Bonum Certa Men Certa

Vista 10 (Windows 10) Has NSA Back Doors and Front Doors

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), April 2015



Summary: Vista 10 to bring new ways for spies (and other crackers) to remotely access people's computers and remotely modify the binary files on them (via Windows Update, which for most people cannot be disabled)

MICROSOFT never cared about security. A former Windows manager, Brian Valentine, said explicitly that Microsoft products "just aren't engineered for security." Last year we also showed how back in the 1990s Bill Gates and his staff had already collaborated quite intimately with the NSA, well before Snowden's NSA and GCHQ leaks helped confirm this (with hard evidence and subsequently media reports).

The Apache Software Foundation (ASF), which is unfortunately headed by a guy from Microsoft, is going into bed with the NSA right now, despite the negative publicity that may accompany/come with such a move. Microsoft, much to our surprise, is still working with the NSA on Windows, and it does this also for Vista 10. One new article about Microsoft's purchase of an Israeli (i.e. spy-friendly as we explained says ago) company says that "[a] big reason for this is the company’s collaboration with the National Security Agency (NSA)."

"Yes, Microsoft still keeps the NSA in the picture."Microsoft is still thinking that enough people foolishly believe NSA collaboration is 'for security' rather than for 'national security', i.e. back doors. A Windows-powered site reminded us some days ago that NSA "worked with Microsoft on security aspects of the Windows 7 operating system and later for Windows 8 and 10."

Yes, Microsoft still keeps the NSA in the picture. This actually surprised us because it's a PR disaster. Why does Microsoft still want to be seen working in cahoots/collusion with the NSA? In proprietary software, back doors or "national security", i.e. not real security, are the cause of many costly issues. Software is designed to be penetrable rather than secure. Is there anyone who still honestly thinks that Vista 10 won't have back doors? Microsoft never stopped its relationship with the NSA and it is obviously still working with the NSA, despite knowing the negative publicity this can bring. A Darwin Award goes out to anyone who still thinks that Microsoft is not helping the NSA exploit its software (because "national security" and other such excuses), despite the Snowden-provided documents that show exactly that.

Earlier today the developer of GNU Telephony wrote that at Microsoft "they created the perfect environment for such demands to be met, forced updates is a front door for govt malware and spying" [and indeed, as The Register revealed last week, they had even removed the ability to stop/block these updates in most "editions". Over ten years ago it was reported on the Web that even when you toggle off automatic updates Microsoft still does it.]

Looking back at news only a few days old, HP has reported 4 new vulnerabilities in Internet Explorer, and not for the first time. To quote IDG: "HP's Zero Day Initiative (ZDI) doesn't cut much slack with its 120-day disclosure policy. When ZDI knocks on your door and says you have a security hole, you get 120 days to fix it or risk full public disclosure. That's what happened -- again. With ZDI and Microsoft -- again. Over Internet Explorer -- again."

"The only way to avoid MSIE is to ditch Windows since it is built-in and impossible to remove" iophk said to us. Will Hill wrote: "There are still vendor supplied IE6 specific software that will not work outside of IE. One of my vendors at work told me one of their pieces of software might work with IE8 but no other browser, including the IE 11 that Microsoft had shoved onto most of the computers. This just highlights the fact that vendors who use Microsoft don’t care about their customers and that Microsoft does not care about anyone."

"In proprietary software, back doors or "national security", i.e. not real security, are the cause of many costly issues."Going only 3 days back, there is this news that Hacking Team helps governments take over Microsoft Windows through back/bug doors, exploiting fonts. "Unpatched systems," wrote Paul Hill, "can be affected if the user opens a document of webpage that contains an embedded OpenType font file. As the font drivers in Microsoft systems runs in kernel mode it means that an attacker could gain access to the entire system with the ability to add and remove programs and create new user accounts with admin privileges."

Windows recently suffered from other font-related holes, and not for the first time, either. It's an easy access point for the NSA into Windows (Microsoft tells the NSA before patching such holes). All versions of Windows are vulnerable and they have all been found vulnerable (without fixes) for decades.

What will the world look like after this back doors 'leader' and 'champion', Microsoft, is gone for good? Well, we need to ensure that NSA partners like Red Hat [1, 2, 3, 4, 5] don't compromise GNU/Linux, too. Social engineering, bribes, blackmail, anonymous patches, etc. are the classic tricks of this trade.

Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
 
Sainsbury's: It Takes Us Up to Two Days to Respond to Customers Upon Escalation (and Sometimes Even More Than Two Days)
It not only does groceries but also many other things, even banking
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day