Bonum Certa Men Certa

It's Not a Virus If the User Needs to Actually Install It

Virus



Summary: Rebuttal to security FUD from the Microsoft crowd amid attack on the US Energy Research Lab, which got cracked because of Windows

GOOGLE abandons Windows due to security reasons. It's really quite simple. But if enough Microsoft people (e.g. former staff) manage to enter news sites, then "news" becomes just agenda-filled propaganda. That's what happened in the BBC, which we call the MSBBC. Not too surprisingly, Microsoft's Bought Bot and MSBBC, which loves to post FUD about Android every time someone is able to do something to break it (we covered just one such example recently even though there are more), are at it again. In order to fight the perception that Windows is insecure by design (which it is, even by Microsoft's own admission) they try to paint other platforms as "inseucre", by improperly naming malware "virus" or something along those lines. This usually requires that the user should be actually be installing it (not drive-by), in which case the software is granted permission to do exactly what it was designed to do.



SJVN writes a rebuttal to the Bought Bot by noting that "One in fourteen Internet downloads is Windows malware" (not the same as viruses):

Yes. It’s true. For the first time, Mac users have a significant malware problem. But, hey, it could be worse. You could be running Windows. After all, Microsoft, not some third-party anti-virus company trying to drum up business, has just admitted that based on analysis gained from IE 9 use, “1 out of every 14 programs downloaded is later confirmed as malware.”

If I may quote from Matthew 7:5, the King James Bible, “First cast out the beam out of thine own eye; and then shalt thou see clearly to cast out the mote out of thy brother’s eye.”

Window PCs has far, far more malware trouble than Macs, and I can’t resist mentioning that after in twenty-years of Linux, we’ve not seen a real-world example of Linux malware–not counting the Android malware mess. Ironically, these latest appalling Windows malware numbers are shared in a Microsoft blog about how well SmartScreen Application Reputation is working in IE9.


There is another new pattern of FUD at the moment, where a weakness that affects virtually all phone platforms is ascribed only to Android. Linux is winning, so it is becoming a prime target for FUD. One of our reader supplies this recent link on "Wild Android Growth". It says that "100 million Android devices have been sold, more than Apple... 36 OEMs, 215 carriers, and 450K developers push Android/Linux, 310 different devices sold in 110 countries, 400K activations daily, 4.6 per second, 200K available applications exist, and 4.5 billion installations of applications have been done, an average of 45 per device."

Suffice to say, there is also patent as well as copyright FUD against Android and it comes from someone whom Microsoft Florian has been repeatedly interacting with recently. He used to work for Microsoft. "I think it's more likely not about press for himself for himself as for press on the issue," writes Pamela Jones, "preparatory to more hijinks filing of bogo-complaints against a Microsoft competitor." It's like mercenaries galore.

In other news, "U.S. Energy Research Lab Still Recovering From Internet Explorer Exploit," says this report:

The Department of Energy's largest science and research lab in Tennessee is still recovering from a sophisticated attack from hackers intent on stealing information from the lab in early April.

The attack left the lab in a communications limbo for two days as technicians dealt with its aftermath.

"Most of the staff are back up, and the business functions are performing as usual," said Barbara Penland, the Oak Ridge National Laboratory's director of communications. "But as you can imagine, when we were trying to get everything back up in a hurry, there were some shortcuts taken, and now the IT folks are rebuilding things in the background, and building some things that will make us more secure."


"US nuclear materials lab, Oak Ridge, and RSA done in by Windows and IE attack in April," explains a contributor of ours. "The only common "Advanced Persistent Threat" shared by the two is Windows," he adds, quoting:

To deal with the attack, Oak Ridge lab's technicians had shut down access to its e-mail systems and some of its servers for more than 48 hours. They found that it was an attack that relied on a combination of social engineering and an unknown security hole in Microsoft's Internet Explorer browser. ... the attack is noteworthy because it was clearly an attempt to steal information from a facility that is at the heart of America's materials, national security and energy research. ...

The characteristics of the this latest attack also appear similar to those used in the widely-publicized SecurID phishing attack, which compromised the computer security company RSA's widely-used product. In the RSA attack, a malicious Flash object in a scam Excel file was used to infect recipients' computers with malicious computer code.


Incidentally, he add that "NSA tells people to buy Vista/Windows 7 or OSX instead of moving to free software. They probably justified the omission based on perceived OS prevalence but most of the measures recommended are useless and real security is easier to find in freedom than in jail."

We wrote about the NSA issue quite recently [1, 2]. To the FBI, for example, malware is not a bad thing, it's just business as usual. To them, insecurity at the user level is an advantage. Security means "securing those in power from the population" when it comes to secret agencies.

Recent Techrights' Posts

Links 06/07/2025: Climate Change and "The Right to Criticise"
Links for the day
The Mainstream Media Took 4 Days to Realise Microsoft Shut Down Its Operations in Pakistan and Fired Everybody
We estimate that Microsoft has had about 29,000 layoffs since January
“Twibel” Actions Against Comedians (and Why It's a Truly Low Blow)
they try to make up in quantities for a lack of merit or quality
 
Links 06/07/2025: End to End Encryption at Risk, Reuters Twitter ("X") Account Withheld in India
Links for the day
Gemini Links 06/07/2025: Tinylog and Certification Rotation
Links for the day
PCLinuxOS Sites Coming Back, Gradually
let's just be patient
Social Control Media, Even If Based on Free Software, Still Has Many Problems
a distraction from what actually mattered and still matters
IBM is Not Your Master
IBM makes friends with people who exclude the majority of the population: women
Help Fund the Free Software Foundation (FSF)
If you have some dollars to spare, go support the FSF
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 05, 2025
IRC logs for Saturday, July 05, 2025
A Short History of Attacks on Techrights (and Boycott Novell Before That)
good opportunity to tell again the story of several (not all) attempts to silence us
Leadership in Free Software
Don't let IBM lead. It's a terrible flag bearer.
Linux Foundation Apparently Flirting With Slop (Marketing by LLM-Generated SPAM)
The Web is in a really bad state!
COVID-19 Sped Up Site Improvements in Techrights
A few months later we created our very own IRC network
Gemini Links 05/07/2025: Negative Questions and 'Touching Grass' (Going Outside)
Links for the day
Links 05/07/2025: Dalai Lama Succession as 90th Birthday Approaches, 40 deg C in China
Links for the day
Links 05/07/2025: Hungary and US Defecting to Russia, "Google's Hotseat Hypocrisy"
Links for the day
Gemini Links 05/07/2025: 4th of July 2025 and "Zig Roadmap 2026"
Links for the day
How to Combat the Exploitation and Abuse by Microsoft GitHub
Not to mention corruption and crimes against women
Bryan Lunduke is Actually Sending His Audience to Attack People
"[Lunduke] is actually sending his audience to attack people."
Even The Right Wing is Rejecting Bryan Lunduke
no wonder he became so irrelevant and marginal
Microsoft's MSN Helps Microsoft Spread Lies About the Layoffs' Scale (Well Over 25,000 People Laid Off This Year)
There seem to be monopolies on lies and on truth
The Death of X Has Been Greatly Exaggerated (by Compromised Media)
X.Org Server is alive and well
Rewriting Things in Rust
How far would you go?
In 2025 Everything is "AI". Remember Blockchains?
Talk about what companies and things (services, products, software) actually do, not the labels they use
Julian Assange Has Been Free for a Year
Julian Assange and I disagreed on some things
Monopolies and Scalping
Monopolies gravitate towards price hikes
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 04, 2025
IRC logs for Friday, July 04, 2025
Microsoft's August Layoffs Wave: "August is Confirmed for Additional Performance Based Cuts"
"August is confirmed for additional performance based cuts from the recent connects along with additional organizational cuts."
What Microsoft Reputation Laundering (With a Weaponised Law Degree) Looks Like in a Foreign Continent
You would expect this in uncivilised and primitive countries
Slopwatch: LLMs 'Write' Fake or Distorted 'News' About "Linux"
LLM slop disguised as news
Links 04/07/2025: Google Replaces the Web With Slop, "AI Might Kill Us All"
Links for the day
Gemini Links 04/07/2025: Mindfulness and F1
Links for the day
Weeks After Microsoft Bankruptcy in Russia the Company Shuts Down in Pakistan, Too
Last month Windows' share in Pakistan fell to an all-time low
Rob Musial's June 2025 Additions of Malware in Proprietary Software
Via the GNU Web site this week
Links 04/07/2025: Microsoft's H-1B Visa Applications Show Another Crisis Unfolding, Many More Deep Cuts and Shutdowns Revealed, Complete Microsoft Exits
Links for the day
Gemini Links 04/07/2025: A Day To Remember and "Stop Killing Games"
Links for the day
Crime and Corruption at Microsoft GitHub Cannot be Covered Up by SLAPPs in Another Continent
We'll write about this for a long time to come
Slop Videos Are Disappointing Garbage, Nothing New, Just Brute Force up on Display or a Pedestal of Slop
Slop videos aren't a new thing
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 03, 2025
IRC logs for Thursday, July 03, 2025
The War on Local Storage (People Hosting Their Files Locally and Privately)
There's nothing wrong with controlling one's computing
What Digital Independence Means
Independence in the digital realms means abandoning platforms like GitHub, not just rejecting proprietary software
NVidia is a Bubble
they temporarily see fortunes and wrongly assume perpetuity thereof
Fedora Does Not Care About Diversity and Inclusion, It's About Optics (Corporate Image)
any notion of inclusion is superficial and misleading
Don't Buy the Excuses for Microsoft's Mass Layoffs
Back in the 90s, Microsoft bought a lot of companies to get and stay ahead