Bonum Certa Men Certa

Despite Media Propaganda About Security, Microsoft Windows Remains the Least Secure Operating System, by Design

"It is no exaggeration to say that the national security is€ also implicated by the efforts of hackers to break into€ computing networks. Computers, including many running Windows€ operating systems, are used throughout the United States€ Department of Defense and by the armed forces of the United€ States in Afghanistan and elsewhere."

--Jim Allchin, Microsoft



Summary: Amid highly misleading security-centric reports that rely on Microsoft's bogus number of vulnerabilities (Microsoft already admitted hiding many of them) Techrights presents recent news about Windows 'security'

WINDOWS is not a secure operating system. It's not intended to be, either (Microsoft's actions show that security is not the goal). One cannot ever patch NSA back doors safely. When these are patched, it's already too late and newer back doors remain in tact or are being added. Trusting Microsoft to secure Windows is misunderstanding the goal of Windows ('privileged' access) and as Stuxnet serves to remind us, the real owners of Windows are spy agencies, not people who use Windows (renting it from Microsoft in exchange for payments). See this new report titled "Stuxnet Redux: Microsoft patches Windows vuln left open for FIVE YEARS". It says that "[w]hile most of the attention this Patch Tuesday has been focused on the FREAK encryption vulnerability, Microsoft's latest batch of fixes also addresses another longstanding threat to Windows: Stuxnet." So they hadn't fixed it for so long and finally decided to do something about it? Knowing that espionage agencies were exploiting holes and taking control of PCs that have Windows installed? Wake up and smell the coffee. These actions speak volumes.



Adding insult to injury, last week we learned that "Microsoft RE-BORK[ED] Windows 7 patch after reboot loop horror". To quote the report itself: "Reports are emerging that a twice-issued Microsoft Windows 7 patch is still causing pain for users, with some claiming the fix is triggering continuous reboots.

"The patch was first issued as KB2949927 and withdrawn in October due to system faults, before being re-released this week as KB3033929."

So our conclusion is that even when Microsoft offers so-called 'patches' or 'security' there are negative consequences which are too risky to accept. For more information see this article titled "Problems reported with Microsoft patch KB 3002657, warning issued on KB 3046049". A lot of people are still using Windows XP, which receives no patches at all. Some genius, eh?

Some Web sites are now claiming that the NSA and fellow espionage operations have been largely responsible for the SSL hole someone dubbed "FREAK". Of course, despite media spin and a clear Microsoft role (perhaps inside knowledge becoming public), the flaw affects Windows as well (all versions) and Microsoft failed to properly address the problem when it was already known (advertised as public knowledge). "The response of Microsoft and cloud companies to the Freak vulnerability has been far too slow say commentators," according to one British news site/magazine which focused on security. CBS covered this only after it had been wrongly spun as a Linux and Apple issue. "Microsoft was late with the announcement so that the press could focus on Android and iOS and make it look like their problem," said iophk. Microsoft took many weeks to do anything, which gave enough time for passwords to be intercepted and for entire networks to be compromised. So again we are being reminded that Microsoft just doesn't take security seriously. While some reports try to frame Windows as most secure because Microsoft hides many flaws and games the numbers to make the competition look bad, anyone with experience in this area ought to see that Microsoft's encryption was always bogus, and very much by design! Here is another brand-new example of Microsoft 'security' in action: "Microsoft is scrambling to block a fraudulent HTTPS certificate that was issued for one of the company's Windows Live Web addresses lest it be used by attackers to mount convincing man-in-the-middle attacks."

Soon enough, based on some observers, Microsoft Windows-running "PC will become slower as it will serve the updates to another client."

It is a peer-to-peer approach that externalises cost and liability. Is Microsoft really trusting this to work better given the above reports about man-in-the-middle attacks and fraudulent HTTPS certificates? Platforms with back doors cannot ever be relied on for serving security to other systems. It's a collective compromise. Botmasters will love it!

Our last piece of relevant news deals with Pwn2Own. The headline says that "security [is] still a myth on Windows PCs" [via] and that it took just one day to crack Windows. To quote: "Day one of the 2015 Pwn2Own hacking contest in Vancouver, Canada, saw big wins for contestants and headaches for software makers: competing teams successfully exploited fresh vulnerabilities in Adobe Flash and Reader, Microsoft's Windows and Internet Explorer, and Mozilla's Firefox, to hijack PCs."

Was it Firefox on Windows as so often is the case? Not even Tor is secure on Windows.

Recent Techrights' Posts

The Post Offices Have Turned Into Trash. They Swallow Packages and Only Spit Them Out If You Get Lucky.
Nom nom nom
Four Years of Videos (Self-Hosted, Not Social Control Multimedia)
Seeing how the "hey hi" (AI) hype spreads to GulagTube and ruins GulagTube, we're glad we need not worry about Google (Gulag) policing our "content" via supposedly 'free' (not really) platforms, such as GulagTube, the social control (multi)media "market leader"
We Already Know What Makes Techrights So Attractive to Online Abuse and Cybercrimes
Techrights helps explain how to dismantle the 'cancel culture' against Free software (it also names the key perpetrators)
Microsoft Controlling Apache by Proxy/ies
This is a broader attack on what "Open Source" actually means
In Case Undersea Cables Are Cut...
The issue has been somewhat of a taboo - mostly overlooked or entirely ignored at times of peace
 
today's howtos
some older leftovers
The Microsoft OSI: All the Latest Blog Posts Are Written by Microsoft Operative Salaried by Microsoft
OSI is truly occupied. Microsoft more or less 'bought' the OSI...
Links 01/12/2024: Russian Police Raiding Gay Bars, Zelensky Wants NATO Membership
Links for the day
Gemini Links 01/12/2024: Recycling and Interest in Computers
Links for the day
Links 01/12/2024: 23andMe's DNA Bubble Imploded, Web Server Survey Shows Microsoft Nosediving
Links for the day
Vulture funds war-gaming Ireland loss of corporation tax revenue, Donald Trump
Reprinted with permission from Daniel Pocock
Gerry Hutch & Debian: suicide by Monk?
Reprinted with permission from Daniel Pocock
Gerry 'The Monk' Hutch: criminals vs geeks, multinationals vs Ireland
Reprinted with permission from Daniel Pocock
"Microsoft suffered the next largest loss, down by 634,406 sites (-3.24%)"
Microsoft is now in only 2 of the 5 tables; over time Microsoft slips out of visibility in more categories
[Meme] Hiding From Bullies Not the Solution
‘The only thing necessary for the triumph [of evil] is for good men to do nothing.’
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 30, 2024
IRC logs for Saturday, November 30, 2024
If You Support Free - is in Freedom/Libre - Software, Then Support the Free Software Foundation (FSF)
2024 was the most productive year so far
CNN's Front Page is About 250 Times Heavier Than Techrights' (Also Far Slower)
Those who value performance and users' experience will give bloat the boot
[Meme] What 'Social Justice Warrior' Has Come to Mean by 2024
People who have long called themselves "SJW" aren't exactly any of those things
Two Years Later Sirius Open Source is Basically Dead (With a Zombie Web Site)
1 day from now it's exactly 2 years since Rianne and I resigned
[Meme] The Internet is More Fragile Than They Are Willing to Admit
If your site ready for a war on pipes and cables?
IBM is More Than 60 Billion Dollars in Debt (Which It Cannot Pay Back)
IBM debt is growing
IBM and Microsoft Fake Headcount in Exactly the Same Way (While Mass Layoffs Persist and Real Revenue Falls, Not Just Compared to Inflation Rates)
They convert profits into fake 'growth' instead of cashing in (so debt continues to soar), in effect gaming the system based on misleading metrics
Daniel Pocock Moved Up Two Spots in the Political Battles
He has made a statement about it
Links 30/11/2024: Cable Cuts Under Investigation, America’s Cemeteries Are Rewilding, Panda Protection Money Misused
Links for the day
Understanding Irish general election 2024 results Dublin Bay South
Reprinted with permission from Daniel Pocock
Links 30/11/2024: Social Control Media Under Growing Scrutiny, Patent Propaganda Sites Still Promote a Fake Court (UPC)
Links for the day
Gemini Links 30/11/2024: SIGINT Foo and Hooking Up an Old Serial Terminal to a NetBSD Machine Over USB
Links for the day
Apache Software Foundation, Already Infiltrated by Microsoft for Well Over a Decade, Still Controlled by Proprietary Giants With Openwashing Agents
No wonder things get outsourced to Microsoft's proprietary prison (GitHub)
Tux Machines Turning Twenty a Half
Contact us if you want to join us and live not far from Manchester
Stable at Over 4% and 400+ Days' Uptime
Hopefully some time this weekend we'll find enough time to upload party photos (this site turning 18)
With a Month Left to Raise Money the Free Software Foundation (FSF) Has Already Raised 56,000 Dollars
December starts tomorrow
The Irish Have Voted, We'll Soon Know How Many Voted for a Debian Developer and Free Software Specialist
Dublin Bay South results
[Meme] The Word Security Has Been Redefined
"See what the media tells us?"
Proving Yet Again That Techrights Was Right About UEFI 'Secure Boot' All Along (Since 2012)
'Secure Boot' or 'secure' boot is about anything but security
[Meme] Growing Up and Becoming Sceptical
Social control media is a toxic weapon against what's true
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 29, 2024
IRC logs for Friday, November 29, 2024
Reporting Information and Facts at Times of War (and Information Wars), Dissent of Merit and Scepticism//Critical Skills Impermissible
The world is full of white-collar crime, so the more people report, the better
Links 30/11/2024: More Strongarming and Threats to Taiwan, Ananda Krishnan is Dead
Links for the day
Links 29/11/2024: Hike at Potato Creek and Best SSG
Links for the day
Energy shock: €17,000 circuit court claim, threat of judgment for fraudulent charges
Reprinted with permission from Daniel Pocock
Brigid Purcell (PBP): generation Z, unteachable children, how will they govern in ten years?
Reprinted with permission from Daniel Pocock
Links 29/11/2024: Smithfield Market in London Shutting Down, BRICS (China) Accused of Validating Undersea Cables Based on New Evidence
Links for the day
Fentanylware (TikTok) Just Doing Exactly What It Was Supposed to Do
A senior official at Romania's telecoms watchdog called for Fentanylware (TikTok) to be suspended
Links 29/11/2024: China Tensions and Big Bounties for Invalidation of Software Patents
Links for the day
Daniel Pocock Explains Why People Should Vote for Him Today (General Election 2024)
Polling day in Ireland
[Meme] Microsoft and Bill Gates Controlling Media Coverage
Cautionary tale
More Microsoft Corruption and Cover-ups
The key point here is that Microsoft is a corrupt company that bribes officials and breaks every law in the books, then lies about it, covers things up, even bribes publishers to participate in the cover-up
Microsoft Fired Hundreds of Workers Days Before Thanksgiving
Maybe it's time for Microsoft shareholders to reassess the true wealth and well-being of Microsoft as a company
Typical Microsoft Bully (Paid by Microsoft)
Some Microsoft staff doesn't know boundaries
Threats, Attacks on Women, and Other Tactics of Microsofters Will Always Backfire
California: An Epicentre of Psychosis Influenced by Silicon Valley?
Rejecting Fake Holidays
In the US, today is the day after Thanksgiving and nothing els
8GB Swiss Archive offered to Irish voters by Dáil candidate
Mr Pocock doesn't take orders from cyberbullies
Ireland Goes to Polls, Here's Daniel Pocock's Leaflet (Running as Independent in Dublin Bay South)
He seems to be the only geek running for Office
Daniel Pocock: Why you should follow my RSS or Atom feed, Irish elections, everybody wins
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 28, 2024
IRC logs for Thursday, November 28, 2024