02.10.11

Gemini version available ♊︎

Bad Security News for Apple and for Microsoft (Updated)

Posted in Apple, GNU/Linux, Microsoft, Security, Windows at 3:58 pm by Dr. Roy Schestowitz

Valentines day background

Summary: While technology news may have gotten obsessed with Linux and USB, it is actually Microsoft and Apple that suffer from critical problems

EARLIER this week we noted that Linux is inherently very secure and we also cited someone who had posted a good rebuttal to the “USB” claims that are spread out there right now. The short story is that the alleged USB-related flaw is very much exaggerated and good explanations exist to refute the original claims. On the other hand, consider the fact that Microsoft is claiming to plug 22 security vulnerabilities this Tuesday (the real numbers may be a lot worse):

Microsoft issued 12 security bulletins today to cover nearly two dozen vulnerabilities, including critical ones in Internet Explorer and Windows.

Moreover, The Inquirer says that “anti-virus software is losing the battle, and the war”:

ANTI-VIRUS SOFTWARE is fighting a losing battle against malware, and there’s nothing that can be done to turn the tide, according to a security testing firm.

NSS Labs, an independent security product and certification test lab, looked at 10 anti-virus products on the market. It found that the effectiveness of the software was variable, to say the least, with some products more effective at protecting against malware on USB keys than in email, and vice versa.

From the same source we learn that Apple’s proprietary hypePhone can be hacked in six minutes:

INSECURITY RESEARCHERS have busted an Iphone’s encryption protection in just six minutes to gain access to passwords.

Boffins at the Fraunhofer Institute for Secure Information Technology (SIT) in Germany devised the hack. The researchers did the tests to demonstrate that passwords aren’t secure on Iphones that have been lost.

They obviously had a point to prove and weren’t happy with just hacking Apple’s shoddy security encryption in six minutes. Within the allotted time, the team also managed to retrieve most of the passwords stored on the Iphone, accessing personal data that could be used to get into bank accounts.

Visibility of code and wide sharing of it breed bug reports and quick fixes. The mainstream press has been focusing on the wrong targets over the past few days.

Update: Gordon (thistleweb) has just posted a pointer to “yet ANOTHER #Microsoft story without mentioning the M or W word #BBC #pathetic #poorjournalism http://tighturl.com/2xsj twice in 1 week too”

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. [Meme] Alexander Ramsay and Team UPC Inciting Politicians to Break the Law and Violate Constitutions, Based on Misinformation, Fake News, and Deliberate Lies Wrapped up as 'Studies'

    The EPO‘s law-breaking leadership (Benoît Battistelli, António Campinos and their corrupt cronies), helped by liars who don't enjoy diplomatic immunity, are cooperating to undermine courts across the EU, in effect replacing them with EPO puppets who are patent maximalists (Europe’s equivalents of James Rodney Gilstrap and Alan D Albright, a Donald Trump appointee, in the Eastern and Western Districts of Texas, respectively)

  2. Has the Administrative Council Belatedly Realised What Its Job in the European Patent Organisation Really Is?

    The "Mafia" which took over the EPO (the EPO's own workers call it "Mafia") isn't getting its way with a proposal, so it's preventing the states from even voting on it!

  3. [Meme] Team UPC is Celebrating a Pyrrhic Victory

    Pyrrhic victory best describes what's happening at the moment (it’s a lobbying tactic, faking/staging things to help false prophecies be fulfilled, based on hopes and wishes alone), for faking something without bothering to explain the legal basis is going to lead to further escalations and complaints (already impending)

  4. Links 24/1/2022: Scribus 1.5.8 and LXLE Reviewed

    Links for the day

  5. IRC Proceedings: Sunday, January 23, 2022

    IRC logs for Sunday, January 23, 2022

  6. [Meme] Team UPC Congratulating Itself

    The barrage of fake news and misinformation about the UPC deliberately leaves out all the obvious and very important facts; even the EPO‘s António Campinos and Breton (Benoît Battistelli‘s buddy) participated in the lying

  7. Links 24/1/2022: pgBadger 11.7 Released, Catch-up With Patents

    Links for the day

  8. The Demonisation and Stereotyping of Coders Not Working for Big Corporations (or 'The System')

    The war on encrypted communication (or secure communications) carries on despite a lack of evidence that encryption stands in the way of crime investigations (most criminals use none of it)

  9. On the 'Peak Hacker' Series

    Hacker culture, unlike Ludditism, is ultimately a movement for justice, for equality, and for human rights through personal and collective emancipation; Dr. Farnell has done a good job explaining where we stand and his splendid series has come to a close

  10. Links 23/1/2022: First RC of Linux 5.17 and Sway 1.7 Released

    Links for the day

  11. Peak Code — Part III: After Code

    "Surveillance perimeters, smart TVs (Telescreens built to Orwell's original blueprint) watched over our living rooms. Mandatory smart everything kept us 'trustless'. Safe search, safe thoughts. We withdrew. Inside, we went quietly mad."

  12. IRC Proceedings: Saturday, January 22, 2022

    IRC logs for Saturday, January 22, 2022

  13. Links 23/1/2022: MongoDB 5.2, BuddyPress 10.0.0, and GNU Parallel 20220122

    Links for the day

  14. A Parade of Fake News About the UPC Does Not Change the General Consensus or the Simple Facts

    European Patents (EPs) from the EPO are granted in violation of the EPC; Courts are now targeted by António Campinos and the minions he associates with (mostly parasitic litigation firms and monopolists), for they want puppets for “judges” and for invalid patents to be magically rendered “valid” and “enforceable”

  15. Welcome to 2022: Intentional Lies Are 'Benefits' and 'Alternative Facts'

    A crooks-run EPO, together with the patent litigation cabal that we’ve dubbed ‘Team UPC’ (it has nothing to do with science or with innovation), is spreading tons of misinformation; the lies are designed to make the law-breaking seem OK, knowing that Benoît Battistelli and António Campinos are practically above the law, so perjury as well as gross violations of the EPC and constitutions won’t scare them (prosecution as deterrence just isn’t there, which is another inherent problem with the UPC)

  16. From Software Eating the World to the Pentagon Eating All the Software

    “Software is eating the world,” according to Marc Andreessen (co-founder of Netscape), but the Empire Strikes Back (not the movie, the actual empire) by hijacking all code by proxy, via Microsoft, just as it grabbed a lot of the world’s communications via Skype, bypassing the world's many national telecoms; coders need to fight back rather than participate in racist (imperial) shams such as GitHub

  17. Links 22/1/2022: Skrooge 2.27.0 and Ray-Tracing Stuff

    Links for the day

  18. IRC Proceedings: Friday, January 21, 2022

    IRC logs for Friday, January 21, 2022

  19. Peak Code — Part II: Lost Source

    "Debian and Mozilla played along. They were made “Yeoman Freeholders” in return for rewriting their charters to “work closely with the new Ministry in the interests of all stakeholders” – or some-such vacuous spout… because no one remembers… after that it started."

  20. Links 22/1/2022: Ubuntu MATE 21.10 for GPD Pocket 3, MINISFORUM Preloads GNU/Linux

    Links for the day

  21. Computer Users Should be Operators, But Instead They're Being Operated by Vendors and Governments

    Computers have been turned into hostile black boxes (unlike Blackbox) that distrust the person who purchased them; moreover, from a legislative point of view, encryption (i.e. computer security) is perceived and treated by governments like a threat instead of something imperative — a necessity for society’s empowerment (privacy is about control and people in positions of unjust power want total and complete control)

  22. Peak Code — Part I: Before the Wars

    Article/series by Dr. Andy Farnell: "in the period between 1960 and 2060 people had mistaken what they called "The Internet" for a communications system, when it had in fact been an Ideal and a Battleground all along - the site of the 100 years info-war."

  23. Links 21/1/2022: RISC-V Development Board and Rust 1.58.1

    Links for the day

  24. IRC Proceedings: Thursday, January 20, 2022

    IRC logs for Thursday, January 20, 2022

  25. Gemini Lets You Control the Presentation Layer to Suit Your Own Needs

    In Gemini (or the Web as seen through Gemini clients such as Kristall) the user comes first; it's not sites/capsules that tell the user how pages are presented/rendered, as they decide only on structural/semantic aspects

  26. The Future of Techrights

    Futures are difficult to predict, but our general vision for the years ahead revolves around more community involvement and less (none or decreased) reliance on third parties, especially monopolistic corporations, mostly because they oppress the population via the network and via electronic devices

  27. [Meme] UPC for CJEU

    When you do illegal things and knowingly break the law to get started with a “legal” system you know it’ll end up in tears… or the CJEU

  28. Links 20/1/2022: 'Pluton' Pushback and Red Hat Satellite 6.10.2

    Links for the day

  29. The Web is a Corporate Misinformation/Disinformation Platform, Biased Against Communities, Facts, and Science

    Misinformation/disinformation in so-called 'news' sites is a pandemic which spreads; in the process, the founder of GNU/Linux gets defamed and GNU/Linux itself is described as the problem, not the solution to the actual problems

  30. Links 20/1/2022: McKinsey Openwashing and Stable Kernels

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts