Bonum Certa Men Certa
Ana Isabel Carvalho and Ricardo Lafuente on Designs Beyond the GUI | One Month Passes, Only Comments in a Blog Post Actually Contain Accurate Information About EPO and UPC

Corporate Media Slanting Microsoft's Shipping of Racist Malware as 'Protestware' (and an 'Open Source' Issue)

Video download link | md5sum 70ea0f9ea4cf595dea1913731f6ca4c3 Protestware is Newspeak for Malware Creative Commons Attribution-No Derivative Works 4.0



Summary: After dozens of highly misleading 'news' pieces blaming "open source" for the actions of malicious/misguided Brandon*, shipping malware to many people through Microsoft servers, it is probably time to explain what really happened; it's part of a pattern of blame-shifting by Microsoft and so far this year we've seen many waves of dishonest Fear, Uncertainty, Doubt (FUD) tactics utilised for dramatisation and soon weaponised to create/reinforce a stigma

THE noise cancellation has been set up and now we should be able to make videos more rapidly, albeit much more is left to be configured later (like a proper Web browser that blocks ads).



This video is a belated repsonse to last month's FUD that even reached SJVN at ZDNet. The media was too eager to misportray and misattribute a "supply chain" (typically means Microsoft) attack. It's really quite ridiculous, but we haven't -- until now at least -- done a proper rebuttal. It may seem like old news already, but it's never too late to correct falsehoods. There's also racism involved.

"If the media fails to earn people's trust, this is why."Basically, in recent years we keep seeing NPM issues blamed on the victims, or on the recipients who got malware infections from Microsoft's own servers. The media never bothers mentioning that Microsoft controls NPM and is therefore responsible for it. We'll certainly get back to this topic some time in the future, as part of our Microsoft GitHub Exposé series.

We'd rather not link to any of the misleading pieces in this case (we found not a single accurate one, or any piece that got the narrative/culpability right), but it is explained briefly in the video above. If the media fails to earn people's trust, this is why.

Brandon Sanderson No/Yes: Malware? No! Let's call it protestware
What is it, Brandon?



____ In the words of bnchs in IRC, "Brandon turned his library into malware for nothing but to seem like a "hero" to people; it didn't take too long for Snyk, and eventually CVE, to catch on to his hidden malware [and] after people discovered it, he has attempted to delete the commit and any evidence of his malware [...] of course, it was too late [...] but I personally wouldn't trust NPM." (NPM is Microsoft)
Ana Isabel Carvalho and Ricardo Lafuente on Designs Beyond the GUI | One Month Passes, Only Comments in a Blog Post Actually Contain Accurate Information About EPO and UPC

Recent Techrights' Posts

Techrights Will Contact German Media About the EPO's Substance Abuse
This scandal won't "go to waste"
Search @ Techrights: Almost There Now (Maybe an Anniversary Gift)
Just to be very clear, search would not be unprecedented at Techrights
The Rumour Was True, Mass Layoffs at IBM Today
How widespread the layoffs are (or how they're disguised, e.g. PIPs) is hard to assess
 
The Fall of IBM: What Happened?
Just like the EPO continues riding some old reputation acquired in the 1970s IBM relies on old myths like, "nobody gets fired for buying IBM."
IBM's CEO Already Has the Excuse for the Latest Wave of Mass Layoffs
Only days ago the CEO told a bunch of nonsense
Links 04/11/2025: Conflicts, Politics, and IPv6 at Home
Links for the day
Gemini Links 04/11/2025: Entering WiFi Passwords and Programming Rambles
Links for the day
Arch Linux Seems Like the New Debian
Arch users (btw!) are growing in relative and absolute share
Analytics From US Government Affirm a Trend: Microsoft's "Market Share" in Search is Falling
the data set is large
Holding Institutions Such as the EPO Accountable Through Public Information
Speaking truth to power is never easy
EPO Staff Losing Holidays, as Usual, as the Office Increases Profits by Illegally Granting Invalid Patents While Reducing Salaries
How much more can the staff endure and generally tolerate?
Free Software Does Not Always Speak for Itself, It Needs Advocates
Legal matters that relate to sharing of code will be discussed
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 03, 2025
IRC logs for Monday, November 03, 2025
The Register MS Continues Looking for Money in Promotion of the "AI" Ponzi Scheme
That The Register MS participates in this deceit rather than tackle/debunk it says a lot about The Register MS
IBM Layoffs in "Software", This Likely Impacts Red Hat as Well
Many people say "software" people are impacted
Escaping Proprietary Software, Not Just Escaping Microsoft
To take control of your life adopt GNU/Linux
A Lot of Fake News About Microsoft Headcount (Also: Microsoft's Debt Rose by About 24 Billion Dollars in Past 12 Months)
If you see some headline about Microsoft's CEO making claims about hirings, look away
Techrights Turns 19 in Three Days
It would be nice to meet for a chat
Akira Urushibata on How Grokipedia Fails to Work
The Grokipedia article gives the wrong character for the "Ko" on "Koan"
Links 03/11/2025: Data Breaches, Wars, and Digital Censorship
Links for the day
Gemini Links 03/11/2025: Poetry, Old Androids and Small Shells
Links for the day
Links 03/11/2025: Internet Anniversary
Links for the day
Two Years of Uptime
Reboots are seldom involuntary
Richard Stallman is Giving Another Talk in Less Than a Fortnight
in two weeks' time (13 days from now)
Windows Falls Below 20% in the UK
Many people choose to leave Windows altogether
Microsoft's Search Business Falls to Lowest Point in 2 Years, Based on statCounter
what can Microsoft sell other than shares in Microsoft?
Evidence Regarding Layoffs at Red Hat
Seems like IBM layoffs
Microsoft: Our "Goodwill" Value Grew More Than Tenfold Since 2011
Hallmark of pseudo-economics
GNU/Linux as a Boarding Pass
being mostly analogue is still feasible
Links 03/11/2025: Lack of Trust in LLMs and Windows TCO at Jaguar
Links for the day
Gemini Links 03/11/2025: Books in October and Change
Links for the day
Mozilla Firefox Won't Survive and Many Sites Don't Work With It (Compatibility Abandoned)
The Web has become monocultural
Debian is Non-Free
Devuan might be worth looking into
Slopwatch: Brian Fagioli and LinuxSecurity
This is a real problem and most certainly a big problem because when people try to find real information about security and GNU/Linux they instead read "word salads" made by bots
Four Reasons to Party With Us in Four Days, Celebrating the Four Freedoms
Today we expect to be back to a more-or-less regular publication pace
Links 03/11/2025: The "Smartphone Panopticon" and Belarus' Hybrid Attacks on EU Intensify
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 02, 2025
IRC logs for Sunday, November 02, 2025
Microsoft's Debt Has Skyrocketed by More Than 15 Billion Dollars in 6 Months or 8.2 Billion Dollars in the Past 3 Months Alone
The corporate media intentionally disregards - or merely turns a blind eye to - such data
Rumour: IBM Layoffs in Canada Starting Tomorrow
"RA (IBM's term for layoffs) Coming to Canada this week (Nov 3rd)"
Debunking False/Misleading Statements Made or Told to the High Court
People who try to cheat the system by gaslighting judges will end up discrediting themselves
Fear, Uncertainty, Doubt (FUD) by LLM Slop
The Web has become such a sordid mess that this FUD made by bots is what Google News deems to be "the news"
This Month's Analytics Show Vista 11 Down, GNU/Linux Up
After pulling the plug on Vista 10 we see losses - not gains - for Vista 11
Almost Fully Caught Up
The EPO series will continue very soon, maybe tomorrow or on Tuesday
Links 02/11/2025: Another Halloween Bust and MAGA Regime Says Public Universities Should No Longer Hire 'Foreign' Employees
Links for the day
The Long-Coveted Milestone of 3,200 Active Gemini Capsules
Despite being away some days last week, about 50,000 Gemini requests were served each day, on average
Five More Days Till Techrights Party
We'll have many more batches of Daily Links as we catch up with a 'backlog' of news
Links 02/11/2025: More Nuclear Escalations and "Anti-Cybercrime Laws Are Being Weaponized to Repress Journalism"
Links for the day
Gemini Links 02/11/2025: "The Pragmatic Programmer", Perl New Features and Foostats
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 01, 2025
IRC logs for Saturday, November 01, 2025