Eye on Microsoft: Windows Security News

Dr. Roy Schestowitz

2009-08-25 23:58:08 UTC
Modified: 2009-08-25 23:58:08 UTC

Summary: Another day, another expected problem

● Why Windows security is awful

A friend of mine suggested that I should include as boilerplate in my security stories, a line like: "Of course, if you were running desktop Linux or using a Mac, you wouldn't have this problem." She's got a point. Windows is now, always has been, and always will be insecure. Here's why.

First, desktop Windows stands firmly on a foundation as a stand-alone PC operating system. It was never, ever meant to work in a networked world. So, security holes that existed back in the day of Windows for Workgroups, 1991, are still with us today in 2009 and Windows 7.

[...]

It also doesn't help any that Microsoft's data formats can be used to hold active programming code. Microsoft Office formats are commonly used to transmit malware. Microsoft's latest Office 2010 tries to deal with this by blocking all but read access to documents or 'sandboxing' them.. Since you can't edit a sandboxed document, I'm sure that's going to go over really well. Of course, what will actually happen is that users won't use the sandbox utility, and they'll just spread malware instead.

● 55,000 Web sites hacked to serve up malware cocktail

Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.

Law Firms Facing the Consequences for Patently Abusive Litigation on Behalf of Microsoft Employees Who Got Arrested for Strangulation and Had Done Even Worse Things: Having spent 1.5 years bullying me with patronising letters on behalf of Microsofters, last week they got served a massive bill and, in effect, lost the Hearing
LLMs Breaking Everything: Computing and the Net became a playground for scammers and "bros", like people who "invented" fake currencies and also try to tell us that LLMs spewing out things will have some real value
1989: Free Software as "Open" Software (OSI Didn't Coin "Open Source", It Also Predates Linux): "One man's fight for Free software"
The FSF Board and FSF Beard: So the FSF's Board has grown
New Report From the EPO's Staff Representatives in The Hague (LSCTH) Reveals Many Unsolved Issues: Local Staff Committee The Hague (LSCTH) wrote to staff just before the weekend
Links 22/06/2025: More Slop Lawsuits (Copyrights) and "America’s Oligarch Problem": Links for the day
Gemini Links 22/06/2025: Gigantic Toolchest and Annoying Bots: Links for the day
The Calling: Persist and persevere, justice will come your way
So Far Every BetaNews 'Article' is LLM Slop, So BetaNews is Officially Just a Slopfarm: They just don't seem to value what they have
IBM Rumour: Mass Layoffs (RAs) Lists Being Made for Consulting, With Effect in July 2025: Bogus companies with no viable products and no world-leading (in their field) staff are doomed to perish
Links 21/06/2025: Data Breach With 16 Billion Passwords, Dutch Government Recommends Children Under 15 Stay off TikTok and Instagram: Links for the day
Gemini Links 21/06/2025: Notes about Typst (and LaTeX) and Opos: Links for the day
Microsoft's Competition Tactics: Sabotage GNU/Linux Installs, Block Chrome: Edge is dying
The Microsoft OOXML Modus Operandi: Throw 1,000 Pages of Other People's Work for a Judge to Read Ahead of a One-Hour Meeting: No time to discuss this - that's the point
Formalities Officers (FOs) at the EPO Are in Trouble, Reveals Internal Report: We already know, based on an HR pattern we saw at IBM and elsewhere, that reallocating roles can be prerequisite for dismissal and those who do so expect many to resign anyway
The Web is Slop and FUD, Let's Go to Gemini Protocol: Lupa sees self-signed capsules at 92.4%
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, June 20, 2025: IRC logs for Friday, June 20, 2025
Links 21/06/2025: Phone Bans for Concerts, Tensions in Taiwan Strait: Links for the day
Gemini Links 21/06/2025: Spoilers, Public Yggdrasil Node, Changes to AuraGem Search: Links for the day
"Six years of Gemini!": From gemini://geminiprotocol.net
Gemini Links 20/06/2025: Summer Updates and Hardware Failures: Links for the day
Links 20/06/2025: Google Shareholder Sues Google and Google Sued for Defamatory Slop ('Hey Hi') Word Salads ('Summaries'): Links for the day
Linux Journal Might Have Become the Latest Slopfarm Targeting "Linux", the Trends Are Concerning for Dying News Sites: They tarnish the Web with junk and then die
On "Learning to Code": quality may suffer, plus things get bloated
Quick Points Regarding This Week's Court Hearing: it paves the way for us to squash all the SLAPPs from Microsofters
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These: Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer: We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!: Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs: self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt: Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful: The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal: slippery slope
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025: IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!: Links for the day

Eye on Microsoft: Windows Security News

Recent Techrights' Posts