Bonum Certa Men Certa

Microsoft Lies About Security

Guerra al capitol



Summary: Security propaganda from Microsoft tackled yet again in light of this week's security FUD against Free software

AS WE showed two years ago, Microsoft knowingly hides security problems in its software and sometimes fixes these problems without reporting it to the public. It can be very frequent a routine. This way, when outsiders compare the number of security problems across different products/vendors, they merely compare apples and oranges (Red Hat and Firefox are popular victims of such disinformation). Microsoft is cheating.



Earlier this week Slashdot revealed that Microsoft's attitude when it comes to security of its on-line services is more or less the same. To make matters worse, Microsoft is trying to gag those who know the truth. From Slashdot's summary:

Microsoft Tries To Censor Bing Vulnerability



Microsoft's bing search engine has a vulnerability with its cash-back promotion, which impacts both merchants and customers. In traditional Microsoft fashion, the company has responded to the author of the breaking bing cashback expoit with a cease & desist letter, rather than by fixing the underlying security problem.


Here is the original post.

The purpose of my post was to show an implementation problem, not to encourage defrauding Microsoft. I am surprised they would go through this much trouble to make me take down information that is obvious to anyone reading their documentation. I don’t like dealing with lawyers, so I’ve decided to comply with their request. The post is gone. I will still write a “non-technical” post on all the problems I see with Bing Cashback in the next few days.


The reason why hundreds of millions of Windows PCs are zombies is not just because of negligent users; it's also because of a company that puts its image and its profits before the safety of computer users. It would shamelessly lie to the public as long as its shareholders' interests are obeyed. Suffice to say, Free software does not have the same inherent deficiency which is a conflict of interests (honesty versus selfishness). Apache is a good example of this.

According to The Register, botmasters have found new ways of sending instructions to Windows zombies. It's not the fault of Google, which merely stores arbitrary strings of texts like many other services.

Cyber criminals' love affair with cloud computing just got steamier with the discovery that Google's AppEngine was tapped to act as the master control channel that feeds commands to large networks of infected computers.


Sadly enough, we are all left at a dangerous state where cyberwar is said to be imminent, with hordes of Windows zombies recruited to such a task.

CBS News reports that cyber war is a reality that, according to cyber experts, the US will have to be prepared for - and soon.


It is worth adding that the US presidency now has the legal power to shut off the Internet and physical bombing of botmasters is one of the proposed strategies shall disaster strike.

“Security -- including national security -- must never be put in proprietary hands.”What does Microsoft do about this? It serves the interests of shareholders, which means pretending that Windows (and other Microsoft products) is secure, even by fabrication and outright lies. Security -- including national security -- must never be put in proprietary hands. It is a recipe for disaster.

One of our readers, pointing to this old gem about password encryption, remarks: "It's pathetic to see how much Gates has been able to hold back computing. His current antics are not new. However, now his antics involve much more outsourced marketing and tremendous investment in lobbying firms."

Related posts:

Comments

Recent Techrights' Posts

The FSF Board and FSF Beard
So the FSF's Board has grown
Law Firms Facing the Consequences for Patently Abusive Litigation on Behalf of Microsoft Employees Who Got Arrested for Strangulation and Had Done Even Worse Things
Having spent 1.5 years bullying me with patronising letters on behalf of Microsofters, last week they got served a massive bill and, in effect, lost the Hearing
LLMs Breaking Everything
Computing and the Net became a playground for scammers and "bros", like people who "invented" fake currencies and also try to tell us that LLMs spewing out things will have some real value
 
Links 22/06/2025: Giving Up on Smartphones and 'Jaws' at 50
Links for the day
Gemini Links 22/06/2025: Furniture Construction and Bubble for Comments
Links for the day
Links 22/06/2025: Windows TCO Tales and YouTube Getting More Hostile to Users
Links for the day
New Report From the EPO's Staff Representatives in The Hague (LSCTH) Reveals Many Unsolved Issues
Local Staff Committee The Hague (LSCTH) wrote to staff just before the weekend
Links 22/06/2025: More Slop Lawsuits (Copyrights) and "America’s Oligarch Problem"
Links for the day
Gemini Links 22/06/2025: Gigantic Toolchest and Annoying Bots
Links for the day
The Calling
Persist and persevere, justice will come your way
So Far Every BetaNews 'Article' is LLM Slop, So BetaNews is Officially Just a Slopfarm
They just don't seem to value what they have
IBM Rumour: Mass Layoffs (RAs) Lists Being Made for Consulting, With Effect in July 2025
Bogus companies with no viable products and no world-leading (in their field) staff are doomed to perish
Links 21/06/2025: Data Breach With 16 Billion Passwords, Dutch Government Recommends Children Under 15 Stay off TikTok and Instagram
Links for the day
Gemini Links 21/06/2025: Notes about Typst (and LaTeX) and Opos
Links for the day
Microsoft's Competition Tactics: Sabotage GNU/Linux Installs, Block Chrome
Edge is dying
1989: Free Software as "Open" Software (OSI Didn't Coin "Open Source", It Also Predates Linux)
"One man's fight for Free software"
The Microsoft OOXML Modus Operandi: Throw 1,000 Pages of Other People's Work for a Judge to Read Ahead of a One-Hour Meeting
No time to discuss this - that's the point
Formalities Officers (FOs) at the EPO Are in Trouble, Reveals Internal Report
We already know, based on an HR pattern we saw at IBM and elsewhere, that reallocating roles can be prerequisite for dismissal and those who do so expect many to resign anyway
The Web is Slop and FUD, Let's Go to Gemini Protocol
Lupa sees self-signed capsules at 92.4%
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 20, 2025
IRC logs for Friday, June 20, 2025
Links 21/06/2025: Phone Bans for Concerts, Tensions in Taiwan Strait
Links for the day
Gemini Links 21/06/2025: Spoilers, Public Yggdrasil Node, Changes to AuraGem Search
Links for the day
"Six years of Gemini!"
From gemini://geminiprotocol.net
Gemini Links 20/06/2025: Summer Updates and Hardware Failures
Links for the day
Links 20/06/2025: Google Shareholder Sues Google and Google Sued for Defamatory Slop ('Hey Hi') Word Salads ('Summaries')
Links for the day
Linux Journal Might Have Become the Latest Slopfarm Targeting "Linux", the Trends Are Concerning for Dying News Sites
They tarnish the Web with junk and then die
On "Learning to Code"
quality may suffer, plus things get bloated
Quick Points Regarding This Week's Court Hearing
it paves the way for us to squash all the SLAPPs from Microsofters
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These
Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer
We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!
Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs
self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt
Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful
The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal
slippery slope
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025
IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!
Links for the day