02.10.11

Bad Security News for Apple and for Microsoft (Updated)

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 3:58 pm by Dr. Roy Schestowitz

Summary: While technology news may have gotten obsessed with Linux and USB, it is actually Microsoft and Apple that suffer from critical problems

EARLIER this week we noted that Linux is inherently very secure and we also cited someone who had posted a good rebuttal to the “USB” claims that are spread out there right now. The short story is that the alleged USB-related flaw is very much exaggerated and good explanations exist to refute the original claims. On the other hand, consider the fact that Microsoft is claiming to plug 22 security vulnerabilities this Tuesday (the real numbers may be a lot worse):

Microsoft issued 12 security bulletins today to cover nearly two dozen vulnerabilities, including critical ones in Internet Explorer and Windows.

Moreover, The Inquirer says that “anti-virus software is losing the battle, and the war”:

ANTI-VIRUS SOFTWARE is fighting a losing battle against malware, and there’s nothing that can be done to turn the tide, according to a security testing firm.

NSS Labs, an independent security product and certification test lab, looked at 10 anti-virus products on the market. It found that the effectiveness of the software was variable, to say the least, with some products more effective at protecting against malware on USB keys than in email, and vice versa.

From the same source we learn that Apple’s proprietary hypePhone can be hacked in six minutes:

INSECURITY RESEARCHERS have busted an Iphone’s encryption protection in just six minutes to gain access to passwords.

Boffins at the Fraunhofer Institute for Secure Information Technology (SIT) in Germany devised the hack. The researchers did the tests to demonstrate that passwords aren’t secure on Iphones that have been lost.

They obviously had a point to prove and weren’t happy with just hacking Apple’s shoddy security encryption in six minutes. Within the allotted time, the team also managed to retrieve most of the passwords stored on the Iphone, accessing personal data that could be used to get into bank accounts.

Visibility of code and wide sharing of it breed bug reports and quick fixes. The mainstream press has been focusing on the wrong targets over the past few days. █

Update: Gordon (thistleweb) has just posted a pointer to “yet ANOTHER #Microsoft story without mentioning the M or W word #BBC #pathetic #poorjournalism http://tighturl.com/2xsj twice in 1 week too”

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Mail Send this to a friend

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

Whitewashing Inherent Windows Flaws

What Else is New

Links 20/5/2013: First Salifish Smartphone, Mageia 3 Released

Links for the day
Microsoft Corruption (Illegal Tenders) Stopped by European Court

Microsoft cannot bypass public tenders, based on a ruling from a court of law in Europe
Not Satire: Microsoft Wants to Show the World How Security is Done

Software security 'standard' to be led by the company which made insecurity an acceptable engineering practice?
Microsoft is Struggling to Maintain Industry 'Standards'

With Microsoft's common carrier and browser share down considerably Microsoft finds itself increasingly irrelevant and it tries subversive means of making another comeback
Microsoft Entryism and Bribery Get the Microsoft Way Implemented

A recollection of very dirty tactics from Microsoft, which uses money to oppress, overthrow, and even hijack its opposition
Patent Policy Laundering in the European Union and New Zealand

How the so-called 'free' trade agreements help spread patent policy which favours software patents
Ongoing Focus on Patent Litigation and Patent Trolls Reduces Focus on Software Patents

The problem with increased focus on the players that use software patents litigiously and the litigation itself
Andrew Y. Schroeder Shows That Patent Lawyers Are Sociopaths

Bully and law misuser is trying to get his way with foul language, intimidation, and sheer lack of professionalism
IBM-backed Book on 'Open Innovation'

OpenForum Europe (OFE), which helps IBM's turf wars in Europe, releases a new book filled with its talking point
Joseph E. Stiglitz Criticises the Patent System

More critical words about the patent system and the way it is harming lives
Senator Schumer Should Focus on Software Patents, Leaving Patent Trolls (Side Effect) Aside

Reform in the USPTO and the US courts should focus on patent scope and not patent holders
Links 20/5/2013: Plenty of Linux News, Google/Android Announcements

Links for the day
IRC Proceedings: May 12th, 2013-May 18th, 2013

IRC logs for May 12th, 2013 (and subsequent days until May 18th, 2013)
Microsoft Spin Regarding Skype Spying Does Not Withstand Scrutiny

Microsoft's response to allegations that Skype is spying on all users is full of holes
MPEG-LA Ruined the Licence of WebM, Made it Less Freedom-Respecting

The Microsoft-, Nokia-, and Apple-backed patent troll appears to have ruined the freedom assured by Google's multimedia format, which was previously made free only after public pressure
Microsoft-controlled Nokia is Lobbying to Enable Bans on Android Imports (Linux Phones as a Whole in Danger)

Nokia is shown lobbying for embargoes while it is also suing -- with limited success -- Android handsets makers
Courtroom and New Book Recognise That Software Patents Correspond to Mathematics and Mathematics Abused in Court

Important observations about the nature of computer-implemented 'inventions', or software patents
The Reality Distortion Field of Patent Lawyers Helps Impede Abolition of Software Patents

How widespread coverage and talking points from the tiny minority which is patent lawyers have contributed to biased and at times utterly distorted reporting on the subject of software patents around the world
Eugene Kaspersky Says Patents Harm Innovation

Some more criticism of the patent system and software patents in particular, courtesy of Eugene Kaspersky
UEFI Restricted Boot Good for Microsoft Agenda, Not for Security

News and analysis of UEFI 'secure boot' (lockdown), including the new role played by the Microsoft-funded SUSE
Anniversaries

Sites that deal with patents and with FUD as well as their respective ages
EFF, Newegg, and the Canadian Patent System All Take a Stance Against Software Patents

Hostility towards the practice of patenting software is seen in a nonprofit organisation, a corporation, and a government branch responsible for patenting
Microsoft's Fake 'Open Source' Front is "Pushing Software Patents" (Updated)

Microsoft's front group which pretends to support Free/Open Source software (FOSS) is using a guest post to entertain the idea of software patents inside Free/Open Source software
Links 17/5/2013: 0.9 Billion Android Activations, New Devices, Android Studio

Links for the day
Links 16/5/2013: Firefox 21 Out, Android 4.3 Foreseen

Links for the day
More Android FUD From Former Microsoft Staff in CBS

New examples of anti-Android sentiments being spread by the Apple- and Microsoft-funded media conglomerate, CBS, which pays current and former Microsoft staff to act as "journalists"
Where Fear of FOSS Comes From

More Microsoft ties to some of the latest FUD about Free/Open Source software (FOSS)
Microsoft Skype Messaging Surveillance Not the Main Issue, Audio Recording (Bugging) and Computer Hijacking Are

Debates about the dangers of Skype focus on one of the least dangerous aspects of Skype
Links 15/5/2013: Android 4.3, Antergos Debuts

Links for the day
Man From Microsoft Runs the Ubuntu Project Now

How the leadership of Ubuntu has changed and how it may relate to some strategic decisions inside the project