Bonum Certa Men Certa

More Back Doors Found in Microsoft's Entrapments (Proprietary Software)

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Urbis
Windows are famously easy to smash



Summary: Security flaws and even blatantly obvious loopholes for surveillance are identified in several of Microsoft's so-called 'products', which turn users (and their data) into the real product (to be sold to private companies or shared with spies)

THOSE who pay close attention to the news (as we typically do) have lost count of the number of Microsoft back doors, affecting a large number of products and vast number of people. The whole spectrum of application has a plethora of ways to take over PCs and intercept messages. That's not even an accident.



Neel Gupta wrote a month ago about Microsoft and the NSA, including the way this relates to UEFI (remote takeover at hardware level, aided by secret software and keys). Gupta wrote: "As Microsoft Windows has already lost this 'trust' through Spams, Blackmails, _NSAKEY, and not fixing critical bugs. So Microsoft changed it's definition of 'trust' in computing: devices with dedicated microprocessor designed to secure the hardware against consumers, and only allow software signed(authorized) by the device manufacturer to run on the device."

"There is not even a denial that there are back doors and wiretapping (without warrant). They just excuse themselves by saying "law enforcement"."Curiously enough, based on [1] (below), Microsoft continues to expose users on the Web, making its use of HTTPS a total sham, almost definitely by design (and intention). When users go to Outlook to read their E-mails things get even worse [2,3]. "Backdoor in Outlook Web Application operates inside target's firewall," to quote a Microsoft-friendly writer/publication.

Microsoft 'privacy' is a lie, as software like Skype serves to demonstrate. There is not even a denial that there are back doors and wiretapping (without warrant). They just excuse themselves by saying "law enforcement". The FBI never complains about encryption in Microsoft or Windows because there is none that's truly effective.

Don't believe what the media is saying right now about Vista 10 figures (e.g. number of devices or users) because these are lies, as we explained last week (many who tried Vista 10 moved away from it afterwards).

As Gupta's SAP blog concludes: "Note that Windows XP, Vista, 7, and 8 are all going down. With the exodus from Windows, if we as SAP don't create solutions on Linux and Mac/iOS, we will loose customers to those who do."

Related/contextual items from the news:



  1. Microsoft sites expose visitors’ profile info in plain text
    If you think using secure HTTP would be enough to protect your privacy when checking webmail, think again. When users connect to their Microsoft user account page, Outlook.com, or OneDrive.com even when using HTTPS, the connection leaks a unique identifier that can be used to retrieve their name and profile photo in plaintext.

    A unique identifier called a CID is exposed because it's sent as part of a Domain Name Service lookup for the address of the storage server containing profile data and as part of the initiation of an encrypted connection. As a result, it could be used to track users when they connect to services from both computers and mobile devices, possibly even identifying users as their requests leave the Tor anonymizing network.


  2. Microsoft OWA falls victim to password-pinching APT attack
    SECURITY RESEARCHERS FROM Cybereason have sounded a klaxon over a problem with the Microsoft Outlook Web Application (OWA) that could let attackers swoop in and tag and bag data and documents through the use of APT techniques.

    Cybereason discovered the bug when a customer with some 19,000 endpoints suspected that it was the victim of infection.


  3. New Outlook mailserver attack steals massive number of passwords
    Backdoor in Outlook Web Application operates inside target's firewall.




Recent Techrights' Posts

The Openwashing Shills Initiative (OSI) - Part II: Lying to the IRS is a Big Issue
The OSI of today pretends to be something that it is not
Bloodlust and Love of Blades (Fascination With Murder) Nothing New Among Microsofters
Violence is not a joke and no group is magically entitled to make such "jokes"
Links 01/06/2025: Bird Flu, Food Price Inflation, and Growing US-China Hostilities
Links for the day
Links 01/06/2025: "Vibe Coding" Turns Out to be a Fraud and Amazon Merits Boycott, Argue Bloggers
Links for the day
Gemini Links 01/06/2025: "Stardust" and Ideal PC Setup
Links for the day
Links 01/06/2025: Windows TCO, Openwashing, "It's FOSS" Still Promoting Microsoft
Links for the day
Gemini Links 01/06/2025: Simplification and Networks Everywhere
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 31, 2025
IRC logs for Saturday, May 31, 2025
Google Bribes EFF. EFF Promotes LLM Slop as 'Fair Use'. To GAFAM It's a Low-Cost Lobby Hedge.
So the bribes pay off ("slush fund") and the word spreads
Slopwatch: Fake Text and Images, Financial Bubbles, and Scams in "Intelligent" Clothing
Sometimes what they mean by "AI" is just cheap labour somewhere else, as we discussed in IRC a few hours ago
Why Microsoft is Collapsing (Similar to What's Happening at IBM), As Insiders See It
IBM seems like one heck of a mess
Reliable Computing Means Free (Libre) Computing
Sites that want to promote security ought to deal with the biggest issues
Links 31/05/2025: US Court Orders Sides With RFE/RL, War Updates From Ukraine
Links for the day
Gemini Links 31/05/2025: ARM Server and power_supply Subsystem
Links for the day
Links 31/05/2025: Slop Stigmatised as Disinformation, Catalyst/Driver of "Death of Communication"
Links for the day
Common Sense 101: Do Not Write Blog Posts Saying You Want to Murder Colleagues (or Yourself)
Only crazy people would think stabbings are a joke
Microsoft Bankruptcy
"Microsoft unit in Russia to file for bankruptcy, database shows"
Techrights Does Not Compete With LLM Slop, It Exposes the Bastards, Plagiarists and Scammers Who Do That
People like Scam Altman, still facing a lawsuit from his own sister for sexual abuse against her
Links 31/05/2025: Microsoft-Connected Builder.ai is a Fraud and US is Purging Students Based on Race/Nationality
Links for the day
Gemini Links 30/05/2025: Limmat, Doomscrollers, and Arguments Parsing
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 30, 2025
IRC logs for Friday, May 30, 2025
The "AI" (Slop) Bubble Already Popped, But It's Not an Overnight Collapse
where Microsoft put its money
No More Steven Astorino at IBM, Chatter About Weekly/Nonstop Layoffs at IBM
What happened? Good luck guessing.
Looking at Corruption in Europe, Going Beyond the EPO
Expect a new series to kick off very soon
Slopwatch: Security SPAM and LLM Slop for SEO and FUD Purposes, Perpetually Tarnishing the Perception of Linux and (Open)SSH Security
A lot of this Fear, Uncertainty, Doubt (FUD) comes from Microsoft and its LLMs
Links 30/05/2025: Google's LLM Slop Pushers Are Killing Journalism and Shira Perlmutter Fails to Stop Bribed Regime From Legalising Plagiarism (in "AI" Clothing)
Links for the day
Links 30/05/2025: Offline Arts and "Threshold of Patience"
Links for the day
Signing Off Serious Lies With a Statement of Truth is No Joking Matter
It's not hard to see what's happening here
Links 30/05/2025: LLM Slop Already Ingests and Vomits Its Own Garbage, Facebook Exec Admits Copyrights a Concern Too
Links for the day
Mass Layoffs at Microsoft Result in More Whistleblowers From Microsoft
Microsoft's predatory pricing is further
Slopwatch: Planet Ubuntu Became LLM Slop and Some People Fail to See the Immorality of Plagiarism
it lessens the incentive for people to publish real articles
EPO Poll: 68% Dissatisfied With Quality of Slop (Wrongly Framed as "AI") for Patent Classification
Slop does not work, it's just falsely advertised with extra hype (funded by slop pushers that sponsor the major media)
Big Crowds Gather to Learn About Software Freedom From the Man Who Started GNU/Linux in 1983
"It was a great success"
Microsoft Layoffs Again in Bay Area
Microsoft relies on people's false belief that being "in LinkedIn" will get you a job; well, seems like even working inside LinkedIn really sucks and you lose the job
Gemini Links 30/05/2025: Fighting Against the Bad News, and Slop is Dehumanisation Disguised as "Intelligence"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 29, 2025
IRC logs for Thursday, May 29, 2025