“Looks Like Microsoft is Doing Damage Control on Virus Attacks”

Dr. Roy Schestowitz

2010-08-28 08:09:17 UTC
Modified: 2010-08-29 10:52:29 UTC

Summary: The Internet is at risk of falling further into the hands of centralised authority as problems associated with Windows are named

"It looks like Microsoft is doing damage control on virus attacks and is looking to use their failure to exert yet more control," wrote a reader of ours last night. "Check out the Slashdot blurb, which fails to call out Windows! They outlawed USBs when they should have dumped Windows instead."

For those who want to see the latest cyberwar propaganda (unlike the cost assessments [1, 2]), here's an AFP report. Who's to blame? Well, a new IBM report names Apple and Microsoft as most vulnerable vendors:

IBM's X-Force threat report for the first half of 2010 lists Apple, Microsoft and Adobe Systems as the makers of products with the most vulnerabilities.

These three firms champion proprietary software. What should the Pentagon deduce? Maybe this question is rhetorical. ⬆

"The continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team."

--CIO David Wennergren, Department of Defense (October 2009)

Comments

twitter

2010-09-04 23:20:13

The whitewash continues at Slashdot. An article which contains this text:

Tom Conway, security firm McAfee’s Director of Federal Business Development, doesn’t find it difficult to believe that a foreign government would make use of agent.btz. “Why reveal your trade craft if something that’s widely available on the black market will do the job?” he asks. He is, however, very concerned about what the attack revealed about the state of U.S. military security. “One, the fact that the network was vulnerable shows a lack of governance. Two, it shows that classified information is at risk, not just unclassified. Three, it shows that our adversaries are aware of One and Two.”

is presented with and overall spin Microsoft would be proud of. Basically, they say, this widely reported incident never happened or did not happen in the way it is presented.

Sadly, none of the articles calls out Windows. The whole usb auto-run thing is a Windows problem as are the network issues that make usb keys a must have tool in any Windows environment, not just "battle fields" like the HQ described as the center of the outbreak. The cooperative network of the One Laptop Per Child devices, for example, greatly reduce the need for usb keys and can obviously be scaled up and secured with OpenSSH. Free software is also a lot easier to remotely administer, so you could disable usb keys if any gnu/linux distribution had autorun enabled - most don't even automount and none that I'm familiar with would auto execute binaries.

“Looks Like Microsoft is Doing Damage Control on Virus Attacks”

Comments

Recent Techrights' Posts