10.16.15
The Insecurity of Windows Made Ever More Apparent as Even Microsoft Infects Its Own Operating System
Windows doesn’t have bugs, it is a bug (mass bugging without a warrant)
Personal Computer (PC)? Microsoft software acts more like an impersonal covert listening device.
Summary: Why any remnant of the perception of Windows security is simply misguided and unjustified, as recent stories serve to demonstrate
IT IS WIDELY known by now that Microsoft and the NSA collude or secretly cooperate so as to enable remote access into Windows and other Microsoft software/services, such as Skype. Microsoft appeases its government not just by lobbying but also by habitual snitching that helps preserve (sometimes enhance) power. Some say that this is how (and when) the antitrust case got scuttled and those who pardoned Microsoft moved on to secretive FISC/FISA courts (see the curious judges overlap). When they talk about security they mean “national security” and when they utter the word trust they mean “the government [or a corporation] trusting computer users.” It’s all in reverse. Back doors are “security” and “trust” is distrust. Windows is a digital surveillance apparatus on computers with cameras, microphone, etc. (no need for anything sophisticated and expensive like laser microphones).
“Windows is a digital surveillance apparatus on computers with cameras, microphone, etc. (no need for anything sophisticated and expensive like laser microphones).”Malvertising, or Windows malware for financial gain [1], made it into the news earlier this week. “Microsoft Infects Windows Computers With Malvertising” [2] was the headline from FOSS Force and it turned out that Outlook, which sports back doors, remains defective without remedy even on UNIX platforms [3]. The problem isn’t just Windows but Microsoft’s proprietary software as a whole. Who does this whole chaos serve if not an imperial espionage operations? Some are rushing to spin this and they are blaming computers as a whole [4], but obviously there is something to be said about Microsoft making its software deliberately NOT secure. Even file formats are still acting as back door enablers [5] (“In 2015, your Windows PC can be owned by opening a spreadsheet”). We already know, based on many news reports, about FBI (or equivalents) sending malicious files to surveillance targets who foolishly use Windows.
Come on, let’s not pretend that Windows can even be made secure. The objective of the operating system is not security. “Our products just aren’t engineered for security,” a Windows manager once stated publicly. That was before the NSA leaks and after Microsoft and the NSA had reportedly colluded to put back doors inside Windows (1999). █
Related/contextual items from the news:
-
Daily Mail readers should be worried about the Angler exploit kit
MY, HASN’T THE ANGLER EXPLOIT GROWN? The overseas malware security threat has been caught flashing its side boob at the Daily Mail and affecting UK citizens with a foreign security threat.
[...]
“Malvertising has been one of the main infection vectors and continues to affect large publishers and ad networks through very distinct campaigns, very much like a whack-a-mole game,” Malwarebytes said.
“In addition to spreading via compromised websites, Angler leverages malvertising thanks to several different threat actors who use clever ways to go undetected as long as possible or are able to quickly adapt and get back on their feet if one of their schemes gets too much attention and is disrupted.”
-
Microsoft Infects Windows Computers With Malvertising
I thought about ignoring this one and letting it slide, but it’s too priceless, too typically Microsoft, not to pass on. It seems that Redmond has been inadvertently infecting Windows computers with ransomware through its MSN website. Not to worry, however. The company is happy to hand you a tool to remove the malware, which is akin to locking the door after the horse is gone, as your files will by then be locked up tighter than a waterproof safe.
The news came yesterday, via ZDNet, that Microsoft has “upgraded its malicious software removal tool to tackle TeslaCrypt, or Tescrypt as it calls it.”
TeslaCrypt, a ransomware trojan, became big news early this year when it was found to be targeting computers with a variety of computer games installed. The malware evidently looks for file extensions associated with 40 or so games and encrypts them. The list of games infected includes such popular titles as Call of Duty, World of Warcraft, Minecraft and World of Tanks. From there, the scenario is all too familiar. To unencrypt, users must pay up — the going price is the equivalent of $500 in Bitcoins — to receive the decrypt key.
While media mainly focused on the gaming aspect of TeslaCrypt, lulling non-gaming Windows users in to a false sense of security, it appears that the trojan also targets financial and tax software.
Ho hum. Life as usual in the Windows world, eh?
Trouble is, Microsoft began to notice a major uptick in detections of TelsaCrypt in late August, with the numbers rising from less than 1,000 detections daily to more than 3,500. This coincided with a report from the security company Malwarebytes, which detailed on August 27 a major ad based malware campaign using major news websites — including MSN.com — as drive-by delivery platforms.
-
Microsoft update for Outlook 2011 on El Capitan doesn’t fix problems
APPLE ROLLED OUT the latest official version of its Mac operating system last week, but the update crashes Microsoft Outlook. Microsoft has since rolled out an update designed to fix the problem, but it does not appear to have worked.
Microsoft released the Office for Mac 2011 14.5.6 update in response to hundreds of complaints that its email software constantly crashes on the latest Mac OS X El Capitan.
“This update provides the following fixes to improve Mac OS X El Capitan compatibility. The hang situation that occurs during an account sync operation in Microsoft Outlook for Mac 2011 is fixed,” Microsoft claimed.
-
Cybercrime costs us dearly:study
-
In 2015, your Windows PC can be owned by opening a spreadsheet
Microsoft and Adobe have pushed out their scheduled monthly security updates, with familiar names like IE and Flash once again getting critical fixes.
For Redmond, the October update brings fixes for 33 CVE-listed security vulnerabilities. The updates include a cumulative fix for Internet Explorer and patches to address critical flaws in Windows VBScript/Jscript for Windows Vista/Server 2008 and Windows Shell. Office, the Windows kernel, and Windows Edge also received fixes.
Content is available under CC-BY-SA