"Our products just aren't engineered for security."
--Brian Valentine, Microsoft executive
Summary: Microsoft's insecure-by-design software is causing massive damages (possibly trillions of dollars in damages to date) and yet the corporate press does not ask the right questions, let alone suggest a ban on Microsoft software
According to the New York Times and other news sites, "Staples Is Latest Retailer Hit by Hackers" because it was using Microsoft Windows. Well, other recent examples included UPS, which basically hurt millions of people because it let crooks have lots of credit card details. The TJ Maxx heist and other credit card heists were also the fault of Microsoft Windows, not GNU Bash or OpenSSL, among other bits of software that dominate the news in the context of security. It sure looks like Microsoft Windows is the target, not FOSS. There are hardly any stories at all about an apocalypse or any great damage caused by bugs in Bash or in OpenSSL. So go figure what the press is doing, in part because the OpenSSL bug has been hyped up by Microsoft partners at a very strategic time (same day as Windows XP support ending).
As
Will Hill put it the other day, "Business Week Covers Up for Microsoft In Target Hack and Misses the Big Story". Mr. Hill adds that "The US government covering up for Microsoft is not too surprising after learning about the HACIENDA program [2]. That's a massive program where the US government has been cracking servers and ordinary around the world to serve as botnets. If everyone used software that was better then Microsoft's intentionally weak garbage, GHCQ, NSA and other spooks would not be able to cover their tracks. Because of US government promotion of Microsoft and their combined incompetence, criminals around the world have it easy. NSA spying has put trillions of dollars in commerce at risk."
Those botnets do even greater damage than what was done at Staples. They are taking down a lot of Web sites and fill the Internet with heaps of SPAM. To quote our reader, complaining about articles like these: "Somehow they manage to omit the key role of Windows yet again." They must
call out Windows.
Another
new article was sent to us by a reader. It is titled "Computer users who damage national security could face jail" and it was published by a Bill Gates-sponsored newspaper. This reader of ours asked: "What about those that knowingly deploy Windows on machines connected to the Internet?"
Our sites are still under DDOS attack (for over a month ago).
Tux Machines has been offline for several hours now after a DDOS attack from Windows botnets hit it.
Why are ISPs still permitting customers to connect to the Internet with Windows? When will ISPs or users face liability for the damage they cause? Some people have been trying to take down my sites for well over a month now and they have used Microsoft Windows as a weapon. Windows has
weaponised back doors, so it should be banned already.
Speaking of takedowns, watch the latest commentary [1,2] about
Microsoft breaking the law to take material and sites (or even entire networks) offline, despite them doing nothing illegal.
The corporate media should start directing some tough questions at Microsoft, not just its victims. The company should face massive fines for the damages it causes on the Web. Ultimately, its software should be banned until security -- not insecurity (weaponised back doors) -- is its goal.
⬆
Related/contextual items from the news:
-
Microsoft has gained immense popularity over its never-ending war on software piracy. However, this time, the company appears to have caused a bit of collateral damage. So who are the victims? A handful of prominent and highly acclaimed YouTube video bloggers.
-
Oh, Microsoft. The company has now admitted that it ended up sending a bunch of DMCA takedown notices on non-infringing videos, all because someone had posted product keys in comments to those videos. To its credit, Microsoft has apologized and said that it has "taken steps to reinstate legitimate video content and are working towards a better solution to targeting stolen IP while respecting legitimate content." That's all well and good, but this seems like the kind of thing that they should have done long before issuing obviously bad takedowns. This is the kind of thing that happens when you have a tool like the DMCA notice-and-takedown provision that makes it just so damn easy to censor content. Those issuing the takedowns do little to nothing to make sure the content being removed actually infringes. They just use either automated means or someone rushing through the process with little review, sending off takedowns willy nilly with no real concern about how they might kill off perfectly legal content. It still boggles the mind that a basic notice-and-notice regime couldn't suffice to handle situations like this. That and making sure that those issuing bogus DMCA notices receive some sort of real punishment to give them the incentive to stop sending bogus takedowns.
