Bonum Certa Men Certa

Another Reason to Avoid Mono: Security

"At Microsoft I learned the truth about ActiveX and COM and I got very interested in it inmediately [sic]."

--Miguel de Icaza



For reasons and factors that make OOXML not secure, Mono is a security hazard as well. For those who are not yet convinced, there is this brand-new article which highlights the architectural failures of .NET and their impact on security. Read it.



Two security researchers have developed a new technique that essentially bypasses all of the memory protection safeguards in the Windows Vista operating system, an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.


Also in the news today is this alarming issue of 7 "critical" flaws (the highest level of severity) in Microsoft software.

Does anyone want GNU/Linux to inherit this nightmare? Is this something which belongs in the operating system which NASA, the NSA and the Department of Defense use? What about the cost implications? Beyond the issue of acquisition cost also exist the costs of maintenance, repair, and damage control. Losses incurred by leaks (espionage) and data loss are sometimes invaluable.

A few hours ago, one reader sent us the following message regarding the consequences of poor security.




Note that the bad engineering promoted by Bill Gates and his movement is probably costing Joe Sixpack upwards of 8 hours lost effort per week from malware, instability and poor interoperability. With the US in the economic situation it is in, that may be enough to knock the floor out of the recession. The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.

“The failure that is Microsoft Vista may be the last straw and take down what's left of the economy.”Until recently, Microsoft people have been able to stifle security information. However, the EFF's recent win paves the way forward for better technology to become more visible.

I look forward to the seeing Back-To-School Security Packets in Walmart, Best Buy, and others consisting of Xubuntu CDs.

The last 10 years have shown us nothing if not that FOSS helps make your business more recession-proof.

What we have here is an old and odd spin trotted out yet another time. The spin tries to be negative, but at the end of the day, use of FOSS has boosted the economy there by some $60 billion on unnecessary sunk costs.

Further, since were FOSS tends to lead, it leads due to better performance, quality, interoperability and maintenance, not just cost. So that leads to secondary and tertiary savings. After all, if the IT team is not having to spend all its time chasing fires, it can be far more than $60 billion in savings once the total cost of ownership is settled.

Sure a small wedge of the software sellers might have lost, but the large part of the pie consists of software users. We win here.

____ 1) "EFF Wins Protection for Security Researchers" (2007)

2) "Vista's Security Rendered Completely Useless by New Exploit" (2008) "... a technique that can be used to bypass all memory protection safeguards that Microsoft built into Windows Vista..." "... the work is a major breakthrough and there is very little that Microsoft can do to fix the problems..."

3) "This Bug Man Is a Pest" (2008) "...His syllabus is partly a veiled attack on McAfee, Symantec and their ilk, whose $100 consumer products he sees as mostly useless. If college students can beat these antivirus programs, he argues, what good are they for the people and businesses spending nearly $5 billion a year on them? ..."

4) "USENIX WOOT07, Exploiting Concurrency Vulnerabilities in System Call Wrappers, and the Evil Genius" (2007)




For those wondering about highly-restrained criticism of Microsoft/Windows security, a mandatory background would be the smear campaigns against security researchers. Smear campaigns are something that Microsoft is intimately familiar with [1, 2, 3, 4, 5, 6, 7, 8, 9]. Remember the Geer saga, too [1, 2] (little more in [1, 2, 3]). He lost his job for saying the truth about Microsoft's security shortcomings and the horrific state of the Web, caused largely by Microsoft and its back doors.

Recent Techrights' Posts

XBox is Practically 'Dead Man Walking' at This Point
writings on the wall
SLAPP Censorship - Part 128 Out of 200: Making Laws Work for Britain, Not Oversensitive Americans Looking for 'Revenge' by Lawfare
The SLAPPs are intended to protect corporations (employers like Microsoft)
 
Not Everything Should be Electric
technology has become detrimental to society
Gemini Links 05/07/2026: Eye of the Beholder and Baldur’s Gate 3 and Alhena 5.6.5
Links for the day
GNU/Linux Market Share is Already High
GNU/Linux has fast become and is still becoming mainstream in recent years
The 9-Step IBM Algorithm: Gaming Wall Street While Shedding Off Staff and Bribing the Mainstream Media to Play Along
Any time IBM preaches manners (e.g. CoC) to the community remember that IBM works closely with and flatters the dictator
They Could Never Kill the Ideas of Richard Stallman (RMS), But They Are Still Trying
Killing an idea is harder than killing a person and killing a person is illegal
Only Germany Objected to Salary Adjustment (Reduction) Procedure of "Team Campinos"
"flash report on the Administrative Council of 30 June and 1 July 2026"
A "Never Slop" Policy in Quibble
"every change in the repository must be made by a human"
Series on GNU/Linux in Japan
This series can last a week or longer
75% of All the Patents Last Year Were Software
The corporate media has more or less ceased to discuss this matter
At Microsoft "the Morale of Developers is at an All-time Low"
Numerous reports today say that after at least 5 studios got marked for shutdown (mothballing) by Microsoft there are rumours about Obsidian as well
Links 05/07/2026: Data Breaches, Heat Waves, and Weinstein Rape Conviction Upheld
Links for the day
Confidentiality at Risk With Slop 'Coding'
People who continue to cheer for slop aren't just misguided fanbis and fangurls
False Narratives of Slop "Efficiency" as Debt Climbs
false stories about slop
July 8 as "D-Day" for Microsoft, Mass Layoffs Planned
Microsoft's grip on the market has slipped for a long time
GNU/Linux Leaps to 6% in Thailand
Can we expect 10% by year's end?
EC Looking for Input on Digital Networks Act Until Next Month
New initiative
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 04, 2026
IRC logs for Saturday, July 04, 2026
Gemini Links 05/07/2026: Ragebaited and Removing Lines in Emacs
Links for the day
Links 05/07/2026: "Tesla Slams Into Crowded Cafe" and "ChatGPT [Turned] Into a Sociopath"
Links for the day
BRICS and Windows: All-Time Lows
Expect many more Microsoft layoffs in years to come
Do No Evil, Do Not DDoS
Sites that attract DDoS attacks because of their message are sites that are difficult to debunk or debate
France is Winning the Race Against Windows
France instructs, then orders, government agencies to adopt GNU/Linux
Not 2.5% and Not 2.5 Billion Dollars for "Hey Hi"; 2 Waves of Microsoft Layoffs Rumoured This Month, July 8th, Then July 22nd (Just Before 'Results')
People there join unions, knowing they will be terminated silently or otherwise
Microsoft Double Trouble With Slop
What does Microsoft even sell at this point?
Based on US Government Sites, GNU/Linux Has Reached About 8% "Market Share" in Desktops/Laptops
Culled to exclude mobile platforms, GNU/Linux would likely be above 8%
TheLayoff.com is Deleting Comments About IBM Offshoring
Meanwhile, rage-baiting Internet trolls and sometimes trolls who paste in LLM slop are immune from censorship
American Independence Needs Independent Media
The American regime's hostility towards media is an international problem
Techrights Was Always a Community Platform
Techrights is about whistleblowers
Phenomenal Growth for GNU/Linux in Afghanistan
This is impressive because for many years it was registered at near 0%
Daniel Pocock Pursuing Complaint in the United States Against Software in the Public Interest (SPI) et al
It seems like the only people who don't support him are those whom he criticises
Gemini Links 04/07/2026: Busy Squirrel, Independence Day Celebrations, PalmOS Programming
Links for the day
Canonical/Ubuntu is Breaking CP (cp) to Help Microsoft Turn Coreutils Into Proprietary Software for Windows
What we could do reliably in the 1970s (before GNU) we cannot do in 2026?
Brett Wilson LLP is Downsizing, Apparently Closing Down the Oversized and Overpriced Office
Address changed 13 hours ago
Free Software Has No Kings or CEOs
The kingdom is a cross-border phenomenon, so national flags and other such symbolism overlook the core problem [...] Free Software can help lead us out of the current imbalances
The United States Lost Freedom of Speech
independence refers to a condition, not an activity
IBM Replacing the People Who Built IBM With Cheaper and Younger Staff, According to IBM Insiders
This is a very common sentiment in IBM
For USA 250 Microsoft is Messing With Our Minds (2.50%) to Distract From Mass Layoffs
The slopfarms contribute to this noise
"Defective by Design" Turns 20
DBD is still as relevant as ever (probably more relevant than ever before)
A Bicycle for the Feeble Mind, or How Computers Got Worse for Productivity (Intentionally)
Many of us still adopt and champion the "workstation" mentality
Links 04/07/2026: Microsoft Tax Haven (Evasion) Tactics, Tobacco Bans, and More
Links for the day
Links 04/07/2026: 2026 Old Computer Challenge and Trying Gopher
Links for the day
SLAPP Censorship - Part 127 Out of 200: Lawsuits by Americans Filed in the UK a Burden on British Taxpayers, No Way to Recover the Funds When Americans Lose Their Cases
Are Garrett and Graveley 'pulling a 4Chan'?
Links 04/07/2026: USMCA (Covering Software Patents) Might Not be Renewed, Slop Bros Try to Pay Weird Al to Endorse Their Scheme
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 03, 2026
IRC logs for Friday, July 03, 2026
Gemini Links 03/07/2026: Mindfulness Practice and "Slop Is Killing the Human Spirit"
Links for the day
Links 03/07/2026: Openwashing of Slop in "Linux" Clothing and "Happy Birthday, America"
Links for the day
John Been (reallinuxuser.com) May Have Crossed Over to the 'Dark Side' of LLM Slop
It 'smells' like it, a scanner seems to concur
Who or What is "Nadeko"?
Fijxu's services make life a lot easier for Free software sticklers
10 Years Since the World Lost Ian Murdock
My wife and I still use Debian, as does this site
No, Microsoft is Not Laying Off 5,000-6,000 But a Lot More
There are "buyouts", "PIPs" (silence layoffs), pink slips, and future waves, not counting subsidiaries and contractors
The Cyber Show's Andy and Helen Confronting 'Upgrades'
the latest from Andy and Helen
statCounter Sees Almost 1 in 10 Desktops or Laptops in Egypt as GNU/Linux Workstations
10% "market share" (for GNU/Linux) was nearly attained last month
The March of GNU/Linux in the Russian Ally, Belarus
record high for GNU/Linux in Belarus
Being Prevented From Accessing One's Own System Means Getting Locked Out, Not Security
a metaphor
Technology is Getting Objectively Worse and Less Reliable
Something went horribly wrong
FOSS Force 2026 Independence Drive Lacks Independence From GAFAM's 'Linux' Foundation
We're not trying to 'bash' FOSS Force
News That Matters, News That's Exclusive, and News LLM Slop Will Never Get Right
Churning out blog posts just for quantity's sake was never our goal
3/4 (Three-Quarter) of Requests Seen by statCounter (Originating From Desktops/Laptops) Deemed to be "Linux" in San Marino
74% Linux, it says...
The Linux Foundation Does Not Work for Linux, Definitely Not for Free Software
works for its biggest sponsors, i.e. companies like Microsoft, IBM, and others
Independence and Software Freedom
Much work remains to be done
The European Patent Office's (EPO) Crisis Week Ends Today, the Rest of the Year Will be EPO Staff on Strike
The outcome of the two-day meeting won't change the fact that EPO staff is on strike for the whole year
European Patent Office (EPO) Series: Operation Monte Titano: Micro-State Diplomacy
On 28th May 2026 EPO President António Campinos paid a visit to the Most Serene Republic of San Marino where he was received with full diplomatic honours
Links 03/07/2026: Slop "Isn’t Replacing Lawyers", "App Fatigue"
Links for the day
Statement on This Week's DDoS Attacks
DDoS attacks are not a "badge of honour". They are a nuisance.
Skinnerboxes as Health Problems and Impediments (Against Happiness)
skinnerboxes are a form of addiction
Costa Ricans' Adoption of GNU/Linux Reaches New Highs
Windows is doing poorly in general
British Women Don't Want to Work for American Men Who Attack American Women
"[g]reeting clients and preparing beverages"
Mass Layoff Event on June 30 at Red Hat? Let Us Know...
We are looking for more Red Hat whistleblowers
Gaming on Windows is in Trouble, XBox is Practically Dead Already
It seems increasingly clear that Microsoft wants to get rid of XBox
New Record for GNU/Linux in the World's Largest Muslim-Majority Population (287,983,025)
Will Indonesians leave GAFAM behind?
SLAPP Censorship - Part 126 Out of 200: Becoming More Aggressive Against Us Only Proves Us Right
the police involved
IBM Red Hat Kicks Out the Community, Promotes Slop
It has gotten so bad
The Register MS Covers "AI" Because It Gets Paid to
A lot of noise "in the news" about "AI" is paid-for trash
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 02, 2026
IRC logs for Thursday, July 02, 2026
Gemini Links 02/07/2026: OpenBGPD, Newt and OpenBSD, Indieweb Theme for Ghost
Links for the day