He Who Imitates Microsoft Will Suffer from Its Flaw

Dr. Roy Schestowitz

2008-08-28 13:32:12 UTC
Modified: 2008-08-28 13:37:37 UTC

"He Who Controls the Bootloader..."

We have warned before that any imitation of .NET is likely to inherit its problems and the same goes for OOXML. Some of the more severe problems pertain to security.

A new vulnerability has just been found in Mono. This one is funny:

Vulnerability reported by Redhat.

Is that a technical vulnerability only, or also a legal one? Either way, Fedora 10 has no Mono in the Live CD. It's not there anymore.

Early in the week, we also remarked on Novell's support of ActiveX from Microsoft. Carla Schroder is far from impressed.

Nominum Solves Kaminsky Attack, and Novell's iPrint Open to Attack, Say Researchers. What do these stories have in common? I was thinking perhaps institutionalized delusional thinking and incompetence, but maybe I'm being too harsh.

[...]

Lest anyone think I am being too mean to poor old defenseless Novell and Microsoft, I recall ActiveX security advisories almost from its inception back in 1996 or so. What has changed since then, twelve years later? Nothing, as this random recent security bulletin shows:

"Microsoft has released Security Advisory (955179) to describe attacks on a vulnerability in the Microsoft Office Snapshot Viewer ActiveX control. Because no fix is currently available for this vulnerability, please see the Security Advisory and US-CERT Vulnerability Note VU#837785 for workarounds."

So we need to revise the popular "fool me once" saying:

Fool me once, shame on you Fool me twice, shame on me Fool me thousands of times over many years...let's get married!"

Now why is it again that corporate participation is important to FOSS?

When will Novell finally start thinking for itself? It already supports Windows Vista , Internet Explorer, ActiveX, .NET, and XAML (Silverlight). It only helps in spreading the problems and everyone suffers as a result, except Microsoft. ⬆

"Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system..."

--Dennis Fisher, August 7th, 2008

Recent Techrights' Posts

KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term): It only serves to distract from real articles
Did Microsoft 'Buy' Red Hat Without Paying for It? Does It Tell Canonical What to Do Now?: This is what Linus Torvalds once dubbed a "dick-sucking" competition or contest (alluding to Red Hat's promotion of UEFI 'secure boot')
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users: Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading: Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month: Two more doctorate degrees
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024: IRC logs for Wednesday, November 20, 2024
Gemini Links 20/11/2024: Game Recommendations, Schizo Language: Links for the day
Growing Older and Signs of the Site's Maturity: The EPO material remains our top priority
Links 20/11/2024: Politics, Toolkits, and Gemini Journals: Links for the day
Links 20/11/2024: 'The Open Source Definition' and Further Escalations in Ukraine/Russia Battles: Links for the day
[Meme] Many Old Gemini Capsules Go Offline, But So Do Entire Web Sites: Problems cannot be addressed and resolved if merely talking about these problems isn't allowed
Links 20/11/2024: Standing Desks, Broken Cables, and Journalists Attacked Some More: Links for the day
Links 20/11/2024: Debt Issues and Fentanylware (TikTok) Ban: Links for the day
Jérémy Bobbio (Lunar), Magna Carta and Debian Freedoms: RIP: Reprinted with permission from Daniel Pocock
Jérémy Bobbio (Lunar) & Debian: from Frans Pop to Euthanasia: Reprinted with permission from Daniel Pocock
This Article About "AI-Powered" is Itself LLM-Generated Junk: Trying to meet quotas by making fake 'articles' that are - in effect - based on plagiarism?
Recognizing invalid legal judgments: rogue Debianists sought to deceive one of Europe's most neglected regions, Midlands-North-West: Reprinted with permission from Daniel Pocock
Google-funded group distributed invalid Swiss judgment to deceive Midlands-North-West: Reprinted with permission from Daniel Pocock
Gemini Links 20/11/2024: BeagleBone Black and Suicide Rates in Switzerland: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 19, 2024: IRC logs for Tuesday, November 19, 2024
Links 19/11/2024: War on Cables?: Links for the day
Gemini Links 19/11/2024: Private Journals Online and Spirituality: Links for the day
Drew's Development Mailing Lists and Patches to 'Refine' His Attack Pieces Against the FSF's Founder: Way to bury oneself in one's own grave...
The Free Software Foundation is Looking to Raise Nearly Half a Million Dollars by Year's End: And it really needs the money, unlike the EFF which sits on a humongous pile of oligarchs' and GAFAM cash
What IBMers Say About IBM Causing IBMers to Resign (by Making Life Hard/Impossible) and Why Red Hat Was a Waste of Money to Buy: partnering with GAFAM
In Some Countries, Desktop/Laptop Usage Has Fallen to the Point Where Microsoft and Windows (and Intel) Barely Matter Anymore: Microsoft is the next Intel basically
[Meme] The Web Wasn't Always Proprietary Computer Programs Disguised as 'Web Pages': The Web is getting worse each year
Re-de-centralisation Should Be Our Goal: Put the users in charge, not governments and corporations in charge of users
Gemini Links 19/11/2024: Rain Music, ClockworkPi DevTerm, and More: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, November 18, 2024: IRC logs for Monday, November 18, 2024