Bonum Certa Men Certa

The Huge, Collateral Cost of Microsoft's Collusion With Five Eyes Espionage Agencies

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), April 2015



Summary: Microsoft Windows continues to be inherently insecure, at the very least because Microsoft worked to make intrusion possible by shady agencies that operate outside the law (much like cyber gangs)

IT IS no secret that Microsoft works closely with the NSA and other Five Eyes agencies. It is also no secret that Stuxnet was developed by those agencies and targets Microsoft Windows. After it had targeted Iran it sort of 'spilled out' and caused many billions in damages all around the world (we covered examples). Having gotten out of hand, Microsoft's back doors for espionage agencies were soon exploited also by the "bad guys" (not that espionage agencies can be described as "good guys"). There is no substitute for absolute, scientifically-verifiable security and strong encryption. People who sell "Golden Key" dreams are non-technical war-loving liars. Based on this new article (Dan Goodin finally targets Microsoft for a change, having repeatedly bashed just Free software), a new Windows "exploit is reminiscent of those used to unleash Stuxnet worm." To quote Goodin: "The vulnerability is reminiscent of a critical flaw exploited around 2008 by an NSA-tied hacking group dubbed Equation Group and later by the creators of the Stuxnet computer worm that disrupted Iran's nuclear program. The vulnerability—which resided in functions that process so-called .LNK files Windows uses to display icons when a USB stick is plugged in—allowed the attackers to unleash a powerful computer worm that spread from computer to computer each time they interacted with a malicious drive."



"GNU/Linux is designed for security from the ground up and if one does not believe it, one can freely scrutinise the code."Any design that lets a USB device trigger commands at such high levels is a design that's clearly not designed by security professionals. Many other issues tied to this design have been reported for over a decade and Microsoft is not fixing it. According to last year's explosive report, titled "N.S.A. Devises Radio Pathway Into Computers", the NSA "relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers."

The media may go on about how Microsoft no longer delivering security patches is an issue, but as Microsoft tells the NSA about holes before patching them, what difference does it make? All versions of Windows, no matter how up to date they are, are vulnerable. It's not an accident. "Both Microsoft and HP were insistent companies that hadn’t refreshed [Windows Server 2003] after 14 July," said the report, "are exposing themselves to all sorts of security attacks, and that up-to-date patches and firmware are needed."

No, their first mistake is that they use Windows anything (never mind Windows Server, irrespective of the version too). Windows is not designed to be secure. It has back doors and front doors. GNU/Linux is designed for security from the ground up and if one does not believe it, one can freely scrutinise the code.

"The continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team."

--CIO David Wennergren, Department of Defense (October 2009)



Recent Techrights' Posts

Links 28/08/2025: Chatbots Distorting/Fabricating History and Also Driving Suicide
Links for the day
Open Source Initiative (OSI) Resists Software Freedom, Even by Attacking Its Own
The OSI is compromised
 
Richard Stallman (RMS) Talk in Ethereum Cypherpunk Congress Will be Remote
This past week RMS received lots of accolades online
The Register MS (Run by Microsoft Operatives): Free Software is Putin, Hence Evil and Dangerous
The current editor in chief is an American Microsofter, the previous one went to work for Google (US)
Gemini Links 28/08/2025: Back in Japan and Why "Hacker News" Sucks
Links for the day
A Much-Needed Wake-up Call to Users of Wordpress.com, Blogspot, Substack and All Those Other Outsourced (and Centralised) Platforms
There are several lessons in there
The UEFI 9/11 - Part II - Campaign of Censorship and Defamation Against Critics
In dictatorships, humour serves an important role. It's tragic.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 27, 2025
IRC logs for Wednesday, August 27, 2025
Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More
Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom
Links for the day
Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China
Links for the day
Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases
Vista 11 is going down rather than up
Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained
Links for the day
12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme
There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
More People Need to Call Out and Put a Stop to Serial Sloppers
Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
Gemini Links 27/08/2025: Headphones and Tartarus
Links for the day
Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble)
The slop sceptics/critics are going to have lots of "told you so" moments
GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking
Notice the connection to Software Freedom Conservancy (SFC) and GNOME
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 26, 2025
IRC logs for Tuesday, August 26, 2025
Richard Stallman (RMS) Was Right About "Sideloading" in 1996
We now have computers that treat booting GNU/Linux like an act of "Sideloading"
Panama: Windows Down From 97% "Market Share" to Less Than 30%
In 2009, Windows was measured at 97.24% (compared to 62.32% right now or less than 30% if one also counts Android)
The UEFI 9/11 - Part I - Introduction to Impending Catastrophe (Microsoft Preventing People From Booting Non-Windows Systems)
eight-part series
Why Techrights is Slow Today (Bot Floods)
We don't know if those bots are connected to LLMs (we have not checked), but that is a possibility
Slopwatch: DDoS Slop, LinuxBSDos.com Spam, and Slopfarms in Google News, Including webpronews.com
Among the news we also found fakes, albeit not so much today
Links 26/08/2025: "Ballooning Debt" in France and "Transnational Repression in the UK"
Links for the day
Gemini Links 26/08/2025: Listening to Alcest and Google Doing Evil (Users Installing Software is "Sideloading" and Prohibited)
Links for the day
Links 26/08/2025: DNS Tampering and TikTok Layoffs
Links for the day
Microsoft's Windows "Market Share" Overestimated
Microsoft's income sources are shrinking
We Shall See...
My wife and I are hardly the first victims of Brett Wilson LLP
This New Determination on a Case Echoes the Modus Operandi of Microsoft's Serial Strangler vs Techrights (Its Online Decision/Judgment Says Truth and Public Interest Defend the Publisher)
Noel Anthony Clarke hopefully has enough money left to pay his victims, which include the publishers
Going Offline
There was life before the Net
The Register MS Has Apparently Shut Down Its Office
It is basically a fake address on the face of it
There Are Also Expectations of IBM Layoffs Very Soon With "Narrative Control."
Some of them mention Red Hat and how IBM failed to achieve anything substantial with that acquisition
After at Least Two Rounds of Mass Layoffs in August Microsoft Said to Have "September Layoff Confirmed - Performance Based"
Those "M5 level meetings" sound plausible
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, August 25, 2025
IRC logs for Monday, August 25, 2025