Foundation staff [1, 2, 3, 4, 5, 6, 7, 8, 9]).

“Those leaks just provide some more evidence to back the obvious.”This post is not about foreign policy or about USAID, but the point to be made is that Microsoft is involved in politics, even quite directly. Those leaks just provide some more evidence to back the obvious. Wikileaks is merely a messenger/host as the material is raw. And speaking of which, Julian Assange is the author/co-author of surfraw (Free software and Debian/GNU assist transparency and affect politics).

How far will the world go with so much sensitive information available to everyone (bar censorship, e.g. in China)? Amazon has been pressured by US politicians to kick Wikileaks out, Google is slowly indexing the latest leaks (that’s how we found the Microsoft mention), and as for Microsoft… well, based on search at this moment it only indexed 46 pages from cablegate.wikileaks.org whereas Google did well over a thousand. Does anyone take Bong [sic] seriously at all? Microsoft only gets users by paying for them and it comes at a cost of like $3 billions in losses online per year. Having indirectly ensured that even fast boot Linux software like Express Gate depends on Windows, the company is now signing a deal with SplashTop to put Bong [sic] search/toolbar in it, as Phoronix helps reveal:

It was precisely one month ago I was wondering what happened to SplashTop and found the company that we jump-started by our first-in-the-world coverage was still pushing out their instant-on Linux OS to various OEM vendors but they have lost their roots of using the Linux environment embedded on a motherboard’s flash chip to instead being nestled away on the user’s hard drive, which defeats much of its uniqueness and benefits (not to mention it was hacked by Phoronix readers). SplashTop, which was formerly named DeviceVM before the company took up the same name as their premiere product, also started pushing out Apple iPad applications in recent months. Today the company is announcing another set of peculiar changes to their instant-on Linux OS.

[...]

Today’s SplashTop announcements can be read on their blog. There’s also the SplashTop beta page for installing the beta version of their Bing+Chromium-ified SplashTop OS, but it must be installed via Microsoft Windows.

Fortunately the world is heading towards Linux on a large proportion of newly-sold PCs (even if just in the form of fast-booting OS). Schneier believes that software monoculture (monopoly) contributes to the reality where one in two Windows PCs is estimated to be a zombie PC. As Schneier explains right now:

The basic problem with a monoculture is that it’s all vulnerable to the same attack. The Irish Potato Famine of 1845–9 is perhaps the most famous monoculture-related disaster. The Irish planted only one variety of potato, and the genetically identical potatoes succumbed to a rot caused by Phytophthora infestans. Compare that with the diversity of potatoes traditionally grown in South America, each one adapted to the particular soil and climate of its home, and you can see the security value in heterogeneity.

Similar risks exist in networked computer systems. If everyone is using the same operating system or the same applications software or the same networking protocol, and a security vulnerability is discovered in that OS or software or protocol, a single exploit can affect everyone. This is the problem of large-scale Internet worms: many have affected millions of computers on the Internet.

Can Schneier name that “same operating system” or would that have him risk the label “Microsoft hater” [1, 2, 3]? In any event, now that Microsoft’s Charney lobbies to change security legislation [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], the above leak is worth remembering.

Bruce Schneier
Bruce Schneier photo by sfllaw

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

A Single Comment

  1. NotZed said,

    December 3, 2010 at 8:40 pm

    Gravatar

    “Can Schneier name that “same operating system” or would that have him risk the label “Microsoft hater” [1, 2, 3]?”

    But that is his point precisely. It doesn’t matter which operating system it is – although right now it is microsoft windows – it is that mono-cultures are weak and vulnerable, and diversity is strong.

DecorWhat Else is New


  1. Taking Techrights to the Next Level in 2023

    I've reached a state of "closure" when it comes to my employer (almost 12 years for me, 9+ years for my wife); expect Techrights to become more active than ever before and belatedly publish important articles, based on longstanding investigations that take a lot of effort



  2. The ISO Delusion: When the Employer Doesn’t Realise That Outsourcing Clients' Passwords to LassPass After Security Breaches Is a Terrible Idea

    The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that



  3. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day



  4. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”



  5. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day



  6. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023



  7. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"



  8. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.



  9. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software



  10. Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

    Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here's what that did to my life.



  11. Stigmatising GNU/Linux for Not Withstanding Hardware Failures

    Nowadays "the news" is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor 'report' about "Linux servers" failing to work



  12. Microsofters Inside Sirius 'Open Source'

    Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it



  13. Links 29/01/2023: GNOME 43.3 Fixes and Lots About Games

    Links for the day



  14. The Hey Hype Machine

    "Hey Hype" or "Hey Hi" (AI) has been dominating the press lately and a lot of that seems to boil down to paid-for marketing; we need to understand what's truly going on and not be distracted by the substance-less hype



  15. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023



  16. Unmasking AI

    A guest article by Andy Farnell



  17. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage



  18. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day



  19. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023



  20. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)



  21. This is What the Microsoft-Sponsored Media Has Been Hyping Up for Weeks (Ahead of Microsoft Layoffs)

    Reprinted with permission from Ryan



  22. [Meme] António Campinos Wants to Be F***ing President Until 2028

    António Campinos insists he will be EPO President for 10 years, i.e. even longer than Benoît Battistelli (despite having appalling approval rates from staff)



  23. European Patent Office Staff Losing Hope

    The EPO’s management with its shallow campaign of obfuscation (pretending to protect children or some other nonsense) is not fooling patent examiners, who have grown tired and whose representatives say “the administration shows no intention of involving the staff representation in the drafting of the consultant’s mandate” (like in Sirius ‘Open Source’ where technical staff is ignored completely for misguided proposals to pass in the dark)



  24. IRC Proceedings: Thursday, January 26, 2023

    IRC logs for Thursday, January 26, 2023



  25. Sirius Relegated/Demoted/Destined Itself to Technical Hell by Refusing to Listen to the Technical Staff (Which Wanted to Stay With Asterisk/Free Software)

    In my final year at Sirius ‘Open Source’ communication systems had already become chaotic; there were too many dysfunctional tools, a lack of instructions, a lack of coordination and the proposed ‘solution’ (this past October) was just more complexity and red tape



  26. Geminispace Approaching Another Growth Milestone (2,300 Active Capsules)

    The expansion of Geminispace is worth noting again because another milestone is approached, flirted with, or will be surpassed this coming weekend



  27. [Meme] Cannot Get a Phone to Work... in 2022

    Sirius ‘Open Source’ wasted hours of workers’ time just testing the phone after it had moved to a defective system of Google (proprietary); instead of a rollback (back to Asterisk) the company doubled down on the faulty system and the phones still didn’t work properly, resulting in missing calls and angst (the company just blamed the workers who all along rejected this new system)



  28. [Meme] Modern Phones

    Sirius ‘Open Source’ is mistaking “modern” for better; insecurity and a lack of tech savvy typically leads to that



  29. The ISO Delusion: Sirius Corporation Demonstrates a Lack of Understanding of Security and Privacy

    Sirius ‘Open Source’, emboldened by ISO ‘paperwork’ (certification), lost sight of what it truly takes to run a business securely, mistaking worthless gadgets for “advancement” while compelling staff to sign a new contract in a hurry (prior contract-signing scandals notwithstanding)



  30. Links 26/01/2023: LibreOffice 7.4.5 and Ubuntu Pro Offers

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts