Bonum Certa Men Certa

What the Media Overlooks in xz: Microsoft Staff 'Discovered' the Issue in a Microsoft Platform Just Before Easter and in Time to Distract From Exchange Blunder

posted by Roy Schestowitz on Mar 31, 2024

The more important news to watch today or this weekend: (it's still largely unresolved and it enables blackmail, political/industrial espionage, and further security breaches)

Microsoft Exchange chaos example

Microsoft Exchange chaos example

Microsoft Exchange chaos example

Microsoft Exchange chaos example

Microsoft Exchange chaos example

Microsoft Exchange chaos example

Microsoft Exchange chaos example

Microsoft Exchange chaos example

For many of the above servers, it's unequivocally a case of "too late". The E-mails (and beyond) got copied by hostile actors and the consequences remain to be seen for years to come. This can cause suicides and cost billions of euros/dollars in damages (over time).

Oh, forget about that!

Let's talk about the version of xz that's in Microsoft's GitHub.

Microsofters didn't invent a logo and a brand name for it this time around?

Well, we guess not. Or not yet.

So earlier on we made some remarks on the flaws that impacted mostly cutting-edge distros (which rush to adopt new and untested/unaudited stuff). We saw that before with OpenSSL and similarly security-sensitive packages, which distros typically adopt just months later (maturity required). We wrote some articles about it in 2021, rebutting the scare-mongering and hype/FUD. Microsofters played a big role in that FUD at the time. It happened again a year later (2022).

Now it's 2024. The facts still matter.

The media mostly credits Red Hat (regarding xz), but Red Hat was merely a respondent, and Red Hat formally complained about words like "backdoor" or logos and brand names being leveraged to hype up holes like "heartbleed" (which did not actually cause much damage, it just caused damage to the perception/image of Linux, owing to endless media hype that lasted many years).

As we explained at the time, and many times in fact, Microsofters were responsible to this hype campaign (even if the original discovery came from a Google employee).

So today it seems familiar. Why? Because the latest reports we've found make it clear that the disclosure came from Microsoft staff at a very strategic time (see screenshots above).

What Microsoft wants you not to notice (or resort to "whataboutism" when clients choose to move to GNU/Linux) is the stuff at the top.

Yes, Andres Freund works for Microsoft. It was not clear at first. He used his anarazel.de email instead of Microsoft email. Why?

What a timing to disclose his 'revelations' (a lot of this involves GitHub, not just systemd, which is led/run by Microsoft staff).

As noted above, Microsofters did the same with "heartbleed" over a decade ago. Because "Microsoft heart Linux".

So what exactly happened here? One can guess based on salient points of evidence.

Stockpiling holes for strategic times?

We debated this in length only a week ago in IRC because any time Microsoft has an epic security blunder the "Linux" news suddenly gets filled with FUD. And once again they're bombarding all "Linux" related news with alarming security-themed headlines (not so unprecedented a pattern). The Friday/Saturday news about "Linux" looked like this, and that's aside from the above. Pseudonymous reporters, who could even be on Microsoft's payroll, released some information about a hole just at the same time Microsoft had a lot of answering to do (and an emergency patch, which came far too late, as servers had already been breached, exposing perhaps trillions of emails, some of them very sensitive).

We need answers here. For instance, how long has Microsoft's Andres Freund known about this issue? Did someone give him a tip?

This man is in the business of selling Windows, not Linux, and at Microsoft security is never the objective. It is just another "product" or "add-on".

Other Recent Techrights' Posts

Linux Journal Might Have Become the Latest Slopfarm Targeting "Linux", the Trends Are Concerning for Dying News Sites
They tarnish the Web with junk and then die
On "Learning to Code"
quality may suffer, plus things get bloated
Quick Points Regarding This Week's Court Hearing
it paves the way for us to squash all the SLAPPs from Microsofters
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These
Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer
We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!
Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs
self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt
Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful
The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal
slippery slope
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025
IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!
Links for the day
Links 19/06/2025: Ghostwriting Scam and Fentanylware (TikTok) Buying Time
Links for the day
Microsoft's Windows is a Niche Operating System in Africa
African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Gemini Links 19/06/2025: Unix Primitivism, Zine Club, and Gemini Protocol Turns 6 at Midnight
Links for the day
Links 19/06/2025: WhatsApp Identified as Assassination 'Crosshairs', Patreon Now Rips Off People Even More
Links for the day
"Told You So": Another Very Large Wave of Microsoft Layoffs Now Confirmed in Mainstream Media
So we were right to believe the rumours, based on the credibility of prior such rumours
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 18, 2025
IRC logs for Wednesday, June 18, 2025
Gemini Links 18/06/2025: Magit and Farming
Links for the day
Slopwatch: BetaNews is Now a Slopfarm (Like Linuxsecurity) and Google News is Overwhelmed by Slopfarms
The Web is bad
Links 18/06/2025: SCOTUS Decision on Fentanylware (TikTok) Still Ignored, 4.5-Day Work Weeks
Links for the day
Links 17/06/2025: Windows TCO and G7 Rifts
Links for the day
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons)
I'd like to do the same thing for the next 20 years
BetaNews Appears to Have Fired All Of Its Staff
Even serial sloppers
After the Web Becomes Slopped to Death
A lot of people are rightly fed up with the "modern" Web
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
Like Most Social Control Media, Microsoft LinkedIn is Collapsing
One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients
Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure
Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That)
Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does
It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms
name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025
IRC logs for Tuesday, June 17, 2025