11.16.09

Microsoft Won’t Secure Firefox/Chrome Users, Shows More Negligence

Posted in Microsoft, Security, Vista 7, Windows at 9:19 am by Dr. Roy Schestowitz

Web browser icons

Summary: ActiveX required by Microsoft’s OneCare; investigation into Vista 7 vulnerabilities a case of “too little, too late”

MICROSOFT pretends to have changed for the better. It pretends that it allows users of Windows to use Web browsers other than Internet Explorer, but the following post — artistically titled “Microsoft being a Onecare [Wanker]“ — suggests otherwise:

For starters, it uses an ActiveX control – Internet Explorer required in other words – that’s annoyingly hard to install. You get warnings galore from Windows 7′s UAC and IE about popups and do you really really really want to install something that has the potential to roger your system well and truly?

ActiveX was designed to restrict competition by supplanting Web standards. It ended up becoming one of the biggest security nightmares out there and Novell supports this.

Here is the new story of a man who has just been fired because of these practices from Microsoft:

Linux Contractor Fired for Using Firefox/Linux

[...]

The irony? The “compentency test” was a Security & Privacy test from the four letter credit card company that HAD to be taken on MS Windows with IE?

I’ll let you be the ones to point out the obvious…the fact that this large computer/server company with three letters in their name is reportedly a “friend to Linux”. I’ll let you talk about how a Linux Professional who uses Linux as their desktop environment was denied access to employment. Employment that was based on his knowledge of Linux. Yeah, the server side…but still…

Now let’s brag about how much ground Linux has made…

And a Linux Project Manager for said company asking the question:

“What’s this Foxfire thing?”

As a secondary item of news, some days ago we argued for Microsoft liability when it comes to the latest Vista 7 vulnerability. Microsoft deserves to be accused of negligence and the following article implies deception too.

Is Microsoft Overhyping Security In Windows 7?

[...]

Microsoft has been aggressively marketing the security improvements in Windows 7, but some security experts believe this strategy could leave the software giant open to some unpleasant repercussions.

Vista 7 has been breached before and to give some examples of insecurity, we have:

Now there is the SMB flaw that Microsoft finally acknowledges.

Microsoft on Friday said it is working on a fix for a vulnerability in the Server Message Block file-sharing protocol in Windows 7 and Windows Server 2008 Release 2 that could be used to remotely crash a computer.

It really took them too long, having waited for attack code to appear before properly investigating. That’s negligence and it is irresponsible. Gregg Keizer writes:

The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie last Wednesday, when he revealed the bug and posted proof-of-concept attack code to the Full Disclosure security mailing list and his blog. According to Gaffie, exploiting the flaw crashes Windows 7 and Server 2008 R2 systems so thoroughly that the only recourse is to manually power off the computers.

Why has Microsoft waited so long before looking into the problem? Could it be that lack of security and increased fear help Microsoft sell more ‘solutions’ to those very same problems? As we showed some days ago, is clearly profiting from Conficker, for example.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2009/11/16/microsoft-onecare-activex/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. Needs Sunlight said,

    November 16, 2009 at 11:17 am

    Gravatar

    A verdict of Negligence would assume a competency or willingness to fix the problem. Likely neither are present in any measurable quantity.

    From the outside it looks more like a case of further anti-competitive behavior.

What Else is New


  1. Links 16/5/2021: ExTiX 21.5, Drumstick Multiplatform MIDI File Player Refresh

    Links for the day



  2. EPO.org is a Really Awful Source of Information

    The site that bears a .org suffix is actually more like a private corporation lying about itself in order to save face and attract more money -- or in other words funds that will be squandered and stolen by corrupt administrators



  3. IBM Has Changed a Lot Since 2018, and Not for the Better

    IBM isn't that much of an ally of GNU/Linux as a community-led or community-centric operating system; IBM is in it all just for IBM and we need to treat IBM accordingly



  4. [Meme] Criticising IBM is Racist and Intolerant

    Systemd is becoming untouchable and its critics are framed as "toxic" or "trolls", no matter the facts and irrespective of the technical substance of their complaints



  5. Combatting Revisionist History (Post From 2015, Years Before IBM Bought Red Hat and Increased Vendor Lock-in)

    Today we republish this forum post from more than 6 years ago; in light of what IBM did to CentOS and its vicious attack on the founder of the GNU/Linux operating system we must understand the systemd agenda, which the FSF can more openly speak about now that there are no financial strings



  6. Kyle Wiens, CEO of iFixit: Right to Repair

    Uploaded earlier this month was this talk and accompanying slides; summary below



  7. IRC Proceedings: Saturday, May 15, 2021

    IRC logs for Saturday, May 15, 2021



  8. [Meme] When All That Matters is 'Production' and 'Timeliness'

    The EPO has gone down the same route as the U.S. Patent and Trademark Office (USPTO) when it comes to patent quality; as if the goal is to grant 11 million patents (most of them in just a few decades) rather than assess the impact of such patents



  9. The EPO's War on Justice and Assault on the Law -- Part 8: The Radical Student “Brotherhood”

    The latest part in this series explores the roots of Judge Josefsson; that can help explain how Benoît Battistelli constructed his stacked EPO ‘court’, which he and António Campinos basically control to rubber-stamp whatever illegal practices they engage in (in pursuit of money and power, at the expense of the law)



  10. Christoph Ernst Lecturing Us on “Transparency” and EPO Corruption (as Well as Assault on the EPC) Becoming a “New Normal”

    The EPO’s administration continues rushing ahead with an unlawful agenda, exploiting a pandemic that’s gradually coming under control regardless to shred apart the EPC



  11. Richard Stallman's Talk About New/er Risks to Free Software (Free as in Freedom-Respecting, Libre)

    Richard M. Stallman (RMS) gave the above talk not too long before the attacks on him intensified greatly, serving to silence him for nearly 2 years



  12. Jacques Michel and Willy (Guillaume) Minnoye: Stakeholders in EPO Lawlessness

    Former EPO Vice-Presidents who wish not to be held accountable for what they did in the Office (or be chased after leaving their duties, finishing/ending terms there) are adding fuel to the illegal agenda of an EPOnian regime



  13. Links 15/5/2021: Godot 3.3.1 RC 2 and Pine64 Hardware in Focus

    Links for the day



  14. The EPO's War on Justice and Assault on the Law -- Part 7: Calle's Strange Metamorphosis

    Sources believe the “legal anarchy” that EPOnia became notorious for, especially when it comes to handling referrals at the EPO‘s BoA, will become a dark legacy — a legacy that would, if he was alive, disappoint even Josefsson’s source of inspiration



  15. Making up Law at the EPO

    Another video about the ongoing EPO series and some news/commentary from around the Web



  16. Over a Thousand Videos (or Audio Files) and More Protocols Supported

    From just a Web site (ordinary HTTP/S protocol) we've expanded to alternative channels of communication; this is a quick roundup, with focus on last night's development work (already pushed into our self-hosted Git repository)



  17. IRC Proceedings: Friday, May 14, 2021

    IRC logs for Friday, May 14, 2021



  18. Nathan Proctor: Right to Repair and the DMCA

    LibrePlanet 2019 video



  19. [Meme] Calle Calling...

    The values of the Habermasian EPO judge depend on who’s paying the salary



  20. The EPO's War on Justice and Assault on the Law -- Part 6: The Habermasian Who Warned About “Legal Anarchy”

    The political orientation of a Benoît Battistelli-appointed EPO judge who has the audacity to talk about legal anarchy and bemoan abuse of the law; the António Campinos administration extended his term until (at least) 2027



  21. Paid-for Plugs and Coordinated Marketing Fluff (PR Campaigns) Are Ruining 'Linux' Sites

    Junk 'articles' (just marketing disguised as 'news') spoil the World Wide Web; companies repeat the same sales pitch over and over again, sometimes leveraging what they perceive to be avenues read by geeks



  22. Links 15/5/2021: GCC 8.5, Fedora Community Revamp

    Links for the day



  23. Links 14/5/2021: FreeBSD on the Pine H6, Red Hat Hiring

    Links for the day



  24. Protecting Freenode is Protecting the Free Software Movement

    Freenode may seem like a negligible corner of the Internet, which media never bothers mentioning at all; but Freenode, which many have come to take for granted, is core infrastructure for many Free software projects and protecting the network is essential for the Free Software Movement



  25. EPO Justice

    Justice in Europe's second-largest institution, where the law itself is a second-class citizen



  26. IRC Proceedings: Thursday, May 13, 2021

    IRC logs for Thursday, May 13, 2021



  27. Understanding How Freenode (IRC) Works -- or Doesn't Work -- in 2021

    There is a conflict going on behind the scenes at Freenode, but there are also sincere and well-meaning attempts to undo the damage and get back to normal



  28. [Meme] Judges the Office Cannot Control Are Just Nazis With Weapons in Their Office...

    The EPO hasn’t been run by grown-ups for over ten years; Benoît Battistelli, António Campinos and their confidants cannot grasp the concept of law, just blind loyalty



  29. The EPO's War on Justice and Assault on the Law -- Part 5: Battistelli's “Swedish Chef”

    The EPO's 'courts' are controlled by the people whom they're supposed to judge on; this has been the case for at least half a decade



  30. Links 14/5/2021: KDE Plasma 5.22 Beta and GNOME 40 in Gentoo

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts