04.14.15

Gemini version available ♊︎

Back Doors/Bug Doors in All Versions of Microsoft Windows Need a Name, a Logo, and Branding Too

Posted in FUD, Microsoft, Security, Windows at 10:50 am by Dr. Roy Schestowitz

Microsoft gets a free pass for insecurity

Michael S. Rogers
“I don’t want a back door. I want a front door.” — Director of the National Security Agency (NSA), only days ago

Summary: All versions of Microsoft Windows are found to have been insecure since 1997, but the bug responsible for this is not named as candidate for back door access, let alone named (with logo and marketing) like far less severe bugs in Free/libre software such as OpenSSL

WHILE many journalists still refuse to call out Windows (see this new piece from Dan Goodin, who writes about crackers hoarding Windows hosts by the millions — in botnets — while mentioning the word “Windows” only once, very deep inside the article), some have no choice by to acknowledge that not every single computer runs Windows and therefore we should call out Windows when it’s clearly to blame.

“This wouldn’t be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple).”Although there is no “branding” yet (as Microsoft buddies from a a Microsoft-linked firm like to do to Free/libre software bugs), there is a very serious bug in all versions of Windows (even the one still in development) that Microsoft’s allies at the NSA must be very happy about, especially as the bug is 18 years old (meaning that Windows has allowed remote access since 1997, or around the time Microsoft was seeking to appease the US government after it had shamelessly broken many laws).

The bug was found not by Microsoft but by this team (press release), which probably has no access to Windows source code. This wouldn’t be the first time it happens; recall how Google had to alert Microsoft for 3 months about a serious flaw while Microsoft did absolutely nothing (as if the intention was to keep Windows insecure, albeit secretly, very much like Apple).

ISPs should now restrict or ban Windows use, as it poses a huge risk (botnets and DDOS, never mind risk to all data stored on machines running Windows). Here is some early coverage of this [1, 2], some correctly emphasising that it’s a 18-year-old vulnerability [1, 2].

Let’s see if this starts a big debate about the insecurity of proprietary software (as other bugs with “branding” did to Free software, by means of gross generalisation). This “New Security Flaw Spans All Versions Of Windows” (similar wording in this headline). 18 years, eh? It even predates 9/11. It’s older than some readers of this Web site.

Watch this disgraceful piece titled “Will Microsoft’s Security Measures in Windows 10 Tarnish Open-Source Development?”

Yes, it’s more propaganda; The disingenuous openwashing of Windows continues, as we’ll show in our next post.

“Our products just aren’t engineered for security.”

Brian Valentine, Microsoft executive

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Links 02/06/2023: Arti 1.1.5 and SQL:2023

    Links for the day



  2. Gemini Links 02/06/2023: Vimwiki Revisited, SGGS Revisited

    Links for the day



  3. Geminispace/GemText/Gemini Protocol Turn 4 on June 20th

    Gemini is turning 4 this month (on the 20th, according to the founder) and I thought I’d do a spontaneous video about how I use Gemini, why it's so good, and why it’s still growing (Stéphane Bortzmeyer fixed the broken cron job — or equivalent of it — a day or two after I had mentioned the issue)



  4. HMRC Does Not Care About Tax Fraud Committed by UK Government Contractor, Sirius 'Open Source'

    The tax crimes of Sirius ‘Open Source’ were reported to HMRC two weeks ago; HMRC did not bother getting back to the reporters (victims of the crime) and it’s worth noting that the reporters worked on UK government systems for many years, so maybe there’s a hidden incentive to bury this under the rug



  5. Our IRC at 15th Anniversary

    So our IRC community turns 15 today (sort of) and I’ve decided to do a video reflecting on the fact that some of the same people are still there after 15 years



  6. IRC Proceedings: Thursday, June 01, 2023

    IRC logs for Thursday, June 01, 2023



  7. Links 02/06/2023: NixOS 23.05 and Rust 1.70.0

    Links for the day



  8. Gemini Links 02/06/2023: Flying High With Gemini and Gogios Released

    Links for the day



  9. Links 01/06/2023: KStars 3.6.5 and VEGA ET1031 RISC-V Microprocessor in Use

    Links for the day



  10. Gemini Links 01/06/2023: Scam Call and Flying High With Gemini

    Links for the day



  11. Links 01/06/2023: Spleen 2.0.0 Released and Team UPC Celebrates Its Own Corruption

    Links for the day



  12. IRC Proceedings: Wednesday, May 31, 2023

    IRC logs for Wednesday, May 31, 2023



  13. Tux Machines Closing the Door on Twitter Because Twitter is Dead (for a Lot of People)

    Tux Machines recently joined millions of others who had already quit Twitter, including passive posting (fully or partly automated)



  14. Links 31/05/2023: Inkscape’s 1.3 Plans and New ARM Cortex-A55-Based Linux Chip

    Links for the day



  15. Gemini Links 31/05/2023: Personality of Software Engineers

    Links for the day



  16. Links 31/05/2023: Armbian 23.05 Release and Illegal UPC

    Links for the day



  17. IRC Proceedings: Tuesday, May 30, 2023

    IRC logs for Tuesday, May 30, 2023



  18. Gemini Protocol About to Turn 4 and It's Still Growing

    In the month of May we had zero downtime (no updates to the system or outages in the network), which means Lupa did not detect any errors such as timeouts and we’re on top of the list (the page was fixed a day or so after we wrote about it); Gemini continues to grow (chart by Botond) as we’re approaching the 4th anniversary of the protocol



  19. Links 31/05/2023: Librem Server v2, curl 8.1.2, and Kali Linux 2023.2 Release

    Links for the day



  20. Gemini Links 31/05/2023: Bayes Filter and Programming Wordle

    Links for the day



  21. [Meme] Makes No Sense for EPO (Now Connected to the EU) and Staff Pensions to be Tied to the UK After Brexit

    It seems like EPO staff is starting to have doubts about the safety of EPO pensions after Benoît Battistelli sent money to reckless gambling (EPOTIF) — a plot that’s 100% supported by António Campinos and his enablers in the Council, not to mention the European Union



  22. Working Conditions at EPO Deteriorate and Staff Inquires About Pension Rights

    Work is becoming a lot worse (not even compliant with the law!) and promises are constantly being broken, so staff is starting to chase management for answers and assurances pertaining to finances



  23. Links 30/05/2023: Orc 0.4.34 and Another Rust Crisis

    Links for the day



  24. Links 30/05/2023: Nitrux 2.8.1 and HypoPG 1.4.0

    Links for the day



  25. Gemini Links 30/05/2023: Bubble Version 3.0

    Links for the day



  26. Links 30/05/2023: LibreOffice 7.6 in Review and More Digital Restrictions (DRM) From HP

    Links for the day



  27. Gemini Links 30/05/2023: Curl Still Missing the Point?

    Links for the day



  28. IRC Proceedings: Monday, May 29, 2023

    IRC logs for Monday, May 29, 2023



  29. MS (Mark Shuttleworth) as a Microsoft Salesperson

    Canonical isn’t working for GNU/Linux or for Ubuntu; it’s working for “business partners” (WSL was all along about promoting Windows)



  30. First Speaker in Event for GNU at 40 Called for Resignation/Removal of GNU's Founder

    It’s good that the FSF prepares an event to celebrate GNU’s 40th anniversary, but readers told us that the speakers list is unsavoury, especially the first one (a key participant in the relentless campaign of defamation against the person who started both GNU and the FSF; the "FSFE" isn't even permitted to use that name)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts