Bonum Certa Men Certa

The Cost -- and Cause -- for Security Failure, Data Breaches

Windows Vista is not a secure operating system and Vista 7 is the same. The ramifications can be very serious and no level of censorship can hide it. According to this report from the Identity Theft Resource Center, the leaking of sensitive data is rising sharply due to inappropriate means of securing it.



More than 35 million data records were breached in 2008 in the U.S., a figure that underscores continuing difficulties in securing information, according to the Identity Theft Resource Center (ITRC).


Each and every one of us pays for the damage, as costs are collective and our data is centralised not only on our personal computers*. Even our medical records can be compromised.

“Each and every one of us pays for the damage, as costs are collective and our data is centralised not only on our personal computers.”What is responsible for this and who is to blame? Well, based on empirical evidence, it's Microsoft that has failed. It failed not because it's an impossible task to secure software but because, as the manager of Windows said a few years ago, "our products just aren't engineered for security."

Let's consider GNU/Linux for a second. The platform runs in an environment that's highly connected; it runs on a very large number of boxes endlessly. In September 2008, said Steve Ballmer: “Forty percent of servers run Windows, 60 percent run Linux..."**

If GNU/Linux was not secure, wouldn't many of the Web servers out there be compromised? Evidently, they rarely do. Software that's installed on them with uploaders is a vector of weakness, but that too has not caused much harm.

On the other hand we have Windows, which is once again under a worm attack, according to this new report.

Business systems are being attacked by a worm exploiting a known Microsoft vulnerability, IT security experts have warned.


Sam Varghese, a GNU/Linux user, wrote about "worms, worms, worms" a few days ago. Security troubles under Windows have more of his computers migrated to GNU/Linux right now.

It would have been good to have some equivalent of Delilah on Windows to negate the role of this browser, but, sadly there is none. There are some third-party applications like XPlite , developed by Australian Shane Brooks, which do remove most of IE but then which browser do you use to update Windows? Only IE supports ActiveX.

You can, of course, move from XP to Vista where the updates are done through the control panel but that would be the equivalent of offering a man a choice between arsenic and cyanide for breakfast.


Sam mentions ActiveX, which was probably designed and implemented for anti-competitive reasons (making Web sites operating system-dependent), despite it's obvious dangers. As Bill Gates put it on numerous occasions, they needed to leverage standards-hostile extensions. In this one E-mail [PDF] he wrote: "Another suggestion In this mail was that we can’t make our own unilateral extensions to HTML I was going to say this was wrong and correct this also."

Where do Windows users end up because of this? Well, merely visiting a Web site can be dangerous because it gives the site great control over the entire operating system (access to local files even). At the moment, there are reports about Windows-only features in LinkedIn... malicious 'features'

[T]he sort of social media trouble quotient appears to have risen a bit as fake LinkedIn profiles are trying to send users towards malware.


We all reap what they sow.

"In one piece of mail people were suggesting that Office had to work equally well with all browsers and that we shouldn’t force Office users to use our browser. This Is wrong and I wanted to correct this."

--Bill Gates [PDF]



XHTML
Hostility towards (X)HTML came from the top



___ * Where else are they centralised? Well, a lot of people don't know where or how their medical records are kept or how susceptible those records might be to data theft. Are medical records kept only on private networks? or are they reachable by the outside world (Chinese or Russian crackers, for example). Ordinary people pay more attention once they realise exactly how this situation can cause them harm in a very personal way.

** This is an important point, and it should probably be made even stronger. If GNU/Linux was not more secure, wouldn't its 60 percent of the Web servers be compromised at least as often as Windows 40 percent? Yet evidence shows that they rarely are.

Comments

Recent Techrights' Posts

Microsoft's Chatbot Strategy Resulted in Massive Losses, So Now It's Trying to Reinvent Itself as 'Hardware Company' (Once Again, Years After XBox, KIN, Windows Phone and Surface Failed Miserably)
revenues associated with Windows has fallen sharply
This Week's Letter to António Campinos About Mean-Spirited Line Managers at the European Patent Office (EPO)
Seems like a way to get rid of staff. Some will resign in anger.
 
IRC Proceedings: Thursday, February 22, 2024
IRC logs for Thursday, February 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Meme] It's NOT Your PC
losing control of hardware
Gemini Links 22/02/2024: Removing Radio Ads and Being Seen on the Internet
Links for the day
Mark Shuttleworth and the Question of Liability (Debian Volunteers He Pressured Before the Suicides)
Humanity for me
Mark Shuttleworth's (MS) Canonical Running Microsoft (MS) Ads, Mischaracterising Mass Surveillance as 'Confidential' (the Usual Lie)
The money talks, so the facts are absent
Ads as 'Articles'
Money buys perception manipulation (or reputation laundering) campaigns
Abraham Raji & Debian, DebConf kayak death: search abandoned, evading liability
Reprinted with permission from Daniel Pocock
Links 22/02/2024: Chatbots Failing 'Big Time' and More Condemnations Appear of Bill Gates
Links for the day
There May be Close to 100,000,000 Laptops and Desktops Running GNU/Linux Around the World in 2024
hard to track the number
Search Engine Market Share Worldwide Shows How Badly Microsoft's Chatbot Strategy (Hopes) and Vapourware Have Failed
Bing, which was marketed as the forefront "product" for chatbots (Microsoft paid the media a lot of money for hype campaigns), gained nothing at Google's expense
[Meme] Demoralising and Putting Down Your Staff
unproductive and dangerous approach
Software in the Public Interest (SPI) & Debian obfuscated structure fooled suicide victim's family: the ultimate example of bad faith
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 21, 2024
IRC logs for Wednesday, February 21, 2024
Gemini Links 22/02/2024: What We Pass On and HTTP Header Viewer
Links for the day
Manuel Estrada Sainz (ranty), Andres Garcia (ErConde) & Debian Deaths overworking
Reprinted with permission from Daniel Pocock
GNU/Linux Rising to 8% of Desktops/Laptops in Jordan?
what statCounter shows
[Meme] If Iraq Launches an Investigation Into How Microsoft Bought OpenAI Without Paying for It
fake "money" from Microsoft
Windows Has Fallen to 13% Market Share in Iraq (It was 100% Just 15 Years Ago), GNU/Linux Rose Sharply in Recent Years
In recent years Iraq was developing its own GNU/Linux distro
Springtime is Next, Here's What We Plan for March and April
This month and next month we expect to publish something unique about EPO abuses every day
Studying the Freedom of firefox-123.0.tar.bz2
The "F" in Firefox
Abraham Raji, Jens Schmalzing & debian-private cover-ups after deaths, accidents, suicides
Reprinted with permission from Daniel Pocock
Microsoft Bribes, Keeping Regulators at Bay
crime and corruption
[Meme] The Quotas Came From Above
EPO targets
EPO Talent Planning & Architecture is Another Attack on EPO Staff and the Central Staff Committee (CSC) Explains Why
ignore the flowery words
[Meme] Just Following Orders From "The Fu**ing President" António Campinos
Salary? OBEY!
Links 21/02/2024: China Working on West-less Tech Future, More Bounties on Patent Troll Leigh M. Rothschild (Which IBM et al Failed to Dismantle at the Root)
Links for the day
Links 21/02/2024: Encryption Backdoors Deemed Not Legal, Decentralised Web Under Attack
Links for the day
Games:Steam Audio as Free Software, Hazard Pay, ChipWits, and More
7 stories for today
Julian Assange, Wikileaks & Debian-private
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 20, 2024
IRC logs for Tuesday, February 20, 2024
Links 21/02/2024: Microsoft Sued for Monopolistic Policies, More Layoffs Planned for Next Month
Links for the day