Bonum Certa Men Certa

Red Hat Should Keep Its Distance From NSA Facilitator Microsoft

Dragonfly



Summary: Criticism of Red Hat's increasing proximity to some of the very same bits of proprietary software which are accompanied by back doors (for the NSA)

THE DANGERS of Microsoft are very real, as a former foe of Microsoft, Novell, helped prove. Five years ago Red Hat consented to playing an active part in Microsoft VM hosts, despite knowing (even back then) about Microsoft's relationship with the NSA, which meant that VMs running RHEL would be accessible (to the NSA) from the back door, Microsoft Windows.



There are many back doors in Windows and therefore in Hyper-V, which sits on top of Windows (back doors further down the stack). Microsoft tells the NSA about these back doors. To give the latest example of back doors, see this new report [2] which says: "Nearly 30 days after reports of a zero-day flaw being exploited in the wild, Microsoft will finally patch this critical vulnerability."

Relying on Microsoft for technology means that one should also expect and accept back doors. A reader showed us this new article, claiming that "Mono [is] infecting Android," but it's not just Android. Even Red Hat is now making such mistakes, in addition to hiring from Microsoft for management of virtualisation. Based on [2,3], Red Hat now accommodates Microsoft .NET applications, despite them being proprietary and potential back doors. A week or so ago some speculated that Microsoft might buy Red Hat (one day) [4,5] and yesterday we found the article "Why Microsoft Will Pick Off Red Hat" (logic of investors, not technical people).

Microsoft is now knowingly abandoning hundreds of millions of Windows users, leaving them with permanent back doors [6,7], so why should Red Hat trust Microsoft .NET applications or anything that comes from Microsoft, including Hyper-V? Articles like [8-10] remind us that in GNU/Linux the main flaw is human error (not changing default passwords or not applying patches, which Red Hat is making easier to apply without any downtime [11]).

The bottom line is, Red Hat's relationship with the NSA withstanding, it oughtn't connect too much to Microsoft components like .NET and Hyper-V because these constitute back doors that jeopardise security of GNU/Linux users.

Related/contextual items from the news:
  1. Microsoft to Fix an Internet Explorer Zero-Day Flaw


  2. Red Hat Adds Microsoft .NET to Its OpenShift PaaS
  3. A Red Hat stunner: 'Miccosoft .NET apps on OpenShift' Yes, you read correctly
    On Wednesday, Working with Uhuru Software, Red Hat is now incorporate a rival Microsoft product - .NET - to its three-year-old OpenShift platform-as-a-service. Really? Red Hat even published a blog to explain what's going on to those who might find the concept a bit unbelievable.

    Chris Morgan, the OpenShift Partner Ecosystem Technical Director for Red Hat, wrote the blog - and even he acknowledged the incredulity of it all that something from Microsoft, which for years has been an enemy of Red Hat, Linux and Open Source, would be incorporated into OpenShift.


  4. An Indecent Proposal: Microsoft and Red Hat?


  5. Reviews, Indecent Proposal, and Ubuntu Graduation
    Today brings two new reviews. Jesse Smith reviews Linux Mint Debian Edition 201403 in today's Distrowatch Weekly and Jamie Watson posts his latest hands-on. Steven J. Vaughan-Nichols says folks don't care about operating systems anymore. Matt Hartley has a few suggestions for those ready to graduate from Ubuntu. All this and more in tonight's Linux news review.

    Jesse Smith tested the latest LMDE in this week's Distrowatch Weekly. He found a few bugs but Smith says it "lives up to its description" of having "rough edges." With all its "nasty surprises" Smith suggests folks just stick with the Ubuntu-based version of Mint. But see his full review for all the details.


  6. Perspective: Microsoft risks security reputation ruin by retiring XP
    A decade ago, Microsoft kicked off SDL, or Security Development Lifecycle, a now-widely-adopted process designed to bake security into software, and began building what has become an unmatched reputation in how a vendor writes more secure code, keeps customers informed about security issues, and backs that up with regular patches.
  7. Positive Feedback: M$ Uses XP To Publish The Insecurity Of Using That Other OS


  8. Flaws In People And Their Software
  9. Red Hat Risk Reflex (The Linux Security Flaw That Isn't)
    News headlines screaming that yet another Microsoft Windows vulnerability has been discovered, is in the wild or has just been patched are two a penny. Such has it ever been. News headlines declaring that a 'major security problem' has been found with Linux are a different kettle of fish. So when reports of an attack that could circumvent verification of X.509 security certificates, and by so doing bypass both secure sockets layer (SSL) and Transport Layer Security (TLS) website protection, people sat up and took notice. Warnings have appeared that recount how the vulnerability can impact upon Debian, Red Hat and Ubuntu distributions. Red Hat itself issued an advisory warning that "GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification... An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid." In all, at least 200 operating systems actually use GnuTLS when it comes to implementing SSL and TLS and the knock-on effect could mean that web applications and email alike are vulnerable to attack. And it's all Linux's fault. Or is it?


  10. Linux Bugs, Bugs Everywhere
    "We are seeing a lot of crypto bugs surfacing lately because these libraries are suddenly getting a lot of review thanks to Snowden's revelations," suggested blogger Chris Traver. "I think one has to separate the crypto bugs from others because they are occurring in a different context. "From what I have read about gnutls, though, it seems to me that this is probably the tip of the iceberg."
  11. Introducing kpatch: Dynamic Kernel Patching
    In upstream development news, the kernel team here at Red Hat has been working on a dynamic kernel patching project called kpatch for several months. At long last, the project has reached a point where we feel it’s ready for a wider audience and are very excited to announce that we’ve released the kpatch code under GPLv2.


Recent Techrights' Posts

WordPress Becoming What We Feared It Would Become
WordPress and other such bloatware (WordPress used to be fast and light) are moving in the same trajectory that GAFAM leads
Call for European Patent Office (EPO) Whistleblowers
The European Patent Organisation (EPO) might not reform the Office
400-Page US Federal Court Against Abuses by Google, Microsoft and Front Groups That Abuse Volunteers for American Corporations
There are 386 pages in total (in the US claim)
Projection Tactics - Part IV: SLAPP by Americans Against Techrights (UK) to Hide Serious Abuses Against American Women
"PRs need to stop being complicit in suppression of information via SLAPPs"
Five Years Ago, After We Broke the Story About Richard Stallman Rejoining the FSF's Board, All Hell Broke Loose (for Me and My Family)
They generally seem to target anyone who thinks Richard Stallman (RMS) should be in charge or thinks alike about computing
Projection Tactics - Part II: Causing "Serious Harm" to Many People (Even Animals)
Narcissists and sociopaths are like that
Sirius Open Source's Latest Report: Fake (False) Number of Staff, Almost No Money in the Bank, Overdraft, and Growing Debt (About £100,000 More Borrowed)
massive (and still growing) debt
 
Stop Conflating Free Software With Slop Plagiarism and Time-wasting
Even decades ago people could use "compute" for lots of fuzzing, then file away false or unaudited reports using bots
What Security Means
Security does not mean asking Microsoft for permission
Microsoft May be Losing 10,000+ Workers This Month
Here's the quick math
BSN Senior School Leidschenveen is Shutting Down and What That Means to the European Patent Office (EPO)
Follow-up meeting with Site Manager VP1 on school matters
Gemini Links 01/07/2026: Keeping (Relatively) Cool plus Adventures in Solar, Camp Snap Cameras and XTEINK X4 Ereader Reviews
Links for the day
European Patent Office (EPO) Series: Different Strokes For Different Folks
Organisation operating in two parallel universes
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 30, 2026
IRC logs for Tuesday, June 30, 2026
GNU/Linux Measured at 4.4% by statCounter, Even More by analytics.usa.gov
GNU/Linux has fared well
Getting Skyped: Closure of Studios Microsoft Bought
wait till July and the mass layoffs outside XBox
Several Waves of Red Hat Layoffs This Year, Is This Still Going on Under IBM?
The PIPs and NDAs hard to get a clear picture
Sabine Hossenfelder Versus IBM Scamming Shareholders
IBM has become a garage of BS
Some XBox Layoffs Underway, At Least Five Studios to be Shut Down
Insiders are in a state of panic
Gemini Links 30/06/2026: Music Theory, Addiction, Clown Computing
Links for the day
Links 30/06/2026: France Recorded 1,000 Excess Deaths During Heat Wave, Slop Replaced by Human Staff
Links for the day
People Given the Totally Wrong Idea That "Secure Boot" is About Security (It's the Opposite, It's About Handing Control Over to NSA/Microsoft)
"Secure Boot" with capital "B" is conflating compromise with security.
Today The Register MS is Publishing Fake Articles About "AI", 100% of All "Content"
Maybe the media is dying because it is selling its soul [...] The Register MS has no standard
America Has Cost Europe Too Much
Countries ought to be controlling all their own systems
GAFAM Debt Will Surge, in July We'll Know by How Much
Do not fall for slop or sloppy narratives
Too Many "Marketers on the Payroll" at IBM, Selling Impossible Products That Cannot be Delivered or Will Never Deliver
IBM is rotting away
Media Says Microsoft's (XBox) Layoffs May be Record-Breaking
think somewhere in the range of ~5000 for gaming/XBox alone
Links 30/06/2026: What's Wrong With EU Age Verification, RSA Keys with Many Zeros
Links for the day
This is Not a Security, This is a Circus
Security does not mean "asked Microsoft for permission"
Communities Need Strong Leadership, Not Dictators Like IBM
Leadership in Free software is not ownership [...] Fedora will only last as long as IBM can somehow make some money out of it or leverage it to attract sharecropping
Patents Are Not "Cash Cows"
People who deliberately don't understand patents (or believe lies about them) will fail to understand how the world works (or does not work)
Sad Lives of People Who Think Women Are Just Sexual Toys (All They Have is Money)
money is still a man-made concept and life is finite
SLAPP Censorship - Part 123 Out of 200: Why Violence Against Animals Matters
Starting tomorrow (Wednesday) we'll begin telling stories about what happened last week
EPO Staff Union's (SUEPO) The Hague Committee, With Help of Lawyer, Challenges Lack of Rewards for Hard Work
The EPO is not about granting valid patents anymore. The horse-trading corrupt officials just see the EPO as some thing that "prints money"
Massive EPO Demonstration Today
It'll start in about 6 hours
More Layoffs in Microsoft's PR Department, Even Ahead of 'D-Day'
Notice they are not even waiting for the official date (nor week)
European Patent Office (EPO) Series: Photo-Ops Galore and Suspicions of Influence-Peddling
coverage of the EPO's Croatian junket
Gemini Links 30/06/2026: Music and Broken Hearts
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 29, 2026
IRC logs for Monday, June 29, 2026
Gemini Links 29/06/2026: Using More of GPLv3+ and Merits of Security by TOFU
Links for the day
Links 29/06/2026: Lemote Yeeloong Laptop With OpenBSD, Slop Ruins Code/Development
Links for the day
Antisocial People With No Computer Science Background Are Ruining the Technology Space (Like Officials With No Experience in Patents Destroyed the EPO)
This is a real issue; it needs to be widely recognised and tackled
DDoS Attacks Are a Crime and They Only Increase Interest (Intrigue) in Their Target
Information cannot be DDoSed out of reach/existence, except temporarily
Pushing to the Top
Publishing is about exposing corruption
Whistleblowing and Retaliation by Microsoft Workers Against Microsoft Seems Increasingly Likely
some will go to the press, looking to expose some shenanigans
How Long Can a Company Delay Its Financial Report That Likely Confirms Exodus of Staff, Growing Debt, and Other Problems?
Brett Wilson LLP was meant to release its annual report some time early this month
SLAPP Censorship - Part 122 Out of 200: Garrett's Solicitors Confirm That Garrett is Ban-Evading and Spying on Our IRC Network
his solicitors basically acknowledge this
European Patent Office (EPO) Series: Networking With the National Delegates
António Campinos with a prime opportunity to network with the Administrative Council delegates and lobby for his reappointment
PIPs and "Retirements": IBM Layoffs in Anything But Name
That former Red Hat (now IBM) staff threatens to put my wife and I in prison is worse than cruel
Contact Members of the EPO Administrative Council, Tell Them the EPO (Office) Became a Disgrace and an Enemy of Europe's Citizens
If you live in Europe (not just the EU, even Turkey is included), please contact your delegates
The World Needs GNU/Linux for Security, Turn Off "Secure Boot" (It's the Opposite of Security)
They call it "Secure Boot", but what does it mean to say "Secure" when you actively opt for back doors controlled by Microsoft, the FBI, and many more parties?
In Signal of Weakness or Phasing Out XBox (Not Sustainable, According to the CEO) Microsoft "Pauses New Third-Party Game Pass Deals"
Moments ago
Two Pieces About "AI" This Morning Were Paid-For SPAM at The Register MS
The Register MS is the "Tech News" publisher you can pay to promote your company and even key-word-stuff pages for SEO purposes
Week of Microsoft Layoffs, Maybe Record-Breaking Scale
They will mislead about the scale
Links 28/06/2026: More Om Malik Eulogies, Cloudflare Promotes Web Browser Monocultures
Links for the day
IBM's Alderon as "Silent Layoffs", Not Just Bailout From Taxpayers
Seeing through the noise
'Modern' Web: "Stop! You Are Browsing Too Fast!"
Can the Web ever recover from this?
Pensions Tied to Ponzi Schemes Are Themselves Ponzi Schemes
Pensions are becoming more like that as well
Laptop Bricked After Microsoft Certificates Expiry
Is "Jim" dead?
Monoculture in Europe as National (or Continental) Security Threat
We need more browser diversity
Canada 5-0: GNU/Linux Rises to 5.0%, Windows Rapidly Falls to New Lows
Will we be seeing 6-0 (6%) by year's end and will Microsoft be shown two red cards?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 28, 2026
IRC logs for Sunday, June 28, 2026
Gemini Links 29/06/2026: Sansieviera, HiFi, and Self-Signed Certificates
Links for the day