Bonum Certa Men Certa

Microsoft Adopts Malware Techniques to Advance .NET

LAST MONTH we very briefly mentioned what Apple had done to Mozilla/Firefox. It not only pretended that Firefox would die but it also used dirty techniques to push its non-Free software through the update mechanism for iTunes. This got Apple a lot of bad press and it relented.



Microsoft is not only doing the same thing. It's doing something far more cheeky. It's not only pushing unwanted (uncalled for) software into people's desktops but it also injects that into a Free software competitor, namely Firefox, and to an extent also using its update mechanism to install Microsoft software that's an impediment to cross-platform. Slashdot has a decent short overview of this widely-reported new situation.

While doing a weekly scrub of my Windows systems, which includes checking for driver updates and running virus scans, I found Firefox notifying me of a new add-on. It's labelled 'Microsoft .NET Framework Assistant,' and it 'Adds ClickOnce support and the ability to report installed .NET versions to the web server.' The add-on could not be uninstalled in the usual way. A little Net searching turned up a number of sites offering advice on getting rid of the unrequested add-on.


This not only violates trust and fairness; it's also a serious breach that can harm security. Speaking of which, Conficker keeps getting worse and worse, but the press hardly covers it anymore [1, 2].

The Microsoft RPC worm, known by many as Conficker/Downadup, has multiplied across corporate networks infecting an estimated 10 million machines. Though the damage has been minimal, the worst is yet to come, said researchers.


Conficker may have already killed people and now comes a formal report labeling this a "substantive failure."

A worm attack that forced three London hospitals to shut down their computer networks late last year was entirely avoidable and represented a major failing by the organizations' IT staff, according to an independent review of the incident.


Where life and death are at stake 24 hours a day, look what has happened because of Microsoft Windows viruses.

The PCs at St. Bartholomew's, the Royal London Hospital and The London Chest Hospital were infected with Mytob, a mass-mailing worm also known as MyDoom. Emergency patients were temporarily diverted to other facilities, but officials said no personal data was lost.


This is not a joke, right? According to the report, "officials said no personal data was lost." Were lives lost? Where is the liability when people die? How can this damage be measured?

Here is another new report: Data theft 'cost a trillion US dollars'

INSECURITY outfit McAfee has told the World Economic Forum that data theft cost the world a trillion US dollars and if more work was not done to buy its products the figure could get worse.


Well, it figures. When almost 1 in 2 Windows PCs is a zombie, then the notion of "data theft" is like the notion of possession theft in a city where only half the buildings have doors.

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Open gate
In a world without windows and gates, who
needs to worry about breaches?



Comments

Recent Techrights' Posts

Microsoft Bankruptcy
"Microsoft unit in Russia to file for bankruptcy, database shows"
Techrights Does Not Compete With LLM Slop, It Exposes the Bastards, Plagiarists and Scammers Who Do That
People like Scam Altman, still facing a lawsuit from his own sister for sexual abuse against her
 
Links 01/06/2025: Windows TCO, Openwashing, "It's FOSS" Still Promoting Microsoft
Links for the day
Gemini Links 01/06/2025: Simplification and Networks Everywhere
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 31, 2025
IRC logs for Saturday, May 31, 2025
Google Bribes EFF. EFF Promotes LLM Slop as 'Fair Use'. To GAFAM It's a Low-Cost Lobby Hedge.
So the bribes pay off ("slush fund") and the word spreads
Slopwatch: Fake Text and Images, Financial Bubbles, and Scams in "Intelligent" Clothing
Sometimes what they mean by "AI" is just cheap labour somewhere else, as we discussed in IRC a few hours ago
Why Microsoft is Collapsing (Similar to What's Happening at IBM), As Insiders See It
IBM seems like one heck of a mess
Reliable Computing Means Free (Libre) Computing
Sites that want to promote security ought to deal with the biggest issues
Links 31/05/2025: US Court Orders Sides With RFE/RL, War Updates From Ukraine
Links for the day
Gemini Links 31/05/2025: ARM Server and power_supply Subsystem
Links for the day
Links 31/05/2025: Slop Stigmatised as Disinformation, Catalyst/Driver of "Death of Communication"
Links for the day
Common Sense 101: Do Not Write Blog Posts Saying You Want to Murder Colleagues (or Yourself)
Only crazy people would think stabbings are a joke
Links 31/05/2025: Microsoft-Connected Builder.ai is a Fraud and US is Purging Students Based on Race/Nationality
Links for the day
Gemini Links 30/05/2025: Limmat, Doomscrollers, and Arguments Parsing
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 30, 2025
IRC logs for Friday, May 30, 2025
The "AI" (Slop) Bubble Already Popped, But It's Not an Overnight Collapse
where Microsoft put its money
No More Steven Astorino at IBM, Chatter About Weekly/Nonstop Layoffs at IBM
What happened? Good luck guessing.
Looking at Corruption in Europe, Going Beyond the EPO
Expect a new series to kick off very soon
Slopwatch: Security SPAM and LLM Slop for SEO and FUD Purposes, Perpetually Tarnishing the Perception of Linux and (Open)SSH Security
A lot of this Fear, Uncertainty, Doubt (FUD) comes from Microsoft and its LLMs
Links 30/05/2025: Google's LLM Slop Pushers Are Killing Journalism and Shira Perlmutter Fails to Stop Bribed Regime From Legalising Plagiarism (in "AI" Clothing)
Links for the day
Links 30/05/2025: Offline Arts and "Threshold of Patience"
Links for the day
Signing Off Serious Lies With a Statement of Truth is No Joking Matter
It's not hard to see what's happening here
Links 30/05/2025: LLM Slop Already Ingests and Vomits Its Own Garbage, Facebook Exec Admits Copyrights a Concern Too
Links for the day
Mass Layoffs at Microsoft Result in More Whistleblowers From Microsoft
Microsoft's predatory pricing is further
Slopwatch: Planet Ubuntu Became LLM Slop and Some People Fail to See the Immorality of Plagiarism
it lessens the incentive for people to publish real articles
EPO Poll: 68% Dissatisfied With Quality of Slop (Wrongly Framed as "AI") for Patent Classification
Slop does not work, it's just falsely advertised with extra hype (funded by slop pushers that sponsor the major media)
Big Crowds Gather to Learn About Software Freedom From the Man Who Started GNU/Linux in 1983
"It was a great success"
Microsoft Layoffs Again in Bay Area
Microsoft relies on people's false belief that being "in LinkedIn" will get you a job; well, seems like even working inside LinkedIn really sucks and you lose the job
Gemini Links 30/05/2025: Fighting Against the Bad News, and Slop is Dehumanisation Disguised as "Intelligence"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 29, 2025
IRC logs for Thursday, May 29, 2025