06.07.15

Gemini version available ♊︎

Debunking the Idea of ‘Secure’ Windows (or Proprietary Software, by Extension)

Posted in Deception, Microsoft, Security, Windows at 4:13 am by Dr. Roy Schestowitz

“The continuous and broad peer-review enabled by publicly available source code supports software reliability and security efforts through the identification and elimination of defects that might otherwise go unrecognized by a more limited core development team.”

CIO David Wennergren, Department of Defense (October 2009)

Summary: Microsoft has a new charade, centered around lobbying hubs such as Brussels, to give non-technical people the false impression of Windows ‘security’

GIVEN the special relationship between Microsoft and the NSA (proven by NSA leaks), one might expect no sane government (or even company) to do business with Microsoft ever again. But after some show trials (e.g. in Ireland), public lobbying, and the many lies spread through corporate media (puff pieces) some actually do view Microsoft as antagonising the NSA — a nice and convenient myth if you can get yourself to believe it.

Dr. Glyn Moody wrote a response to Microsoft’s publicity stunt which tries to sell the impression that Windows and other Microsoft software do not have back doors, despite admissions to the contrary. Microsoft is pretending that Windows is secure using the 'Transparency Centre' farce. Here is some of Moody’s response to it:

The issue of back doors and the possibility that software companies have been cooperating with the NSA to undermine the security of their products has become particularly sensitive in the wake of Edward Snowden’s revelations about the surveillance activities of the NSA and GCHQ. One of the earliest leaked documents concerned the Prism programme, which apparently showed that the NSA had direct access to the systems of all the top US software and Internet companies.

On a presentation slide indicating the dates when Prism began for each “provider,” Microsoft is listed as the very first, starting in 2007. In response, Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft, denied that the NSA had “direct and unfettered access to our customer’s data.” He insisted: “Microsoft only pulls and then provides the specific data mandated by the relevant legal demand.”

Soon after the Prism story appeared, a report from Bloomberg claimed that Microsoft “provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix.” In an article published this week by The Intercept discussing criticisms of Microsoft’s BitLocker disk encryption program, the company was asked to respond to Bloomberg’s allegations from 2013. A Microsoft spokesperson said that sharing bugs was simply part of the GSP, and that “its intention is to be transparent, not to aid spy agencies in making malicious software.”

According to the original Bloomberg article, however, that’s exactly what the NSA used them for: specifically, they “allowed the U.S. to exploit vulnerabilities in software sold to foreign governments.” Asked about “instances in which Microsoft built methods to bypass its security and about backdoors generally”, the spokesperson also told The Intercept that Microsoft “doesn’t consider complying with legitimate legal requests backdoors.”

The opening of the Transparency Centre in Brussels is evidence that Microsoft is worried that some in Europe still have their doubts about whether its software can be trusted. Microsoft’s Thomlinson described the move as “the latest step … to enhance the transparency of our software code and continue building trust with governments around the world.” He also said that there needs to be “a high level of openness and cooperation between public and private sectors.”

Microsoft’s back doors in its software do not need to be built into the binaries. Microsoft can add them when it’s time to update, it can use security holes (which it tells the NSA about before they are fixed), and it uses bogus encryption — as it does — to completely beat the purpose of secure messaging or massage-passing. Moreover, nobody supervises the build process of Windows, except the NSA. There is no telling what is being compiled and how. There is no telling what happens before binaries are installed on computers (en route), where hard drives and various other hardware have back doors (as revealed by NSA leaks) that ‘hook’ onto Windows like a hand inside a glove. Proprietary software cannot be trusted, not in this ‘transparency’ sense. It might, however, be just enough to fool some non-technical people.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. Why Techrights Condones Fentanylware (TikTok) Ban and Suggests Extending Bans to Supposedly 'Good' Fentanyl

    We're going to write a lot more about why social control media/networks ought to be avoided and what can be done to eradicate this disease from civil society (it's not social; it's surveillance, propaganda and censorship)

  2. Mobile OS Market Share (as Judged by Web Access) More Than Double All Versions of Windows Combined

    With the share of Windows falling (the latest propaganda/talking point from Microsofters singles out Vista 11 to claim “growth”) it might not be long before Android and iOS alone have 3 times more in market share than Windows; Microsoft-sponsored media almost never points this out, nor does it mention that Bing fell below 3% globally (Bing also has many LAYOFFS), instead focusing on some “Bing” chatbot whose market share is negligible… and rapidly falling as people lose interest

  3. Links 02/04/2023: GNUnet 0.19.4 and Pine64/RISC-V SoC

    Links for the day

  4. Geminispace: Still Growing, Still Community-Controlled

    Almost 2.4k live (online) capsules are observed by Lupa right now (there are more, but Lupa cannot see them all), with just 31 more to go before this 2,400 milestone

  5. Microsoft Layoffs in the Buzzwords Department

    Microsoft hired or acquired (acquisition-based hiring, which enables faking growth, faking wealth when no actual money changes hands, and sometimes debt-loading) a lot of “trash” and “hype”; now it pays the price

  6. Links 01/04/2023: Bloomberg Places Stake in Free Software, Microsoft Banned and Slammed for Antitrust Abuses

    Good news

  7. Links 01/04/2023: Red Hat Turning 30

    Links for the day

  8. Links 31/03/2023: Mozilla Turns 25 and OpenMandriva 23.03

    Links for the day

  9. IRC Proceedings: Friday, March 31, 2023

    IRC logs for Friday, March 31, 2023

  10. Linus Tech (Illiteracy) Tips, LTT, Buys Phoronix Media

    Phoronix Media is being acquired by a larger company; the site will not change though

  11. Decided to Quit Debian and Use WSL Instead (Best of Both Worlds)

    Today starts a journey to a “better” experience, which lets Microsoft audit the kernel and leverage telemetry to improve my Debian experience

  12. Microsoft Has Laid Off Lennart Poettering and Hired Elon Musk

    Poettering gets rehired by IBM; IBM and Microsoft announce merger, putting Poettering back into his former position

  13. Links 31/03/2023: Ruby 3.2.2 and Linux Lite 6.4

    Links for the day

  14. Links 31/03/2023: Devices and Games, Mostly Leftovers

    Links for the day

  15. IRC Proceedings: Thursday, March 30, 2023

    IRC logs for Thursday, March 30, 2023

  16. Links 31/03/2023: Ubuntu 23.04 Beta, Donald Trump Indicted, and Finland’s NATO Bid Progresses

    Links for the day

  17. Translating the Lies of António Campinos (EPO)

    António Campinos has read a lousy script full of holes and some of the more notorious EPO talking points; we respond below

  18. [Meme] Too Many Fake European Patents? So Start Fake European Courts for Patents.

    António Campinos, who sent EPO money to Belarus, insists that the EPO is doing well; nothing could be further from the truth and EPO corruption is actively threatening the EU (or its legitimacy)

  19. Thomas Magenheim-Hörmann in RedaktionsNetzwerk Deutschland About Declining Quality and Declining Validity of European Patents (for EPO and Illegal Kangaroo Courts)

    Companies are not celebrating the “production line” culture fostered by EPO management, which is neither qualified for the job nor wants to adhere to the law (it's intentionally inflating a bubble)

  20. Links 30/03/2023: HowTos and Political News

    Links for the day

  21. Links 30/03/2023: LibreOffice 7.5.2 and Linux 6.2.9

    Links for the day

  22. Links 30/03/2023: WordPress 6.2 “Dolphy” and OpenMandriva ROME 23.03

    Links for the day

  23. Sirius is Britain’s Most Respected and Best Established Open Source Business, According to Sirius Itself, So Why Defraud the Staff?

    Following today's part about the crimes of Sirius ‘Open Source’ another video seemed to be well overdue (those installments used to be daily); the video above explains to relevance to Techrights and how workers feel about being cheated by a company that presents itself as “Open Source” even to some of the highest and most prestigious public institutions in the UK

  24. IRC Proceedings: Wednesday, March 29, 2023

    IRC logs for Wednesday, March 29, 2023

  25. [Meme] Waiting for Standard Life to Deal With Pension Fraud

    The crimes of Sirius ‘Open Source’ were concealed with the authoritative name of Standard Life, combined with official papers from Standard Life itself; why does Standard Life drag its heels when questioned about this matter since the start of this year?

  26. Former Staff of Sirius Open Source Responds to Revelations About the Company's Crimes

    Crimes committed by the company that I left months ago are coming to light; today we share some reactions from other former staff (without naming anybody)

  27. Among Users in the World's Largest Population, Microsoft is the 1%

    A sobering look at India shows that Microsoft lost control of the country (Windows slipped to 16% market share while GNU/Linux grew a lot; Bing is minuscule; Edge fell to 1.01% and now approaches “decimal point” territories)

  28. In One City Alone Microsoft Fired Almost 3,000 Workers This Year (We're Still in March)

    You can tell a company isn’t doing well when amid mass layoffs it pays endless money to the media — not to actual workers — in order for this media to go crazy over buzzwords, chaffbots, and other vapourware (as if the company is a market leader and has a future for shareholders to look forward to, even if claims are exaggerated and there’s no business model)

  29. Links 29/03/2023: InfluxDB FDW 2.0.0 and Erosion of Human Rights

    Links for the day

  30. Links 29/03/2023: Parted 3.5.28 and Blender 3.5

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts