Bonum Certa Men Certa

Entire Nation of Estonia Was Downed by Microsoft Windows Zombies

Estonia's flag



Summary: Estonia a victim of Windows botnets, Conficker set to explode, the media distorts stories, and Microsoft fails to patch properly

GIVEN THAT almost 1 in 2 Windows PCs is a zombie, it's not exactly a surprise that nations get paralysed every now and then. This is not a "computer problem" but a "Windows problem", even if the Microsoft-influenced press neglects to mention some of these crucial details.

Some time ago we mentioned the damage caused to Estonia by Windows zombies. According to this report from Heise, kids too are empowered by the ease at which Windows can be hijacked, due to poor engineering.

Russian youth movement claims to have carried out cyber attacks on Estonia



[...]

"We taught the Estonian regime the lesson that if they act illegally, we will respond in an adequate way," boasted Goloskokov in the FT interview. They didn't do anything illegal, he said. "We just visited the various internet sites, over and over, and they stopped working." The Estonians' plight was caused by their own technological limitations in handling the traffic volume, he explained. During the attacks on the Estonian IT infrastructure two years ago, the country was largely cut off from the global internet, and domestic government and banking sites became inaccessible.


As we keep stating, Conficker is far from over and in fact it's scheduled to exacerbate. IDG has this report:

The third Conficker malware variant in infected machines is set to activate April 1, says the director of threat research at CA where the malware sample first discovered last week by Symantec is being examined.

"It's set to go off April 1, 2009 and Conficker will generate 50,000 URLS daily," says Don DeBolt, CA's director of threat research.


This is neither a joke nor a prank, despite the date.

We already know that Microsoft bothers journalists who criticise Windows for poor security. It does make a difference.

There is a bothersome pattern in media coverage where reporters/editors are somehow spinning Conficker to make Microsoft seem like the good guy, the brave cowboy (for example, see this and this). Microsoft's sloppiness is responsible for these attacks, but parts of the press portray Microsoft as the white knight, a hero that protects the unwashed crowds from a problem of its own making. The same thing happens in Facebook where Microsoft is attributed with "fighting" those evil worms, but how come no-one is asking why these worms exist in the first place? UNIX/Linux users don't have these problems.

Lastly, regarding Microsoft's patches to vulnerabilities, these turn out to be flawed too.

Recent Microsoft patch useless if previously exploited (Update 2)



[...]

Tyler Reguly, a researcher on nCircle’s VERT team, recently made a post to the company blog that reported a unique discovery. The patch issued by Microsoft on Tuesday to address Man-In-The-Middles attacks on Windows DNS and WINS (MS09-008) is flawed. The flaw is that if a system was exploited before the patch was applied, it remained exploited. The fix didn’t work.


Why won't journalist make a mention of secure platforms like GNU/Linux?

More on Conficker:

Recent Techrights' Posts

Google: We Don't Have Source Diversity, But We Have Chatbot Spew in Place of Sources (and It's Not Even Accurate)
Search engines and news search never looked this bad...
[Meme] Security is Not a Failure to Boot (or Illusion of Security Due to 'Unknown' System)
Red Hat is largely responsible for this mess
What is Secure Boot?
Security means the user feels safe and secure - i.e. confident that the machine would continue to work following a reboot or a system upgrade (or kernel upgrade)
Links 27/05/2024: Chatbots Generate Hateful Output, TPM Performance Scrutinised
Links for the day
David Heinemeier Hansson (DHH) Realises What He Should Have Decades Ago
seeing that DHH is moving away from Apple is kind of a big deal
 
Links 27/05/2024: One Month Left for ICQ, More Openwashing Highlighted
Links for the day
Gemini Links 27/05/2024: Back to GNU/Linux, Librem 5 Assessed
Links for the day
StatCounter (or statCounter) Has Mostly Recovered From a Day's Downtime (Malfunction)
Some of the material we've published based on the statCounter datasets truly annoys Microsofters
StatCounter (or statCounter) Has Been Broken for Nearly 24 Hours. Who Benefits? Microsoft.
StatCounter is broken right now and has been broken for nearly 24 hours already
Reinvigorating the Voice of GNU/Linux Users (Not Companies Whose Chiefs Don't Even Use GNU/Linux!)
Scott Ruecker has just announced his return
"Tech" in the Context of Even Bigger Issues
"Tech" (or technology) activism is important; but there's a bigger picture
A Decade of In-Depth Coverage of Corruption at the European Patent Office (EPO)
The world needs transparency and sunlight
Delayed Series About Dr. Richard Stallman
A lot of the attacks on him boil down to petty things
Hopefully Not Sunset for StatCounter
We hope that StatCounter will be back soon.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 26, 2024
IRC logs for Sunday, May 26, 2024
Links 27/05/2024: Self-Publishing, Patent Monopolies, and Armed Conflicts
Links for the day
Gemini Links 27/05/2024: Tethering Connection and PFAs
Links for the day
Imagine Canada Enabling Rapists to Harass Their (Rape) Victims
This analogy is applicable because abusers are empowered against the abused
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting My Old "Tweets"
This was basically an act of vandalism no better and no worse than UEFI restricted boot
Links 26/05/2024: Google 'Search' Morphing Into Disinformation Factory, Discussion of Maze of the Prison Industrial Complex
Links for the day
In the Pacific (Mostly Islands Around Oceania) GNU/Linux Grew a Lot
Microsoft cannot compete fairly
A Toast to Tux Machines
Food ready for the party, no photos yet...
IBM/Red Hat Failing to Meet Its WARN Obligations in NC (STATE OF NORTH CAROLINA), or Perhaps It's Constantly Delaying the Layoffs
IBM isn't named even once
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 25, 2024
IRC logs for Saturday, May 25, 2024
GNU/Linux in Greenland
The sharp increases for GNU/Linux started last summer
The Sheer Absurdity of the EPO's Career System Explained by EPO Staff
"Staff representation has previously pointed this out to management, and the career system has been the reason for several industrial actions and litigation cases initiated by SUEPO."
[Meme] Productivity Champ Nellie Simon: It Takes Me 3+ Weeks to Write 6 Paragraphs
Congrats to Nellie Simon!
It Took EPO Management 3+ Weeks to Respond to a Letter About an Urgent Problem (Defunding of EPO Staff)
The funny thing about it is that Nellie Simon expects examiners to work day and night (which is illegal) while she herself takes 3+ weeks to write a 1-page letter
Staff Union of the EPO (SUEPO) in The Hague Taking Action to Rectify Cuts to Families of Workers
they "are active in challenging this measure via the legal system"
Links 25/05/2024: Microsoft Adds More DRM (Screenshot Blocking), Another Microsoft Outage Takes Down Everything
Links for the day
Gemini Links 25/05/2024: "Bill Smugs" and OpenBSD Mirror Over Tor / I2P
Links for the day
Microsoft #1 in Gaming Layoffs, Laid Off Workers Receive Another Insult From Microsoft
Many of them never chose to work for Microsoft
In New Caledonia Windows is Now Below 30% (It Used to be Over 90%)
Microsoft's Windows absolutely collapsing and the measures are relatively stable
Forget About India's and Pakistan's Nuclear Weapons and Armament Race, They Need to Abscond Windows and Microsoft (Security Swiss Cheese)
Both countries would be wise to remove Windows as soon as possible, irrespective of the local party politics
statCounter: GNU/Linux Rose From 0.2% to Over 3% in Pakistan
GNU/Linux "proper" (i.e. not ChromeOS) has the lion's share
Red tape: farmer concerns eerily similar to Debian suicide cluster deaths
Reprinted with permission from Daniel Pocock
Galway street artists support social media concerns
Reprinted with permission from Daniel Pocock
Links 25/05/2024: Section 230 and Right of Publicity Violations by Microsoft (Which Attacks Performance Artists)
Links for the day
[Meme] No Microsoft
For fun!
Microsoft Windows Falls to New Lows in Poland
It may mean people delete Windows from relatively new PC
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: An Introduction
The campaign of coercion (or worse) started in 2021
The "D" in Debian Stands for Dictatorship That Extends to Censorship at DNS Level
Of course the registrar, which charged for domains until 2025, just went along with it
Cybersecurity and Infrastructure Security Agency (CISA) Getting Stacked by Microsoft
it lets Microsoft write policies
The Parasitic Nature of Microsoft Contracts
Stop feeding the beast
Gemini Links 25/05/2024: Emacs Windows 2000 Screenshots and Little Languages
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 24, 2024
IRC logs for Friday, May 24, 2024