Bonum Certa Men Certa
Microsoft Sued for Patent Infringement, Patents Brain Probing | Patent Concerns Invade GNU/Linux, GPLv3 Offers Remedy

How Jim Allchin, Gartner and Enderle Lied to the Whole World

If you say it often enough, people will believe it

We have developed a habit of keeping track of analysts who are obviously paid or compensated for serving corporate agenda (e.g. [1, 2, 3]). This is very relevant in light of the recent OOXML propaganda that came from IDC and the Burton Group.

Here is another fine example from the news. We wish to debunk the said analysts using compelling evidence and fact. One of the predications which certain people made is this:

5. Windows Vista will be secure Analysts were: Wrong

When Windows Vista was launched, Microsoft platforms group vice president, Jim Allchin, described a platform where its "safety and security" will be the "overriding features" for which most people will want Windows Vista.

Analysts from Gartner and the Enderle Group further touted Vista's security features, highlighting in particular its spyware-fighting prowess.


Enderle and Gartner have been caught many times before. The former is a one-man, attention-seeking 'consultancy' whose major client is Microsoft. The latter, Gartner, is funded by Bill Gates and plenty of its revenue stream comes from work it does for Microsoft. Jim Allchin, by the way, escaped Microsoft as soon as Windows Vista was released. It truly make you wonder, does it not?

The people above claimed that Vista will be secure, but let us take a look at some headlines which cover separate incidents that occurred in the past year (sorted reverse chronologically for the most part).

The latest round of patches revealed that Vista could be hijacked by merely sending a packet to it.

Microsoft's first set of security bulletins for 2008 may be slim, but will include a fix for a critical vulnerability in XP and Vista.


More information about this incident can be found here.

One of the updates is considered critical for Windows Vista and XP users because the flaw it fixes could be used by attackers to install unauthorized software on a victim's computer.


As we showed before, especially when Microsoft's Jeff Jones was lying to the public, Microsoft redefines and reinvents the science of security in attempt to show that Windows is more secure. Seconia was accused of playing similar games just days ago. Here is what needs to be pointed out:

1. Critical Vulnerability in Microsoft Metrics

For Microsoft this makes sense because these fixes get the benefit of a full test pass which is much more robust for a service pack or major release than it is for a security update.


2. Skeletons in Microsoft’s Patch Day closet

This is the first time I’ve seen Microsoft prominently admit to silently fixing vulnerabilities in its bulletins — a controversial practice that effectively reduces the number of publicly documented bug fixes (for those keeping count) and affects patch management/deployment decisions.


3. Beware of undisclosed Microsoft patches

Forget for a moment whether Microsoft is throwing off patch counts that Microsoft brass use to compare its security record with those of its competitors. What do you think of Redmond’s silent patching practice?


4. Microsoft is Counting Bugs Again

Sorry, but Microsoft's self-evaluating security counting isn't really a good accounting.

[...]

The point: Don't count on security flaw counting. The real flaw is the counting.


Getting back to Vista, let us look at some of the flaws we have seen:

1. Microsoft fixes 11 flaws in 7 patches; 5 affect Windows Vista

Microsoft on Tuesday released its December 2007 security bulletin, which includes seven updates: three are designated as critical by the software giant and four are deemed important.


2. December 2007's Patch Tuesday's Going to Be Big - Really Big

A Trio of Critical Patches

First up is a remote code execution patch for DirectX versions 7.0 (Windows 2000) through 10.0 (Windows Vista).


3. Security hole in MS-Windows Vista on Thanksgiving

Microsoft, although late, but did acknowledge that it is a flaw even in the latest OS (Vista) which should have been fixed long back.


4. Thirty-Six Updates Later—and Counting

Over the Thanksgiving holiday, I refreshed one of my Windows Vista test machines. Oh my, there were so many Windows Updates.


5. Vista security threats to rise in 2008: McAfee

Microsoft’s Windows Vista operating system will face increasing security threats, according to McAfee Avert Labs predictions for top 10 security threats in 2008.


6. Microsoft issues 6 'critical' patches

The updates affect many versions of Windows, Server and Office software -- including Windows XP and Windows Vista -- and are meant to prevent hackers from breaking into Web surfers' computers using specially crafted Web pages.


7. Buffer the Overflow Slayer v. the ActiveX Files [Vista included]

The vulnerability was discovered by Krystian Kloskowski and is rated "highly critical" in this posting on Secunia. It's also discussed here on the US-Cert website. Proof-of-concept code can be found on MilW0rm here.


8. Microsoft plans six critical patches

At least one of the critical vulnerabilities involves Internet Explorer 7 and Windows Vista, both of which were conceived under new and highly vaunted development rigors designed to produce more secure products.


9. Patch Tuesday: Critical IE, Vista patches on deck

Of the four criticals, two will include high-severity patches for Windows Vista. The bulletin rated ?moderate? only affects Vista.


10. June Patch Tuesday to deliver Vista fixes and more

Four of this month's bulletins are labelled 'critical' and relate to vulnerabilities that may allow remote code execution.


11. Microsoft Plugs Critical Vista Hole

Microsoft has just patched another critical hole in Vista that it knew about as long ago as last Christmas. The delay was similar to its lag in patching the serious (and heavily targeted) animated-cursor flaw I told you about last month.


12. Microsoft Patches Not One, But Three Vista Holes

Microsoft today released an update for the recently popular 'animated cursor' vulnerability. The update was originally scheduled for April 10th, but due to recent exploits, was rushed out today. The update wasn't just for this one vulnerability though, in Vista, it addressed two others, and in all covered seven vulnerabilities in Vista, XP and 2000.


13. Windows Vista's Built-in Rootkit

This poor implementation of the permissions structure can be exploited by malware to make files that are undetectable to Anti-Virus products.


14. More Windows cursor patch trouble [Vista included again]

A new issue with the fix has also come up. Some customers have experienced trouble when printing from SQL Reporting Services to a Printer Command Language (PCL) printer, Microsoft said.


15. Windows cursor patch causing trouble

Installing Microsoft's Tuesday patch for a "critical" Windows vulnerability is causing trouble for some users.


16. MS Patch Tuesday: Vista dinged again

For the second time this month, Microsoft has shipped a security bulletin with patches for a "critical" Vista vulnerability that puts millions of users at risk of code execution attacks.


17. Security Researchers Say Windows .ANI Problem Surfaced Two Years Ago

Security researchers say the Windows .ANI bug that has been plaguing users for the past week first surfaced -- and was patched -- in early 2005.


18. Week in review: Cursing Windows' cursor flaw

The software giant broke with its monthly patch cycle to fix a bug that cybercrooks had been using since last week to attack Windows PCs, including those running Vista.


19. ANI takers for Asus website virus?

Asus.com.tw, the website of Taiwanese motherboard maker Asustek, has been spraying visitors with the .ANI virus, security software makers confirmed today.


20. Will Next Tuesday's 3 Updates Effect Vista?

I would suspect that one will be a patch for the Windows MessageBox exploit, so Vista should get it. Might another be for the Vista 'Timer/2099 Crack'? I wouldn't consider it critical, but Microsoft probably does.


21. Windows Vista now has its first exploit spotted in the public

Security experts have confirmed that a proof of concept code for an unpatched vulnerability in Windows Vista has been released on the internet.


There were warning signs in advance. Windows Vista was not made to have a considerable impact, security-wise, but hype was a key driver. It happens to be the same case with DirectX 10, whose hype was generated by faking images which create a false perception that it is a big jump compared to DirectX 9 (that is another shocking story about deception, but it's worth a separate post). Here are some more articles of interest:

1. Windows Vista: It's More Secure, We Promise

Well, allow me to take a moment to remind everyone of something that you might not remember - XP was also touted as being ultra secure. Seriously, can anyone honestly look themselves in the mirror and say this is the gospel truth? You have got to be kidding me. Similar to XP, Microsoft promises to have the most secure Windows version to date yet again.


2. Cisco exec: Windows Vista is scary

"Parts of Vista scare me," Gleichauf said at the Gartner Security Summit here on Monday. "Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It's always a struggle in security, trying to build for what you don't know."


3. Symantec Finds Flaws In Vista's Network Stack

Researchers with Symantec's advanced threat team poked through Vista's new network stack in several recent builds of the still-under-construction operating system, and found several bugs -- some of which have been fixed, including a few in Monday's release -- as well as broader evidence that the rewrite of the networking code could easily lead to problems.

[...]

Among Newsham's and Hoagland's conclusions: "The amount of new code present in Windows Vista provides many opportunities for new defects."

"It's true that some of the things we found were 'low-hanging fruit,' and that some are getting fixed in later builds," said Friedrichs. "But that begs the question of what else is in there?"


With so many incidents out there, there remains this Big Lie that Vista is secure. Paid analysts do not help here.

Comments

Microsoft Sued for Patent Infringement, Patents Brain Probing | Patent Concerns Invade GNU/Linux, GPLv3 Offers Remedy

Recent Techrights' Posts

Father of XBox Says What Microsoft Does Not Want to Hear About XBox (They All Know It's Dead)
Microsoft just worried shareholders will find out Sharma is "just a face" and an undertaker
France Needs to Focus on Software Freedom, Not Flags
We need more SIP advocacy!
Combatting Censorship in the "Civilised World": The Media Blackout Surrounding EPO Strikes and Other Large-Scale Actions
We - collectively speaking - cannot afford to keep the Office in the hands of a "Mafia"
EPO Strike Actions and Other Industrial Actions Are Effective When Management Fears the Staff and Staff No Longer Fears Any Managers
'António the unready' should get ready to be ousted
IBM Did Not Fall Because of COBOL Vapourware, IBM Still Collapses Because It's Worthless, Way Overvalued, and Very Likely Cooks the Books
language-to-language conversion (in the context of programming) is nothing new
Quitting Reddit (Social Control Media Controlled by Conde Nast)
There is a new post in Reddit
Links 24/02/2026: Telephone Turns 150, Political News Catchup, and Rearmament
Links for the day
 
HR Blunder at IBM or IBM Struggling With Money?
Weird for such an allegedly rich company to be so stingy
Gemini Links 24/02/2026: x86 Computer In-Browser and Administration
Links for the day
Envy is the #1 Enemy of Richard Stallman
Whenever you see someone mocking Richard Stallman, ask yourself: does this person have a reason to be jealous of Richard Stallman?
Life is Sweeter When Less Means More
People need to think "small", not "big" (as in capital)
Championing a Cause
Probably over 100 million GNU/Linux users on laptops/desktops
Balmoral rape cult & Debian suicide cluster indifference, community
Reprinted with permission from Daniel Pocock
Can Much Longer Can the Financial 'Press' (Pump-n-Dump Megaphone) Cheer for IBM's Accounting Enigma?
IBM has fallen almost 25%
Religious or Not, Consider Quitting Social Control Networks (All of Them) This Season
Lent is a good time to quit addiction such as social control media
Liberating the Self From the Invisible Prison of Plutocrats-Controlled Media and Social Control Media
Can you always see the full picture or does something (someone powerful) obstruct it?
Links 24/02/2026: Drug Cartel Decapitated, Jeffrey Epstein-Connected 'Linux' Foundation Promotes Slop and Buzzwords at MWC Barcelona 2026
Links for the day
2023: Layoffs Are Because of "AI". 2024: Shares Up Owing to "AI". 2025: Shares Recently Fell Due to "AI". 2026 Forbes (Paid by IBM): Shares Falling is Good!
"AI" is smoke and mirrors
Bitcoin: Code of Conduct stifled open source concerns
Reprinted with permission from Daniel Pocock
Slop Boosters and 'Hype Agents' Render Themselves Irrelevant and the General Public Becomes Incredulous Due to "Bros Who Cry Wolf!"
It won't age well
"Half-baked Vibe Code Shipped Full of Errors"
Seems timely after our latest article
Links 24/02/2026: Copyright Litigation Over Anne Frank’s Diary, "Arrogance of Developers"
Links for the day
Another New Low for Solicitors Regulation Authority (SRA): Authorising Slop Disguised as "Legal Advice"
SRA is a lapdog - not a watchdog - of the "litigation industry"
EPO "Cocaine Communication Manager" - Part IV - "Many Jobs Were Given to Spanish Employees for No Related Skills At All"
The EPO's fate might be similar to that of the XBox
Gemini Links 24/02/2026: Hardware Tinkering and Slop Bots Attacking the "Small Web"
Links for the day
IBM is the World Champion at Layoffs and There Are Reportedly More Layoffs in IBM This Month (EU)
IBM fired 60,000 in 1993
Free Software is for Everyone
Young and old, rich and poor etc.
Gemini Links 24/02/2026: Voltage Divider on Slide Rule and Many Raspberry Pi Projects
Links for the day
Asha Sharma "a Palliative Care Doctor Who Slides Xbox Gently Into the Night"
2026 will probably be the last year of XBox
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, February 23, 2026
IRC logs for Monday, February 23, 2026
Probably IBM's Worst Day in Wall Street in Well Over a Decade
They try to blame some Anthropic slop, but that's just a distraction from IBM having nothing to offer
The Monday After the 9PM-on-Friday Prepared Puff Pieces-Under-Embargo Microsoft Strategy for XBox Collapse
There are more layoffs ahead at Microsoft's XBox
Kyndryl Also in a Freefall Today, James Kavanaugh's Accounting Skills Seem to be Based on Pumping and Dumping
What is the real value of Kyndryl when its debt is about twice its alleged "worth"?
Not Much Left to "Pump" in This Slop Bubble
let's hope that by the end of the year the whole bubble fully implodes
IBM Common Stock Crashes Hard (Almost $100 Below the Levels of February's Beginning)
Another Kyndryl?
Links 23/02/2026: Withdrawal From Slop and Ukraine Invasion Enters Fifth Year
Links for the day
Gemini Links 23/02/2026: Moving to Gentoo, Wake-on-LAN Script
Links for the day
Kyndryl Fell by About 50% in One Day, IBM Fell 23% in 20 Days
the IBM Titanic
Security and blobs, by Alex Oliva (GNU Linux-Libre)
Reprinted with permission from Alex Oliva
Trusting the Evil Maids
Don't listen to liars and frauds
Aaron Swartz Has Already Explained What Reddit/Conde Nast Meant to Him and Why We Should All Avoid Reddit If We Value Software Freedom
Aaron Swartz did not start Reddit
Valnet's Good Legacy of GNU/Linux Advocacy in Journalism Form
Let's hope they carry on like this
Techrights Thanks Every Single EPO Worker Who Went on Strike Today
We have so much in common
Coders and Thinkers
I used to be a hyper-productive coder; these days I do more thinking and writing
Slop (So-called 'genAI') is Not a Skill, Slop Gets You Suspended or Even Sacked, It Can Eventually End Your Career
Benj Edwards, a so-called 'Senior' so-called 'AI' so-called 'Reporter'
There is No Such Thing as "AI Skills", "AI Competency", "AI Fluency" Etc.
Slop does not give anybody an advantage
EPO Staff Union: The Strike Actions and Other Industrial Actions "Have Already Delivered Measurable Gains."
SUEPO Munich has just issued a statement to staff
Links 23/02/2026: "What Boston Will Cost Me" and Women as Hostages
Links for the day
IRC Usage Levels Seem to be Rebounding This Year
it looks like the total count (tally) of users increased a lot lately
Microsoft Tricked the Media Into Lying About Microsoft Layoffs in January. Now It Does the Same (in February).
Microsoft has got the media by the wallet (or balls)
Free Software Projects Become Slow Due to Slop
It does not improve efficiency or productivity, it reduces both
EPO Strike Has Begun (or Resumed)
The EPO status quo is untenable
Links 23/02/2026: US Surrenders to Climate Change (to Benefit Oil Companies and Slop), UK Court of Appeal to Hear Mazur
Links for the day
GAFAM Jobs No Longer Lucrative
Those days are long gone
Based on Insider Leaks, Asha Sharma's Job is to Kill XBox While Talking About "AI"
They cite SneakerSO
Germans Recognise the Contagion is Digital, Not Racial
How to dismantle or neutralise those weapons? Turn them off
Free Software (or Software Freedom) Ain't No Religion
It's hardly surprising that some of the loudest opponents of Software Freedom and its luminaries also disregard or bend facts
Dr. Andy Farnell Explains Why the Slop Industry is Like Trespassers and Thieves
interesting new article about robots.txt files
The Demise of the Solicitors Regulation Authority (SRA) and Profession Based Around Bullying With SLAPPs and Empty Threats
For press to survive and thrive in the UK we need the hired gun to be submerged
Linux Kernel 7.0 Release Candidate Comes Out, Stallman Turns 73 in Three Weeks
It predates Microsoft and Apple
In Greenland, Firefox's Gecko and KHTML (KDE, But Bastardised by Apple) Bigger Than Chrome
Are those Danes recognising the risk of monoculture?
Gemini Links 23/02/2026: Imperfect Journal, Evil, and "Progress Goes Boing!"
Links for the day
“Power is a Thing of Perception. They Don't Need to be Able to Kill You. They Just Need You to Think They are Able to Kill You” ― Julian Assange
When leadership becomes corrupt enough to lose a sense of authority its days are numbered; it'll be replaced
IBM Has Already Admitted 2026 Mass Layoffs (in 4Q Earnings Call)
We showed this earlier this month, but some people bring that up again
Reasons to Go on Strike in the European Patent Office (EPO)
If you live in Europe and don't work for the EPO, you can still help
First speech of Chanellor Hitler, Andreas Tille & Debian denounce Branden Robinson
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, February 22, 2026
IRC logs for Sunday, February 22, 2026
IBM Layoffs Definitely Still Happening
Contrary to what some apologists try to say
More and More Projects Quit Microsoft GitHub This Year, XBox Will See the Same
Microsoft GitHub's embrace of slop as "strategic" gives us a clue of what'll happen to XBox very soon
Google "Intelligence": Despite Slam-Dunk or "Smoking Gun" Proof, Drug Abuse in EPO Leadership is "Unverified Allegations"
Google's slop (so-called 'AI') lacks intelligence
8,000 Pages/Articles Per Year
We're eager to maintain a good production/publication pace and illuminate the sinister attempts to interfere with Freedom of the Press in the UK
Don't Use the Future Tense to Discuss the Slop Bubble
Wall Street does not react to reality; it reacts to panic, which is related to expectations
Gemini Links 22/02/2026: Okonomiyaki and Midcrunch Crisis
Links for the day
The Broken Window Industry and Its Ongoing Desires to Make Technology Less Dependable
Reliable computing is becoming harder to find
Freedom Means Accepting He or She Who is Different
In the Debian community we're sadly seeing some authoritarian overreach this month
New XBox CEO Typecast in Social Control Media
Microsoft apologists will fall back on (or shuffle between) the "racist" and "sexist" angle
Sites Without JavaScript Deserve Your Visits
We're not arguing that the Web should be as simple or barebones like Gemini Protocol/GemText
EPO Strikes Are Already Working
Campinos is already going "into hiding"
Microsoft Windows Falls to Another New All-Time Low in Guatemala, It is a Bottomless Pit
Maybe users come to realise that Windows means back doors and those doors are open to a regime that ought not be trusted
"XBox" Will Become Slop After Mass Layoffs
When all else fails, "AI it"
Links 22/02/2026: Hardware Price Hikes Across the Board, "Microsoft Issues Statement on Potential Layoffs"
Links for the day
Microsoft "Layoffs Incoming"
This transition isn't about promoting games; it's about canning the console
Links 22/02/2026: "Bloat of Modern Fitness Apps" and Wikipedia Deprecates Archive.today
Links for the day
Our IRC 5-Year Anniversary (for Self-Hosted) is Fast Approaching
A week from now it's March already
Gemini Links 22/02/2026: Dream Job Gone and Slop in Taskwarrior
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, February 21, 2026
IRC logs for Saturday, February 21, 2026