Bonum Certa Men Certa

Microsoft Won't Secure Firefox/Chrome Users, Shows More Negligence

Web browser icons



Summary: ActiveX required by Microsoft's OneCare; investigation into Vista 7 vulnerabilities a case of "too little, too late"

MICROSOFT pretends to have changed for the better. It pretends that it allows users of Windows to use Web browsers other than Internet Explorer, but the following post -- artistically titled "Microsoft being a Onecare [Wanker]" -- suggests otherwise:

For starters, it uses an ActiveX control - Internet Explorer required in other words - that's annoyingly hard to install. You get warnings galore from Windows 7's UAC and IE about popups and do you really really really want to install something that has the potential to roger your system well and truly?


ActiveX was designed to restrict competition by supplanting Web standards. It ended up becoming one of the biggest security nightmares out there and Novell supports this.

Here is the new story of a man who has just been fired because of these practices from Microsoft:

Linux Contractor Fired for Using Firefox/Linux



[...]

The irony? The "compentency test" was a Security & Privacy test from the four letter credit card company that HAD to be taken on MS Windows with IE?

I'll let you be the ones to point out the obvious...the fact that this large computer/server company with three letters in their name is reportedly a "friend to Linux". I'll let you talk about how a Linux Professional who uses Linux as their desktop environment was denied access to employment. Employment that was based on his knowledge of Linux. Yeah, the server side...but still...

Now let's brag about how much ground Linux has made...

And a Linux Project Manager for said company asking the question:

"What's this Foxfire thing?"


As a secondary item of news, some days ago we argued for Microsoft liability when it comes to the latest Vista 7 vulnerability. Microsoft deserves to be accused of negligence and the following article implies deception too.

Is Microsoft Overhyping Security In Windows 7?



[...]

Microsoft has been aggressively marketing the security improvements in Windows 7, but some security experts believe this strategy could leave the software giant open to some unpleasant repercussions.


Vista 7 has been breached before and to give some examples of insecurity, we have:



Now there is the SMB flaw that Microsoft finally acknowledges.

Microsoft on Friday said it is working on a fix for a vulnerability in the Server Message Block file-sharing protocol in Windows 7 and Windows Server 2008 Release 2 that could be used to remotely crash a computer.


It really took them too long, having waited for attack code to appear before properly investigating. That's negligence and it is irresponsible. Gregg Keizer writes:

The zero-day vulnerability was first reported by Canadian researcher Laurent Gaffie last Wednesday, when he revealed the bug and posted proof-of-concept attack code to the Full Disclosure security mailing list and his blog. According to Gaffie, exploiting the flaw crashes Windows 7 and Server 2008 R2 systems so thoroughly that the only recourse is to manually power off the computers.


Why has Microsoft waited so long before looking into the problem? Could it be that lack of security and increased fear help Microsoft sell more 'solutions' to those very same problems? As we showed some days ago, [cref Microsoft is clearly profiting from Conficker], for example.

Comments

Recent Techrights' Posts

Greener Pastures for Free Software Users
This coming week we'll publish many articles about GNU/Linux and technical means of/for user empowerment
Google News, Which We Call Gulag Noise, is Following the New York Times Into the Digital Graveyard
It merely gives an illusion of volume and instead of giving readers more stuff to read it wastes people's time
Over at Tux Machines...
yesterday's posts
Software Freedom is the Future and Microsoft is the Biggest Obstacle
GNU/Linux, at its roots, was all about Software Freedom
The GNU/Linux Revolution Ain't Here. Look at Brazil, Russia, India, China, and South Africa (BRICS) Instead.
The revolution won't be televised
Chaffbot Effect: Microsoft Bing Falls to Lowest Share in Two Years (Amid Loads of Bing Layoffs This Year)
Press outlets mostly failed to report that Bing is collapsing
GNU/Linux Distributions as "Appliances" and DRM Platforms (the Case of ChromeOS and SteamOS)
Is this what we envisioned in the 1980s and 90s?
Fulfilling the Site's Full Potential
We remain devoted to the aforementioned goal of posting more original material
Over at Tux Machines...
2 days' worth
 
IRC Proceedings: Monday, October 02, 2023
IRC logs for Monday, October 02, 2023
Daily Bulletins Coming Soon (Hopefully as Early as Next Week)
Today we finish testing IRC logs and their upload to Gemini, not just to IPFS
Links 02/10/2023: NUC, GTK Themes, and More
Links for the day
New Union Syndicale Articles About the European Patent Office
We'll probably get back to regularly writing about the EPO in the near future
If WordPress Knows Well Enough to Self-Host Its Podcast, Why Can't GNU/Linux Shows Do the Same?
For those who want videos and podcasts, here are today's latest additions from other sites
Richard Stallman Can Outlive Many of His Prominent Haters
M.J.G. tried hard to take our Web site offline, based on lies and repeated threats
Forget VSCode (Microsoft's Proprietary Spyware), Use KATE Instead
KATE is great
Sometimes It's Time to Reboot
No, not Android. KDE.
Upcoming Talk by Dr. Richard Stallman: Large Language Models Are Not Artificial Intelligence
LLMs aren't truly intelligent and cannot quite grasp what they spew out
GulagTube is a Burning Platform (Exit YouTube, Invidious Won't Save Us From Google/Alphabet in the Long Run)
Alphabet Agency (Google) sees the future of video as a "skinnerbox" (running Android) that indoctrinates you like TikTok does
Microsoft's Demise in the Global News Cycle is Rather Telling
It should be noted that Microsoft is, in general, no longer prominent or dominant in news headlines
Gemini Migration and Backup Capsule (Archive)
At the end we'll end up with something a lot better than before and latency should be massively reduced
Links 01/10/2023: Science, Education, and pro-Russia Slovakia Leadership
Links for the day
IRC Proceedings: Sunday, October 01, 2023
IRC logs for Sunday, October 01, 2023
Links 01/10/2023: Climate, Patents, Programming, and More
Links for the day
Apple and Microsoft Problems
half a dozen links
Malware in the Ubuntu Snap Store, Thanks to Canonical Bloatware Mindset
Reprinted with permission from Ryan Farmer
Gemini Rising
There are 3523 capsules
Richard Stallman Gave a Talk Yesterday, Will Give Another Talk Today, and Will Give Two More Talks in Germany Later This Week
Those cover at least 2 different topics
Beware the Microsoft Sharks
We won't forgive and forget
IRC Proceedings: Saturday, September 30, 2023
IRC logs for Saturday, September 30, 2023
Don't be Afraid of the Command Line, It Might Even be a Friend
There's a tendency to think that only graphical interfaces were made to simplify usage, and any declarative interface is by design raw, inherently unfit for usage
One Positive Note About GNU/Linux Coverage in 2023 (Less Microsoft)
GNU/Linux users do not want this, with very rare exceptions
Snaps Were Never Good at Security, But the Media Coverage is Just Appalling
The media should focus on culling Windows, not making a huge fuss over minor things wrongly attributed to "Linux"