Not Satire: Microsoft Wants to Show the World How Security is Done

Dr. Roy Schestowitz

2013-05-20 14:13:46 UTC
Modified: 2013-05-20 14:13:46 UTC

Microsoft tries to paint itself as "fighting the bad guys"

Musketeers

Summary: Software security 'standard' to be led by the company which made insecurity an acceptable engineering practice?

According to this new report (criticised heavily in this LXer thread), Microsoft is trying to lead security standards as if Microsoft is the master of security. Oh! The vanity!

"Previously, roughly half a decade ago, Microsoft fonts also enabled remote hijacking of one's Windows-running PC."Microsoft is not just bad at security but also at patching security flaws; many people, especially in businesses, won't install updates from Microsoft without qualms because these tend to break the software every now and then, even weeks ago. As IDG put it: "The saga of botched patch MS13-036 takes new twists and turns -- including a problem with Multiple Master fonts" (familiar story, not the first of this kind).

Go on and wonder how poor modularity must be if a security patch can impact fonts. Previously, roughly half a decade ago, Microsoft fonts also enabled remote hijacking of one's Windows-running PC. ⬆

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive

Recent Techrights' Posts

Links 29/12/2024: Facebook Wants More Bots and Slop, Whistleblowers and Bloggers Under Attack: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, December 28, 2024: IRC logs for Saturday, December 28, 2024
Gemini Links 29/12/2024: Supernatural Mystery and Mechanical People: Links for the day
Links 28/12/2024: Standards Emphasised, Putin Implicitly Admits Taking Down Passenger Plane: Links for the day
Links 28/12/2024: BRICS-Controlled Social Control Media Defended by GOP, "Paper Passport Is Dying": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, December 27, 2024: IRC logs for Friday, December 27, 2024
Links 28/12/2024: Having Bosses, Ada's Dependent Types: Links for the day
Happy Birthday to Linus Torvalds (55): he's not the "git" which bashers and haters say he is
'LaunchLibre' and Introducing People to Software Freedom While They're Still Young: announcement from "carmenmaris"
With 5 Days Left (Sans Time Extension, Which is Expected) FSF Has Already Raised 60% of the Money It Sought: Technically 59.6485%
Small Codebase is Typically Safer (More Aftermarket Snakeoil Means More Holes): Rust is just more code
Links 27/12/2024: Ongoing Demise of Real Healthcare, Gemlog Cleanup, Fingers Point to Russia After Passenger Plane Crash: Links for the day
Spending Christmas Pasting Microsoft's Chatbot Garbage - Anti-Linux and Anti-BSD FUD - Into LinuxSecurity.com (Under the Guise of 'Article'): In 2025 we need to tackle this problem
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland: Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024: IRC logs for Thursday, December 26, 2024