LAST year it was confirmed that Microsoft had been telling the NSA how to crack its software before this software could even be patched. In other words, Microsoft gave back doors to the NSA. Microsoft gave a bunch of government-sanctioned crackers monopoly or preferential access to the data and computers of Microsoft's so-called 'customers'. Microsoft went further than this by providing the NSA with direct access to data of so-called 'customers' who put their data on Microsoft servers or used Microsoft networks such as Skype or Hotmail for communication.
"Microsoft gave a bunch of government-sanctioned crackers monopoly or preferential access to the data and computers of Microsoft's so-called 'customers'."Microsoft hardly behaves like a software company. Microsoft is an informant. As one article put it some days ago: "The Snowden documents also revealed that Microsoft allegedly helped the NSA intercept web chats on its new Outlook.com portal."
That's just the tip of the iceberg, but it's stuff such as this which CIOs and CTOs must remember when moving away from Windows and from Microsoft (altogether).
Now that we know there's 'former' Microsoft staff behind the new Heartbleed€® publicity blitz (maybe the latest of or an extension of the security smears against GNU/Linux, which basically accompany that end of Windows XP patches) we should remember what the alternative to GNU/Linux (and BSD) is. The main alternative is PRISM club -- a club which conspires with the NSA against computer users.
Trending in Twitter right now is the hashtag "openssl" and the reason for this is Heartbleed€®, which was released strategically on this date by a company managed by Microsoft's 'former' security chief. It is a sure way to distract from GNU/Linux as the solution for security woes (associated with Windows XP). Instead of talking about how and why GNU/Linux is great for people to move to after Windows XP (for security reasons) people now talk about security vulnerabilities in GNU/Linux.
Another company which was founded by a 'former' Microsoft manager (Black Duck) is now promoting Fog Computing (surveillance-friendly computing in 'clouds') under the guise of "Future of Open Source". How typical.
What needs to be done right now is activity. We must not be passive in the face of what seems like a smear campaign and publicity stunt, well timed and well managed by allies of Microsoft. We need to remind people that Microsoft is by far the worst thing that can happen to security because Microsoft not only has security holes but it also has security lapses by design. These security lapses were designed to facilitate illegal mass surveillance by entities that pay Microsoft in bribes and favours (as emerged in the press last year). This is not exclusive to the US. We saw stories about this even in Russia. "The discussion is getting really mainstream," iophk writes about this. ⬆