Bonum Certa Men Certa

Is Microsoft a National Security Threat?

Reprinted with permission from Mitchel Lewis

Ransom infection vector



Despite entire industries and trade disciplines existing solely to manage Microsoft architecture and mitigate attacks against it, including a partner network consisting of 17 million+ IT professionals, 99% of all ransomware attacks still occur on Windows. Meanwhile, Microsoft architecture, including its cloud services, maintains a monopoly on botnet, brute-force, malware, phishing, virus, and zero-day attacks just the same. From individuals and small businesses to enterprises and government entities with unlimited IT budgets, everyone standardized on seemingly unsecurable Microsoft architecture are being phished, breached, exploited, and ransomed daily with no end to this in sight. Not even Microsoft is safe from this digital blitzkrieg, hence why they tell us to “assume breach”.



This isn’t to say that Linux OSs and macOS don’t see these attacks on their platforms though; they have and will again. Long-term savings and productivity advantages aside, they just don’t garner the same level of attack that Windows does, nor are they as likely to get exploited at the same rate as Windows when they are attacked. Put simply, Mac and Linux have a smaller attack surface and get to treat Windows like an umbrella against attacks due to its prominence in the OS space. Both of which are the two primary reasons why I maintain that the best thing that organizations can do to mitigate these attacks, for now at least, is to migrate away to macOS or a Linux-based operating system such as RedHat, CentOS, Ubuntu, etc.

With the above in mind though and when also accepting that there is no aspect of cyber, economic, environmental, homeland, human, and political security along with the security of our infrastructure and natural resources, national security if you will, that isn’t intricately dependent on Microsoft architecture, this reality alone is more than enough to warrant a discussion on whether or not Microsoft architecture is a consequent threat to national security. So, is Microsoft a threat to national security?




In order to answer this question, we first have to address why Windows and other Microsoft services are being breached so often in the first place. We have to see if they can be faulted for this present state, if there is another causal problem that’s beyond their control, or if anyone with their market share is destined to be a victim of their own success and dominance. And to be fair, not everyone will agree with my assessment above or below.

MalwareTech

For one and in response to a previous article where I suggested migrating to macOS and Linux to mitigate these aforementioned attacks, Michael Gillespie, and Marcus Hutchins (MalwareTech) seem to think that Microsoft architecture is exploited most frequently simply because it is the most prominent architecture and that migrating wouldn’t render you any less vulnerable. Put simply, they seem to think that differing attack surfaces are irrelevant to rates of exploitation and that macOS would be exploited at the same rate as Windows if the tables were turned with respect to market share.

Meanwhile, I’m not denying that that prominence is a factor, at all, I’m just saying that attack surface is on the same footing as prominence and that other solutions with smaller attack surfaces will be attacked and exploited at a lesser rate with the same market share which they disagreed with. However, it is also my stance that Microsoft’s anti-competitive practices aimed at obtaining and maintaining their dominant market share with low-quality products has further exacerbated this issue into what we have before us today; more on this later.

Why this matters to the question of whether or not Microsoft is a national security threat is simple. By suggesting that Microsoft is merely a victim of its own success and that anyone with their market share would see the same rate of exploitation, they’re also absolving Microsoft of responsibility for the present state of threat. But by suggesting that Microsoft’s galactic attack surface is equally responsible with their dominance for their security woes and that Microsoft wouldn’t be in the position they are in now if they had quality products that didn’t have to rely on anti-competitive practices to maintain market share, I’m naturally shouldering Microsoft with their share of the blame in the threat posed to America’s IT infrastructure at present.

One immediate problem with the prominence argument though is that those relying on it seem to resort to it in response to the suggestion of migrating to macOS or RedHat in an effort to mitigate attacks. If you really think about it though, this is irrational and shouldn’t discourage anyone from making the switch. Based on their own logic, Mac and RedHat users would still be much better off than Windows users so long as Windows remains dominant and continues to take all of the flak and function as an attack umbrella.

That said, I’m failing to see how this argument is relevant to their stance, how it invalidates my suggestion, or how it could discourage anyone from migrating to Mac or Linux so long as Windows maintains a dominant market share. If anything, those leveraging this argument seem to be unwittingly reinforcing my suggestion of treating Windows like an umbrella; all of which I’m totally fine with.

Another odd aspect of the prominence argument is that I have yet to see an actual post-mortem or a root cause analysis faulting the dominant market share of Windows as a causal reason for <insert any breach/exploit/ransomware attack here>. In fact, Microsoft doesn’t even take the prominence stance. Instead, their root cause analyses focus on the attack surface, mistakes/oversights, mitigation steps, etc. The anatomy of a breach is never reduced to “They hate us because they ain’t us.” by people who are actually paid to do RCAs for a living as Hutchins and Gillespie suggest; if only it were that simple.

Another major flaw in the prominence fallacy is that those invoking it are unwittingly implying that attack surface has no bearing on rates of exploitation or that the attack surface of each of these platforms is equal; which is bold to say the least. For one and given that attack surface is a function of the overall complexity of their infrastructure, no differently than ownership costs and instability, they might as well be suggesting that all platforms are equally stable with no variance in ownership costs; none of which could be further from the truth.

IBM chart

With Windows generating 3x+ the TCO that MacOS/Linux does, analysts can and do infer this is a reflection of disparity in relative complexity, attack surfaces, and stability because they all come hand in hand. Put simply, if one architecture generates significantly more ownership costs more to maintain over its lifespan than another, it’s rational to assume this is due to it being poorly engineered, consequently overly complex, and unstable; attack surface or otherwise. This is what software engineers refer to as software entropy.

And if they’re going to imply that attack surface doesn’t influence rates of exploitation then the onus is on them to support this stance with data and research. Just as complexity driving cost, instability, and attack surface is fundamental to engineers, so is a ballooning attack surface driving rates of exploitation. This is why engineers treat simplicity like their North Star. That said, great claims that run contrary to fundamentals and conventional wisdom tend to require great amounts of evidence; none of which has been furnished.

On top of lacking a fundamental precedent, yet another oddity of the prominence fallacy is that it lacks historical precedent. It’s important to remember that we’ve only lived in an Information Age with Microsoft at the top. We’ve never lived in a connected world with another OS dominating the market, it’s always been Windows. As such, to say that this would be the case for anyone at the top is a conjecture on its best day.

It’s almost scraping the barrel at this point, but yet another problem with the prominence fallacy is that it ignores how Microsoft obtained its dominant share of the market and why they had to resort to these tactics in the first place. Not only is it Microsoft’s modus operandi to rely on anti-competitive tactics to obtain and maintain a dominant market share, a monopoly if you will, they only have to rely on said tactics because their products couldn’t garner this market share on merit alone.

Natural selection applies to free markets in that the fittest products will naturally dominate a free market. That said, the best architecture would dominate a market naturally and wouldn’t need to resort to anti-competitive practices. And if Microsoft were the best in class, then they wouldn’t need to be optimizing their architecture for lock-in while bullying or buying out their competition at every avenue as they are today. They wouldn’t need to implore their partners to “create stickiness” by entrenching their products to further inflate switching costs.




All said, it’s safe to say that Microsoft is by no means a victim of their own success here so much as they’re a karmatic victim of their own anti-competitive practices and low-rent approach to software engineering; a digital Icarus complex if you will. There is much that Microsoft can do but doesn’t to simplify their products, shrink their attack surface, reduce ownership costs, reduce their rate of infection, and reduce the consequent threat that they present to America and the world. And to say that they aren’t complicit in the security threat that their architecture poses to America borders on the insane. But does the current level of threat that Microsoft poses constitute them as being a national security threat?

Although I’m not an expert in this regard, those that are have a few qualifying questions in order to really answer this question. IE, in order to classify Microsoft as a threat to national security, threat analysts would have to ask if Microsoft’s undue vulnerability and inorganic prominence mentioned above is a critical threat to our cyber, economic, environmental, homeland, human, and political security along with our infrastructure and natural resources.

Even Microsoft would claim that their architecture is detrimental to all of the aforementioned aspects of national security though. And given the extent of Microsoft architecture throughout personal, industrial, and governmental sectors and its rate of exploitation, it’s hard to see how Microsoft doesn’t expose all of these aforementioned categories to undue risk; a threat if you will.

Further, there is nothing to suggest that a platform with a smaller attack surface won’t have a lower rate of exploitation with the same market share while fundamentals and conventional wisdom suggest smaller attack surfaces lead to lower rates of exploitation. And as a consequence of this, it’s probably safe to say that Microsoft and its architecture is indeed a national security threat in comparison to less prominent Linux and Mac alternatives.

And given that ransomware and anti-trust has already been deemed a threat to national security, it’s not much of a stretch, at least in my opinion, to extend this classification to Microsoft when considering their history with anti-trust and monopoly on exploitation. Nor is it a stretch to suggest migrating onto modern platforms rather than crying about it to the competition exploiting weaknesses; no differently than we do with other critical infrastructure. This is why we rely on nuclear subs now instead of wooden ships.

It’s not a coincidence that the same countries exploiting the US as a whole, China and Russia, are the same countries moving to Linux as I’m typing this. It’s not just about cost-savings and productivity for justifying this move though. And mitigating the risk that Microsoft architecture poses to their national security also happens to be a primary motivating force behind their migrations. Maybe they understand something about Microsoft architecture that America is still slow to realize?

I digress, but even if my assessment above is wrong, prominence is all that matters, and Microsoft isn’t a national security threat, individuals and organizations alike are still better off abandoning the Microsoft ecosystem on any scale in favor of more modern alternatives for the foreseeable future. Although Microsoft gets a lot of criticism for the low quality of their products, hence the persistent updates (552 in 2021 thus far) and a revolving door of CVEs, few seem to see the genius behind them. Microsoft doesn’t need to maximize quality or even compete on that field of play when they can render entire organizations dependent on products of less quality.

Because of this, organizations relying on Windows will have a hell of a time migrating away from Windows and the rest of the Microsoft ecosystem which means that they’re naturally going to drag their toes in doing so; the bigger they are, the slower any attempt at a migration will go. In turn, this means that there is plenty of time for those that can easily migrate away from the madness and insecurity of the Microsoft ecosystem as a means of sheltering themselves from a barrage of attacks safely in the shadow of Microsoft for the time being.

Recent Techrights' Posts

They Tell Us That "Cloud Storage" is Safe and Robust to Incidents Like Fires
Do you have backups? Where are they and who controls them?
Next Month 'New Techrights' Turns Two
Next month, on the fourth week, it'll be 2 years since the migration
 
Microsoft's Stock is Like a Religion, Microsoft Goes Into 'Hiding' (From Shareholders)
like a religious person or devout believer, the media just parrot anything Microsoft says
Links 04/08/2025: 80 Years Since Last Nuclear War, IPv6 in China
Links for the day
Groklaw Static Site Relaunches With New Theme, But Many Pages and All the Comments Are Missing
We suppose that's still a lot better than the site being offline, as it was for several months
"For Five decades; For freedoms; For all users" (Original EMACS Turns 50 Next Year)
Linus Benedict Torvalds was only 6 when EMACS started
In Spain, Microsoft's Search Engine Market Share Fell to 2%
16 years have passed since Bing was introduced
Protecting GNU/Linux-Centric Journalism From Serial Sloppers
Unoriginal slop is taking away traffic from the people who did all the real work
It Looks Like Managers at Oracle Now Use LLM Slop to Write Blog Posts
Did he cheat by prompting LLMs for mindless text "filler"?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, August 03, 2025
IRC logs for Sunday, August 03, 2025
Gemini Links 04/08/2025: Qubes OS and Curious crypto case of certificates (CCCC)
Links for the day
"Allowing SDL to default to Wayland caused a number of customer issues so keep the default at X11 for now"
2025 is another year of Wayland ambitions. It's also a year of self-fulfilling prophecies.
In The United Kingdom (UK), Microsoft Search (Bing) Falls to All-Time Low
Grow? What grow??? It's collapsing.
GNU/Linux Reaches 5% in Oman
Some GNU/Linux distros are made in Oman
Google's "AI Mode" is a Pathetic Joke Prematurely Introduced in the UK (Like "Bard", Which Sank the Company's Shares)
what Google "thinks" about PCLinuxOS
What the Free Software Foundation Started Four Decades Ago is Becoming Mainstream
"Four decades; Four freedoms; For all users"
Doing a Better Job at Labelling Slop Images
we'll label screenshots that contain slop, typically with red-coloured text overlay
Social Control Media is Out of Style
What's your excuse for wasting time on (or in) it?
Maldives: GNU/Linux at All-Time High, Windows at New Lows
data from statCounter shows a reassuring trend
Efficiency is Good, So Why Won't Governments Cull LLM Companies Using Stronger, Stringent Policies?
Like every bubble that ever existed, including some recent ones, an end will come
The Defunct Site LinuxConfig Has Published a Fake Article About Richard Stallman Using LLM Slop, Which Stallman Calls "Bullshit Generator"
Worse yet, it is writing using a "Bullshit Generator" (the term used by Stallman) about Stallman's health
Microsoft Windows Falls to All-Time Lows in Morocco and Algeria
About 70% or even less
StopGenAI in the Cyber Show (C|S)
covering a theme that we too covered a lot lately
Gemini Links 03/08/2025: Once-a-Decade Couch Shopping and Blessings in Disguise
Links for the day
Links 03/08/2025: Political Catch-up, Global Warming, and Hunger
Links for the day
Brittany Day Entered LLM Slop Into LinuxSecurity.com and Something Hilarious Happened: The Site is "Exploited"
The brainless, effortless copypasta of "slop artists" shows its limits
Links 03/08/2025: Microsoft Exchange 0-day Exploited and Avoidable Nuclear Escalation
Links for the day
Definitely Not a Ponzi Scheme
Bitcoin v Microsoft
Online Safety Act Tries to Accomplish the Impossible
All I can say is, "good luck with that!"
The Electronic Frontier Foundation (EFF) is a Billionaires' Lobby
Billionaires that control tech companies
Microsoft Borrows 3 Billion Dollars Per Month, a Company Truly Worth Trillions Would Not Do This
if Windows (and Office) "market share" fell from about 90% to barely 30%, how come Microsoft is now "valued" at 20 times more?
It's Even Worse Than Microsoft Lunduke Puts It; GNOME is SLAPPing Journalists
In our experience, GNOME is so malicious - some elements of it in particular - that it would launch multiple simultaneous SLAPP campaigns not only against journalists but also their spouses
GNU/Linux Adoption Reaches All-Time Highs in Chile, statCounter Indicates
This month marks 4 years since Vista 11 came out (as a fake "leak") and some surveys still measure its adoption at less than 40%
Slop Will Not Change the World
Some of us grow up sooner and leave that nonsense behind (or altogether avoid/skip it)
Gemini Links 03/08/2025: Nostalgia and TOFU
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, August 02, 2025
IRC logs for Saturday, August 02, 2025
Google Throwing Out the Search Engine With the Bathwater is a Complete and Utter 'Shi---ow' as the Company Drowns in Debt, Layoffs, and Worse
The mainstream media almost never mentions GAFAM debt
Operating Systems' Statistics in New Zealand: GNU/Linux Up, Windows Down to All-Time Lows
Remember all this when the media says that Microsoft became like 10 times more valuable in those 15 years (from 400 billion to 4,000 billion in alleged "worth")
Microsoft Windows "Market Share" Measured Around 2.7% in Iraq, Plunges to 6.5% in Saudi Arabia
Microsoft isn't on the agenda in Iraq
GNU/Linux Share in Sweden Has Doubled Since PewDiePie, A Swede, Recommended It
months ago he moved to GNU/Linux, then told others to consider doing the same
GNU/Linux Hits Record High in Portugal
GNU/Linux picking up in Portugal
Gemini Protocol is Not Dying, It's Growing
When people say things like "Gemini Protocol is dying" the data does not support them
GNU/Linux is Thriving This Summer
It is meanwhile acknowledged, even by Microsoft pushers, that many GNU/Linux PCs will get sabotaged next month
The End of Microsoft's Reign in Spain: Windows Falls to All-Time Lows in Spanish Web Traffic
Windows sank to new lows in Spain
The Bots Never Sleep: In The Weekends, Slopfarms Dominate Google News, Majority of Entries in Google Are Fake Articles About 'Linux'
Google is fast becoming an ocean of plagiarism; the same goes for Google News, which was supposed to have extra quality control
Russia's Yandex Has Caught Up With Bing in Terms of "Market Share"
Microsoft has been firing loads of Bing workers for over 2 years already
Canada: GNU/Linux Up to Records Highs, Windows Down to Record Lows
Microsoft already announcing some plans to shut down Vista 11
Gemini Links 02/08/2025: Transducers in Typed Racket and American ISPs
Links for the day
Links 02/08/2025: Microsoft Already Kills Vista 11 SE, Smartphone Sales Down, Truth Gets "You're Fired!" in the US
Links for the day
Video: The Rise of GNU/Linux and Free Software as Seen by RMS in 2004
DTP's founder argued that when Windows goes below 85% "market share", it'll lose its grip in the monopoly sense
Russia: GNU/Linux Rises to Highest Adoption Level Since Invasion of Ukraine
Moving up in the north
Microsoft's Latest Financial Report: We "Gained" 300 Million Dollars in "Goodwill" and Liabilities Grew by 32 Billion Dollars
Microsoft's debt has reached an all-time high
The Register US = The Register MS
Formerly The Register UK
Weeks After Microsoft Shut Down Its Operations in Pakistan Windows Falls to All-Time Lows
Only less than a month ago it was quietly revealed, based on laid-off staff, that Microsoft shut down in Pakistan
Criminal Behaviour is the Standard Operating Procedure at Microsoft
In the future I'll be able to tell how, when dealing with SLAPPs from Microsofters, their Microsoft services failed me and sometimes even blocked my contacts
GNU/Linux Rises to All-Time Highs in Europe
many people will get fired for buying Microsoft
All-Time Highs for GNU/Linux on the Client Desktop/Laptop, Based on Steam Survey
GNU/Linux rose to 2.89% in Steam
Links 02/08/2025: Blaugust 2025 and "Russia Declares Navalny Memoir ‘Extremist’"
Links for the day
Free Software is Not a Business Model
Go ahead, ask your friend, "how do you plan to monetise your children?"
When (Almost) One-Man Operations Are Disguised as Medium-Sized Companies
the CEO hides in the US (hiding from his ex-wives, 4 daughters from those wives, and Sirius staff that he defrauded)
LLM Slop Harms Real Literature, Real Web Sites, Real Journalism
LLM slop is a parasite and it'll run out of legitimate outputs
Upcoming OSI Scandal Series
The OSI is a rogue actor because it serves Microsoft in exchange for money
Slopwatch: The Issue Persists, But the Consensus in the Media Changes as Google Enrages It With LLM Plagiarism
We've meanwhile assessed the latest output from Linuxiac
Microsoft Actually in Trouble, Microsofters Unable to Obey Judges' Orders
For the second time in a week, Microsofters are unable to obey orders
IRC Proceedings: Friday, August 01, 2025
IRC logs for Friday, August 01, 2025
Over at Tux Machines...
GNU/Linux news for the past day
Links 02/08/2025: İstanbul Retail Inflation Reaches 42.48%, US FBI Opens Office in New Zealand
Links for the day
Gemini Links 02/08/2025: ZFS, LLM Hype, and Fake Modules
Links for the day