Bonum Certa Men Certa

Unwarranted Media Hysteria Over (Allegedly) China Almost Sneaking Compromised xz Into Stable, Production Operating Systems (It Failed) While the US Government Blames Microsoft for Allowing China to Break Into Vital Government Systems Via Windows

posted by Roy Schestowitz on Apr 03, 2024

Shifting attention much, Microsoft-funded media? Microsoft: my dog ate my homework. So what if our whole internal infrastructure and all of Azure got compromised? "LOOK OVA' THAR!"

Beautiful white and brown dog lying under the table

THIS morning we wrote about how nearly 2 decades ago rms (Richard Stallman), who had given public talks about GNU since the mid-80s, warned that proprietary operating systems like Windows were a "back door" threat and, to make matters worse, you would not even know, no matter if that got detected or not (this already happened to Microsoft) [1, 2].

The "mainstream" (corporate, advertisers-funded and typically oligarch-owned) media won't mention any of this and instead it has helped distract from severe Microsoft Exchange issues. There is now a follow-up (see [1-4] below), but the media is shifting attention to "Linux" and it blames "Open Source" because some random user on Microsoft's GitHub (proprietary) pulled off a social engineering attack, aided by Microsoft systemd (also GitHub) and made "famous" by a Microsoft employee.

"Not only is there the 17k Microsoft Exchange server problem," an associate notes this morning, "but there is also the recent report excoriating Microsoft over its mishandling of the China-origin breach of its infrastructure."

See the links below.

"Allegedly" in the title of this post is because (while China is confirmed for the Microsoft breach) we don't even know what happened to xz. GitHub (Microsoft) makes it harder by hiding the evidence. The issue here or the culprit remains unattributed, an associate has said. "Red China is as likely as Israel, Russia, Netherlands, or US."

"However, in the other break-in [Microsoft], it is directly attributable to Red China."

Funnily enough, the corruptible media portrays the source of the FUD, Microsoft, as the saviour here. As if a campaign of misinformation or strategically-timed drama is something to be commended/praised for.

We're collectively paying the price for having very bad media/press. Media standards in the West have fallen closer to Red China's levels.

  1. Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack

    In a scathing indictment of Microsoft corporate security and transparency, a Biden administration-appointed review board issued a report Tuesday saying “a cascade of errors” by the tech giant let state-backed Chinese cyber operators break into email accounts of senior U.S. officials including Commerce Secretary Gina Raimondo.

    The Cyber Safety Review Board, created in 2021 by executive order, describes shoddy cybersecurity practices, a lax corporate culture and a lack of sincerity about the company's knowledge of the targeted breach, which affected multiple U.S. agencies that deal with China.

  2. Cyber review board blames cascading Microsoft failures for Chinese hack

    The CSRB lays the blame for the incident squarely on Microsoft: “The Board concludes that this intrusion should never have happened. Storm-0558 was able to succeed because of a cascade of security failures at Microsoft.”

    The report represents the conclusion of a seven-month review and comes against the backdrop of growing concern in Washington that a series of severe breaches at Microsoft has made the company a national-security liability at a time when the federal government is increasingly relying on that company for a raft of cloud computing services. In January, Microsoft disclosed the latest such incident, in which Russian hackers were able to access emails belonging to senior company officials and company source code.

  3. Microsoft slammed for lax infosec that led to Exchange crack

    A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" – has found that the incident would have been preventable save for Microsoft's lax infosec culture and sub-par cloud security precautions.

    The review, conducted by the US government's Cybersecurity and Infrastructure Security Agency's Cyber Safety Review Board (CSRB), calls for "rapid cultural change" at Microsoft. Among the Board's recommendations: [...]

  4. Review of the Summer 2023 Microsoft Exchange Online Intrusion [PDF]

    In May and June 2023, a threat actor compromised the Microsoft Exchange Online mailboxes of 22 organizations and over 500 individuals around the world. The actor—known as Storm-0558 and assessed to be affiliated with the People’s Republic of China in pursuit of espionage objectives—accessed the accounts using authentication tokens that were signed by a key Microsoft had created in 2016. This intrusion compromised senior United States government representatives working on national security matters, including the email accounts of Commerce Secretary Gina Raimondo, United States Ambassador to the People’s Republic of China R. Nicholas Burns, and Congressman Don Bacon.

    Signing keys, used for secure authentication into remote systems, are the cryptographic equivalent of crown jewels for any cloud service provider. As occurred in the course of this incident, an adversary in possession of a valid signing key can grant itself permission to access any information or systems within that key’s domain. A single key’s reach can be enormous, and in this case the stolen key had extraordinary power. In fact, when combined with another flaw in Microsoft’s authentication system, the key permitted Storm-0558 to gain full access to essentially any Exchange Online account anywhere in the world. As of the date of this report, Microsoft does not know how or when Storm-0558 obtained the signing key.

    This was not the first intrusion perpetrated by Storm-0558, nor is it the first time Storm-0558 displayed interest in compromising cloud providers or stealing authentication keys. Industry links Storm-0558 to the 2009 Operation Aurora campaign that targeted over two dozen companies, including Google, and the 2011 RSA SecurID incident, in which the actor stole secret keys used to generate authentication codes for SecurID tokens, which were used by tens of millions of users at that time. Indeed, security researchers have tracked Storm-0558’s activities for over 20 years.

Other Recent Techrights' Posts

Windows in Åland Islands: From 100% to Less Than Half
Åland Islands lost the sense of urgency to move to GNU/Linux
Not Just Slow News But Also Late News (Julian Assange Landing in Thailand)
Why did AP take so long (nearly a week) to release these?
[Meme] Smart Alec Poettering
How many Microsofters can the Debian Project withstand?
Getting Rid of Microsoft Does Not Go Far Enough
Microsoft already has many problems. One day Microsoft won't exist anymore. But that does not guarantee users' freedom.
Alyssa Rosenzweig's LibrePlanet Talk About Freeing the Apple GPU
Alyssa Rosenzweig is the graphics witch behind the reverse-engineered drivers for the Apple GPU. She previously led Panfrost, the free drivers for Arm Mali GPUs powering devices like the Pinebook Pro. She graduated in 2023 with a Computer Science degree from the University of Toronto and now writes free software full-time.
Links 30/06/2024: LLMs Under Fire and Dictatorship of the Old
Links for the day
[Meme] Walking Outside the Guardrails of the Walled Gardens Built by Monopolies
So-called "advertiser-unfriendly" material was never a problem for Wikileaks
 
Wikipedia Co-Founder (Not Wales) Expresses Support for Wikileaks Founder Julian Assange, Says Assange Will Probably Continue
probably exactly the sort of thing that the US prosecutors did not want
Marco Calegaro on Hacking Art Into a Community
talk by Marco Calegaro
Links 01/07/2024: Chokecherry Leaf and Agile Manifesto
Links for the day
Johannes Åsgård on Making the Raspberry Pi More Free With librerpi
Johannes (also known as dolphinana)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 30, 2024
IRC logs for Sunday, June 30, 2024
200 This Week
Monday started with 40 articles/pages and this is #200
Press Complicity and Public Apathy All Along Enabled 14 Years of Illegal, Arbitrary Detention and Coercion Into Plea Bargain of Julian Assange on Brink of Death
They basically blackmailed him into letting the US 'win' the argument
At the End Journalism a Crime (If It Involves Accessing or Gaining Access to Documents Marked "Confidential" or "Classified" by Those Looking to Hide Their Misconduct/Crimes)
At least in the US, especially where the imperialism is at stake
Links 30/06/2024: Tensions in Korea and Japan, Criminalisation of Sleeping Outdoors
Links for the day
100% Slop/Spam From linuxsecurity.com
This is the kind of stuff that's killing the Web faster
Gemini Links 30/06/2024: Murdoch and Ideal OS
Links for the day
In the First 6 Months of 2024 Thailand Moved to GNU/Linux, Not to Windows Vista 11
maybe users moved from Vista 10 and 11 to GNU/Linux, seeing where Microsoft was heading with forced hardware "upgrades"
Eko K. A. Owen, New Outreach and Communications Coordinator for the FSF
Nice to see many new additions to the FSF's team
Microsoft Has Slaves and Enablers, Not Partners
Obligatory meme too
Tobias Platen Covered Freedom-To-Play Games in LibrePlanet 2024
Freedom-To-Play games using Taler
[Meme] Opening a 'Webapp' With 'Only' 4 GB of RAM
Until 2020 none of my PCs ever had more than 2 GB of RAM
Destination 'Five Percent'
We reckon GNU/Linux can break the 5% barrier some time by the end of this year, even without counting Chromebooks
A Crisis of Online Journalism
Almost a week ago a journalist was forced to plead guilty for an act of journalism
Germany One of Many Countries Where Microsoft's Bing Lost Market Share After All That LLM Nonsense (Bing Chat and Further Rebrands/Renames)
openai.com traffic plunged 60% last month
Microsoft’s Latest Antitrust Scrutiny
4 new stories
Microsoft Layoffs, Mass Plagiarism, and More
outrage included
GNU/Linux Climbed 0.25% This Month (in statCounter)
Around midday on Tuesday we'll start seeing preliminary data for July
Ilya Gulko Introduces Pollyanna
"Pollyanna is a web framework that makes it easy to create your own libre social space, such as a social network or blog."
'FSFE': Underage Labour, GAFAM Fronting, and Identity Theft to Undermine the FSF's Current Fundraiser
looking to raise funds at the same time as the FSF
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 29, 2024
IRC logs for Saturday, June 29, 2024
Links 29/06/2024: Astronauts at Risk, Ukraine Updates
Links for the day
Fedora and Red Hat Leftovers
mostly redhat.com
Microsoft is Now Googlebombing or Spamming 'Open Source' and 'Linux' to Promote Proprietary Surveillance, Azure
Notice the title and the image, what's being promoted etc.
Seychelles: GNU/Linux Doing OK
Seychelles cannot be considered poor
This War Crime Footage, Nothing Political Per Se, Is What They Made Julian Assange Plead Guilty To (War Criminals Not Convicted, Only Those Who Expose Them)
Wikileaks' Julian Assange: Exposing the US Military Crimes
Gemini Protocol Isn't Even Remotely "Dead"
"Lupa knows of 505,000 (half a million!) working Gemini URLs at present, up from about 425,000 this time last year"
About 10 New Free Software Foundation (FSF) Members Per Day
The total changed from 46 to 47 while typing the article
20 Years Passed, Let's Go Even Faster Now
We are hoping to bring more original stories
Vista 11 Adoption Unusually Low in Germany and It's Going Down, Not Up
This is not happening only in Germany
Kevin Korte on Computers Being Allowed to Make Decisions Based on Cryptic Algorithms and Proprietary/Secret Data
It uses buzzwords where none are needed
[Meme] Garbage In, Garbage Out (linuxsecurity.com)
It is neither Linux nor security, just chatbot-generated slop
Microsoft-Invaded CISA Spreads Anti-Free Software FUD (as If Proprietary Software Has No Memory Safety Issues), Brittany Day Uses Chatbots to Amplify and Permutate the Microsoft FUD
linuxsecurity.com became an anti-Linux spam site
Microsoft Laying Off Staff in an Act of Retaliation and Union-Busting
retaliatory layoffs at Microsoft
Gemini Links 29/06/2024: Content Drowning in 'Goo' and LLM Slop
Links for the day
Windows Lost Almost 92% Market Share in Egypt
From over 99% to just over 7%
In Ecuador, GNU/Linux Adoption Surged From Under 1% to Over 4% in About 3 Years
Not even counting Chromebooks
LibrePlanet: Cultivating Backups (of Recordings)
an appeal to recover some of these talks
Microsoft/Windows Machines Are Turned Off (or Windows Deleted/Decommissioned) in Web Servers, as the "Market Share" Collapse Continues
Taking full history into account, this is a decrease of over 90% in some cases
Corwin Brust Hosting Freedom: A Behind-the-scenes Tour With the GNU Savannah Hackers
"the "smiling faces" behind it."
Android at 90% or More in Chad
Windows below 2%
David Wilson: Cultivating a Welcoming Free Software Community That Lasts
"a feeling of shared ownership for all users."
Julian Assange Might Continue Wikileaks, But Certainly Not Yet (Recovery Time Needed)
And probably at a symbolic capacity only
Bringing in 12 Santas and Taking 13 Out (Old Interview With Julian Assange)
Julian Assange's life inside the Ecuadorian embassy
Neil Plotnick on GNU/Linux in the High School Classroom
uploaded to the LibrePlanet instance of MediaGoblin
Asia Appears to be Fastest to Adopt GNU/Linux
the home of a considerable majority of the world's population
Alexandre Oliva's LibrePlanet 2024 Talk About "Software Enshittification"
in spite of technical difficulties encountered while recording
What They Used to Do With Mono They Now Do With Systemd (Lower and Deeper Down Than Userspace)
Now we have a project started primarily by Red Hat (and managed by Microsoft GitHub, which is proprietary) being managed by Microsoft and primarily serving Microsoft and IBM
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 28, 2024
IRC logs for Friday, June 28, 2024