Bonum Certa Men Certa

Microsoft Windows as Matter of National Insecurity

Lock



Summary: Security news roundup

THE United States military is repeatedly being invaded by crackers (example from December). This is caused by the use of Windows and the latest incident too alludes to the failure of anti-virus software, which gives clues away.

Anti-U.S. Hackers Infiltrate Army Servers



[...]

The hacks are troubling in that they appear to have rendered useless supposedly sophisticated Defense Department tools and procedures designed to prevent such breaches. The department and its branches spend millions of dollars each year on pricey security and antivirus software and employ legions of experts to deploy and manage the tools.


When foreign enemies enter your premises and access your data -- especially in an age of modern warfare -- this can be critical. As the following new article from The New York Times suggests, choice of software and its maintenance can determine winners or losers in a dispute or even war. Weapons become digital.

The Pentagon plans to create a new military command for cyberspace, administration officials said Thursday, stepping up preparations by the armed forces to conduct both offensive and defensive computer warfare.

[...]

“It’s the domestic spying problem writ large,” one senior intelligence official said recently. “These attacks start in other countries, but they know no borders. So how do you fight them if you can’t act both inside and outside the United States?”


Looking elsewhere in the news, Microsoft now acknowledges that its software is under attack and there is no patch available to fix this. Coverage includes:

The Register: Critical Windows vulnerability under attack, Microsoft warns

Microsoft has warned of a critical security bug in older versions of its Windows operating system that is already being exploited in the wild to remotely execute malware on vulnerable machines.


Heise: Microsoft warns about critical DirectShow vulnerability

Microsoft has found a critical vulnerability in the DirectX library for Quicktime video playback, and it appears that the flaw is now being actively exploited. The software giant has issued a security advisory which contains quite detailed information about the vulnerability.


It is rather surprising that the Obama administration even considers Windows for its operations, especially gives that the army is moving from Windows to GNU/Linux (mostly Red Hat), for security reasons at the very least. Todd Bishop makes the following new claim:

Obama reforming online security



[...]

The government report (PDF) cites Microsoft repeatedly, but not in a bad way. Instead, it refers to testimony and research from the Redmond company to back up its contention that sweeping changes are needed in government coordination.


Given that Microsoft -- with help from its front, the BSA -- put its staff on top of the Department of Homeland Security [1, 2, 3], such an outcome should not be so shocking. In fact, given the lobbying and pressure Microsoft puts on the Democrats [1, 2, 3, 4, 5, 6, 7, 8], decisions that are driven by favours rather than rationale are only to be expected.

Comments

Recent Techrights' Posts

Google: We Don't Have Source Diversity, But We Have Chatbot Spew in Place of Sources (and It's Not Even Accurate)
Search engines and news search never looked this bad...
[Meme] Security is Not a Failure to Boot (or Illusion of Security Due to 'Unknown' System)
Red Hat is largely responsible for this mess
What is Secure Boot?
Security means the user feels safe and secure - i.e. confident that the machine would continue to work following a reboot or a system upgrade (or kernel upgrade)
Links 27/05/2024: Chatbots Generate Hateful Output, TPM Performance Scrutinised
Links for the day
David Heinemeier Hansson (DHH) Realises What He Should Have Decades Ago
seeing that DHH is moving away from Apple is kind of a big deal
 
Links 27/05/2024: One Month Left for ICQ, More Openwashing Highlighted
Links for the day
Gemini Links 27/05/2024: Back to GNU/Linux, Librem 5 Assessed
Links for the day
StatCounter (or statCounter) Has Mostly Recovered From a Day's Downtime (Malfunction)
Some of the material we've published based on the statCounter datasets truly annoys Microsofters
StatCounter (or statCounter) Has Been Broken for Nearly 24 Hours. Who Benefits? Microsoft.
StatCounter is broken right now and has been broken for nearly 24 hours already
Reinvigorating the Voice of GNU/Linux Users (Not Companies Whose Chiefs Don't Even Use GNU/Linux!)
Scott Ruecker has just announced his return
"Tech" in the Context of Even Bigger Issues
"Tech" (or technology) activism is important; but there's a bigger picture
A Decade of In-Depth Coverage of Corruption at the European Patent Office (EPO)
The world needs transparency and sunlight
Delayed Series About Dr. Richard Stallman
A lot of the attacks on him boil down to petty things
Hopefully Not Sunset for StatCounter
We hope that StatCounter will be back soon.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 26, 2024
IRC logs for Sunday, May 26, 2024
Links 27/05/2024: Self-Publishing, Patent Monopolies, and Armed Conflicts
Links for the day
Gemini Links 27/05/2024: Tethering Connection and PFAs
Links for the day
Imagine Canada Enabling Rapists to Harass Their (Rape) Victims
This analogy is applicable because abusers are empowered against the abused
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting My Old "Tweets"
This was basically an act of vandalism no better and no worse than UEFI restricted boot
Links 26/05/2024: Google 'Search' Morphing Into Disinformation Factory, Discussion of Maze of the Prison Industrial Complex
Links for the day
In the Pacific (Mostly Islands Around Oceania) GNU/Linux Grew a Lot
Microsoft cannot compete fairly
A Toast to Tux Machines
Food ready for the party, no photos yet...
IBM/Red Hat Failing to Meet Its WARN Obligations in NC (STATE OF NORTH CAROLINA), or Perhaps It's Constantly Delaying the Layoffs
IBM isn't named even once
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 25, 2024
IRC logs for Saturday, May 25, 2024
GNU/Linux in Greenland
The sharp increases for GNU/Linux started last summer
The Sheer Absurdity of the EPO's Career System Explained by EPO Staff
"Staff representation has previously pointed this out to management, and the career system has been the reason for several industrial actions and litigation cases initiated by SUEPO."
[Meme] Productivity Champ Nellie Simon: It Takes Me 3+ Weeks to Write 6 Paragraphs
Congrats to Nellie Simon!
It Took EPO Management 3+ Weeks to Respond to a Letter About an Urgent Problem (Defunding of EPO Staff)
The funny thing about it is that Nellie Simon expects examiners to work day and night (which is illegal) while she herself takes 3+ weeks to write a 1-page letter
Staff Union of the EPO (SUEPO) in The Hague Taking Action to Rectify Cuts to Families of Workers
they "are active in challenging this measure via the legal system"
Links 25/05/2024: Microsoft Adds More DRM (Screenshot Blocking), Another Microsoft Outage Takes Down Everything
Links for the day
Gemini Links 25/05/2024: "Bill Smugs" and OpenBSD Mirror Over Tor / I2P
Links for the day
Microsoft #1 in Gaming Layoffs, Laid Off Workers Receive Another Insult From Microsoft
Many of them never chose to work for Microsoft
In New Caledonia Windows is Now Below 30% (It Used to be Over 90%)
Microsoft's Windows absolutely collapsing and the measures are relatively stable
Forget About India's and Pakistan's Nuclear Weapons and Armament Race, They Need to Abscond Windows and Microsoft (Security Swiss Cheese)
Both countries would be wise to remove Windows as soon as possible, irrespective of the local party politics
statCounter: GNU/Linux Rose From 0.2% to Over 3% in Pakistan
GNU/Linux "proper" (i.e. not ChromeOS) has the lion's share
Red tape: farmer concerns eerily similar to Debian suicide cluster deaths
Reprinted with permission from Daniel Pocock
Galway street artists support social media concerns
Reprinted with permission from Daniel Pocock
Links 25/05/2024: Section 230 and Right of Publicity Violations by Microsoft (Which Attacks Performance Artists)
Links for the day
[Meme] No Microsoft
For fun!
Microsoft Windows Falls to New Lows in Poland
It may mean people delete Windows from relatively new PC
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: An Introduction
The campaign of coercion (or worse) started in 2021
The "D" in Debian Stands for Dictatorship That Extends to Censorship at DNS Level
Of course the registrar, which charged for domains until 2025, just went along with it
Cybersecurity and Infrastructure Security Agency (CISA) Getting Stacked by Microsoft
it lets Microsoft write policies
The Parasitic Nature of Microsoft Contracts
Stop feeding the beast
Gemini Links 25/05/2024: Emacs Windows 2000 Screenshots and Little Languages
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 24, 2024
IRC logs for Friday, May 24, 2024