09.04.08

Gemini version available ♊︎

Novell and Microsoft Insecurity a Joint venture

Posted in GNU/Linux, Microsoft, Novell, Security, Windows at 1:56 pm by Dr. Roy Schestowitz

How secure is Novell’s software? The answer is that it depends on Microsoft, whose insecure-by-design frameworks Novell is embracing. Moreover, as another reminder of an old issue, former Novell staff is now securing Windows and striving to make Windows more secure than GNU/Linux.

So go ahead, make my day: ignore the popularity of AppArmor in the user community, keep blocking AppArmor from inclusion in Linus’ kernel. If all I have to do is make Windows security easier and more effective to deploy than SELinux, then my job is practically done for me J

Novell’s Achilles heel in security is probably its embrace of Microsoft's ActiveX (not to mention .NET and and XAML) if reports like this one are something to go by.

Security-wise, time is no cure. Microsoft’s Windows Vista remains the same overburdened and insecure operating system that it has been from the very start. The hypnosis and the lies continue though, judging by some of the very latest.

Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is “very unlikely.”

According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

It’s part of a pattern of patch/flaw hiding.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. 3.5 Years Later Gemini Protocol and Geminispace Are Still 100% Community-Controlled

    Community-centric alternatives to the World Wide Web have gained traction; one of them, Gemini Protocol, continues to grow in 2023 and we're pleased to report progress and expansion



  2. Windows Falls to 16% Market Share in India (It was 97% in 2009), Microsoft Layoffs Reach India Too

    This month’s picture from the world’s most populous nation does not look good for Microsoft (it looks good for GNU/Linux); anonymous rumour mills online say that Microsoft isn’t moving to India but is actually firing staff based in India, so it’s a case of shrinking, not offshoring. When even low-paid (much lower salaries) staff is discarded it means things are very gloomy.



  3. Links 22/03/2023: GNOME 44 “Kuala Lumpur”

    Links for the day



  4. Microsoft Has Also Infiltrated the OSI's Board of Directors After Rigged Elections

    Weeks ago we warned that this would happen and for the third or fourth time in 2 years the OSI’s election process broke down; today the Open Source Initiative (OSI) writes: “The polls just closed, the results are in. Congratulations to the returning directors Aeva Black…” (Microsoft employee)



  5. Links 22/03/2023: Official Thunderbird Podcast Starts

    Links for the day



  6. IRC Proceedings: Tuesday, March 21, 2023

    IRC logs for Tuesday, March 21, 2023



  7. Many More Microsoft Layoffs Later Today

    Yesterday we shared rumours about Microsoft layoffs being planned for later today (there were 3 waves of layoffs so far this year). There are several more people here who say the same. How much noise will Microsoft make in the “media” in order to distract? Will the chaffbot "ChatGPT" help create enough chaff?



  8. Links 21/03/2023: JDK 20 and GNOME 43.5

    Links for the day



  9. Germany's Lobbyists-Infested Government Sponsors the War on Ukraine via the European Patent Office (EPO)

    The chief UPC ‘judge’ is basically seeking to break the law (and violate constitutions, conventions etc.) to start a kangaroo court while dodging real courts, just like Vladimir Putin does



  10. [Meme] The Meme That Team UPC (the Collusion to Break the European Laws, for Profit) Threats to Sue Us For

    António Campinos and Team UPC are intimidating people who simply point out that the Unified Patent Court (UPC) is illegal and Klaus Grabinksi, shown above, strives to head a de facto kangaroo court in violation of constitutions and conventions (the UK does not and cannot ratify; Ireland hasn’t even held a referendum on the matter)



  11. Microsoft is Sacking People Every Month This Year, Even Managers (While Sponsored Media Produces Endless Chatbot Chaff)

    Lots of Microsoft layoffs lately and so-called ‘journalists’ aren’t reporting these; they’re too busy running sponsored puff pieces for Microsoft, usually fluff along the “hey hi” (AI) theme



  12. 3 Months Late Sirius 'Open Source' Finally Deletes Us From the Fraudulent 'Meet the Team' Page (But Still Lists Many People Who Left Years Ago!)

    Amid fraud investigations the management of Sirius ‘Open Source’ finally removed our names from its “Meet the Team” page (months late); but it left in the page about half a dozen people who left the company years ago, so it’s just lying to its clients about the current situation



  13. Amid Fraud at Sirius 'Open Source' CEO Deletes His Recent (This Month) Past With the Company

    Not only did the Sirius ‘Open Source’ CEO purge all mentions of Sirius from his Microsoft LinkedIn account; he’s racing against the clock as crimes quickly become a legal liability



  14. Web Survey Shows Microsoft Falling Below 15% Market Share in Africa, Only One Minuscule African Nation Has Windows Majority

    A Web survey that measured Microsoft Windows at 97% in Africa (back in 2010) says that Windows has become rather small and insignificant; the Microsoft-sponsored mainstream media seems to be ignoring this completely, quite likely by intention...



  15. Rumours of More Microsoft Layoffs Tomorrow (Including Managers!), Probably Azure Again (Many Azure Layoffs Every Year Since 2020)

    Amazon is laying off AWS staff and Microsoft has been laying off Azure staff for 3 years already, including this year, so it seems like the “clown computing” bubble is finally bursting



  16. [Meme] EPO's Management Brainstorm

    The story behind a misleading slogan told above



  17. The Photo Ops Festival of the Funky President António Campinos and Revolt From the Patent Examiners Whom He Perpetually Oppresses

    European Patents are being granted for no reason other than application and renewal fees, awarding European monopolies to companies that aren't even European (only about a third are actually European); staff of the EPO is fed up as it regards or views all this as an extreme departure from the EPO's mission (and it's also outright illegal)



  18. Links 21/03/2023: Trisquel GNU/Linux 11.0 LTS

    Links for the day



  19. Back Doors Proponent Microsoft Infiltrates Panels That Write the Security Regulations, Press Fails to Point Out the Obvious

    Cult tactics and classic entryism serve Microsoft again, stacking the panels and basically writing policy (CISA). As an associate explained it, citing this new example, Stanford “neglects to point out the obvious fact that Microsoft is writing its own regulations.”



  20. IRC Proceedings: Monday, March 20, 2023

    IRC logs for Monday, March 20, 2023



  21. Links 20/03/2023: Curl 8.0.0/1 and CloudStack 4.18.0.0 LTS

    Links for the day



  22. Standard Life (Phoenix Group Holdings): Three Weeks to Merely Start Investigating Pension Fraud (and Only After Repeated Reminders From the Fraud's Victims)

    As the phonecall above hopefully shows (or further elucidates), Standard Life leaves customers in a Kafkaesque situation, bouncing them from one person to another person without actually progressing on a fraud investigation



  23. Standard Life Paper Mills in Edinburgh

    Standard Life is issuing official-looking financial papers for companies that then use that paperwork to embezzle staff



  24. Pension Fraud Investigation Not a High Priority in Standard Life (Phoenix Group Holdings)

    The 'Open Source' company where I worked for nearly 12 years embezzled its staff; despite knowing that employees were subjected to fraud in Standard Life's name, it doesn't seem like Standard Life has bothered to investigate (it has been a fortnight already; no progress is reported by management at Standard Life)



  25. Links 20/03/2023: Tails 5.11 and EasyOS 5.1.1

    Links for the day



  26. Links 20/03/2023: Amazon Linux 2023 and Linux Kernel 6.3 RC3

    Links for the day



  27. IRC Proceedings: Sunday, March 19, 2023

    IRC logs for Sunday, March 19, 2023



  28. An Update on Sirius 'Open Source' Pensiongate: It's Looking Worse Than Ever

    It's starting to look more and more like pension providers in the UK, including some very major and large ones, are aiding criminals who steal money from their workers under the guise of "pensions"



  29. Services and Users TRApped in Telescreen-Running Apps

    TRApp, term that lends its name to this article, is short for "Telescreen-Running App". It sounds just like "trap". Any similarity is not purely coincidental.



  30. Links 19/03/2023: Release of Libreboot 20230319 and NATO Expanding

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts