British Government Owned by Crackers Thanks to Microsoft
- Dr. Roy Schestowitz
- 2010-10-16 20:00:27 UTC
- Modified: 2010-10-16 20:00:27 UTC
Summary: Microsoft dependency is said to be behind poor decisions from the GCHQ and the Tories, whose Windows site is said to have just been compromised by 4chan
Conficker is back in the headlines. Yesterday it had the following in the British press:
-
I recently asked Rodney Joffe, chief technologist at Neustar, four-decade industry veteran and chair of the Conficker working group, about why he founded UltraDNS and implemented IP Anycast.
[...]
On October 21, 2002, a DDoS attack was launched against the root name servers. The ones that survived were those that had quietly switched in the background to using Anycast. When a more powerful DDoS against the root servers occurred in 2007, only the two root servers that had yet to switch to Anycast were laid low.
-
Licat infects .EXE, .DLL and .HTML files on infected systems. The malware also generates around 800 pseudo-random domains a day, which it contacts in order to attempt to download new malware code.
-
Hackers claim to have pwned the official website belonging to the UK Conservative Party.
Details on the 4chan website, where they discussed the supposed attack, were sketchy, but they claimed the site was vulnerable to a SQL injection exploit. An email to The Reg claimed the site had been defaced, but at time of writing, there was no proof, and the site appeared to be working normally.
The Tory Web site is
Microsoft-based. Glyn Moody complains that the Government Communications Headquarters is also
clueless with its attitude towards Microsoft's stack:
Instead of this blind faith in ever-bigger Patch Tuesdays, have those boffins at GCHQ ever thought of turning to software like GNU/Linux that is rather less vulnerable to all those nasty, malicious emails in the first place?
The fact that GCHQ makes no mention of this option means one of two things. Either it is terminally clueless, and we can expect the country's computing infrastructure to be taken out on a regular basis in the future (hello Stuxnet 2.0), or else GCHQ is actually being dead cunning here - pretending to be terminally clueless by wittering on about Microsoft patches to mislead attackers, but secretly swapping out all those vulnerable Windows systems as fast as they can, so that the infrastructure is inherently more secure.
For more about Stuxnet see:
- Ralph Langner Says Windows Malware Possibly Designed to Derail Iran's Nuclear Programme
- Windows Viruses Can be Politically Motivated Sometimes
- Who Needs Windows Back Doors When It's So Insecure?
- Windows Insecurity Becomes a Political Issue
- Windows, Stuxnet, and Public Stoning
- Stuxnet Grows Beyond Siemens-Windows Infections
- Has BP Already Abandoned Windows?
- Reports: Apple to Charge for (Security) Updates
- Windows Viruses Can be Politically Motivated Sometimes
- New Flaw in Windows Facilitates More DDOS Attacks
- Siemens is Bad for Industry, Partly Due to Microsoft
- Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
- Microsoft's Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
- Microsoft Software: a Darwin Test for Incompetence
- Bad September for Microsoft Security, Symantec Buyout Rumours
- Microsoft Claims Credit for Failing in Security
- Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
- Windows Users Still Under Attack From Stuxnet, Halo, and Zeus
- EU Concerns Highlight Need to Remove Windows From the Network
- Guest Article: Windows NT and the Deepwater Horizon
It's no surprise that the British government is deluded about Microsoft security when the
MSBBC publishes Microsoft propaganda and
the same Microsoft propaganda comes from Lance Whitney of Microsoft TechNet Magazine. By controlling coverage Microsoft sells the impression that those security troubles are not its fault and not serious either.
⬆
