Novell and Microsoft Insecurity a Joint venture

Dr. Roy Schestowitz

2008-09-04 18:56:59 UTC
Modified: 2008-09-04 18:57:34 UTC

How secure is Novell's software? The answer is that it depends on Microsoft, whose insecure-by-design frameworks Novell is embracing. Moreover, as another reminder of an old issue, former Novell staff is now securing Windows and striving to make Windows more secure than GNU/Linux.

So go ahead, make my day: ignore the popularity of AppArmor in the user community, keep blocking AppArmor from inclusion in Linus’ kernel. If all I have to do is make Windows security easier and more effective to deploy than SELinux, then my job is practically done for me J

Novell's Achilles heel in security is probably its embrace of Microsoft's ActiveX (not to mention .NET and and XAML) if reports like this one are something to go by.

Security-wise, time is no cure. Microsoft's Windows Vista remains the same overburdened and insecure operating system that it has been from the very start. The hypnosis and the lies continue though, judging by some of the very latest.

Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is “very unlikely.”

According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

It's part of a pattern of patch/flaw hiding. ⬆

Free University of Bozen-Bolzano Proud to Host Free Software Talk by Richard Stallman: ahead of Monday's talk
Slopwatch: Anti-Linux Machine-Generated FUD (LLM Slop) From GBHackers, CybersecurityNews, and Guardian Digital, Inc (Google News Promotes Slop Plagiarism, Misinformation): Companies that lie try to drown out the signal with falsehoods
Report About February Mass Layoffs at Microsoft (Third Wave of Microsoft Layoffs in 2025) Comes Back From the Dead: Yesterday we wrote about an article in CRN (reporting Microsoft layoffs) being removed without any reasons specified
Links 21/02/2025: Myanmar Scam Centre and Disruptions at USPTO: Links for the day
Links 21/02/2025: Linux Foundation Openwashing, Microsoft Copilot Goes Down: Links for the day
Links 21/02/2025: Doomscrolling and European Ham Radio Show: Links for the day
Links 21/02/2025: TikTok Layoffs, WebOS Software Patents in Bad Hands: Links for the day
Gemini Links 21/02/2025: Web Browsers, Mechanical Shortcuts, and Internet Hygiene: Links for the day
Richard Stallman 'Only' Founded the FSF: there's no reason to be upset at the FSF for keeping their founder in the Board
Techrights Disconnected From the United States Two Years Ago: Did people really need to wait for the US government to become this hostile towards the media before recognising the threat?
Before Trying Censorship by Extortion the Serial Strangler From Microsoft Literally Begged Us to Delete Pages: This is very clearly just a broad campaign of intimidation
Hype Watch: Weeks After Microsoft Disappointed Investors With "Hey Hi" It's Trying Some "Quantum" Hype (Adding Impractical Vapourware to Accompany This Hype and Even LLM Slop in 'News' Clothing): Remember "metaverse"? What happened to media hype about "blockchain" and "IoT"?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, February 20, 2025: IRC logs for Thursday, February 20, 2025
gbhackers.com is Not Hackers, It's LLM Slop Outputs (Fake 'Articles') That Attack 'True Hackers': A site called linuxsecurity.com keeps doing this and now we see the slopfarm gbhackers.com doing the same
Gemini Links 20/02/2025: Law of Warming and Cooling, Health, and Devlog: Links for the day
linuxsecurity.com Continues to Spread Lies or Machine-Generated FUD (Microsoft LLMs Likely the Source) About OpenSSH and Linux: this LLM problem is global
Links 20/02/2025: Microsoft Infosys Layoffs and IRS Layoffs (Good News for Rich Tax Evaders): Links for the day
IBM Layoffs in Europe Already Happening or Underway (UK and Spain). They Try Not to Call These "Layoffs".: "CIO" in particular was repeatedly mentioned lately, as was Consulting
People Who Came From Microsoft Demanding Removal of Articles About Them, About Microsoft, and About Microsoft GitHub is "Generous" (According to Them): Imagine choosing a law firm that borrows money in the same year just to avoid overdraft in the bank!
Possibly a Third Round of Mass Layoffs at Microsoft in 2025 ("Cloud Solution Architects, Customer Roles"), Report Removed or Censored: This is literally the top story for "microsoft layoffs" right now
Instead of 'DoS Protection' Cloudflare is Allegedly Conducting 'DoS Attacks' on Users of Browsers Other Than Firefox and GAFAM's DRM Sandboxes (Chrome, Safari and Others): If you value the Web, you will avoid Cloudflare
Mixing Real With Fake in One 'Article' (by "Director of Content, Help Net Security"): From what we can gather, he got machines to generate some slop for him
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 19, 2025: IRC logs for Wednesday, February 19, 2025
Gemini Links 19/02/2025: FreeDOS abd Botfloods: Links for the day
Microsoft Has "Made the Customer the Product.": it's very likely this comment was made by a Microsoft employee
GNU/Linux and Android Trump Microsoft in Saudi Arabia, Bing Down Since the LLM Hype/Hysteria Began: Microsoft leaves a lot of money on the table
The Interplay Between Free Software and Journalism Based on Truths, Suppressed Facts: Honest people can be transparent. Dishonest, rogue people rely on a lack of it.
FSF Talk: "Free Software Teaching Materials" by Dr. Miriam Bastian: Software Freedom is rooted in philosophy but it's about technical solutions
IBM's CEO Has Become a Stochastic Buzzword-Generating Machine: The current CEO is extremely unpopular
Chicago Transit Authority Has Dumped Twitter (X), As Did Many Others Without Announcing It (Due to Fear of Right-Wing Mobs): If you don't have an account in Gab, then you probably should not have one in "X", either
How-To Geek Sort of Supersedes MakeUseOf (MUO) for GNU/Linux Coverage: some writers from MakeUseOf (MUO) have been migrated to a sister publication
New Year's Resolutions Scoreboard: The goal is to improve clarity, accessibility, speed, and accuracy
Sites Reporting Crimes and Getting Harassed for Reporting Crimes: you cannot just ignore those who constantly seek to harass
Links 19/02/2025: Science, Hardware, and Digital Restrictions (DRM) Striking Again at eBooks: Links for the day
Zizian, transgender, Google & Debian open source extremist cult phenomena: Reprinted with permission from Daniel Pocock
Links 19/02/2025: The Forgotten USB Competitor and Pope's Bilateral Pneumonia: Links for the day
Gemini Links 19/02/2025: AuraRepo and Offpunk: Links for the day
Slopwatch: Wayne Williams is Making Up for His Workers' Slop Party, LinuxSecurity.com Still Publishes Fake Articles: We must identify and call out the culprits
“Open Source” Really Does Miss the Point, We Can Do Better Than That: We need to reject groups of people who promote Microsoft GitHub (proprietary) and call that "Open Source"
Red Hat's Bluewashing to be Further Completed This Year: Do not wait for some announcement from redhat.com - it's already covered by IBM
Links 19/02/2025: Organisations Quitting Social Control Media, Windows TCO Illustrated Some More: Links for the day
The Free Software Foundation is More Financially Independent From Large Corporations Right Now: Money that comes with strings attached to it is always problematic
The Free Software Foundation's Position on IBM Taking Red Hat Enterprise Linux 'Private' is Articulated Almost 2 Years Late: The Free Software Foundation finally spoke out about this issue
Techrights Publication Topics: One thing we'd like to do more of is Software Freedom advocacy
Springtime Layoffs at IBM (2025) and Statement From IBM European Works Council: It's about cost-cutting, even if such cuts doom the company
Microsoft Paying People Who Harass and SLAPP Techrights, Demanding Censorship: At this point the money trail leads directly to Microsoft
It's Not Even Hidden Anymore: Microsoft is Passing Bribes for Media to Publish Puff Pieces About Itself: GeekWire is paid by Microsoft to publish many puff pieces (even outright lies) about Microsoft
Dr. Andy Farnell on a Death to Efficiency and Cash: Cash is not the same as "digital cash", which isn't even remotely the same
Links 19/02/2025: Political Roundup and Halifax Wants to Dump Twitter ("X"): Links for the day
Gemini Links 18/02/2025: Beginning Meditation, Poison as Praxis, and Blogging: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 18, 2025: IRC logs for Tuesday, February 18, 2025

Novell and Microsoft Insecurity a Joint venture

Recent Techrights' Posts