EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.24.15

Microsoft Windows Leads to Espionage and Blackmail: Latest Examples

Posted in Microsoft, Security, Windows at 6:00 am by Dr. Roy Schestowitz

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Summary: Another news overview, detailing high-profile examples of high-cost Windows deployments (including the cost of litigation and settlement)

THE “IRS hack [is] far larger than first thought,” according to this new report. It’s no secret that the IRS is a Microsoft Windows shop (which was warned about security breaches as far back as 6 years ago), so it makes one wonder if Windows was to blame here, as in the OPM breach, the Sony breach, and most recently the Ashley Madison breach (not to mention Stuxnet in Iran). Based on our information, all these high-profile breaches one way or another involve Microsoft reliance. The corporate media failed to call out Windows, but a little bit of research often helps boil it down to Microsoft’s NSA-accessible (through back doors) platforms.

“The parent company can now be sued into bankruptcy. It’s the (hidden) high cost of Windows.”Below is a new story which shows how Argentina targets [1] a large number of dissidents for surveillance using a fake “confidential document [that] was intended to infect a Windows computer.” GNU/Linux users needn’t worry about such things. Then of course there is the latest high-profile breach, the one affecting tens of millions of members of Ashley Madison (including almost ten thousand members of the military, including high-ranked ones), some of whom are suing [2] (what’s the price of a failed marriage or blackmail?). The parent company can now be sued into bankruptcy. It’s the (hidden) high cost of Windows. According to [3], “Security Was An Afterthought” at Ashley Madison. Well, that’s quite evident. Ashley Madison is hardly even hiding it (DMCA rampage is not a substitute) and it has been made ever more obvious by the fact that they were using Microsoft Windows.

Microsoft and security are mutually exclusive, unlike Microsoft and insecurity. No secure application can be mounted on top of a base with back doors. It ought to be crystal clear after Snowden’s many revelations.

Related/contextual items from the news:

  1. Inside the Spyware Campaign Against Argentine Troublemakers

    Alberto Nisman, the Argentine prosecutor known for doggedly investigating a 1994 Buenos Aires bombing, was targeted by invasive spy software downloaded onto his cellular phone shortly before his mysterious death. The software masqueraded as a confidential document and was intended to infect a Windows computer.

  2. Canadians are suing Ashley Madison because a lack of prophylactic protection

    A BRACE OF LAW FIRMS ARE BEHIND A class action lawsuit against Ashley Madison because it did not do enough to protect personal and private information.

    The class action case, from two Canadian law firms, argues that the hookup stations failed users by not protecting their information and for not deleting it after a fee had been paid to ensure its deletion. It seeks $578m.

    According to the New York Post the lawyers want some satisfaction for a cluster of punters who are currently wearing outraged expressions and regretting joining a site that does what it does in the way that it does it.

  3. ‘Security Was An Afterthought,’ Hacked Ashley Madison Emails Show

    It’s already clear that, despite handling very sensitive data, Ashley Madison did not have the best security. Hackers managed to obtain everything from source code to customer data to internal documents, and the attackers behind the breach, who call themselves the Impact Team, made a mockery of the company’s defenses in an interview.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

5 Comments

  1. Canta said,

    August 24, 2015 at 10:30 pm

    Gravatar

    Dr. Schestowitz.

    About the first article, a few notes.
    (Please know that i speak spanish, so my english could be weird).

    * – The article is totally biased.
    Nisman is used everywhere in the world as an example of some kind of heroic resistance against a regime to the point of being a martir, actively ommiting some notorious dirty aspects about himself, “his” (it’s in doubt that he was the one who wrote that, given the low quality) very poor accusation against two high profile public functionaries, and what he did with the investigation.
    I don’t think that refuting that article belongs to Techrights, so links to Nisman critics, i guess, are out of place here. But everyone can go and check the english Wikipedia article on Nisman, to see things like the wikileaks mention of Nisman’s “friendship” with the USA’s intelligence or the fate of his sudden and mediatic accusation (wich made him “dissident”, when all the time before that was a friend of the current goverment, and “martir” just the day before of explaining his accusation in the congress). Those things are no secret around here, and that class of information is nowhere in the article.

    * – You say in the text “Argentina targets a large number of dissidents”. It saddens me to say it, but i find it low:
    the “large number” were just two persons in the note, one of them (Lanata) works full time at forging media scandals for money (he’s constantly trying to look as a targeted person, has his own history of corruption, and was many times accused, with evidence, of forging news), and then they talk about Ecuador and a deal for fighter jets (no dissidents at all in that case), all related by the use of low end spyware software when not directly script kiddiez tools.
    It’s just not enough to seriously say “Argentina targets a large number of dissidents”. That’s totally unfair to Argentina.

    * – The note says the spyware is available for GNU/Linux and Android, even when a Windows version was used. And the file was a JAR file: unless it was some kind of facade (Windows is full of that kind of attacks), we know jars DO work on GNU/Linux if adecuatelly forged. Even so, i don’t clearly remember it right now, but i think Nisman had a Mac: by your logic, he was also safe from the attack, just because they used some Windows version.
    My point: i feel you’re saying half truths just to bash Windows.

    I read you every day, i share your conviction that windows must be erradicated, and actually recomend Techrights as a reliable (when not unique and neccesary) source of information. Please know i’m writing this with great respect for your daily work and convinced that there’s no bad intentions in your text. I just felt this time you were wrong with that article.

    Thank you again for your dedication.

    Dr. Roy Schestowitz Reply:

    I have read a good deal about the Nisman affair, admittedly in English-speaking media, so perhaps I lacked some context which takes an opposing point of view (probably in Spanish and not in Five Eyes’ media). It often happens when dealing with articles about Cuba and Venezuela (must know Spanish). After the war with Argentina I don’t expect British media (which I trust only a little more than US media) to speak favourably about the country’s leadership. Then there’s the Wikileaks/cablegate revelation about Clinton’s obsession with the Argentinian government. There may be legitimate reasons for distrust, least of which are historical, e.g. http://latinamericanhistory.about.com/od/thehistoryofargentina/a/Why-Did-Argentina-Accept-Nazi-War-Criminals-After-World-War-Two.htm https://vault.fbi.gov/adolf-hitler/adolf-hitler-part-01-of-04/view

    Regarding the malware, they targeted a Windows machine in this case (predictable). In many cases it seems like safe bet/guess. GNU/Linux comes in many shapes and forms (some have SELinux in place), which helps further complicate buffer overflows and other monoculture-dependent attack vectors.

  2. Canta said,

    August 25, 2015 at 11:25 am

    Gravatar

    Oh, there’s the Falklands/Malvinas, of course. That’s even noted in the article, regarding some embargo on the fighter jets. That is true. But there are other things about Argentina right now, that some people even directly associate with Nisman in the context of international affairs.

    TL;DR: Argentina may be at least as dirty as any other country, but Argentina is right now a nuissance for very powerful people and that can’t be ommited when reading things like the Nisman affaire.

    * – Argentina is leading a battle in the UN in order to stablish a global normative against the now called “vulture funds”. If you peek some news about that, you’ll see which few powers are against Argentina proposals, and how the rest of the world agrees with it. Argentina’s president even called “terrorists” in the UN all those who manipulate markets.
    As a colour note, and an example of what is going on with this issue here: that guy Lanata in your first article, he works for the biggest media conglomerate in Argentina (the “Clarin group”), a strong enemy of the actual goverment, which happens to share an address in the USA with no other than Paul Singer.

    * – Argentina is protectionist of its markets, and promotes regional integration. The actual is an, at least verbally, very nationalist goverment. This has lots of consequences (many of them negative in the short term for Argentine middle-class citizens like myself) but it’s enough for the monopolistic media to bash it like it where some kind of ignorant brute about economics. Not to mention that Argentina is dealing with China and Russia while legally battling the USA over commercial rights and England over the Falklands/Malvinas sovereignty; they try to put Argentina as a beligerant and isolate state, when it claims for the rule of law and do lots of international trading.

    * – South America is right now a focus of attention, not only with the grow of Brazil. The situation in Greece and Spain is constantly compared with Argentina in 2001 (a devastating neoliberal disaster), and lots of voices call for copying its experience (huge recovery from 2003 to this days, renouncing to liberal recipes and actively confronting liberal organizations).

    * – There’s a long history in South America of operations in order to control it. Event current-times coups. Every time is the same: infinite corruption accusations in the media, economic attacks, and selling the USA as some kind of paradise everybody should copy (we argentinians in particular have an historical fixation with Europe as our little personal heaven). Media and market powers plant public discontent. The Nisman affaire was received here by lots of people as another media operation; what Nisman did had absolutelly no sense at all (his accusation was shockingly poor made for a respected and competitive professional), and splitted the argentinian oppinion in two sides: the paranoids that say that the goverment is assasinating their opposition, and the paranoids that say that this is all a distability operation. Nisman did everything wrong and ended achieving nothing but public caos (if anything at all); there are very few parties beneficing from that, and certainly not the current goverment.
    Another colour note about that: the monopolistic press here bashed hard the Argentina-Iran understanding treatry regarding AMIA (the Nisman’s case) and any nuclear interaction with them, while praised the USA’s recent treatry.

    * – Even when there are constant attack to south american goverments by monopolistic powers, the goverments remain strongly popular. With all their shady bussiness happening, and all their social problems, most South America goverments are ultimatelly and strongly democratic. And that’s not some kind of accident, but a result of South America’s history of military dictatorships around the 70′s: this people have learned to respect democracy the hard way. The opposition, on the other hand, insist on calling this goverments “regimes” and “dictatorships”, which is another non-accident. So… i don’t think is a minor issue who’s that opposition.

    * – You quote the nazi affaires in Argentina, as (i understand) a proof Argentina is clearly not any saint. If that’s the case, i agree on that: trust me, i live here, i know many crappy stuff about Argentina. But i see the Nazi affaires as part of the same problem.

    It all happened during Perón, which is known worldwide as a remarkable popular/populist leader. He let a very deep mark in Argentina’s political movement, and for a lot of people here his first goverment was the best goverment Argentina ever had. He’s evenly hated as loved, both regarded as saint and devil. But nobody around here says the guy didn’t knew what he was doing: he’s universally recognized as a cunning strategist.
    Thing is, part of the Perón’s idea was to industrialize Argentina, which is an historical agricultural country. Perón was another market protectionist, a nationalist and desarrollist, and part of the peronist economic strategy was to develop an argentine industry: an interest against the local (agricultural) and international powers. In that adventure, it is common knowledge, he dealed with the Nazis, as they were not only anti-communist but also technological vanguard. It’s said, for example, that Perón’s Nazi deals where the beggining of the argentine nuclear program. Something that also happened here and there:
    https://en.wikipedia.org/wiki/Operation_Paperclip
    https://www.google.com/search?channel=fs&q=USA+nazi+criminals&ie=utf-8&oe=utf-8

    I don’t say this to be an apologist or a moral relativist; i’m not peronist nor pro “let’s be like the USA”: crimes are crimes, period. I firmly believe in the human rights, democracy, and the state of law, in that particular order.
    What i’m saying is that it’s just not that simple as to say “LOOK! NAZIS!” to talk about what happened back then.
    Perón gave the argentine low and middle class historical rights in a moment of global war and revolution, calming the waters around here, while he was also responsible of violent (including assasinations) anti-communist movements. He showed himself as an avatar for the worker class, when he was also actively and explicitly working for the upper bourgeoisie. Where Marx states “class struggle”, Perón states “class reconciliation”, and that implies concessions for both sides. That two-sides of peronist policy is commonly known here as “peronaut pendulum”, and it always had the effect of giving Argentina, for the best or the worst, a certain degree of autonomy otherwise could not had. That autonomy, cultural and economical, was and still is strongly bashed by monopolistic powers.

    Same thing is happening today with current goverment. And then in the monopolist media it doesn’t matter what Argentina does about anything: if it’s done by Argentina is just plain wrong, ignorant, brutal… but if it’s done by the USA is at least kinda understandable (like the understandings with Iran), or it doesn’t even say a word about if the USA did/do the same kind of things.
    I constantly quote around here, to my friends and co-workers, your links regarding violence around the world, as many people here believes the USA and Europe as violence free and sees violence in Argentina as the results of inept or corrupt policies; that’s the result of the media coverage of things here.

    My point about all this: anyone can hardly rely on the media for this kind of stuff like the Nisman affaire. Is just absurd. This is the reason i value Techrights work so high, and why i felt sad seeing it falling into some kind of media common place. Nisman affaire is more noise than information, and specially outside Argentina.

    Dr. Roy Schestowitz Reply:

    I guess one important question remains, can The Intercept be trusted?

  3. Canta said,

    August 25, 2015 at 12:44 pm

    Gravatar

    Well… i don’t know.

    I said the article is biased, i have no doubts about that; there are lots of public domain data about Nisman and Lanata not even insinuated there, as well as this is an article about argentine intellicence and doesn’t say a thing about the status of intelligence central in Argentina: the president dissolved in january the SIDE, the now ex argentinian intellicence central, and created a new one; weeks before that there were this attacks using low-end tools, and weeks after was the Nisman assasination/suicide; SIDE was showing a parallel power forged since the 70′s, and the new intelligence central had the first official task of investigating big banks: nothing to say about that LITTLE detail in an article about spionage?.

    But i didn’t meant to say The Intercept is somehow the devil: affaires like the Nisman one are honeypot for investigative journalists. I wouldn’t blame so hard a passionate journalist truly believing he’s revealing some explosive truth to the public, just for thinking an example of a not so terrible bias. This is a state-wide affair, so is kinda big deal, and the lines the article traces between attacks have indeed some sense. Is just biased for ommiting, not for telling lies.

What Else is New


  1. António Campinos Has Run Out of Time and EPO Staff is Going on Strike (Skipping Mere Protests)

    European Patent Office strikes are to resume; as SUEPO recently put it, people have come to accept that EPO leadership has not really changed and none of the underlying issues is being tackled



  2. Links 23/5/2019: Elisa 0.4.0, OpenSUSE Leap 15.1 Released

    Links for the day



  3. Links 22/5/2019: Mesa 19.0.5, Huawei and GNU/Linux, Curl 7.65.0, End of Antergos, Tails 3.14, ownCloud Server 10.2, Firefox 67.0

    Links for the day



  4. Quality of Patents is Going Down the Drain and Courts Have Certainly Noticed

    Uncertainty or lack of confidence in the patent system has reached appalling levels because heads of patent offices are just striving to grant as many patents as possible, irrespective of the underlying law



  5. EUIPO and EPO Abuses Growingly Inseparable

    'Musical chairs' at CEIPI and the EPO/EUIPO (Battistelli, Archambeau, Campinos) as well as joint reports never fail to reveal the extent to which EPO abuses are spreading



  6. Links 21/5/2019: China's GAFAM Exit, DragonFlyBSD 5.4.3

    Links for the day



  7. Links 20/5/2019: Linux 5.2 RC1, LibreOffice 6.3 Alpha, DXVK 1.2.1, Bison 3.4 Released

    Links for the day



  8. South Korea's Government Will Show If Microsoft Loves Linux or Just Attacks It Very Viciously Like It Did in Munich

    Microsoft's hatred of all things GNU/Linux is always put to the test when someone 'dares' use it outside Microsoft's control and cash cows (e.g. Azure and Vista 10/WSL); will Microsoft combat its longstanding urge to corrupt or oust officials with the courage to say "no" to Microsoft?



  9. Links 19/5/2019: KDE Applications 19.04.1 in FlatHub and GNU/Linux Adoption

    Links for the day



  10. The War on Patent Quality

    A look at the EPO's reluctance to admit errors and resistance to the EPC, which is its very founding document



  11. Watchtroll, Composed by Patent Trolls, Calls the American Patent System “Corrupt”

    Another very fine piece from Watchtroll comes from very fine patent trolls who cheer for Donald Trump as if he's the one who tackles corruption rather than spreading it



  12. Unified Patent Court Won't Happen Just Because the Litigation Microcosm Wants It

    Unified Patent Court (UPC) hopefuls are quote-mining and cherry-picking to manufacture the false impression that the UPC is just around the corner when in reality the UPC is pretty much dead (but not buried yet)



  13. Links 17/5/2019: South Korea's GNU/Linux Pivot, Linux 5.1.3

    Links for the day



  14. Q2 Midterm Weather Forecast for EPOnia, Part 4: Happy Birthday to the Kötter Group?

    This year the Kötter Group commemorates the 85th anniversary of its existence. But is it really a cause for celebration or would a less self-congratulatory approach be more fitting? And does it create the risk that a routine tendering exercise at the EPO will turn into Operation Charlie Foxtrot?



  15. Links 16/5/2019: Cockpit 194, VMware Acquires Bitnami, Another Wine Announcement and Krita 4.2.0 Beta

    Links for the day



  16. The EPO's Key Function -- Like the UPC's Vision -- Has Virtually Collapsed

    The EPO no longer issues good patents and staff is extremely unhappy; but the Office tries to create an alternate (false) reality and issues intentionally misleading statements



  17. Stanford's NPE Litigation Database Makes a Nice Addition in the Fight Against Software Patent Trolls

    As the United States of America becomes less trolls- and software patents-friendly (often conflated with plaintiff (un)friendliness) it's important to have accurate data which documents the numbers and motivates better policy; The NPE (troll) Litigation Database is a move towards that and it's free to access/use



  18. Q2 Midterm Weather Forecast for EPOnia, Part 3: “Ein kritikwürdiges Unternehmen”

    A brief account of some further controversies in which the Kötter Group has been involved and its strained relations with German trade unions such as Verdi



  19. EPO Had a Leakage Problem and Privacy of Stakeholders Was Compromised, Affecting at Least 100 Cases

    The confidentiality principle was compromised at the EPO and stakeholders weren't told about it (there was a coverup)



  20. Links 15/5/2019: More Linux Patches and More Known Intel Bugs

    Links for the day



  21. False Hope for Patent Maximalists and Litigation Zealots

    Patent litigation predators in the United States, along with Team UPC in Europe, are trying to manufacture optimistic predictions; a quick and rather shallow critical analysis reveals their lies and distortions



  22. The Race to the Bottom of Patent Quality at the EPO

    The EPO has become more like a rubber-stamper than a patent office — a fact that worries senior staff who witnessed this gradual and troublesome transition (from quality to raw quantity)



  23. Q2 Midterm Weather Forecast for EPOnia, Part 2: Meet the Kötters

    An introduction to the Kötter Group, the private security conglomerate which is lined up for the award of a juicy EUR 30 million contract for the provision of security services at the EPO



  24. Links 14/5/2019: Red Hat Satellite 6.5, NVIDIA 430.14 Linux Driver and New Security Bug (MDS)

    Links for the day



  25. Links 14/5/2019: GNU/Linux in Kerala, DXVK 1.2, KDE Frameworks 5.58.0 Released

    Links for the day



  26. Q2 Midterm Weather Forecast for EPOnia, Part 1: Urgent Shitstorm Alert

    Experts at the European Patent Office's (EPO) weather observation station have just issued an urgent alert warning about a major shitstorm looming on the horizon



  27. Patents That Were Gleefully Granted by the EPO Continue to Perish in Courts

    The decreasing quality of granted European Patents already becomes a growing problem if not a crisis of uncertainty



  28. Links 13/5/2019: ExTiX 19.5 and GNU Radio Conference 2019

    Links for the day



  29. The Microsoft Guide to the Open Source Galaxy

    Thou shalt not...



  30. Microsoft Would Kill the Goose for Money

    Microsoft is just 'monetising' Open Source by using it as 'bait' for Microsoft's proprietary software; those who we might expect to antagonise this have effectively been bribed by Microsoft


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts