Bonum Certa Men Certa

“Microsoft Will Have Blood on Its Hands.”


Summary: In the midst of Wikileaks drama we learn that an executions-savvy regime will benefit from Windows cracks

"Windooze insecurity puts Iranian dissidents in mortal danger," states the subject line of an anonymous USENET post, quoting this article. "A Dutch CA called DigiNotar," says the poster, "was hacked by Iranian hackers, likely with the intention of intercepting SSL traffic (Gmail, Facebook etc.) of Iranian activists and freedom fighters. I checked DigiNotar's website and guess what operating system they're using? You guessed it! WINDOOZE ASP.NET!!!

"So now Microsoft will have blood on its hands. Its insecure graphical-shell-pretending-to-be-an-operating-system is now possibly responsible for the deaths and prosecution of many Iranians!! [..] THIS COMPANY SHOULDN'T BE SPLIT UP, IT SHOULD BE SHUT DOWN"

“And as long as otherwise respectable companies insist on e-mailing me "slide shows" in the form of IrfanView .exe files because "it's so user-friendly", Windows will remain as secure as a wet paper bag.”
      --Richard Rasker
A more moderate Dutch poster, Richard Rasker, wrote separately: "I guess we've all heard how a Dutch Certificate Authority by the name of Diginotar, formerly used by even the Dutch IRS authority and countless city councils, has screwed up severely, when their systems were breached by Iranian hackers, who managed to poison the world with many hundreds of bogus certificates. Then they screwed up even more by hushing up about the hack for months -- a huge no-no in a world where trust is the highest good.

"And now it turns out that the screw-up has soared to even greater heights. In case you wondered what OS these people were using, here's the answer:

"For those who don't understand Dutch:

"Fox-IT: Diginotar didn't even use a virusscaner

Fox IT has delivered a devastating verdict on Diginotar's infrastructure. The company didn't adhere to agreements and procedures. Even elementary security measures were totally absent.

These are the conclusions from an investigation by Fox IT into the security breach at Diginotar, as passed by Webwereld and through a governmental source. It turns out that all operations were taking place from within one single Windows domain. This made it possible to gain access to the certificate administration from any work station; logging in to one's work station was sufficient to get access to the systems. This is a mortal sin in the world of IT security. In addition, Diginotar was already aware of the abuse of its certificates as early as July.

No secure zones Even when issuing certificates for government use, standard security rules were trodden underfoot. The government's PKI computers operate from within a secure vault, and should never have been connected to Diginotar's network. Yet even on those machines, investigators found evidence that connections had been made to the Windows domain.

..." [no virus scanner ... no proper logging ... no strong password enforcement ... inadequate intrusion detection ... hackers got & used administrator rights ... certificates chucked in an easily accessible database ... etcetera]

"Now I won't say that this could never have happened in a Linux environment," notes Rasker, "but for a screw-up of these truly epic proportions, Windows is the OS of choice -- because it traditionally "makes things easy", and because Windows users are traditionally not used to working with proper permissions, secure networks and strong passwords.

"And as long as otherwise respectable companies insist on e-mailing me "slide shows" in the form of IrfanView .exe files because "it's so user-friendly", Windows will remain as secure as a wet paper bag. QED."

Recent Techrights' Posts

Not Only Has Adoption of Windows Vista 11 Flatlined/Plateaued, Now It is Going Down!
Did many people delete Vista 11 and install GNU/Linux instead?
GNU/Linux Peaking in Europe, Android Measured as Higher or More Prevalent Than Windows
Android topping Windows
Gemini at 3,800+
total number of known capsules at above 3.8k
Be a Navalny
We salute Mr. Navalny
Europe's Adoption of GNU/Linux, by Country (Now About 6%)
in Switzerland, for instance, adoption of GNU/Linux has been profoundly low
[Meme] 'Debating' People by Subscribing Them to Lots of SPAM
Rebuttal? No, spam.
From Sexual Harassment of Women to Yet More Cybercrimes
They can be prosecuted
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 03, 2024
IRC logs for Sunday, March 03, 2024
Venezuela: Windows Below 70% (Laptops and Desktops), GNU/Linux Up to 7%
It's a lot higher in Cuba
ICYMI: ZDNet Financially Controlled by Microsoft
a history of censoring SJVN's Microsoft-critical articles
Argentina Joining the 4% 'Club' (GNU/Linux on Desktops and Laptops)
Data as ODF
Transparency Sets Society Free
"Convenient delusions" aren't bliss but temporary relief
[Meme] The EPO, Europe's Second-Largest Institution, Which is Contracting With Belarus
Socialist EPO
The European Patent Office's (EPO) Illegal Ban on Mass Communication Gets in the Way of Democracy
The scientific process (patents apply to science) must allow scrutiny, both from within and from the outside
Links 03/03/2024: Depression in Hong Kong, Sex 'Apps' and STIs
Links for the day
Links Gemini 03/03/2024: NixOS and NextCloud, Back Into Ricing
Links for the day
The Debian family fallacy
Reprinted with permission from Daniel Pocock
For Every Action There's a Reaction
Gates lobbying Modi
Like in Africa, Android Takes Control, Raking in Almost All the 'Chips' in Asia
So Microsoft has no OS majority except in Japan and Russia (and tiny Armenia).
Links 03/03/2024: Goodbye, Navalny (Funeral Reports)
Links for the day
Gemini Links 03/03/2024: A Wild Devlog Appeared and GrapheneOS Ramble
Links for the day
Mozilla Firefox is Back in ~2% Territories, Jeopardising Its Status as Web Browser to Test/Target/Validate With
Some new stats
[Meme] Russian Standards of Law: The Executive Branch Decides Everything
the president's kangaroo court
Up Next: The Tricky Relationship Between the Administrative Tribunal of the ILO and the European Patent Organisation (EPO)
We've moved from presidents who run a republic by consent to corrupt, unqualified, dictatorial officials who bribe for the seat (buying the votes)
IRC Proceedings: Saturday, March 02, 2024
IRC logs for Saturday, March 02, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Beware Imposter Sites of Techrights (Not or
Only trust pages accessed through the domains controlled by us
Italy visa & residence permit: Albanian Outreachy, Wikimedia & Debian tighten control over woman
Reprinted with permission from Daniel Pocock
Links 02/03/2024: Actual Journalists Under Attack, More Software Patents Being Challenged
Links for the day
Gemini Links 02/03/2024: NixOS on GPD, Meson Woes
Links for the day
statCounter March 2024 Statistics (Preliminary)
Notice Asia
Links 02/03/2024: More Lawsuits Against Microsoft, Facebook Killing Hard-To-Find News
Links for the day
ZDNet (Red Ventures) Works for Microsoft (Redmond), Many Of Its Pages Are Spam/Advertisements Paid for by Microsoft
Here is the "smoking gun"
Wikipedia Demotes CNET Due to Chatbot-Generated Spew as 'Articles'; It Should Do the Same to ZDNet (Also Red Ventures, Also Microsoft Propaganda)
Redmond Ventures?
IBM Sends Money to Microsoft
Red Hat basically helps sponsor the company that's a attacking our community
The Direction WordPress (GPL) Has Taken is an Embarrassment
it comes with strings attached
When the Cancer 'Metastasises'
We had a red flag
March in Techrights (EPO Litigation and More)
One theme we'll explore a lot when it comes to GNU/Linux is the extent to which communities truly serve communities
Don't Forget to Also Follow Tux Machines
We've split the material
Yandex Usage Has Surged Since the Invasion of Ukraine, Microsoft Fell to 0.7% (It Was 1.7% Before the 'Bing Chat' Hype Campaign)
In Soviet Russia, Bing searches user
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 01, 2024
IRC logs for Friday, March 01, 2024
Sellout Completed: Linux Foundation Converging With the Gates Foundation
not a joke
Hitler Rants Parodies on Steve Ballmer
Parody created using clips from Downfall (Der Untergang)
With Windows This Low (27% of the "OS" Market), Steve Ballmer Would Have Thrown Another Chair
The media produced many puff pieces about Nadella at 10 (as CEO), but what has he done for Windows? Nothing.
[Meme] The Naked President
EPO Suffers From Shrinkage
Attacks on the EPC: Reality and Fiction
EPO leaks