Microsoft propaganda agents occupy the press and pressure people to stay with Windows
Summary: Analysis of some of the recent claims that GNU/Linux and Android are not secure, the source of such claims (sometimes Microsoft), and what the timing of these claims may or may not tell us about agenda
WE WOULD like to put forth the possibility that the latest 'security'-themed negative coverage about GNU/Linux is not a natural outcome of standard/routine research or even amplified naturally because GNU/Linux having flaws is the "man bites dog" equivalent [1]. Microsoft has familiar tactics, partly revealed by leaked documents, of manufacturing negative coverage about competitors like GNU and Linux. We gave many examples in the past (see this page for example). It can take years for relevant documents to be leaked.
It is not at all unthinkable that Microsoft still pays think tanks and partners to flood news site with negative publicity relating to GNU/Linux security. One reader wrote to us the following: "I saw on Diaspora that you were planning to write a story about how Microsoft coordinates PR across what should be an independent press. You might be interested in some old work that I did to highlight a minor
revolt against "embargos" by Techchrunch and Wired" (we covered those years ago).
The 'security'-themed negative coverage goes beyond GnuTLS [
1,
2] and the
latest from Symantec and others (claiming UNIX/Linux botnets while ignoring the cause and the elephant in the room, which
journalists don't like to name). There were dozens of articles about it, simply
relaying the claims without digging any deeper. Earlier this week we saw some headline about Microsoft finding and reporting Android security holes ("paper published by researchers from Indiana University and Microsoft" [
1,
2]). Yes, Microsoft sure is "embracing" Android... trying to paint GNU/Linux "equally bad" (another familiar old strategy). Ars Technica, at times
the Fox 'news' of tech (depending on the writers), is trying to peddle some other smears against GNU/Linux security. A lot of the latest can be attributed to
shoddy 'reporting' by Dan Goodin, who started a lot of the other recent panic and continues his long smear attack on GNU/Linux security (this time he blames out-of-date servers that can and should be freely upgraded). This FUD was so bad that
entire articles were written to rebut it (after it had spread to other places [2]). See
the comments/updates in Cisco's Web site; it is very revealing. There is also a long discussion about this in Disapora. It seems like some journalists made it their mission to make GNU/Linux look insecure by whatever means necessary (even misrepresentation). As
Susan Linton put it: "A lot of Websites are still covering the last couple of Linux security breaches and today Steven J. Vaughan-Nichols said, "It's not Linux's fault!"" (and he's right).
Will Hill
wrote that the mistakes are starting to get unraveled: "Looks like his source, Cisco, was shredded for saying what they did. Check out all the strike outs and retractions.
"...The observation of affected hosts running Linux kernel 2.6 is anecdotal and in no way reflects a universal condition among all of the compromised websites. Accordingly, we have adjusted the title for clarity. We have not identified the initial exploit vector for the stage zero URIs. It was not our intention to conflate our anecdotal observations with the technical facts provided in the listed URIs or other demonstrable data, and the below strike through annotations reflect that. We also want to thank the community for the timely feedback."
Will Hill connects this to the following bit, saying "it was also used as XP EoL hype."
To quote the FUD: "In April 2014, Windows XP will become unsupported. Organisations urgently need to review their use of unsupported systems in operation. Such systems need to be upgraded where possible, or regularly monitored to detect compromise. Organisations should consider their exposure to risks from the use of unsupported systems..."
So they hardly even hide some of their motive, perhaps thinking it would be too subtle.
ZDNet and other Microsoft-friendly sites also found the above an opportunity convenient enough to FUD both Bitcoin and GNU/Linux at the same time [3,4].
What we basically have here is an explosion of semi-truths, spin, and fabrications -- all trying to make a perception of GNU/Linux not being more secure than Windows. Timing matters here. We previously saw
'former' Microsoft people smearing Android security from academic standing (no disclosures given) and here too we see Microsoft appearing in a paper against Android security, seemingly coming from a university. This isn't uncommon and it's one of these cases where showing the Microsoft connection is simple, as in the case of other academics whom Microsoft is
paying to be
spreading law-themed FUD against Android (also without disclosures).
Windows XP support is ending and many look forward to/towards a GNU/Linux migration, at the very least for security. That is true for the Indian government [5] and some British companies I happen to know about but cannot name (being discreet is important when dealing with a bully like Microsoft). GNU/Linux distributions are typically replacing Windows XP [6,7,8]; Apple is rarely even an option. Indian Banks may switch to Linux [9] and many other banks may soon move to Linux because of security of course [10-14]. There are several separate reports about potential mass migration of ATMs from Windows (XP) to GNU/Linux and Microsoft is of course paying attention to this (
maybe it's reading people's E-mails, too). What is the alternative, the
truly horrible Vista 8? Microsoft partners like Tony Bradley (shown above; he is strongly tied to Microsoft professionally and has a long history of attacking and smearing GNU/Linux in IDG)
desperately try to whitewash Vista 8. "Microsoft apologist gets column space," wrote iophk, perhaps not knowing that this "apologist" is actually tied to Microsoft (
Forbes lets him run Microsoft's propaganda campaign right now, without disclosures). One can truly see how miserable Microsoft has become.
Now is a good time for many to move from Windows XP to GNU/Linux, even in businesses. This
new article says that "the largest percentage (41 percent) found “simply that Windows applications are not compatible.”"
Wine might do better at compatibility than newer versions of Windows, including Vista 8. As iophk put it: "Maybe this will lead the removal of Microsoft from SMB environments and the movement to open standards." Swapnil Bhartiya
explained a few days ago that a migration to GNU/Linux is no longer what it used to be. "Don’t get scared," he argues, "Linux is not what you might have heard about it way back in 2005. Today Linux is dominating the world – Android is powered by Linux, Chromebooks are powered by Linux, your Chromecast runs on Linux. And these are consumer-grade devices extremely easy to use."
According to another new report,
"Windows XP users are mistaking Microsoft's nag screens for adware" (Windows XP users are faced with Microsoft ads now).
"Just upgrade to a GNU/Linux distro and be done with it," concludes iophk.
GNU/Linux is the secure option, no matter how much Microsoft spin is trying to convince people otherwise.
⬆
Related/contextual items from the news:
There have been a lot of media reports about Linux security problems recently. ZDNet has taken a stand and pointed out that the problem isn't with Linux, the problem is with certain Linux users and administrators. I'd also argue that the problem is also with certain media outlets who jump on the "linux security stinks!" bandwagon at the earliest opportunity.
Microsoft India has decided to discontinue support for its legacy Windows XP platform. This doesn’t affect too many people — since most users of Microsoft’s products have already moved onto the newer Windows systems —Vista, 7 and now 8. It does, however, hit one of the largest employers of the nation — the Indian government.
When the support for XP goes out of order next month, the Indian government might start taking on Linux in a big way — if a recommendation issued by the Tamil Nadu government is any indicator.
-
Support for Windows XP officially ends on April 8, 2014. After this date Microsoft will no longer issues security updates, patch exploits or provide any other means of official, direct support to its users
Xubuntu is a distribution of Ubuntu, which uses the same architecture and software repositories as the mainstream Ubuntu. The only difference is that in the regular Ubuntu distribution, it uses a GUI called Unity, which is much more Mac OSX like, whereas Ubuntu uses XFCE which resembles a prettier version of XP. Alternatively, you could also check out Linux Mint, which pretty much feels exactly like Vista, but I stick to Xubuntu due to better Cannonical support – the People behind Ubuntu). Xubuntu is incredibly stingy on resources, and can run smoothly on a Pentium 4 or higher with a measly 512MB of RAM. Recommended specs being any Dual Core Intel/AMD CPU with 1GB of RAM.
In today's open source roundup: Lubuntu could be the best replacement for Windows XP. Plus: A review of Portal 2 for Linux, and an interview with the creator of educational distro Ubermix
As we have reported you earlier that Microsoft is pulling out their Windows XP support after April 8 2014. Since a vast majority of bank ATMs around the world currently runs on Windows XP, but if they’ll continue sticking to it after the deadline, then they’ll be exposed to all kinds of security threats, as Microsoft will no longer provide the security patches thereafter.
Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles.
It might sound odd that ATMs are running on aging software better suited to a home PC. In fact, security experts have chastised the financial industry for putting ATMs on a PC operating system in the first place. They argue ATMs should be using software that is scaled down and less buggy, such as Linux.