Another Misdirected Response from the Government to the Company “Not Engineered for Security”

Dr. Roy Schestowitz

2010-02-07 10:03:56 UTC
Modified: 2010-02-07 10:03:56 UTC

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive

Summary: Another terrible month for Microsoft insecurity and the government is still unable to respond sensibly to the threat

YESTERDAY we wrote about Microsoft's lobbying for an Internet "Driver's Licence" policy. Rather than blocking the real culprit (Windows) it might only block BSD and GNU/Linux. More importantly, it would resolve absolutely nothing for the reasons just explained by Mike Masnick:

And an internet driver's license is even more ridiculous. Unlike a car, the internet is something that people have to use all the time. No driver's license is going to stop people from getting suckered by scammers.

Exactly. And what does the US government do? Rather than mimic Australia's plan to ban many Windows machines [1, 2], the US government throws some more money into "research". US taxpayers will once again pay for Microsoft's incompetence, just like in Germany.

The US House of Representatives has overwhelmingly passed a bill that would direct almost $400m toward research designed to shore up the nation's cybersecurity defenses.

Microsoft's software will never be secure. Microsoft itself has admitted that its "products just aren't engineered for security." Based on the news, there is yet another Internet Explorer flaw:

CURSED BY ITS HAIRBALL CODE, Microsoft has released another security warning relating to a bug in Internet Explorer.

There have been so many such flaws recently [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12] that it's hard to keep track of which is which. Many are highly severe and there was also an IE flaw reported just the day after Microsoft had released an emergency IE patch (for a flaw it knew about and willingly ignored for almost 6 months, demonstrating Microsoft's negligence [1, 2, 3] and infinite arrogance).

Based on CNET, Microsoft is to bring patches for no less than 26 holes next week:

Microsoft will patch 26 holes next week, including critical ones in Windows, one affecting the kernel of 32-bit versions, and several holes in Office, the company said Thursday in a preview of its Patch Tuesday.

That's just a lower bound though. As we already know, Microsoft is patching many flaws without even telling the public in order to embellish its public record. This is a company of systematic liars, a company that is unable to make secure software, let alone patch it in a responsible (and timely) fashion. Had the government tried to resolve its security issues, then it would impose and use greater pressure to move to UNIX and Linux [1, 2]. ⬆

Comments

Jose_X

2010-02-08 03:03:56

Anyone know who is getting what fraction of the $400 cybersecurity money? If Linux is represented, then a "drop Windows wherever possible" as a solution might get proposed. Is the MS related cyberchief (iirc) in charge of accepting proposals?

Free Software Foundation Subpoenaed by Serial GPL Infringers: These attacks on software freedom are subsidised by serial GPL infringers
Publicly Posting in Social Control Media About Oneself Makes It Public Information: sheer hypocrisy on privacy is evident in the Debian mailing lists
Frans Pop suicide and Ubuntu grievances: Reprinted with permission from disguised.work
Workers' Right to Disconnect Won't Matter If Such a Right Isn't Properly Enforced: I was always "on-call" and my main role or function was being "on-call" in case of incidents
A Discussion About Suicides in Science and Technology (Including Debian and the European Patent Office): In Debian, there is a long history of deaths, suicides, and mysterious disappearances
Federal News Network is Corrupt, It Runs Propaganda Pieces for Microsoft: Federal News Network used to be OK some years ago
Links 01/05/2024: FCC Takes on Illegal Data Sharing, Google Layoffs Expand: Links for the day
Links 01/05/2024: Calendaring, Spring Idleness, and Ads: Links for the day
Paul Tagliamonte & Debian: White House, Pentagon, USDS and anti-RMS mob ringleader: Reprinted with permission from disguised.work
Jacob Appelbaum character assassination was pushed from the White House: Reprinted with permission from disguised.work
Why We Revisit the Jacob Appelbaum Story (Demonised and Punished Behind the Scenes by Pentagon Contractor Inside Debian): If people who got raped are reporting to Twitter instead of reporting to cops, then there's something deeply flawed
Red Hat's Official Web Site is Promoting Microsoft: we're seeing similar things at Canonical's Ubuntu.com
Enrico Zini & Debian: falsified harassment claims: Reprinted with permission from disguised.work
European Parliament Elections 2024: Daniel Pocock Running as an Independent Candidate: I became aware that Daniel Pocock had decided to enter politics
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 30, 2024: IRC logs for Tuesday, April 30, 2024
[Meme] Sometimes Torvalds and RMS Agree on Things: hype around chatbots
[Video] Linus Torvalds on 'Hilarious' AI Hype: "I Hate the Hype" and "I Don't Want to be Part of the Hype", "You Need to Be a Bit Cynical About This Whole Hype Cycle": Linus Torvalds on LLMs
Colin Watson, Steve McIntyre & Debian, Ubuntu cover-up mission after Frans Pop suicide: Reprinted with permission from disguised.work
Links 30/04/2024: Wireless Carriers Selling Customer Location Data, Facebook Posts Causing Trouble: Links for the day
Links 30/04/2024: More Google Layoffs (Wide-Ranging): Links for the day
Fresh Rumours of Impending Mass Layoffs at IBM Red Hat: "IBM filed a W.A.R.N with the state of North Carolina. That only means one thing."
Mark Shuttleworth's (MS's) Canonical is Promoting Microsoft This Week (Surveillance Slanted as 'Confidential'): Who runs Canonical these days? Why does Canonical help sell Windows?
What Mark Shuttleworth and Canonical Can to Remedy the Damage Done to Frans Pop's Family: Mr. Shuttleworth and Canonical as a company can at the very least apologise for putting undue pressure
Amnesty International & Debian Day suicides comparison: Reprinted with permission from disguised.work
[Meme] A Way to Get No Real Work Done: Walter White looking at phone: Your changes could not be saved to device
Modern Measures of 'Productivity' Boil Down to Time Wasting and Misguided Measurements/Yardsticks: People are forgetting the value of nature and other human beings
Countries That Beat the United States at RSF's World Press Freedom Index (After US Plunged Some More): The United States (US) was 17 when these rankings started in 2002
Record Productivity and Preserving People's Past on the Net: We're very productive these days, partly owing to online news slowing down (less time spent on curating Daily Links)
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, April 29, 2024: IRC logs for Monday, April 29, 2024
Links 30/04/2024: Malaysian and Russian Governments Crack Down on Journalists: Links for the day
Frans Pop Debian Day suicide, Ubuntu, Google and the DEP-5 machine-readable copyright file: Reprinted with permission from disguised.work
Axel Beckert (ETH Zurich), the mentality of sexual violence on campus: Reprinted with permission from Daniel Pocock
[Meme] Russian Reversal: Mark Shuttleworth: In Soviet Russia's spacecraft... Man exploits peasants
Frans Pop & Debian suicide denial: Reprinted with permission from disguised.work
Hard Evidence Reinforces Suspicion That Mark Shuttleworth May Have Worked Volunteers to Death: Today we start re-publishing articles that contain unaltered E-mails
The Real Threats to Society Include Software Patents and the Corporations That Promote Them: The OIN issue isn't a new one and many recognise this by now
Links 30/04/2024: OpenBSD and Enterprise Cloaking Device: Links for the day
Microsoft Still Owes Over 100 Billion Dollars and It Cannot be Paid Back Using 'Goodwill': Meanwhile, Microsoft's cash at hand (in the bank) nearly halved in the past year.
[Teaser] Ubuntu Cover-up After Death: Attack the messenger
The Cyber Show Explains What CCTV is About: CCTV does not typically resolve crime
[Video] Ignore Buzzwords and Pay Attention to Attacks on Software Developers: AI in the Machine Learning sense is nothing new
Outline of Themes to Cover in the Coming Weeks: We're accelerating coverage and increasing focus on suppressed topics
[Video] Not Everyone Claiming to Protect the Vulnerable is Being Honest: "Diversity" bursaries aren't always what they seem to be
[Video] Enshittification of the Media, of the Web, and of Computing in General: It manifests itself in altered conditions and expectations
[Meme] Write Code 100% of the Time: IBM: Produce code for us till we buy the community... And never use "bad words" like "master" and "slave" (pioneered by IBM itself in the computing context)
[Video] How Much Will It Take for Most People to Realise "Open Source" Became Just Openwashing (Proprietary Giants Exploiting Cost-Free or Unpaid 'Human Resources')?: turning "Open Source" into proprietary software
Freedom of Speech... Let's Ban All Software Freedom Speeches?: There's a moral panic over people trying to actually control their computing
Richard Stallman's Talk in Spain Canceled (at Short Notice): So it seems to have been canceled very fast
Links 29/04/2024: "AI" Hype Deflated, Economies Slow Down Further: Links for the day
Gemini Links 29/04/2024: Gopher Experiment and Profectus Alpha 0.9: Links for the day
[Video] Why Microsoft is by Far the Biggest Foe of Computer Security (Clue: It Profits From Security Failings): Microsoft is infiltrating policy-making bodies, ensuring real security is never pursued
Debian 'Cabal' (via SPI) Tried to Silence or 'Cancel' Daniel Pocock at DNS Level. It Didn't Work. It Backfired as the Material Received Even More Visibility.: know the truth about modern slavery
Lucas Nussbaum & Debian attempted exploit of OVH Hosting insider: Reprinted with permission from disguised.work
Software in the Public Interest (SPI) is Not a Friend of Freedom: We'll shortly reproduce two older articles from disguised.work
Harassment Against My Wife Continues: Drug addict versus family of Techrights authors
Syria, John Lennon & Debian WIPO panel appointed: Reprinted with permission from disguised.work
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, April 28, 2024: IRC logs for Sunday, April 28, 2024
[Video] GNU and Linux Everywhere (Except by Name): In a sense, Linux already has over 50% of the world's "OS" market

Another Misdirected Response from the Government to the Company “Not Engineered for Security”

Comments

Recent Techrights' Posts