Bonum Certa Men Certa
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Microsoft Back Door in Windows (All Versions) Intentionally Left Open For Over a Year, Existed for 15 Years

Summary: It has become more obvious that Windows back doors are there by design (or knowingly left there by intention) even after Snowden's NSA leaks

THERE ARE SOME corporate media reports about Microsoft patches, but few realise the significance of it. Microsoft tells the NSA about unpatched holes in Windows and other Microsoft software, which is the equivalent of giving the NSA back door access.



As we noted some weeks ago, evidence shows that Microsoft doesn't care about security and it is evidently the same with Apple. They both sat on known flaws that were critical for longer than 3 months, refusing to patch them. Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known).

"Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known)."Dan Goodin, who typically spends his 'journalism' career bashing Free software over security, has finally decided to shift some focus and write about a massive Windows flaw. It's a major one, no doubt; But no name, no "branding"...

In Goodin's own words:

Microsoft just patched a 15-year-old bug that in some cases allows attackers to take complete control of PCs running all supported versions of Windows. The critical vulnerability will remain unpatched in Windows Server 2003, leaving that version wide open for the remaining five months Microsoft pledged to continue supporting it.

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.


The significant part is in the second paragraph above ("took Microsoft more than 12 months to fix"). We can interpret that as saying that the hole, which NSA used for over a year for back door access (because Mirosoft told the NSA about it), is finally being acknowledged to the public. Therein lies the 'magic' of proprietary software. Is the NSA now 'done' cracking all the world's networks that have Windows in them? Is it now 'safe' to finally close this back door?

Microsoft Windows is an utter joke when it comes to security, as Microsoft's own actions serve to show. Back doors surely look like the goal, not an error. Windows was recently used to crack Sony years after the NSA had cracked North Korea's network. Those who knowingly used an operating system with back doors can't blame anyone other than themselves and perhaps Microsoft/NSA. Misplaced blame these days typically names China, Russia, or North Korea.

Remember that Microsoft leaves security holes open/in fact anyway, no matter if versions of Windows are supported or not (upgrades are neither simple nor free). As Goodin's former employer puts it:

What happens six months from now, on 14 July? That's the date Microsoft issues its last security fix ever for Window Server 2003 – the end of extended support from the server operating system's maker.


The article states that many servers will basically be left with permanent back doors. Many of them contain customers' (or patients') data.

As Robert Pogson put it, "Server 2003, which is due to go without support this summer won’t be fixed for a recent Patch Tuesday revelation of a vulnerability built-in by design a decade ago and impossible to fix without breaking everything…"

He concludes correctly: "Maybe it’s time people switched to GNU/Linux, an operating system not designed by salesmen. It’s not perfect but at least the bugs are fixable."

Yes, even bugs with special names, logos, and "branding" -- those that the corporate media loves to hype up.
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Recent Techrights' Posts

Microsoft Layoffs and Closures Now Reported in Africa
Microsoft Uninstalls Nigeria as it closes African Development Centre (ADC) in Lagos
Microsoft OSI Uses Its Money to Hire PR Agencies That Spy and Spread Mindless Openwashing of GPL-Violating Microsoft Ploy
`We're under attack. But the attackers smile at us and hire PR firms to spy, mislead etc.
In Nigeria, Africa's (by Far) Largest Population, Microsoft Bing is the 0%
To Microsoft, Africa is just "someplace" to get intensive, hard-working human 'resources' (tech labour) at 2 dollars 'apiece' as in per person per hour
 
Links 10/05/2024: Burner Phones in 6-Eyes Government, “Hatred and Demonization” on the Rise
Links for the day
[Video] Richard Stallman, "I Saw You Playing Your Recorder in Paris" (Due to Proprietary Software Only)
Corporate autocrats do not want counterparts or alternatives to even exist
Five Years After the Extensive Campaign of Defamation Against Richard Stallman He's Still Giving Public Talks
"Richard Stallman will give a talk, in French, Free Software and Freedom in a Digital Society at Centrale Supelec in Saclay, on May 15."
Microsoft Is Rebranding Its 'Chatbot' Search for the Third Time Because It Fails to Gain Adoption
it always means that something has failed - not that they'll openly admit it
Richard Stallman Gives a Talk in Paris Next Week (in French) and It's About Freedom
another talk, which he has only just announced
Pace Up, Distractions Down
We've made our curation process faster and more efficient
In Algeria, GNU/Linux Estimated to Have Grown Tenfold in a Decade
a sharp rise in GNU/Linux usage
[Meme] Red Hat Diversity
Red Hat: don't mention Haghighi
Our Sister Site Turns 20 in Exactly One Month
twentieth anniversary of the site
Corporate Media Focuses on Who's Suing Red Hat, Not What It's Sued For
The unfortunate thing is, anybody who has an opinion on this lawsuit will inevitably be framed as "pro-Trump" or "anti-Trump"
Links 10/05/2024: Many More Microsoft Layoffs on the Way
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 09, 2024
IRC logs for Thursday, May 09, 2024
Gemini Links 10/05/2024: geminispace.info to Shut Down in 3 Weeks
Links for the day
Links 09/05/2024: Journalists in Detention, China Banning Songs or Anthems
Links for the day
Support for harassment and abuse victims
Reprinted with permission from Daniel Pocock
Gemini Links 09/05/2024: Being Sick Enough and End of “World of Ends“
Links for the day
Links 09/05/2024: 'Hey Hi' (AI) Bubble Implodes Some More, Microsoft Layoffs So Widespread It's Hard to Keep Track
Links for the day
Speaking of Enshittification and Freedom, We've Still Not Begun Tackling the UEFI 'Secure' Boot Mess (Preventing GNU/Linux From Even Booting!)
Microsoft continues to fly under the radar and commit competition crimes with impunity
Microsoft Has Just Confirmed Mass Layoffs in Nigeria, It Now Adds Insult to Injury With Price Hikes for Locals
It's not like Microsoft paid them good salaries
Software Enshittification or Freedom? It's not a hard choice!
Reprinted from Alexandre Oliva
Links 09/05/2024: More Microsoft Layoffs on the Way
Links for the day
Amid Microsoft Layoffs in Nigeria GNU/Linux Climbs Above 6% Market Share (Not Including ChromeOS)
Hundreds are being laid off by Microsoft in Nigeria, based on yesterday's reports
[Meme] Blame the Robots or the 'Hey Hi' (AI), It Always Works in Today's Media
Companies do not have financial troubles! They have "efficiencies"...
News Reports Say Many More Microsoft Layoffs on the Way, Rumours Say Red Hat Also Imminently a Target
Microsoft is slipping out of control
Links 09/05/2024: Diplomacy Efforts With China, AstraZeneca Stops Experimenting With COVID-19 Vaccines
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 08, 2024
IRC logs for Wednesday, May 08, 2024
Gemini Links 09/05/2024: Registered Computer Professionals and TLS (The Long Slog)
Links for the day
Links 08/05/2024: Android Malware and "AI" Hype
Links for the day
[Meme] Technical Committee With People Who Are Not Technical
the computing/computer industry being occupied by people who lack suitable background
The Demise of Computer Science Education
Education is essential for the future; without it, whole nations will perish
[Video] Prisons for the Minds and for Tech Workers
Today's video talks about what happens to workforces (across disciplines) in recent years
[Meme] Struggling to Leave Its Nazi Past Behind
digital arson
Microsoft Declines to Talk About How Many People It Has Just Laid Off
Hours ago in IGN: "Microsoft did not say how many staff will lose their jobs, but significant layoffs are inevitable. IGN has asked Bethesda for comment. Microsoft declined to expand further when contacted by IGN."
Microsoft Windows in South America: From 99% to 87%
the latest from statCounter
It's Rather Obvious Why They Try to Silence Richard Stallman, Eben Moglen, and Daniel Pocock
Some of them already sent physically menacing messages to Daniel Pocock
IRC Network of Techrights Turns 3 (or 16 if We Count the Freenode Days)
In a few months IRC turns 36
Sedating Oneself (and Shareholders) With Fuzzy Buzzwords and Pointless Acquisitions
IBM trying to buy time
Clickfraud Spamnil Ran Out of Clickfraud Budget, Apparently
sooner or later charlatans and frauds run out of steam
Techrights Gets Under the Skin of Bad, Corrupt, Immoral People (That's a Good Thing)
Journalism is the lifeblood of democracy and free societies
Companies Do Not Shut Down Offices and Lay Off Staff en Masse (Morale and Reputation Issue) Unless They're in Deep Financial Trouble
Microsoft has been faking its financial performance for years
IRC Proceedings: Tuesday, May 07, 2024
IRC logs for Tuesday, May 07, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Video] Leaving Microsoft Behind for the Sake of National Security
Threats to "National Security" aren't some users with an Android phone but Microsoft at the root of things
GNU/Linux and ChromeOS Now at 6% in France, According to statCounter
numbers from statCounter