08.24.15
Microsoft Windows Leads to Espionage and Blackmail: Latest Examples
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
Summary: Another news overview, detailing high-profile examples of high-cost Windows deployments (including the cost of litigation and settlement)
THE “IRS hack [is] far larger than first thought,” according to this new report. It’s no secret that the IRS is a Microsoft Windows shop (which was warned about security breaches as far back as 6 years ago), so it makes one wonder if Windows was to blame here, as in the OPM breach, the Sony breach, and most recently the Ashley Madison breach (not to mention Stuxnet in Iran). Based on our information, all these high-profile breaches one way or another involve Microsoft reliance. The corporate media failed to call out Windows, but a little bit of research often helps boil it down to Microsoft’s NSA-accessible (through back doors) platforms.
“The parent company can now be sued into bankruptcy. It’s the (hidden) high cost of Windows.”Below is a new story which shows how Argentina targets [1] a large number of dissidents for surveillance using a fake “confidential document [that] was intended to infect a Windows computer.” GNU/Linux users needn’t worry about such things. Then of course there is the latest high-profile breach, the one affecting tens of millions of members of Ashley Madison (including almost ten thousand members of the military, including high-ranked ones), some of whom are suing [2] (what’s the price of a failed marriage or blackmail?). The parent company can now be sued into bankruptcy. It’s the (hidden) high cost of Windows. According to [3], “Security Was An Afterthought” at Ashley Madison. Well, that’s quite evident. Ashley Madison is hardly even hiding it (DMCA rampage is not a substitute) and it has been made ever more obvious by the fact that they were using Microsoft Windows.
Microsoft and security are mutually exclusive, unlike Microsoft and insecurity. No secure application can be mounted on top of a base with back doors. It ought to be crystal clear after Snowden’s many revelations. █
Related/contextual items from the news:
-
Inside the Spyware Campaign Against Argentine Troublemakers
Alberto Nisman, the Argentine prosecutor known for doggedly investigating a 1994 Buenos Aires bombing, was targeted by invasive spy software downloaded onto his cellular phone shortly before his mysterious death. The software masqueraded as a confidential document and was intended to infect a Windows computer.
-
Canadians are suing Ashley Madison because a lack of prophylactic protection
A BRACE OF LAW FIRMS ARE BEHIND A class action lawsuit against Ashley Madison because it did not do enough to protect personal and private information.
The class action case, from two Canadian law firms, argues that the hookup stations failed users by not protecting their information and for not deleting it after a fee had been paid to ensure its deletion. It seeks $578m.
According to the New York Post the lawyers want some satisfaction for a cluster of punters who are currently wearing outraged expressions and regretting joining a site that does what it does in the way that it does it.
-
‘Security Was An Afterthought,’ Hacked Ashley Madison Emails Show
It’s already clear that, despite handling very sensitive data, Ashley Madison did not have the best security. Hackers managed to obtain everything from source code to customer data to internal documents, and the attackers behind the breach, who call themselves the Impact Team, made a mockery of the company’s defenses in an interview.
Content is available under CC-BY-SA
Canta said,
August 24, 2015 at 10:30 pm
Dr. Schestowitz.
About the first article, a few notes.
(Please know that i speak spanish, so my english could be weird).
* – The article is totally biased.
Nisman is used everywhere in the world as an example of some kind of heroic resistance against a regime to the point of being a martir, actively ommiting some notorious dirty aspects about himself, “his” (it’s in doubt that he was the one who wrote that, given the low quality) very poor accusation against two high profile public functionaries, and what he did with the investigation.
I don’t think that refuting that article belongs to Techrights, so links to Nisman critics, i guess, are out of place here. But everyone can go and check the english Wikipedia article on Nisman, to see things like the wikileaks mention of Nisman’s “friendship” with the USA’s intelligence or the fate of his sudden and mediatic accusation (wich made him “dissident”, when all the time before that was a friend of the current goverment, and “martir” just the day before of explaining his accusation in the congress). Those things are no secret around here, and that class of information is nowhere in the article.
* – You say in the text “Argentina targets a large number of dissidents”. It saddens me to say it, but i find it low:
the “large number” were just two persons in the note, one of them (Lanata) works full time at forging media scandals for money (he’s constantly trying to look as a targeted person, has his own history of corruption, and was many times accused, with evidence, of forging news), and then they talk about Ecuador and a deal for fighter jets (no dissidents at all in that case), all related by the use of low end spyware software when not directly script kiddiez tools.
It’s just not enough to seriously say “Argentina targets a large number of dissidents”. That’s totally unfair to Argentina.
* – The note says the spyware is available for GNU/Linux and Android, even when a Windows version was used. And the file was a JAR file: unless it was some kind of facade (Windows is full of that kind of attacks), we know jars DO work on GNU/Linux if adecuatelly forged. Even so, i don’t clearly remember it right now, but i think Nisman had a Mac: by your logic, he was also safe from the attack, just because they used some Windows version.
My point: i feel you’re saying half truths just to bash Windows.
I read you every day, i share your conviction that windows must be erradicated, and actually recomend Techrights as a reliable (when not unique and neccesary) source of information. Please know i’m writing this with great respect for your daily work and convinced that there’s no bad intentions in your text. I just felt this time you were wrong with that article.
Thank you again for your dedication.
Dr. Roy Schestowitz Reply:
August 24th, 2015 at 10:49 pm
I have read a good deal about the Nisman affair, admittedly in English-speaking media, so perhaps I lacked some context which takes an opposing point of view (probably in Spanish and not in Five Eyes’ media). It often happens when dealing with articles about Cuba and Venezuela (must know Spanish). After the war with Argentina I don’t expect British media (which I trust only a little more than US media) to speak favourably about the country’s leadership. Then there’s the Wikileaks/cablegate revelation about Clinton’s obsession with the Argentinian government. There may be legitimate reasons for distrust, least of which are historical, e.g. http://latinamericanhistory.about.com/od/thehistoryofargentina/a/Why-Did-Argentina-Accept-Nazi-War-Criminals-After-World-War-Two.htm https://vault.fbi.gov/adolf-hitler/adolf-hitler-part-01-of-04/view
Regarding the malware, they targeted a Windows machine in this case (predictable). In many cases it seems like safe bet/guess. GNU/Linux comes in many shapes and forms (some have SELinux in place), which helps further complicate buffer overflows and other monoculture-dependent attack vectors.
Canta said,
August 25, 2015 at 11:25 am
Oh, there’s the Falklands/Malvinas, of course. That’s even noted in the article, regarding some embargo on the fighter jets. That is true. But there are other things about Argentina right now, that some people even directly associate with Nisman in the context of international affairs.
TL;DR: Argentina may be at least as dirty as any other country, but Argentina is right now a nuissance for very powerful people and that can’t be ommited when reading things like the Nisman affaire.
* – Argentina is leading a battle in the UN in order to stablish a global normative against the now called “vulture funds”. If you peek some news about that, you’ll see which few powers are against Argentina proposals, and how the rest of the world agrees with it. Argentina’s president even called “terrorists” in the UN all those who manipulate markets.
As a colour note, and an example of what is going on with this issue here: that guy Lanata in your first article, he works for the biggest media conglomerate in Argentina (the “Clarin group”), a strong enemy of the actual goverment, which happens to share an address in the USA with no other than Paul Singer.
* – Argentina is protectionist of its markets, and promotes regional integration. The actual is an, at least verbally, very nationalist goverment. This has lots of consequences (many of them negative in the short term for Argentine middle-class citizens like myself) but it’s enough for the monopolistic media to bash it like it where some kind of ignorant brute about economics. Not to mention that Argentina is dealing with China and Russia while legally battling the USA over commercial rights and England over the Falklands/Malvinas sovereignty; they try to put Argentina as a beligerant and isolate state, when it claims for the rule of law and do lots of international trading.
* – South America is right now a focus of attention, not only with the grow of Brazil. The situation in Greece and Spain is constantly compared with Argentina in 2001 (a devastating neoliberal disaster), and lots of voices call for copying its experience (huge recovery from 2003 to this days, renouncing to liberal recipes and actively confronting liberal organizations).
* – There’s a long history in South America of operations in order to control it. Event current-times coups. Every time is the same: infinite corruption accusations in the media, economic attacks, and selling the USA as some kind of paradise everybody should copy (we argentinians in particular have an historical fixation with Europe as our little personal heaven). Media and market powers plant public discontent. The Nisman affaire was received here by lots of people as another media operation; what Nisman did had absolutelly no sense at all (his accusation was shockingly poor made for a respected and competitive professional), and splitted the argentinian oppinion in two sides: the paranoids that say that the goverment is assasinating their opposition, and the paranoids that say that this is all a distability operation. Nisman did everything wrong and ended achieving nothing but public caos (if anything at all); there are very few parties beneficing from that, and certainly not the current goverment.
Another colour note about that: the monopolistic press here bashed hard the Argentina-Iran understanding treatry regarding AMIA (the Nisman’s case) and any nuclear interaction with them, while praised the USA’s recent treatry.
* – Even when there are constant attack to south american goverments by monopolistic powers, the goverments remain strongly popular. With all their shady bussiness happening, and all their social problems, most South America goverments are ultimatelly and strongly democratic. And that’s not some kind of accident, but a result of South America’s history of military dictatorships around the 70′s: this people have learned to respect democracy the hard way. The opposition, on the other hand, insist on calling this goverments “regimes” and “dictatorships”, which is another non-accident. So… i don’t think is a minor issue who’s that opposition.
* – You quote the nazi affaires in Argentina, as (i understand) a proof Argentina is clearly not any saint. If that’s the case, i agree on that: trust me, i live here, i know many crappy stuff about Argentina. But i see the Nazi affaires as part of the same problem.
It all happened during Perón, which is known worldwide as a remarkable popular/populist leader. He let a very deep mark in Argentina’s political movement, and for a lot of people here his first goverment was the best goverment Argentina ever had. He’s evenly hated as loved, both regarded as saint and devil. But nobody around here says the guy didn’t knew what he was doing: he’s universally recognized as a cunning strategist.
Thing is, part of the Perón’s idea was to industrialize Argentina, which is an historical agricultural country. Perón was another market protectionist, a nationalist and desarrollist, and part of the peronist economic strategy was to develop an argentine industry: an interest against the local (agricultural) and international powers. In that adventure, it is common knowledge, he dealed with the Nazis, as they were not only anti-communist but also technological vanguard. It’s said, for example, that Perón’s Nazi deals where the beggining of the argentine nuclear program. Something that also happened here and there:
https://en.wikipedia.org/wiki/Operation_Paperclip
https://www.google.com/search?channel=fs&q=USA+nazi+criminals&ie=utf-8&oe=utf-8
I don’t say this to be an apologist or a moral relativist; i’m not peronist nor pro “let’s be like the USA”: crimes are crimes, period. I firmly believe in the human rights, democracy, and the state of law, in that particular order.
What i’m saying is that it’s just not that simple as to say “LOOK! NAZIS!” to talk about what happened back then.
Perón gave the argentine low and middle class historical rights in a moment of global war and revolution, calming the waters around here, while he was also responsible of violent (including assasinations) anti-communist movements. He showed himself as an avatar for the worker class, when he was also actively and explicitly working for the upper bourgeoisie. Where Marx states “class struggle”, Perón states “class reconciliation”, and that implies concessions for both sides. That two-sides of peronist policy is commonly known here as “peronaut pendulum”, and it always had the effect of giving Argentina, for the best or the worst, a certain degree of autonomy otherwise could not had. That autonomy, cultural and economical, was and still is strongly bashed by monopolistic powers.
Same thing is happening today with current goverment. And then in the monopolist media it doesn’t matter what Argentina does about anything: if it’s done by Argentina is just plain wrong, ignorant, brutal… but if it’s done by the USA is at least kinda understandable (like the understandings with Iran), or it doesn’t even say a word about if the USA did/do the same kind of things.
I constantly quote around here, to my friends and co-workers, your links regarding violence around the world, as many people here believes the USA and Europe as violence free and sees violence in Argentina as the results of inept or corrupt policies; that’s the result of the media coverage of things here.
My point about all this: anyone can hardly rely on the media for this kind of stuff like the Nisman affaire. Is just absurd. This is the reason i value Techrights work so high, and why i felt sad seeing it falling into some kind of media common place. Nisman affaire is more noise than information, and specially outside Argentina.
Dr. Roy Schestowitz Reply:
August 25th, 2015 at 12:17 pm
I guess one important question remains, can The Intercept be trusted?
Canta said,
August 25, 2015 at 12:44 pm
Well… i don’t know.
I said the article is biased, i have no doubts about that; there are lots of public domain data about Nisman and Lanata not even insinuated there, as well as this is an article about argentine intellicence and doesn’t say a thing about the status of intelligence central in Argentina: the president dissolved in january the SIDE, the now ex argentinian intellicence central, and created a new one; weeks before that there were this attacks using low-end tools, and weeks after was the Nisman assasination/suicide; SIDE was showing a parallel power forged since the 70′s, and the new intelligence central had the first official task of investigating big banks: nothing to say about that LITTLE detail in an article about spionage?.
But i didn’t meant to say The Intercept is somehow the devil: affaires like the Nisman one are honeypot for investigative journalists. I wouldn’t blame so hard a passionate journalist truly believing he’s revealing some explosive truth to the public, just for thinking an example of a not so terrible bias. This is a state-wide affair, so is kinda big deal, and the lines the article traces between attacks have indeed some sense. Is just biased for ommiting, not for telling lies.