Bonum Certa Men Certa

Another Misdirected Response from the Government to the Company “Not Engineered for Security”

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive



Summary: Another terrible month for Microsoft insecurity and the government is still unable to respond sensibly to the threat

YESTERDAY we wrote about Microsoft's lobbying for an Internet "Driver's Licence" policy. Rather than blocking the real culprit (Windows) it might only block BSD and GNU/Linux. More importantly, it would resolve absolutely nothing for the reasons just explained by Mike Masnick:



And an internet driver's license is even more ridiculous. Unlike a car, the internet is something that people have to use all the time. No driver's license is going to stop people from getting suckered by scammers.


Exactly. And what does the US government do? Rather than mimic Australia's plan to ban many Windows machines [1, 2], the US government throws some more money into "research". US taxpayers will once again pay for Microsoft's incompetence, just like in Germany.

The US House of Representatives has overwhelmingly passed a bill that would direct almost $400m toward research designed to shore up the nation's cybersecurity defenses.


Microsoft's software will never be secure. Microsoft itself has admitted that its "products just aren't engineered for security." Based on the news, there is yet another Internet Explorer flaw:

CURSED BY ITS HAIRBALL CODE, Microsoft has released another security warning relating to a bug in Internet Explorer.


There have been so many such flaws recently [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12] that it's hard to keep track of which is which. Many are highly severe and there was also an IE flaw reported just the day after Microsoft had released an emergency IE patch (for a flaw it knew about and willingly ignored for almost 6 months, demonstrating Microsoft's negligence [1, 2, 3] and infinite arrogance).

Based on CNET, Microsoft is to bring patches for no less than 26 holes next week:

Microsoft will patch 26 holes next week, including critical ones in Windows, one affecting the kernel of 32-bit versions, and several holes in Office, the company said Thursday in a preview of its Patch Tuesday.


That's just a lower bound though. As we already know, Microsoft is patching many flaws without even telling the public in order to embellish its public record. This is a company of systematic liars, a company that is unable to make secure software, let alone patch it in a responsible (and timely) fashion. Had the government tried to resolve its security issues, then it would impose and use greater pressure to move to UNIX and Linux [1, 2].

Comments

Recent Techrights' Posts

Brett Wilson LLP Sent Over 5 Kilograms (or Over 12 Pounds) of Legal Papers! Because Writing About Microsoft Abuses is 'Illegal'.
How do you guys sleep at night? On a big pile of Microsoft money?
Extremism as a Weapon Against GNU/Linux (Microsoft Lunduke)
He ought to know the Halloween Documents. Wasn't he a Microsoft employee when these came out?
 
Microsoft-Sponsored Propaganda Site Has Removed False 'Hit Piece' About Dr. Stallman (With Fake and Misrepresented Imagery) But Only After 4 Years
So they only removed that page some time around 2025, i.e. about 4 years after it had been published
Always Check Your Inputs
Garbage in, garbage out. Or wrong assumptions, wrong corollary.
Dan Neidle Said That Tax Evasion Facilitator Mr Zahawi (Working to Silence Bloggers Through Brett Wilson LLP) Targeted Not Only Him (But The Others Kept Quiet)
"Mr Neidle said after repelling Mr Zahawi he was contacted by bloggers and tweeters who had received similar threats. They deleted their work “and in most cases never commented publicly on anything again”."
SLAPP Funding Transparency Urgently Needed in the UK and Elsewhere (in Practice, Not Just in Theory)
Writing about crime - including Microsoft crime - is not a crime
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 09, 2025
IRC logs for Wednesday, July 09, 2025
Elodie Bergot Still Doing Illegal Things at the EPO, Based on the Local Staff Committee Munich
They keep taking away from the staff while compelling the staff to do illegal things
Gemini Links 09/07/2025: Extreme Testing and Golang Documentation in Geminispace
Links for the day
Vice President of the European Patent Office (EPO) Complains That Techrights Gives Visibility to Legal and Technical Issues at the EPO
"Follow-up on enquiries relating to Dir. 1218 and 1001"
Slopwatch: linuxsecurity.com and Various Slopfarms That Lie About "Linux" and Are Promoted by Google News
Google does not seem interested in tackling this problem
Links 09/07/2025: War Updates and Microsoft Moving to India to Cut Costs
Links for the day
GNU/Linux Was Always a 'Movement' of Inclusion of Tolerance
Even the licences themselves remove access barriers
Links 09/07/2025: "Subprime AI Crisis" and "OpenAI May Be in Major Trouble Financially"
Links for the day
Huge Piles of Legal Papers ('Paper DDoS') Do Not Impress Judges and Regulators
they just make judges and regulators even more suspicious of the eagerness to resort to 'paper DDoS'
Lunduke Isn't Even Hiding His Anti-Linux Agenda (From "Linux Sucks" to "Linux is Pedophiles")
just trying to make a lot of trouble
Some People Use Computers to Get Actual Work Done
Tolerance and inclusion must extend to acceptance that some people don't agree with you, might never agree with you, and imposing what allegedly works for you on them is unreasonable
Example of "Old" Things That Still Work
The notion that something being "old" implies it must be discarded is typically advanced by those looking to sell more of something
Some Scheduled Maintenance Later Today
Typically the most vulnerable service during short interruptions is IRC
Computers Are Just a Tool
People don't get married because they love weddings, folks don't join the army because they love war, and most drivers don't drive to work because they love cars
Apple Way Past Its Prime
Apple deserves a decline
The FSF's SysOps Team Recovered From Serious Hardware Issue Within Hours
About half a day ago I noticed that all/most GNU/FSF sites were not reachable and thus reached out to a contact for any details
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 08, 2025
IRC logs for Tuesday, July 08, 2025
Slopwatch: Turning Bugs Into FUD About "Linux", Getting Basic Facts Wrong
all the screenshots are of fake articles; we don't want to link to any
Technical Reasons, Not Politics: With Wayland "it feels a lot like Linux from 20-25 years ago, which is horrendously frustrating, because it feels like we wasted one or two decades of progress and stability"
Lately, quite a few benchmarks were published to show Wayland compares poorly compared to what we had
PCLinuxOS Recovering From Fire
It looks like a nightmare scenario, where even backups onsite get destroyed
Links 09/07/2025: More Heatwaves, Officials Culled in Russia
Links for the day
Gemini Links 09/07/2025: XScreensaver and Resurrection
Links for the day
Links 08/07/2025: "Cyberattack Deals Blow to Russian Firmware" and "Cash Remains King"
Links for the day
FSF40 T-shirt message
by Alex Oliva
Gemini Links 08/07/2025: Creativity, Gotify with NUT Server, and Sudo Bugs
Links for the day
More on "Lunduke is Actually Sending His Audience to Attack People"
"pepe the frogs"
Links 08/07/2025: Sabotage of Networking Infrastructure, Microsoft XBox Game Pass Deemed “Unsustainable”
Links for the day
Dalai Lama Succession as Evidence That Determined, Motivated People Can Reach Their Nineties
And we need to quit talking about their death all the time
Many Lawyers (for Microsoft) and 1,316 Pages to Pick on a Litigant in Person Who Exposed Serious Microsoft Abuses
Answers must be given
Gemini Links 08/07/2025: Ancillary Justice and Small Web July
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 07, 2025
IRC logs for Monday, July 07, 2025