Bonum Certa Men Certa

MSBBC Cracked, Canadian Government Cracked, Microsoft Blames Users, and .NET-based Aviation System Crashes

When system crashes can lead to plane crashes

Aeroplane



Summary: Another atrocious week for Microsoft's security and reliability record

"Thanks to Windows’ built-in insecurity, its easy to create huge Windows botnets," wrote the honourable SJVN a few days ago. It is widely recognised that Microsoft is largely responsible for many of Windows' security failings, but Microsoft pressures journalists not to call out Windows using techniques that we covered here before.



MSBBC's music sites have just been cracked and they turned hostile towards site visitors who use Windows. As the report puts it, "other top name insecurity vendors like Sophos, McAfee and even Microsoft's anti-virus tools didn't register the hack at all. That is an appalling detection rate from both free and paid-for anti-virus kits and, as of yesterday, Websense reckoned the anti-virus toolkits were still vulnerable." This is just a Windows problem and someone who informed us that the Canadian government had just been cracked too says that 99% of the systems there run Windows (we cannot verify this claim, but if anyone can, please leave a comment).

It is unclear whether the attackers managed to compromise other departmental computer networks, including those that contain Canadians’ sensitive personal information such as tax and health records.

Once the attack was detected, government cybersecurity officials immediately shut down all internet access in both departments in an attempt to stop stolen information from being sent back to the hackers over the net.


It is obvious what's happening here. A suicidal dependence on poor systems (such as Windows) is a crucial factor that can easily affect national security or suspend emergency services like dispatch of ambulances. The latter new example speaks of Windows viruses leading to a likely loss of lives (although disruption to service is denied by the face-saving officials). What is Microsoft's response to all of this? As we noted yesterday, the company's lobbyist from the government [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13] is trying to blame the users and there are strong responses to it again, such as:

Microsoft Vice President Scott Charney, a longtime advocate of a coordinated approach to cybersecurity, describes a vision of Internet health:
"We broke Windows. It's your problem now."

At least, that's how I interpret his comments. Charney wants to have users pass a kind of "health test" for their computer before they can use web services.

"Security is not a problem that can be addressed fully by individual consumers, or even individual companies or governments. That is what led to the development of my public health model proposal, which calls for collective defense against cyber threats," he said.

Charney uses a public health model to support his new idea. Basically, in order to access web services (say, your bank - or cloud services, maybe even social networking like Facebook) you first need to let the provider run their virus check on your computer. Intrusive? I think so. Would you let a web site run their code (virus scan) on your machine before you are allowed to use their web application? I think I smell more malware coming.


Charney's appalling remarks are also mentioned by Lia Timson at ITWire and Lia's colleague Sam Varghese, who writes:

Passing the buck is a game at which Microsoft is adept. In the computer security industry, one needs to have tons of chutzpah to hold others responsible for one's own security stuff-ups.

The good folk at Redmond possess this quality in spades.

Probably the best example of chutzpah that I can recall came from a young Bill Gates many years ago when the company was getting off the starting blocks. As Paul Allen, the other co-founder, had also taken up a job as head of software at MITs, the maker of the Altair, Gates argued that since he was working for Microsoft only and Allen was dividing his time, he (Gates) should have 64 percent of the founders' shares and Allen should only get 36 percent.

Shortly after the division was done this way, young Bill went to MITs founder Ed Roberts and got a job there as well, for $US10 an hour. Microsoft's culture has always been defined by Gates.

Scott Charney's comments at the ongoing RSA conference are a good example of the blithe manner in which Microsoft tries to force the rest of the world to carry the can for the abysmal security of its products.

The monoculture otherwise known as Windows is in the main responsible for the plethora of viruses, worms, malware, scumware and other such $wares that plague the internet. DDoS attacks come, more often than not, from armies of Windows machines grouped in a botnet.

Sure, there are other operating systems involved too but they are in a minority. A very small minority. Windows is the main problem and everyone, his/her dog, his/her cat and his/her goldfish is aware of that.


Dr. Glyn Moody links to the article "Microsoft has a change of heart on how to keep Internet safe" and he adds: "or how about if Microsoft just wrote some decent code?"

"Will Virgin do the same thing as LSE following this daunting incident?"Yes, journalists too recognise that this is Microsoft's fault, as stated at the beginning. The gullible, weak ones just bend to Microsoft PR agents and deceive the public about it. These are the sorts of people who do the scaremongering regarding "cyber war" so that companies like Microsoft and suppressive regimes can find good excuses for taking more control over people's computers, spying on PCs of Windows users for example.

There is another timely example of the failed design of Microsoft software. It's a major .NET failure just like the ones in LSE (a former Microsoft poster child). Not so long ago it turned out that a plane crash had been caused by Windows malware (with Microsoft boosters blaming IBM in vain [1, 2]) and amid other plane crashes and downtimes in airports [1, 2] it became evident that Microsoft belongs nowhere near aviation. Virgin made the mistake of going with Microsoft and watch what happens:

This latest computer crash, which looks to be as serious as the 2010 fiasco, will place more question marks around the integrity and robustness of the .NET based Navitaire New Skies system which claims to be able to handle load spikes and scale easily as passenger volumes increase.

The crash also raises questions about the level of redundancy built into Navitaire, which is supposed to provide back-up systems in the event of failure.


Will Virgin do the same thing as LSE following this daunting incident?

Comments

Recent Techrights' Posts

The Free Software Foundation (FSF) Has Un-cancelled the Best People, Just in Time for the Big 4-0
Mr. Oliva should have been there all along (since 2019)
Most "Modern" Technology Makes You Slower and Dumber
Because proprietary software makes you worse off
"What Comes After Free Software?" Wrongly Insinuates We've Reached the Goal (Prison is Not the Goal)
The oil tycoons use similar tactics against environmentalists, giving them fake "wins"
Making More Work Space
I learned the hard way that less is more in circumstances where more means distraction
MAHA is a Lie, Public Officials Never Valued Citizens' Health (They Still Value Private Businesses, Their Sponsors)
Reject demagogues
New Techrights Turns 2
Today starts the third year of the SSG-based Techrights
What Scares Them the Most is Independent News Sites That They Cannot Control and Censor
Wikileaks was a good example of this
If You Don't Control Your Online Platform, Then Someone Else is Controlling You
be (or become) independent
 
Links 23/09/2025: Japan Limits Uses of Skinnerboxes ('Smartphones') With Toxic "Apps", Fentanylware (TikTok) Tapped by "MAGAts"
Links for the day
Brett Wilson LLP Has Just Been Sued (by Their Own Clients!)
Vladimir and Alla Yanpolsky sued Brett Wilson LLP in BL-2025-001167 at the end of last week
The Complaint About Brett Wilson LLP - Part II - UK SLAPPs for Americans, SLAPPs for Profit
Brett Wilson LLP has a track record of this kind
Mayday: Optus emergency calling crisis
Reprinted with permission from Daniel Pocock
Links 23/09/2025: Massive Data Breach, Slop Versus Productivity, and Vista 11 Update Breaks Things Again
Links for the day
Code of Censorship
Extortion is peace
Free Software Foundation (FSF) Has a New Press Kit for the Weekend After Next Weekend (40th Anniversary)
miles better than social [sic] media [sic] quips, moderated by narcissists and oil tycoons.
Microsoft Had Two Waves of Mass Layoffs This Month (That We Know of) and It'll Get Worse for Microsoft Soon
Will the axe fall again by month's end?
Gemini Links 23/09/2025: Happy Equinox, Photronic Arts, and Perception Cognition
Links for the day
Lessons We've Learned After 17 Years of American Hosting
GAFAM is "all-in" with the "Trump agenda"
Back to Normal Now, We Plan to Do More In-Depth Series (or Multi-part Stories)
Articles (or series thereof) that contain philosophy are important to us
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 22, 2025
IRC logs for Monday, September 22, 2025
Microsoft Media is Panicking Amid Mass Layoffs Every Month, H-1B Fees, and "Seattle’s Tech Scene in Trouble"
In "late stage Microsoft", copyleft becomes proprietary
The Next Wave of IBM/Red Hat Layoffs Being Discussed Already
Red Hat is sort of disappearing the way Tivoli did
Oracle Started This Year With Slop. Then It Stopped.
Passing fads are like this
Distros That Run on PCs Made 20 Years Ago and Don't Use Systemd
Betas for now
The Solicitors Regulation Authority (SRA) Has a Policy on Racism and Sexism
In then future we'll show the misogyny and racial slurs
The Complaint About Brett Wilson LLP - Part I - Abusing British Women on Behalf of American Men Who Abuse American Women
Transparency is important to us, so we've decided to make this series
Slopwatch: Google News and the Evident Slopfarm Infestation
This is what people get about Linux when they query Google for Linux
Links 22/09/2025: Murdochs Might Join Fentanylware (TikTok) 'Investors' (Masters), United Kingdom Recognises Palestinian Statehood
Links for the day
Gemini Links 22/09/2025: Esperanto Music History and Apps For Android
Links for the day
Links 22/09/2025: More American 'Censorship' (Retaliation for Journalism), Cheeto "Might Be Losing His Race Against Time"
Links for the day
The Blob Slop
Give me more words, give me some text
The 50-Pound Note Experiment and the "War on Cash"
Britain is actually seeing a rebound in cash payments, and it's not a temporary phenomenon
Slopwatch: Blaming the Victims for Microsoft's Failures and Plagiarising Phoronix
That's what Google has been reduced to: slop and slopfarms
Links 22/09/2025: Breaches, Windows TCO, and Arrests
Links for the day
Gemini Links 22/09/2025: Rabbit Hole and DeGoogling Fairphone
Links for the day
Links 22/09/2025: Russian War Planes Invade NATO Airspace While Dihydroxyacetone Man Escalates Attack on Free Speech Because of Critics
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 21, 2025
IRC logs for Sunday, September 21, 2025
Links 21/09/2025: "Hey Hi" (Hype) Under Fire, Fakes Identified; Tesla Burns Family
Links for the day
Google's Software is Malware and Malware in Mobile Devices
Originally posted by Rob Musial
Links 20/09/2025: Hegemony Coming to a Close, Luigi Mangione Ruled Not Terrorist
Links for the day
Gemini Links 21/09/2025: "Charlie Kirk Was a Hateful Piece of Shit" and Slop Code Attempted by Microsofter
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 20, 2025
IRC logs for Saturday, September 20, 2025