12.02.10

^{Gemini version available ♊︎}

Wikileaks Reveals Microsoft Involvement in US Security Policy

Posted in Microsoft, Security, Windows at 7:10 pm by Dr. Roy Schestowitz

Summary: Wikileaks and Microsoft discussed, especially in the context of security

OUR daily links this week have been filled with reports about Wikileaks. That site’s fate is important to us because we too host material from close to 10,000 confidential Microsoft documents. It’s not about whether Wikileaks is “irresponsible” or not; it is about freedom of information and freedom of speech.

One new Wikileaks leak caught our attention because it speaks about the Iraq war (invasion in some people’s eyes) and it says that “Karim Ramadan (Microsoft) praised the historic role of USAID in Egypt” (we have mentioned USAID in relation to the Gates Foundation as USAID is accommodated by former Gates Foundation staff [1, 2, 3, 4, 5, 6, 7, 8, 9]).

“Those leaks just provide some more evidence to back the obvious.”This post is not about foreign policy or about USAID, but the point to be made is that Microsoft is involved in politics, even quite directly. Those leaks just provide some more evidence to back the obvious. Wikileaks is merely a messenger/host as the material is raw. And speaking of which, Julian Assange is the author/co-author of surfraw (Free software and Debian/GNU assist transparency and affect politics).

How far will the world go with so much sensitive information available to everyone (bar censorship, e.g. in China)? Amazon has been pressured by US politicians to kick Wikileaks out, Google is slowly indexing the latest leaks (that’s how we found the Microsoft mention), and as for Microsoft… well, based on search at this moment it only indexed 46 pages from cablegate.wikileaks.org whereas Google did well over a thousand. Does anyone take Bong [sic] seriously at all? Microsoft only gets users by paying for them and it comes at a cost of like $3 billions in losses online per year. Having indirectly ensured that even fast boot Linux software like Express Gate depends on Windows, the company is now signing a deal with SplashTop to put Bong [sic] search/toolbar in it, as Phoronix helps reveal:

It was precisely one month ago I was wondering what happened to SplashTop and found the company that we jump-started by our first-in-the-world coverage was still pushing out their instant-on Linux OS to various OEM vendors but they have lost their roots of using the Linux environment embedded on a motherboard’s flash chip to instead being nestled away on the user’s hard drive, which defeats much of its uniqueness and benefits (not to mention it was hacked by Phoronix readers). SplashTop, which was formerly named DeviceVM before the company took up the same name as their premiere product, also started pushing out Apple iPad applications in recent months. Today the company is announcing another set of peculiar changes to their instant-on Linux OS.

[...]

Today’s SplashTop announcements can be read on their blog. There’s also the SplashTop beta page for installing the beta version of their Bing+Chromium-ified SplashTop OS, but it must be installed via Microsoft Windows.

Fortunately the world is heading towards Linux on a large proportion of newly-sold PCs (even if just in the form of fast-booting OS). Schneier believes that software monoculture (monopoly) contributes to the reality where one in two Windows PCs is estimated to be a zombie PC. As Schneier explains right now:

The basic problem with a monoculture is that it’s all vulnerable to the same attack. The Irish Potato Famine of 1845–9 is perhaps the most famous monoculture-related disaster. The Irish planted only one variety of potato, and the genetically identical potatoes succumbed to a rot caused by Phytophthora infestans. Compare that with the diversity of potatoes traditionally grown in South America, each one adapted to the particular soil and climate of its home, and you can see the security value in heterogeneity.

Similar risks exist in networked computer systems. If everyone is using the same operating system or the same applications software or the same networking protocol, and a security vulnerability is discovered in that OS or software or protocol, a single exploit can affect everyone. This is the problem of large-scale Internet worms: many have affected millions of computers on the Internet.

Can Schneier name that “same operating system” or would that have him risk the label “Microsoft hater” [1, 2, 3]? In any event, now that Microsoft’s Charney lobbies to change security legislation [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], the above leak is worth remembering. █

Bruce Schneier photo by sfllaw

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Mail Send this to a friend

ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

A Single Comment

NotZed said,

December 3, 2010 at 8:40 pm

“Can Schneier name that “same operating system” or would that have him risk the label “Microsoft hater” [1, 2, 3]?”

But that is his point precisely. It doesn’t matter which operating system it is – although right now it is microsoft windows – it is that mono-cultures are weak and vulnerable, and diversity is strong.