05.06.10

Gemini version available ♊︎

Joanna Rutkowska Chooses GNU/Linux to Demonstrate Security Problems in Apple Macs and Microsoft Windows

Posted in Apple, GNU/Linux, Microsoft, Security, UNIX, Vista 7, Windows at 6:57 am by Dr. Roy Schestowitz

Joanna Rutkowska

Summary: Security guru Joanna Rutkowska says that Apple’s and Microsoft’s proprietary operating systems are “badly designed from a security standpoint”; her firm uses GNU/Linux to create Qubes OS

A couple of months ago we saw Eugene Kaspersky slamming Windows for insecurity and this time we find Joanna Rutkowska slamming both Vista 7 and Mac OS X. Interestingly enough, Rutkowska chose GNU/Linux to “provide strong security for desktop computing” (“Mac OS X Problem Puts Up a Block To IPv6,” says this new headline from Slashdot, further proving that Mac OS X — despite its “UNIX” status — is technically lagging in some areas).

One security researcher turned operating-system developer is claiming that Windows 7 and Mac OS X are insecure by design, while proposing her own platform as a model for the bulletproof desktop OS. While swapping rootkit research for the Qubes project, Joanna Rutkowska, founder and CEO of Invisible Things Lab, announced some changes to the company she founded, namely the shift in focus away from security research and onto designing systems that were immune to rootkit by design. Taking a swing at both Windows 7 and Mac OS X, Rutkowska indicates that it makes no sense to continue hacking the two operating systems.

[...]

In the first half of April 2010, Rutkowska announced the first Alpha development milestone of Qubes OS, a new open source operating system developed by Invisible Things Lab in the past half a year, by implementing the Security by Isolation approach. “Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps,” the official description of the product reads.

Vista 7 has had many flaws that require no rootkits to exploit. The links we gave yesterday are:

eWEEK has just taken a look at the LoveBug, which we mentioned yesterday too.

It would be the definition of an understatement to say the security landscape of a decade ago differed from today. In the year 2000, spam accounted for just 1 in 120 e-mails. Rustock did not exist, and Conficker was not even a figment of our collective imaginations.

And then came the LoveBug. From the moment it appeared May 4, 2000, the worm tore down the defenses of Windows computers, eventually infecting millions of Microsoft customers worldwide and causing the Pentagon, CIA and British parliament to shut down their mail systems to contain the damage.

eWEEK does call out Windows in this case, to the author’s credit.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

A Single Comment

  1. your_friend said,

    May 6, 2010 at 5:54 pm

    Gravatar

    Real security experts need to say and do more of this.

DecorWhat Else is New


  1. Microsoft GitHub Exposé — Part II — The Campaign Against GPL Compliance and War on Copyleft Enforcement

    Microsoft contemplated buying GitHub 7.5 years ago; the goal wasn’t to actually support “Open Source” but to crush it from the inside and that’s what Microsoft has been doing over the past 2.5 years (we have some details from the inside)



  2. Links 18/10/2021: Linux 5.15 RC6 and 7 New Stable Kernels

    Links for the day



  3. [Meme] The Austrian School of Friedrich Rude Liar

    With reference to the Austrian School, let’s consider the fact that Friedrich Rude Liar might in fact be standing to personally gain by plundering the EPO‘s staff by demonising them while helping Benoît Battistelli crush them



  4. IRC Proceedings: Sunday, October 17, 2021

    IRC logs for Sunday, October 17, 2021



  5. How (Simple Technical Steps) to Convince Yourself That DuckDuckGo is Just Spyware Connected to Microsoft, Falsely Advertised as 'Privacy'

    In recent days we published or republished some bits and pieces about what DuckDuckGo really is; the above reader dropped by to enlighten us and demonstrate just how easy it is to see what DuckDuckGo does even at the client side (with JavaScript); more people need to confront DuckDuckGo over this and warn colleagues/friends/family (there’s more here)



  6. Austria's Right-Wing Politicians Displaying Their Arrogance to EPO Examiners

    The EPO‘s current regime seems to be serving a money-hungry lobby of corrupt officials and pathological liars; tonight we focus on Austria



  7. [Meme] Friedrich Rödler's Increasingly Incomprehensible Debt Quagmire, Years Before EPO Money Was Trafficked Into the Stock Market

    As it turns out, numerous members of the Administrative Council of the EPO are abundantly corrupt and greedy; They falsely claim or selfishly pretend there’s a financial crisis and then moan about a "gap" that does not exist (unless one counts the illegal gambling, notably EPOTIF, which they approved), in turn recruiting or resorting to scabs that help improve ‘profit margins’



  8. The EPO’s Overseer/Overseen Collusion — Part XV: Et Tu Felix Austria…

    Prior to the Benoît Battistelli and António Campinos regime the EPO‘s hard-working staff was slandered by a corrupt Austrian official, Mr. Rödler



  9. Links 17/10/2021: Blender 2.93.5, Microsoft Bailouts

    Links for the day



  10. Links 17/10/2021: GhostBSD 21.10.16 and Mattermost 6.0

    Links for the day



  11. IRC Proceedings: Saturday, October 16, 2021

    IRC logs for Saturday, October 16, 2021



  12. [Meme] First Illegally Banning Strikes, Then Illegally Taking Over Courts

    The vision of Team Battistelli/Campinos is a hostile takeover of the entire patent system, not just patent offices like the EPO; they’d stop at nothing to get there



  13. Portuguese Network of Enablers

    Instead of serving Portuguese people or serving thousands of EPO workers (including many who are Portuguese) the delegation from Portugal served the network of Campinos



  14. In Picture: After Billions Spent on Marketing, With Vista 11 Hype and Vapourware, No Real Gains for Windows

    The very latest figures from Web usage show that it’s hardly even a blip on the radar; Windows continues bleeding to death, not only in servers



  15. [Meme] [Teaser] Double-Dipping Friedrich Rödler

    As we shall see tomorrow night, the EPO regime was supported by a fair share of corrupt officials inside the Administrative Council



  16. The EPO’s Overseer/Overseen Collusion — Part XIV: Battistelli's Iberian Facilitators - Portugal

    How illegal “Strike Regulations” and regressive ‘reforms’ at the EPO, empowering Benoît Battistelli to the detriment of the Rule of Law, were ushered in by António Campinos and by Portugal 5 years before Campinos took Battistelli’s seat (and power he had given himself)



  17. Links 16/10/2021: SparkyLinux Turns 10 and Sculpt OS 21.10

    Links for the day



  18. “Facebook Whistleblowers” Aside, It Has Been a Dying Platform for Years, and It's Mentally Perverting the Older Generation

    Guest post by Ryan, reprinted with permission



  19. [Meme] Microsoft Has Always Been About Control Over Others

    Hosting by Microsoft means subjugation or a slavery-like relationship; contrary to the current media narrative, Microsoft has long been censoring LinkedIn for China’s autocratic regime; and over at GitHub, as we shall show for months to come, there’s a war on information, a war on women, and gross violations of the law



  20. EFF Pushes for Users to Install DuckDuckGo Software After Being Paid to Kill HTTPS Everywhere

    Guest post by Ryan, reprinted with permission



  21. The Reign in Spain

    Discussion about the role of Spain in the EPO‘s autocratic regime which violates the rights of EPO staff, including Spanish workers



  22. [Meme] Spanish Inquisition

    Let it be widely known that Spain played a role in crushing the basic rights of all EPO workers, including hundreds of Spaniards



  23. Why You Shouldn’t Use SteamOS, a Really Incompetent GNU/Linux Distribution With Security Pitfalls (Lutris is a Great Alternative)

    Guest post by Ryan, reprinted with permission



  24. IRC Proceedings: Friday, October 15, 2021

    IRC logs for Friday, October 15, 2021



  25. Links 16/10/2021: Xubuntu 21.10 and DearPyGui 1.0.0

    Links for the day



  26. DuckDuckGo’s HQ is Smaller Than My Apartment

    Guest post by Ryan, reprinted with permission



  27. Post About Whether Vivaldi is a GPL violation Was Quietly Knifed by the Mods of /r/uBlockOrigin in Reddit

    Guest post by Ryan, reprinted with permission



  28. The EPO’s Overseer/Overseen Collusion — Part XIII: Battistelli's Iberian Facilitators - Spain

    The EPO‘s António Campinos is an ‘Academy’ of overt nepotism; what Benoît Battistelli did mostly in France Campinos does in Spain and Portugal, severely harming the international image of these countries



  29. From Competitive (Top-Level, High-Calibre, Well-Paid) Jobs to 2,000 Euros a Month -- How the EPO is Becoming a Sweatshop by Patent Examiners' Standards

    A longish video about the dreadful situation at the EPO, where staff is being ‘robbed’ and EPO funds get funnelled into some dodgy stock market investments (a clear violation of the institution’s charter)



  30. [Meme] Protecting European Patent Courts From EPO 'Mafia'

    With flagrant disregard for court rulings (or workarounds to dodge actual compliance) it seems clear that today's EPO management is allergic to justice and to judges; European Patents perish at unprecedented levels in national European courts and it should be kept that way


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts