Bonum Certa Men Certa

Vista 10 (Windows 10) Has NSA Back Doors and Front Doors

Michael S. Rogers "I don’t want a back door. I want a front door." -- Director of the National Security Agency (NSA), April 2015



Summary: Vista 10 to bring new ways for spies (and other crackers) to remotely access people's computers and remotely modify the binary files on them (via Windows Update, which for most people cannot be disabled)

MICROSOFT never cared about security. A former Windows manager, Brian Valentine, said explicitly that Microsoft products "just aren't engineered for security." Last year we also showed how back in the 1990s Bill Gates and his staff had already collaborated quite intimately with the NSA, well before Snowden's NSA and GCHQ leaks helped confirm this (with hard evidence and subsequently media reports).

The Apache Software Foundation (ASF), which is unfortunately headed by a guy from Microsoft, is going into bed with the NSA right now, despite the negative publicity that may accompany/come with such a move. Microsoft, much to our surprise, is still working with the NSA on Windows, and it does this also for Vista 10. One new article about Microsoft's purchase of an Israeli (i.e. spy-friendly as we explained says ago) company says that "[a] big reason for this is the company’s collaboration with the National Security Agency (NSA)."

"Yes, Microsoft still keeps the NSA in the picture."Microsoft is still thinking that enough people foolishly believe NSA collaboration is 'for security' rather than for 'national security', i.e. back doors. A Windows-powered site reminded us some days ago that NSA "worked with Microsoft on security aspects of the Windows 7 operating system and later for Windows 8 and 10."

Yes, Microsoft still keeps the NSA in the picture. This actually surprised us because it's a PR disaster. Why does Microsoft still want to be seen working in cahoots/collusion with the NSA? In proprietary software, back doors or "national security", i.e. not real security, are the cause of many costly issues. Software is designed to be penetrable rather than secure. Is there anyone who still honestly thinks that Vista 10 won't have back doors? Microsoft never stopped its relationship with the NSA and it is obviously still working with the NSA, despite knowing the negative publicity this can bring. A Darwin Award goes out to anyone who still thinks that Microsoft is not helping the NSA exploit its software (because "national security" and other such excuses), despite the Snowden-provided documents that show exactly that.

Earlier today the developer of GNU Telephony wrote that at Microsoft "they created the perfect environment for such demands to be met, forced updates is a front door for govt malware and spying" [and indeed, as The Register revealed last week, they had even removed the ability to stop/block these updates in most "editions". Over ten years ago it was reported on the Web that even when you toggle off automatic updates Microsoft still does it.]

Looking back at news only a few days old, HP has reported 4 new vulnerabilities in Internet Explorer, and not for the first time. To quote IDG: "HP's Zero Day Initiative (ZDI) doesn't cut much slack with its 120-day disclosure policy. When ZDI knocks on your door and says you have a security hole, you get 120 days to fix it or risk full public disclosure. That's what happened -- again. With ZDI and Microsoft -- again. Over Internet Explorer -- again."

"The only way to avoid MSIE is to ditch Windows since it is built-in and impossible to remove" iophk said to us. Will Hill wrote: "There are still vendor supplied IE6 specific software that will not work outside of IE. One of my vendors at work told me one of their pieces of software might work with IE8 but no other browser, including the IE 11 that Microsoft had shoved onto most of the computers. This just highlights the fact that vendors who use Microsoft don’t care about their customers and that Microsoft does not care about anyone."

"In proprietary software, back doors or "national security", i.e. not real security, are the cause of many costly issues."Going only 3 days back, there is this news that Hacking Team helps governments take over Microsoft Windows through back/bug doors, exploiting fonts. "Unpatched systems," wrote Paul Hill, "can be affected if the user opens a document of webpage that contains an embedded OpenType font file. As the font drivers in Microsoft systems runs in kernel mode it means that an attacker could gain access to the entire system with the ability to add and remove programs and create new user accounts with admin privileges."

Windows recently suffered from other font-related holes, and not for the first time, either. It's an easy access point for the NSA into Windows (Microsoft tells the NSA before patching such holes). All versions of Windows are vulnerable and they have all been found vulnerable (without fixes) for decades.

What will the world look like after this back doors 'leader' and 'champion', Microsoft, is gone for good? Well, we need to ensure that NSA partners like Red Hat [1, 2, 3, 4, 5] don't compromise GNU/Linux, too. Social engineering, bribes, blackmail, anonymous patches, etc. are the classic tricks of this trade.

Recent Techrights' Posts

Stefano Maffulli's (and Microsoft's) Openwashing Slant Initiative (OSI) Report Was Finalised a Few Months Ago, Revealing Only 3% of the Money Comes From Members/People
Microsoft's role remains prominent (for OSI to help the attack on the GPL and constantly engage in promotion of proprietary GitHub)
[Video] Online Brigade Demands That the Person Who Started GNU/Linux is Denied Public Speaking (and Why FSF Cannot Mention His Speeches)
So basically the attack on RMS did not stop; even when he's ill with cancer the cancel culture will try to cancel him, preventing him from talking (or be heard) about what he started in 1983
On Wednesday IBM Announces 'Results' (Partial; Bad Parts Offloaded Later) and Red Hat Has Layoffs Anniversary
There's still expectation that Red Hat will make more staff cuts
 
Ean Schuessler, Branden Robinson & Debian SPI accounting crisis
Reprinted with permission from disguised.work
William Lee Irwin III, Michael Schultheiss & Debian, Oracle, Russian kernel scandal
Reprinted with permission from disguised.work
Microsoft's Windows Down to 8% in Afghanistan According to statCounter Data
in Vietnam Windows is at 8%, in Iraq 4.9%, Syria 3.7%, and Yemen 2.2%
[Meme] Only Criminals Would Want to Use Printers?
The EPO's war on paper
EPO: We and Microsoft Will Spy on Everything (No Physical Copies)
The letter is dated last Thursday
Links 22/04/2024: Windows Getting Worse, Oligarch-Owned Media Attacking Assange Again
Links for the day
Links 21/04/2024: LINUX Unplugged and 'Screen Time' as the New Tobacco
Links for the day
Gemini Links 22/04/2024: Health Issues and Online Documentation
Links for the day
What Fake News or Botspew From Microsoft Looks Like... (Also: Techrights to Invest 500 Billion in Datacentres by 2050!)
Sededin Dedovic (if that's a real name) does Microsoft stenography
[Meme] Master Engineer, But Only They Can Say It
One can conclude that "inclusive language" is a community-hostile trolling campaign
[Meme] It Takes Three to Grant a Monopoly, Or... Injunction Against Staff Representatives
Quality control
[Video] EPO's "Heart of Staff Rep" Has a Heartless New Rant
The wordplay is just for fun
An Unfortunate Miscalculation Of Capital
Reprinted with permission from Andy Farnell
Online Brigade Demands That the Person Who Made Nix Leaves Nix for Not Censoring People 'Enough'
Trying to 'nix' the founder over alleged "safety" of so-called 'minorities'
[Video] Inauthentic Sites and Our Upcoming Publications
In the future, at least in the short term, we'll continue to highlight Debian issues
List of Debian Suicides & Accidents
Reprinted with permission from disguised.work
Jens Schmalzing & Debian: rooftop fall, inaccurately described as accident
Reprinted with permission from disguised.work
[Teaser] EPO Leaks About EPO Leaks
Yo dawg!
IBM: We Are No Longer Pro-Nazi (Not Anymore)
Historically, IBM has had a nazi problem
Bad faith: attacking a volunteer at a time of grief, disrespect for the sanctity of human life
Reprinted with permission from Daniel Pocock
Bad faith: how many Debian Developers really committed suicide?
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, April 21, 2024
IRC logs for Sunday, April 21, 2024
A History of Frivolous Filings and Heavy Drug Use
So the militant was psychotic due to copious amounts of marijuana
Bad faith: suicide, stigma and tarnishing
Reprinted with permission from Daniel Pocock
UDRP Legitimate interests: EU whistleblower directive, workplace health & safety concerns
Reprinted with permission from Daniel Pocock
Links 21/04/2024: Earth Day Coming, Day of Rest, Excess Deaths Hidden by Manipulation
Links for the day
Bad faith: no communication before opening WIPO UDRP case
Reprinted with permission from Daniel Pocock
Bad faith: real origins of harassment and evidence
Reprinted with permission from Daniel Pocock
Links 21/04/2024: Censorship Abundant, More Decisions to Quit Social Control Media
Links for the day
Bad faith: Debian Community domain used for harassment after WIPO seizure
Reprinted with permission from Daniel Pocock
If Red Hat/IBM Was a Restaurant...
Two hours ago in thelayoff.com
Why We Republish Articles From Debian Disguised.Work (Formerly Debian.Community)
articles at disguised.work aren't easy to find
Google: We Run and Fund Diversity Programs, Please Ignore How Our Own Staff Behaves
censorship is done by the recipients of the grants
Paul Tagliamonte & Debian Outreachy OPW dating
Reprinted with permission from disguised.work
Disguised.Work unmasked, Debian-private fresh leaks
Reprinted with permission from disguised.work
[Meme] Fake European Patents Helped Fund the War on Ukraine
The European Patent Office (EPO) does not serve the interests of Europe
European Patent Office (EPO) Has Serious Safety Issues, This New Report Highlights Some of Them
9-page document that was released to staff a couple of days ago
IRC Proceedings: Saturday, April 20, 2024
IRC logs for Saturday, April 20, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Microsoft-Run FUD Machine Wants Nobody to Pay Attention to Microsoft Getting Cracked All the Time
Fear, Uncertainty, Doubt (FUD) is the business model of "modern" media
Torvalds Fed Up With "AI" Passing Fad, Calls It "Autocorrect on Steroids."
and Microsoft pretends that it is speaking for Linux
Gemini Links 21/04/2024: Minecraft Ruined
Links for the day