Eye on Security: Red Hat Explains Why Windows is Less Secure, New Windows 0-Day Attack
- Dr. Roy Schestowitz
- 2010-07-01 13:46:45 UTC
- Modified: 2010-07-01 13:46:45 UTC
Summary: Comparative security news from this week
●
Open Source is Inherently More Secure, Says Red Hat (Microsoft
admits silent patching it never discloses)
But in the closed source world, you have to trust your vendor completely. All you get to see are binaries, so you have no way of knowing how they were built. President Reagan was fond of saying to Soviet leader Mikhail Gorbachev, "Trust, but verify." With proprietary software, you simply have to trust.
Microsoft, for example, pushes out security updates on the second Tuesday of every month. Bressers said they can't do that. Microsoft has the advantage of hiding security flaws and working on them at their leisure, but with open source software, that's not possible because everyone can see that there's a problem and they expect it to be fixed right away.
And if a security hole isn't plugged quickly enough, you can fix it yourself, Bressers explained.
An example of the power of open source is the ping of death bug. Back in the late 1990s someone figured out that if you send a giant ICMP packet to a computer, just about any computer, it will crash. The bug affected every operating system, routers, printers, etc. When the problem was discovered, the open source Linux operating system had the bug squashed in about 2 hours, Bressers recalled. The closed source operating system vendors, however, took days, weeks and even months to make and distribute a patch for the ping of death.
●
Microsoft: 10,000 PCs hit with new Windows XP zero-day attack
Nearly a month after a Google engineer released details of a new Windows XP flaw, criminals have dramatically ramped up online attacks that leverage the bug.
Microsoft reported Wednesday that it has now logged more than 10,000 attacks. "At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged," Microsoft said in a blog posting.
●
New Windows Live Messenger has same old privacy problems
Why do I get the impression that some folks at Microsoft just don’t get it?
●
Privacy problems persist in latest Windows Messenger 2011 beta [
via]
Earlier versions of Messenger played fast and loose with your privacy. The new Live Messenger 2011, currently in beta, suffers from some of the same defects
Recent Techrights' Posts
- EPO "Cocaine Communication Manager" - Part I - Getting the Word Out About What the 'Alicante Mafia' Did to Europe's Second-Largest Institution
- Can't everyone in the European media agree that letting cokeheads run Europe's second-largest institution is a terrible idea?
- IBM is Becoming "Garbage In, Garbage Out" (GIGO) "Just like Arvind and Krabanaugh." (CEO and CFO, Respectively)
- There are some decent new comments about IBM this morning
-
- Links 14/02/2026: "Bias and Toxicity in" Slop, Microsoft's Vista 11 System Update Breaks Systems Again
- Links for the day
- Links 14/02/2026: "Suppression of Free Speech" and "Climate Change Puts Winter Games on Thin Ice"
- Links for the day
- Richard Stallman in the United States - Part I - Huge Audience (Offline and Online), 'Cancel Culture' Attempted and Failed
- the comeback of Richard Stallman (RMS) in the United States
- GitHub Cannot Survive for Much Longer
- Microsoft is trying to just hide the debt
- Ed Zitron: Microsoft Is A Decaying Empire That Bet The Future On Making In Excess Of $500 Billion In New Revenue Within The Next 4 To 6 Years From AI — And It Hasn’t Made A Dime In Profit Yet
- Microsoft bets its future on a bunch of nothing
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Friday, February 13, 2026
- IRC logs for Friday, February 13, 2026
- Gemini Links 14/02/2026: "Throwback VR Headset" and OFFLFIRSOCH 2026
- Links for the day
- IBM's Accounting Claims Don't Add Up
- IBM is an enigma. To Wall Street is claims to be doing extremely well, but insiders tell the complete opposite.
- Links 13/02/2026: "Cofounders Fleeing MElon’s xAI" and IOC Opposes Solidarity With Ukraine's Fallen
- Links for the day
- Gemini Links 13/02/2026: Square Function with Diode Network and Calls Against Discord
- Links for the day
- Links 13/02/2026: SUSE Uses Microsoft Internally, MElon's Company Helps Turn Epstein Files Into Child Abuse (After the Pornography Scandals)
- Links for the day
- If Your Company Lost About 30% of Its 'Value' in 3 Months, Then Maybe It Was Never Worth What You Claimed
- Does that make sense?
- Pleroma is Dying
- The last social control media that I joined was Pleroma
- African Browser Choices Show a Growing Problem in the World Wide Web
- World Wide Web (WWW) becoming little but a transport layer for a particular proprietary application (Google Chrome) [...] we're back to the late 1990s
- Asia and Social Control Media
- statCounter reckons it's down from over 10% to just 3% since it began tracking those things
- If You Want Digital Freedom, Then Follow Richard Stallman, the "Linux" Brand Has Changed and OSI is Microsoft (GitHub)
- If you want something stable and predictable, then stick with GNU, the GPL, and GCC
- Solicitors Disciplinary Tribunal and SRA Failing to Curb SLAPPs Against People Who Expose Wrongdoing
- We'll soon show messages that we transmitted to politicians
- Beware the Latest IBM SPAM, IBM is Already Down "After Hours"
- After a harsh day in Wall Street IBM's shares area already down again (after trading hours)
- Radicalism in Our Communities is Mostly Corporate, Not Grassroots
- Infiltration and systematic destruction can be shallowly painted as "inducing manners"
- Anonymous Threats Against My Wife and Against Yours Truly
- Promoting GNU/Linux and condemning people who attack GNU/Linux is not a crime
- Decades-Long Microsofter (Darryl K. Taft) and TIOBE Conflate Microsoft GitHub (Proprietary) With FOSS in Microsoft-Sponsored 'News' Site
- We do not intend to do a lengthy debunking because we covered this subject several times in the past
- Life Gets Better After Social Control Media
- Don't become part of these experiments
- statCounter Suggests Americans Are Dumping Social Control Media
- Are Americans getting fed up with social control media and quitting in droves?
- Back Doors and Fake Security
- They've militarised everything, even people's home computers
- Cost-Cutting and Book-Cooking at IBM
- It's like cutting salaries by more than 50%
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Thursday, February 12, 2026
- IRC logs for Thursday, February 12, 2026
- Microsoft Cuts Continue, Visitor Center in Redmond Shut Down
- This goes on and on, leading up to the next giant wave of mass layoffs
- Mainstream Media Intentionally Ignoring EPO Strikes
- “EPO on Strike!”
- Jeffrey Epstein crypto disclosure: uncanny timing, Bitcoin demise, pump-and-dump, ponzi schemes
- Reprinted with permission from Daniel Pocock
- Gemini Links 12/02/2026: Avoiding Coffee, Trying Ubuntu, and "Open Source Robot"
- Links for the day
- Microsoft Slop CEO Speaks of Layoffs
- They will go along with the "replaced by AI" baloney
- In Systematic Contempt of the British High Court, Brett Wilson LLP Spent Two Years Lying to Courts and Breaking Rules Against Us
- We criticise Brett Wilson LLP quite lot because of its conduct
- IBM Kyndryl as "Aggressive “Enron” Accounting"
- IBM Kyndryl continues to nosedive today
- Relationships evidence: Tiago, Tassia, Thais, Antonio & Debian favoritism, nepotism
- Reprinted with permission from Daniel Pocock
- Debian pregnancy cluster: why it is public interest
- Reprinted with permission from Daniel Pocock
- IBM Bubble Deflating After James Kavanaugh's Accounting Trick With 'Toxic Assets' Comes Under SEC Scrutiny
- If something goes up based on false speculations, bonus numbers and self-serving lies, then it'll come back down, eventually...
- The EPO's Corruption and Violation of Rules is Spreading to the United Kingdom (Software Patents)
- Yesterday a letter was sent to the chief regarding salaries while reminding him of the next strike, which is only 11 days away
- State of the Slop, Slopfarms Containment
- Slopfarms still exist this year, but their visibility is limited
- IBM Continues Tanking Today, Already $58+ Lower Than Recent High, Insiders Explain Why
- The same CFO from the inception of Kyndryl is still the CFO at IBM
- Links 12/02/2026: Pushback Against, "NATO Is Expected to Step Up Arctic Security"
- Links for the day
- Links 12/02/2026: "Microsoft Just Forked Windows" and Windows Notepad is a Giant Security Hole
- Links for the day
- Put Criminals in Prison, Not People Who Report the Crimes
- Can people be sent to prison for opposing crime?
- Windows Has Become Increasingly Irrelevant
- There's a very massive wave of layoffs coming Microsoft's way
- Our Most Successful Year Ever
- The hired guns in London are eager to turn the UK into another China
- Slopfarms Waning, But Not Extinct Yet
- Metrics show that usage of LLMs is declining
- Over at Tux Machines...
- GNU/Linux news for the past day
- IRC Proceedings: Wednesday, February 11, 2026
- IRC logs for Wednesday, February 11, 2026
Comments
saulgoode
2010-07-01 14:10:44
Not just trust the vendor, but also those with whom they've shared the source code (subcontractors, governments, large corporate clients, etc).
It is noteworthy that there were claims that the recent attack on Google stemmed from sources within the Chinese government (with whom MS shares its source code), it is not that surprising that Google would quickly put an end to a situation where the malware authors get to see the Windows source code and they do not.
Dr. Roy Schestowitz
2010-07-01 14:17:26