01.04.11

Links 4/1/2011: Linux is Everywhere, GNU/Linux to be Sold in Walmart

Posted in News Roundup at 5:27 pm by Dr. Roy Schestowitz

Clip of the Day

Bohemian Rhapsody, for Four Violins

Credit: TinyOgg

Permalink Leave Your Comment      Send this to a friend

Techrights is a Group Effort

Posted in Site News at 12:33 pm by Dr. Roy Schestowitz

Summary: Clarifications about how we are run and how people can help

The previous post spoke about someone calling Groklaw to open up. As always, Techrights welcomes post submissions from anyone, so please get in touch if there is something on-topic which can be posted here. Additionally, translations are always encouraged and they get added to our localised Wiki pages, e.g. for Spanish.

“We’re delighted to open 2011 with a steady flow of long posts that contain a lot of external references.”We never lack topics to cover (we have about 20 post drafts at the moment), so what we truly need is more contributions from people who enjoy the site. The best help we can get is corrections and new content. A lot of the posts’ content is conceived in IRC and some gets sent by E-mail (then attributed properly). Everyone can participate. One reader flattered us by suggesting a “TUG” (Techrights Users Group) some days ago.

At the end of 2009 we stopped paying attention to Internet trolls and other distractions, which made 2010 a very productive year. We’re delighted to open 2011 with a steady flow of long posts that contain a lot of external references. We work extremely transparently and take pride in it (nobody can ‘leak’ anything), even if our detractors sometimes try using it against us. █

Permalink Leave Your Comment      Send this to a friend

As India Picks ODF, Novell-Microsoft Influence in LibreOffice Raises Questions (the Unfortunate ‘Go-OO Factor’)

Posted in Asia, Open XML, OpenDocument, OpenOffice, Standard at 12:01 pm by Dr. Roy Schestowitz

Summary: Novell staff is said to be pushing for OOXML write support in LibreOffice just when ODF becomes a standard in more and more large nations

Techrights is a supporter of LibreOffice because it is willing to believe that — as promised to us personally — the project is not steered by Novell employees. Last night in IRC one of or readers raised some concerns about what goes on at LibreOffice and its umbrella organisation. There is active discussion about it in Twitter and in Groklaw. If there are blog posts or articles about it, then we have not come across them yet. The short story is that OOXML write support becomes a controversial subject for all sorts of reasons, some more justifiable than others (and some are fictional). Charles from LibreOffice has kindly responded to us about 3 times already, denying all of the allegations (more on that in Twitter).

For those who are not familiar with this debate, start here in an IRC log from last night. This came at the same time as the news about India going with ODF, which is a fantastic development. To quote a Red Hat employee:

Here is some good news to kick off the new year. As a follow-up to the Policy on Open Standards for e-Governance, the Department of Information Technology has published the “Interoperability Framework for E-Governance in India (IFEG).”

The draft of the IFEG lists out the standards approved for e-governance in India. The last date for comments on this draft is 27th Jan 2011.

The current concern is that Novell, which was paid handsomely by Microsoft, may continue pushing for OOXML. We wrote about this last month and this question returns not just due to discussion in Groklaw but also because IBM’s Rob Weir writes that the “Document Foundation debates OOXML support in LibreOffice. With freedom it is hard to be only half pure. http://bit.ly/hjPqMU”. The FFII says: “A user is concerned about #LibreOffice #OOXML write support http://comments.gmane.org/gmane.comp.documentfoundation.discuss/3058″

As Weir added: “Half-pure is starting with the goal of being independent of a Oracle, but then doing what Microsoft is paying Novell to do.”

“Half-pure is starting with the goal of being independent of a Oracle, but then doing what Microsoft is paying Novell to do.”
      –Rob Weir, IBMAs a result of this, Weir comes under another pressure offence from Microsoft, over ODF. He is having a long powwow (about 30 tweets back and forth) with Microsoft employees and also boosters like Jesper Lund Stocholm, starting with messages like this one which says: “if OSS doesn’t add support for OOXML, .NET, XPS, SilverLight , etc., then they’re “detroying your ability to choose”?”

It’s like Microsoft speaking using a peripheral person, Jesper. They spin OOXML as “choice” again. We’ll probably post a little more on this subject at a later date. A lot of it is in Twitter and in our IRC logs. Maybe it’s just a manufactured controversy, it’s still hard to tell without a lot of research and personal queries. There is more in Groklaw comments and interestingly enough, a longtime supporter of Groklaw, Brian Proffitt, opines that Groklaw should open up to more people:

The problem is that in the short term, Groklaw’s mission (stopping SCO from hurting Linux) has basically succeeded. Yes, there are pending appeals from SCO, but Jones is concerned that any efforts to continue the fight against SCO will only serve to help companies like Novell. Other suits are out there, but right now the community interest for those seems to be waning. And, I suspect, Jones’ own interest might be waning: she has been at this since 2003, while facing several personal attacks along the way. The potential for burnout has to be very real.

When one person, any person, gets so wrapped up in something and then has to deal with the lack of that issue in their lives–even if they have won–it has a profound effect.

My most constructive suggestion would be for Groklaw to become a more community-run site. Instead of being a strictly one-person show, perhaps a shift to a more collaboratively run organization is possible. There is precedent: Linus Torvalds is still leading the Linux kernel development, but over the years he has delegated a lot of responsibilities to the various kernel maintainers. Surely there are those in the Groklaw community who could step up and fill similar roles for Groklaw.

I believe this approach would enable Groklaw to dedicate more time to covering all of the different legal issues surrounding FLOSS these days. In effect, it would become a meta-blog, like Huffington Post, or Engadget, or what have you, with a focus on FLOSS legal battles.

Change isn’t easy, but it can be an opportunity to do something bigger than you had ever planned.

The whole post is very thought-provoking and it has attracted Microsoft mobbyists too (libel and crazy theories in the comments). █

Addendum: As this post comes into publication time Charles posts this rebuttal in his blog. He also told me: “I think it might be #Oracle trying run some brainfuck here. Oracle more #FOSS than #LibreOffice? Who does benefit from this?”

Permalink 3 Comments      Send this to a friend

Bill Gates Forms Government Connections to Avoid Paying Tax and Further Exploit the System

Posted in Bill Gates, Deception, Finance, Microsoft at 11:10 am by Dr. Roy Schestowitz

Summary: More government connections for the Gates Foundation and the effect on taxing

Back in October we wrote about Pelosi and Microsoft, noting in the very same post that Bill Gates had become the #3 man in United States government (not private sector). It is appalling as it helps these people arrange tax benefits for both Microsoft and for Gates (violator of the law), obviously at the expense of mere mortals, so to speak. “Top Pelosi aide leaves speaker’s office” says Politico and don’t miss this bit:

Pelosi’s director of intergovernmental affairs, Cheryl Parker Rose left on Oct. 1 for a job as deputy director of government affairs for the Bill and Melinda Gates Foundation.

Pelosi spokesman Drew Hammill said Parker Rose’s departure has nothing to do with the pending election. Rose started the job on Oct. 18, a Gates Foundation spokeswoman said.

Yes, and former Gates staff is moving to other places too, spreading similar agenda more often than not. A couple of years ago we wrote about the head of the Gates Foundation moving to the Smithsonian (government) and guess what happens now in the news? “Bill & Melinda Gates Foundation Gives $50 Million in Grants to the Smithsonian Institution” and there are already ‘gifts’ from Microsoft, announced in CNET under the headline “The Smithsonian welcomes Microsoft’s Surface”. It’s a Trojan horse and it’s promotional. The following news about Smithsonain [sic] is probably not related. It has a similar name, but apparently in South Africa only (“By Emeka Aginam, in Cape Town, South Africa”):

The global software giant, Microsoft in partnership with Smithsonain Institution and TakingITGlobal have launched Shout initiative , a capacity building program designed to encourage teachers to use technology to help students explore, connect and act to address some of the world’s most pressing environmental issues, while gaining important skills including collaboration, critical thinking and social responsibility.

“Microsoft in partnership with Smithsonain Institution” pushing for changes in the schools, eh? Well, Gates’ effect on schools is a subject we’ll address in a separate post, based on some of the very latest news. Here is the schools agenda being promoted by the Washington Post, where Melinda Gates was on the board until very recently (more on that later):

Gates Foundation donates $50 million to Smithsonian

[...]

The Bill and Melinda Gates Foundation is giving $50 million to the Smithsonian Institution, the national museum announced late Wednesday.

[...]

Gates is giving $30 million of the gift to “reach underserved students” in the United States.

As Gates Keepers put it, “Former Gates staffer’s museum gets a grant from the Foundation” and to be more specific: “Patty [...] is the former CEO of the Gates Foundation. She is now Chair of the Board of the Smithsonian. And the Smithsonian is now the proud recipient of a grant from the Gates Foundation. It is nice to have friends who remember you. Melinda Gates is on the Board of the Washington Post but the Post writer does not point out the connection.”

Hello, cronyism? We predicted this years ago when Stonesifer entered the Smithsonian.

This leads us to another new example where Bill Gates is exploiting government connections. The establishment gives Gates tax exemptions, but why? The “Gates Foundation posts 2009 taxes” according to the news and people have begun looking for clues inside it, especially in particular Web sites which are critical of this foundation’s activities.

It oughtn’t be news that Gates is exploiting governments all around the world to give franchises or taxpayers’ money to certain companies which he lobbies for. We gave many examples before. The foundation itself consists of many people from the companies whose patents they advance/seed in the market using a so-called ‘charity’. Here is a new example of the “revolving doors” effect:

Medical equipment maker Stryker Corp. said Friday that it has hired Allan C. Golston, who heads the U.S. arm of the Bill & Melinda Gates Foundation, as a director.

Well, guess what? Bill Gates and Warren Buffet have just been named in
top 5 “World’s Most Heinous Climate Villains” over at Alternet:

Bill Gates and Warren Buffet

Misdeeds: Pretend to be friends while engaged in a vicious competition to see who ends up with the most expensive coffin. Flew together to inspect the Alberta Tar Sands and ponder investments, looking to add to Buffet’s $34 billion Burlington Northern Santa Fe coal-hauling railroad purchase and the Gates Foundation Nigerian oil portfolio. Gates is dumping cash into geo-engineering as a way to “hack” the climate, instead of getting off oil and coal. The duo insist that the government should be responsible for clean energy development, but that we need to tax our citizens to pay for it. They can’t be bothered, since they’re too busy banking on sure things like fossil fuels.

Corporate Teat: They’re the tits, not the pups. Microsoft and Berkshire Hathaway, much of it tax sheltered by the Gates Foundation.

Most Egregious Lie: “We need an energy miracle.” Gates’ time frame for converting to clean energy is 40 years, giving him and Buffet plenty of years of income from their dirty investments.

For those who do not know or remember, Gates invests in BP [1, 2, 3] and in Exxon [1, 2]. Some charity, eh?

There are also many private investments which are tax-exempt, including one in JJB Sports (a shop that I personally hate). “JJB taps Bill Gates, others, to stay afloat” says this new report

Struggling British sportswear retailer JJB Sports (JJB.L) said investors including Bill Gates, the United States’ richest man, have backed a 31.5 million pounds ($48.57 million) fundraising to keep the firm alive.

There is more coverage about this elsewhere [1, 2] and it makes one wonder if Gates runs a charity at all. As the previous article from Alternet stated, these people are investing without the inconveniences associated with tax. Here for example is an article from one month ago about investment in Waste Management (covered in this site before): “As it happens, Warren Buffett and Bill Gates — through Berkshire Hathaway (BRK.A), Cascade Investment, an asset management firmed own by Gates, and the Bill & Melinda Gates Foundation — are major holders in Republic. The Gates Foundation owns Waste Management shares too. It’s not hard to discern why Buffett and Gates like the trash business: It has significant barriers to entry because new landfills are hard to site and expensive. And despite the buzz about zero waste, Americans generate lots of trash — an average of 4.5 pounds a person per day, the EPA says.”

Moving on to the last topic of relevance, a lot of people still fail to understand how showing generosity can actually be a ploy for tax avoidance. it’s a loophole. To quote a recent post we were told about a few days ago by MikeC:

[I]t helps to explain the first part, all these billionaires willing to donate to charity. For such family foundations allow the cash to be put into them tax free. And then the cash can be invested attracting no tax on any returns to it over the generations. Subject only to paying out 5% of assets (I think I’ve got that right) each year in charitable works. Such 5% can be made up of paying family members to administer the trust…..

Which is why Joe Kennedy left his money to a series of family trusts, the Hewletts, Packards, Fords, Rockefellers and so on.

Leaving the money to a “charity” is in fact the American way of making sure that a) no tax is paid on it and b) that the heirs cannot piss away the capital.

So, given that the traditional Amercian manner of making sure you keep the money in the family is to give it to a charity the news that 40 billionaires have been presuaded to leave their money to charity really isn’t all that surprising. Nor is it really something that might have taken a great deal of persuasion to bring about.

The same old disinformation which relies on people not knowing about these tax exemptions gets spread by many sites/blogs, which is sad. Truthfully, we gave many examples of this disinformation before and it’s troubling that they won’t stop making the false claims about Gates’ (senior and junior) lobbying on tax issues. Although it mostly goes a couple of months back, here are some examples of bad coverage [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12] which portrays Gates, who does not pay tax, as someone who wants rich people (those without exemptions) to be taxed more. So while Gates’ lobbying staff is enjoying luxury homes and no burden of tax, ‘mere mortals’ continue to suffer more and more. Whose country is it and who really controls government officials? Answers to this question will be given in the coming days when we cover Gates’ latest private sessions with President Obama. We have a massive backlog of postings. █

Permalink Leave Your Comment      Send this to a friend

Yet More Microsoft Staff (Now Suzan DelBene) Enters Government to Assist Microsoft’s Looting of the System

Posted in Finance, Microsoft at 7:33 am by Dr. Roy Schestowitz

Summary: Microsoft veterans sneakily take over key positions in government and enable Microsoft to not pay tax, passing all the burden to poor people and leading to cancellation of state programmes

FROM a Microsoft employee who at last saw the light and decided to expose his former employer for what it does to avoid paying tax (financial misconduct notwithstanding) come some new posts that help reveal how Microsoft uses politics to essentially loot the public at large. The latest posts are:

i. Thank Ross Hunter for Making Microsoft’s Record Profit Untaxable

Under Democratic Rep. Ross Hunter’s leadership in the Washington State Legislature, Microsoft’s licensing revenue is no longer taxable in Washington. Hunter led the change to Washington’s royalty tax so that only licensing revenue sold to Washington State customers is taxable. Prior to 2010, worldwide royalty revenue was taxable.

Hunter is a former 17 year veteran of Microsoft, now head of the powerful finance committee. Rather than apportion the royalty tax (which resulted in only a tiny gain in state revenues), Hunter could have adopted stricter enforcement language around out of state tax transactions such as was proposed by the state’s Department of Revenue. Since 1998, Microsoft has used a small office in Reno, Nevada to record its worldwide royalty profits – avoiding nearly $1.25 billion in tax liabilities.

ii. Now for what really matters…

If there’s one thing I learned the past year working the Microsoft tax dodge issue, it’s that the state legislature is pretty well bought and paid for by corporations like Microsoft. Who would have thought Rep. Ross Hunter would lead the charge to raise taxes on voters while giving Microsoft a giant back door tax cut? Well, at least today, we’ll see what voters think of Ross Hunter’s efforts.

iii. Microsoft’s Nevada Employees Probably Shouldn’t Joke About Criminal Activity

If you want to know what the Kool-Aid tastes like at Microsoft, check out this clip of its Nevada Licensing employees offering up their own “I’m a PC” anecdotes. It’s not quite as cringeworthy as the Windows 7 Launch Party and not as bizarre as the IE8 vomit girl ad, but it’s definitely painful to watch.

I was most intrigued by this brief segment in which an apparent Reno-based Microsoft Licensing employee jokes, “I’m a P.C. and I’m a criminal.” On the wall in the background, there appear to be pictures of two to three other mugshot photos – perhaps also Reno employees? Exactly what is she referring to?

iv. An Update on Microsoft’s Nevada Tax Operations and Washington State’s Budget Deficit

* Most people in Seattle (and Washington State), know nothing at all about Microsoft’s Nevada tax practice in part due to the fact that The Seattle Times has never reported the story.

* Local coverage of this issue does not appear to be improving. e.g. The Gates Foundation gave $400,000 to local news blog Crosscut.com, which later was caught removing anti-Microsoft sentiment from a published editorial by the University of Washington’s Bill and Melinda Gates Chair of the Computer Science and Engineering Department.

* Perhaps due to the lack of awareness of his actions, King County voters re-elected Rep. Ross Hunter. Diane Tebelius, Hunter’s Republican opponent never mentioned the Microsoft tax dodge, though she was briefed on it (by me), presumably because she did not want to alienate Microsoft employees in her district.

v. Ex-Microsoft Executive to Lead Washington State Department of Revenue

Today, Governor Gregoire appointed former nine year Microsoft executive Suzan DelBene to run Washington State’s Department of Revenue. DelBene’s husband Kurt is President of Microsoft’s Office Division. DelBene’s basically a marketing executive, although she recently ran unsuccessfully to unseat Congressional GOP Rep. Reichert. As far as I know she has no formal background in tax law. Full disclosure: I used to work with Ms. DelBene and for her husband Kurt at Microsoft in the early 1990s.

[...]

The Seattle Times has reported in the past that Mrs. DelBene is also a longtime friend of Representative Ross Hunter. Hunter is the 17 year ex-Microsoft veteran who as Democratic chair of the powerful legislative finance committee led the move to apportion the state’s royalty tax, getting Microsoft off the hook for up to $145 million annually in taxes and potentially over $1.24 billion in back taxes, interest and penalties. Since 1998, Microsoft has recorded the bulk of its software licensing revenue in Nevada to avoid Washington State’s royalty tax. This blog regularly questions the legality of this accounting practice.

Rick Perry is already pulling a fast one and it is worth emphasising that Microsoft has debt to repay while it claims to have possession of money (we are sceptical of it). To quote a recent article:

Microsoft (Nasdaq: MSFT) just borrowed $6 billion even though it has roughly $40 billion in idle cash. Crazy.

Crazy indeed. Why borrow money when you already have money? As other sites have been pointing out, this may indicate that Microsoft is hiding or distorting something, just as it distorts numbers in its reports to the SEC. But anyway, sticking to the subject of tax, here is some information about the Microsoft veteran who enters the government to become head of Department of Revenue. Amazing!

DelBene, a former vice president for marketing on Microsoft’s mobile communications team, contributed $2.3 million of her own money to her campaign. She is married to Kurt DelBene, the current president of Microsoft’s Office business.

Crony capitalism in action. For more about her, see the text here. Todd Bishop claims that “Microsoft pedigree isn’t enough to ensure a Congressional victory in the company’s home region.” That’s a straw man argument. Nobody suggested that Microsoft pedigree alone is enough to assure such a position. Bishop at least mentions this: “Also of note on the state level: Incumbent state Rep. Ross Hunter, another Microsoft veteran and Democrat, is facing a tough fight for his seat. He’s leading Republican challenger Diane Tebelius, but the race was still too close to call as of early this morning. Hunter has come under criticism for helping to enable the company’s practice of recording software royalty revenue in Nevada, reducing its tax bill in its home state by an estimated $100 million a year.”

The same blog said right in the headline that “Ex-Microsoft exec DelBene to head state revenue department” and ABC (Bill Gates-sponsored) hosted content from AP, saying that “Gov. Gregoire Appoints Suzan DelBene to Cabinet” (nothing at all about the Microsoft tax controversy).

Former congressional candidate Suzan DelBene was appointed director of the state Department of Revenue on Tuesday, with Gov. Chris Gregoire saying that the former Microsoft executive “has the knowledge, skills and experience needed to guide the agency through what is a transformative time for the department and the state.”

This article from AP also appeared in MSN. Microsoft ought to like such shallow reporting which bothers not at all with the real issues. There is more news from Reno, where Microsoft manages to arrange the Washington tax avoidance. “Angle Appears at Reno’s Microsoft Licensing” says the headline.

Lately, every day feels like Election Day. The frenzy is everywhere from those TV commercials, to sign-crowded intersections. And protestor-frenzy, in Reno to greet Sharron Angle as she made a Monday visit to Microsoft Licensing off Neil Road. Microsoft would not let us in…we weren’t exactly invited. Angle’s campaign did not even tell us ahead of time that she was appearing. Outside was a group of protestors, comprised of a man in a chicken outfit, 2 Reid campaign workers, one unemployed volunteer, and 3 members of local 3, the operators-engineers union. They told us they’re not getting any work. Union apprentice Ronald Feemster told us he’d “like to see somebody in office that might actually do some good for northern Nevada.” As to why he doesn’t blame the current administration, including Harry Reid, he told us, “Because I feel it was inherited.”

Elsewhere in the news it’s now announced that many programmes are being cut in Washington and citizens are furious. One site has nearly 1000 comments posted in response. It contains a lot of finger-pointing, with Microsoft and xenophobia being the lead topics.

It ought to be added that Microsoft’s avoidance of tax and the cronyism which enables it were never a US-only issue. Microsoft was found guilty in other countries and in Europe it is using Ireland as a tax haven, with severe consequences to the whole of Europe. From the new article titled “Consequences of the Irish Bailout”:

The key bailout test was whether or not Ireland would retain its 12.5% corporation tax, which has attracted a number of giant multi-nationals to relocate there — such as Google (GOOG), Pfizer (PFE), and Microsoft (MSFT) — much to the annoyance of other European countries, especially France and Germany who had this at the top of their conditions hit list. The fact that Ireland has apparently retained sovereignty over the corporation tax bodes well for eventual economic recovery as the relocated multi-nationals account for more than 70% of Irelands exports and generate more than 50% in corporation tax revenues, without which Ireland truly would be bust for the next decade.

Also see this new case of blackmail, titled “Microsoft, Hewlett-Packard Warn Ireland on Tax, Telegraph Says”. Well, via a lobby group, the Chamber of Commerce, Microsoft is driving its interests in Europe, at the expense of mere people as opposed to corporations. The article says: “The American Chamber of Commerce in Ireland warned the country that an increase in its corporate tax as part of a European Union and International Monetary rescue package may damage foreign investment, the Sunday Telegraph reported.” The Irish Times has published an article titled “The people person at Microsoft”, but Microsoft does not care about people; it cares only about its shareholders who are mostly in the US.

One can conveniently ignore all of this, but Techrights will not. █

Permalink Leave Your Comment      Send this to a friend

OpenSUSE’s Future is Doubted Even by OpenSUSE Sympathisers

Posted in Microsoft, Novell, OpenSUSE, SLES/SLED at 6:49 am by Dr. Roy Schestowitz

Summary: OpenSUSE critics from the project’s own base of supporters are coming out voicing their discomforting opinions

SUSE means a lot to me historically. It has always been one of the leading distributions, but when Novell liaised with Microsoft its reputation took a tumble. There is not so much news about OpenSUSE anymore. Sure, there is still the occasional security alert, the Weekly News (in need of writers), and an attempt to fill up the vacuum left by departing members. Many people seem to be leaving the core of the project, not just as users.

Groklaw worries about Novell’s betrayal and worries for OpenSUSE’s future [1, 2, 3]; it’s about user confidence, which is being lost in this Novell aftermath. Today Groklaw warns about OpenSUSE’s foundation and to quote some portions from a very long post:

Wikipedia’s page on the OpenSUSE Project says it’s sponsored by Novell, AMD and IP Exchange, not just Novell, and OpenSUSE’s sponsor page confirms those three and adds B1 Systems GmbH as another. Then there’s the community of programmers that develop and maintain the project, judging by this OpenSUSE development page, which says “the openSUSE distribution … consists of around 3500 applications, libraries and utilities. All of them are cared-for by openSUSE Package Maintainers who integrate, polish, update and maintain them. Maintaining packages is the bread and butter development task that is done in the openSUSE project.”

So why is the trademark Novell’s alone?

It doesn’t feel right, does it, when you look at it like that? My point is, there’s more than one stakeholder in the OpenSUSE foundation being set up, and you’ll see that discussed in the log. Trademarks have economic value, and if the community is helping in building that value, I think it’s logical that they should gain a share of ownership rights so as to get some share in that value and some say in what happens with the trademark.

[...]

Don’t be fooled by who from the community signs up with the foundation or think you can rely on them to play fair with you. No matter who the foundation hires or puts on a committee, nothing changes with regard to developers. You have to look out for your own interests. Microsoft has buckets of money. The staff are paid. You are not, so your interests and the corporate and hired interests are not identical, even if they are really nice guys. So keep your guard up, read the bylaws, and notice the licenses that a foundation is using too. If the license allows for taking the code proprietary, as per the Apache License (they call it “keeping your modifications secret”, which is allowed by the license), then it’s maybe Open Source but not Free Software in the sense that the GPL guarantees. It means there is no guarantee that modifications to the code will remain free. That’s why Oracle turns red at the thought of the Apache License on Java, I would imagine.

About a month ago there were signs of progress amid release delays (affecting the milestones even after Novell had slowed down release pace):

openSUSE 11.4 has feature freeze with Milestone 5 to be published on December 16th. So, it’s too late for a full review of all 11.4 features in time – and thus the team will only a review and push a few features.

Novell is reaching out to the community with a new survey. While some users like Dedoimedo and Andy still write about OpenSUSE, it sure seems like the community once fostered by Novell keeps slipping away and a longtime supporter of OpenSUSE makes predictions for 2011, claiming that “OpenSUSE will die”:

openSUSE will die. Or at least as we know it. Attachmate is still beholden to Microsoft for helping them come up with cash to purchase Novell. MS did not do this so that Attachmate could continue developing openSUSE. So what I see is openSUSE being put to rest by Attachmate and a spin off will be created by freelance open source developers.

Another person who supported OpenSUSE (Brian Proffitt) is as sceptical as us about AttachMSFT’s poor assurance. In his summary he claims: “One-on-one interview confirms fates of SUSE Linux, openSUSE tied together.”

Yes, it seems like AttachMSFT might do with OpenSUSE what Xandros did with Linspire and Freespire, in due course.

It is sad to see all of this. Important projects suffer, whereas unwanted projects like Mono and Moonlight are still around. Here we have a new post about a Mono program from Novell and an overly optimistic roundup of 2010 from the OpenSUSE Web site. “Integration with Banshee” (Novell projects that’s a no-no) is shown as something positive there. If OpenSUSE considers .NET to be a selling point, then maybe the demise of OpenSUSE won’t be all that terrible after all. █

Permalink Leave Your Comment      Send this to a friend

Microsoft Confirms — and Also Spins — Loss of 17,000 Hotmail Accounts

Posted in Mail, Microsoft, Servers at 6:12 am by Dr. Roy Schestowitz

Summary: Microsoft’s reputation takes another dive as many people lose their mail for a couple of days

YESTERDAY we wrote about serious Hotmail problems that ‘greeted’ people as the new year kicked in. Microsoft is now acknowledging that this happened and the first link sent to us about it is of Microsoft booster Gavin Clarke, who says that “[t]he outage comes after a year in which Microsoft has relaunched and rebranded Hotmail with a new-look inbox intended to make it easier to manage and view emails, along with pictures, video, and links that might be sent along with the actual email messages.”

“The company in December asked Reddit readers to give their feedback on the changes. Hotmail remains the web’s most popular free email service with 360 million users, but during the last decade it lost momentum to Google’s Gmail in terms of new features and popularity.” [via]

This does not quite refer to the real issue, which is the 2-day-long loss of data (Clarke gave Microsoft’s side of the story and response to it). In closing he writes: “Microsoft has been PR-ing people hard, trying to convince us that Hotmail is just one of a suite of services that the company can competently and reliably deliver in – where else? – the cloud.”

How tongue-in-cheek. A lot of this “PR-ing” for Hotmail and Fog Computing came from the author himself. He even does a special, one-of-its-kind show for The Register, focusing solely on Microsoft. A lot of sites had not covered this until Microsoft had a PR response, but to be fair, that’s just probably because of the new year and the accompanying break reporters took. Another possibility is that they waited for Microsoft’s formal confirmation before publication. █

• Microsoft Hotmail Bug Affected 17K Users
• Outage hit Hotmail over New Year’s weekend
• Hotmail Data Loss Reveals Cloud Trust Issues
• Lost Hotmail emails restored: Microsoft
• Missing e-mail, folder bug in Hotmail fixed
• Microsoft says missing Hotmail e-mails restored
• Microsoft Restores Hotmail Access
• Microsoft deletes Hotmail data
• FP Tech Desk: Hotmail messages go missing
• Hotmail users complain of missing e-mails
• Hotmail Users Report Blank Inboxes
• Microsoft restores lost Hotmail messages
• Microsoft claims Hotmail restored after email glitch
• Hotmail users have their messages back
• Hotmail fixed after glitch
• The great Hotmail outage? Only 17,355 accounts were impacted
• Hotmail Account Holders Ring In The New Year With Missing Emails
• Your Mail isn’t so “Hot” if it’s missing: Hotmail emails are missing
• Microsoft Says Hotmail Service Is Back To Normal
• Microsoft Hotmail Went Boom, but Why?
• Happy New Year: If your Hotmail disappeared, it should be back
• Microsoft restores missing e-mails from Hotmail accounts
• Microsoft Says Deleted Hotmail Accounts Restored
• Microsoft Hotmail Issues Fixed
• Microsoft Working to Restore Hotmail Service

[About 70 more reports can be found about it at the moment, so it was definitely not overlooked as some claim.]

Permalink Leave Your Comment      Send this to a friend

Microsoft Cannot Provide Security

Posted in Deception, Microsoft, Security, Windows at 5:43 am by Dr. Roy Schestowitz

Summary: A roundup of security news showing what an utterly poor job Microsoft is doing when it comes to securing customers’ systems and telling them the truth

WE HAVE not been covering these issues for several months now, but over the weekend there was time to catch up with about 2 months of security news. This post contains a concise summary of some key security problems Microsoft has been having, with fresh examples towards the end (a lot of bad news around the Christmas period).

Let us begin with the not-so-distant examples of DLL hijacking. “Most Microsoft DLL Hijacking Vulnerabilities Remain Unpatched” said this report which implied neglect and irresponsibility from Microsoft. They had not patched or addressed known problems, as usual.

Many new flaws were found in Windows, including one that evades Windows’ UAC pseudo-security. There was a privilege escalation exploit and an issue with buggy Internet Explorer [1, 2], whose low quality gives crackers many opportunities to hurt its users. Over Christmas there were many headlines about an Internet Explorer zero-day warning [1, 2, 3, 4, 5, 6, 7, 8, 9]. Microsoft just warned about it but did not patch it. Microsoft also said that there was no exploit and soon enough it dealt with a second zero-day vulnerability. It did not take long for exploits to surface and IDG said that researchers revealed attack code for new IE zero-day vulnerability. It’s important to remember that it’s terrible to leave people in this state over the holidays. It prevents some people from taking a break or be mentally peaceful. Microsoft produced only a workaround, a hack [1, 2]. It wasn’t a patch. Soon thereafter, on December 30^th, it was announced that Microsoft was also warning about Microsoft Word attacks (which means that exploits exist too).

“The priority is reputation rather than the safety of systems. Microsoft’s financial security comes before real security.”Microsoft deserves mocking for this. When there was previously an IE vulnerability the company produced nothing for months, until December according to IDG (also see this other IDG report or this report which says that “Microsoft’s Patch Tuesday for November does not include a fix for a zero-day flaw in Internet Explorer”). Microsoft left users vulnerable for far too long simply because it could get away with it, under the assumption that many users are stuck with Windows. One must not allow Microsoft to fool the public by claiming its responses to be fastest because only a Microsoft spin site like Neowin would so conveniently ignore silent patches and recent studies on the subject. Neowin parrots Microsoft when it says that Microsoft patched 247 exploits in 2010. It’s inaccurate because those numbers are fake. Many more patches were applied silently, in order to give Microsoft bragging opportunities (hinged on falsehoods). For PR reasons, Microsoft just does not deliver patches sometimes. The priority is reputation rather than the safety of systems. Microsoft’s financial security comes before real security.

The matter of fact is, Microsoft can’t even secure Windows itself. “Hackers hijack Microsoft’s servers for fake-drug spam” said this recent headline and on the seventh of December Microsoft was warned of the “protected mode” flaws we mentioned earlier. This has not been addressed yet.

Security researchers have issued a warning to Microsoft that the much-vaunted Protected Mode introduced into Internet Explorer in recent releases offers little or no protection in its current form.

When it comes to patches, some people will reject them anyway, as yesterday's post about AP downtime ought to teach everyone.

Going about a month back, we also find reports relating to the handing of Windows sources code to Chinese hackers, which led to reports that we missed such as this one (“Chinese firm hired Blaster hacking group, says U.S. cable”), this one (“Leaked Cables: Chinese Hackers Used Microsoft Source Code To Attack Google & US Government”), or the redacted cable itself (“US embassy cables: China uses access to Microsoft source code to help plot cyber warfare, US fears”). How about this one (“China Used Microsoft Source Code To Hack Google — And You?”) which says:

A State Department cable released by WikiLeaks says the Chinese government used Microsoft source code in its attacks on Google and in its cyber warfare efforts in general. (Via The Guardian)

How did they get their hands on Microsoft’s closely guarded source code, you might ask?

Well, two Chinese IT security companies, Topsec and Cnitsec, are licensed to access and use Microsoft’s source code. In yet another example of incredibly blurred lines between the government and business in China, those companies gave the source code to the government.

Later in December, a Microsoft booster called Emil Protalinski spoke about Microsoft’s largest Patch Tuesday ever and so did some other sites [1, 2]. We covered this at the time, but the important point to be made is that invisible patches are not being named or counted by Microsoft, so the real numbers can be much greater.

From older reports we also learned about the effects of Zeus [1, 2, 3, 4, 5, 6, 7, 8, 9, 10], which in a world where one in two Windows PCs is said to be a zombie PC is doing a lot of damage despite a token of response from Microsoft [1, 2]. The headlines are “Microsoft: Botnet infection plague continues despite wins” and “Zeus Trojan defeats Microsoft security tool”. “Microsoft tool unable to detect new versions of Zeus” says another report.

Neil J. Rubenking writes to warn people that Passware found Bitlocker in Windows to be broken:

Password-recovery experts at Passware warned Friday that the security of Microsoft’s Bitlocker whole-disk encryption is seriously compromised on a computer configured to use sleep mode. The same is true of the open-source TrueCrypt whole-disk encryption tool.

Now we come to some of the latest news. “Microsoft ActiveX Security Bugs ‘Highly Critical’” said Ziff Davis some days ago:

Researchers at Secunia are warning users about ActiveX bugs the firm described as ‘highly critical.’ Microsoft is unaware of any attacks targeting the issues.

[...]

Besides the ActiveX bugs, the company is also investigating a denial-of-service issue impacting IIS FTP 7.5, which ships with Windows 7 and Windows Server 2008 R2. Proof of concept exploit code has already been made public, according to Nazim Lala, IIS security program manager at Microsoft.

It relates to an older report from the same publication:

With attack code public, Microsoft said it is investigating a report of a new vulnerability impacting Internet Explorer.

“Microsoft reports drop in data breaches” said this less-than-recent headline and shortly afterwards it turned out that Microsoft messed up in a major way. To name some headlines, “Microsoft Corporation Cloud Security Breached”, “BPOS: a data leak in Microsoft’s cloud”, “Microsoft BPOS cloud service hit with data breach”, and “Microsoft Cloud Data Breach Heralds Things to Come”. Quoting from that last one:

Microsoft announced that data contained within its Business Productivity Online Suite (BPOS) has been downloaded by non-authorized users, possibly making it the first major cloud-based data breach.

[...]

Encryption isn’t the final word. Even encrypted data has a history of being compromised, usually due to bugs in the encryption software.

All of this means that, if your business is going to put data into the cloud, you will have to factor in the very real possibility it will be made public at some point. It will happen. It’s just a matter of when, and what damage will be caused. It would be interesting to visit the offices of Microsoft, Google, and others to see if they eat their own dog food: Does Google rely on Google Docs for all of its hypersensitive business data? Somehow I suspect not, although I look forward to being proved wrong. There are laws in place covering data breaches, requiring companies to enforce reasonable security systems, but none of that amounts to a hill of beans once the data has escaped the cloud. And should stolen data be turned into a bit torrent, as appears to be the fashion at the moment, there’s absolutely no chance of discreetly cleaning up by getting the data back from those who stole it.

Wired has just taken a “Four-Day Dive Into Stuxnet’s Heart”, noting at least that it’s a Windows problem:

It is a mark of the extreme oddity of the Stuxnet computer worm that Microsoft’s Windows vulnerability team learned of it first from an obscure Belarusian security company that even the Redmond security honchos had never heard of.

The sophisticated worm, which many computer experts believe was created as a specific attempt to sabotage Iran’s nuclear power plant centrifuges, has written a new chapter in the history of computer security. Written to affect the very Siemens components used at Iran’s facilities, some analysts have even speculated it may have been the work of a state, rather than of traditional underground virus writers.

For more about Stuxnet’s damage see the posts below. █

1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran’s Nuclear Programme
2. Windows Viruses Can be Politically Motivated Sometimes
3. Who Needs Windows Back Doors When It’s So Insecure?
4. Windows Insecurity Becomes a Political Issue
5. Windows, Stuxnet, and Public Stoning
6. Stuxnet Grows Beyond Siemens-Windows Infections
7. Has BP Already Abandoned Windows?
8. Reports: Apple to Charge for (Security) Updates
9. Windows Viruses Can be Politically Motivated Sometimes
10. New Flaw in Windows Facilitates More DDOS Attacks
11. Siemens is Bad for Industry, Partly Due to Microsoft
12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
13. Microsoft’s Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
14. Microsoft Software: a Darwin Test for Incompetence
15. Bad September for Microsoft Security, Symantec Buyout Rumours
16. Microsoft Claims Credit for Failing in Security
17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
18. Windows Users Still Under Attack From Stuxnet, Halo, and Zeus
19. Security Propaganda From Microsoft: Villains Become Heroes
20. Security Problems in iOS and Windows
21. Eye on Security: BBC Propaganda, Rootkits, and Stuxnet in Iran’s Nuclear Facilities
22. Eye on Security: ClamAV Says Windows is a Virus, Microsoft Compromises Mac OS X, and Stuxnet Runs Wild
23. Windows Kernel Vulnerability for Thanksgiving, Insecurity Used for Surveillance Again

Permalink Leave Your Comment      Send this to a friend