Bonum Certa Men Certa

Like Teaching Children to 'Smoke' Safely to Reduce Risk of Cancer

No smoking



Summary: "National Cyber Security Awareness Month" is being exploited by a programme that receives the support of Howard Schmidt from Microsoft (now Cyber Security Czar); In it, children aged 11-14 would be taught cyber 'security' rather than insecure parts of the systems simply removed

"The estimated cost of unsolicited emails to businesses in 2007 was $100 billion," wrote lnxwalt earlier today, pointing to this page. The overall cost of Windows botnets that dispatch spam and cause other harm may be measurable on the scale of trillions.



Microsoft is currently alerting customers that ASP.NET is a security problem. We covered this in earlier stages of the problem [1, 2]. It affects a lot of Windows-powered Web sites and last night there was a discussion in IRC about the serious Twitter flaw and whether it affects just Internet Explorer, Windows, and Office users. One newly-published article says:

[T]he worms of yore were so devastating because they could exploit a global monoculture: Microsoft Internet Explorer or Microsoft Word running on Microsoft Windows just about everywhere. This made it far simpler to exploit weaknesses in distant PCs, because the actual architecture was known with a high degree of probability.

With the mouseover mess, we were saved by the wonderfully diverse ecosystem of Twitter clients operating through the Twitter API. This meant that assumptions that were correct for code running on the twitter.com site were not valid elsewhere.

This hammers home once more the importance of avoiding monocultures, and encouraging rich and diverse ecosystems (multicultures?) One of the easiest ways of doing that is to adopt free software alternatives to all the Microsoft warhorses. The open source world being what it is, it is far more varied, not least in terms of versions and applications (critics might even call it fragmented). That makes mass attacks hard, and therefore unlikely, since ne-er-do-wells don't even bother trying when they can just code for Windows.

Open source is certainly not immune to attacks - for example, I fell victim to the mouseover exploit despite using a completely free software stack (thanks, Twitter.com) - but it reduces the risk overall. That means if you are not using it for business, you are increasing that risk - which would be a pretty irresponsible thing to do, no?


On the client side, having Windows cannot help.

Microsoft's former employee Howard Schmidt of now the Cyber Security Czar in the United State (after a recent appointment which we mentioned in [1, 2, 3, 4, 5, 6, 7]) and rather than calling out Windows and making platform recommendations, he does the usual thing by endorsing/giving people unnecessary 'education' about Windows et al. He can't take Windows off schools' agenda where Gates (his former boss) is increasingly taking control, can he? Some PR puppets sent us the following E-mails a short while ago, helping to show how Schmidt and his subordinates try to tackle this problem. Below we put the message, without appending an accompanying press release that we omit.

A free program that brings top cyber security experts into schools to teach kids how to avoid online dangers has received the support of White House Cyber Security Coordinator Howard Schmidt.

The (ISC)2 Safe and Secure Online Program, administered by the world’s largest body of information security professionals, brings experts into schools to teach children ages 11-14 how to protect themselves in a cyber-connected world. Issues addressed include cyber bullying, social networking, online predators, identity theft, online reputation, and more.

Launched in the U.S. in the fall of last year, the program has reached more than 30,000 kids. Just in time for National Cyber Security Awareness Month, the U.S. program now has more than 1,000 cyber expert volunteers signed on to conduct presentations this fall.

Please see full details below. If you would like to know if any schools presentations are taking place near you, or if you would like additional information on the program, please contact me. Thank you.

Juliette Mutzke Maples Communications, Inc.


Schools should not be used to indoctrinate children with presentations on how to use Microsoft software and other products securely (it is often not possible). It is neither effective nor a decent use of school time/budget.

“[W]hen nobody is using Windows, there will be no botnets”

--Professor Eben Moglen, 2010



Comments

Recent Techrights' Posts

UEFI 9/11 Aftermath - Part III: Mr. 'Secure Boot' (Shim) and His Fake 'Holiday' (Sending My Wife and I Threatening E-mails on 9/11)
despite being on holiday, according to him, he finds time to instruct lawyers to contact my wife
Ron Wyden: Microsoft Should be Held Accountable for Security Breaches (He Has Said This for Years Already, It Never Happens)
Negative media coverage isn't a fine and it does nothing to compensate Microsoft's billions of victims
Disable 'Secure Boot' (If It Lets You)
it doesn't put you in control
Longtime Red Hat Staff: Maybe Just Disable 'Secure Boot'
A refreshing take from Adam Williamson
 
It's Still Not to Late to Turn Off "Secure Boot"
If people reboot their PC or server today, and it relies on "Secure Boot" on Sept. 12 or later, then depending on the firmware there may be trouble ahead
Links 12/09/2025: Shira Perlmutter is Back, “Software Per Se” Patent Rejections in In re McFadden
Links for the day
Slopwatch: Linux Plagiarism, Slopfarms Still Infesting Google News, Many Images Are Fake
Google is promoting plagiarism
"This Morning Might Turn Out to be an Interesting One for System Admins Who Haven't Updated Their Devices' Secure Boot Certificate" (If They Reboot)
Who asked for this anyway?
Gemini Links 12/09/2025: Metric System, Dumping Windows, and Software Architecture is Dead
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 11, 2025
IRC logs for Thursday, September 11, 2025
Microsoft Admits the Workers Have Lost Trust (Endless Layoffs, 12-13 Rounds of Layoffs This Year), So Now It's Trotting out Its Peter Bright-Like Media Prop Jordan Novet
What they don't want people to pay attention to right now
Links 11/09/2025: Windows TCO and Russian Drones Invading Poland (EU/NATO)
Links for the day
Gemini Links 11/09/2025: xkcd, misfin, and Alhena 5.3.2
Links for the day
Repetition of Last Summer (Microsoft Breaking Dual-Boot Systems)
UEFI 9/11 is about to kick in
UEFI 'Secure Boot' Boiling Frogs (Cannot Turn Off 'Secure Boot')
"MSI laptop is locked on Secure Boot and doesn't allow me to turn it off"
UEFI 9/11 Aftermath - Part IV: The 'Hulk Hogan of UEFI' and His 'Hideout' Holiday (Retreat From Reality)
Let's keep an eye on what matters
UEFI 9/11 Aftermath - Part II: "The SecureBoot Thing Got Out of Hand."
The next few weeks might be... interesting
UEFI 9/11 Aftermath - Part I: "I Believe This Affects Thousands of Devices... Because Multiple Devices I Checked, Whether Client or Server [...] Affected."
Most people aren't even aware that this is happening or about to happen
The UEFI 9/11 - Part X - An Outline of the Series About Microsoft Sabotaging GNU/Linux (With Ramifications to Unfold Online in Coming Weeks as People Reboot)
Today is UEFI 9/11 (9/11/2025)
Culture of silence: Ubisoft harassment convictions, Mozilla, Sylvestre Ledru & Debian make no comment
Reprinted with permission from Daniel Pocock
Links 11/09/2025: "Hey Hi" Ponzi Schemes at Oracle (Unpaid Contracts) and Cindy Cohn is Leaving the EFF
Links for the day
Gemini Links 11/09/2025: Playdate Console, Dichotomy between the Real and the Digital
Links for the day
A Dozen Observations About "UEFI 9/11" Deflections
What we are expected to see, tentatively
The Microsoft AstroTurfing and Microsoft-Led Blame-Shifting Tactics Are Ahead of Us
Of course it has nothing to do with security, it's about control, i.e. them controlling everything
Celebrating Assassination is Bad Because It Legitimises Assassination of the People You Like, Too
Condoning or even celebrating political assassinations is bad optics (and taste)
The World's Richest Ponzi Scheme (Faking Value Using Net Waste)
The higher they go the harder they fall
We Could Dual-Boot Back in the 1990s, Why Has This Become So Difficult?
And prone to breakage
Being Conditioned to Accept Unreliable Computer Systems That Fail With Black Screen of Death (BSoD)
Welcome to 2025
Slopwatch: Google News is Still Promoting Many Fake Articles About "Linux", in Effect Rewarding Misinformation and Plagiarism
things continue to deteriorate
New Series: The Coup Against GNU/Linux Has Begun
today, this year in particular, we shall also focus on Secure Boot, which is sold based on a lie and tortures many computer user
New Paper on "BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses."
One might say digital "security theatre"
Links 11/09/2025: Oracle Layoffs, Drunk Pilots in Japan Airlines, US-Korea Tensions Grow
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 10, 2025
IRC logs for Wednesday, September 10, 2025
Xubuntu Site Compromised
Let's hope it is not a security breach
Links 10/09/2025: Retaliation at Facebook and Microsoft Reveals Almost 100 Security Holes
Links for the day
Gemini Links 10/09/2025: Annihilation of Self, The Future Eaters, and Leaving Academia
Links for the day
They Say That People Are Afraid of or Worried About "Hey Hi", But the Worriers Should be the Fools Who Invested in It
At the end of the day nobody should worry more than those who invested their money in this bubble
Harassment evidence: franceinfo's Clara Lainé report on Ubisoft prosecution
Reprinted with permission from Daniel Pocock
Links 10/09/2025: Microsoft Layoffs in "RTO" Clothing and Windows TCO, GitHub TCO
Links for the day
Blaming Everything on China
TikTok works for China. GAFAM works for fascists.
People Get Tired of "Hey Hi" (AI), Unlike the Subservient Money-Obsessed Media That Gets Paid to Pretend This Bubble Still Matters
"crash will be way bigger than dot.com burst in 90s. and that was Internet, actually transformative technology, not this expensive AI toy with direct dependency on the energy input which is not scalable"
Brett Wilson LLP Accepts That the Serial Strangler From Microsoft Filed a Case That Also Implicates My Wife (Everything is Connected)
They used to pretend that there were two separate cases
10 Reasons to Disable (or Enable) UEFI Secure Boot
Tomorrow the "trusted corporation" Microsoft will see a certificate expire
Gemini Links 10/09/2025: Hospital and Large Feeds
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 09, 2025
IRC logs for Tuesday, September 09, 2025
The Bluewashing of Red Hat is Being Completed, Many Staff Understand They'll be Made Redundant
Jim AllowHurst (Whitehurst) is meanwhile promoting Microsoft's agenda from within other companies
Throwing Away "Old" Computers (Mozilla and Other Climate Deniers)
Mozilla is not leftist