Bonum Certa Men Certa

He Who Imitates Microsoft Will Suffer from Its Flaw

"He Who Controls the Bootloader..."

We have warned before that any imitation of .NET is likely to inherit its problems and the same goes for OOXML. Some of the more severe problems pertain to security.



A new vulnerability has just been found in Mono. This one is funny:

Vulnerability reported by Redhat.


Is that a technical vulnerability only, or also a legal one? Either way, Fedora 10 has no Mono in the Live CD. It's not there anymore.

Early in the week, we also remarked on Novell's support of ActiveX from Microsoft. Carla Schroder is far from impressed.

Nominum Solves Kaminsky Attack, and Novell's iPrint Open to Attack, Say Researchers. What do these stories have in common? I was thinking perhaps institutionalized delusional thinking and incompetence, but maybe I'm being too harsh.

[...]

Lest anyone think I am being too mean to poor old defenseless Novell and Microsoft, I recall ActiveX security advisories almost from its inception back in 1996 or so. What has changed since then, twelve years later? Nothing, as this random recent security bulletin shows:

"Microsoft has released Security Advisory (955179) to describe attacks on a vulnerability in the Microsoft Office Snapshot Viewer ActiveX control. Because no fix is currently available for this vulnerability, please see the Security Advisory and US-CERT Vulnerability Note VU#837785 for workarounds."

So we need to revise the popular "fool me once" saying:

Fool me once, shame on you Fool me twice, shame on me Fool me thousands of times over many years...let's get married!"

Now why is it again that corporate participation is important to FOSS?


When will Novell finally start thinking for itself? It already supports Windows Vista , Internet Explorer, ActiveX, .NET, and XAML (Silverlight). It only helps in spreading the problems and everyone suffers as a result, except Microsoft.

"Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system..."

--Dennis Fisher, August 7th, 2008

Recent Techrights' Posts

[Video] Trainline Finally Issues a Refund, But It Took 9 Days and Showed How 'Modern' Systems Fail Travelers
They treat people like a bunch of animals or cattle, not like valuable customers
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, April 12, 2024
IRC logs for Friday, April 12, 2024
Google, FSFE & Child labor
Reprinted with permission from the Free Software Fellowship
Links 13/04/2024: Huawei and Loongson PCs, IBM Layoffs
Links for the day
Gemini Links 13/04/2024: Specification Changes and Metaverse Newbie
Links for the day
Links 12/04/2024: Big Brother in the Workplace and Profectus Browser Alpha 0.3
Links for the day
WIPO UDRP D2024-0770 Debian vendetta response
Reprinted with permission from Daniel Pocock
Links 12/04/2024: Reporters Without Borders Rep Kicked Out of Hong Kong
Links for the day
Gemini Links 12/04/2024: Funny Thing, Manual Scripts, and More
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, April 11, 2024
IRC logs for Thursday, April 11, 2024
DebConf22 Kosovo segregation of women exposed
Reprinted with permission from disguised.work
Links 11/04/2024: Web Diversity and More Crackdowns in Russia
Links for the day
Gemini Links 11/04/2024: Activity and Motivation in Geminispace, gwit Implementations
Links for the day
First They Came for Iranian Developers...
Red Hat/IBM and 'cancel culture'
[Video] A Debian Project Leader Needs to Also be a Technical Project Leader
We do not vouch for one (or none) horse in this race
Aggressive Efforts (and Threats) for Those Who Speak About What Happened in the Balkans
Acting in this way in an effort to censor people typically results in a second scandal on top of the original scandal
How Kosovo won DebConf21
Reprinted with permission from Daniel Pocock
[Video] How the Media Blamed SSH and Linux (for Nearly a Whole Fortnight!) Instead of Microsoft's GitHub and Systemd
Microsoft-connected sites have said a whole bunch of lies
Anzacathon: a hackathon for Anzac day at home
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 10, 2024
IRC logs for Wednesday, April 10, 2024
On Julian Assange, Now 5 Years in Belmarsh Prison: The Good News, the Bad News, and Ugly Noise
Some time this spring (or summer) we'll revisit the Appelbaum case