Bonum Certa Men Certa

Back Doors/Bug Doors in All Versions of Microsoft Windows Need a Name, a Logo, and Branding Too

Microsoft gets a free pass for insecurity

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), only days ago



Summary: All versions of Microsoft Windows are found to have been insecure since 1997, but the bug responsible for this is not named as candidate for back door access, let alone named (with logo and marketing) like far less severe bugs in Free/libre software such as OpenSSL

WHILE many journalists still refuse to call out Windows (see this new piece from Dan Goodin, who writes about crackers hoarding Windows hosts by the millions -- in botnets -- while mentioning the word "Windows" only once, very deep inside the article), some have no choice by to acknowledge that not every single computer runs Windows and therefore we should call out Windows when it's clearly to blame.



"This wouldn't be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple)."Although there is no "branding" yet (as Microsoft buddies from a a Microsoft-linked firm like to do to Free/libre software bugs), there is a very serious bug in all versions of Windows (even the one still in development) that Microsoft's allies at the NSA must be very happy about, especially as the bug is 18 years old (meaning that Windows has allowed remote access since 1997, or around the time Microsoft was seeking to appease the US government after it had shamelessly broken many laws).

The bug was found not by Microsoft but by this team (press release), which probably has no access to Windows source code. This wouldn't be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple).

ISPs should now restrict or ban Windows use, as it poses a huge risk (botnets and DDOS, never mind risk to all data stored on machines running Windows). Here is some early coverage of this [1, 2], some correctly emphasising that it's a 18-year-old vulnerability [1, 2].

Let's see if this starts a big debate about the insecurity of proprietary software (as other bugs with "branding" did to Free software, by means of gross generalisation). This "New Security Flaw Spans All Versions Of Windows" (similar wording in this headline). 18 years, eh? It even predates 9/11. It's older than some readers of this Web site.

Watch this disgraceful piece titled "Will Microsoft’s Security Measures in Windows 10 Tarnish Open-Source Development?"

Yes, it's more propaganda; The disingenuous openwashing of Windows continues, as we'll show in our next post.

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Recent Techrights' Posts

Fresh IBM Layoffs Reported in Europe and North America, Jobs Allegedly Moved to South Asia (Low Salaries)
As usual, IBM does not talk about this
Microsoft Has Not Much Left to Show Investors, Shares Fall Almost 20%
It's not even clear how Microsoft makes money anymore
The Fall of the Open Source Initiative (OSI): The OSI Election is Rigged, Biased Against People Who Oppose the Openwashing of GPL-Violating Bots Operated by Microsoft for Profit (OSI Gets Paid to Promote This)
they reckon that pretence of calm would serve them best, helped by puff pieces
In Vietnam, statCounter Sees Microsoft Windows Falling Below 7% "Market Share"
Can Microsoft still demand $500 or more per Windows licence?
 
Links 11/03/2025: NASA Besieged and "DOGE Has Become What It Claimed To Destroy"
Links for the day
Illuminating Injustice is Critical When Reckless Microsofters and Law Firms Try to Silence Reporters of Violence Against Women
I want to clarify that I'm well within my right (and not running afoul of any rules) by explaining what goes on here
EPO Central Staff Committee: "The Strategy of the Office Lacks Transparency and Cannot be Understood"
Microsoft and the EPO violate data protection laws
Links 11/03/2025: Spring and Misfin Server
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 10, 2025
IRC logs for Monday, March 10, 2025
Latvia (and Lithuania) Stepping Away From GAFAM, Microsoft
Windows becomes unessential as Android and GNU/Linux rise
Microsoft Layoffs Are Infectious (Don't Get Acquired or Become a Partner)
It seems like companies choosing to become "buddies" with Microsoft are dooming themselves and their products
A Closer Look Inside the EPO, Courtesy of Benoît Battistelli's Submissive Lapdogs Roberta Romano-Götsch and Elodie Bergot
new report comes from the Local Staff Committee Munich (LSCMN)
Links 10/03/2025: Staff Strikes, Mass Layoffs in Gaming Industry
Links for the day
Gemini Links 10/03/2025: "Eat The Rich" and Two-Year Anniversary of the 'Space Elevator' Orbit (Like 'Webring')
Links for the day
Links 10/03/2025: Small Web Praised, LLM Chatbots Exposed as Worse Than Useless Again
Links for the day
A Call for GNU/Linux and BSD Developers to Unite Against GAFAM and the Regime They Empower
We have long encouraged and continue to encourage people who value Software Freedom to altogether boycott GAFAM
The Ludicrous Mythology of Commonality as Signal of Value, Merit, Popularity
Devalue what's true, promote marketing?
[Video] Richard Stallman on the Four Essential Freedoms (Manuel Cuda News, 2025)
Added to a channel several days ago by Manuel Cuda News
Gemini Links 10/03/2025: Realisation About Young People, Punks, and Discord IPO
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 09, 2025
IRC logs for Sunday, March 09, 2025
[Video] Richard Stallman on Understanding the Misconception of So-called 'Artificial Intelligence'
to "know and understand"
FSF's Defective by Design (DBD): Amazon Tightens the Digital Handcuffs
Reproduced verbatim
The Fall of the Open Source Initiative (OSI): Plenty of Issues, Plenty of Censorship
The OSI is abusive on many levels!
EPO Staff Appraisals Apparently Benefit Kakistocracy, Including Cheaters Who Grant Illegal Patents and Punish Good Patent Examiners (Who Find Valid Reasons for Denials)
In prior reports the staff representatives said that rewards typically went to people who granted many patents, i.e. didn't do proper examination and instead just allowed many fake patents get enshrined as EPs, causing fiasco (from which some patent attorneys could profit)
As The Web Gets Drowned Out, Sinking in a Pool of LLM Slop, Real News Sites With Real News Become Increasingly Rare If Not Extinct
This is a real problem
Links 09/03/2025: Moderna Patents Thrown Out, Climate United Sues E.P.A.
Links for the day
Gemini Links 09/03/2025: Lagrange 1.18.5 and Writing Mannerisms
Links for the day
Links 09/03/2025: FiveThirtyEight Killed by Disney, Nature (Journal) Chooses Suicide by Slop
Links for the day
Links 08/03/2025: International Women's Day, Software Patents Being Squashed
Links for the day
Hiding Problems Doesn't Work
transparent organisations will be more stable and sustainable
The Harder They Try to Censor, the Bigger the Scandal (and the Impact) Will Be
We don't plan to self-censor our coverage; sometimes we just delay publication a little
Gemini Links 09/03/2025: Leasehold Derangement Syndrome, Raspberry Pi, and More
Links for the day
All-Time Low for Microsoft in Africa
it helps show how irrelevant Microsoft is becoming
French woman (frontaliere) trafficked to promote unauthorised cross border Swiss insurance
Reprinted with permission from Daniel Pocock
New York Times & Guardian reporting on Modern Slavery Act prosecution of Glodi Wabelua
Reprinted with permission from Daniel Pocock
Diana & Adrian von Bidder-Senn, EVP, Palm Sunday & Debian death on wedding day
Reprinted with permission from Daniel Pocock
The RTO (Return-to-office) Layoffs or 'Soft' Layoffs at IBM and Red Hat
There are certainly many layoffs going on there, but many are described as "resignations" or "retirements" after RTO or some other form of relocation
Under the Pen Name "John O'Donnell" (LLM Slop, Not Real Article or Author) LinuxLinks Pushes Spammy Page
it happened some hours ago.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 08, 2025
IRC logs for Saturday, March 08, 2025