Bonum Certa Men Certa

Red Hat Should Keep Its Distance From NSA Facilitator Microsoft

Dragonfly



Summary: Criticism of Red Hat's increasing proximity to some of the very same bits of proprietary software which are accompanied by back doors (for the NSA)

THE DANGERS of Microsoft are very real, as a former foe of Microsoft, Novell, helped prove. Five years ago Red Hat consented to playing an active part in Microsoft VM hosts, despite knowing (even back then) about Microsoft's relationship with the NSA, which meant that VMs running RHEL would be accessible (to the NSA) from the back door, Microsoft Windows.



There are many back doors in Windows and therefore in Hyper-V, which sits on top of Windows (back doors further down the stack). Microsoft tells the NSA about these back doors. To give the latest example of back doors, see this new report [2] which says: "Nearly 30 days after reports of a zero-day flaw being exploited in the wild, Microsoft will finally patch this critical vulnerability."

Relying on Microsoft for technology means that one should also expect and accept back doors. A reader showed us this new article, claiming that "Mono [is] infecting Android," but it's not just Android. Even Red Hat is now making such mistakes, in addition to hiring from Microsoft for management of virtualisation. Based on [2,3], Red Hat now accommodates Microsoft .NET applications, despite them being proprietary and potential back doors. A week or so ago some speculated that Microsoft might buy Red Hat (one day) [4,5] and yesterday we found the article "Why Microsoft Will Pick Off Red Hat" (logic of investors, not technical people).

Microsoft is now knowingly abandoning hundreds of millions of Windows users, leaving them with permanent back doors [6,7], so why should Red Hat trust Microsoft .NET applications or anything that comes from Microsoft, including Hyper-V? Articles like [8-10] remind us that in GNU/Linux the main flaw is human error (not changing default passwords or not applying patches, which Red Hat is making easier to apply without any downtime [11]).

The bottom line is, Red Hat's relationship with the NSA withstanding, it oughtn't connect too much to Microsoft components like .NET and Hyper-V because these constitute back doors that jeopardise security of GNU/Linux users.

Related/contextual items from the news:
  1. Microsoft to Fix an Internet Explorer Zero-Day Flaw


  2. Red Hat Adds Microsoft .NET to Its OpenShift PaaS
  3. A Red Hat stunner: 'Miccosoft .NET apps on OpenShift' Yes, you read correctly
    On Wednesday, Working with Uhuru Software, Red Hat is now incorporate a rival Microsoft product - .NET - to its three-year-old OpenShift platform-as-a-service. Really? Red Hat even published a blog to explain what's going on to those who might find the concept a bit unbelievable.

    Chris Morgan, the OpenShift Partner Ecosystem Technical Director for Red Hat, wrote the blog - and even he acknowledged the incredulity of it all that something from Microsoft, which for years has been an enemy of Red Hat, Linux and Open Source, would be incorporated into OpenShift.


  4. An Indecent Proposal: Microsoft and Red Hat?


  5. Reviews, Indecent Proposal, and Ubuntu Graduation
    Today brings two new reviews. Jesse Smith reviews Linux Mint Debian Edition 201403 in today's Distrowatch Weekly and Jamie Watson posts his latest hands-on. Steven J. Vaughan-Nichols says folks don't care about operating systems anymore. Matt Hartley has a few suggestions for those ready to graduate from Ubuntu. All this and more in tonight's Linux news review.

    Jesse Smith tested the latest LMDE in this week's Distrowatch Weekly. He found a few bugs but Smith says it "lives up to its description" of having "rough edges." With all its "nasty surprises" Smith suggests folks just stick with the Ubuntu-based version of Mint. But see his full review for all the details.


  6. Perspective: Microsoft risks security reputation ruin by retiring XP
    A decade ago, Microsoft kicked off SDL, or Security Development Lifecycle, a now-widely-adopted process designed to bake security into software, and began building what has become an unmatched reputation in how a vendor writes more secure code, keeps customers informed about security issues, and backs that up with regular patches.
  7. Positive Feedback: M$ Uses XP To Publish The Insecurity Of Using That Other OS


  8. Flaws In People And Their Software
  9. Red Hat Risk Reflex (The Linux Security Flaw That Isn't)
    News headlines screaming that yet another Microsoft Windows vulnerability has been discovered, is in the wild or has just been patched are two a penny. Such has it ever been. News headlines declaring that a 'major security problem' has been found with Linux are a different kettle of fish. So when reports of an attack that could circumvent verification of X.509 security certificates, and by so doing bypass both secure sockets layer (SSL) and Transport Layer Security (TLS) website protection, people sat up and took notice. Warnings have appeared that recount how the vulnerability can impact upon Debian, Red Hat and Ubuntu distributions. Red Hat itself issued an advisory warning that "GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification... An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid." In all, at least 200 operating systems actually use GnuTLS when it comes to implementing SSL and TLS and the knock-on effect could mean that web applications and email alike are vulnerable to attack. And it's all Linux's fault. Or is it?


  10. Linux Bugs, Bugs Everywhere
    "We are seeing a lot of crypto bugs surfacing lately because these libraries are suddenly getting a lot of review thanks to Snowden's revelations," suggested blogger Chris Traver. "I think one has to separate the crypto bugs from others because they are occurring in a different context. "From what I have read about gnutls, though, it seems to me that this is probably the tip of the iceberg."
  11. Introducing kpatch: Dynamic Kernel Patching
    In upstream development news, the kernel team here at Red Hat has been working on a dynamic kernel patching project called kpatch for several months. At long last, the project has reached a point where we feel it’s ready for a wider audience and are very excited to announce that we’ve released the kpatch code under GPLv2.


Recent Techrights' Posts

Using SLAPPs to Cover Up Sexual Abuse and Strangulation
The exact same legal team of the Serial Strangler from Microsoft and Garrett already has a history fighting against "metoo"
 
Turns Out LLMs for Code Don't Save Time and Don't Improve Quality
Neither legal nor useful
The Microsofters Will Have an Obligation to Compensate Us
This story isn't just about Microsoft. It's also about corruption, there are many women victims, there is abject "abuse of process", and many more scandals to be illuminated in years to come.
Reproducing at the EPO Instead of Producing Monopolies for Foreign Monopolies With Their Price-Fixing Cartels
Does the EPO recognise the need of well-educated Europeans to bear kids?
Valnet Inc. Dominates Real (Not LLM Slop) GNU/Linux Coverage in 2025
And likely in prior years, too
Free Software Foundation (FSF) Fund Raiser Goes on
Later this month we'll expose another OSI scandal
EPO Staff Representatives Issue a Warning About Staff's Health and Inadequate Care
Even the EPO's own stakeholders (money sources) are openly protesting against what the EPO became
Links 13/07/2025: Partly Assorted News From Deutsche Welle and CBC
Links for the day
Gemini Links 13/07/2025: Board Games and Battle Styles
Gemini Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 12, 2025
IRC logs for Saturday, July 12, 2025
Plunder at the Second-Largest Institution in Europe
cuts, neglect, health problems, even early deaths
Links 12/07/2025: Political Developments, Attack on Opposition, Climate Actions
Links for the day
Gemini Links 12/07/2025: Melodic Musings and Small Web July
Links for the day
Links 12/07/2025: Jail in China for Homoerotica, South Korea Discriminates Against Old Workers
Links for the day
If Only Everything Was Rewritten in Rust, We'd Have No More Security Issues?
Nope.
Links 12/07/2025: Birdwatching and Fake/Misleading Wall Street 'Valuation' Figures
Links for the day
Gemini Links 12/07/2025: How to Avoid Writing, Apps for Android
Links for the day
EPO Staff Committee on Harassment in the Workplace
slides
Adding the Voice of Writers to UK SLAPP Reform
The journey to repair antiquated (monarchy era) laws will likely be long
EPO Takes More Money From Staff for Speculation (Pensions), Actuarial Study Explains the Impact
"The key change in this year’s Actuarial Study, due to cascading the new “risk appetite” from the financial study, is a significant increase of the total pension contribution rate of 5.7 percentage points, up to a total of 37.8%. This is driven by an unprecedented decrease in the discount rate of 105 bps down to 2.2%."
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 11, 2025
IRC logs for Friday, July 11, 2025
Microsoft - Like IBM - Does the "Relocation" Tricks (Start Over Elsewhere, Then Get Sacked by Microsoft)
It is a "low blow" or a "dick move"
After the Free Software Foundation's Campaign to Raise Money Let's See Campaigns to Finish Off Microsoft (Vista 11, GitHub etc.)
Microsoft is in effect collapsing
Your Publications Have No Major Impact Unless or Until You "Get Some Heat"
we're on the right track
Slopwatch: A Cause for Hope, the Hype is Dying
For about a month we showed that becoming a slopfarm - for several weeks - resulted in utter failure and ruin for BetaNews
Links 11/07/2025: Censorship Worsening, 3D Printing Success Stories, UK and France Unite Around Nukes
Links for the day
Gemini Links 11/07/2025: Zorin OS and Scriptonite Updates
Links for the day
Links 11/07/2025: Hardware, Russia, and China
Links for the day
Links 11/07/2025: Intel Collapsing and Microsoft Resorts to Bribery to Push Slop Via Obligatory Education
Links for the day
The EFF Sided With the Team That Strangles Women and Tells Women to Kill Themselves
They say that apathy and inaction are a form of a "stance"
"Nat [Friedman] and [the Serial Strangler From Microsoft] Were Always Exceptionally Close," Says Former Housemate and Colleague
Now Alex (hiding behind another name when that suits him) not only attacks women but also people who merely report what he did to women
Exemplary List of Things That Are Not Artificial Intelligence or Even Intelligence
The "age of AI" or "era of AI" or "AI revolution" mostly boils down to rebranding, just like "the cloud"
New Letter From the European Patent Office Explains How the Office Plots to Grant Many Illegal Patents, a Self-Fulfilling Prophecy of 'Growth'
Open letter to Mr Rowan (VP1) and Mr Aledo Lopez (COO)
Abuse of Process
5RB is employing people who help violent men
What Microsoft's Nat Friedman and Microsoft Lunduke Have in Common
"Get in da car; No time to explain, loser"
Microsoft and IBM Don't Have Much of a Future (They Mostly Pretend at This Point)
IBM and Microsoft are in some ways alike but in many ways different
It's Not Just Twitter (or X.com) That's Dying, Microsoft's Equivalent is Dying Also
Unable to find a business model
GitHub Copilot Can Cause the Bankruptcy of GitHub to Come Sooner and GitHub to be Shut Down Just Like Skype
Some publicly available information suggests that even for each paid subscriber for plagiarism (LLM 'coding') GitHub Copilot still loses more money than it makes
Wayland is Bad for the Planet
If you use Wayland, it'll take you longer to accomplish tasks and you will consume more energy (or battery life)
Legitimising Those Who Sabotage You
Microsoft is a very malicious company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 10, 2025
IRC logs for Thursday, July 10, 2025
On Microsoft Layoffs
we might be looking at about 60,000 Microsoft layoffs since 2023
EPO Management Already Breaks Its Own Promise (Lie) on "Bringing Teams Together"
This gut-punching move happened just 2 days ago
Gemini Links 11/07/2025: Occupation of 2025 and "Old Man Yells At Soundcloud"
Links for the day
Our Lawsuits Against the 'Cancel Mob' (Ringleaders) Helped Reduce Anti-Free Software Online Abuse
That's not to say that lawsuits are the best way to handle terrible people. But that can help.