Bonum Certa Men Certa
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Microsoft Back Door in Windows (All Versions) Intentionally Left Open For Over a Year, Existed for 15 Years

Summary: It has become more obvious that Windows back doors are there by design (or knowingly left there by intention) even after Snowden's NSA leaks

THERE ARE SOME corporate media reports about Microsoft patches, but few realise the significance of it. Microsoft tells the NSA about unpatched holes in Windows and other Microsoft software, which is the equivalent of giving the NSA back door access.



As we noted some weeks ago, evidence shows that Microsoft doesn't care about security and it is evidently the same with Apple. They both sat on known flaws that were critical for longer than 3 months, refusing to patch them. Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known).

"Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known)."Dan Goodin, who typically spends his 'journalism' career bashing Free software over security, has finally decided to shift some focus and write about a massive Windows flaw. It's a major one, no doubt; But no name, no "branding"...

In Goodin's own words:

Microsoft just patched a 15-year-old bug that in some cases allows attackers to take complete control of PCs running all supported versions of Windows. The critical vulnerability will remain unpatched in Windows Server 2003, leaving that version wide open for the remaining five months Microsoft pledged to continue supporting it.

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.


The significant part is in the second paragraph above ("took Microsoft more than 12 months to fix"). We can interpret that as saying that the hole, which NSA used for over a year for back door access (because Mirosoft told the NSA about it), is finally being acknowledged to the public. Therein lies the 'magic' of proprietary software. Is the NSA now 'done' cracking all the world's networks that have Windows in them? Is it now 'safe' to finally close this back door?

Microsoft Windows is an utter joke when it comes to security, as Microsoft's own actions serve to show. Back doors surely look like the goal, not an error. Windows was recently used to crack Sony years after the NSA had cracked North Korea's network. Those who knowingly used an operating system with back doors can't blame anyone other than themselves and perhaps Microsoft/NSA. Misplaced blame these days typically names China, Russia, or North Korea.

Remember that Microsoft leaves security holes open/in fact anyway, no matter if versions of Windows are supported or not (upgrades are neither simple nor free). As Goodin's former employer puts it:

What happens six months from now, on 14 July? That's the date Microsoft issues its last security fix ever for Window Server 2003 – the end of extended support from the server operating system's maker.


The article states that many servers will basically be left with permanent back doors. Many of them contain customers' (or patients') data.

As Robert Pogson put it, "Server 2003, which is due to go without support this summer won’t be fixed for a recent Patch Tuesday revelation of a vulnerability built-in by design a decade ago and impossible to fix without breaking everything…"

He concludes correctly: "Maybe it’s time people switched to GNU/Linux, an operating system not designed by salesmen. It’s not perfect but at least the bugs are fixable."

Yes, even bugs with special names, logos, and "branding" -- those that the corporate media loves to hype up.
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Recent Techrights' Posts

Julian Assange: Factual Timeline From an Online Friend
a friend's account
Breaking News: Assange Wins Right to Challenge Extradition to the US
This is great news, but maybe the full legal text will reveal some caveat
Brittany Day, Plagiarist in Chief (Chatbot Slinger)
3 articles in the front page of LXer.com right now are chatbot spew
Guardian Digital, Inc (linuxsecurity.com) Has Resorted to Plagiarism by Chatbots, Flooding the World Wide Web With Fake 'Articles' Wrongly Attributed to Brittany Day
busted
Microsoft-Connected Sites Trying to Shift Attention Away From Microsoft's Megabreach Only Days Before Important If Not Unprecedented Grilling by the US Government?
Why does the mainstream media not entertain the possibility a lot of these talking points are directed out of Redmond?
 
Links 20/05/2024: Protests and Aggression by Beijing
Links for the day
Can an election campaign succeed without social media accounts?
Reprinted with permission from Daniel Pocock
Read "Google Is Not What It Seems" by Julian Assange
In this extract from his new book When Google Met Wikileaks, WikiLeaks' publisher Julian Assange describes the special relationship between Google, Hillary Clinton and the State Department -- and what that means for the future of the internet
Fact check: relation to Julian Assange, founded Wikileaks at University of Melbourne and Arjen Kamphuis
Reprinted with permission from Daniel Pocock
Gambia: Windows Down to 5% Overall, 50% on Desktops/Laptops
Windows was measured at 94% in 2015
Links 20/05/2024: Microsoft Layoffs and Shutdowns, RTO as Silent Layoffs
Links for the day
The Issue With Junk Traffic in Geminispace (Gemini Protocol)
Some people have openly complained that their capsule was getting hammered by bot
Peter Eckersley, Laura Smyth & the rushed closure of dial-up Internet in Australian universities
Reprinted with permission from Daniel Pocock
[Meme] Bullying the Victims
IBM: crybully of the year 2024
Ian.Community Should be Safer From Trademark Censorship
We wish to discuss this matter very quickly
Microsoft and Its Vicious Attack Dogs (Attacking Women or Wives in Particular)
Sad, pathetic, destructive people
Upcoming Series About the Campaign to 'Disappear' the Father of GNU/Linux
Today we have Julian Assange's fate to focus on
A Month From Now Gemini Protocol Turns 5
June 20
Colombia: From Less Than 0.5% to Nearly 4% for GNU/Linux
it's not limited to this one country
Rumour: Well Overdue Red Hat Layoffs to be Announced in About 3 Days
we know they've planned the layoffs for a while
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, May 19, 2024
IRC logs for Sunday, May 19, 2024
Gemini Links 20/05/2024: Updated Noto Fontpacks and gemfeed2atom
Links for the day
GNU/Linux in Georgia: Looking Good
Windows down from 99% to less than 33%
Tomorrow is a Historic Day for Press Freedom in the UK
Take note of the Julian Assange case
Hiding in a Forest Without a Phone and Hiding Behind the First Amendment in the United States (US)
some serial defamer is trying to invert the narrative
Links 19/05/2024: Iran's President Lost in Helicopter Crash, WikiLeaks’ Julian Assange Awaits Decisions in Less Than a Day
Links for the day
Links 19/05/2024: Microsoft Investigated in Europe
Links for the day
4 Old Articles About Microsoft/IBM SystemD
old but still relevant
Firefox Has Fallen to 2% in New Zealand
At around 2%, at least in the US (2% or below this threshold), there's no longer an obligation to test sites for any Gecko-based browser
Winning Streak
Free software prevalence
Links 19/05/2024: Conflicts, The Press, and Spotify Lawsuit
Links for the day
GNU/Linux+ChromeOS at Over 7% in New Zealand
It's also the home of several prominent GNU/Linux advocates
libera.chat (Libera Chat) Turns 3 Today
Freenode in the meantime continues to disintegrate
[Teaser] Freenode NDA Expires in a Few Weeks (What Really Happened 3 Years Ago)
get ready
GNU/Linux is Already Mainstream, But Microsoft is Still Trying to Sabotage That With Illegal Activities and Malicious Campaigns of Lies
To help GNU/Linux grow we'll need to tackle tough issues and recognise Microsoft is a vicious obstacle
Slovenia's Adoption of GNU/Linux in 2024
Whatever the factor/s may be, if these figures are true, then it's something to keep an eye on in the future
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 18, 2024
IRC logs for Saturday, May 18, 2024
Links 19/05/2024: Profectus Beta 1.2
Links for the day
Site Archives (Not WordPress)
We've finally finished the work
[Meme] The EPO Delusion
on New Ways of Working
EPO Representatives Outline Latest Attacks on Staff
Not much has happened recently in terms of industrial action
Links 18/05/2024: Revisiting the Harms of Patent Trolls, Google Tries to Bypass (or Plagiarise) Sites Under the Guise of "AI"
Links for the day
Links 18/05/2024: BASIC Story, Site Feeds, and New in Geminispace
Links for the day
GNU/Linux in Kyrgyzstan: From 0.5% to 5% in Eight Years
the country is almost the size of the UK
Justice for Victims of Online Abuse
The claims asserted or pushed forth by the harasser are categorically denied
[Meme] Senior Software Engineer for Windows
This is becoming like another Novell
Links 18/05/2024: Deterioration of the Net, North Korean IT Workers in the US
Links for the day
Windows in Lebanon: Down to 12%?
latest from statCounter
[Video] 'Late Stage Capitalism': Microsoft as an Elaborate Ponzi Scheme (Faking 'Demand' While Portraying the Fraud as an Act of Generosity and Demanding Bailouts)
Being able to express or explain the facts isn't easy because of the buzzwords
Links 18/05/2024: Caledonia Emergency Powers, "UK Prosecutor's Office Went Too Far in the Assange Case"
Links for the day
Microsoft ("a Dying Megacorporation that Does Not Create") and IBM: An Era of Dying Giants With Leadership Deficits and Corporate Bailouts (Subsidies From Taxpayers)
Microsoft seems to be resorting to lots of bribes and chasing of bailouts (i.e. money from taxpayers worldwide)
US Patent and Trademark Office Sends Out a Warning to People Who Do Not Use Microsoft's Proprietary Formats
They're punishing people who wish to use open formats
Links 18/05/2024: Fury in Microsoft Over Studio Shutdowns, More Gaming Layoffs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 17, 2024
IRC logs for Friday, May 17, 2024
Links 18/05/2024: KOReader, Benben v0.5.0 Progress Update, and More
Links for the day