Eye on Microsoft: Windows Security News

Dr. Roy Schestowitz

2009-08-25 23:58:08 UTC
Modified: 2009-08-25 23:58:08 UTC

Summary: Another day, another expected problem

● Why Windows security is awful

A friend of mine suggested that I should include as boilerplate in my security stories, a line like: "Of course, if you were running desktop Linux or using a Mac, you wouldn't have this problem." She's got a point. Windows is now, always has been, and always will be insecure. Here's why.

First, desktop Windows stands firmly on a foundation as a stand-alone PC operating system. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2009 and Windows 7.

[...]

It also doesn't help any that Microsoft's data formats can be used to hold active programming code. Microsoft Office formats are commonly used to transmit malware. Microsoft's latest Office 2010 tries to deal with this by blocking all but read access to documents or 'sandboxing' them.. Since you can't edit a sandboxed document, I'm sure that's going to go over really well. Of course, what will actually happen is that users won't use the sandbox utility, and they'll just spread malware instead.

● 55,000 Web sites hacked to serve up malware cocktail

Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.

The High Cost of Making Scepticism of Proprietary Voting Machines a "Trump" and "Conspiracy Theory" Territory: Time to get back to paper? Or read an old paper?
Today We Got an Early Birthday Gift: Exciting times
[Meme] Going Too Far to the Left Can Breed Militant Ideology: Some people can never be appeased because they prefer not to be appeased
FSF Expressed No Preference Regarding Presidential Candidates (Its Founder Did): Because he is a principled person, he does not prioritise loyalty to customers or employers (money)
Who Next on the Linux Foundation's 'Kill List'?: Remember that only about 2% of the "Linux" Foundation's budget goes to Linux
[Meme] Questioning Proprietary Software? Not OK...: A disaster long in the making
Links 07/11/2024: HTTP/3, Health Research, and Punditry: Links for the day
Gemini Links 07/11/2024: On Writing Publicly and Record Player Table: Links for the day
Open Source Security Foundation (OpenSSF) Hosted SOSS as Microsoft Propaganda Platform With Microsoft Front Group OSI: They essentially promote what they're attacking under false pretences [...] OSI is deeply corrupt. It's more toxic than arsenic.
Anti-Linux FUD, Now in LLM Form, Thanks to Brittany Day: They attack Linux with chatbots
[Meme] When You Discredit People Who Discredit Secret Code: proprietary systems with hundreds of millions of transistors (and hundreds of millions of lines of code)
Links 07/11/2024: Online Manipulation in Social Control Media, Election Deniers, and More: Links for the day
Gemini Links 07/11/2024: emacs-guix and File Hoarding: Links for the day
[Meme] Election Day at the European Patent Office: Less than 60 minutes left to cast your vote
Staff Union of the European Patent Office (SUEPO) Election Ending Today: In one hour
[Meme] When the Patent Office Does Illegal Things and Staff Speaks Out: many leaks received today
Apple's Debt Has Skyrocketed While Gimmicks Like Vision Pro Failed: In Apple's case, the debt is almost double the "Cash on Hand", which isn't even cash
A President Trump is Excellent News to Microsoft: His racist policies gave lots of contracts to Microsoft
Links 07/11/2024: Facebook Scams, Journalists on Strike: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 06, 2024: IRC logs for Wednesday, November 06, 2024
Microsoft-Connected Publishers Want Us to Think That Linux is Some Sort of a Virus and a "Backdoor": "The problem is with windows and the attack vector is via Windows"
We've Made it to 18! Here's to Another 18!: Going on for another 18 years means until some time at the end of 2042
Links 07/11/2024: Political Angst and Laptop Issues: Links for the day
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com): They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses: Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement: Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors): Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns): Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too): Where are the competition authorities (or regulators for that matter)?
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa: In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux": Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions: Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en: Links for the day
Would You Trust a Liar?: Why lie about the authorship?
Mass Layoffs at Mozilla Announced During US Elections: Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played": There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait): US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication: KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed: Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024: IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux: Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security': As a meme
Sanctions Cause Fragmentation in Software: some Chinese Linux developers are already subjected to restrictions similar to Russians'
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam): Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism: Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician: Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter: Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day: just one more day
Birthday Tomorrow: Many cakes and drinks are ready; we're one day away now
The Internet is Failing to Protect Democratic Processes and Human Knowledge: Amplifying lies, rewarding plagiarists
Links 05/11/2024: Criminal Referrals Regarding Patent Trolls and Disinformation About the Election Process (Already): Links for the day
Gemini Links 05/11/2024: 'App' Needed for Parking, NNCP, Gomphotherium: Links for the day
How Voting Does Not Work: You cannot vote from an "app"
Saving the Planet With Honesty, Transparency, and Sharing (Not Only of Computer Code): GAFAM is destroying the only habitat humans and other animals have and it'll only get worse
Disinformation About Election Outcomes Even Before Any Election Outcomes (or Election/Voting!): seeding doubt about election outcomes
Links 05/11/2024: Bluesky and Enshittification, Pugad Baboy, and Lots of Disinformation Flooding the Web: Links for the day
[Meme] Sweaty Under the Belly: "OK, my critics are 'spam'"
Microsoft Bribing Canonical (to Stop Competing) and Bribing Users to Shun the Competition: Canonical is worth shunning
[Meme] The 2024 'Info Bros': And prehistoric googling
Computers Getting Worse (for the User) Over Time: This is like Windows-ism coming to "Linux" through the hardware
[Meme] How NOT to Vote: Another form of (mostly-unspoken-of) election interference
An LLM Inside a 'Search' Engine Means That Companies Tell You What They Want, Not What Web Pages to Visit: The future of 'googling' things might be as unreliable as using Social Control Media as a source of information
Google's Debt Has Increased and 'Cash on Hand' Fell by 22.27% This Past Year: These are the numbers that the corporate media intentionally leaves out
Against Outsourcing of Sites and E-mail: Software Freedom is great, but it is not enough if you let someone else do it 'for you'
Drew DeVault: People Talking About My Attack Site (Against the Founder of GNU/Linux) is "Spam": "Spam on sr.ht mailing lists"
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, November 04, 2024: IRC logs for Monday, November 04, 2024
There's a Reason Why Techrights is Turning 18 and Tux Machines Will Turn 20.5 Next Month: I started advocating GNU/Linux when I was a teenager
"Oppose the Fascist": what the founder of GNU/Linux said
Techrights Has a Long History of Fighting to Expose 'Team Mono' or Microsofters Inside GNOME: Never downplay the malice of Microsoft and its operatives
Halloween, All Saints Day & Swiss citizenship: Reprinted with permission from Daniel Pocock
Gemini Links 05/11/2024: Halloween Over, Intention and Implementation, Bookmark Syncing: Links for the day

Eye on Microsoft: Windows Security News

Recent Techrights' Posts