Impact of Microsoft Negligence/Incompetence (Links)

Dr. Roy Schestowitz

2009-11-18 03:24:01 UTC
Modified: 2009-11-18 03:24:01 UTC

Summary: How Microsoft's lack of desire to secure (maybe inability) affects the Internet -- as newly-assembled links

● Does Microsoft care about their customers’ security? (on this latest negligence/liability issue, see [1, 2])

A few days before the launching of Microsoft’s last operating system, FSFE wondered about users’ security since an important vulnerability has been silently ignored. I then asked myself the question, in what way Free Software is different regarding security?

It appears that our allegations were true and should have been taken seriously. As an article in Computerworld reports, Microsoft finally issued a security advisory about that high-risk vulnerability three days ago. The problem is still not fixed though.

What’s important there is that this vulnerability already triggered a warning (en) by the BSI agency more than a month ago! Despite the consequences, Microsoft meanwhile decided not to tell its customers in order to avoid bad publicity around the launching of Windows7.

● Most security products fail to perform

Nearly 80 percent of security products fail to perform as intended when first tested and generally require two or more cycles of testing before achieving certification, according to a new ICSA Labs report. The “ICSA Labs Product Assurance Report” - co-authored by the Verizon Business Data Breach Investigations Report research team - details lessons gleaned from testing thousands of security products over 20 years.

The report found the number one reason why a product fails during initial testing is that it doesn’t adequately perform as intended. Across seven product categories core product functionality accounted for 78 percent of initial test failures. For example, an anti-virus product failing to prevent infection and for firewalls or an IPS product not filtering malicious traffic.

● Age of cyber warfare is 'dawning'

Compiled by security firm McAfee, it bases its conclusion on analysis of recent net-based attacks.

● Spam net snared a quarter million bots, says conqueror

Over five days, 487,340 unique IP addresses reported to the ad-hoc server. Using findings derived from last year's take-down of the separate Srizbi botnet, FireEye estimates that the figure translates to 248,590 unique machines.

● Gang sentenced for UK bank trojan

London's Southwark Crown Court on Friday imposed sentences of as much as 4 and a half years on the men. According to IDG News, they used a trojan known as PSP2-BBB to stealthily monitor victims' browsers. It inserted special fields into banking pages that asked for sensitive information and then sent it to the criminals when the user complied.

Frans Pop suicide and Ubuntu grievances: Reprinted with permission from disguised.work
Workers' Right to Disconnect Won't Matter If Such a Right Isn't Properly Enforced: I was always "on-call" and my main role or function was being "on-call" in case of incidents
A Discussion About Suicides in Science and Technology (Including Debian and the European Patent Office): In Debian, there is a long history of deaths, suicides, and mysterious disappearances
Federal News Network is Corrupt, It Runs Propaganda Pieces for Microsoft: Federal News Network used to be OK some years ago
Hard Evidence Reinforces Suspicion That Mark Shuttleworth May Have Worked Volunteers to Death: Today we start re-publishing articles that contain unaltered E-mails
[Meme] Sometimes Torvalds and RMS Agree on Things: hype around chatbots
[Video] Linus Torvalds on 'Hilarious' AI Hype: "I Hate the Hype" and "I Don't Want to be Part of the Hype", "You Need to Be a Bit Cynical About This Whole Hype Cycle": Linus Torvalds on LLMs
Colin Watson, Steve McIntyre & Debian, Ubuntu cover-up mission after Frans Pop suicide: Reprinted with permission from disguised.work
Links 30/04/2024: Wireless Carriers Selling Customer Location Data, Facebook Posts Causing Trouble: Links for the day
Links 30/04/2024: More Google Layoffs (Wide-Ranging): Links for the day
Fresh Rumours of Impending Mass Layoffs at IBM Red Hat: "IBM filed a W.A.R.N with the state of North Carolina. That only means one thing."
Mark Shuttleworth's (MS's) Canonical is Promoting Microsoft This Week (Surveillance Slanted as 'Confidential'): Who runs Canonical these days? Why does Canonical help sell Windows?
What Mark Shuttleworth and Canonical Can to Remedy the Damage Done to Frans Pop's Family: Mr. Shuttleworth and Canonical as a company can at the very least apologise for putting undue pressure
Amnesty International & Debian Day suicides comparison: Reprinted with permission from disguised.work
[Meme] A Way to Get No Real Work Done: Walter White looking at phone: Your changes could not be saved to device
Modern Measures of 'Productivity' Boil Down to Time Wasting and Misguided Measurements/Yardsticks: People are forgetting the value of nature and other human beings
Countries That Beat the United States at RSF's World Press Freedom Index (After US Plunged Some More): The United States (US) was 17 when these rankings started in 2002
Record Productivity and Preserving People's Past on the Net: We're very productive these days, partly owing to online news slowing down (less time spent on curating Daily Links)
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, April 29, 2024: IRC logs for Monday, April 29, 2024
Links 30/04/2024: Malaysian and Russian Governments Crack Down on Journalists: Links for the day
Frans Pop Debian Day suicide, Ubuntu, Google and the DEP-5 machine-readable copyright file: Reprinted with permission from disguised.work
Axel Beckert (ETH Zurich), the mentality of sexual violence on campus: Reprinted with permission from Daniel Pocock
[Meme] Russian Reversal: Mark Shuttleworth: In Soviet Russia's spacecraft... Man exploits peasants
Frans Pop & Debian suicide denial: Reprinted with permission from disguised.work
The Real Threats to Society Include Software Patents and the Corporations That Promote Them: The OIN issue isn't a new one and many recognise this by now
Links 30/04/2024: OpenBSD and Enterprise Cloaking Device: Links for the day
Microsoft Still Owes Over 100 Billion Dollars and It Cannot be Paid Back Using 'Goodwill': Meanwhile, Microsoft's cash at hand (in the bank) nearly halved in the past year.
[Teaser] Ubuntu Cover-up After Death: Attack the messenger
The Cyber Show Explains What CCTV is About: CCTV does not typically resolve crime
[Video] Ignore Buzzwords and Pay Attention to Attacks on Software Developers: AI in the Machine Learning sense is nothing new
Outline of Themes to Cover in the Coming Weeks: We're accelerating coverage and increasing focus on suppressed topics
[Video] Not Everyone Claiming to Protect the Vulnerable is Being Honest: "Diversity" bursaries aren't always what they seem to be
[Video] Enshittification of the Media, of the Web, and of Computing in General: It manifests itself in altered conditions and expectations
[Meme] Write Code 100% of the Time: IBM: Produce code for us till we buy the community... And never use "bad words" like "master" and "slave" (pioneered by IBM itself in the computing context)
[Video] How Much Will It Take for Most People to Realise "Open Source" Became Just Openwashing (Proprietary Giants Exploiting Cost-Free or Unpaid 'Human Resources')?: turning "Open Source" into proprietary software
Freedom of Speech... Let's Ban All Software Freedom Speeches?: There's a moral panic over people trying to actually control their computing
Richard Stallman's Talk in Spain Canceled (at Short Notice): So it seems to have been canceled very fast
Links 29/04/2024: "AI" Hype Deflated, Economies Slow Down Further: Links for the day
Gemini Links 29/04/2024: Gopher Experiment and Profectus Alpha 0.9: Links for the day
[Video] Why Microsoft is by Far the Biggest Foe of Computer Security (Clue: It Profits From Security Failings): Microsoft is infiltrating policy-making bodies, ensuring real security is never pursued
Debian 'Cabal' (via SPI) Tried to Silence or 'Cancel' Daniel Pocock at DNS Level. It Didn't Work. It Backfired as the Material Received Even More Visibility.: know the truth about modern slavery
Lucas Nussbaum & Debian attempted exploit of OVH Hosting insider: Reprinted with permission from disguised.work
Software in the Public Interest (SPI) is Not a Friend of Freedom: We'll shortly reproduce two older articles from disguised.work
Harassment Against My Wife Continues: Drug addict versus family of Techrights authors
Syria, John Lennon & Debian WIPO panel appointed: Reprinted with permission from disguised.work
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, April 28, 2024: IRC logs for Sunday, April 28, 2024
[Video] GNU and Linux Everywhere (Except by Name): In a sense, Linux already has over 50% of the world's "OS" market
[Video] Canonical Isn't (No Longer) Serious About Making GNU/Linux Succeed in Desktops/Laptops: Some of the notorious (or "controversial") policies of Canonical have been covered here for years
[Video] What We've Learned About Debian From Emeritus Debian Developer Daniel Pocock: pressure had been put on us (by Debian people and their employer/s) and as a result we did not republish Debian material for a number of years
Bruce Perens & Debian public domain trademark promise: Reprinted with permission from disguised.work
Links 28/04/2024: Shareholders Worry "AI" Hype Brings No Income, Money Down the Drain: Links for the day
Lawyer won't lie for Molly de Blanc & Chris Lamb (mollamby): Reprinted with permission from disguised.work
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, April 27, 2024: IRC logs for Saturday, April 27, 2024

Impact of Microsoft Negligence/Incompetence (Links)

Recent Techrights' Posts