Bonum Certa Men Certa
Microsoft and Novell Starve in Land of Buybacks | Links 08/08/2008: More GNU/Linux Laptops, New Kernels

Another Reason to Avoid Mono: Security

"At Microsoft I learned the truth about ActiveX and COM and I got very interested in it inmediately [sic]."

--Miguel de Icaza



For reasons and factors that make OOXML not secure, Mono is a security hazard as well. For those who are not yet convinced, there is this brand-new article which highlights the architectural failures of .NET and their impact on security. Read it.



Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.


Also in the news today is this alarming issue of 7 "critical" flaws (the highest level of severity) in Microsoft software.

Does anyone want GNU/Linux to inherit this nightmare? Is this something which belongs in the operating system which NASA, the NSA and the Department of Defense use? What about the cost implications? Beyond the issue of acquisition cost also exist the costs of maintenance, repair, and damage control. Losses incurred by leaks (espionage) and data loss are sometimes invaluable.

A few hours ago, one reader sent us the following message regarding the consequences of poor security.



Note that the bad engineering promoted by Bill Gates and his movement is probably costing Joe Sixpack upwards of 8 hours lost effort per week from malware, instability and poor interoperability. With the US in the economic situation it is in, that may be enough to knock the floor out of the recession. The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.

“The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.”Until recently, Microsoft people have been able to stifle security information. However, the EFF's recent win paves the way forward for better technology to become more visible.

I look forward to the seeing Back-To-School Security Packets in Walmart, Best Buy, and others consisting of Xubuntu CDs.

The last 10 years have shown us nothing if not that FOSS helps make your business more recession-proof.

What we have here is an old and odd spin trotted out yet another time. The spin tries to be negative, but at the end of the day, use of FOSS has boosted the economy there by some $60 billion on unnecessary sunk costs.

Further, since were FOSS tends to lead, it leads due to better performance, quality, interoperability and maintenance, not just cost. So that leads to secondary and tertiary savings. After all, if the IT team is not having to spend all its time chasing fires, it can be far more than $60 billion in savings once the total cost of ownership is settled.

Sure a small wedge of the software sellers might have lost, but the large part of the pie consists of software users. We win here.

____ 1) "EFF Wins Protection for Security Researchers" (2007)

2) "Vista's Security Rendered Completely Useless by New Exploit" (2008) "... a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista..." "... the work is a major breakthrough and there is very little that Microsoft can do to fix the problems..."

3) "This Bug Man Is a Pest" (2008) "...His syllabus is partly a veiled attack on McAfee, Symantec and their ilk, whose $100 consumer products he sees as mostly useless. If college students can beat these antivirus programs, he argues, what good are they for the people and businesses spending nearly $5 billion a year on them? ..."

4) "USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius" (2007)



For those wondering about highly-restrained criticism of Microsoft/Windows security, a mandatory background would be the smear campaigns against security researchers. Smear campaigns are something that Microsoft is intimately familiar with [1, 2, 3, 4, 5, 6, 7, 8, 9]. Remember the Geer saga, too [1, 2] (little more in [1, 2, 3]). He lost his job for saying the truth about Microsoft's security shortcomings and the horrific state of the Web, caused largely by Microsoft and its back doors.
Microsoft and Novell Starve in Land of Buybacks | Links 08/08/2008: More GNU/Linux Laptops, New Kernels

Recent Techrights' Posts

IBM Culling Workers or Pushing Them Out (So That It's Not Framed as Layoffs), Red Hat Mentioned Repeatedly Only Hours Ago
We all know what "reorg" means in the C-suite
Free Software Foundation Subpoenaed by Serial GPL Infringers
These attacks on software freedom are subsidised by serial GPL infringers
Publicly Posting in Social Control Media About Oneself Makes It Public Information
sheer hypocrisy on privacy is evident in the Debian mailing lists
 
Embrace, Extend, Replace the Original (Or Just Hijack the Word 'Sudo')
First comment? A Microsoft employee
Gemini Links 02/05/2024: Firewall Rules Etiquette and Self Host All The Things
Links for the day
Red Hat/IBM Crybullies, GNOME Foundation Bankruptcy, and Microsoft Moles (Operatives) Inside Debian
reminder of the dangers of Microsoft moles inside Debian
PsyOps 007: Paul Tagliamonte wanted Debian Press Team to have license to kill
Reprinted with permission from disguised.work
IBM Raleigh Layoffs (Home of Red Hat)
The former CEO left the company exactly a month ago
Paul R. Tagliamonte, the Pentagon and backstabbing Jacob Appelbaum, part B
Reprinted with permission from disguised.work
Links 01/05/2024: Surveillance and Hadopi, Russia Clones Wikipedia
Links for the day
Links 01/05/2024: FCC Takes on Illegal Data Sharing, Google Layoffs Expand
Links for the day
Links 01/05/2024: Calendaring, Spring Idleness, and Ads
Links for the day
Paul Tagliamonte & Debian: White House, Pentagon, USDS and anti-RMS mob ringleader
Reprinted with permission from disguised.work
Jacob Appelbaum character assassination was pushed from the White House
Reprinted with permission from disguised.work
Why We Revisit the Jacob Appelbaum Story (Demonised and Punished Behind the Scenes by Pentagon Contractor Inside Debian)
If people who got raped are reporting to Twitter instead of reporting to cops, then there's something deeply flawed
Red Hat's Official Web Site is Promoting Microsoft
we're seeing similar things at Canonical's Ubuntu.com
Enrico Zini & Debian: falsified harassment claims
Reprinted with permission from disguised.work
European Parliament Elections 2024: Daniel Pocock Running as an Independent Candidate
I became aware that Daniel Pocock had decided to enter politics
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 30, 2024
IRC logs for Tuesday, April 30, 2024
[Meme] Sometimes Torvalds and RMS Agree on Things
hype around chatbots
[Video] Linus Torvalds on 'Hilarious' AI Hype: "I Hate the Hype" and "I Don't Want to be Part of the Hype", "You Need to Be a Bit Cynical About This Whole Hype Cycle"
Linus Torvalds on LLMs
Colin Watson, Steve McIntyre & Debian, Ubuntu cover-up mission after Frans Pop suicide
Reprinted with permission from disguised.work
Links 30/04/2024: Wireless Carriers Selling Customer Location Data, Facebook Posts Causing Trouble
Links for the day
Frans Pop suicide and Ubuntu grievances
Reprinted with permission from disguised.work
Links 30/04/2024: More Google Layoffs (Wide-Ranging)
Links for the day
Fresh Rumours of Impending Mass Layoffs at IBM Red Hat
"IBM filed a W.A.R.N with the state of North Carolina. That only means one thing."
Workers' Right to Disconnect Won't Matter If Such a Right Isn't Properly Enforced
I was always "on-call" and my main role or function was being "on-call" in case of incidents
Mark Shuttleworth's (MS's) Canonical is Promoting Microsoft This Week (Surveillance Slanted as 'Confidential')
Who runs Canonical these days? Why does Canonical help sell Windows?
A Discussion About Suicides in Science and Technology (Including Debian and the European Patent Office)
In Debian, there is a long history of deaths, suicides, and mysterious disappearances
Federal News Network is Corrupt, It Runs Propaganda Pieces for Microsoft
Federal News Network used to be OK some years ago
What Mark Shuttleworth and Canonical Can to Remedy the Damage Done to Frans Pop's Family
Mr. Shuttleworth and Canonical as a company can at the very least apologise for putting undue pressure
Amnesty International & Debian Day suicides comparison
Reprinted with permission from disguised.work
[Meme] A Way to Get No Real Work Done
Walter White looking at phone: Your changes could not be saved to device
Modern Measures of 'Productivity' Boil Down to Time Wasting and Misguided Measurements/Yardsticks
People are forgetting the value of nature and other human beings
Countries That Beat the United States at RSF's World Press Freedom Index (After US Plunged Some More)
The United States (US) was 17 when these rankings started in 2002
Record Productivity and Preserving People's Past on the Net
We're very productive these days, partly owing to online news slowing down (less time spent on curating Daily Links)
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, April 29, 2024
IRC logs for Monday, April 29, 2024
Links 30/04/2024: Malaysian and Russian Governments Crack Down on Journalists
Links for the day
Frans Pop Debian Day suicide, Ubuntu, Google and the DEP-5 machine-readable copyright file
Reprinted with permission from disguised.work
Axel Beckert (ETH Zurich), the mentality of sexual violence on campus
Reprinted with permission from Daniel Pocock
[Meme] Russian Reversal
Mark Shuttleworth: In Soviet Russia's spacecraft... Man exploits peasants
Frans Pop & Debian suicide denial
Reprinted with permission from disguised.work
Hard Evidence Reinforces Suspicion That Mark Shuttleworth May Have Worked Volunteers to Death
Today we start re-publishing articles that contain unaltered E-mails