Bonum Certa Men Certa

Eye on Microsoft: Security Synopsis

My keys



Summary: Failures and cover-ups (sponsored by Microsoft)

Security is a process

I often point out that Windows is insecure. It's so insecure, in fact, that I, in all seriousness, propose that ISPs (Internet Service Providers) should start forcing users to secure Windows-since neither users or Microsoft will do the job, Windows PCs should be banned from the Internet. That said, nothing, and I mean nothing is really secure.

[...]

It doesn't work that way. Security is a process, it's not a product. Some systems are more secure than others. Linux, as anyone who pays any attention to security news knows, is a lot more secure than Windows. If we were talking cars, Linux would be an Audi A4, the Mac, BMW 330 and Windows would be a mid-70s Ford "Hit here to blow up" Pinto.


Microsoft: 2 year response to critical 0-day hole (Vista 7 too is suffering from the same symptoms)

It turns out Microsoft has known about the critical security vulnerability in its Office Web Components (OWC), which was fixed last patch day, for more than two years. Only since it has been actively exploited has the behemoth sprung into life and, within a month, released a patch.


Microsoft IE 8 shines in Web browser security test (emphasis in red is ours)

Microsoft's Internet Explorer 8 rated tops among five browsers tested by NSS Labs for effectiveness in protecting against malware and phishing attacks—though NSS Labs acknowledges Microsoft paid for the tests.


Virus arms race primes malware numbers surge

The amount of catalogued malware by Panda was 18 million in the 20 years from the firm's foundation until the end of 2008. This figure increased 60 per cent in just seven months to reach 30 million by 31 July 2009.


Twitter briefly knocked offline by hackers (again) (Microsoft Windows is a culprit [1, 2, 3, 4, 5, 6])

Twitter suffered from yet more security jitters on Tuesday night, after another attack left the site briefly unavailable.


Aussie arrested in botnet allegation (74,000 down, ~319,926,000 to go)

Inspector Blue Knacker of the Adelaide Yard claims that the 20 year old is also suspected of having developed software capable of launching virus attacks on 74,000 computers worldwide.


[Microsoft Wordpad is Vulnerable, Exploit Available]

Recent Techrights' Posts

This is Not a Sustainable Way to Run Microsoft
This is a downward spiral
[Meme] From Checked by Three Examiners to Gone (Granted) in 3 Seconds!
twice as many monopolies with 10% less staff
EPO Staff Representatives Explain the Latest Corruption at the EPO in a New Paper
Owing to corrupt management the EPO has resorted to corporate crime or organised crime designed to benefit large corporations. Who will pay the price? Everybody else in Europe.
 
Wine Took the Bait (Mono), Soon Starts the Microsoft Circus With the Banhammer
large companies are exercising more control over the thing/s they claim to "donate" to
Links 14/09/2024: Science, War, and Politics
Links for the day
Transcript (and Correction) of Dirk Hohndel's Interview With Linus Torvalds in 2014
A lot of things have deteriorated since then
Microsoft Asia President Ahmed Mazhari Leaves the Company
Even everything they say about Mazhari is just "prepared" quotes from Microsoft itself
Contrary to What Microsoft Claims, Teams Were Cut Yesterday, XBox Sales Have Collapsed, Layoffs Announced at 3AM (in the Morning)
There is actually a lot of media coverage about this, unlike prior waves of layoffs at Microsoft
Last Month Dr. Richard M. Stallman (RMS) Explained Why You Should Delete GitHub
RMS explained why
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 13, 2024
IRC logs for Friday, September 13, 2024
Gemini Links 14/09/2024: LoRa, ROOPHLOCH, and Crafting a Programming Language
Links for the day
[Video] Why Hurd and MINIX (or BSD) Didn't Get Ahead of Linux?
We've converted the video into WebM to make it more accessible
Dr. Richard M. Stallman (RMS) Explains That a Free/Libre Program Running on Somebody Else's Server (e.g. Clown Computing) Leads to Freedom Deficit
"when you are doing your computing you must not entrust that to somebody else's server because users including you should have control over their own computing but you can never have control over what somebody else's server does because somebody else installs software in that computer and configures it and thus decides what computing it is going to do."
ircII Has Turned 35
Don't listen to people who say IRC is "dead"
[Meme] Code of Conduct in WINE
irritate productive developers...
Number of Gemini Capsules Rising Closer to 4,100, Certificate Authority "Let's Encrypt" Down to 1.1%
Some time soon the Certificate Authority "Let's Encrypt" will probably fall below 1%
Richard M. Stallman Explains Why the Web Becoming a Pile of Proprietary JavaScript Programs (Not Pages to Render) Does Harm to Web Users
"The web was designed to let users control how that data would be rendered but businesses didn't like that."
Links 13/09/2024: Crackdowns on Bloggers, Deepfakes, Internet Archive‘s Wayback Machine Now in Google Search
Links for the day
RedMonk: September the Month of the Mouth of Redmond (Still)
the usual storyline, i.e. what's not controlled by Microsoft's proprietary GitHub simply does not exist
Links 13/09/2024: Disinformation in Focus, End of Presidential Debates (Trump Accepts It Hurts Him)
Links for the day
Mono as a Double-Purpose Trojan Horse Inside Wine
And now they can oust founders and top contributor with a CoC
This is How Bad Things Have Become at Microsoft
We're seeing nearly 80 reports in English about those layoffs
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 12, 2024
IRC logs for Thursday, September 12, 2024
Links 13/09/2024: Recorded Future Bought by MasterCard, Bits of Freedom Turns 25
Links for the day
Gemini Links 13/09/2024: Towards Aristocratic Personal Computing, Technology and Privac
Links for the day
Once Again, Mass Layoffs at Microsoft (Just Like Every Month This Year)
Reporting and articles trickling in (in recent hours)
Rumour: Layoffs in IBM Consulting Today
IBM has had many layoffs lately
Microsoft Has Infiltrated the OSI and Its Moles (Whom It Pays to Speak 'for' OSI) Control the Narrative
This is utterly grotesque
Saudi Arabia and Its Footprint in X/Twitter
a massive proportion of pro-ISIS accounts in Twitter were operated from Saudi Arabia or by Saudi Arabians
Links 12/09/2024: Apple Owes a Lot of Money, Repressions and Censorship of Activists Noted
Links for the day
Anniversaries Coming Up
Probably the funnest year of our lives, and definitely the most productive
In Europe, Vista 11 Grew Only 3% (Relative to Other Windows Versions) This Year
That's a huge problem for Microsoft
Google's YouTube Censorship Has Gotten a Lot Worse and Anti-scientific (for Commercial Reasons)
By today's standards, YouTube is not something RMS can (or would) use
Google Appears to Have Broken Every Single Instance of Invidious. It's a Wake-up Call, Please Stop Uploading Videos to YouTube.
Including videos of Free software events
[Meme] Video Uploads Improved
The tools are all in our self-hosted Git repository and the licence is, as usual, AGPLv3
Apple Event as Fine Example of the "IT" Circus
It's not clear if the enemy of Free software is a company like Apple is simply public ignorance that Apple keeps fostering
Imposters Inheriting Institutions
Dealing with the "imposter syndrome"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 11, 2024
IRC logs for Wednesday, September 11, 2024
Gemini Links 12/09/2024: Clean Island and VCFMW19
Links for the day