10.10.10

Gemini version available ♊︎

EU Concerns Highlight Need to Remove Windows From the Network

Posted in Europe, Microsoft, Security, Vista, Vista 7, Windows at 1:38 am by Dr. Roy Schestowitz

Flag of Europe

Summary: With Stuxnet running rampant and security issues at Microsoft reaching an all-time high, employees of the company attempt to distract from the fact that Windows — not “sick” PCs — is the cause

ACCORDING TO this report, “EU calls Stuxnet ‘paradigm shift’” and there is need for change.

While official U.S. response has been comparatively mild, the European Union’s cybersecurity agency says Stuxnet represents a “paradigm shift” in critical infrastructure threats and that current defense philosophies need to be reconsidered.

In a statement released yesterday, Udo Helmbrecht, the executive director of ENISA (European Network and Information Security Agency), said that as a “new class and dimension of malware,” Stuxnet represents a “paradigm shift.”

“The attackers have invested a substantial amount of time and money to build such a complex attack tool,” he said. “The fact that perpetrators activated such an attack tool can be considered as the ‘first strike,’ i.e. one of the first organized, well prepared attacks against major industrial resources. This has tremendous effect on how to protect national” infrastructure in the future.

CNET’s Elinor Mills no longer 'forgets' to mention Windows and “let’s hope the[y] draw the right conclusion about Windows” was Glyn Moody’s response to the above.

Stuxnet has become somewhat of a blessing to GNU/Linux because it helps more and more people see the serious ramifications of Windows use. Stuxnet is very much alive and there is no solution to it yet. We wrote about the subject in:

  1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran’s Nuclear Programme
  2. Windows Viruses Can be Politically Motivated Sometimes
  3. Who Needs Windows Back Doors When It’s So Insecure?
  4. Windows Insecurity Becomes a Political Issue
  5. Windows, Stuxnet, and Public Stoning
  6. Stuxnet Grows Beyond Siemens-Windows Infections
  7. Has BP Already Abandoned Windows?
  8. Reports: Apple to Charge for (Security) Updates
  9. Windows Viruses Can be Politically Motivated Sometimes
  10. New Flaw in Windows Facilitates More DDOS Attacks
  11. Siemens is Bad for Industry, Partly Due to Microsoft
  12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
  13. Microsoft’s Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
  14. Microsoft Software: a Darwin Test for Incompetence
  15. Bad September for Microsoft Security, Symantec Buyout Rumours
  16. Microsoft Claims Credit for Failing in Security
  17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
  18. Windows Users Still Under Attack From Stuxnet, Halo, and Zeus

“Stuxnet Used in Black Hat SEO Campaigns” says Ziff Davis which also has this new slideshow-type article about Stuxnet.

That link that you click on for information about the Stuxnet worm might be leading you to a malicious site.

It’s the dark side of search engine optimization; attackers boosting the search engine rankings of malicious sites so they can lure visitors with the promise of interesting news. In this case, it’s the Stuxnet worm that is being used as bait.

Stuxnet has been a regular presence in security articles since it was discovered this summer. The worm was designed to target industrial control systems, and its complexity has made it a source of interest for security researchers and IT admins alike.

As expected, Microsoft is trying to distract from Windows as the source of this problem. In fact, it tries to take advantage of this fiasco and portray itself as a rescuer. As we showed some days ago, Microsoft steps up as the so-called ‘solution’ to the problem which Microsoft itself helped create and the old nonsense from Charney (he started this in [1, 2, 3, 4, 5, 6, 7, 8, 9]) has washed the Web, leading to responses like Marco’s “Computer health certificates for surfing the Internet? Are you serious?”

First of all, he has managed to turn a problem that today, in large part, is caused by defects in his company’s products in something that any freedom-loving government would really love to fix for you. This is genius at work. Because presenting (1) virus-ridden computers as “sick PCs”, that is as a “public health” issue that should be fixed by “legal frameworks” that define and enforce “trusted computers systems” is just a way to mutilate computers so they can’t do anymore what you want, but only what somebody else likes. In other words, this proposal could give governments a reason to fix Microsoft problems with their (as in “yours”) money because it also does something else they want. Not to mention that movie and music corporations would surely insist to add “no copy” mechanisms to the “health” checklist.

Secondly, Mr Charney comes and proposes this… just seven months after an equally absurd and offending solution to the same problem, that is taxing ALL citizens to fix Microsoft’s security problems. I am speechless, really.

John Gilmore says: “I’d recommend merely ignoring his ideas til they sink like a stone. But it looks like Intel and Microsoft are actively sneaking up on the free Internet and the free 10% of the computer market by building in these techniques and seeking partnerships with governments, ISPs, telcos, oligopolists, etc to force their use. So some sort of active opposition seems appropriate.”

Here is what SJVN wrote about it:

My friend Richi Jennings is fond of the idea that users with malware-infected PCs should be cut off from the Internet. To this, I say not just “Yes,” but “Hell yes.” And, as he pointed out, other people are getting behind this idea of helping to clean up the litter of spam, malware, and distributed denial-of-service (DDoS) attacks that junks up the Internet highway.

Comcast, as Jennings pointed out, will be letting malware-infected users know that they’ve got garbage on their hard disk, but not keeping them off the net. Darn it.

If this was implemented, up to about half of the world’s computer users would get disconnected. It’s really that serious. Despite Microsoft’s many promises for the best part of a decade, things are not improving. Microsoft does not reveal just how many holes exist in its software (there is silent patching which Microsoft keeps hidden), but this month it claims to be breaking the record:

i. Microsoft Plans Biggest Patch Tuesday Security Update Ever

Microsoft is poised to break its record for the most Patch Tuesday security bulletins ever for the second time in 2010.

On Oct. 12, the company is set to release 16 security bulletins to cover a total of 49 vulnerabilities in Windows, Internet Explorer, Microsoft Office and the .NET framework. In August, the company set a new record with 14 bulletins. That update fixed 34 security holes across a number of products.

ii. MS planning Patch Tuesday whopper: 16 bulletins, 49 vulnerabilities

This month’s batch of security patches from Microsoft will be a record-breaking one: 16 bulletins addressing a whopping 49 security vulnerabilities.

Windows XP may no longer be sold, but this Swiss cheese of an operating system is here to cause trouble for several more years:

Although Windows XP will no longer be for sale this doesn’t mean that existing users will be left high and dry. Microsoft has said that it will provide support for Windows XP until April 2014. Windows Vista support will also end in April 2014.

Notice what Microsoft is doing with Vista. Support gets cut on the same date, despite the releases being almost 6 years apart. What does that tell people who were foolish enough to fall for Microsoft’s hype and bet on Vista? It’s also a potential lesson about Vista 7. A reasonable upgrade route is to GNU/Linux and Ubuntu 10.10 will be released very shortly.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Links 28/05/2023: New Wine and More

    Links for the day



  2. Links 27/05/2023: Plans Made for GNU's 40th Anniversary

    Links for the day



  3. Social Control Media Needs to be Purged and We Need to Convince Others to Quit It Too (to Protect Ourselves as Individuals and as a Society)

    With the Tux Machines anniversary (19 years) just days away we seriously consider abandoning all social control media accounts of that site, including Mastodon and Diaspora; social control networks do far more harm than good and they’ve gotten a lot worse over time



  4. Anonymously Travelling: Still Feasible?

    The short story is that in the UK it's still possible to travel anonymously by bus, tram, and train (even with shades, hat and mask/s on), but how long for? Or how much longer have we got before this too gets banned under the false guise of "protecting us" (or "smart"/"modern")?



  5. With EUIPO in Focus, and Even an EU Kangaroo Tribunal, EPO Corruption (and Cross-Pollination With This EU Agency) Becomes a Major Liability/Risk to the EU

    With the UPC days away (an illegal and unconstitutional kangaroo court system, tied to the European Union in spite of critical deficiencies) it’s curious to see EPO scandals of corruption spilling over to the European Union already



  6. European Patent Office (EPO) Management Not Supported by the EPO's Applicants, So Why Is It Still There?

    This third translation in the batch is an article similar to the prior one, but the text is a bit different (“Patente ohne Wert”)



  7. EPO Applicants Complain That Patent Quality Sank and EPO Management Isn't Listening (Nor Caring)

    SUEPO has just released 3 translations of new articles in German (here is the first of the batch); the following is the second of the three (“Kritik am Europäischen Patentamt – Patente ohne Wert?”)



  8. German Media About Industry Patent Quality Charter (IPQC) and the European Patent Office (EPO)

    SUEPO has just released 3 translations of new articles in German; this is the first of the three (“Industrie kritisiert Europäisches Patentamt”)



  9. Geminispace Continues to Grow Even If (or When) Stéphane Bortzmeyer Stops Measuring Its Growth

    A Gemini crawler called Lupa (Free/libre software) has been used for years by Stéphane Bortzmeyer to study Gemini and report on how the community was evolving, especially from a technical perspective; but his own instance of Lupa has produced no up-to-date results for several weeks



  10. Links 27/05/2023: Goodbyes to Tina Turner

    Links for the day



  11. HMRC: You Can Click and Type to Report Crime, But No Feedback or Reference Number Given

    The crimes of Sirius ‘Open Source’ were reported 7 days ago to HMRC (equivalent to the IRS in the US, more or less); but there has been no visible progress and no tracking reference is given to identify the report



  12. IRC Proceedings: Friday, May 26, 2023

    IRC logs for Friday, May 26, 2023



  13. One Week After Sirius Open Source Was Reported to HM Revenue and Customs (HMRC) for Tax Fraud: No Response, No Action, Nothing...

    One week ago we reported tax abuses of Sirius ‘Open Source’ to HMRC; we still wait for any actual signs that HMRC is doing anything at all about the matter (Sirius has British government clients, so maybe they’d rather not look into that, in which case HMRC might be reported to the Ombudsman for malpractice)



  14. Links 26/05/2023: Weston 12.0 Highlights and US Debt Limit Panic

    Links for the day



  15. Gemini Links 26/05/2023: New People in Gemini

    Links for the day



  16. IRC Proceedings: Thursday, May 25, 2023

    IRC logs for Thursday, May 25, 2023



  17. Links 26/05/2023: Qt 6.5.1 and Subsystems in GNUnet

    Links for the day



  18. Links 25/05/2023: Mesa 23.1.1 and Debian Reunion

    Links for the day



  19. Links 25/05/2023: IBM as Leading Wayland Pusher

    Links for the day



  20. IRC Proceedings: Wednesday, May 24, 2023

    IRC logs for Wednesday, May 24, 2023



  21. Links 25/05/2023: Istio 1.16.5 and Curl 8.1.1

    Links for the day



  22. Gemini Links 25/05/2023: On Profit and Desire for Gemini

    Links for the day



  23. SiliconANGLE: Sponsored by Microsoft and Red Hat to Conduct the Marriage Ceremony

    SiliconANGLE insists that paying SiliconANGLE money for coverage does not lead to bias, but every sane person who keeps abreast of SiliconANGLE — and I read their entire feed every day — knows that it’s a ludicrous lie (Red Hat/IBM and the Linux Foundation also buy puff pieces and “event coverage” from SiliconANGLE, so it’s marketing disguised as “journalism”



  24. Links 24/05/2023: Podman Desktop 1.0, BSDCan 2024, and More

    Links for the day



  25. Gemini Links 24/05/2023: Razors, Profit, and More

    Links for the day



  26. [Meme] When the Patent Office Controls Kangaroo Patent Courts and Judges

    The EPO has been hijacked by industry and its lobbyists; now the same is happening to EU patent courts, even though it is illegal and unconstitutional



  27. The Illegally 'Revised' Unified Patent Court Agreement (UPCA) is Disgracing the Perception of Law and Order in the European Union

    The Unified Patent Court (UPC) isn’t legal, the Unified Patent Court Agreement (UPCA) is being altered on the fly (by a person patently ineligible to do so), and so it generally looks like even patent courts across Europe might soon become as corrupt as the European Patent Office, which has no basis in the Rule of the Law and is basically just a front for large corporations (most of them aren’t even European)



  28. Sirius 'Open Source', With High-Level Political Clients, Reported to Politicians

    The crimes of Sirius ‘Open Source’ are of interest to the British public sector; we’ve begun contacting relevant people



  29. IRC Proceedings: Tuesday, May 23, 2023

    IRC logs for Tuesday, May 23, 2023



  30. RSS Feeds (or XML/Atom) Are Far Better Than Social Control Media, Doing It With CLI and Text Editors Works Best for Us

    Consumption (marketing term) of content (another misnomer) on the World Wide Web has been geared towards engagement (fancy term for time-wasting), so we’re trying to correct this with RSS feeds and processing of news (to Separate the Wheat From the Chaff)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts