Bonum Certa Men Certa

Vista 10 (Windows 10) Has NSA Back Doors and Front Doors

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), April 2015



Summary: Vista 10 to bring new ways for spies (and other crackers) to remotely access people's computers and remotely modify the binary files on them (via Windows Update, which for most people cannot be disabled)

MICROSOFT never cared about security. A former Windows manager, Brian Valentine, said explicitly that Microsoft products "just aren't engineered for security." Last year we also showed how back in the 1990s Bill Gates and his staff had already collaborated quite intimately with the NSA, well before Snowden's NSA and GCHQ leaks helped confirm this (with hard evidence and subsequently media reports).

The Apache Software Foundation (ASF), which is unfortunately headed by a guy from Microsoft, is going into bed with the NSA right now, despite the negative publicity that may accompany/come with such a move. Microsoft, much to our surprise, is still working with the NSA on Windows, and it does this also for Vista 10. One new article about Microsoft's purchase of an Israeli (i.e. spy-friendly as we explained says ago) company says that "[a] big reason for this is the company’s collaboration with the National Security Agency (NSA)."

"Yes, Microsoft still keeps the NSA in the picture."Microsoft is still thinking that enough people foolishly believe NSA collaboration is 'for security' rather than for 'national security', i.e. back doors. A Windows-powered site reminded us some days ago that NSA "worked with Microsoft on security aspects of the Windows 7 operating system and later for Windows 8 and 10."

Yes, Microsoft still keeps the NSA in the picture. This actually surprised us because it's a PR disaster. Why does Microsoft still want to be seen working in cahoots/collusion with the NSA? In proprietary software, back doors or "national security", i.e. not real security, are the cause of many costly issues. Software is designed to be penetrable rather than secure. Is there anyone who still honestly thinks that Vista 10 won't have back doors? Microsoft never stopped its relationship with the NSA and it is obviously still working with the NSA, despite knowing the negative publicity this can bring. A Darwin Award goes out to anyone who still thinks that Microsoft is not helping the NSA exploit its software (because "national security" and other such excuses), despite the Snowden-provided documents that show exactly that.

Earlier today the developer of GNU Telephony wrote that at Microsoft "they created the perfect environment for such demands to be met, forced updates is a front door for govt malware and spying" [and indeed, as The Register revealed last week, they had even removed the ability to stop/block these updates in most "editions". Over ten years ago it was reported on the Web that even when you toggle off automatic updates Microsoft still does it.]

Looking back at news only a few days old, HP has reported 4 new vulnerabilities in Internet Explorer, and not for the first time. To quote IDG: "HP's Zero Day Initiative (ZDI) doesn't cut much slack with its 120-day disclosure policy. When ZDI knocks on your door and says you have a security hole, you get 120 days to fix it or risk full public disclosure. That's what happened -- again. With ZDI and Microsoft -- again. Over Internet Explorer -- again."

"The only way to avoid MSIE is to ditch Windows since it is built-in and impossible to remove" iophk said to us. Will Hill wrote: "There are still vendor supplied IE6 specific software that will not work outside of IE. One of my vendors at work told me one of their pieces of software might work with IE8 but no other browser, including the IE 11 that Microsoft had shoved onto most of the computers. This just highlights the fact that vendors who use Microsoft don’t care about their customers and that Microsoft does not care about anyone."

"In proprietary software, back doors or "national security", i.e. not real security, are the cause of many costly issues."Going only 3 days back, there is this news that Hacking Team helps governments take over Microsoft Windows through back/bug doors, exploiting fonts. "Unpatched systems," wrote Paul Hill, "can be affected if the user opens a document of webpage that contains an embedded OpenType font file. As the font drivers in Microsoft systems runs in kernel mode it means that an attacker could gain access to the entire system with the ability to add and remove programs and create new user accounts with admin privileges."

Windows recently suffered from other font-related holes, and not for the first time, either. It's an easy access point for the NSA into Windows (Microsoft tells the NSA before patching such holes). All versions of Windows are vulnerable and they have all been found vulnerable (without fixes) for decades.

What will the world look like after this back doors 'leader' and 'champion', Microsoft, is gone for good? Well, we need to ensure that NSA partners like Red Hat [1, 2, 3, 4, 5] don't compromise GNU/Linux, too. Social engineering, bribes, blackmail, anonymous patches, etc. are the classic tricks of this trade.

Recent Techrights' Posts

Microsoft Inside Debian is Sabotaging Debian and Its Many Hundreds of Derivatives With SystemD (Microsoft/GitHub Slopware With Catastrophic Bugs is Hardly a New Problem)
What is the moral of the story about The Scorpion and the Frog?
[Meme/Photography] Photos From the Tux Machines Parties
took nearly a fortnight
 
[Meme] Debian's 'Cannon Fodder' Economics
Conflicts of interest don't matter
Conviction, jail for Hinduja family, Debian exploitation comparison
Reprinted with permission from Daniel Pocock
According to Microsoft, It's Not a Code of Conduct Violation to Troll Your Victims Whose Files You Are Purging
The group of vandals from Microsoft think it's "funny" (and for a "nominal fee") to troll Microsoft critics
Links 23/06/2024: Hey Hi (AI) Scrapers Gone Very Rogue, Software Patents Squashed at EPO
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 22, 2024
IRC logs for Saturday, June 22, 2024
Gemini Links 23/06/2024: LoRaWAN and Gemini Plugin for KOReade
Links for the day
Links 22/06/2024: Chat Control Vote Postponed, More Economic Perils
Links for the day
Uzbekistan: GNU/Linux Ascent
Uzbekistan is almost the same size as France
SLAPP as an Own Goal
We have better things to with our limited time
Independence From Monopolies
"They were ethnically GAFAM anyway..."
GNU/Linux at New Highs (Again) in Taiwan
latest numbers
Links 22/06/2024: More Layoffs and Health Scares
Links for the day
Rwanda: Windows Falls Below 30%
For the first time since 2020 Windows is measured below 30%
[Meme] IBM Lost the Case Over "Dinobabies" (and People Died)
IBM agreed to pay to keep the details (and embarrassing evidence) secret; people never forgot what IBM called its staff that wasn't young, this keeps coming up in forums
Exactly One Year Ago RHEL Became Proprietary Operating System
Oh, you want the source code of RHEL? You need to pay me money and promise not to share with anyone
Dr. John Campbell on Gates Foundation
Published two days ago
Melinda Gates Did Not Trust Bill Gates, So Why Should You?
She left him because of his ties to child sex trafficker Jeffrey Epstein
How Much IBM Really Cares About Software Freedom (Exactly One Year Ago IBM Turned RHEL Into Proprietary Software)
RHEL became proprietary software
Fedora Week of Diversity 2024 Was Powered by Proprietary Software
If instead of opening up to women and minorities we might open up to proprietary software, i.e. become less open
18 Countries in Europe Where Windows Fell Below 30% "Market Share"
Many people still use laptops with Windows, but they're outnumbered by mobile users on Android
[Meme] EPO Pensions in the UK
pensioners: looks like another EPO 'reform'
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 21, 2024
IRC logs for Friday, June 21, 2024
During Fedora Week of Diversity (FWD) 2024 IBM and Its Subsidiaries Dragged to Court Over Discrimination at the Corporate Level
IBM is a deplorable, racist company
Workers of the European Patent Office Take the Office to Court Over Pension
pensions still precarious
Gemini Links 22/06/2024: FreeBSD vs XFCE and Gemini Bookmarks Syncing Solution
Links for the day
Links 21/06/2024: Matrimony Perils and US-Sponsored COVID-19 Misinformation
Links for the day
"A coming cybersecurity schism" by Dr. Andy Farnell
new from Dr. Andy Farnell
Links 21/06/2024: Overpopulation, Censorship, and Conflicts
Links for the day
IBM and Subsidiaries Sued for Ageism (Not Just for Racism)
This is already being discussed
UEFI is Against Computer Security, Its True Goal is to Curtail Adoption of GNU/Linux and BSDs on Existing or New PCs
the world is moving away from Windows
[Meme] Chat Control (EU) is All About Social Control
It won't even protect children
The Persistent Nature of Freedom Isn't About Easy Routes
Resistance to oppression takes effort and sometimes money
EFF Not Only Lobbies for TikTok (CPC) But for All Social Control Media, Irrespective of Known Harms as Explained by the US Government
The EFF's own "free speech" people reject free speech
Microsoft's Search (Bing) Fell From 3.3% to 1% in Turkey Just Since the LLM Hype Began
Bing fell sharply in many other countries
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 20, 2024
IRC logs for Thursday, June 20, 2024
The Real FSF Lost Well Over a Million Dollars Since the Defamation Attacks on Its Founder
2020-2023 income: -$659,756, -$349,927, -$227,857, and -$686,366, respectively
The Fake FSF ('FSF Europe') Connected to Novell Via SUSE, Not Just Via Microsoft (Repeated 'Donations')
'FSF Europe' is an imposter organisation
Just Less Than 3 Hours After Article on Debian Suicide Cluster Debian's Donald Norwood Recycles a Fortnight-Old 'Hit Piece'
The fall of Debian is its attack on its very own volunteers