EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS
Boycott Novell

09.04.08

Novell and Microsoft Insecurity a Joint venture

Posted in Microsoft, Windows, GNU/Linux, Novell, Security at 1:56 pm by Roy Schestowitz

How secure is Novell’s software? The answer is that it depends on Microsoft, whose insecure-by-design frameworks Novell is embracing. Moreover, as another reminder of an old issue, former Novell staff is now securing Windows and striving to make Windows more secure than GNU/Linux.

So go ahead, make my day: ignore the popularity of AppArmor in the user community, keep blocking AppArmor from inclusion in Linus’ kernel. If all I have to do is make Windows security easier and more effective to deploy than SELinux, then my job is practically done for me J

Novell’s Achilles heel in security is probably its embrace of Microsoft’s ActiveX (not to mention .NET and and XAML) if reports like this one are something to go by.

Security-wise, time is no cure. Microsoft’s Windows Vista remains the same overburdened and insecure operating system that it has been from the very start. The hypnosis and the lies continue though, judging by some of the very latest.

Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is “very unlikely.”

According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

It’s part of a pattern of patch/flaw hiding.

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channel.

Pages that cross-reference this one

Listed from October 23rd 2007 onwards, pingbacks and trackbacks (external) are omitted

Leave a Comment

What Else is New

  1. Patents Roundup: Microsoft|Myhrvold Trolls Fill Up Their Patent Basket

    An extensive summary of news about patents, particularly those affecting Free software

  2. Mono and Moonlight: GNU/Linux Polluters from Microsoft/Novell

    Another structured analysis in light of news and suspicious developments

  3. rPath Looks Beyond Ballnux and Novell/Microsoft

    rPath goes beyond SUSE and joins forces also with Ubuntu and CentOS

  4. Microsoft and Novell Celebrate Marriage in Public, But Customers Still Choose Red Hat

    Novell and Microsoft gang up against Red Hat, but are unable to woo many customers despite claims

  5. Microsoft Helps Novell Fight GNU/Linux with Ballnux

    Microsoft and Novell's pressure on Red Hat based on some of the latest articles

  6. 'Open' University Poisoned by (Former) Microsoft Employee, Mr. Bean

    The questionably-Open University gets its dose of Microsoft closeness

  7. Microsoft's Partner Group Attacks ODF

    A typical mouthpiece of Microsoft Corporation goes batting against its big (and open/free) rival

  8. Open Letter to the Portuguese Ministry of Education

    Discrimination against Free sofwtare in Portugal's government is noted

  9. Microsoft Tries to Dodge Vista Collusions Lawsuit as Ballmer Deposition Nears

    More material is released for public viewing and Microsoft embarrassment ensues

  10. Silver Lie and Silver Liars

    Microsoft's (and Novell's) campaign to market Silverlight (and Moonlight) tells lies

  11. The Microsoft-Influenced US Regulators Wrong on Yahoo!

    An accumulation of reports and a new video

  12. IRC: #boycottnovell @ FreeNode: November 20th, 2008 - Part 2

    IRC Log for November 20th, 2008 - Part 2

  13. IRC: #boycottnovell @ FreeNode: November 20th, 2008 - Part 1

    IRC Log for November 20th, 2008 - Part 1

  14. Why Novell Was Wrong to Attend Kochi Conference

    A clear explanation of Novell as a misfit in the recent F/OSS conference (India)

  15. Links 21/11/2008: Via Sees the Light; New KOffice 2.0 Beta

    Links for the day

  16. Microsoft 2.0: A Company of Debt

    Microsoft is finally selling debt as buybacks get a little excessive

  17. Microsoft Uses Novell to Say Open Source Software Supports OOXML

    In yesterday's conference in Europe, Novell was once again used as a selling point for Microsoft and lock-in

  18. Reader's Post: The Windows Software Development Minefield, and Mono

    An analysis of Mono -- from Novell and Microsoft to Fedora

  19. Marcel Gagné on Microsoft/Novell (Video)

    New episode that mentions our Web site

  20. Links 20/11/2008: IBM to Buy Transitive, China Helps GNU/Linux Development

    Links for the day

  21. IRC: #boycottnovell @ FreeNode: November 19th, 2008 - Part 2

    IRC Log for November 19th, 2008- Part 2

  22. IRC: #boycottnovell @ FreeNode: November 19th, 2008 - Part 1

    IRC Log for November 19th, 2008- Part 1

  23. How Bill Gates Sabotaged PCs to Make Business

    The story about OneCare being lumped in (to Windows) brings past memories of Gates' sabotage

  24. Sys-Con is Copyrighting Slightly Modified Press Releases

    Sys-Con turns press releases (about Novell staff in this case) into tweaked press releases with Sys-Con copyrights

  25. Novell's Moonlight Finds Fans: Microsoft Bloggers

    One of Moonlight's (and Mono's) biggest fan base is Microsoft

  26. The Analysts Know Everything

    Here is undeniable proof that analysts should not be listened to

  27. Patents Roundup: Microsoft Sues, Patents Critic Become Nobel Laureate, and More

    An extensive summary of news about software patents

  28. Waggener-Edstrom Behind the 2008 Laptop Bribes, Edelman Behind 2006's

    Waggener-Edstrom was this year's Microsoft 'proxy' for handling the Vista 7 [sic] laptops giveaway

  29. AstroTurfers Pretend to be GNU/Linux Users?

    Site trolls who pretend to be GNU/Linux users but actually use Windows

  30. Analyst Lies and Novell Business Growth

    Analysts refuted for bogus studies that align with their funders' desires

An invade, divide, and conquer Grand Plan

Novell CEO Ron HovsepianHighlight: Novell was the first to acknowledge that Microsoft FUD tactics had substance. Novell then used anti-Linux FUD to market itself. Learn more

Xandros founderHighlight: Xandros let Microsoft make patent claims and brag about (paid-for) OOXML support. Learn more

Linspire CEO Kevin CarmonyHighlight: Linspire's CEO not only fell into Microsoft arms, but he also assisted the company's attack on GNU/Linux. Learn more

Hand with moneyHighlight: Microsoft craves pseudo (proprietary) standards and gets its way using proxies and influence which it buys. Learn more

Eric RaymondHighlight: The invasion into the open source world is intended to leave Linux companies neglected, due to financial incentives from Microsoft. Learn more

XenSource CEOAnalysis: Xen, an open source hypervisor, possibly fell victim to Microsoft's aggressive (and stealthy) acquisition-by-proxy strategy. Learn more

More analysis >>

Recent Posts