Bonum Certa Men Certa

Not Satire: Microsoft Wants to Show the World How Security is Done

Microsoft tries to paint itself as "fighting the bad guys"

Musketeers



Summary: Software security 'standard' to be led by the company which made insecurity an acceptable engineering practice?

According to this new report (criticised heavily in this LXer thread), Microsoft is trying to lead security standards as if Microsoft is the master of security. Oh! The vanity!



"Previously, roughly half a decade ago, Microsoft fonts also enabled remote hijacking of one's Windows-running PC."Microsoft is not just bad at security but also at patching security flaws; many people, especially in businesses, won't install updates from Microsoft without qualms because these tend to break the software every now and then, even weeks ago. As IDG put it: "The saga of botched patch MS13-036 takes new twists and turns -- including a problem with Multiple Master fonts" (familiar story, not the first of this kind).

Go on and wonder how poor modularity must be if a security patch can impact fonts. Previously, roughly half a decade ago, Microsoft fonts also enabled remote hijacking of one's Windows-running PC.

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive

Recent Techrights' Posts

Judgment translated to English in FINMA & Debian trademark fiasco
Reprinted with permission from Daniel Pocock
The Brigading (in Social Control Media) Did Not Silence the Creator of GNU/Linux
there are no impending talks at the moment
 
Links 25/02/2025: Mass Layoffs at Starbucks, Kaspersky Banned on Australian Government Systems
Links for the day
Links 25/02/2025: Strawberry Lemonade, Introducing Fiss, and YouTube Acting Aggressive
Links for the day
UK: Twitter Falls to Lowest Traffic Levels in 5 Years (Start of Lockdowns), Down From More Than 37% to Only 6.5%
Months ago Twitter (aka "X") was blasted by the British government for inciting right-wing violence
Confirmed: IBM Layoffs Will Strike Consulting Quite Hard
the flagging of staff is a way to signal to them it's time to go or get the boot
Sami Tikkanen Explains What Happened to Computer Science Education in Finland and Elsewhere
The 'broligarchs', a collective which typically created anything of their own, do not want the general population to possess skills that let it be anything other than passive consumers
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, February 24, 2025
IRC logs for Monday, February 24, 2025
Truth is Not About Appeasing the Feelings of Men Who Hurt Women
True information is just what it is
Links 24/02/2025: Compromised Laptops and EU Shift to the Right (Boosted by Social Control Media Interventions)
Links for the day
Gemini Links 24/02/2025: Politics, Monarchy, and AuraRepo Prism VCS Suppor
Links for the day
Links 24/02/2025: Germany Looks to Distance Itself From US, Environment at Risk, Mass Layoffs at Zendesk
Links for the day
[Meme] It's Over, Microsoft
an obligatory meme
Even Worse Than LLM Slop and Linkspam From UNIXMen
UNIXMen is basically a defunct spamfarm at this point (the author is "sarwarSEO")
Proprietary Software is Bad for Your Health, Not Just Your Finances, Privacy and So On
It would be interesting to see some charts, based on some long-term study, comparing the general health (blood pressure, BMI etc.) of people who use proprietary stuff and people who do not
Gemini Links 24/02/2025: Osiris 0.1.0 Release (File Sharing in Gemini Protocol), NetBSD 10.1 on the Pi
Links for the day
Microsoft Admits Business Perils as Windows Continues to Fall
‘Microsoft missed the biggest business model…’
Technical Specifications at Times of Tyrannies
Specifications (specs) must evolve with the times
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, February 23, 2025
IRC logs for Sunday, February 23, 2025
In Case Rust Censors It (Rust Has Long Been All About Censorship), Here's a Critical Look at Rust's Goals
In the case of Rust, instead of "the liberation of the digital society" we have empowerment of Microsoft GitHub and of GAFAM in general. Guess who funds this...
Gemini Links 23/02/2025: Respectful Platforms Manifesto and Internet Archive
Links for the day
The Significance of the Timing of the Ridiculous Letters From Brett Wilson LLP, Acting on Behalf of People From Microsoft
A preliminary look at the timeline and what it tells us
Politicians Ought to Invite Dr. Richard Stallman and Prof. Eben Moglen to Speak About Policies, Licensing, Digital Sovereignty
Is there something in Europe other than RMS' talk this coming Monday (that we're not yet aware of)?
The So-called 'IT' Industry Became Somewhat of a Fraud Where People Equate Usage and Power Wasted With "Value" or "Success"
When did 'IT' become a weapon rather than technology/science?
Things to Like About London
Many important or "powerful" people leave near there
Links 23/02/2025: Democracy Backsliding and German Election
Links for the day
Joining APRIL(.org), AGM weekend, Paris, 15-16 March 2025
Reprinted with permission from Daniel Pocock
Links 23/02/2025: Zuckerberg Despised, US Government Does Not Obey Judges, France Grapples With Terrorism
Links for the day
Links 23/02/2025: Apple Back Doors, Ukraine Updates, and Gemini Leftovers
Links for the day
Recent Improvements in Techrights
minimalism works fine when the main goal is to relay information
Slopwatch: Brian Fagioli, Brittany Day (linuxsecurity.com), and Microsoft Misinformation, False Marketing
Serial Sloppers
Censored: Debian Zizian transgender vigilante comparisons in open source Linux communities
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, February 22, 2025
IRC logs for Saturday, February 22, 2025