Microsoft Can't Understand Security (Lesson for UEFI Apologists)

Dr. Roy Schestowitz

2012-10-31 18:00:12 UTC
Modified: 2012-10-31 18:00:12 UTC

Torvalds on security
Source: MemeGenerator

Summary: Another security blunder leaves Microsoft red-faced, but Red Hat carries on following Microsoft's UEFI

To Microsoft, "security" does not mean what it means to most of us. It means control. According to this, Microsoft has again proven its inability to reuse simple FOSS packages to secure passwords. The result:

Software used by Microsoft's New Zealand outpost to register attendees for next week's TechEd conference has exposed delegates' passwords to unwelcome scrutiny.

Cross Kiwis have contacted The Reg to point out that emails from a third-party events management company offered a URL which they can click to print a barcode that will offer swift entry to the event.

But the URLs being distributed include passwords that delegates used to create accounts to register for the event. The emails also include a value called "ID" that a sharp-eyed Reg reader messed with and discovered, as said reader told us, "The id=673 appears to be the event (TechED NZ) a quick change of the &key= part of the URL to 'password', 'passw0rd', etc gave access to other people's registration details!"

Torvalds said that UEFI would not really aid security, so given that its main function is interfering with Linux, why should Red Hat staff give it a hand? This is not new.

"Security" as pretext for control (domination over a user, not the user's over a machine) is a subject that fits much of what we cover here, including the portrayal of copying as "piracy" and patents as "defence". Too much disinformation can make lies a truth (in people's mind/perception), so we prioritise particular topics. Next up: patents. ⬆

Recent Techrights' Posts

The Free Software Foundation is Looking to Raise Nearly Half a Million Dollars by Year's End: And it really needs the money, unlike the EFF which sits on a humongous pile of oligarchs' and GAFAM cash
Links 19/11/2024: War on Cables?: Links for the day
Gemini Links 19/11/2024: Private Journals Online and Spirituality: Links for the day
Drew's Development Mailing Lists and Patches to 'Refine' His Attack Pieces Against the FSF's Founder: Way to bury oneself in one's own grave...
What IBMers Say About IBM Causing IBMers to Resign (by Making Life Hard/Impossible) and Why Red Hat Was a Waste of Money to Buy: partnering with GAFAM
In Some Countries, Desktop/Laptop Usage Has Fallen to the Point Where Microsoft and Windows (and Intel) Barely Matter Anymore: Microsoft is the next Intel basically
[Meme] The Web Wasn't Always Proprietary Computer Programs Disguised as 'Web Pages': The Web is getting worse each year
Re-de-centralisation Should Be Our Goal: Put the users in charge, not governments and corporations in charge of users
Gemini Links 19/11/2024: Rain Music, ClockworkPi DevTerm, and More: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, November 18, 2024: IRC logs for Monday, November 18, 2024
Links 18/11/2024: Science News and War Escalations in Ukraine: Links for the day
Gemini Links 18/11/2024: Degrowth and OpenBSD Fatigue: Links for the day
Technology: rights or responsibilities? - Part VII: By Dr. Andy Farnell
BetaNews is Still 'Shitposting' About Trump and Porn (Two Analysers Say This 'Shitposting' Comes From LLMs): Probably some SEO garbage, prompted with words like "porn" and "trump" to stitch together other people's words
Market Share of Vista 11 Said to be Going Down in Europe: one plausible explanation is that gs.statcounter.com is actually misreporting the share of Vista 11, claiming that it's higher than it really is
Fourth Estate or Missing Fourth Pillar: "The term Fourth Estate or fourth power refers to the press and news media in explicit capacity of reporting the News" -Wikipedia on Fourth Estate
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, November 17, 2024: IRC logs for Sunday, November 17, 2024
LLMs Are Not a Form of Intelligence (They Never Will Be): Butterflies are smarter than "chatGPT"
Business Software Alliance (BSA), Microsoft, and AstroTurfing Online (Also in the Trump Administration Groomed by BSA and Microsoft): Has Washington become openWashington? Where the emphasis is openwashing rather than Open(Source)Washington?
Windows at 1%: Quit throwing taxpayers' money at Microsoft, especially when it fails to fulfil basic needs and instead facilitates espionage by foreign and very hostile nations
Links 17/11/2024: Pakistan Broke, Tyson 'Crashes' or Knocks Over Netflix: Links for the day
Gemini Links 17/11/2024: Nachtigall Planned, Exodus at Twitter: Links for the day
Links 17/11/2024: China's Diplomacy and Gazprom Setback: Links for the day
Sudan Has Reached a State of Android Domination (93% Market Share, All-Time High According to statCounter): countries at war buy fewer laptops?
[Meme] Just Do It?: 'FSF' Europe (Microsoft) and FSF
Microsoft Front Groups Against the FSF, Home of GPL, GNU, and Free Software: Much of the money (not all of it) comes from the criminals at Redmond
Centralisation is Dooming the Web, RSS is One Workaround (But Not "Planets"): At least Gemini Protocol rejects centralisation
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, November 16, 2024: IRC logs for Saturday, November 16, 2024
Links 17/11/2024: Wars, Bailouts, and Censorship: Links for the day
Gemini Links 17/11/2024: Changing Interests and HamsterCMS: Links for the day