10.26.08

Eye on Microsoft: All of Windows Compromised, Windows Mobile Claimed Dying

Posted in Apple, Asia, GNU/Linux, Security, Windows at 5:28 pm by Dr. Roy Schestowitz

Another week, another tough week. Later today we’ll expose some of the realities behind Microsoft’s financial results — things that Microsoft nonchalantly (yet successfully) concealed from the press, but not all of it. First off, however… Microsoft’s latest headaches and signs of rapid decline in the technical sense.

Security Nightmare

As quoted in ZDNet, Microsoft admits that Windows turns perfectly-functional PCs into zombie PCs within minutes, which isn’t particularly surprising given the prevalence of them (roughly 320,000,000 PCs are believed to be zombies).

“How did we end up this way,” some people inquire.

Well, look no further than earlier this week when another gaping hole in Windows got exposed. Merely every version of Windows is affected, as one should expect.

Microsoft Sends Windows to the Emergency Room

[...]

Microsoft identifies 16 affected Windows versions, including service packs. Reminder: Microsoft only lists service packs that are currently supported. So, the number of actually affected Windows versions is much larger. That said, enterprises should be running newer, or the newest, supported service packs anyway.

How severe is this flaw? Look no further than this merciless reality:

Microsoft is about to issue an emergency security update to plug a vulnerability which could allow an internet worm to be spread via a computer without the user doing anything.

Yes, it’s user intervention-free. Just plug-and-[let-the-crackers]-play.

Here is some further (and later) analysis.

While Microsoft has labeled Thursday’s emergency patch MS08-067 as “critical” and provided a rare out-of-cycle fix because its exploit could easily be used as worm on a compromised network, one security researcher doesn’t think it will happen that way.

“It’s likely we’re going to see this packaged with some other attack.” said Ben Greenbaum, senior research manager at Symantec. “A Web-based attack, for example. We’re looking out for are exploits of this being bundled with client-side exploits or Trojans so that the worm can get past corporate firewalls and get behind that firewall into the internal network.”

This hole is already being actively exploited.

A day after Microsoft released an emergency patch for a critical flaw that could allow self-replicating attacks, researchers have identified a nasty trojan that attempts to exploit the vulnerability.

The alarming news made in into many blogs, such as this one. This was severe enough to be covered very widely, including in top publications:

• IDG: Microsoft to rush out emergency Windows patch
• New York Times: Microsoft to rush out emergency Windows patch
• CBC: Microsoft issues emergency Windows fix
• InformationWeek: Microsoft Releases Emergency Patch For Windows Vulnerability
• VNUNet: Microsoft issues ‘critical’ security alert
• Washington Post: Microsoft to Issue Emergency Security Update Today

This won’t the last such vulnerability. It happened before.

Microsoft Fights Against “Addicted” Users

Some famous quotes can never be repeated excessively.

“They’ll get sort of addicted, and then we’ll somehow figure out how to collect sometime in the next decade.”

–Bill Gates, about the Chinese people

We wrote about Microsoft’s new behaviour in China several days ago. There are still a lot of reactions to this development in English-speaking blogs, but Chinese bloggers are said to be fuming.

This gives a wonderful reason for the world’s largest Internet population to migrate to GNU/Linux and also provides a good opportunity (or ‘ammunition’) for existing Chinese GNU/Linux users to persuade their friends, family, colleagues or poor peers to liberate their PCs. Microsoft flexed its muscles to show that Windows is not free (neither libre nor gratis).

The kerkuffle there is far from over because Microsoft is now targeting local shops, not just users.

TWO computer retailers in Sim Lim Square accused of peddling counterfeit Microsoft programs have agreed to pay $70,000 in damages, the software giant said yesterday.

The shops’ directors will also do 144 hours of community service, which includes providing IT services to charities, as part of an out-of-court settlement.

Large news sites which covered the latest situation include:

1. Reuters: Chinese surfers see red over Microsoft black-outs
2. InformationWeek: Chinese Hackers Angered By Microsoft’s Epic Fail
3. New York Times: Chinese blast Microsoft over ‘black screen’ piracy notice
4. Telegraph: Microsoft faces boycott in China over ‘virus’ which shames pirated software users

There were some bad articles out there too. Here are some examples.

“Now it compares them to people who murder with swords and pistols.”Associated Press, a notorious fighter against Fair Use, had Jessica Mintz use propaganda words like “piracy”, which the editors approved. The article’s headline proudly proclaimed that “Microsoft goes black, making Chinese see red,” but the article starts with “An anti-piracy tactic…” Associated Press charges a lot of money for quoting more than 4 words, so stopping here is a must.

USA Today put the word “piracy” right inside the headline, which was “Microsoft anti-piracy tactic turns computer screens black.”

The Wall Street Journal seems to have changed its headline from a propaganda-packed “Microsoft Stirs Up Pirates” to “Microsoft Tactic Raises Hackles in China.” Maybe the editor/s changed the headline after it had been published because there is clear inconsistency in the feeds.

Anyway, here we have people that Microsoft victimised like drug dealers (by its very own admission). Now it compares them to people who murder with swords and pistols. Not so noble, is it? They should have gone with Red Flag Linux rather than surrender to short-term favours from Microsoft.

The British press blew it too. This one has an image of a skull (symbolising death), so it’s not just a bad headline: “Microsoft sued over anti-piracy activity.” Is copyright infringement compared to murder now?

California’s Antitrust Case Against Microsoft

Illegal monopolisation efforts by Microsoft have already had it settle before prosecution in California. There, too, Microsoft had abused its dominant position to starve competitors and harm consumer by over-pricing. Based on the Los Angeles Times, however, citizens have not yet received their compensation from Microsoft. This seems almost like a farce.

Most of Microsoft settlement for California school computers untouched

[...]

But most of the money — nearly $200 million — remains untouched.

“That’s troubling to us,” said Richard Grossman, a partner with Townsend and Townsend and Crew in San Francisco and co-lead attorney for the plaintiffs. Grossman said the state’s schools will probably receive even more money, once a final piece of the lawsuit is settled.

Some of this money is used for deployment of GNU/Linux at Californian schools, thanks to people like Christian Einfeldt. It’s not another classic case of ‘funny money’, where the abused party that can only use compensation funds to license more overpriced and shoddy software from the very same convicted monopolist.

“Some of this money is used for deployment of GNU/Linux at Californian schools, thanks to people like Christian Einfeldt.”One reader highlighted this potion of the article: “The windfall was part of a $1.1-billion settlement of a class-action lawsuit against *Microsoft* that alleged the company had plotted to monopolize a portion…”

“Alleged?” says this anonymous reader, “what kind of apologistic writing is that from the LA Times? Microsoft was found not just guilty but guilty enough to warrant punishment. Also, I thought that settlement was because Microsoft was guilty of price-gouging.”

“That’s $1.1 billion that Microsoft is keeping out of the California economy,” he adds.

“Also, is it wise for the journalist Evelyn Larrubia to be so flexible with the facts? Not only is knowingly backing Microsoft a general liability, but misrepresenting court documented facts in a newspaper is not the way to stay employed as a journalist. Endorsing Microsoft is a liability. Definitely not a safe move.”

Further, argues the reader, “here is a start of a longer list [of the problems at hand]:

• HIPPA / privacy violation.
• Security failure (see latest remote access hole)
• Overcharging (as documented in court in most of the 50 states)
• Incompatibility (even with other version of own products)
• Poor documentation (see recent Ars Technica article)

“The software is sold ‘as-is’ so the fault does lie squarely on the shoulders of the chumps who decided to push ideology ahead of technology and deploy Microsoft instead of following best practices.”

Microsoft Employees Settle for Change

Windows ‘monopoly retention’ seems to be eroding, even at Microsoft.

One poster wrote: “I’ve been an MS employee for a long time, and I knew we were toast the first time I laid hands on a Vista based machine. When I replaced my personal laptop this summer, sorry to say, I went with a MacBook…”

Watch the comments too. Some Microsoft gurus may moving to GNU/Linux as well (older news).

In another new abrasive campaign, Intermedia characterises those who stick with Microsoft as sheepish.

Intermedia has launched a whimsical ad campaign that pokes fun at Microsoft’s hosted-services partner program to encourage customers to partner with Intermedia instead of the software giant.

The ad campaign and accompanying Web site advise partners who are considering offering Microsoft hosted business-productivity services not to be “sheep” by “handing all of your customers to Microsoft.”

Microsoft does not appear to have responded to this.

Windows Mobile is Dying

The early eulogy — if not a sad obituary — of Windows Mobile (WM) continues. Recently it was Om Malik who claimed WM was in trouble, as we noted in this post. Over a month ago we saw the product missing shipment targets and there are other ongoing issues.

Cringely has published an excellent article where he predicts that Windows Mobile will die and Joe Wilcox argues that iPhone “beats Windows Mobile 6.x into Coma.”

Windows Mobile’s star is rapidly falling. Coming into 2008, RIM pushed Microsoft out of second place for smart phone operating systems, according to Gartner. Apple has surely knocked Microsoft into fourth place. The question: Is it fourth behind RIM or Apple? That depends on whether Apple snatched second place from RIM.

Interestingly, this conclusion isn’t based on any personal preference or subjective analysis. I’m not saying that Windows Mobile is bad, just that it is probably doomed. It’s a simple matter of market economics.

[...]

And where will Windows Mobile be in 2011? There way things are headed now, given that Microsoft can’t really afford to be anything but first or second on the platform that supplants Windows, I’d say Windows Mobile will be dead.

So, a lot of distinguished and respected voices have lost faith in the not-so-promising future of Windows Mobile. At least one of these voices used to AstroTurf for Microsoft. Earlier this week it was only a Microsoft talking point, Rob Enderle, who was throwing one cellphone ‘article’ at some more small site, denying the death of Windows mobile, despite claims to the contrary from some very major Web sites, including PBS and the Microsoft-friendly New York Times. █

Permalink  Send this to a friend