Bonum Certa Men Certa

Recent FUD About GNU/Linux Security May be Related to Windows XP EOL Propaganda and Adware

Microsoft propaganda agents occupy the press and pressure people to stay with Windows

Tony Bradley



Summary: Analysis of some of the recent claims that GNU/Linux and Android are not secure, the source of such claims (sometimes Microsoft), and what the timing of these claims may or may not tell us about agenda

WE WOULD like to put forth the possibility that the latest 'security'-themed negative coverage about GNU/Linux is not a natural outcome of standard/routine research or even amplified naturally because GNU/Linux having flaws is the "man bites dog" equivalent [1]. Microsoft has familiar tactics, partly revealed by leaked documents, of manufacturing negative coverage about competitors like GNU and Linux. We gave many examples in the past (see this page for example). It can take years for relevant documents to be leaked.



It is not at all unthinkable that Microsoft still pays think tanks and partners to flood news site with negative publicity relating to GNU/Linux security. One reader wrote to us the following: "I saw on Diaspora that you were planning to write a story about how Microsoft coordinates PR across what should be an independent press. You might be interested in some old work that I did to highlight a minor revolt against "embargos" by Techchrunch and Wired" (we covered those years ago).

The 'security'-themed negative coverage goes beyond GnuTLS [1, 2] and the latest from Symantec and others (claiming UNIX/Linux botnets while ignoring the cause and the elephant in the room, which journalists don't like to name). There were dozens of articles about it, simply relaying the claims without digging any deeper. Earlier this week we saw some headline about Microsoft finding and reporting Android security holes ("paper published by researchers from Indiana University and Microsoft" [1, 2]). Yes, Microsoft sure is "embracing" Android... trying to paint GNU/Linux "equally bad" (another familiar old strategy). Ars Technica, at times the Fox 'news' of tech (depending on the writers), is trying to peddle some other smears against GNU/Linux security. A lot of the latest can be attributed to shoddy 'reporting' by Dan Goodin, who started a lot of the other recent panic and continues his long smear attack on GNU/Linux security (this time he blames out-of-date servers that can and should be freely upgraded). This FUD was so bad that entire articles were written to rebut it (after it had spread to other places [2]). See the comments/updates in Cisco's Web site; it is very revealing. There is also a long discussion about this in Disapora. It seems like some journalists made it their mission to make GNU/Linux look insecure by whatever means necessary (even misrepresentation). As Susan Linton put it: "A lot of Websites are still covering the last couple of Linux security breaches and today Steven J. Vaughan-Nichols said, "It's not Linux's fault!"" (and he's right).

Will Hill wrote that the mistakes are starting to get unraveled: "Looks like his source, Cisco, was shredded for saying what they did. Check out all the strike outs and retractions.

"...The observation of affected hosts running Linux kernel 2.6 is anecdotal and in no way reflects a universal condition among all of the compromised websites. Accordingly, we have adjusted the title for clarity. We have not identified the initial exploit vector for the stage zero URIs. It was not our intention to conflate our anecdotal observations with the technical facts provided in the listed URIs or other demonstrable data, and the below strike through annotations reflect that. We also want to thank the community for the timely feedback."

Will Hill connects this to the following bit, saying "it was also used as XP EoL hype."

To quote the FUD: "In April 2014, Windows XP will become unsupported. Organisations urgently need to review their use of unsupported systems in operation. Such systems need to be upgraded where possible, or regularly monitored to detect compromise. Organisations should consider their exposure to risks from the use of unsupported systems..."

So they hardly even hide some of their motive, perhaps thinking it would be too subtle. ZDNet and other Microsoft-friendly sites also found the above an opportunity convenient enough to FUD both Bitcoin and GNU/Linux at the same time [3,4].

What we basically have here is an explosion of semi-truths, spin, and fabrications -- all trying to make a perception of GNU/Linux not being more secure than Windows. Timing matters here. We previously saw 'former' Microsoft people smearing Android security from academic standing (no disclosures given) and here too we see Microsoft appearing in a paper against Android security, seemingly coming from a university. This isn't uncommon and it's one of these cases where showing the Microsoft connection is simple, as in the case of other academics whom Microsoft is paying to be spreading law-themed FUD against Android (also without disclosures).

Windows XP support is ending and many look forward to/towards a GNU/Linux migration, at the very least for security. That is true for the Indian government [5] and some British companies I happen to know about but cannot name (being discreet is important when dealing with a bully like Microsoft). GNU/Linux distributions are typically replacing Windows XP [6,7,8]; Apple is rarely even an option. Indian Banks may switch to Linux [9] and many other banks may soon move to Linux because of security of course [10-14]. There are several separate reports about potential mass migration of ATMs from Windows (XP) to GNU/Linux and Microsoft is of course paying attention to this (maybe it's reading people's E-mails, too). What is the alternative, the truly horrible Vista 8? Microsoft partners like Tony Bradley (shown above; he is strongly tied to Microsoft professionally and has a long history of attacking and smearing GNU/Linux in IDG) desperately try to whitewash Vista 8. "Microsoft apologist gets column space," wrote iophk, perhaps not knowing that this "apologist" is actually tied to Microsoft (Forbes lets him run Microsoft's propaganda campaign right now, without disclosures). One can truly see how miserable Microsoft has become.

Now is a good time for many to move from Windows XP to GNU/Linux, even in businesses. This new article says that "the largest percentage (41 percent) found “simply that Windows applications are not compatible.”"

Wine might do better at compatibility than newer versions of Windows, including Vista 8. As iophk put it: "Maybe this will lead the removal of Microsoft from SMB environments and the movement to open standards." Swapnil Bhartiya explained a few days ago that a migration to GNU/Linux is no longer what it used to be. "Don’t get scared," he argues, "Linux is not what you might have heard about it way back in 2005. Today Linux is dominating the world – Android is powered by Linux, Chromebooks are powered by Linux, your Chromecast runs on Linux. And these are consumer-grade devices extremely easy to use."

According to another new report, "Windows XP users are mistaking Microsoft's nag screens for adware" (Windows XP users are faced with Microsoft ads now).

"Just upgrade to a GNU/Linux distro and be done with it," concludes iophk.

GNU/Linux is the secure option, no matter how much Microsoft spin is trying to convince people otherwise.

Related/contextual items from the news:


  1. Why the media loves to exaggerate Linux security problems
    There have been a lot of media reports about Linux security problems recently. ZDNet has taken a stand and pointed out that the problem isn't with Linux, the problem is with certain Linux users and administrators. I'd also argue that the problem is also with certain media outlets who jump on the "linux security stinks!" bandwagon at the earliest opportunity.


  2. Attack hits Web servers with outdated Linux kernels


  3. Linux Malware Evolves to Mine Cryptocurrencies


  4. Linux worm Darlloz targets Intel architecture to mine digital currency


  5. Is it Linux over Windows?
    Microsoft India has decided to discontinue support for its legacy Windows XP platform. This doesn’t affect too many people — since most users of Microsoft’s products have already moved onto the newer Windows systems —Vista, 7 and now 8. It does, however, hit one of the largest employers of the nation — the Indian government.

    When the support for XP goes out of order next month, the Indian government might start taking on Linux in a big way — if a recommendation issued by the Tamil Nadu government is any indicator.


  6. Windows XP User? Here’s 4 Reasons to Switch to Lubuntu This April
    Support for Windows XP officially ends on April 8, 2014. After this date Microsoft will no longer issues security updates, patch exploits or provide any other means of official, direct support to its users


  7. Meet Xubuntu, For Life Beyond Microsoft Corporation (MSFT) Windows XP OS !
    Xubuntu is a distribution of Ubuntu, which uses the same architecture and software repositories as the mainstream Ubuntu. The only difference is that in the regular Ubuntu distribution, it uses a GUI called Unity, which is much more Mac OSX like, whereas Ubuntu uses XFCE which resembles a prettier version of XP. Alternatively, you could also check out Linux Mint, which pretty much feels exactly like Vista, but I stick to Xubuntu due to better Cannonical support – the People behind Ubuntu). Xubuntu is incredibly stingy on resources, and can run smoothly on a Pentium 4 or higher with a measly 512MB of RAM. Recommended specs being any Dual Core Intel/AMD CPU with 1GB of RAM.


  8. Lubuntu might be the best Linux distro for Windows XP users
    In today's open source roundup: Lubuntu could be the best replacement for Windows XP. Plus: A review of Portal 2 for Linux, and an interview with the creator of educational distro Ubermix


  9. Indian Banks may switch to Linux, rather than taking extended Windows XP Support
    As we have reported you earlier that Microsoft is pulling out their Windows XP support after April 8 2014. Since a vast majority of bank ATMs around the world currently runs on Windows XP, but if they’ll continue sticking to it after the deadline, then they’ll be exposed to all kinds of security threats, as Microsoft will no longer provide the security patches thereafter.


  10. Financial Firms Looking To Linux, Windows 7 As XP Support Dries Up
  11. ATM operators eye Linux as alternative to Windows XP
    Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles.


  12. ATM operators decide on Linux over Windows


  13. 95% of bank ATMs face end of security support
    It might sound odd that ATMs are running on aging software better suited to a home PC. In fact, security experts have chastised the financial industry for putting ATMs on a PC operating system in the first place. They argue ATMs should be using software that is scaled down and less buggy, such as Linux.
  14. Huge Swath Of XP Machines May Go To */Linux


Recent Techrights' Posts

"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
Over at Tux Machines...
GNU/Linux news for the past day
 
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024
Gemini Links 11/10/2024: Against Cynicism, on Atheism, and Dropping Off The Internet
Links for the day
IBM Employees Smell Another Wave of Mass Layoffs (and Explain the Signs)
IBM currently has the policy of hiding the layoffs from shareholders and from the press using NDAs
Links 11/10/2024: Lots More Censorship and Growing Concerns About Health Impact of Social Control Media
Links for the day
Going Almost 4.5 Decades Back to Find 'Dirt' on a Person
That incident was 42.5 years ago. Is that how far some people would go in an effort to discredit a person?
XBox is Dead. This is Just the Beginning.
the main reason Microsoft bought Activision/Blizzard was to hide the growing losses and failure of XBox
The Risk to the "Linux" Brand
Brands that are not guarded from misuse/abuse will inevitably lose their original meaning and their value
Gemini Links 11/10/2024: Deploying Common Lisp Programs and Examining FreeBSD
Links for the day
Links 11/10/2024: Discord Still Blocked in Turkey, Google Might be Split
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 10, 2024
IRC logs for Thursday, October 10, 2024