10.09.11
Posted in GNU/Linux, Microsoft, Security, Windows at 10:20 am by Dr. Roy Schestowitz
Image by UpstateNYer
Summary: Deadly drones that depend on Windows become victims of intrusion and potentially control from the outside
DESPITE what Bristol might laughably claim, Microsoft is just about as bad as one can do for security and the monthly reminder (those numbers are fake by the way) should not be ignored. Patches aside, many news sites say that a Windows virus has hit the drone fleet of the US army. There’s a comforting thought, eh? With rockets on board, crackers can play war plane simulator with a real miniature (but well armed) plane. People have rightly started asking, why not just use Linux? One blogger writes: “Because the level of skill required to crack a Unix-like OS is much higher than that needed for a Microsoft OS. Further, properly configured Unix-like systems are much more robust than Microsoft systems. Were Military forces using properly configured and properly secured Unix or Linux systems we would not see items like these below being reported.
“”I just had a, “What were they thinking?!”, moment while reading this article at ars technica: Computer virus hits US Predator and Reaper drone fleet. First, it is not a “computer virus”, it is a Microsoft operating system virus. Second, using Microsoft operating systems for any critical Military computer systems is just wrong. I know the US Military has specifications for rugged computer systems that must be made in the USA. That makes sense. What does not make sense is the fact that the US Military will accept Microsoft operating systems on its critical, sensitive hardware at this date in time. That is like specifying a bank vault that can withstand a nearby nuclear blast, but allowing the builder to install a screen door for access to the vault. It is just a Bad Idea!”"
Here is another report about it. Wired says that “Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.”
Not so reassuring.
Drone issues such as this are just another reminder amongst other incidents that we mentioned before — incidents where the US military is put at risk because of Windows . To quote Microsoft’s Allchin, “It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere.”
“Microsoft Appears to Have Blacklisted Oxford University” says another report, showing us what Microsoft “security” really is achieving:
Microsoft’s motives for action is unknown, Oxford’s semester is about to start
We received word from Oxford University in the UK today that Microsoft Corp. (MSFT) has blacklisted the campus for unknown reasons.
The reasons are actually known. Microsoft is too incompetent or arrogant to implement security properly. █
Permalink
Send this to a friend
09.06.11
Posted in Microsoft, Security, Windows at 4:20 pm by Dr. Roy Schestowitz
Summary: In the midst of Wikileaks drama we learn that an executions-savvy regime will benefit from Windows cracks
“Windooze insecurity puts Iranian dissidents in mortal danger,” states the subject line of an anonymous USENET post, quoting this article. “A Dutch CA called DigiNotar,” says the poster, “was hacked by Iranian hackers, likely with the intention of intercepting SSL traffic (Gmail, Facebook etc.) of Iranian activists and freedom fighters. I checked DigiNotar’s website and guess what operating system they’re using? You guessed it! WINDOOZE ASP.NET!!!
“So now Microsoft will have blood on its hands. Its insecure graphical-shell-pretending-to-be-an-operating-system is now possibly responsible for the deaths and prosecution of many Iranians!! [..] THIS COMPANY SHOULDN’T BE SPLIT UP, IT SHOULD BE SHUT DOWN”
“And as long as otherwise respectable companies insist on e-mailing me “slide shows” in the form of IrfanView .exe files because “it’s so user-friendly”, Windows will remain as secure as a wet paper bag.”
–Richard RaskerA more moderate Dutch poster, Richard Rasker, wrote separately: “I guess we’ve all heard how a Dutch Certificate Authority by the name of Diginotar, formerly used by even the Dutch IRS authority and countless city councils, has screwed up severely, when their systems were breached by Iranian hackers, who managed to poison the world with many hundreds of bogus certificates. Then they screwed up even more by hushing up about the hack for months — a huge no-no in a world where trust is the highest good.
“And now it turns out that the screw-up has soared to even greater heights. In case you wondered what OS these people were using, here’s the answer:
http://webwereld.nl/nieuws/107833/fox-it–diginotar-gebruikte-niet-eens-virusscanner.html
“For those who don’t understand Dutch:
“Fox-IT: Diginotar didn’t even use a virusscaner
Fox IT has delivered a devastating verdict on Diginotar’s infrastructure. The company didn’t adhere to agreements and procedures. Even elementary security measures were totally absent.
These are the conclusions from an investigation by Fox IT into the security breach at Diginotar, as passed by Webwereld and NU.nl through a governmental source. It turns out that all operations were taking place from within one single Windows domain. This made it possible to gain access to the certificate administration from any work station; logging in to one’s work station was sufficient to get access to the systems. This is a mortal sin in the world of IT security. In addition, Diginotar was already aware of the abuse of its certificates as early as July.
No secure zones
Even when issuing certificates for government use, standard security rules were trodden underfoot. The government’s PKI computers operate from within a secure vault, and should never have been connected to Diginotar’s network. Yet even on those machines, investigators found evidence that connections had been made to the Windows domain.
…” [no virus scanner ... no proper logging ... no strong password enforcement ... inadequate intrusion detection ... hackers got & used administrator rights ... certificates chucked in an easily accessible database ... etcetera]
“Now I won’t say that this could never have happened in a Linux environment,” notes Rasker, “but for a screw-up of these truly epic proportions, Windows is the OS of choice — because it traditionally “makes things easy”, and because Windows users are traditionally not used to working with proper permissions, secure networks and strong passwords.
“And as long as otherwise respectable companies insist on e-mailing me “slide shows” in the form of IrfanView .exe files because “it’s so user-friendly”, Windows will remain as secure as a wet paper bag. QED.” █
Permalink
Send this to a friend
08.29.11
Posted in Microsoft, Security, Servers, Windows at 5:49 am by Dr. Roy Schestowitz
Summary: Rise in Windows traffic on the Internet, but not the desirable type of traffic (RDP attacks)
Check out this piece of news: [via]
It’s retro day in the world of Internet security, with an Internet worm dubbed “Morto” spreading via the Windows Remote Desktop Protocol (RDP).
F-Secure is reporting that the worm is behind a spike in traffic on Port 3389/TCP. Once it’s entered a network, the worm starts scanning for machines that have RDP enabled. Vulnerable machines get Morto copied to their local drives as a DLL, a.dll, which creates other files detailed in the F-Secure post.
SANS, which noticed heavy growth in RDP scan traffic over the weekend, says the spike in traffic is a “key indicator” of a growing number of infected hosts. Both Windows servers and workstations are vulnerable.
Bravo, Microsoft. █
Update: Incidentally, Nokia’s developer network has just been cracked. Based on some tests, the site runs Windows. Netcraft says it ran Windows, but it is now hiding behind Akamai (Linux). Some case sensitivity tests seem to confirm that It runs Windows.
Permalink
Send this to a friend
08.07.11
Posted in Microsoft, Novell, Security at 3:58 am by Dr. Roy Schestowitz
Summary: Novell and Microsoft get special mentions for weaknesses in their proprietary software, which they wish to hide by hiding the source code
NOVELL is a proprietary software company whose software has gotten enough flaws to earn a Pwnie Award nomination. Thanks to our reader Tacone for bringing the following bit to our attention:
Remotely exploitable stack overflow in OpenSSH on Novell NetWare
Vendor: Novell
The ZDI advisory clearly stated that this is a remotely-exploitable stack overflow, but Novel claimed that it was only a denial of service attack and refused to patch it until ZDI dropped the details on their blog. You can’t argue with 0×41414141.
In other news, Windows has a rootkits epidemic again and this time Sony is not to blame:
Machines running the decade-old Windows XP make up a huge reservoir of infected PCs that can spread malware to other systems, a Czech antivirus company said today.
Windows XP computers are infected with rootkits out of proportion to the operating system’s market share, according to data released Thursday by Avast Software, which surveyed more than 600,000 Windows PCs.
While XP now accounts for about 58% of all Windows systems in use, 74% of the rootkit infections found by Avast were on XP machines.
The Register meanwhile says that “Microsoft is fuelling up 13 bulletins for release next week, including an update that guards against critical flaws in Internet Explorer.”
We oughtn’t forget that Microsoft lies about those numbers.
“It’s funny that I almost never have to reboot, or even logout, when I update my Linux boxes,” remarks one GNU/Linux advocate. ‘Why is it that Windows can’t update a file that is open? Linux & other *nix’s have had this filesystem feature for longer than I can remember. Doesn’t Windows have any decent filesystem?”
Finally, spyware too seems to be part of Microsoft’s package:
Microsoft has collected the locations of millions of laptops, cell phones, and other Wi-Fi devices around the world and makes them available on the Web without taking the privacy precautions that competitors have, CNET has learned.
The vast database available through Live.com publishes the precise geographical location, which can point to a street address and sometimes even a corner of a building, of Android phones, Apple devices, and other Wi-Fi enabled gadgets.
How come nobody remarks on the privacy implications? Without privacy, security too can be compromised more easily. █
Permalink
Send this to a friend
07.21.11
Posted in Microsoft, Security, Windows at 7:25 am by Dr. Roy Schestowitz
Summary: New reports about bad Windows security
ONE OF OUR readers said that “Vista/Windows 7 are remote rooted through bluetooth” according to a report which says that “Windows laptops are configured to … turn on Bluetooth when the computer’s wireless Internet component is active or searching for networks (which, for many machines, is all the time).” CNET is meanwhile naming Windows in relation to malware. It quotes/attributes this to Google:
The malware only affects computers running the Windows operating system, according to a post by Google engineer Matt Cutts. Systems can be tested by running a Web search for any word, he said.
At Google, not many people are using Windows and within a few years it is possible that almost nobody will use Windows. It sure seems like Android takes over not only phones (even at Apple’s expense) but also tablets. We provided new links earlier. █
Permalink
Send this to a friend
07.16.11
Posted in Microsoft, Security, Windows at 4:11 am by Dr. Roy Schestowitz
Summary: Documents relating to ballistic missile defense and star wars leaked to crackers owing to Windows, allegedly
AN anonymous poster found this blog item (“DoD: 24,000 files swiped in March from military contractor systems”) which suggests that “Because they use Windooze about 24.000 (!) classified documents got stolen by foreign state-backed hackers. The documents included information on, among other things, JSF and the ballistic missile defense.
“If they’d used Linux this probably wouldn’t have happened. Congress needs to legislate a government ban on using Windows, as it’s unreliable and insecure BY DESIGN.”
Techrights wrote about the subject of Windows compromising many lives. It did so many times before, so to avoid repetition we’ll cite one of the earliest such posts and quote Jim Allchin of Microsoft as saying: “It is no exaggeration to say that the national security is also implicated by the efforts of hackers to break into computing networks. Computers, including many running Windows operating systems, are used throughout the United States Department of Defense and by the armed forces of the United States in Afghanistan and elsewhere.”
Yes, well done, Microsoft.
In other news, this time referring to Hotmail:
Did Microsoft Just Admit Hotmail Is the Most Hijacked Service?
[...]
Dick Craddock, Group Program Manager, Hotmail, writes in a company blog, “We released this feature a few weeks ago. Initially, it only let you report Hotmail accounts that were compromised. But it worked really well – we got thousands of reports of compromised accounts.”
Those “thousands of reports of compromised accounts” apparently “worked really well”. Priceless. As we pointed out some years ago, Hotmail is a top source of SPAM. Security there is an absolute joke and no wonder companies choose Google over Microsoft for such services.
As Microsoft continues its steady decline (as discussed in last night's show) it will be remembered as the company which did not take security seriously. The costs of getting cracked were simply passed to the customer. █
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
Permalink
Send this to a friend
06.29.11
Posted in GNU/Linux, Microsoft, Security, Windows at 5:01 pm by Dr. Roy Schestowitz
(ODF | PDF | English/original)
Resumen: las debilidades de seguridad de Windows como una oportunidad para desinfectar ordenadores de la gente (la eliminación de los sistemas operativos propietarios).
El momento más adecuado para ‘convertir’ Los usuarios de Windows en usuarios de GNU/Linux, es cuando Windows los traiciona -lo que sucede a menudo-, por lo general con virus o malware. El Register dice[http://www.theregister.co.uk/2011/06/28/extreme_rootkit_removal_advice/] que Microsoft recomienda a los usuarios a instalar Windows en tales circunstancias:
Microsoft aconseja a los usuarios a re-instalar Windows si llegan a la mala suerte de ser atropellado por un rootkit, particularmente cruel.
El troyano Popureb amarra sus tentáculos tan profundo en el sistema operativo que la mejor opción es atacar nuclearmente a las máquinas en órbita para volver a su configuración original. Los archivos que no han sido copiados con seguridad se pierden en el proceso.
Como el Sr. Pogson señala[http://mrpogson.com/2011/06/28/if-you-have-to-reinstall-your-os-to-keep-your-pc-running-install-gnulinux/], esto es en realidad una valiosa oportunidad para adoptar GNU/Linux;
Si tiene que reinstalar el sistema operativo de su PC para que siga funcionando, considere la instalación de GNU/Linux para detener esta locura.
Esto se refiere a los consejos dados en relación con la defensa a principios de este mes[http://techrights.org/2011/06/14/gnu-linux-advocacy/]. █
Traducción hecha por Eduardo Landaveri, Administrator of the Spanish portal of Techrights.
Translation produced by Eduardo Landaveri, the administrator of the Spanish portal of Techrights.
Permalink
Send this to a friend
Posted in GNU/Linux, Microsoft, Security, Windows at 1:29 pm by Dr. Roy Schestowitz
Wiping Windows
Summary: Windows’ security weaknesses as a chance to sanitise people’s PCs (removing proprietary operating systems)
THE most suitable time to ‘convert’ Windows users into GNU/Linux users is when Windows betrays them, usually with viruses or malware. The Register says that Microsoft advises users to reinstall Windows in such a circumstance:
Microsoft is advising users to reinstall Windows if they happen to be unfortunate enough to get hit by a particularly vicious rootkit.
The Popureb Trojan sticks its tendrils so deep into the operating system that the best option is to nuke from orbit return machines to their original configuration. Any files that aren’t backed up will be lost in the process.
As Mr. pogson points out, this is actually a valuable opportunity to adopt GNU/Linux;
If you have to reinstall the OS of your PC to keep it running, consider installing GNU/Linux to stop the foolishness.
This relates to the advice given regarding advocacy earlier this month. █
Permalink
Send this to a friend
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »
