01.11.21

Marketing Companies (Disguised as News Sites) Badmouth Linux, Go, Monero and More

Posted in Deception, FUD, GNU/Linux, Marketing, Security at 7:12 pm by Dr. Roy Schestowitz

Video download link

Summary: Another day, another shallow piece associating “Linux” with security risks based on something that has nothing to do with GNU/Linux and generally boils to nothing like a real threat (unlike Windows back doors)

THE so-called ‘tech’ media (or so-called ‘news’ sites) aren’t quite what they seem. The above is one typical example. A culmination of several recent “dark PR” campaigns against Go(Lang) and likely Monero as well as Linux have led to this ‘all-in-one’ FUD piece which we mentioned in our latest Daily Links. Looks like Trend Micro marketing. Like Infosecurity, they’re calling a whole bunch of Windows threats "Linux" and pretend that just because someone out there can write a malicious program and users can run that program (or misconfigure a system to allow remote access) it makes Go and Linux (or even Monero) dangerous. The code is hosted by Microsoft by the way.

01.06.21

Video: Marketing Companies in ‘News’ Clothing

Posted in Deception, FUD, Marketing, Microsoft, Security at 2:29 pm by Dr. Roy Schestowitz

The case of ‘info’ ‘security’

Video download link

Summary: Hours ago this article was bumped up by Google News; it’s a classic example of PR/face-saving puff pieces in ‘news’ clothing

01.01.21

Here Comes Again the False Parity (Comparing GNU/Linux Security to That of Platforms With NSA Back Doors)

Posted in FUD, GNU/Linux, Kernel, Security at 10:13 am by Dr. Roy Schestowitz

Video download link

Summary: Contrary to what lousy and sleazy sites claim about “Linux” (in order to sell highly misleading agenda/impression and false claims, or push ads based on provocative click-baiting), bad practices and/or clueless admins/users are to blame for what constitutes security breaches in the Free software world, unlike back doors in proprietary software (sometimes mandated by authorities)

IT is hardly a secret that despite the fact nation states bemoan security problems they themselves are the bigger/biggest contributors to security problems. They want back doors in virtually everything, ranging from operating systems to encryption algorithms. Microsoft is one of their biggest facilitators if not by far the biggest.

“They want back doors in virtually everything, ranging from operating systems to encryption algorithms.”According to some so-called ‘news’ [1, 2, 3], security is impossible and “Linux” is just as bad as Windows. This is the sort of message they recycle as Microsoft reveals (when everyone is on holidays) how badly screwed they are, how Azure got cracked (Azure also has layoffs, but they don’t want anybody to mention that), and how we’re supposed to think that it’s not Microsoft’s fault. I recorded this video without any preparation, so it’s a bit of a rant.

This relates to this recent article and video.

12.19.20

Microsoft Security Theatre and Microsoft-Funded Media Frenzy That Stigmatises “Linux”

Posted in Deception, Free/Libre Software, FUD, GNU/Linux, Microsoft, Security at 7:29 pm by Dr. Roy Schestowitz

An old lock

Summary: Misinformation about security is all too common in today’s media; the goal is to get people to embrace software with back doors and surveillance, falsely believing that it guarantees privacy and autonomy

THERE’S security, there’s false or pseudo security, blatant insecurity (not even advertised as real security), “national security” (typically means back doors), and all sorts of other nonsense.

Encryption is maths, not a myth. And it’s a science; there’s logic behind it. Those who speak of “weakening encryption” or anything along those lines basically speak of eliminating encryption, not weakening it. To claim that it’s possible to allow one entity to undermine encryption but not others is extremely dishonest. Like DRM schemes, it’s only a matter of time before it’s rendered obsolete. “Nothing protected by Widevine, FairPlay, or PlayReady ever delays the video surfacing on bittorrent sites,” Ryan notes.

The notion that the government can take away security while still preserving general security is a mirage; it’s largely responsible for the security mess we’re often reading about in the corporate media. But blame is being misplaced. How can we securely bank online using encryption that has back doors in it? Moreover, if the servers have back doors in them, should we not expect data breaches to become inevitable?

“The bank is a backdoor,” Ryan notes. “They are legally required to report suspicious transactions and large amounts of cash activity to the federal government immediately.”

When it comes to Free software, transparency (for audits among other things) ensures that back doors in encryption will be easy to see. One can even compile the code for oneself, having audited it, just to ensure the build system and the build process are intact.

There’s no need to make guesses about Microsoft back doors because in 2013 Edward Snowden leaked proof of it. Corporate media likes to pretend that this is “old news” and no longer relevant, albeit there’s nothing whatsoever which can suggest a change, so we must assume the same facts are still applicable. One reader of ours wrote regarding a subject covered some days ago in a short video:

OVERVIEW

This article is a bit of an overview over a few web pages that revolve around GNU/Linux security; it’s actually more about misinformation on the topic of GNU/Linux security.

The discussion is an overview of articles such as:

• A0: http://techrights.org/2020/11/07

• A1: https://threatpost.com/gitpaste-12-worm-widens-exploits/162290/

• A2: https://www.bleepingcomputer.com/news/security/new-windows-info-stealing-malware-may-soon-target-linux-macos/

• A3: http://techrights.org/2020/12/13/human-error-zdnet/


ATTACKS BY PROXY.

Seen from A0, A1, and A2, we see an example of attacks (propaganda) about GNU/Linux by proxy. Just because something ported to GNU/Linux (or any other operating system) is insecure, doesn’t mean GNU/Linux is insecure. This kind of attack by proxy is a standard propaganda weapon. You could call this kind of propaganda straw man arguments.

INSECURE CONFIGURATION DOES NOT EQUAL INSECURE SOFTWARE.

Seen from A3, we have another form of “attack by proxy”; it’s worth talking about this special case of straw man argument. Propaganda like A3 boils down to person(s) implementing insecure configuration of software. The underlying software is not to blame. But here we see propaganda such as A3 attacking software when the person(s) configuring the software are to blame.


WHERE TO GO FOR SECURITY ADVICE?

Security advice should be taken from people that work on security – not propaganda websites. Forums, IRC chats, email lists and such, for the SPECIFIC software are the right place to ask for advice. Mistrust everything you read, by default; this is generally the best security advice you can get. A lot of software projects have dedicated communication channels for their users; this is a good place to hang out or drop in, when you want security advice.

Ask people with provable record working on security.

With the above information, you should be better-equipped to protect yourself from malicious propaganda.

Moments ago in IRC Ryan spoke about some of the latest FUD in the media, along with PR stunts about “secure” chips. “This attitude at Microsoft has only changed to the extent that there’s security theater now and they pay off the fake news to say “PC problem” and everything open source is “Linux”,” he said. “Not only this, but Microsoft wants to port “Defender”, a backdoor and a piece of spyware, to Linux, which is not really having too much of a problem with malware,” he added. Here’s the full text of his rant:

Whenever security and usability/backwards compatibility (even with serious mistakes) clash at Microsoft, security loses.

This is the company that hooked up Windows 98 and even XP to the internet with no security model, administrator logins for everyone, and no firewall.

Then waited until the news was actually reporting on what a worm farm Windows had become and how once you had it connected to the internet, it was a matter of about 3 minutes before it was infected.

This attitude at Microsoft has only changed to the extent that there’s security theater now and they pay off the fake news to say “PC problem” and everything open source is “Linux”.

Every day, we find out that the cyberattack was worse and it’s pretty much all thanks to Microsoft’s shitty software design and the antivirus concept failing to actually keep pace with threats in the modern world.

Not only this, but Microsoft wants to port “Defender”, a backdoor and a piece of spyware, to Linux, which is not really having too much of a problem with malware, even though antivirus is relatively unheard of.

The biggest threat vector on Linux is a seriously misconfigured system that involves not the kernel, but some piece of userspace software.

Which….does happen, but it’s a lot harder to do that on Linux because of the concept of trusted software sources, open source being a lousy way to hide backdoors and malicious payloads for obvious reasons, and just the overall higher intelligence of its users.

Also, not being buried under an OS that’s 90% crap that harkens back to the 90s and 2000s because some business will whine if Internet Explorer and the driver model from Windows XP isn’t there.

People who value real security and accurate information about threats will stay away from media that overlaps the PR industry. They want us to believe that companies which actively undermine security are in fact the biggest champions of security; similarly, those mass surveillance giants are often being portrayed as guardians of people’s privacy.

12.17.20

Video: The FUD of the Month About GNU/Linux, Seeded by ZDNet and Similarly Awful Sites

Posted in Deception, FUD, GNU/Linux, Security at 9:47 am by Dr. Roy Schestowitz

Summary: In this video (unscripted, one/first take) I discuss some of the stuff that’s in this week’s “Linux” headlines (in effect lots of FUD and scaremongering, as usual)

12.13.20

ZDNet Has Just Cooked Another Crooked Story Tacitly Blaming Linux and Postgres for Something That’s to Blame on Neither

Posted in Deception, FUD, GNU/Linux at 9:20 am by Dr. Roy Schestowitz

Human error is not a software bug

PgMiner botnet attacks weakly secured PostgreSQL databases

ZDNet's Catalin CimpanuSummary: As the latest example shows, the art of perception management (or “reality distortion”) at ZDNet is up on display 12 months after its parent company collapsed (rendered defunct on December 4th, 2019), reminding people of the real agenda or the true bosses at the helm

THERE’S shoddy journalism, there’s intentionally bad journalism, and then there’s ZDNet — a class of its own! They’re defaming Free software people (making stuff up or saying the exact opposite of what’s true), blaming Windows security problems on "Linux", and hiring professional liars like Catalin Cimpanu to do what they did in other sites for a number of years. The goal is clearly not to inform readers but to mislead them and moreover attract them using click-bait junk.

“The goal is clearly not to inform readers but to mislead them and moreover attract them using click-bait junk.”In the above example, which is new, it’s the latest from Cimpanu; notice how he’s trying to attribute to “Linux” an issue that doesn’t have anything to do with “Linux” or even “PostgreSQL”; it’s about incompetent administrators whose systems are (mis)configured to give away control. So how come we end up talking about “Linux” or even “PostgreSQL”? How come ZDNet continues to ignore back doors in Windows, which constantly kill more patients than COVID-19 ever did? The tactic is called “reality distortion” or perception management. To quote Wikipedia on perception management in Journalism:

Journalism is a field that organizations, companies, governments, and individuals will attempt to use to manage the public’s perception of that specific organization, company, government, or person. Perception management through journalism has been seen especially in regard to government propaganda and war. This becomes problematic when governments promote certain ideas that they want the public to believe through journalism, without the journalists and media properly attributing their sources.

Another issue in the journalism field is between the corporate business of keeping a news organization afloat versus the ethics of reporting and reporting the truth. Just as with any other major corporation or even small businesses there are conflicts between the reporters and the executives within a news organization. Reporters with strong ethics will want to run all stories that are “newsworthy”, but some of those stories may be censored by editors because the executives have sent a note down the chain specifying that a certain story may or may not run.

In the case of ZDNet, follow the money to better understand who their clients are (the likes of Microsoft and the Linux Foundation). The parent company collapsed exactly one year ago, so now the site has new “masters” (or “paymasters”) with a new business model. It operates accordingly.

11.26.20

Boycott ZDNet Unless You Fancy Being Lied to

Posted in Deception, Free/Libre Software, FUD, GNU/Linux at 9:02 am by Dr. Roy Schestowitz

ZDNet is in a race to the bottom in gutter ‘journalism’

Formula 1 BAR Honda

Summary: ZDNet’s Catalin Cimpanu continues to lead the way with misinformation and lies, basically doing whatever he was doing to land that job at ZDNet (after he had done the same elsewhere)

TODAY there was a new article from Sam Varghese about Catalin Cimpanu, the liar and dramatist whom ZDNet hired to attack Linux with FUD, seeing how he had been doing that for years in another site. As Varghese put it, “ZDNet has a person on staff, Stephen J. Vaughan-Nicholls [sic], who knows the Linux very well. So why exactly the kind of dross that was published on 24 November was ever allowed to pass the editor’s knife is puzzling.”

The “tl;dr” is that (quite frankly as usual) it’s not about “Linux” and it requires shoddy users/admins to help the attacker/s.

“This got notably worse than ZDNet’s parent company collapsed.”What’s more puzzling to us is that SJVN continues to work there, even while bemoaning this Linux “security” FUD. Varghese already wrote a number of other pieces about Cimpanu’s lies, as did we and some sites that we’ve cited. Let’s face it; ZDNet isn’t really a news site but a propaganda apparatus. The above article was in Daily Links this morning, as was one piece of FUD derived from the ZDNet FUD.

ZDNet's Catalin CimpanuWe continue to urge readers to boycott ZDNet. One year ago its parent company collapsed. Let’s make sure ZDNet collapses as soon as possible as well. It’s lying and provoking for traffic, in effect spreading Microsoft propaganda, defaming Free software people, and using clickbait to annoy people who still value actual facts. This got notably worse than ZDNet’s parent company collapsed.

11.07.20

ZDNet Calls Windows Ransomware “Linux” to Keep Pages About Linux Full of Fear-Mongering Nonsense

Posted in Deception, FUD, GNU/Linux, Microsoft, Windows at 4:33 pm by Dr. Roy Schestowitz

“Innovation has never been Microsoft’s strong suite – we’re much better at ripping off our competitors. For example we did not invent either ASP or IE – we bought them.” – Microsoft DOJ insider testimony

“We really haven’t done everything we could to protect our customers. Our products just aren’t engineered for security.” – Brian Valentine, Microsoft

“This is by-design behavior, not a security vulnerability.” – Scott Culp, Microsoft’s security program manager.

“In Microsoft’s world you are always one click away from harming yourself.” – Aleph One

Catalin Cimpanu at ZDNet
Top of the page about “LINUX”; it’s actually not about GNU/Linux, it’s about Windows ransomware being ported over

Tell that to your employer

Summary: The FUD artist Catalin Cimpanu (hired by ZDNet for his Linux-hostile misinformation, which he had done for years in Bleeping Nonsense) is at it again; this is becoming an issue that oughtn’t be ignored or overlooked (even SJVN from ZDNet is increasingly concerned about it)

THE term “Fake News” wasn’t coined by Trump. It had been used by the Democrats before he even became President and China used that term quite a lot around 2015 (to justify state censorship and suppression of publishers). The term was probably used for hundreds of years before that, albeit less frequently.

In recent days we saw a number of articles blaming GitHub-hosted malware on “Linux”. We included two examples of these in our Daily Links (with accompanying editorial remarks). We don’t wish to link to such FUD pieces, which follow familiar media recipes. Microsoft does something bad (like serving malware through NPM and GitHub) and somehow, miraculously, it’s the fault of those who receive that malware from Microsoft’s servers.

“In recent days we saw a number of articles blaming GitHub-hosted malware on “Linux”.”A reader has told us about the above ZDNet article along with articles inspired by it. It’s pure FUD. We saw several more like it (links omitted, even from Daily Links). This is the second time in a couple of months that Kaspersky, realising that Microsoft Windows is becoming irrelevant, figures out a way to misuse/googlebomb the “LINUX” brand (more and more over time) for self-promotional FUD, basically selling proprietary software from Russia. We don’t wish to quote passages of FUD, but having studied this for a bit, it turned out that — in ZDNet’s own words (they hired someone with a track record of attacks on GNU/Linux) — it’s the “first time a major Windows ransomware strain has been ported to Linux to aid in targeted intrusions.”

So ransomware strains are a Windows thing; but only once something gets ported to “Linux” it suddenly becomes headlines? Where were they all those times entire hospitals were hit and downed by Windows ransomware?

The fake ‘news’ site (propaganda mostly) ZDNet has been quiet lately. We don’t know if there’s some kind of temporary flux over there or actual cuts/reductions (like staff removals, decreasing publications quotas etc.) though it’s a good sign because people ought to boycott the site and that site needs to go away. It’s a load of junk, corporate propaganda, and defamation.

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts