Bonum Certa Men Certa

With SSH Keys on Windows the World Will be a Vastly Less Secure Place

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Summary: Another warning about the grave consequences of putting SSH endpoints on an operating system which is compromised by design

QUITE a few readers (and also pro-Microsoft bullies) have written to us regarding yesterday's article about OpenSSH and Microsoft, the first PRISM company which also uses broken (by design) ciphers to act as passive back doors. Microsoft is losing and is getting left behind, hence it tries to 'embrace' the competition. It's not a good gesture but an effort to entice people into Windows prison, i.e. inherent insecurity. OpenSSH is supposed to be all about security, which Windows is inherently (by design) not compatible with. Does anyone really want to put public and private keys on a machine that is remotely accessible by spies? That's suicidal for a government, corporation, legal firm, journalist, etc.



"We already know, thanks to leaks from Edward Snowden, that spies in the West are systematically harvesting passwords of systems administrators and then use these to hijack/infiltrate entire networks."Microsoft promotion sites continue to praise Microsoft, whereas other sites cautiously welcome the move [1, 2, 3, 4, 5, 6]. This has been mentioned in various news sites since we first covered it, some Linux-centric ones ones too [1, 2]. In Linux Questions, for example, comments included "welcome microsoft to the year 2000." Or even: "It was nice having known about you, PuTTY."

To set the record straight, if we correctly understand Microsoft's plans (all they are at this stage is just speculative, as there is not even a timetable, let alone any code), there will be increased access by espionage-seeking, power-motivated spies to people's SSH keys. This will decrease overall security. Windows will be the weakest link. We already know, thanks to leaks from Edward Snowden, that spies in the West are systematically harvesting passwords of systems administrators and then use these to hijack/infiltrate entire networks all around the world. All that Microsoft's involvement can achieve in this case is an increase in compromised computer networks. Putting SSH keys on Windows is the technical equivalent of putting tanks on rhapsodies (rendering the tanks sinkable).

Recent Techrights' Posts

[Meme] Write Code, Not Social Control Media
don't forget to 'like'
Site in Support of Richard Stallman Reminds People of the FSF's and Stallman's Support of Women
new updates
In Memory of Mike Magee (1949-2024) and Our Best Wishes to The Register, Which He Founded in the 1990s
Months have passed since Magee died
'Remote' (From Home) Tech Workers Are More Productive for a Lot of Reasons
The Bezos-owned media should disclose its conflict of interest here
Microsoft Ends Support for Vista 10, So Relative Share of Vista 10 Goes Up, Vista 11 is Down
For 2 months in a row already
Microsoft's Latest 'Novel' Approach, Trying to Prevent People Moving Away From Microsoft and From Windows
ads say a lot about their business strategy
Microsoft-sponsored "The New Stack" Publishing Microsoft Windows Articles in "Linux" Clothing
Just sayin'...
 
[Teaser] EPO Management Thinks Inflation in Europe is 0.2% Per Annum
Taming inflation by entirely ignoring it is like wrongly assuming that climate change (caused by human activity) can be overcome by not studying the effect of 8+ billion humans on this finite planet
Corporate Media Will Be Discarded and Eventually Die If It Keeps Doing "Bill Gates Sez" (or Similar) Pieces Instead of Journalism
"Superintelligence" does not even mean anything!
This Week We Focus Again on European Patent Office (EPO) Scandals
Nothing can stop us, not even a party or SLAPP
Links 09/12/2024: Health Care Anger and Power Vacuum in Syria
Links for the day
Links 09/12/2024: Burned, Uncertain Future, and Failure
Links for the day
Links 09/12/2024: UnitedHealthcare C.E.O.'s Killer Still Unknown, Syrian Regime Change Completed
Links for the day
Microsoft: Target the Young (Get 'Em While They're Young)
Then they say Free software advocates are "extremists" and "rude"...
As of December 8th (23 Days Remaining), the FSF (Free Software Foundation, Inc.) Already a Third of the Way Toward Ambitious Funding Goal
FSF's memberships (or donations) drive is going a lot better than we anticipated
Why Mike Magee Created and Was Involved in So Many News Sites About Technology
British legend
Tunisia is Android, Windows is Waning There
Windows was measured below 20% in Tunisia
[Meme] Jeff Bezos Working From Home
"B**** please, publish articles in Washington Post about how working from home sucks"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 08, 2024
IRC logs for Sunday, December 08, 2024
No Wonder Microsoft's LinkedIn and Github Have So Many Layoffs, Permanent Office Closures
Traffic down, losses, probably never going to profit
When Python is Basically Run by a 'Microsoft-Friendly' Mole Who Ousts People That Actually Contributed a Lot to Python for Many Years
Removing some of the best people
Syria: Microsoft Windows Down to 8% "Market Share" (It Was 99% Just 15 Years Ago)
it was even measured at less than 5% earlier this year
Links 08/12/2024: Boeing Leaks and Bluesky’s Business Model Dilemma
Links for the day
Gemini Links 08/12/2024: UK Winds and Ultraviolet Grasslands (UVG)
Links for the day
Links 08/12/2024: Conflicts, Misinformation, and Gutting of the Media
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 07, 2024
IRC logs for Saturday, December 07, 2024
Czech Republic: GNU/Linux Jumps Above 4%
data from the Czech Republic for 2024
IBM Engagement Surveys "Are Usually Useful for the Executives So They Know Which Things to Ignore"
This impacts Red Hat as well
Did Microsoft 'Write' (by Chatbots) This 'Article' About WINE?
The Web is drowning in garbage
Dictatorship Formalised: Python Software Foundation Violates Its Very Own Code Of Conduct (COC) or Code Of Censorship
Incoming Python Software Foundation Executive Director, Deb Nicholson, allegedly uses COCs to get ahead while violating COCs
[Meme] 'Self-Checkout' (and Banking 'Apps'): Passing All Accountability to the Customers
Stealing
Gemini Links 07/12/2024: Leasehold and NNTP
Links for the day
Fun Statistics About Techrights (Almost a Quarter Million Files)
Here are some raw numbers
PIP (Performance Improvement Plan) as an Instrumental But Largely Hidden (From the Public) Extra Layer of IBM's Workforce Reductions
The morale at IBM is really bad
Microsoft Money: From Bribing Bloggers to SLAPPing Bloggers
Microsoft money, different strategy?
Belgium: Windows Falls to Quarter of the Market, Mobile Devices Outsell or Overtake Desktops/Laptops on the Web
Microsoft has no operating system for 'smartphones'
Links 07/12/2024: CALEA Back Doors Backfiring, Fentanylware's (TikTok) U.S. Ban a Step Closer
Links for the day
statCounter: GNU/Linux Rises Sharply to All-Time High in Republic of South Korea
Notice how sharp the rise is!
It's FOSS? No, It's SPAM.
Another sellout
Another Massive Blow to the Web
This is awful news and it neatly relates to topics that we covered this morning
All the Latest Five Blog Posts at OSI's Blog Are Written by a Microsoft Operative Salaried by Microsoft
"Open Source" no longer means anything
Legacy of a Dying World Wide Web
Many people truly believe they're "stars" in social control media
Google Does Not Have a Search Engine Anymore
Google wants to "retain" users for more "screen time" and influence over their minds; it does not save you time, it's manipulating you
[Meme] Automattic: Host With Automattic, We'll Handle Our Own Complexity for You
The RHEL modus operandi (more so with systemd)
Finding Peace With Less
There seems to be a growing consensus (speaking to other editors helps confirm this) that the Web is going in a very bad direction
Links 07/12/2024: DEI Chopped by University of Michigan, French and South Korean Governments in Turmoil
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 06, 2024
IRC logs for Friday, December 06, 2024