Bonum Certa Men Certa
Microsoft and Novell Starve in Land of Buybacks | Links 08/08/2008: More GNU/Linux Laptops, New Kernels

Another Reason to Avoid Mono: Security

"At Microsoft I learned the truth about ActiveX and COM and I got very interested in it inmediately [sic]."

--Miguel de Icaza



For reasons and factors that make OOXML not secure, Mono is a security hazard as well. For those who are not yet convinced, there is this brand-new article which highlights the architectural failures of .NET and their impact on security. Read it.



Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.


Also in the news today is this alarming issue of 7 "critical" flaws (the highest level of severity) in Microsoft software.

Does anyone want GNU/Linux to inherit this nightmare? Is this something which belongs in the operating system which NASA, the NSA and the Department of Defense use? What about the cost implications? Beyond the issue of acquisition cost also exist the costs of maintenance, repair, and damage control. Losses incurred by leaks (espionage) and data loss are sometimes invaluable.

A few hours ago, one reader sent us the following message regarding the consequences of poor security.



Note that the bad engineering promoted by Bill Gates and his movement is probably costing Joe Sixpack upwards of 8 hours lost effort per week from malware, instability and poor interoperability. With the US in the economic situation it is in, that may be enough to knock the floor out of the recession. The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.

“The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.”Until recently, Microsoft people have been able to stifle security information. However, the EFF's recent win paves the way forward for better technology to become more visible.

I look forward to the seeing Back-To-School Security Packets in Walmart, Best Buy, and others consisting of Xubuntu CDs.

The last 10 years have shown us nothing if not that FOSS helps make your business more recession-proof.

What we have here is an old and odd spin trotted out yet another time. The spin tries to be negative, but at the end of the day, use of FOSS has boosted the economy there by some $60 billion on unnecessary sunk costs.

Further, since were FOSS tends to lead, it leads due to better performance, quality, interoperability and maintenance, not just cost. So that leads to secondary and tertiary savings. After all, if the IT team is not having to spend all its time chasing fires, it can be far more than $60 billion in savings once the total cost of ownership is settled.

Sure a small wedge of the software sellers might have lost, but the large part of the pie consists of software users. We win here.

____ 1) "EFF Wins Protection for Security Researchers" (2007)

2) "Vista's Security Rendered Completely Useless by New Exploit" (2008) "... a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista..." "... the work is a major breakthrough and there is very little that Microsoft can do to fix the problems..."

3) "This Bug Man Is a Pest" (2008) "...His syllabus is partly a veiled attack on McAfee, Symantec and their ilk, whose $100 consumer products he sees as mostly useless. If college students can beat these antivirus programs, he argues, what good are they for the people and businesses spending nearly $5 billion a year on them? ..."

4) "USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius" (2007)



For those wondering about highly-restrained criticism of Microsoft/Windows security, a mandatory background would be the smear campaigns against security researchers. Smear campaigns are something that Microsoft is intimately familiar with [1, 2, 3, 4, 5, 6, 7, 8, 9]. Remember the Geer saga, too [1, 2] (little more in [1, 2, 3]). He lost his job for saying the truth about Microsoft's security shortcomings and the horrific state of the Web, caused largely by Microsoft and its back doors.
Microsoft and Novell Starve in Land of Buybacks | Links 08/08/2008: More GNU/Linux Laptops, New Kernels

Recent Techrights' Posts

It's Not a GAFAM World Anymore and There Are Far More Operating Systems Than Google's, Apple's, and Microsoft's
we're not getting the full picture of what's happening
Microsoft's XBox is Going Away Like Microsoft's Skype (Slowly But Surely, Then All at Once)
XBox is dying rapidly
Codecs and Software Patents - Part IV - Things Got So Bad That Some Laptop Sales Got Banned in the EU (Over Software Patents!)
If software patents lead to such severe outcomes, shouldn't the media pay closer attention to the problem?
 
Over 97% of the 'Linux' Foundation's Budget Goes Not to Linux
There is a term for this: mission creep
Cloudflare is a Giant Pile of Debt, Now There Are Mass Layoffs and Media Coverage About This is Churnalism, Sometimes by Slopfarms (False Excuses)
If Cloudflare goes under, it'll be great news
NDAs as a Price Tag on Criticism (or Honest Expressions of Opinion)
What ever happened to accountability? Suppressed by reverse bribes (via NDAs)?
Internal Microsoft Communications Confirm: "Buyout" Offer Worse Than a Year's Salary and Microsoft Offers "Retirement" to Young People Who Cannot Retire
Does that sound like a good offer or marching orders?
Site Overhauls at Cybershow and at analognowhere.com (Less is More!)
They seem to be replacing the heavy PHP backend with static HTML pages
The Corrupt Lecture the Non-Corrupt - Part XVI - EPO Had Data Breaches, Covered Them Up, Now Lectures Staff That Didn't Do It and Didn't Cover It Up
Imagine what would happen to staff if (non-anonymously) blowing the whistle on management leaking and then covering up EPO data breaches
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 07, 2026
IRC logs for Thursday, May 07, 2026
Mass Layoffs at IBM's Kyndryl, Slop Won't Save Kyndryl
Kyndryl is a "done deal". It's done. It's finished.
Kyndryl Holdings Inc Falls Almost 15% in 2 Days, What Does That Tell Us About IBM?
The "Big Blue" 'shell game' isn't working
Companies That Say They Are "Hey Hi" (AI) Leaders Don't Really Do Well, They Have Mass Layoffs Because Hype and Storytelling Won't Live Up to Shareholders' Expectations
Microsoft's investment in slop is not going well
Gemini Links 07/05/2026: Unicode and "RSS 4 Noobs (Getting Started)"
Links for the day
During IBM's Annual Event/Bash IBM's Stock Fell to (Almost) Lowest Level in a Year, Insiders Explain "IBM is on the Brink of Collapse."
Anthropic - like IBM - pays the media for puff pieces, exaggerations, and obvious vapourware
Servers Became "Cloud", VR Became "Metaverse", Now Bots Become "Agents" (of Slop)
Changing the name of things won't prevent rejection, only delay the negative reaction some more
Links 07/05/2026: "The ‘Perfect Storm’ Hanging Over Britain’s Public Debt" and "Internet Shutdowns Spread in Africa"
Links for the day
OSI Partners With Microsoft to Help Pretend Proprietary (GitHub) 'Celebrates' Open Source
And a Microsoft operative announced this as well
Links 07/05/2026: "Most Vibe-coded (Slop) Tools Are Not for You" and "Prepare for the PCB Shortage"
Links for the day
SLAPP Censorship - Part 69 Out of 200: Microsoft's Graveley Strangles, Gets Arrested, Charged, Then Asks for Apology From Those Who Reported It by Recycling Garrett's Plea for Apology
Garrett realised that his "funny" lawsuit wasn't so funny anymore
Codecs and Software Patents - Part III - AOMedia Video 1 (AV1) and Antitrust Issues
As we'll show in later parts, this already results in bans of some hardware sales in Europe
The Corrupt Lecture the Non-Corrupt - Part XV - Talking About Responsibility and Accountability While Failing to Hold Themselves Accountable
what outlet is there for justice or for the Rule of Law?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 06, 2026
IRC logs for Wednesday, May 06, 2026
Gemini Links 07/05/2026: Dissociated Jekyll And Hyde, New Antenna 2.0.0
Links for the day
Google Slop Contains Serious Errors, Google Has Just Been Sued for 1.5 Million Dollars by One Victim of It
If he wins, the floodgates will open for millions of other people
Keeping Server Costs Under Control in Age of Zombie-Majority Net
The Web has become such a sordid mess not just due to chatbots and LLM bots
People Work for Microsoft Because They Fear No Other Company Would Hire Them
Why do people still work at Microsoft?
The Register MS Does "Microsoft Says", Fails to Accept XBox is Dying and Slop is a Failure
The real news today isn't some tweets from Microsoft
IBM Seems to be Imitating the European Patent Office's "Young Professionals" (YPs) With Client Innovation Center (CIC), Which is About Mass-Hiring Inexperienced People on Very Low Salaries (Sometimes Unlivable)
So the future of IBM now is college students without experiences?
IBM Spammers With LLM Slop Discourage Discussion About IBM Problems and Layoffs
they would likely not bother had those discussions not hurt IBM's management [...] There is a similar problem this year in IRC
The Register MS is All About MS After the Site Overhaul, Now They Are a Platform of "Microsoft Says"
They rewrite history for sponsors [...] Microsoft says. Hence, it must be true!
Pop the Slop Bubble, Don't Ask When It'll Pop or Expect Others to Pop It for You
It has all along been sold on a lie and it relied a great deal on corrupted (captured) media which played along with deliberate lies because it got paid to do this [...] The slop bubble is similar to the fake-coins bubble
SLAPP Censorship - Part 68 Out of 200: Based on Their Particulars of Claims, Microsoft's Graveley and Garrett Seem Like the Same Person (Exactly Same Words Used, Sloppily Recycled)
almost identical (even a description of who they are and how they feel)
The Operating Systems statCounter Cannot Identify or Classify
Is it possible that statCounter just cannot properly decipher and classify systems brought by and controlled by eastern Asia as opposed to Europe and North America?
Gartner Group Paid The Register MS. And Now The Register MS is a "Gartner Says" Rag.
Follow the money
IBM Allegedly Used Apptio to Target and Sack (RA) Productive or 'Expensive' Employees, Are Apptio Staff Now Subjected to Layoffs?
Apptio is one of several companies that IBM buys only to sink together with the IBM boat, RMS Watson
Gemini Links 06/05/2026: "Who Knows That You Blog?" and New Official Antenna by Michael Nordmeyer
Links for the day
Links 06/05/2026: Apple Accepts That It Misled People on Slop and Begins Blocking Software/Games Made With Slop
Links for the day
Microsoft's XBox Exodus Carries on: Corporate VP of Gaming Ecosystem Organization and Corporate VP of XBox Devices and Ecosystem Both Leave Microsoft
Don't expect what's left of the media to properly report the true scale of the XBox cuts and executive-level departures
Codecs and Software Patents - Part II - AV1 and HEVC Not Really Safe
We are, in effect, looking at a sort of cartel (like the one which came out of Germany with MP3)
The Corrupt Lecture the Non-Corrupt - Part XIV - Antisemitism Inside the EPO
A sensitive topic for the European Patent Office (EPO)
Gemini Links 06/05/2026: Childhood Memories, Intense People, and Natural Web Exploration
Links for the day
Links 06/05/2026: Narges Mohammadi in Critical Condition and Copyright Infringement Rampant in Reddit
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 05, 2026
IRC logs for Tuesday, May 05, 2026