Bonum Certa Men Certa

The Windows Security Theatre

Airport



Summary: Many security reports from The Register and little more of the rest

McAfee is far from a friend of Free software [1, 2] and its remedies for Windows may sometimes cause more harm than good. Here is a fresh new example of why this paradigm of sold-separately bolted-on security software simply does not work. To quote, "IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan were brought down when the anti-virus program attacked their core system files. In some cases, this caused the machines to display the dreaded blue screen of death."



One of our readers says that "admins use Knoppix to fix borked McAfee antivirus" and he points to this new example where someone suggests: "For servers with BSOD we have used knoppix live cd to move files from quarantine to original place..."

In other news, Microsoft is preparing patches for flaws that enable hijacking of Windows, probably remotely. These flaws are very serious. Some of them are already being actively exploited (without a solution available).

Microsoft on Tuesday plans to release updates patching three critical Windows security vulnerabilities, two of which are already under attack.


Attacks must always precede reaction in Microsoft's case.

Why might this happen? Well, maybe because, according to some more news, Microsoft has knowingly ignored a serious flaw for a year. It is so typical.

Microsoft knew of nasty IE bug a year before attacks



The disclosure comes as attacks targeting the MSVidCtl ActiveX control vulnerability have increased exponentially. On Monday, online ads distributed by through the Giant Realm network on popular gaming websites began including code that exploits the bug, according to security firm ScanSafe. The ads mean that anyone using IE to browse sites such as diii.net and incgamers.com are risk if they run the XP or 2003 versions of Windows and have not yet installed a quick fix.


We have already shown that Microsoft deliberately hides its flaws. Victims of this careless, selfish behaviour are all of us who receive spam from hundreds of millions of Windows zombies. To rephrase the news (The Register again), spam levels have returned to normal.

Victims may include more hospitals too, according to this last bit of news from The Register.

The leader of a malicious hacker collective who used his job as a security guard to breach sensitive Texas hospital computers has been arrested just days before his group planned a "massive DDoS" attack for the July 4 Independence Day holiday.


Hospitals are hit by Windows viruses on a very regular basis this year [1, 2, 3, 4] and according to this article from Sam Varghese Microsoft is profiteering from it.

How Microsoft benefits from Conficker



Microsoft experts were among consultants called in by the council - and they took home some of the €£1.2 million which the body paid out to get the problem resolved. Exactly how much was paid to the different consultants was not divulged.


In reference to some of these shocking figures, one of our readers asks, "What can be bought?" He uses Manchester as an example:

There was a recent article about the UK city of Manchester which just paid nearly $2.5 million in clean up for the Windows worm Conficker. That's one worm in one city.

If we take some numbers for the sake of argument and play with them, what could we buy with $2.5 million.

Say for the sake of argument that top developers (in several fields of computing) and UI designers cost $100,000 apiece including insurance, pensions, equipment and work space rental. That would provide for a team of 10 for 25 years, or a team of 25 for 10 years, etc.

So for a decade, for the same price, Manchester could work out a re-packaging of Fedora and some needed applications:

5 development engineers 5 deployement engineers 5 HCI specialists 10 half-time support 3 full-time support 2 managers / marketeers

The magnitude of the money lost pursuing the Windows ideology is mind-boggling.


Contrary to common belief (mind the interesting comments), Microsoft could really use some money which is made through its own incompetence. The reality of the matter is that Microsoft has faltered for years (even financially) and it now amasses some debt.

But going back to this subject of security, Heise reports show that Apple is no role model either, not with its proprietary, DRM-locked phones.

iPhone 3GS cracked



[...]

The Dev Team are well known for their free iPhone jailbreaking and unlocking tools (QuickPwn, PwnageTool, Yellowsn0W, etc.), however, they have yet to release a tool that's compatible with the 3GS and version 3.0 of the iPhone software.


Symbian faces challenges too. Symbian is still proprietary (in phases of transition).

Security on Symbian mobiles: Early signs of crumbling



[...]

At the recent Pwn2Own 2009 security contest, none of the competitors succeeded in hacking a Symbian mobile.


Free Software Magazine has a good new comic on that subject of security.

Comments

Recent Techrights' Posts

An "Efficient Windows 11 Experience" is Removing a Text Editor (Less than 5 Megabytes in Size) and Adding Chatbots That Require a New PC/Datacentre
Vista 11 24H2 update removes WordPad
 
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting My Wife
In my view, it is a form of overt sexism
[Chart] Chromebooks in Micronesia Grew at the Expense of Microsoft Windows
As of today...
Linus Torvalds Mocked "Cloud Native" in His Latest Talk (Arguing It's Just Hype), 'Linux' Foundation 'Research' (Marketing) Chooses Proprietary Software to Query Its Adopters
The name "Linux" is overused, abused, even grossly misused
Links 29/05/2024: More Arrests of Regime Critics and Hate Crimes
Links for the day
Brittany Day (linuxsecurity.com) Now Leverages Microsoft Chatbots to Promote Microsoft Propaganda Disguised as "Linux"
What Brittany Day does is an attack both on the Web and on Linux
[Meme] Don't Trust Users to Boot Their Own PCs?
UEFI 'secure' boot
Links 29/05/2024: Hack The Box, Why I Left Healthcare, and Chatbots as Health Risk
Links for the day
Gemini Links 29/05/2024: BESM Retro Second Edition and Itanium Day
Links for the day
Azerbaijan: Microsoft Falls From 99.5% to Almost Nothing or Less Than 20% (Windows Down Sharply, GNU/Linux Surges)
Based on statSounter
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 28, 2024
IRC logs for Tuesday, May 28, 2024
The Campaign to 'End' Richard Stallman - Part I - Two Canceled Talks in a Row?
RMS has left Europe, so the concept of "delayed" talk is facetious or deeply cynical
On Desktops/Laptops in Andorra Windows Fell to Less Than Half, 20% If One Counts Mobile as Well
And this is a European country
[Meme] 3 Years Later
If you're going to start a fight, make sure you can handle it
When You Leave a Bad Employer and Move on to Better Things
Perhaps my main mistake was not resigning from my job sooner
No, Your Site Likely Does Not Need WordPress
I was one of the first users of WordPress
GNU/Linux in Cameroon: Rising Steadily While Windows Falls From 99% to Just 6%
If one also counts mobile (mostly Android)
Monkey See, Monkey Share
on deprivation of users
From 0.17% to 10% or More (GNU/Linux in Dominica)
Dominica isn't well known, but it does seem to have embraced Chromebooks in recent years
Links 28/05/2024: Tensions in East Asia, UK Mandatory National Service
Links for the day
Gemini Links 28/05/2024: NetCrawl and Living in Lagrange
Links for the day
Guardian Digital, Inc (linuxsecurity.com) Handed Over Its Web Site to Chatbots That Generate SEO Garbage
They need to be called out on it
statCounter Sees Microsoft Windows at Below 1% in American Samoa
Not even 1%!
Windows Down to 60% of Guam's Desktops/Laptops and Down to a Quarter Overall
No wonder Microsoft is panicking
Today in UEFI 'Secure' Boot Debates (the Frog is Already Boiling and Melting)
Over at LQ today
[Meme] A "Modern" Web's Message in a Bottle
So-called 'security'
Brittany Day: Still Chatbot Slinging, Producing Fake 'Articles' About "Linux"
random garbage produced (and censored) by Microsoft
Almost 4k Gemini Capsules, 5th Anniversary Only Weeks Away
The Web will continue to deteriorate
Microsoft: $1 Million a Day for Contempt of Court Orders (Justice Department)
Microsoft behaves as if it's 100% exempt from laws
Catbodia? In Cambodia, Microsoft's Windows Fell to All-Time Low of Less Than a Quarter.
Cambodia is leaving Microsoft behind
[Meme] Deadnaming
Guess who uses a name that was deprecated well over a decade ago?
[Meme] 'Secure' Boot in a Nutshell
Ask Microsoft if it is "safe" to boot Linux
New Press Report Explains Microsoft Severance and Quiet (Undisclosed) Layoffs
Some people will call this "loophole", whereas others will opine that it is outright illegal (but kept secret to circumvent scrutiny)
Global South is Android/Linux (Windows Era Has Come to an End Already)
I've decided to take a quick glance at South American trends for all operating systems
[Meme] Unified Patent Troll
Unified Patent Court remains illegal and unconstitutional
The European Patent Office is Sinking
Officials (or national delegates) at the European Patent Organisation have long been warned about this (by staff representatives from the European Patent Office), but they ignored the warnings
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting Guest Writers (Intimidation)
Some high-profile people have told me that the serial defamer is a "monster" (their word), so why would Neil Brown wish to help him?
Summer in the Air
We have a good pace going on owing to health, positivity, inertia and good software tools
GNU/Linux Activity in Belize
From an economic point of view, Microsoft needn't worry about Belize, but when it comes to preserving the Windows monopoly/monoculture Belize matters
Links 28/05/2024: Back to MP3, NVIDIA Sued by Authors
Links for the day
Gemini Links 28/05/2024: Bad Beach and TLS
Links for the day
Microsoft Windows Fell From 100% to Just 7.5% in Sierra Leone
Based on statCounter
In Benin, Microsoft's Windows Fell Below 10%, GNU/Linux Surged to 6% or Higher on Desktops/Laptops
That's nearly 7% - a lot higher than the average in Africa
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, May 27, 2024
IRC logs for Monday, May 27, 2024
Delayed Series About Dr. Richard Stallman
A lot of the attacks on him boil down to petty things
[Meme] Elephant in the Asian Room
With ChromeOS included GNU/Linux is at 6% across Asia
GNU/Linux in Bangladesh Up From 0.5% to Over 4% (Windows Slid From 95% to 18%)
Bangladesh is one of the world's most densely-populated countries
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting Several Webhosts (in Collaboration and Conjunction With Mentally-Ill Flunkies)
Every attempt to nuke the current hosting failed, but it's still worth noting
Links 27/05/2024: One Month Left for ICQ, More Openwashing Highlighted
Links for the day
Gemini Links 27/05/2024: Back to GNU/Linux, Librem 5 Assessed
Links for the day
StatCounter (or statCounter) Has Mostly Recovered From a Day's Downtime (Malfunction)
Some of the material we've published based on the statCounter datasets truly annoys Microsofters
Google: We Don't Have Source Diversity, But We Have Chatbot Spew in Place of Sources (and It's Not Even Accurate)
Search engines and news search never looked this bad...
[Meme] Security is Not a Failure to Boot (or Illusion of Security Due to 'Unknown' System)
Red Hat is largely responsible for this mess
What is Secure Boot?
Security means the user feels safe and secure - i.e. confident that the machine would continue to work following a reboot or a system upgrade (or kernel upgrade)
StatCounter (or statCounter) Has Been Broken for Nearly 24 Hours. Who Benefits? Microsoft.
StatCounter is broken right now and has been broken for nearly 24 hours already
Links 27/05/2024: Chatbots Generate Hateful Output, TPM Performance Scrutinised
Links for the day
David Heinemeier Hansson (DHH) Realises What He Should Have Decades Ago
seeing that DHH is moving away from Apple is kind of a big deal
Reinvigorating the Voice of GNU/Linux Users (Not Companies Whose Chiefs Don't Even Use GNU/Linux!)
Scott Ruecker has just announced his return
"Tech" in the Context of Even Bigger Issues
"Tech" (or technology) activism is important; but there's a bigger picture
A Decade of In-Depth Coverage of Corruption at the European Patent Office (EPO)
The world needs transparency and sunlight
Hopefully Not Sunset for StatCounter
We hope that StatCounter will be back soon.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 26, 2024
IRC logs for Sunday, May 26, 2024
Links 27/05/2024: Self-Publishing, Patent Monopolies, and Armed Conflicts
Links for the day
Gemini Links 27/05/2024: Tethering Connection and PFAs
Links for the day
Imagine Canada Enabling Rapists to Harass Their (Rape) Victims
This analogy is applicable because abusers are empowered against the abused