Bonum Certa Men Certa

Vista 10 is Still Vapourware, But We Already Know It Will Increase Surveillance on Its Users and Contain Malicious Back Doors

"In the face of strong competition, Evangelism's focus may shift immediately to the next version of the same technology, however. Indeed, Phase 1 (Evangelism Starts) for version x+1 may start as soon as this Final Release of version X."

--Microsoft, internal document [PDF]



Summary: The villainous company which makes insecure-by-design operating systems will continue to do so, but in the mean time the corporate press covers only bugs in FOSS, not back doors in proprietary software

After the vapourware tactics of Vista (for 5 years!) as well as the terrible (worse than Vista) Vista 8 and Vista 7 we already know Microsoft's dirty tactics too well. Microsoft admitted to using these tactics when it falls behind the competition. Now that Microsoft faces embarrassment from the majority of the population, which is women, it sure needs a good distraction from negative publicity that started with infiltration.



Vista 9, vapourware for a year and a half now, already looks like garbage and at this stage it remains vapourware. Microsoft already jumps ahead to the next imaginary generation of vapourware, which will go further in providing the NSA with back doors and remote surveillance features. China was right to ban present generations of Microsoft Windows because it becomes more spyware-filled all the time and it is also known that the NSA engages in espionage against China. Here is a new article about how Windows servers and other Windows devices got hijacked in Hong Kong. It is suicidal to use Windows unless one is a partner of Microsoft and South Korea too has just suffered severely for depending on Windows. Pogson says: "I expect Korea will have to redo everything and get it right this time. Let’s hope they demand GNU/Linux be used for on-line/financial transactions and to protect data but failing that let’s hope they make GNU/Linux optional and the people can decide. There’s something refreshing about a whole country aroused about insecurity with that other OS on the check-list of things to fix."

Korea and China are both planning to move away from Microsoft. This is well overdue.

According to several new reports, despite the NSA leaks that embarrassed Microsoft (and caused some nations to abandon Microsoft), Microsoft will increase spying in future versions of Windows and even previews spy on the users. As one author put it: "Back in 2012 with the release of Ubuntu 12.10 the EFF, Richard Stallman and countless other privacy advocates led vocal campaigns against Canonical for including Amazon results in the dash, the issue was that Amazon would know everything you were typing into the dash. Now however Microsoft are targeting early users of their Windows 10 Operating System in a much more egregious way."

Here is more about Windows: "For the more liberal minded regarding privacy who are reading, thinking this is just for the purposes of improving the product then you should also know that Microsoft state they will share this data with third parties and also that they will use your data to send your advertisements about their new products and updates. The third parties that Microsoft mention also include law enforcement. They say “we may access, disclose and preserve information about you when we have a good faith belief that doing so is necessary to: 1. comply with applicable law or respond to a valid legal process from competent authorities, including from law enforcement or other government agencies; 2. protect our customers, for example to prevent spam or attempts to defraud Microsoft’s customers, or to help prevent the loss of life or serious injury of anyone; 3. operate and maintain the security of out products and services, including to prevent or stop and attack on our computer systems or networks; or 4. protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our products or services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement..."

Windows is a massive security risk and one that no nation should take. Not even the US; all back doors are bound to be used by cyber criminals who are not associated with any government (or with a friendly government) at one point or another.

We are still seeing Microsoft-affiliated media calling for more severe criticism of GNU Bash, but how about Windows shell vulnerabilities like this new one?

A class of coding vulnerabilities could allow attackers to fool Windows system administrators into running malicious code because of a simple omission: quotation marks.

The attack relies on scripts or batch files that use the command-line interface, or "shell," on a Windows system but contain a simple coding error—allowing untrusted input to be run as a command. In the current incarnation of the exploit, an attacker appends a valid command onto the end of the name of a directory using the ampersand character. A script with the coding error then reads the input and executes the command with administrator rights.


Microsoft booster Andrew Binstock continues to trash-talk FOSS security ,but why is he not commenting on back doors in Microsoft software? Lies by omission. Bloomberg also publishes poorly-researched articles while it misuses the word "hacker" to confuse readers. How about back doors in proprietary software? Will Coverity ever cover this, or will it keep its focus on flaws in FOSS for writers like Richard Adhikari to single out FOSS as the problem? To quote Adhikari's new article:

Open source developers apparently don't adhere to best practices such as using static analysis and conducting regular security audits, found Coverity's Spotlight report, released Wednesday.

The Coverity Scan service, which is available at no charge to open source projects, helped devs find and fix about 50,000 quality and security defects in code last year.


Microsoft's circle of partners would rather debate and hype up FOSS bugs using codenames/brands that are all of a sudden being assigned for bugs (for increased press coverage), but discussions about back doors are out of scope.

Here we have Europol advocating back doors. The Europol boss says: "I hate to talk about backdoors but there has to be a possibility for law enforcement" (i.e. back doors).

Once upon a time (even 1.5 years ago) people who spoke about back doors were called paranoid and nutty. It is Free software advocates who have the last laugh now because they were right all along.

It should be known by now that back doors are being used for ransom and blackmail, even murder. Even Europol recognises this.

Windows should generally be avoided by everyone. No server should ever run Windows because it's dangerous for everyone. Only fools would host a site using a back-doored operating system, which in turn puts its visitors at risk.

"Only fools would host a site using a back-doored operating system, which in turn puts its visitors at risk."It is now being reported that NATO was silly enough to use Windows and it paid the price, potentially resulting in loss of life. The article "Microsoft Windows Zero-Day Vulnerability "CVE-2014-4114" Used to Hack NATO" should note that NSA is told about this before Microsoft even issues a patch.

In summary, do not use Windows. It is not secure and this is part of the design. Microsoft has no intention of correcting this. In terms of security and privacy, Windows continues to get only worse over time.

Recent Techrights' Posts

Explaining (in Length and Depth) the Damage Matthew Garrett Did to Linux and to GNU/Linux Users
no matter how many threats we receive
 
CoC Gone Wrong: Celebrating Murder OK, Complaining About the Celebration Gets You Banned
Hopefully the NixOS Foundation will have a word with (maybe replace) the moderator/s
Gemini Links 12/09/2025: Familiarity and Secondary Dominants
Links for the day
Links 12/09/2025: "Bad Reviews" as Extortion Weapon, "Free Speech At Risk in America’s Schools" According to ACLU
Links for the day
Only One Speaker Does Not Do Sharecropping for MElon (in X.com)
The man who puts principles before PR/optics
The Mind of the 'Hulk Hogan of UEFI'
in a nutshell
A Day After "UEFI 9/11": UEFI Secure Boot Bypass
In the news today (right now), as published in the past few hours
Links 12/09/2025: Slop Code as Liability, Microsoft Outlook Down for Many
Links for the day
It's Still Not to Late to Turn Off "Secure Boot"
If people reboot their PC or server today, and it relies on "Secure Boot" on Sept. 12 or later, then depending on the firmware there may be trouble ahead
Links 12/09/2025: Shira Perlmutter is Back, “Software Per Se” Patent Rejections in In re McFadden
Links for the day
Slopwatch: Linux Plagiarism, Slopfarms Still Infesting Google News, Many Images Are Fake
Google is promoting plagiarism
"This Morning Might Turn Out to be an Interesting One for System Admins Who Haven't Updated Their Devices' Secure Boot Certificate" (If They Reboot)
Who asked for this anyway?
Gemini Links 12/09/2025: Metric System, Dumping Windows, and Software Architecture is Dead
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 11, 2025
IRC logs for Thursday, September 11, 2025
Microsoft Admits the Workers Have Lost Trust (Endless Layoffs, 12-13 Rounds of Layoffs This Year), So Now It's Trotting out Its Peter Bright-Like Media Prop Jordan Novet
What they don't want people to pay attention to right now
Links 11/09/2025: Windows TCO and Russian Drones Invading Poland (EU/NATO)
Links for the day
Gemini Links 11/09/2025: xkcd, misfin, and Alhena 5.3.2
Links for the day
Repetition of Last Summer (Microsoft Breaking Dual-Boot Systems)
UEFI 9/11 is about to kick in
UEFI 'Secure Boot' Boiling Frogs (Cannot Turn Off 'Secure Boot')
"MSI laptop is locked on Secure Boot and doesn't allow me to turn it off"
UEFI 9/11 Aftermath - Part IV: The 'Hulk Hogan of UEFI' and His 'Hideout' Holiday (Retreat From Reality)
Let's keep an eye on what matters
UEFI 9/11 Aftermath - Part III: Mr. 'Secure Boot' (Shim) and His Fake 'Holiday' (Sending My Wife and I Threatening E-mails on 9/11)
despite being on holiday, according to him, he finds time to instruct lawyers to contact my wife
UEFI 9/11 Aftermath - Part II: "The SecureBoot Thing Got Out of Hand."
The next few weeks might be... interesting
UEFI 9/11 Aftermath - Part I: "I Believe This Affects Thousands of Devices... Because Multiple Devices I Checked, Whether Client or Server [...] Affected."
Most people aren't even aware that this is happening or about to happen
The UEFI 9/11 - Part X - An Outline of the Series About Microsoft Sabotaging GNU/Linux (With Ramifications to Unfold Online in Coming Weeks as People Reboot)
Today is UEFI 9/11 (9/11/2025)
Ron Wyden: Microsoft Should be Held Accountable for Security Breaches (He Has Said This for Years Already, It Never Happens)
Negative media coverage isn't a fine and it does nothing to compensate Microsoft's billions of victims
Culture of silence: Ubisoft harassment convictions, Mozilla, Sylvestre Ledru & Debian make no comment
Reprinted with permission from Daniel Pocock
Disable 'Secure Boot' (If It Lets You)
it doesn't put you in control
Links 11/09/2025: "Hey Hi" Ponzi Schemes at Oracle (Unpaid Contracts) and Cindy Cohn is Leaving the EFF
Links for the day
Longtime Red Hat Staff: Maybe Just Disable 'Secure Boot'
A refreshing take from Adam Williamson
Gemini Links 11/09/2025: Playdate Console, Dichotomy between the Real and the Digital
Links for the day
A Dozen Observations About "UEFI 9/11" Deflections
What we are expected to see, tentatively
The Microsoft AstroTurfing and Microsoft-Led Blame-Shifting Tactics Are Ahead of Us
Of course it has nothing to do with security, it's about control, i.e. them controlling everything
Celebrating Assassination is Bad Because It Legitimises Assassination of the People You Like, Too
Condoning or even celebrating political assassinations is bad optics (and taste)
The World's Richest Ponzi Scheme (Faking Value Using Net Waste)
The higher they go the harder they fall
We Could Dual-Boot Back in the 1990s, Why Has This Become So Difficult?
And prone to breakage
Being Conditioned to Accept Unreliable Computer Systems That Fail With Black Screen of Death (BSoD)
Welcome to 2025
Slopwatch: Google News is Still Promoting Many Fake Articles About "Linux", in Effect Rewarding Misinformation and Plagiarism
things continue to deteriorate
New Series: The Coup Against GNU/Linux Has Begun
today, this year in particular, we shall also focus on Secure Boot, which is sold based on a lie and tortures many computer user
New Paper on "BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses."
One might say digital "security theatre"
Links 11/09/2025: Oracle Layoffs, Drunk Pilots in Japan Airlines, US-Korea Tensions Grow
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 10, 2025
IRC logs for Wednesday, September 10, 2025
Xubuntu Site Compromised
Let's hope it is not a security breach
Links 10/09/2025: Retaliation at Facebook and Microsoft Reveals Almost 100 Security Holes
Links for the day
Gemini Links 10/09/2025: Annihilation of Self, The Future Eaters, and Leaving Academia
Links for the day
They Say That People Are Afraid of or Worried About "Hey Hi", But the Worriers Should be the Fools Who Invested in It
At the end of the day nobody should worry more than those who invested their money in this bubble
Harassment evidence: franceinfo's Clara Lainé report on Ubisoft prosecution
Reprinted with permission from Daniel Pocock
Links 10/09/2025: Microsoft Layoffs in "RTO" Clothing and Windows TCO, GitHub TCO
Links for the day
Blaming Everything on China
TikTok works for China. GAFAM works for fascists.
People Get Tired of "Hey Hi" (AI), Unlike the Subservient Money-Obsessed Media That Gets Paid to Pretend This Bubble Still Matters
"crash will be way bigger than dot.com burst in 90s. and that was Internet, actually transformative technology, not this expensive AI toy with direct dependency on the energy input which is not scalable"
Brett Wilson LLP Accepts That the Serial Strangler From Microsoft Filed a Case That Also Implicates My Wife (Everything is Connected)
They used to pretend that there were two separate cases
10 Reasons to Disable (or Enable) UEFI Secure Boot
Tomorrow the "trusted corporation" Microsoft will see a certificate expire
Gemini Links 10/09/2025: Hospital and Large Feeds
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 09, 2025
IRC logs for Tuesday, September 09, 2025
The Bluewashing of Red Hat is Being Completed, Many Staff Understand They'll be Made Redundant
Jim AllowHurst (Whitehurst) is meanwhile promoting Microsoft's agenda from within other companies
Throwing Away "Old" Computers (Mozilla and Other Climate Deniers)
Mozilla is not leftist