Bonum Certa Men Certa

The Insecurity of Windows Made Ever More Apparent as Even Microsoft Infects Its Own Operating System

Windows doesn't have bugs, it is a bug (mass bugging without a warrant)

Lady bug Personal Computer (PC)? Microsoft software acts more like an impersonal covert listening device.



Summary: Why any remnant of the perception of Windows security is simply misguided and unjustified, as recent stories serve to demonstrate

IT IS WIDELY known by now that Microsoft and the NSA collude or secretly cooperate so as to enable remote access into Windows and other Microsoft software/services, such as Skype. Microsoft appeases its government not just by lobbying but also by habitual snitching that helps preserve (sometimes enhance) power. Some say that this is how (and when) the antitrust case got scuttled and those who pardoned Microsoft moved on to secretive FISC/FISA courts (see the curious judges overlap). When they talk about security they mean "national security" and when they utter the word trust they mean "the government [or a corporation] trusting computer users." It's all in reverse. Back doors are "security" and "trust" is distrust. Windows is a digital surveillance apparatus on computers with cameras, microphone, etc. (no need for anything sophisticated and expensive like laser microphones).



"Windows is a digital surveillance apparatus on computers with cameras, microphone, etc. (no need for anything sophisticated and expensive like laser microphones)."Malvertising, or Windows malware for financial gain [1], made it into the news earlier this week. "Microsoft Infects Windows Computers With Malvertising" [2] was the headline from FOSS Force and it turned out that Outlook, which sports back doors, remains defective without remedy even on UNIX platforms [3]. The problem isn't just Windows but Microsoft's proprietary software as a whole. Who does this whole chaos serve if not an imperial espionage operations? Some are rushing to spin this and they are blaming computers as a whole [4], but obviously there is something to be said about Microsoft making its software deliberately NOT secure. Even file formats are still acting as back door enablers [5] ("In 2015, your Windows PC can be owned by opening a spreadsheet"). We already know, based on many news reports, about FBI (or equivalents) sending malicious files to surveillance targets who foolishly use Windows.

Come on, let's not pretend that Windows can even be made secure. The objective of the operating system is not security. “Our products just aren’t engineered for security,” a Windows manager once stated publicly. That was before the NSA leaks and after Microsoft and the NSA had reportedly colluded to put back doors inside Windows (1999).

Related/contextual items from the news:



  1. Daily Mail readers should be worried about the Angler exploit kit
    MY, HASN'T THE ANGLER EXPLOIT GROWN? The overseas malware security threat has been caught flashing its side boob at the Daily Mail and affecting UK citizens with a foreign security threat.

    [...]

    "Malvertising has been one of the main infection vectors and continues to affect large publishers and ad networks through very distinct campaigns, very much like a whack-a-mole game," Malwarebytes said.

    "In addition to spreading via compromised websites, Angler leverages malvertising thanks to several different threat actors who use clever ways to go undetected as long as possible or are able to quickly adapt and get back on their feet if one of their schemes gets too much attention and is disrupted."


  2. Microsoft Infects Windows Computers With Malvertising
    I thought about ignoring this one and letting it slide, but it’s too priceless, too typically Microsoft, not to pass on. It seems that Redmond has been inadvertently infecting Windows computers with ransomware through its MSN website. Not to worry, however. The company is happy to hand you a tool to remove the malware, which is akin to locking the door after the horse is gone, as your files will by then be locked up tighter than a waterproof safe.

    The news came yesterday, via ZDNet, that Microsoft has “upgraded its malicious software removal tool to tackle TeslaCrypt, or Tescrypt as it calls it.”

    TeslaCrypt, a ransomware trojan, became big news early this year when it was found to be targeting computers with a variety of computer games installed. The malware evidently looks for file extensions associated with 40 or so games and encrypts them. The list of games infected includes such popular titles as Call of Duty, World of Warcraft, Minecraft and World of Tanks. From there, the scenario is all too familiar. To unencrypt, users must pay up — the going price is the equivalent of $500 in Bitcoins — to receive the decrypt key.

    While media mainly focused on the gaming aspect of TeslaCrypt, lulling non-gaming Windows users in to a false sense of security, it appears that the trojan also targets financial and tax software.

    Ho hum. Life as usual in the Windows world, eh?

    Trouble is, Microsoft began to notice a major uptick in detections of TelsaCrypt in late August, with the numbers rising from less than 1,000 detections daily to more than 3,500. This coincided with a report from the security company Malwarebytes, which detailed on August 27 a major ad based malware campaign using major news websites — including MSN.com — as drive-by delivery platforms.


  3. Microsoft update for Outlook 2011 on El Capitan doesn't fix problems
    APPLE ROLLED OUT the latest official version of its Mac operating system last week, but the update crashes Microsoft Outlook. Microsoft has since rolled out an update designed to fix the problem, but it does not appear to have worked.

    Microsoft released the Office for Mac 2011 14.5.6 update in response to hundreds of complaints that its email software constantly crashes on the latest Mac OS X El Capitan.

    "This update provides the following fixes to improve Mac OS X El Capitan compatibility. The hang situation that occurs during an account sync operation in Microsoft Outlook for Mac 2011 is fixed," Microsoft claimed.


  4. Cybercrime costs us dearly:study


  5. In 2015, your Windows PC can be owned by opening a spreadsheet
    Microsoft and Adobe have pushed out their scheduled monthly security updates, with familiar names like IE and Flash once again getting critical fixes.

    For Redmond, the October update brings fixes for 33 CVE-listed security vulnerabilities. The updates include a cumulative fix for Internet Explorer and patches to address critical flaws in Windows VBScript/Jscript for Windows Vista/Server 2008 and Windows Shell. Office, the Windows kernel, and Windows Edge also received fixes.

Recent Techrights' Posts

Nobody Denies That SecureBoot Will Cause Problems After September 11
Not even Microsoft
Gemini Links 06/09/2025: Infinite Scrolling and Posting from Emacs
Links for the day
Links 06/09/2025: GitHub Meltdown Over Slop, "U.S. Jury Says Google Should Pay $425 Million in Privacy Lawsuit"
Links for the day
Despite Its Severe Financial Problems Gnome Foundation Inc Paid Rosanna Yuen Over 100,000 Dollars Last Year
maybe relocation should be considered
The "Left" and the Right"
It poisons everything
Mozilla and Rust Are Not Leftists
they're part of the mass consumerism machine
Disposable to Microsoft
There is an extensive set of people who got used by Microsoft, only to be thrown away a month later or a year later or a decade later
The UEFI 9/11 - Part VII - This Coming Week Many PCs Will Refuse to Boot "Linux" (Because of Microsoft's Expired Certificate)
The real solution is, disable "secure boot" or "SecureBoot" while it's still possible. [...] Just like submarine patents, a lot of this problem was "hibernating" for a while
The Thing Nobody in Red Hat Wants to Talk About Openly
There is a real sentiment or worry among Red Hatters, Europeans and Americans in particulars (because of higher salary expectations)
Slopwatch: Small Parade of Fake News About "Linux" and Scams Borrowing the Name (or Word) "Linux"
In practice, LLMs are a risk
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 05, 2025
IRC logs for Friday, September 05, 2025
Genini Links 05/09/2025: Community, ROOPHLOCH, and PITkit
Links for the day
Links 05/09/2025: Vaccine Sceptics Poison the Well, Two Exploited Vulnerabilities Patched in Android
Links for the day
Gemini Links 05/09/2025: Logitech Lift and DIY Gemini Servers
Links for the day
Links 05/09/2025: Sainsbury's Caught Spying on In-Store Shoppers and Microsoft "OpenAI is Using Legal Threats to Harass its Critics"
Links for the day
BASIC Predates Microsoft by Over a Decade, Microsoft-Controlled Sites Like The Register MS Don't Want You to Know This
The state of the media is really bad when it relies a lot on oligarchs' money and is appointing editors who are working for oligarchs
Analogies for "Memory Safety" in Rust
Don't worry, it's Rust! It can do anything!
Brian Kernighan, "Only Third to Dennis Richie and Ken Thompson" (UNIX), Agreed With Someone Who Said Rust Was Just Hype, Should Not Replace C
17 hours ago
Reminder: Microsoft's "Secure Boot" Certificate for "Linux" Will be Expired in One Week
Many PCs won't manage to 'rotate' to another certificate
"Many of the Red Hat Employees Are Still Looking for Work"
Shame on IBM's CEO
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 04, 2025
IRC logs for Thursday, September 04, 2025
Microsoft Started With Code Literally From The Trash, Nothing Has Improved Since
The reality is, there are systems and code that are reliable. But they're not Microsoft's.
Hypothesis That New McKinsey/Microsoft Executive Inside Red Hat Will Outsource Research and Development Operations to India (Like They Do in IBM)
IBM is floundering
Slopwatch: Scams, Fake Articles About "Linux", Plagiarism, and Worse
Perhaps some time soon the LLMs or the "Big LLMs" will run out of money (to borrow) and go offline, leaving those slopfarms in a tough place
Gemini Links 04/09/2025: Means of Production and Rusting Out
Links for the day
Links 04/09/2025: Science, Hardware, and Eyes on China
Links for the day
Gemini Links 04/09/2025: Digital Minimalism and Social Control Media
Links for the day
IBM's GNU/Linux Divestment, Based on Hard But Anecdotal Evidence (IBM Fails to Recognise How Much Money It Made and Can Still Make From "Linux")
Love us or hate us, a lot of what we've been saying about Red Hat under IBM turns out to be rather accurate
Links 04/09/2025: Massive Microsoft Staff Cuts (Barely Reported), "Strange Conspiracy Theory Is Reportedly Spreading Inside OpenAI"
Links for the day
Activists Can Win, But Keep an Eye on the Ball and on the Trophy
GitHub is dying, it was a loss-making trap, not free hosting
Gemini Links 04/09/2025: Katrina Remembered, Distracted Driving, and Virtual Economics
Links for the day
At This Point It's No Longer Matthew Garrett But People Who Fund Matthew Garrett (or Companies That Fund His SLAPPs Against My Wife and I)
The only thing worse than misogynists are misogynists who fail to respect other people's right to go on holiday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 03, 2025
IRC logs for Wednesday, September 03, 2025
The UEFI 9/11 - Part VI - This Serious Harm Was Planned for Over a Decade, Not an Accident or Merely Some Misfortune
The term "Serious Harm" is legally meaningful here
GNOME Unfit for Diversity and Inclusion
GNOME's leadership is using "bad words"
Brodie Robertson Addressing the Recently-Discovered Comments
Most people probably knew nothing about this until he wrote a response
Red Hat QA Team "Had Shrunk by Half Over the Past Year." (After IBM Divestment)
If Red Hat's workforce is being moved to the East, then RHEL can become a national security problem
Slopwatch: "Open Source" and "Linux" News Faked, Made by Bots and Entered Into Google News
Spam combined with slop about "Linux" has entered Google News