Bonum Certa Men Certa

Another Reason to Avoid Mono: Security

"At Microsoft I learned the truth about ActiveX and COM and I got very interested in it inmediately [sic]."

--Miguel de Icaza



For reasons and factors that make OOXML not secure, Mono is a security hazard as well. For those who are not yet convinced, there is this brand-new article which highlights the architectural failures of .NET and their impact on security. Read it.



Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.


Also in the news today is this alarming issue of 7 "critical" flaws (the highest level of severity) in Microsoft software.

Does anyone want GNU/Linux to inherit this nightmare? Is this something which belongs in the operating system which NASA, the NSA and the Department of Defense use? What about the cost implications? Beyond the issue of acquisition cost also exist the costs of maintenance, repair, and damage control. Losses incurred by leaks (espionage) and data loss are sometimes invaluable.

A few hours ago, one reader sent us the following message regarding the consequences of poor security.




Note that the bad engineering promoted by Bill Gates and his movement is probably costing Joe Sixpack upwards of 8 hours lost effort per week from malware, instability and poor interoperability. With the US in the economic situation it is in, that may be enough to knock the floor out of the recession. The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.

“The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.”Until recently, Microsoft people have been able to stifle security information. However, the EFF's recent win paves the way forward for better technology to become more visible.

I look forward to the seeing Back-To-School Security Packets in Walmart, Best Buy, and others consisting of Xubuntu CDs.

The last 10 years have shown us nothing if not that FOSS helps make your business more recession-proof.

What we have here is an old and odd spin trotted out yet another time. The spin tries to be negative, but at the end of the day, use of FOSS has boosted the economy there by some $60 billion on unnecessary sunk costs.

Further, since were FOSS tends to lead, it leads due to better performance, quality, interoperability and maintenance, not just cost. So that leads to secondary and tertiary savings. After all, if the IT team is not having to spend all its time chasing fires, it can be far more than $60 billion in savings once the total cost of ownership is settled.

Sure a small wedge of the software sellers might have lost, but the large part of the pie consists of software users. We win here.

____ 1) "EFF Wins Protection for Security Researchers" (2007)

2) "Vista's Security Rendered Completely Useless by New Exploit" (2008) "... a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista..." "... the work is a major breakthrough and there is very little that Microsoft can do to fix the problems..."

3) "This Bug Man Is a Pest" (2008) "...His syllabus is partly a veiled attack on McAfee, Symantec and their ilk, whose $100 consumer products he sees as mostly useless. If college students can beat these antivirus programs, he argues, what good are they for the people and businesses spending nearly $5 billion a year on them? ..."

4) "USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius" (2007)




For those wondering about highly-restrained criticism of Microsoft/Windows security, a mandatory background would be the smear campaigns against security researchers. Smear campaigns are something that Microsoft is intimately familiar with [1, 2, 3, 4, 5, 6, 7, 8, 9]. Remember the Geer saga, too [1, 2] (little more in [1, 2, 3]). He lost his job for saying the truth about Microsoft's security shortcomings and the horrific state of the Web, caused largely by Microsoft and its back doors.

Recent Techrights' Posts

South America: GNU/Linux Grew to 8.15% Venezuela, Steadily Over 3% Overall
holding steady above 3%
Clownflare (Cloudflare) Debt Grows, Losses Continue
debt of nearly $400,000 per employee
[Meme] GAGAM: Google, Apple, Gulag, Amazon, Microsoft, and the Rest
The Web has never been more dangerous and hostile
The L Word (Not Linux)
Championing Software Freedom is "dangerous"
It's Easy to Snyk in Marketing SPAM (and FUD) Into BetaNews
The latest marketing piece (disguised as information, not shameless self-promotion)
GNU/Linux at 4% in Algeria
So it more than doubled since last year
[Meme] The Failure of Microsoft Rebranding Campaigns
market share down, costs soared, back to basics
Why Your Web Site Should Also Support HTTP (Without 'Secure')
sites which force everybody to use HTTPS have an inherent accessibility problem
Microsoft Windows is Technically at 0% in Some Countries
It's not an important platform to target anymore
Windows Measured at 5.7% 'Market Share' in Philippines, GNU/Linux Rose to 5%
It was 3.62% last month
 
It's FOSS? No, It's SPAM.
Another sellout
Steven J. Vaughan-Nichols (SJVN) 'Works' for Linux Foundation (LF) on SPAM Campaigns, Just Like Spamnil's TFiR (Swapnil Bhartiya)
How can he publish something like this under his name?
Microsoft's Debt Ratio is Awful
It owes almost 150% of what it can give
Microsoft Has Already Laid Off Tens of Thousands of Workers, "Headcount" is Misleading Spin From Microsoft-Funded Sites
Expect Microsoft to suck up to Trump, looking for more bailouts (those typically manifest themselves in the form of "defence" contracts)
Gemini Links 03/12/2024: December Adventure and Social Justice Gone Wild
Links for the day
Microsoft Windows Falls to 12.5% in Cuba, Android Soaring
Windows isn't even doing too well on desktops/laptops
ChromeOS Isn't Freedom, But It's Killing Microsoft's Ability to Profit From Windows
ChromeOS has shot up to 22% in Sweden
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 02, 2024
IRC logs for Monday, December 02, 2024
Did IBM Layoffs Stop? Ask Dr. Krishna, The 'Genius' of IBM...
Trust AK to solve all the problems of IBM by creating bigger problems
[Meme] Sportwashing vs Code of Censorship (CoC)
Expectation of censorship (censor for me... or else!)
With 4 Weeks to Go (Before the End of 2024) the FSF Has Already Raised Close to 100,000 Dollars
The FSF must be doing something right
"Linux on the Desktop" (Less Than a Third of Web-connected Computers Still a Desktop or Laptop)
It's like we're chasing a goal that's 2 or 3 decades in the past
2 Years Have Passed Since ChatGPT Vapourware and Bing Gained Nothing, Yandex is About to Overtake Microsoft in Search
A cause for concern at Microsoft?
GNU/Linux Rises to 4% in Ireland, ChromeOS Grows and Android Takes Windows' Lunch
Windows down to 22%
[Meme] Meanwhile at Intel (Where the CEO Got the Boot)
Well, if taxpayers pay to save Intel, then Intel should be publicly owned (by those taxpayers)
A Cult of Fake Security
It's almost as if there's a coordinated effort to weed out and drive away people who are passionate about security for the users, as opposed to the financial security of companies like Google and Microsoft
Gemini Links 02/12/2024: Long Hair and Spirituality, Technology and Nature
Links for the day
Windows Not Even a 'Thing' Anymore... in North America (Where It Originally Came From)?
StatCounter shows Windows isn't even listed as a leading platform in any country in North America
Links 02/12/2024: Obesity Crisis to Worsen, Syrian Coups Rebound
Links for the day
Months After Mass Layoffs at Microsoft Nigeria Windows "Market Share" Collapses (Now Measured at 5%)
Of course the winner is Android (new all-time high of 77.3%)
South America Has Made It (Android Majority Everywhere) and in North America New Records for GNU/Linux Usage
Windows monopoly rents cannot be salvaged
Windows Down to Only One in Six Internet- or Web-Connected Devices in Asia
it's not looking good for Microsoft
Microsoft Windows Market Share in the United Kingdom Has Fallen to About 20%
Microsoft knows the true numbers, but it would rather not tell
statCounter: GNU/Linux Up to 4.6%, Windows Down Sharply This Month (Almost 22% Worldwide)
Let's see it the figures stay stable throughout the month
Figures of Note: Tesla's Debt Has More Than Doubled in Two Years and It's a Symptom of a Fake Economic Order
Cash infusions by taxpayers can create "billionaires" who aren't "job creators" (see what happened to Twitter) and bring no benefits to these taxpayers, only poverty
Linux Foundation Let Linux.com Rot for Two Months and Now It Posts Ridiculous Spam
Mindless shopping site
Links 02/12/2024: Journalists Arrested, Tesla Factories Destroying the Planet and Public Health
Links for the day
Gemini Links 02/12/2024: Adventures With Bevy, Google Very Evil, Jumping Into Gemini
Links for the day
BetaNews is Still a Shrine of Microsoft, and Casually Also an LLM Slop Factory
Fake articles, anti-Linux FUD, and Microsoft propaganda make a sound "business model"?
[Meme] Cyber Monday is Not a Thing; There's No Such Thing (It's a Corporate SPAM Campaign Plaguing the Web)
Enough with these fake 'holidays' that billionaires (business oligarchs) keep inventing to make more money at other people's expense (debt)
Software Freedom Conservancy (SFC) and Linux Foundation: Same Mentality of Revisionism and Plunder
Lie about history and then 'cash in'
[Meme] Software Freedom Conservancy (SFC) Begs You for Donations
How does one even spend 20,000 dollars per month???
Why Software Freedom Conservancy Does Not Deserve Money (Karen Sandler is Already a Millionaire and Her Organisation Attacks Free Software Leaders)
These people speak for "Big Money" interests, not for freedom
On the internet [sic] (Lowercase), They Spread Misinformation About the Internet
Hugh Grant remembers what happened before he was born
Richard Stallman Was Getting Honorary Doctorates Almost Every Year Until 'Cancel Culture' Stepped in, Distracting From Jeffrey Epstein's Ties to Bill Gates
This finally ended... earlier this year (October)
Self-Deprecating Attacks on RMS
Drew DeVault seems to have deleted all of his social control media accounts
When Bills Are Rising, Whereas the Demand Isn't (OpenAI is Insolvent)
Latest month on record shows traffic fell about 3 times lower than earlier this year
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 01, 2024
IRC logs for Sunday, December 01, 2024
Links 02/12/2024: Climate, Sportwashing, and Software Patents
Links for the day
Gemini Links 02/12/2024: Words and Apologies, Being Rude, and Geminauts 0.1.0 Release
Links for the day
today's howtos
some older leftovers
The Microsoft OSI: All the Latest Blog Posts Are Written by Microsoft Operative Salaried by Microsoft
OSI is truly occupied. Microsoft more or less 'bought' the OSI...
Links 01/12/2024: Russian Police Raiding Gay Bars, Zelensky Wants NATO Membership
Links for the day
Gemini Links 01/12/2024: Recycling and Interest in Computers
Links for the day
Links 01/12/2024: 23andMe's DNA Bubble Imploded, Web Server Survey Shows Microsoft Nosediving
Links for the day
Vulture funds war-gaming Ireland loss of corporation tax revenue, Donald Trump
Reprinted with permission from Daniel Pocock
Gerry Hutch & Debian: suicide by Monk?
Reprinted with permission from Daniel Pocock
Gerry 'The Monk' Hutch: criminals vs geeks, multinationals vs Ireland
Reprinted with permission from Daniel Pocock
"Microsoft suffered the next largest loss, down by 634,406 sites (-3.24%)"
Microsoft is now in only 2 of the 5 tables; over time Microsoft slips out of visibility in more categories
The Post Offices Have Turned Into Trash. They Swallow Packages and Only Spit Them Out If You Get Lucky.
Nom nom nom
Four Years of Videos (Self-Hosted, Not Social Control Multimedia)
Seeing how the "hey hi" (AI) hype spreads to GulagTube and ruins GulagTube, we're glad we need not worry about Google (Gulag) policing our "content" via supposedly 'free' (not really) platforms, such as GulagTube, the social control (multi)media "market leader"
[Meme] Hiding From Bullies Not the Solution
‘The only thing necessary for the triumph [of evil] is for good men to do nothing.’
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 30, 2024
IRC logs for Saturday, November 30, 2024
If You Support Free - is in Freedom/Libre - Software, Then Support the Free Software Foundation (FSF)
2024 was the most productive year so far
CNN's Front Page is About 250 Times Heavier Than Techrights' (Also Far Slower)
Those who value performance and users' experience will give bloat the boot
[Meme] What 'Social Justice Warrior' Has Come to Mean by 2024
People who have long called themselves "SJW" aren't exactly any of those things
We Already Know What Makes Techrights So Attractive to Online Abuse and Cybercrimes
Techrights helps explain how to dismantle the 'cancel culture' against Free software (it also names the key perpetrators)
Microsoft Controlling Apache by Proxy/ies
This is a broader attack on what "Open Source" actually means