01.14.15

Gemini version available ♊︎

Microsoft — Like David Cameron — Attacking the Computer Security Industry

Posted in Microsoft, Security at 4:17 pm by Dr. Roy Schestowitz

Microsoft is essentially a snitching company, unconditionally serving those in power

Police

Summary: Microsoft’s latest moves that help expose its real policy when it comes to computer security and people’s privacy

THE OTHER day we mentioned demands for back doors, which basically would make any piece of proprietary software (where back doors cannot be removed) utterly useless for any serious work because secure communication is a cornerstone of computing in a connected environment. We also mentioned Microsoft hiding many of its existing back doors even more aggressively, essentially telling users nothing about their easy-to-compromise systems.

“Always remember that Microsoft makes money from spying on users (government subsidies for the back door access), including in cases where this directly benefits Microsoft’s business interests”This article from the British press says that this “move was criticised by some security professionals, who said it would hinder organisations’ ability to quickly test and deploy Microsoft’s updates.”

They should just quit relying on Windows. Sony can tell them how reliance on Microsoft Windows already caused them to be doxxed against, potentially costing the company many billions of dollars in damages. One security-oriented professional “called the change, which was made with no advance notice, an “assault” on IT security teams.”

Microsoft “assaults” the IT security industry. It attacks security itself, too. To quote further from the article: “Other industry observers said the change may have resulted from a broad reorganisation at Microsoft that began in 2013 and included large-scale layoffs in the middle of last year, with the Trustworthy Computing security group shut down in September. The reorganisation is itself the result of a broad industry shift toward mobile devices which has diminished the importance of Microsoft products such as Windows.

“Prominent figures at MSRC have left Microsoft, including senior development manager Jonathan Ness and Dustin Childs, group manager of response communications. In November Microsoft discontinued a long-running webcast in which engineers gave details on the monthly updates.

“Microsoft said in a statement that while ANS is no longer public, the company may also “take the appropriate actions to reach customers” if it determines that “broad communication” is needed for a specific situation.”

So Microsoft Windows bug doors are becoming more secretive now. Nice timing given Cameron’s call for back doors in everything; he would be so proud. Remember that Microsoft tells the NSA (and hence GCHQ too) about these bug doors well before they are patched, even 3 months in advance (Microsoft does not bother to patch holes until much later, if ever).

GNU/Linux is completely different because the code is visible and everyone can patch holes as soon as they are revealed. There are huge software repositories for which source code is available, so even underlying applications — not just the operating system — can be fixed. On Windows it is a sordid mess of random downloads of binaries from the Web and so-called ‘crapware’ that comes preinstalled with Windows and often has malicious behaviour. As Jim Lynch put it the other day: “I guess the bottom line here is to try to avoid being the sucker by installing crapware in the first place, regardless of the operating system you are using. If you don’t understand or aren’t sure about what’s being installed THEN DON’T INSTALL IT on your system. And only install software from trusted sources that don’t engage in the freeware bundling shenanigans.”

Free software has none of these issues. The user is in charge.

Caspar Bowden, whom Microsoft fired for 'daring' to care about security and privacy, talks about Microsoft’s publicity stunt case (intended to make it look like Microsoft cares about security and privacy). He now says he hopes Microsoft’s publicity stunt will go down in flames and here is why: “His reasoning is that the US government can use other legal instruments, such as FISA 702 or Executive Order 12333, to brush aside such niceties as Safe Harbor or binding corporate rules (BCR) to get its hands on such data perfectly legally any time it likes, and as such the whole case is a smokescreen that actually suits both parties.

“”Even if Microsoft wins that case, and I hope they don’t because that’ll just shore up the whole rotten system, it will make no difference to surveillance by the NSA under FISA 702 or Executive Order 12333 [see below],” he told Computing.

“Bowden – who was the chief privacy adviser to 40 national technology officers at Microsoft before he was “let go” in 2011 after revealing what FISA 702 implies for the firm’s non-US customers – believes that this is all for show. It is part of a campaign of “cloudwashing” on the part of government and the industry, he says, that deliberately conflates data security – over which US cloud companies and their customers can take an active role – and government surveillance, over which, for legal reasons, they cannot. FISA 702 allows the US government to install surveillance apparatus inside the data centres of US companies. These interventions are covered by the espionage law, and anyone revealing their existence could face a lengthy jail sentence, as Yahoo’s Marissa Mayer revealed.”

Bowden is a Brit speaking about Ireland in the British press. We are happy to see him using the term “cloudwashing” — a term we have used a lot for years. A lot of the pro-cloud hype is about increasing surveillance; it’s often the business model. Always remember that Microsoft makes money from spying on users (government subsidies for the back door access), including in cases where this directly benefits Microsoft's business interests.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. IRC Proceedings: Tuesday, October 19, 2021

    IRC logs for Tuesday, October 19, 2021

  2. Links 19/10/2021: Karanbir Singh Leaves CentOS Board, GPL Violations at Vizio

    Links for the day

  3. [Meme] Giving the Knee

    The 'knee' champion Kratochvìl and 'kneel' champion Erlingsdóttir are simply crushing the law; they’re ignoring the trouble of EPO staff and abuses of the Office, facilitated by the Council itself (i.e. facilitated by themselves)

  4. Josef Kratochvìl Rewarded Again for Covering Up EPO Corruption and the EPO Bribes the Press for Lies Whilst Also Lying About Its Colossal Privacy Violations

    Corrupt officials and officials who actively enable the crimes still control the Office and also the body which was supposed to oversee it; it's pretty evident and clear judging by this week's press statements at the EPO's official Web site

  5. [Meme] Sorry, Wrong Country (Or: Slovenia isn't Great Britain)

    Team UPC is trying to go ahead with a total hoax which a high-level European court would certainly put an end to (if or when a referral is initiated)

  6. How Denmark, Iceland, Finland, Norway and Sweden Voted on Patently Unlawful Regulations at the EPO

    We look back and examine what happened 8 years ago when oppressed staff was subjected to unlawful new “regulations” (long enjoyed by António Campinos, the current EPO autocrat)

  7. The EPO’s Overseer/Overseen Collusion — Part XVII: The Non-Monolithic Nordic Bloc

    We start our investigation of how countries in northern Europe ended up voting on the unlawful “Strike Regulations” at the EPO and why

  8. Proof That Windows “11” is a Hoax

    Guest post by Ryan, reprinted with permission

  9. Firefox Becomes as Morally Reprehensible as Apple, Facebook, or Uber

    Guest post by Ryan, reprinted with permission

  10. Links 19/10/2021: GNU dbm 1.22 and Godot 3.4 RC 1

    Links for the day

  11. [Meme] [Teaser] GitHub an Expensive and Dangerous Trap (Also: Misogyny Hub)

    The ongoing Microsoft GitHub exposé will give people compelling reasons to avoid GitHub, which is basically just a subsidised (at a loss) trap

  12. Norway Should Have Voted Against Benoît Battistelli's Illegal (Anti-)'Strike Regulations' at the European Patent Office

    Benoît Battistelli‘s EPO faced no real and potent opposition from Norwegian delegates, who chose to abstain from the vote on the notorious and illegal so-called ‘Strike Regulations’ (they’re just an attack on strikes, an assault on basic rights of labourers)

  13. Links 19/10/2021: Sequoia PGP LGPL 2.0+, Open RAN Adoption

    Links for the day

  14. [Meme] [Teaser] Benoît Battistelli, King of Iceland

    Later today we shall see how the current deputy of the head of the EPO‘s overseeing body was in fact likely rewarded for her complicity in Benoît Battistelli‘s abuses against EPO staff, including staff from Iceland

  15. IRC Proceedings: Monday, October 18, 2021

    IRC logs for Monday, October 18, 2021

  16. Links 19/10/2021: MyGNUHealth 1.0.5 and Ubuntu 22.04 Now Developed

    Links for the day

  17. [Meme] [Teaser] Thrown Under the Bus

    Tomorrow we shall look at Danish enablers of unlawful EPO regulations, Jesper Kongstad and Anne Rejnhold Jørgensen

  18. The World Needs to Know What Many Austrians Already Know About Rude Liar, the Notorious 'Double-Dipper'

    Today we publish many translations (from German) about the Austrian double-dipper, who already became the subject of unfavourable press coverage in his home country; he’s partly responsible for crushing fundamental rights at the EPO under Benoît Battistelli‘s regime

  19. The EPO’s Overseer/Overseen Collusion — Part XVI: The Demise of the Austrian Double-Dipper

    Friedrich ‘Rude Liar’ Rödler is notorious in the eyes of EPO staff, whom he was slandering and scandalising for ages while he himself was the real scandal

  20. Links 18/10/2021: Porteus Kiosk 5.3 and Ventoy 1.0.55

    Links for the day

  21. [Meme] [Teaser] More to Life Than Patents

    Greedy sociopaths oughtn’t be put in charge of patent offices; this is what’s dooming the EPO in recent years (all they think about is money

  22. Microsoft GitHub Exposé — Part II — The Campaign Against GPL Compliance and War on Copyleft Enforcement

    Microsoft contemplated buying GitHub 7.5 years ago; the goal wasn’t to actually support “Open Source” but to crush it from the inside and that’s what Microsoft has been doing over the past 2.5 years (we have some details from the inside)

  23. Links 18/10/2021: Linux 5.15 RC6 and 7 New Stable Kernels

    Links for the day

  24. [Meme] The Austrian School of Friedrich Rude Liar

    With reference to the Austrian School, let’s consider the fact that Friedrich Rude Liar might in fact be standing to personally gain by plundering the EPO‘s staff by demonising them while helping Benoît Battistelli crush them

  25. IRC Proceedings: Sunday, October 17, 2021

    IRC logs for Sunday, October 17, 2021

  26. How (Simple Technical Steps) to Convince Yourself That DuckDuckGo is Just Spyware Connected to Microsoft, Falsely Advertised as 'Privacy'

    In recent days we published or republished some bits and pieces about what DuckDuckGo really is; the above reader dropped by to enlighten us and demonstrate just how easy it is to see what DuckDuckGo does even at the client side (with JavaScript); more people need to confront DuckDuckGo over this and warn colleagues/friends/family (there’s more here)

  27. Austria's Right-Wing Politicians Displaying Their Arrogance to EPO Examiners

    The EPO‘s current regime seems to be serving a money-hungry lobby of corrupt officials and pathological liars; tonight we focus on Austria

  28. [Meme] Friedrich Rödler's Increasingly Incomprehensible Debt Quagmire, Years Before EPO Money Was Trafficked Into the Stock Market

    As it turns out, numerous members of the Administrative Council of the EPO are abundantly corrupt and greedy; They falsely claim or selfishly pretend there’s a financial crisis and then moan about a "gap" that does not exist (unless one counts the illegal gambling, notably EPOTIF, which they approved), in turn recruiting or resorting to scabs that help improve ‘profit margins’

  29. The EPO’s Overseer/Overseen Collusion — Part XV: Et Tu Felix Austria…

    Prior to the Benoît Battistelli and António Campinos regime the EPO‘s hard-working staff was slandered by a corrupt Austrian official, Mr. Rödler

  30. Links 17/10/2021: Blender 2.93.5, Microsoft Bailouts

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts