Bonum Certa Men Certa

Vista 7 Cracked Again

Window



Summary: Windows security still broken, judging by Pwn2Own

WINDOWS is not doing terribly well. The margins are low and Microsoft relies on bundling alone (which requires a hardware buying spree). Looking at the past week's news, there was one headline alone with "Vista" in it and just 5 clusters of headlines about "Windows 7", 1 of which was a whitepaper.



Vista 7 is hardly mentioned these days, except for occasional complaints or PR fluff. Microsoft continues to improperly count "sales" and we have already explained how Microsoft fakes these to achieve an illusion of success. In many ways, Vista 7 is just Vista, but it looks a little different (notably the new deskbar). "Well the initial impression is how much it looks like Vista," said Microsoft's booster Jack Schofield about Vista 7, "Which I think is…uh…the thing I’m not supposed to say."

In previous posts we showed that Vista 7 is considered worse when it come to security than its predecessor, Windows Vista. To name some posts on the subject:



According to IDG, "Hacker busts IE8 on Windows 7 in 2 minutes"

Two researchers yesterday won $10,000 each at the Pwn2Own hacking contest by bypassing important security measures of Windows 7.

Both Peter Vreugdenhil of the Netherlands and a German researcher who would only identify himself by the first name Nils found ways to disable DEP (data execution prevention) and ASLR (address space layout randomization), which are two of Windows 7's most vaunted anti-exploit features. Each contestant faced down the fully-patched 64-bit version of Windows 7 and came out a winner.


"Hacker Bypasses Windows 7 Anti-Exploit Features In IE 8 Hack," reports Dark Reading, a Web site which is focused on security issues.

A Dutch researcher won $10,000 in the Pwn2Own hacking contest this week for hacking Internet Explorer 8 on a Windows 7 machine -- bypassing built-in anti-exploit features in the operating system.


From Microsoft sites comes a bit of spin and it's worth noting that Apple's proprietary products got cracked too.

Miller used one of the flaws he found by dumb fuzzing yesterday to exploit Safari on a MacBook Pro, walking off with the notebook, $10,000 and a free trip to Las Vegas this summer to the DefCon hacking conference.


Here is an interview with Miller and a summary from The Inquirer that says: "Apple and Microsoft get trashed by hackers again"

Some months ago we wrote about Microsoft entering Telstra [1, 2], so the following new item is also worth mentioning.

Telstra Corporation director of security services, Andy Solterback, has responded to claims by Microsoft that it has largely fixed security problems.


It is now being claimed the Internet attacks which are mostly caused by Windows zombies hit Seattle the most.

Seattle is top, according to the report, for cyberattacks and potential infections and online behaviour that can lead to cybercrime, like online shops, online banks and wi-fi.


It is rather interesting that Windows zombies go right back where they came from.

Recent Techrights' Posts

The Next Talk of Richard Stallman (Father of GN/Linux and the GPL) Advertised in the Media 3 Days in Advance
He spoke in Italy earlier this year and also did some interviews
The Microsofter Who Kept Sending Threatening Post and E-mail to My Wife Has Been Joking He'd Work on Code for "Sexual Favours"
For one thing, for software professionals (like for landlords), this is outright illegal and you'd get arrested for it, and moreover it's no joking matter because there are many real victims of such sexual exploitation
We Seem to Have Abandoned Science and Replaced Sound Policy With Private Patent Shareholders and College Dropouts Like Bill Epsteingate
Because of what they did there are now many people out there who reject all vaccines
 
Free Software as a Culture of Resistance
Free software as a movement accomplished a lot in 40+ years
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 23, 2025
IRC logs for Friday, May 23, 2025
Simpler is Better
Gemini Protocol turns 6 in exactly 4 weeks
Slopwatch: Brian Fagioli, Brittany Day, and Other Plagiarists Who Rip Off Real Writers and Target Themes Around "Linux"
Fagioli also prompted chatbots for some words diarrhoea
Growing Recognition Out There That Courts Must Abandon Microsoft or Have No Perception of Authority, Autonomy, Independence, Fairness, and More
Imagine making a complaint about Microsoft to an agency that uses Microsoft
Links 23/05/2025: Microsoft Openwashing at ZDNet, Signal Does It Wrong (DRM, Back Doors Still Intact)
Links for the day
Gemini Links 23/05/2025: Clutter in Modern Interfaces and Dealing With DRM-Free Music
Links for the day
Links 23/05/2025: Tax Audits of Hong Kong's Independent as ‘Intimidation Tactics,’ Why "Regulating X Isn’t Censorship"
Links for the day
TecAdmin Took a Break From Linux to Push SPAM
This happened hours ago, and it seems to have been posted directly by the site's "Admin" (Rahul)
Links 23/05/2025: Violent Attacks on the Press, VMware Price Hikes, Vista 11 Considered Unsuitable for Any Confidentiality
Links for the day
Gemini Links 23/05/2025: Balkan Tourism, UK Polls, Reticulum and Meshtastic
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 22, 2025
IRC logs for Thursday, May 22, 2025
Back to Basics, Folks, "AI" (Plagiarism) is Symptom of a Dying Industry Looking for Whatever Prey It Can Devour
lousy/sloppy imitations
Liam Proven's Thoughts on "AI" Being a Scam No Different From Religions, Alternative Medicine, and More
"Is there anywhere outside of retrocomputing that doesn't have AI in it?"
Many IBM Layoffs, Centred Around Expert Labs US in Atlanta (Offer of "Relocation" Where No Such Option Exists)
So Techrights was assessing comments/gossip online and it was right about the Thursday cull
Slopwatch: Slopfarms That 'Hallucinate' (Yield Falsehoods) Cited as Credible Sources and Microsoft Media Gaslighting Everybody
Part of the problem is, Google News
More Media Coverage and Photos From Richard Stallman's Presentation in Liberec (Czech Republic)
Here are some photos
The Microsofter Who Kept Sending Threatening Post and E-mail to My Wife Has Been Spooking Women for at Least Two Decades
censorship was the ultimate goal
Links 22/05/2025: Openwashing, Dumping Microsoft's Entrapment (Microsoft GitHub), and New Climate Disasters
Links for the day
Richard Stallman's Next Public Talk is in Milan, Italy Next Week
Happy hacking
Gemini Links 22/05/2025: Crimson Pro Font and CGI in Bash
Links for the day
IBM Goes to India, Fires People in the United States (Under the Guise of "Relocation" or Similar), Accusation of Bribery in the Company
LLM slop sites (some are pure slopfarms) from India say the IBM layoffs result in hiring "AI" (the "I" stands for India)
Why We'll Continue Covering EPO Abuses (Other Patent Offices as Well, as the Need Arises) for Many Years to Come
We're basically becoming Russia
Links 22/05/2025: TikTok Laying Off Again, Microsoft-Backed Builder.ai Set for Bankruptcy, Scam Altman Uses 'Funny Money' to 'Buy' (Hire) Company
Links for the day
These Feet Are Made for Walking
Humans are apparently so very clever that they decided to form a "progressive" consensus: feet no more
The Evolution of Microsoft's War on GNU/Linux
13 sins
OFTC Has Just Culled About a Third of Its Online Users
It's not the first time they purge or force offline many people/bots
My New Desk Arrangement (and More Breaks From the Keyboard)
all in all yesterday I devoted 4-5 hours to redoing and shuffling stuff
Central Staff Committee of the EPO Opposes Abuses Against EPO Staff, Challenging SuccessFactors Stunts
Europe became institutionally colonised
Gemini Links 22/05/2025: "Conspirituality" and Visiting One's Old University
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 21, 2025
IRC logs for Wednesday, May 21, 2025