SUSE (or MicroFocus) won’t even tell customers when its systems are in fact compromised
Summary: The same old and very notorious behaviour we found in Novell persists at SUSE under MicroFocus leadership; security neglected and keeping up appearances more important than honesty
TECHRIGHTS wrote many thousands of articles about Novell. We know Novell extremely well and we have documented its terrible behaviour for over half a decade, well before we began focusing on the EPO for example. As we shall show later, in a separate post, Microsoft’s and Novell’s “IP Peace of Mind” is making a comeback (as of last night), but right now we wish to focus on the crack I first wrote about on Monday (it has since then generated some press coverage, e.g. [1-3] below).
“Remember that no evidence has been presented by SUSE and moreover the gross negligence here is a bad sign in general.”A lot of people still miss the key point. IDG even went ahead with a rather misleading headline, as did Softpedia; rather than state the actual news (that OpenSUSE got cracked) the title says or overstates the ‘damage control’ from SUSE, diverting attention to what was not affected rather than what was affected (a politician’s trick). We used to see lots of that kind of spin back in the Novell days and the 2 articles below, having sought comment from SUSE, give SUSE the benefit of the doubt here. Remember that no evidence has been presented by SUSE and moreover the gross negligence here is a bad sign in general. That’s just “faith-based” security. My article about it was so short that it was mostly a screenshot, yet we understand that further coverage is on its way. So let’s elaborate a little. “They were using an outdated version of WordPress and got zapped,” one person wrote to me after I had published my findings. “It was just the front-end, no code was touched.” But says who? SUSE? Can we believe them?
“Nobody has yet covered that issue as properly as we hoped (poor security practices at SUSE) and the fact that they COMPLETELY FAILED or refused to publicly acknowledge what had happened is a serious aspect of it.”Whatever caused the defacement, it shows that they lost control of their platform. They did get cracked. Softpedia reported that “openSUSE devs immediately restored the news.opensuse.org website from a recent backup” (so the back end too appears to have been compromised).
Nobody has yet covered that issue as properly as we hoped (poor security practices at SUSE) and the fact that they COMPLETELY FAILED or refused to publicly acknowledge what had happened is a serious aspect of it. We waited patiently to see if an announcement would be made by then, even a reassurance that users should not worry. But nothing came out! To this date (half a week later). They attempted to cover it up, which is BAD BAD BAD. For a so-called “Enterprise-Grade” thing which SUSE tries to market itself as (selling SLE*) this is a serious breach of trust. Who would trust SUSE now?
“If someone injected a back door inside SLED and SLES, SUSE would probably say not a thing, only belatedly removing it and then lying about the whole thing, just like Microsoft does.”3 news sites and my own site wrote about it, but not a single word has been uttered by SUSE. They know they got cracked and they are not telling anyone, except when journalists ask them for comment (and press them with evidence).
OpenSUSE has a history of security issues in its sites (see “openSUSE Forum Hacked; 79500 Users Data Compromised” from 2014). Where are the reporters who are willing to ask SUSE some tough questions? Don’t let this slide. If someone injected a back door inside SLED and SLES, SUSE would probably say not a thing, only belatedly removing it and then lying about the whole thing, just like Microsoft does. █
In the news:
Softpedia was informed by Dr. Roy Schestowitz that the openSUSE News (news.opensuse.org) website got defaced by Kurdish hacker MuhmadEmad on the day of February 6, 2017.
It would appear that the server where the news.opensuse.org website is hosted is isolated from the rest of openSUSE’s infrastructure, which means that the hacker did not have access to any contributor data, such as email and passwords, nor to the ISO images of the openSUSE Linux operating system.
We already talked with openSUSE Chairman Richard Brown, who confirms for Softpedia that the offered openSUSE downloads remain safe and consistent, and users should not worry about anything. The vigilant openSUSE devs immediately restored the news.opensuse.org website from a recent backup, so everything is operating normally at this time.
The openSUSE team acted quickly to restore the site. When I talked to Richard Brown, openSUSE chairman, he said that “the server that hosts ‘news.opensuse.org’ is isolated from the majority of openSUSE infrastructure by design, so there was no breach of any other part of openSUSEs infrastructure, especially our build, test and download systems. Our offered downloads remain safe and consistent and there was no breach of any openSUSE contributor data.”
The team is still investigating the reason for the breach so I don’t have much information. The site ran a WordPress install and it seems that WordPress was compromised.
This site is not managed by the SUSE or openSUSE team. It is handled by the IT team of MicroFocus. However, Brown said that SUSE management certainly doesn’t want any such incident to happen again and they are considering moving the site to the infrastructure managed by SUSE and openSUSE team.
In the latest Linux news, the news.opensuse.org got hacked and displayed “KurDish HaCk3rS WaS Here” for a while Monday and while the site has been restored, no comment on the hack has been issued. Elsewhere, Debian 9.0 has entered its final freeze in the last steps in preparations for release. FOSS Force has named their winner for top distro of 2016 and Swapnil Bhartiya shared his picks for the best for 2017. Blogger DarkDuck said MX-16 Xfce is “very close to the ideal” and Alwan Rosyidi found Solus OS is giving Elementary OS a run for its money. Phoronix.com’s Michael Larabel explained why he uses Fedora and Jeremy Garcia announced the winners of the 2016 LinuxQuestions.org Members Choice Awards.
openSUSE’s news portal was compromised Monday by a hacker or group of hackers called MuhmadEmad, via the message left in its place. A Kurdish flag with the message “HaCkeD by MuhmadEmad – KurDish HaCk3rS WaS Here” was displayed for hours before it was taken down and the site’s content restored. Roy Schestowitz has a screen capture and said that openSUSE has not yet publicly acknowledged the hack. Swapnil Bhartiya spoke to Richard Brown, openSUSE chairman, who said that site was isolated from most SUSE infrastructure, especially the distribution code. There was no breach of any contributor data either. The site in question is run by MicroFocus, but all are investigating to make sure it’s an isolated incident.
Send this to a friend
Microsoft uses its money to interfere with and/or take over the competition
“Linux infestations are being uncovered in many of our large accounts as part of the escalation engagements.”
“I’m going to f—ing bury that guy, I have done it before, and I will do it again. I’m going to f—ing kill Google.”
–Steve Ballmer, Microsoft CEO
Summary: Microsoft’s war on GNU/Linux and against Google is still alive and well, and Microsoft uses its money (what’s left of it) in an effort to get its way and basically undermine (or E.E.E.) the competition
According to this second-hand report from Sam Dean about Microsoft's DCOS buddies, “Microsoft has been rumored to have had its eyes on owning the company” (company behind DCOS, which is proprietary). 8 months ago we wrote about the real reason Microsoft veterans were investing in Mesosphere.
“8 months ago we wrote about the real reason Microsoft veterans were investing in Mesosphere.”What we basically deal with here is another Xamarin, again funded by people from Microsoft, only to be the subject of Microsoft acquisition (or attempted acquisition) later on. Microsoft actually did try to take over DCOS and make it its anti-GNU/Linux proxy. It’s half way there now because there are financial strings now. Dean cites a Microsoft booster (Matt Weinberger) as saying that “Microsoft is investing millions in a $1 billion startup that rejected its acquisition offer” (the headline).
To quote Weinberger: “Last year, reports emerged that Microsoft tried to buy Mesosphere, a hot cloud computing startup, for $150 million, only to get shut down.”
“What we basically deal with here is another Xamarin, again funded by people from Microsoft, only to be the subject of Microsoft acquisition (or attempted acquisition) later on.”So that’s a fact. At Mesosphere they ‘just’ took Microsoft money and hence strings, so it’s clear whose agenda will be served. EEE against GNU/Linux must be noted here. To quote further: “Mesosphere is announcing a new $73.5 million “strategic” investment, led by Hewlett Packard Enterprise, and with Microsoft listed as a “significant participant.””
It’s time to treat Mesosphere as a Microsoft proxy; little less, only more.
In related news, Microsoft is killing Yahoo again. Yahoo is not totally dead yet; it’s now run by a lady from Google, so the company apparently needs to die or be hijacked again by Microsoft. Microsoft Peter (Peter Bright) and Swisher make it abundantly clear that Microsoft is still a predator, not a real company. Based on Microsoft Peter’s article: “After Microsoft’s failed bid to buy Yahoo, the two companies signed agreements that would see Microsoft providing both search technology and advertising to Yahoo. While the terms of this deal have changed, with Redmond losing its exclusive arrangement last year, Yahoo nonetheless remains an important partner. Bing’s market share continues to grow each quarter, and Yahoo’s use of Bing search results is a key part of this success. [note: that’s a Microsoft lie/revisionism from Peter Bright]
“It’s time to treat Mesosphere as a Microsoft proxy; little less, only more.”“Redmond is keen to protect this important deal. Offering a private equity firm a billion or two in cheap financing would enable the company to preserve this partnership, while being substantially cheaper than buying the company itself. In spite of its previous interest, sources within Microsoft tell Swisher that it has no interest in buying Yahoo this time around. Companies that are interested are believed to include AT&T, Verizon, and Comcast, along with a number of private equity firms.”
The New York Times, having come up with an eye-catching headline (unlike the spin from Microsoft Peter), says the “Entire Yahoo Board Would Be Ousted”. This sounds like the same thing which Microsoft did with Icahn almost 8 years ago.
“This sounds like the same thing which Microsoft did with Icahn almost 8 years ago.”The spin from Microsoft Peter says “Microsoft said to be wanting to help out Yahoo buyers with its own cash”; iophk responded with “if you twist the word ‘help’ enough.”
Another reader of ours laughed and wrote in IRC “mafia “help”” (hey, maybe they can send in Icahn again!).
Raiders, proxies, corporate coups — a Microsoft specialty. Maybe they’ll actually become a technology and software company one day. We covered in great detail what Microsoft had done to Yahoo! in the past in order to convert it from a third (or second) contender in search engines into just another ‘department’ of Microsoft. Microsoft did the same thing to Cyanogen (now a Trojan horse against Android/Google), Nokia, and it also ‘helped’ Novell (only to see the company dying within a few years, as expected, leaving the patents to Microsoft).
“…Microsoft is unmistakably still going after Yahoo after killing the vast majority of it.”Looking at another report about this, titled “Microsoft Tells Possible Yahoo Buyers It Would Consider Backing Bids With Big Bucks”, Microsoft is unmistakably still going after Yahoo after killing the vast majority of it.
It “looks like Yahoo is selling out,” said Mark in our IRC channels earlier today, adding that “they are looking to sell their core business; I’d say they are on the way out in any case; they lost what… 4 billion dollars last year?”
“Microsoft is the touch of death to almost everything…”
#techrightsThis is like classic Microsoft revisionism, however, e.g. for one to claim Yahoo was all along down and still going down (or that Microsoft tried to save them and help them). They were doing reasonably well before 2008 (like Nokia or Novell) and they do extremely poorly now; Microsoft’s intention has a lot to do with it. That’s like saying Novell failed in spite of Microsoft or that Microsoft tried to rescue Novell.
XRevan86 notes that “moving to Bing for Yahoo! was a total disaster.” It was indeed; it was a one-way relationship that destroyed the very core of Yahoo! and turned it into a vassal of Microsoft. There was no way back after that. The company was in a freefall.
“Microsoft is the touch of death to almost everything,” Mark concluded. █
Send this to a friend
“I’d be glad to help tilt lotus into into the death spiral. I could do it Friday afternoon but not Saturday. I could do it pretty much any time the following week.”
–Brad Silverberg, Microsoft, now sponsor of Mesosphere/DCOS
Summary: As foreseen by Techrights, DCOS and Microsoft climb into the same bed and help dominate GNU/Linux using proprietary software
The predictions we made are becoming a reality, based on what’s reported in the media right now. An IDG article says: “Designed to help enterprises build microservices-based applications, run big-data systems and operate massive production container environments, Mesosphere’s Datacenter Operating System (DCOS) is “the most exciting new enterprise operating system since Linux,” said Lak Ananth, managing director at Hewlett Packard Ventures, in a statement.”
“The predictions we made are becoming a reality, based on what’s reported in the media right now.”As we noted a few months back, DCOS is about control by a central authority (see “Microsoft-connected Mesosphere Threatens to Eliminate Free Software in the Datacentre”). It is connected to (and funded by) notorious thugs from Microsoft’s antitrust days, just like Xamarin before Microsoft took over [1, 2].
DCOS is proprietary, not FOSS. “In addition to forming the basis for Microsoft’s Azure Container Service,” says IDG, “DCOS will also soon run on Windows Server as well as Linux thanks to the collaboration between the two firms, Trifiro said. That technology is expected to enter beta later this quarter.”
“It doesn’t take a domain expert to foresee that. EEE in motion.”Seems like a convenient mechanism by which to make GNU/Linux subservient to (or dominated by) Windows, just like in the case of Hyper-V. It doesn’t take a domain expert to foresee that. EEE in motion. █
“What the [user] is supposed to do is feel uncomfortable, and when he has bugs, suspect that the problem is DR-DOS and then go out to buy MS-DOS”
–Brad Silverberg, Microsoft
“b) put a kind gentle message in setup. like an incompatible tsr message, but not everytime the user starts windows. [...] the most sensible thing from a development standpoint is to continue to build dependencies on msdos into windows.”
–Brad Silverberg, Microsoft
Send this to a friend
On carving out parts of the market using patent monopolies…
“Inventive people [at Novell] write more software patents per capita than anywhere else.”
–Jeff Jaffe, Novell’s CTO before these patents got passed to CPTN (Linux foes)
Summary: The use of a patent portfolio in the Free software world for divisive and discriminatory purposes, as demonstrated by Red Hat in servers and BlackBerry in phones
IN OUR previous articles which mentioned Microsoft’s patent agreement with Red Hat [1, 2, 3, 4, 5, 6, 7, 8, 9] we noted that:
- The patent “standstill” (implies temporary and falsely insinuates there was a two-way war) applies only to Red Hat and its customers, unless Red Hat can prove otherwise;
- The deal does not shield Red Hat and and its customers from satellites of Microsoft.
“We both know we have very different positions on software patents. We weren’t expecting each other to compromise.”
–Paul Cormier, Red HatWell, we are still waiting for Red Hat’s lawyers to speak out (Tiller and Piana were involved in this) or for Red Hat’s management to get back to us (if it decides to). They need to go “open” (like an “Open Organization” [sic]), or at least clarify in some other way what exactly Red Hat did with Microsoft regarding patents. The FAQ is far too vague and it raises more questions than it answers. If we don’t hear some time later this month, we shall assume that Red Hat is hiding something and we’ll rally Free software people (urging them to comment on this subject), set up a public petition, etc. Transparency is extremely important here. This new article quotes Paul Cormier, Red Hat’s president for products and technologies, as saying: “We both know we have very different positions on software patents. We weren’t expecting each other to compromise.”
Well, both are applying for software patents, so it’s not clear what he meant by that. Also, they compromised only among themselves; what about other entities that use the same software as Red Hat does? Are they too enjoying a patent “standstill”? Probably not. Only says ago Microsoft extorted — using patents — yet another company that was using Linux (Android was mentioned in the announcement).
“Nothing prevents Intellectual Ventures from going after Red Hat just like Acacia repeatedly did, so it’s a fool’s settlement.”What has Red Hat really achieved here? It was a selfish deal and the inclusion of patents in it was totally spurious; it does a lot more harm than good. Ian Bruce, Novell’s PR Director, once said that the Novell/Microsoft package “provides IP peace of mind for organizations operating in mixed source environments.”
Meanwhile, the Microsoft-friendly media gives a platform to the world’s biggest patent troll, Intellectual Ventures, without even calling it “patent troll”. This troll recently sued a lot of companies that distributed Linux. Nothing prevents Intellectual Ventures from going after Red Hat just like Acacia repeatedly did, so it’s a fool’s settlement.
“Remember that BlackBerry habitually speaks about using patents for revenue and for market advantage.”Speaking of potential patent dangers to Linux, recall that BlackBerry pays Microsoft for patents (including FAT, which relates to TomTom/Linux) and recall our articles about BlackBerry potentially becoming a troll [1, 2, 3, 4]. Some people’s loyalty to this Canadian brand and its newfound support for Android can blind them to the risk which BlackBerry remains, especially because of its patents stockpile.
This new article [1, 2] serves to remind us that BlackBerry still has “Software And Patent Monetization” in mind (we covered this some weeks ago, quoting the CEO). This means that, failing the strategy with Priv and Venice (BlackBerry’s Android devices and Linux-centric strategy), it could end up like Sony-Ericsson, suing Android players whilst also selling their own (unsuccessful) Android handsets.
“BlackBerry is proprietary to the core.”Remember that BlackBerry habitually speaks about using patents for revenue and for market advantage. Also remember that BlackBerry is not — at least not yet — an Android company. BlackBerry is proprietary to the core. “The QNX division could also face higher competition from open source software such as Linux,” wrote a financial site, “which many customers find more flexible and economical, limiting its potential in the burgeoning IoT and connected device market. For instance, Tesla reportedly uses Linux for its Model S sedan.”
Don’t be too shocked if BlackBerry eventually sells its patents to hostile actors, asserts them against competitors that use Android, or uses aggressive lawyers to compel various OEMs to remove features from their Android devices (both hardware and software features). █
“I’ve heard from Novell sales representatives that Microsoft sales executives have started calling the Suse Linux Enterprise Server coupons “royalty payments”…”
–Matt Asay, April 21st, 2008
Send this to a friend
“What we are trying to do is use our server control to do new protocols and lock out Sun and Oracle specifically”
Summary: Microsoft’s war against POSIX/UNIX/Linux APIs culminates with the .NET push and the ‘bastardisation’ of OpenSSH, a Swiss army knife in BSD/UNIX and GNU/Linux secure channels
MICROSOFT will not rest until it regains its once dominant position in computing. It’s not just because of pressure from shareholders but also because of clevery-marketed sociopaths, such as Bill Gates, who are back at the helm and are very thirsty for power.
Microsoft is now pushing .NET into GNU/Linux, having failed to do so with Mono and Xamarin because regular people (end users) and sometimes developers pushed back. How can Microsoft still convince people to embrace the Microsoft APIs (which are heavily patented and not secure)? Openwashing and propaganda.
Jordan Novet, who writes a lot of pro-Microsoft or marketing pieces for Microsoft (for many months now), is formerly a writer of Gigaom, which had received money from Microsoft to embed Microsoft marketing inside articles (without disclosure, i.e. corrupted journalism). Now he acts as a courier of Microsoft marketing, repeating a delusion which we spent a lot of time debunking here (.NET is NOT “Open Source” [1, 2, 3]). To quote Novet:
Microsoft today announced the beginning of a new bug bounty to pay researchers to find security holes in some of the tech giant’s recently open-sourced web development tools.
“How can Microsoft still convince people to embrace the Microsoft APIs (which are heavily patented and not secure)? Openwashing and propaganda.”When Microsoft alludedwto “Open Source” in relation to .NET it sometimes merely piggybacks the reputation of projects it exploits. See the article “Microsoft’s .NET Team Continues Making Progress On An LLVM Compiler” (not GPL). To quote Phoronix: “Earlier this year Microsoft announced an LLVM-based .NET compiler was entering development, LLILC. Six months later, LLILC continues making progress.
“The .NET team has published a six month retrospective of LLILC. It’s a very lengthy read for those interested in low-level compiler details.”
“Microsoft is still working on implementing support for Windows’ crypto APIs rather than OpenSSL/LibreSSL and to address POSIX compatibility concerns along with other issues.”
–Michael Larabel, PhoronixThis is a potential example of the infamous “embrace, extend, extinguish” approach. As we have shown here before, platform discrimination remains and it is even being extended to existing Free software projects, such as OpenSSH, as we explained yesterday (expect Windows-only ‘features’ and antifeatures). Microsoft APIs are already being phased in — the “extend” phase in E.E.E. (embrace, extend, extinguish). We warned about this months ago [1, 2] and we are now proven right. Even Michael Larabel noticed this and wrote: “Microsoft is still working on implementing support for Windows’ crypto APIs rather than OpenSSL/LibreSSL and to address POSIX compatibility concerns along with other issues.”
So now we have Windows- and Microsoft-specific code right there inside OpenSSH, in spite of Microsoft support of back doors for the NSA et al. Does this inspire much confidence? Repelling Microsoft isn’t about intolerance but about self defence. █
“I once preached peaceful coexistence with Windows. You may laugh at my expense — I deserve it.”
–Be’s CEO Jean-Louis Gassée
Send this to a friend
“It’s part of a continuing behavior pattern by Microsoft that I think it’s fair to call “dirty fighting.” GoDaddy was using Apache (I assume on Linux) because it was a great technical solution. They didn’t switch to IIS on Windows Server 2003 for any technical reason. The switch was accompanied by a press release by GoDaddy, containing Microsoft promotional language. Now, I’ve changed many servers from one thing to another, but I’ve never made a press release about it. GoDaddy wouldn’t be doing that unless Microsoft had offered them something valuable in return. There has been talk in the domain business that Microsoft has been offering the large domain registries a wad of cash to switch their parked sites. There is no other reason to do this than to influence the Netcraft figures.”
Summary: Microsoft continues to game Netcraft’s figures and graphs by amassing effectively dead domains, making itself (and IIS/Windows) look a lot bigger when it fact Microsoft only perishes on the Web, having long ago lost the game to GNU/Linux with Free/libre software on top of it (notably a L.A.M.P. stack)
Microsoft, being an opponent of facts and fair competition, continues to distort information on Netcraft, having done so for years [1, 2, 3, 4]. The principal dirty trick usually relies on back room deals with hosts/hosters and registrars, based on some speculations that make a lot of sense (see the above for instance). Literally millions of these newly-registered parked domains can be hosted by just a few desktops in one of Microsoft’s offices. A lot of these domains are scarcely known, so they won’t get a single hit in a whole day. A single desktop alone can manage a whole lot of them. Not even a dedicated server with a lot of RAM should be necessary. In fact, it is so cheap to do so — along with the registration costs (done wholesale) — that Microsoft can afford the equivalent of slush funds to basically register or to subsidise registration of many of these domains (e.g. at Microsoft’s so-called ‘cloud’ or services, e.g. Outlook) and once it successfully does this it can mislead journalists (to receive positive coverage) and then bamboozle some of the less technical managers in various companies so that they choose based on the false impression that Windows is dominant. Microsoft is eventually causing them to host on a Microsoft platform/stack, based on false information. What a marketing swindle.
“Microsoft is eventually causing them to host on a Microsoft platform/stack, based on false information.”There are many more examples (including Netcraft) in our Wiki. Microsoft just loves to rig statistics and it does a lot of this nowadays with Vista 10, as we pointed out earlier this month.
To Netcraft’s credit, it seems to be actively — pun intended — trying to make it harder for rich actors (like Microsoft) that famously game their system, as Linspire once did to DistroWatch. “Microsoft made by far the largest gain in hostnames this month,” it wrote, “with an additional 33.6 million sites bringing its total up to 265 million. Combined with a 15.9 million loss in Apache-powered sites, the difference between Microsoft’s and Apache’s market shares has now halved: Microsoft’s share went up by 3.22 percentage points to 29.68%, while Apache’s fell by 2.55 to 34.96%, reducing Apache’s lead to just over five percentage points.”
But the number of hostnames is misleading and for just a few millions of dollars one can acquire millions of hostnames. When it comes to actual hosting, the story is very different. Netcraft wrote: “Amongst the world’s top million websites, nginx has continued to increase its market share and now powers more than twice as many sites as Microsoft.” Powering a site and just sitting there behind a domain is a different story altogether. Watch what happens (in the charts) when it comes to active domains.
“Notice developer active sites vs “all” sites,” wrote iophk to us, and “also notice that the metrics have changed.” Microsoft will need to change the method by which it cheats this system. Time for a Microsoft alliance with Volkswagen? █
Send this to a friend
Not the Rackspace we once knew…
Summary: Rackspace adds proprietary spyware to its premises, hence reducing confidence in its ability to secure whatever is on the racks (security or perceived security severely compromised)
OVER the past few months I have confronted Rackspace on numerous occasions because they were promoting (even by mass-mailing without consent) proprietary software. This was done repeatedly, even after I had asked them to stop and they said they took action. That’s really quite a shame because Rackspace’s patent policy is commendable and their support team is quite technically-competent. The PATRIOT Act was always quite a problem (they’re subjected to secret warrants and cannot notify customers), but nevertheless, they had a good track record. They throw it all away now.
According to this article, Rackspace, which was traditionally about GNU/Linux, has climbed up Microsoft’s bed. Rackspace says: “We’re pleased to expand our relationship with Microsoft and the options we provide for our customers by offering Fanatical Support for Azure”. The company is based in 1 Fanatical Place, which probably explains the name. Reading further down the article we learn about “Rackspace’s Private Cloud that will be powered by Microsoft’s cloud platform Azure.” They must be out of their minds!
Rackspace makes a laughing stock of itself. What a dumb move.
Rackspace ought to know better, for no deployment on Windows in its datacentre can ever do any good. It is a threat to other guests and hyper-visors, even down to hardware. UEFI, promoted by the NSA’s leading partner, is targeted by Hacking Team and Microsoft Windows too is a target. To make matters worse, Microsoft is now leaving almost 200 million useds [sic] exposed. As The Register has just put it, “Windows XP holdouts are even more danger than ever after Microsoft abandoned anti-malware support for the ancient platform.
“Redmond overnight stopped providing XP support for new and existing installs of its Security Essentials package.”
“Rackspace’s business has back doors in it.”NSA surveillance of Windows is ever more trivial, not just because Microsoft constantly tells the NSA how to crack Windows (before patching flaws). The threat of Windows is contagious because it can spread to other platforms that share the same datacentre, network, and hardware. The weakest links are being targeted ti gain entry. Recall Pedro Hernandez with his Azure marketing (trying to convince GNU/Linux users to host with Microsoft) — shameless marketing which was soon followed by other sites (promoted by Microsoft-centric sites, some of which receive money from Microsoft, but alas, this was also noted by pro-Linux writers at Softpedia News). Any datacentre which gets ‘contaminated’ with Windows is no longer trustworthy; it should be deemed insecure because Microsoft deliberately adds flaws (back doors) to Windows. There are numerous technical reasons for this and we have covered them before. UKFast, for example, a large UK-based host, once told me (I spoke to the CTO) that they use Hyper-V (proprietary and Windows) to host GNU/Linux. This right there is a back door and I have confronted them over this. They never came up with a response that inspired any confidence.
Microsoft is now trying to make Apache software Windows- and Azure-tied, as British media now serves to remind us, and there is new additional bait to attract gullible people.
Don’t ever think that Windows can be contained or compartmentalised ‘away’ from Free software. Once a company starts to mix proprietary software with GNU/Linux (e.g. Hyper-V or VMware, which is connected to RSA) security is evidently lost. Security audits are impossible. Novell made some initial steps in this direction back in 2006 and now we have Rackspace. The company cannot be trusted anymore. Rackspace’s business has back doors in it. █
Send this to a friend
“In the face of strong competition, Evangelism’s focus may shift immediately to the next version of the same technology, however. Indeed, Phase 1 (Evangelism Starts) for version x+1 may start as soon as this Final Release of version X.”
–Microsoft, internal document
Summary: Microsoft continues to pile up bogus claims and empty promises in an effort to stall migrations to GNU/Linux
THE unethical strategy of today’s Microsoft revolves around distortion of truth, targeting in particular the selling points of alternatives, such as GNU/Linux. Microsoft lies about Windows being “free” (gratis), being “Open Source” (libre), and being ‘like’ Linux or lightweight.
Microsoft’s longtime friend and propaganda site Neowin now proceeds to version X+1+1 (or X+2) vapourware marketing. It happened or at least started almost a week ago. Microsoft has a seemingly clever plan. There is even a logo and an image. Not a product. A plan. Logo. Image. Vapourware basically. We expected the media to debate it in the coming days and use it to badmouth GNU/Linux. We stated this publicly at the time and we were soon proven correct. This post will present a comprehensive summary of some of this latest Microsoft propaganda.
Is Microsoft freezing the market? Well, it wants us to wait several more years for a version of Windows that is not even developed yet.
Cade Metz, who was behind the “open source Windows” publicity stunt (as noted earlier this morning), has seemingly been appointed Condé Nast’s Microsoft propagandist (unofficial role). Another stunt right now is titled “Microsoft Is Making a Stripped-Down Windows to Rival Linux”. It was widely spread (very quickly in fact), not only by Microsoft boosters.
In the war against GNU/Linux, Microsoft’s PR network (Microsoft has a vast peripheral army of PR companies that it summons to fool the world and derail the competition) wants us to believe that Windows is free, cheap, open source, etc. All are lies of course, but here again we see the lie about Windows becoming light. In the future. Maybe. That’s what Microsoft promises. As it did before. They even call it “Nano Server” (article by Timothy Prickett Morgan) and misuse the word “containers”, probably making Docker (with Red Hat roots) blink a couple of times.
Ben Kepes, Joab Jackson and a whole large group of Microsoft boosters and Microsoft-connected sites disseminated this nonsense. Mary Jo Foley did her best, joined by Microsoft boosting Web sites and boosters whose only agenda has always been to promote Microsoft. This was not, however, contained (pun intended) within the Microsoft propaganda network and we found it spilling elsewhere [, 2, 3, 4, 5, 6, 7], 8, 9, 10, 11, 12, 13, 14], contributing to that awkward perception that Windows is “light”, much like GNU/Linux servers. Don’t believe the nonsense. Remember all the promises Microsoft previously made in respect to future versions of Windows. █
“The purpose of announcing early like this is to freeze the market at the OEM and ISV level. In this respect it is JUST like the original Windows announcement…
“One might worry that this will help Sun because we will just have vaporware, that people will stop buying 486 machines, that we will have endorsed RISC but not delivered… So, Scott, do you really think you can fight that avalanche?”
–Nathan Myhrvold, Microsoft
Send this to a friend
« Previous entries Next Page » Next Page »