Bonum Certa Men Certa

Microsoft Adopts Malware Techniques to Advance .NET

LAST MONTH we very briefly mentioned what Apple had done to Mozilla/Firefox. It not only pretended that Firefox would die but it also used dirty techniques to push its non-Free software through the update mechanism for iTunes. This got Apple a lot of bad press and it relented.



Microsoft is not only doing the same thing. It's doing something far more cheeky. It's not only pushing unwanted (uncalled for) software into people's desktops but it also injects that into a Free software competitor, namely Firefox, and to an extent also using its update mechanism to install Microsoft software that's an impediment to cross-platform. Slashdot has a decent short overview of this widely-reported new situation.

While doing a weekly scrub of my Windows systems, which includes checking for driver updates and running virus scans, I found Firefox notifying me of a new add-on. It's labelled 'Microsoft .NET Framework Assistant,' and it 'Adds ClickOnce support and the ability to report installed .NET versions to the web server.' The add-on could not be uninstalled in the usual way. A little Net searching turned up a number of sites offering advice on getting rid of the unrequested add-on.


This not only violates trust and fairness; it's also a serious breach that can harm security. Speaking of which, Conficker keeps getting worse and worse, but the press hardly covers it anymore [1, 2].

The Microsoft RPC worm, known by many as Conficker/Downadup, has multiplied across corporate networks infecting an estimated 10 million machines. Though the damage has been minimal, the worst is yet to come, said researchers.


Conficker may have already killed people and now comes a formal report labeling this a "substantive failure."

A worm attack that forced three London hospitals to shut down their computer networks late last year was entirely avoidable and represented a major failing by the organizations' IT staff, according to an independent review of the incident.


Where life and death are at stake 24 hours a day, look what has happened because of Microsoft Windows viruses.

The PCs at St. Bartholomew's, the Royal London Hospital and The London Chest Hospital were infected with Mytob, a mass-mailing worm also known as MyDoom. Emergency patients were temporarily diverted to other facilities, but officials said no personal data was lost.


This is not a joke, right? According to the report, "officials said no personal data was lost." Were lives lost? Where is the liability when people die? How can this damage be measured?

Here is another new report: Data theft 'cost a trillion US dollars'

INSECURITY outfit McAfee has told the World Economic Forum that data theft cost the world a trillion US dollars and if more work was not done to buy its products the figure could get worse.


Well, it figures. When almost 1 in 2 Windows PCs is a zombie, then the notion of "data theft" is like the notion of possession theft in a city where only half the buildings have doors.

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Open gate
In a world without windows and gates, who
needs to worry about breaches?



Comments

Recent Techrights' Posts

Someone Expiring Certificates on the Day of the 9/11 Attacks is Not Someone I Would Want Controlling My PC (or Deciding What's Authorised for Booting)
"social justice warriors"
More Microsoft-Red Hat Cross-Pollination as the Company Loses a Managing Director
some people move from Microsoft to Red Hat and some do the opposite
 
The Complaint About Brett Wilson LLP - Part II - UK SLAPPs for Americans, SLAPPs for Profit
Brett Wilson LLP has a track record of this kind
Cloudflare Gives Us All Another Reason to Boycott Cloudflare
If Cloudflare wants to use its vast surveillance network (which is what it does as a CDN) to foist paywalls and maybe something worse (like DRM on top), then Cloudflare should be more widely rejected as a company
Links 24/09/2025: "NASA Moving Out of Entire Buildings as It's Gutted" and Purge of Online Critics (Opposing Fascism Becomes Unlawful)
Links for the day
Science is Under Attack
Oligarchy prefers a dumbed-down population
The Solicitors Regulation Authority (SRA) Has Reportedly Failed People With Wrong Advice
At the moment the SRA has a PR blunder
The Man Suing Brett Wilson LLP and Gervase de Wilde (5RB)
Now he's probably using the (almost) 200,000 pounds he's supposed to receive to sue Brett Wilson LLP and former colleagues/partners
Slopwatch: A World Wide Web That's Rotting for Companies That Won't Even Exist in a Few Years
some of the junk Google News is promoting
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 23, 2025
IRC logs for Tuesday, September 23, 2025
Links 24/09/2025: Qt Creator 18 Beta, Microsoft Cannot Bail Out "ChatGPT" Anymore, China and US Intensify Censorship
Links for the day
Gemini Links 24/09/2025: Gemlogs and Politics
Links for the day
Links 23/09/2025: Japan Limits Uses of Skinnerboxes ('Smartphones') With Toxic "Apps", Fentanylware (TikTok) Tapped by "MAGAts"
Links for the day
Brett Wilson LLP Has Just Been Sued (by Their Own Clients!)
Vladimir and Alla Yanpolsky sued Brett Wilson LLP in BL-2025-001167 at the end of last week
Mayday: Optus emergency calling crisis
Reprinted with permission from Daniel Pocock
Links 23/09/2025: Massive Data Breach, Slop Versus Productivity, and Vista 11 Update Breaks Things Again
Links for the day
Code of Censorship
Extortion is peace
The Free Software Foundation (FSF) Has Un-cancelled the Best People, Just in Time for the Big 4-0
Mr. Oliva should have been there all along (since 2019)
Most "Modern" Technology Makes You Slower and Dumber
Because proprietary software makes you worse off
"What Comes After Free Software?" Wrongly Insinuates We've Reached the Goal (Prison is Not the Goal)
The oil tycoons use similar tactics against environmentalists, giving them fake "wins"
Making More Work Space
I learned the hard way that less is more in circumstances where more means distraction
MAHA is a Lie, Public Officials Never Valued Citizens' Health (They Still Value Private Businesses, Their Sponsors)
Reject demagogues
Free Software Foundation (FSF) Has a New Press Kit for the Weekend After Next Weekend (40th Anniversary)
miles better than social [sic] media [sic] quips, moderated by narcissists and oil tycoons.
Microsoft Had Two Waves of Mass Layoffs This Month (That We Know of) and It'll Get Worse for Microsoft Soon
Will the axe fall again by month's end?
Gemini Links 23/09/2025: Happy Equinox, Photronic Arts, and Perception Cognition
Links for the day
Lessons We've Learned After 17 Years of American Hosting
GAFAM is "all-in" with the "Trump agenda"
Back to Normal Now, We Plan to Do More In-Depth Series (or Multi-part Stories)
Articles (or series thereof) that contain philosophy are important to us
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 22, 2025
IRC logs for Monday, September 22, 2025
Microsoft Media is Panicking Amid Mass Layoffs Every Month, H-1B Fees, and "Seattle’s Tech Scene in Trouble"
In "late stage Microsoft", copyleft becomes proprietary
The Next Wave of IBM/Red Hat Layoffs Being Discussed Already
Red Hat is sort of disappearing the way Tivoli did
New Techrights Turns 2
Today starts the third year of the SSG-based Techrights
What Scares Them the Most is Independent News Sites That They Cannot Control and Censor
Wikileaks was a good example of this
If You Don't Control Your Online Platform, Then Someone Else is Controlling You
be (or become) independent
Oracle Started This Year With Slop. Then It Stopped.
Passing fads are like this
Distros That Run on PCs Made 20 Years Ago and Don't Use Systemd
Betas for now
The Solicitors Regulation Authority (SRA) Has a Policy on Racism and Sexism
In then future we'll show the misogyny and racial slurs
The Complaint About Brett Wilson LLP - Part I - Abusing British Women on Behalf of American Men Who Abuse American Women
Transparency is important to us, so we've decided to make this series
Slopwatch: Google News and the Evident Slopfarm Infestation
This is what people get about Linux when they query Google for Linux
Links 22/09/2025: Murdochs Might Join Fentanylware (TikTok) 'Investors' (Masters), United Kingdom Recognises Palestinian Statehood
Links for the day
Gemini Links 22/09/2025: Esperanto Music History and Apps For Android
Links for the day
Links 22/09/2025: More American 'Censorship' (Retaliation for Journalism), Cheeto "Might Be Losing His Race Against Time"
Links for the day
The Blob Slop
Give me more words, give me some text
The 50-Pound Note Experiment and the "War on Cash"
Britain is actually seeing a rebound in cash payments, and it's not a temporary phenomenon
Slopwatch: Blaming the Victims for Microsoft's Failures and Plagiarising Phoronix
That's what Google has been reduced to: slop and slopfarms
Links 22/09/2025: Breaches, Windows TCO, and Arrests
Links for the day
Gemini Links 22/09/2025: Rabbit Hole and DeGoogling Fairphone
Links for the day
Links 22/09/2025: Russian War Planes Invade NATO Airspace While Dihydroxyacetone Man Escalates Attack on Free Speech Because of Critics
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 21, 2025
IRC logs for Sunday, September 21, 2025