Bonum Certa Men Certa

Back Doors/Bug Doors in All Versions of Microsoft Windows Need a Name, a Logo, and Branding Too

Microsoft gets a free pass for insecurity

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), only days ago



Summary: All versions of Microsoft Windows are found to have been insecure since 1997, but the bug responsible for this is not named as candidate for back door access, let alone named (with logo and marketing) like far less severe bugs in Free/libre software such as OpenSSL

WHILE many journalists still refuse to call out Windows (see this new piece from Dan Goodin, who writes about crackers hoarding Windows hosts by the millions -- in botnets -- while mentioning the word "Windows" only once, very deep inside the article), some have no choice by to acknowledge that not every single computer runs Windows and therefore we should call out Windows when it's clearly to blame.



"This wouldn't be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple)."Although there is no "branding" yet (as Microsoft buddies from a a Microsoft-linked firm like to do to Free/libre software bugs), there is a very serious bug in all versions of Windows (even the one still in development) that Microsoft's allies at the NSA must be very happy about, especially as the bug is 18 years old (meaning that Windows has allowed remote access since 1997, or around the time Microsoft was seeking to appease the US government after it had shamelessly broken many laws).

The bug was found not by Microsoft but by this team (press release), which probably has no access to Windows source code. This wouldn't be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple).

ISPs should now restrict or ban Windows use, as it poses a huge risk (botnets and DDOS, never mind risk to all data stored on machines running Windows). Here is some early coverage of this [1, 2], some correctly emphasising that it's a 18-year-old vulnerability [1, 2].

Let's see if this starts a big debate about the insecurity of proprietary software (as other bugs with "branding" did to Free software, by means of gross generalisation). This "New Security Flaw Spans All Versions Of Windows" (similar wording in this headline). 18 years, eh? It even predates 9/11. It's older than some readers of this Web site.

Watch this disgraceful piece titled "Will Microsoft’s Security Measures in Windows 10 Tarnish Open-Source Development?"

Yes, it's more propaganda; The disingenuous openwashing of Windows continues, as we'll show in our next post.

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Recent Techrights' Posts

IBM: Less Than a Month's Severance for Each Decade of Service
Yes, decade!
The EPO, Europe's Largest Patent Office, Admits Outsourcing to Microsoft Slop
Their sole goal is to make more money
The Better the Understanding or the More Nations Understand the Threat Posed by Microsoft, the Faster It'll be Eradicated
We believe that the thing to advocate is self-hosting and Free software... A lack of simplicity or absence of alternatives is a form of vendor lock-in
 
July 2 2025 Would Not be First Big Wave of Microsoft Layoffs Before Major National Holiday
July 2 or 3 mark the start of a very long weekend in the US
IDG's NetworkWorld Seems to Have Just Become LLM Slop
If IDG (now controlled by China) does that in at least one site, why not the rest? Only a matter of time?
Gemini Links 16/06/2025: Free Lunches and Bookmarklet for Mastodon
Links for the day
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
Taking a Lesson From Denmark and Greenland? Iceland Shows New Lows for Windows, All-Time Highs for GNU/Linux
If Microsoft sabotages systems of judges at the Hague (in order to appease the insane man who wanted to invade Greenland), why won't its neighbour Iceland take note?
BetaNews Has Just Deleted Its Latest 'Article' or Got Cracked Again and Restored From Outdated Backup Again
BetaNews seems to be in some serious trouble right now
Microsoft's "FUD-as-a-Service" (Against Linux) Not Functioning Well
This is the kind of contribution companies like Microsoft and Google have to offer to society
Software Freedom is "Activism" Because the Corporate Agenda Revolves Around Bribery, Deceit, and Betrayal
At the end Software Freedom will win because it's on the same side as truth and lawfulness
Links 16/06/2025: EchoLeak and NASA Teaming up With India
Links for the day
A Week of Sunlight
They say transparency is like sunlight to a vampire
"Linux" Sites That Went Astray
there are even worse things than shutdowns
Links 16/06/2025: Climate, Wildfires, Breaches, and Monopolies
Links for the day
Links 16/06/2025: Summer in Finland and Misunderstandings
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 15, 2025
IRC logs for Sunday, June 15, 2025
Gemini Links 15/06/2025: Rainy Season and OpenDocument Format (ODF)
Links for the day
Links 15/06/2025: Military Games, Parade, and Actions
Links for the day
Links 15/06/2025: Windows TCO, Openwashing, and Wars
Links for the day
Gemini Links 15/06/2025: "AI Fatigue and Crappiness"
Links for the day
When Abusive Law Firms (Working for Microsofters Against Us) Assert That Someone Writing in Social Media About Himself is Confidential Information
There was no reason to throw "GDPR" into 2 SLAPPs; they know it, but the goal was to increase the cost of a Defence and lessen the incentive to challenge the SLAPPs
Microsoft Attack Dogs Against Watchdogs and Guard Dogs in Software
Last year Microsofters hired attack dogs or "guns for hire"
Slop Cannot Replace Domain Expertise
All this "AI" hype (it's not even intelligence, it's all a misnomer, as many of us have insisted all along) will fizzle and be written off as a failed experiment
IBM's Fresh 'PIPs' (Action Before Layoffs)
At times like these, even once-reputable employers resort to PIPs and other procedures/tricks for denial of workers' rights
Microsoft is a Problem Not Just for Denmark
Every country should consider what Denmark is doing, why Denmark is doing it, and then do the same
The Slopfarms' Self Detonation
If more sites like BetaNews go under, then maybe we can still salvage some of the Web
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 14, 2025
IRC logs for Saturday, June 14, 2025
Links 14/06/2025: FDA Changes Priorities, Cassette Data Storage From The 1970s
Links for the day
Gemini Links 14/06/2025: Steam Next Fest and Thoughts on Gemini
Links for the day
Site/Datacentre Maintenance Next Week
speed things up
Bulgaria: GNU/Linux Near 10%
The Bulgarian market seems to be changing
I Never Spoke to BetaNews. But BetaNews Wants to Ensure I Never Will, Either.
Sometimes just the reluctance to talk about it can say a great deal
Throwing Money at Lawyers Can't Stop Us (It Never Did)
Even just trying to censor things can result in the opposite of the desired outcome
Online Search or Large Search Engines Aren't Working Anymore
business models that directly compete with interests of Web users
Holidays and Breaks
I've hardly taken any long breaks since I got married
Danish OpenDocument Freedom
"year of Linux"
Links 14/06/2025: Wars and L.A. Distortion Effect
Links for the day
BetaNews Has More or Less Died After Experiments With LLM Slop, Is Linuxsecurity Next?
It doesn't seem like BetaNews knows what it's doing, let alone what it talks about
Gemini Links 14/06/2025: Historic Ada Design and GeminiSpace.Club to Expire
Links for the day
Links 14/06/2025: India Plane Crash and Middle-Eastern War
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 13, 2025
IRC logs for Friday, June 13, 2025