Bonum Certa Men Certa
Vista 10 a Massive Failure as Only a Small Fraction of Those Who Can Install it Gratis Actually Do, Microsoft Remotely Bricks PCs | Links 13/8/2015: KDE Frameworks 5.13.0, Red Hat Satellite 6.1

The Huge, Collateral Cost of Microsoft's Collusion With Five Eyes Espionage Agencies

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), April 2015



Summary: Microsoft Windows continues to be inherently insecure, at the very least because Microsoft worked to make intrusion possible by shady agencies that operate outside the law (much like cyber gangs)

IT IS no secret that Microsoft works closely with the NSA and other Five Eyes agencies. It is also no secret that Stuxnet was developed by those agencies and targets Microsoft Windows. After it had targeted Iran it sort of 'spilled out' and caused many billions in damages all around the world (we covered examples). Having gotten out of hand, Microsoft's back doors for espionage agencies were soon exploited also by the "bad guys" (not that espionage agencies can be described as "good guys"). There is no substitute for absolute, scientifically-verifiable security and strong encryption. People who sell "Golden Key" dreams are non-technical war-loving liars. Based on this new article (Dan Goodin finally targets Microsoft for a change, having repeatedly bashed just Free software), a new Windows "exploit is reminiscent of those used to unleash Stuxnet worm." To quote Goodin: "The vulnerability is reminiscent of a critical flaw exploited around 2008 by an NSA-tied hacking group dubbed Equation Group and later by the creators of the Stuxnet computer worm that disrupted Iran's nuclear program. The vulnerability—which resided in functions that process so-called .LNK files Windows uses to display icons when a USB stick is plugged in—allowed the attackers to unleash a powerful computer worm that spread from computer to computer each time they interacted with a malicious drive."



"GNU/Linux is designed for security from the ground up and if one does not believe it, one can freely scrutinise the code."Any design that lets a USB device trigger commands at such high levels is a design that's clearly not designed by security professionals. Many other issues tied to this design have been reported for over a decade and Microsoft is not fixing it. According to last year's explosive report, titled "N.S.A. Devises Radio Pathway Into Computers", the NSA "relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers."

The media may go on about how Microsoft no longer delivering security patches is an issue, but as Microsoft tells the NSA about holes before patching them, what difference does it make? All versions of Windows, no matter how up to date they are, are vulnerable. It's not an accident. "Both Microsoft and HP were insistent companies that hadn’t refreshed [Windows Server 2003] after 14 July," said the report, "are exposing themselves to all sorts of security attacks, and that up-to-date patches and firmware are needed."

No, their first mistake is that they use Windows anything (never mind Windows Server, irrespective of the version too). Windows is not designed to be secure. It has back doors and front doors. GNU/Linux is designed for security from the ground up and if one does not believe it, one can freely scrutinise the code.

"The continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team."

--CIO David Wennergren, Department of Defense (October 2009)



Vista 10 a Massive Failure as Only a Small Fraction of Those Who Can Install it Gratis Actually Do, Microsoft Remotely Bricks PCs | Links 13/8/2015: KDE Frameworks 5.13.0, Red Hat Satellite 6.1

Recent Techrights' Posts

Report About February Mass Layoffs at Microsoft (Third Wave of Microsoft Layoffs in 2025) Comes Back From the Dead
Yesterday we wrote about an article in CRN (reporting Microsoft layoffs) being removed without any reasons specified
Links 21/02/2025: Myanmar Scam Centre and Disruptions at USPTO
Links for the day
gbhackers.com is Not Hackers, It's LLM Slop Outputs (Fake 'Articles') That Attack 'True Hackers'
A site called linuxsecurity.com keeps doing this and now we see the slopfarm gbhackers.com doing the same
linuxsecurity.com Continues to Spread Lies or Machine-Generated FUD (Microsoft LLMs Likely the Source) About OpenSSH and Linux
this LLM problem is global
People Who Came From Microsoft Demanding Removal of Articles About Them, About Microsoft, and About Microsoft GitHub is "Generous" (According to Them)
Imagine choosing a law firm that borrows money in the same year just to avoid overdraft in the bank!
 
Hype Watch: Weeks After Microsoft Disappointed Investors With "Hey Hi" It's Trying Some "Quantum" Hype (Adding Impractical Vapourware to Accompany This Hype and Even LLM Slop in 'News' Clothing)
Remember "metaverse"? What happened to media hype about "blockchain" and "IoT"?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, February 20, 2025
IRC logs for Thursday, February 20, 2025
Gemini Links 20/02/2025: Law of Warming and Cooling, Health, and Devlog
Links for the day
Links 20/02/2025: Microsoft Infosys Layoffs and IRS Layoffs (Good News for Rich Tax Evaders)
Links for the day
IBM Layoffs in Europe Already Happening or Underway (UK and Spain). They Try Not to Call These "Layoffs".
"CIO" in particular was repeatedly mentioned lately, as was Consulting
Possibly a Third Round of Mass Layoffs at Microsoft in 2025 ("Cloud Solution Architects, Customer Roles"), Report Removed or Censored
This is literally the top story for "microsoft layoffs" right now
Instead of 'DoS Protection' Cloudflare is Allegedly Conducting 'DoS Attacks' on Users of Browsers Other Than Firefox and GAFAM's DRM Sandboxes (Chrome, Safari and Others)
If you value the Web, you will avoid Cloudflare
Mixing Real With Fake in One 'Article' (by "Director of Content, Help Net Security")
From what we can gather, he got machines to generate some slop for him
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 19, 2025
IRC logs for Wednesday, February 19, 2025
Gemini Links 19/02/2025: FreeDOS abd Botfloods
Links for the day
Microsoft Has "Made the Customer the Product."
it's very likely this comment was made by a Microsoft employee
GNU/Linux and Android Trump Microsoft in Saudi Arabia, Bing Down Since the LLM Hype/Hysteria Began
Microsoft leaves a lot of money on the table
The Interplay Between Free Software and Journalism Based on Truths, Suppressed Facts
Honest people can be transparent. Dishonest, rogue people rely on a lack of it.
FSF Talk: "Free Software Teaching Materials" by Dr. Miriam Bastian
Software Freedom is rooted in philosophy but it's about technical solutions
IBM's CEO Has Become a Stochastic Buzzword-Generating Machine
The current CEO is extremely unpopular
Chicago Transit Authority Has Dumped Twitter (X), As Did Many Others Without Announcing It (Due to Fear of Right-Wing Mobs)
If you don't have an account in Gab, then you probably should not have one in "X", either
How-To Geek Sort of Supersedes MakeUseOf (MUO) for GNU/Linux Coverage
some writers from MakeUseOf (MUO) have been migrated to a sister publication
New Year's Resolutions Scoreboard
The goal is to improve clarity, accessibility, speed, and accuracy
Sites Reporting Crimes and Getting Harassed for Reporting Crimes
you cannot just ignore those who constantly seek to harass
Links 19/02/2025: Science, Hardware, and Digital Restrictions (DRM) Striking Again at eBooks
Links for the day
Zizian, transgender, Google & Debian open source extremist cult phenomena
Reprinted with permission from Daniel Pocock
Links 19/02/2025: The Forgotten USB Competitor and Pope's Bilateral Pneumonia
Links for the day
Gemini Links 19/02/2025: AuraRepo and Offpunk
Links for the day
Slopwatch: Wayne Williams is Making Up for His Workers' Slop Party, LinuxSecurity.com Still Publishes Fake Articles
We must identify and call out the culprits
“Open Source” Really Does Miss the Point, We Can Do Better Than That
We need to reject groups of people who promote Microsoft GitHub (proprietary) and call that "Open Source"
Red Hat's Bluewashing to be Further Completed This Year
Do not wait for some announcement from redhat.com - it's already covered by IBM
Links 19/02/2025: Organisations Quitting Social Control Media, Windows TCO Illustrated Some More
Links for the day
The Free Software Foundation is More Financially Independent From Large Corporations Right Now
Money that comes with strings attached to it is always problematic
The Free Software Foundation's Position on IBM Taking Red Hat Enterprise Linux 'Private' is Articulated Almost 2 Years Late
The Free Software Foundation finally spoke out about this issue
Techrights Publication Topics
One thing we'd like to do more of is Software Freedom advocacy
Springtime Layoffs at IBM (2025) and Statement From IBM European Works Council
It's about cost-cutting, even if such cuts doom the company
Microsoft Paying People Who Harass and SLAPP Techrights, Demanding Censorship
At this point the money trail leads directly to Microsoft
It's Not Even Hidden Anymore: Microsoft is Passing Bribes for Media to Publish Puff Pieces About Itself
GeekWire is paid by Microsoft to publish many puff pieces (even outright lies) about Microsoft
Dr. Andy Farnell on a Death to Efficiency and Cash
Cash is not the same as "digital cash", which isn't even remotely the same
Links 19/02/2025: Political Roundup and Halifax Wants to Dump Twitter ("X")
Links for the day
Gemini Links 18/02/2025: Beginning Meditation, Poison as Praxis, and Blogging
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 18, 2025
IRC logs for Tuesday, February 18, 2025