04.14.15

Gemini version available ♊︎

Back Doors/Bug Doors in All Versions of Microsoft Windows Need a Name, a Logo, and Branding Too

Posted in FUD, Microsoft, Security, Windows at 10:50 am by Dr. Roy Schestowitz

Microsoft gets a free pass for insecurity

Michael S. Rogers
“I don’t want a back door. I want a front door.” — Director of the National Security Agency (NSA), only days ago

Summary: All versions of Microsoft Windows are found to have been insecure since 1997, but the bug responsible for this is not named as candidate for back door access, let alone named (with logo and marketing) like far less severe bugs in Free/libre software such as OpenSSL

WHILE many journalists still refuse to call out Windows (see this new piece from Dan Goodin, who writes about crackers hoarding Windows hosts by the millions — in botnets — while mentioning the word “Windows” only once, very deep inside the article), some have no choice by to acknowledge that not every single computer runs Windows and therefore we should call out Windows when it’s clearly to blame.

“This wouldn’t be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple).”Although there is no “branding” yet (as Microsoft buddies from a a Microsoft-linked firm like to do to Free/libre software bugs), there is a very serious bug in all versions of Windows (even the one still in development) that Microsoft’s allies at the NSA must be very happy about, especially as the bug is 18 years old (meaning that Windows has allowed remote access since 1997, or around the time Microsoft was seeking to appease the US government after it had shamelessly broken many laws).

The bug was found not by Microsoft but by this team (press release), which probably has no access to Windows source code. This wouldn’t be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple).

ISPs should now restrict or ban Windows use, as it poses a huge risk (botnets and DDOS, never mind risk to all data stored on machines running Windows). Here is some early coverage of this [1, 2], some correctly emphasising that it’s a 18-year-old vulnerability [1, 2].

Let’s see if this starts a big debate about the insecurity of proprietary software (as other bugs with “branding” did to Free software, by means of gross generalisation). This “New Security Flaw Spans All Versions Of Windows” (similar wording in this headline). 18 years, eh? It even predates 9/11. It’s older than some readers of this Web site.

Watch this disgraceful piece titled “Will Microsoft’s Security Measures in Windows 10 Tarnish Open-Source Development?”

Yes, it’s more propaganda; The disingenuous openwashing of Windows continues, as we’ll show in our next post.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. [Meme] Job Ethics

    Ethical development jobs may not be easy to find; some ethical jobs can turn immoral after many years and then it’s time to leave (there’s no turnaround when HR gravitates towards immoral business and chronically relies on deceit)

  2. The Morality of Your Clients and Suppliers Should Matter (It No Longer Matters in Sirius 'Open Source')

    One very important (and perhaps lifelong) lesson learned in my last job is that clients and agenda can change rapidly as a result of rotation in management and a loss of moral compass; it's critical to check not only what employer one works for but who the upstream and downstream entities are (their nature can change for the worse when the employer becomes desperate and neglects ethics in pursuit of money)

  3. Links 02/12/2022: Fedora Gets Sway Spin; Samsung, LG, Mediatek Certificates Compromised

    Links for the day

  4. [Meme] Sirius Open Wash Ltd.

    Limited openness or pure openwashing; the company formerly known as SIRIUS CORPORATION LIMITED (03633198) and now known as SIRIUS OPEN SOURCE LTD (11014042) is not what it says on the tin

  5. Sirius Open Source is No Longer Open Source and It's Simply Unethical to Stay There

    The company where I've worked since my twenties is going under; now it's trying to find excuses to deny compensation to staff while failing to pay very basic bills and liabilities; there are many other issues that deserve the light of day

  6. Links 02/12/2022: GNU/Linux Growing Fast in Steam, Twitter Crumbling

    Links for the day

  7. IRC Proceedings: Thursday, December 01, 2022

    IRC logs for Thursday, December 01, 2022

  8. Links 02/12/2022: RawTherapee 5.9 and Camerctrls

    Links for the day

  9. Links 01/12/2022: NixOS 22.11 Released and Genode OS 22.11 is Ready

    Links for the day

  10. The Outdated Microsoft Worldview (Mindframe of Post-Mainframe Era): A Mindset of Windows Being Ubiquitous in the Market (and Where It Cannot be Avoided)

    It's mostly incorrect to describe Windows as something that cannot be avoided in technical occupations or something that's worth learning (or actively using)

  11. Condé Nast (Owner of Reddit and Many Other Microsoft-Funded Sites) Promoting Software Patents

    SoylentNews is boosting Condé Nast fluff, including glorification of software patents which ought not be granted at all after 35 U.S.C. § 101/Alice

  12. Twitter: Not a Platform for Activism But for AstroTurfing and Manipulation by States and Plutocracy

    More people are finding out that social control media is all about control; it is controlled by states and oligarchs, it's not a grassroots tool

  13. Links 01/12/2022: Release of Arti 1.1.0, Date for Red Hat Summit 2023

    Links for the day

  14. IRC Proceedings: Wednesday, November 30, 2022

    IRC logs for Wednesday, November 30, 2022

  15. Links 30/11/2022: Mesa 22.3, EuroLinux 9.1, and Texinfo 7.0.1

    Links for the day

  16. Links 30/11/2022: Plasma Mobile Gear 22.11

    Links for the day

  17. Links 30/11/2022: More Twitter Trouble and Tor Browser 11.5.10 (Android)

    Links for the day

  18. IRC Proceedings: Tuesday, November 29, 2022

    IRC logs for Tuesday, November 29, 2022

  19. Nat Friedman: Frauds, Software Patents, and Mass Surveillance

    The con man who helped Microsoft promote .NET/C# (inside GNU/Linux) after he had worked at Microsoft, and who later helped Microsoft engage in mass plagiarism via GitHub, is not what the innocent face seemingly projects; Nat Friedman is a very dangerous and sinister person

  20. Links 30/11/2022: Gaming on GNU/Linux With Mac PCs, onak 0.6.2 Released

    Links for the day

  21. Links 29/11/2022: Proxmox 2.3 "Backup Server" and wayland-protocols 1.31

    Links for the day

  22. Links 29/11/2022: Bodhi Linux 7.0.0 Coming

    Links for the day

  23. IRC Proceedings: Monday, November 28, 2022

    IRC logs for Monday, November 28, 2022

  24. Links 29/11/2022: Whonix 16.0.9.0 and SalixLive Xfce 15.0

    Links for the day

  25. António Campinos Could Not Possibly Choose a Worse Time to Show Solidarity With Communist China

    The Unified Patent Court or "Unitary Patent" gets promoted in the same blog post or news item that celebrates dictatorship; that seems appropriate given the nature of the Unified Patent Court, which is a gross violation of laws and constitutions in a high-level institutional way

  26. Blogs Are Better and Gemlogs (Blogs Over Gemini) May be Best

    There seems to be a growing and already-widespread realisation that Twitter sucks and some people rightly suggest that we pivot back into blogging (Twitter is often blamed for the demise of blogs)

  27. Links 28/11/2022: Snal Linux 1.24 and Thunderbird Android Update

    Links for the day

  28. Links 28/11/2022: OpenRGB 0.8 and Introduction of KIO AFC

    Links for the day

  29. Links 27/11/2022: Linux 6.1 RC 7

    Links for the day

  30. IRC Proceedings: Sunday, November 27, 2022

    IRC logs for Sunday, November 27, 2022

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts