06.20.19

Gemini version available ♊︎

Microsoft Attempting to Destroy the Careers of Its Critics, Including Free Software Proponents

Posted in Microsoft at 12:06 am by Dr. Roy Schestowitz

Cult-like tactics. Or doxing to secure bug doors. Is this what “business intelligence” was all along for?

Microsoft bullying

Summary: Microsoft isn’t changing and has not changed; the tactics described above are still being used, even by its “Open Source” (or “Open at Microsoft”) people, who did this to me

IT IS a small world after all. Someone in the Fediverse pointed out to me this new tweet about Microsoft bullying, which reminded me of these cult-like tactics Microsoft used against myself and others. From the original thread (there are also many comments in there):

I think you must be talking about CVE-2010-0232, it wasn’t 90 days, it was more like 180. This was at a time when Microsoft refused to release kernel patches outside of service packs. I begged Microsoft at multiple in-person meetings at Redmond to reconsider and patch, they simply refused and said there were would be repercussions if I disobeyed.
After four months of negotiations, I told that I’m going to publish it whether a patch was available or not. This didn’t have the effect I had hoped, they started threatening me instead. They called me and told me my career would be destroyed. In one particularly memorable call they told me that their PR and legal department only had two settings, “off and destroy” and (in a rather menacing tone) that they would “air my dirty laundry in public”. I still don’t know what that means.

I was shaken, but told them I’m still going ahead. They responded by calling everyone they knew at my employer demanding I was terminated.

There was a trivial mitigation, just disabling a very rarely used feature (vdm support for 16 bit applications). I made detailed documentation explaining how to enable the mitigation for every supported platform, and even made tutorial videos for Administrators on how to apply and deploy group policy settings.

Here are the instructions I wrote:

https://seclists.org/fulldisclosure/2010/Jan/341

And here’s a video I made showing how to apply the policy to a Windows Server 2003 machine like yours:

I sent these detailed instructions to all the usual places that advisories are published. I included a test case so you could verify if the bug affected you and verify the mitigation was correctly deployed. As you can imagine, Microsoft were furious.

I know it’s little comfort, but through some hard fought battles over the last decade we have reached the point that Microsoft can reluctantly patch critical kernel security bugs if given around three months notice. They still pull some dirty tricks to this day, you wouldn’t believe some of the stories I could tell you, but those are war stories for sharing over beers :)

It sounds like your attackers compromised you with an outdated wordpress installation, then gained privileges with this vulnerability. I’m not sure I agree the blame here lies solely with me, but regardless, I would recommend subscribing to the announce lists for the software you’re deploying. You could also monitor the major security lists for advisories related to the software you use. It’s high volume and varies in quality, but you can usually identify the advisories that apply to you easily.

We’ve documented many examples like it for over a decade (we’ve lost count!) and we have some wiki indexes for these. Incidentally, we’ve just added the “Librethreat Database”, contributed by an anonymous reader who is also a software developer working on GNU/Linux.

It’s very important to understand what Microsoft is up to; it’s not a friend, it’s just getting closer for the purpose of causing damage (from the inside). Earlier this month Dina Bass wrote a widely-syndicated (dozes of news sites) piece pretending that Microsoft was reaching peace and had already appeased its biggest critics. It’s a lie, but if the media keeps repeating this lie, then more and more people will believe it. To appease the Linux Foundation and OSI Microsoft just had to dump some money of them; that’s not about trust, it’s about corrupting people using money — not the same thing!

“Dina is on one,” Mitchel Lewis told us about this new tweet from Dina Bass. “She’s like their top 5 shill right now.”

“It’s very important to understand what Microsoft is up to; it’s not a friend, it’s just getting closer for the purpose of causing damage (from the inside).”Notice Mitchel Lewis responding to her Microsoft revisionism and white-washing. She has long worked as Microsoft’s de facto PR person, as we noted here before. She’s a “media insider”, just like Microsoft Peter. Several of our readers and active members theorised that Microsoft had long known about his pedophilia (he raped children) and used that to control him; we lack evidence to show/prove this, so we never entertained that angle. Some people urged us to explore that angle, but we never did. Someone told us a story to that effect involving a relative who had worked at Microsoft (and Microsoft used sexual means to manipulate him). Mr. Lewis said so himself and his claim is supported by what people told us over E-mail and IRC. This seems to be an unreported or grossly underreported issue that may or may not relate to manipulation of people through Code of Conduct, NDAs and so on. Mr. Lewis has meanwhile just published “Digital Oxy”, comparing Microsoft’s tactics to those of “legalised” drug dealing. It’s part of his ongoing series of articles exposing the true nature of the Microsoft monopoly — a subject he understands as a former insider:

Despite maintaining a portfolio of aging products that have never been as complex, buggy, vulnerable, or costly to manage as they are today, IT professionals around the world maintain that Microsoft products remain the best in their class. To their credit, Microsoft is the largest company in the world when measured by market cap, the prevalence of their products is undeniable, and Windows is still the de facto gaming platform, so it’s easy to see why so many are under this impression. But market cap, prevalence, and gaming are not the measures of all things and a different narrative immediately becomes apparent when relying on metrics that actually take consumer and business welfare into account to determine which is the best.

Case in point and despite their prevalence or market cap, one would have to scrape the proverbial barrel in order to find a metric that favors Microsoft mainstays relative to their competition when evaluating them based on metrics emphasizing on business welfare that prioritize quality, productivity, simplicity, security, supportability, etc. This is so much the case that, IBM, the inventor of PCs, noticed a reduction in ownership costs to 1/3 that of Windows PC users by migrating users to the Apple ecosystem; which is significant amount of disparity in an industry where even a 1% savings will make executives randy.

[...]

Although many interpret the present complex, buggy, vulnerable, and costly state of Microsoft solutions as the product of ignorance and apathy, these aren’t the actions of a firm ignorant to software engineering best practices. It actually requires a high-level understanding of software to engineer it for entrenchment, dependence, and lock-in, let alone build an extensive partner network to distribute it through and Microsoft’s market performance is a testament to this, not an exception.

No differently than Purdue Pharmaceutical being dependent on a network of profiteering drug dealers masquerading as doctors, it seems as if Microsoft is dependent on a conflicted network of maladapted experts entrenching their own products throughout industry just the same. When combining such a conflict of interest with products streamlined for entrenchment in a woefully under-regulated industry, Microsoft’s success, the prevalence of Windows, and their staying power throughout industry instantly becomes much more palpable and markedly less ethical.

We can warmheartedly recommend his other writings, which we sometimes cite.

Don’t believe that because Microsoft changed (yet again) its logo and CEO it means different tactics and intents. Bill Gates is still in charge of Nadella and can fire him at any time (through the Board). The same people are in charge and they’re still ruthless and manipulative. The software and services are technically shoddy, but we prefer focusing on ethics.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Links 01/02/2023: Stables Kernels and Upcoming COSMIC From System76

    Links for the day



  2. IRC Proceedings: Tuesday, January 31, 2023

    IRC logs for Tuesday, January 31, 2023



  3. Links 31/01/2023: Catchup Again, Wayland in Xfce 4.20

    Links for the day



  4. Links 31/01/2023: elementary OS 7

    Links for the day



  5. Intimidation Against Nitrux Development Team Upsets the Community and Makes the Media Less Trustworthy

    Nitrux is being criticised for being “very unappealing”; but a look behind the scenes reveals an angry reviewer (habitual mouthpiece of the Linux Foundation and Linux foes) trying to intimidate Nitrux developers, who are unpaid volunteers rather than “corporate” developers



  6. Links 31/01/2023: GNOME 44 Wallpapers and Alpha

    Links for the day



  7. Free and Open Source Software Developers' European Meeting (FOSDEM) and KU Leuven Boosting Americans and Cancellers of the Father of Free Software

    The Free Software Foundation (FSF) and its founder, Richard M. Stallman (RMS), along with the SFLC one might add, have been under a siege by the trademark-abusing FSFE and SFC; Belgium helps legitimise the ‘fakes’



  8. Techrights in the Next 5 or 10 Years

    Now that I’m free from the shackles of a company (it deteriorated a lot after grabbing Gates Foundation money under an NDA) the site Techrights can flourish and become more active



  9. 60 Days of Articles About Sirius 'Open Source' and the Long Road Ahead

    The Sirius ‘Open Source’ series ended after 60 days (parts published every day except the day my SSD died completely and very suddenly); the video above explains what’s to come and what lessons can be learned from the 21-year collective experience (my wife and I; work periods combined) in a company that still claims, in vain, to be “Open Source”



  10. IRC Proceedings: Monday, January 30, 2023

    IRC logs for Monday, January 30, 2023



  11. Taking Techrights to the Next Level in 2023

    I've reached a state of "closure" when it comes to my employer (almost 12 years for me, 9+ years for my wife); expect Techrights to become more active than ever before and belatedly publish important articles, based on longstanding investigations that take a lot of effort



  12. The ISO Delusion: When the Employer Doesn’t Realise That Outsourcing Clients' Passwords to LassPass After Security Breaches Is a Terrible Idea

    The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that



  13. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day



  14. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”



  15. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day



  16. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023



  17. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"



  18. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.



  19. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software



  20. Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

    Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here's what that did to my life.



  21. Stigmatising GNU/Linux for Not Withstanding Hardware Failures

    Nowadays "the news" is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor 'report' about "Linux servers" failing to work



  22. Microsofters Inside Sirius 'Open Source'

    Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it



  23. Links 29/01/2023: GNOME 43.3 Fixes and Lots About Games

    Links for the day



  24. The Hey Hype Machine

    "Hey Hype" or "Hey Hi" (AI) has been dominating the press lately and a lot of that seems to boil down to paid-for marketing; we need to understand what's truly going on and not be distracted by the substance-less hype



  25. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023



  26. Unmasking AI

    A guest article by Andy Farnell



  27. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage



  28. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day



  29. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023



  30. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts