Bonum Certa Men Certa
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Microsoft Back Door in Windows (All Versions) Intentionally Left Open For Over a Year, Existed for 15 Years

Summary: It has become more obvious that Windows back doors are there by design (or knowingly left there by intention) even after Snowden's NSA leaks

THERE ARE SOME corporate media reports about Microsoft patches, but few realise the significance of it. Microsoft tells the NSA about unpatched holes in Windows and other Microsoft software, which is the equivalent of giving the NSA back door access.



As we noted some weeks ago, evidence shows that Microsoft doesn't care about security and it is evidently the same with Apple. They both sat on known flaws that were critical for longer than 3 months, refusing to patch them. Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known).

"Both proprietary software companies, which together command the lion's share of laptop and desktop operating systems, simply refused to close back doors and only decided to do something at the very belated end because the public finally knew about them (Google let is be known)."Dan Goodin, who typically spends his 'journalism' career bashing Free software over security, has finally decided to shift some focus and write about a massive Windows flaw. It's a major one, no doubt; But no name, no "branding"...

In Goodin's own words:

Microsoft just patched a 15-year-old bug that in some cases allows attackers to take complete control of PCs running all supported versions of Windows. The critical vulnerability will remain unpatched in Windows Server 2003, leaving that version wide open for the remaining five months Microsoft pledged to continue supporting it.

The flaw, which took Microsoft more than 12 months to fix, affects all users who connect to business, corporate, or government networks using the Active Directory service. The database is built into Windows and acts as a combination traffic cop and security guard, granting specific privileges to authorized users and mapping where on a local network various resources are available. The bug—which Microsoft classifies as MS15-011 and the researcher who first reported it calls Jasbug—allows attackers who are in a position to monitor traffic passing between the user and the Active Directory network to launch a man-in-the-middle exploit that executes malicious code on vulnerable machines.


The significant part is in the second paragraph above ("took Microsoft more than 12 months to fix"). We can interpret that as saying that the hole, which NSA used for over a year for back door access (because Mirosoft told the NSA about it), is finally being acknowledged to the public. Therein lies the 'magic' of proprietary software. Is the NSA now 'done' cracking all the world's networks that have Windows in them? Is it now 'safe' to finally close this back door?

Microsoft Windows is an utter joke when it comes to security, as Microsoft's own actions serve to show. Back doors surely look like the goal, not an error. Windows was recently used to crack Sony years after the NSA had cracked North Korea's network. Those who knowingly used an operating system with back doors can't blame anyone other than themselves and perhaps Microsoft/NSA. Misplaced blame these days typically names China, Russia, or North Korea.

Remember that Microsoft leaves security holes open/in fact anyway, no matter if versions of Windows are supported or not (upgrades are neither simple nor free). As Goodin's former employer puts it:

What happens six months from now, on 14 July? That's the date Microsoft issues its last security fix ever for Window Server 2003 – the end of extended support from the server operating system's maker.


The article states that many servers will basically be left with permanent back doors. Many of them contain customers' (or patients') data.

As Robert Pogson put it, "Server 2003, which is due to go without support this summer won’t be fixed for a recent Patch Tuesday revelation of a vulnerability built-in by design a decade ago and impossible to fix without breaking everything…"

He concludes correctly: "Maybe it’s time people switched to GNU/Linux, an operating system not designed by salesmen. It’s not perfect but at least the bugs are fixable."

Yes, even bugs with special names, logos, and "branding" -- those that the corporate media loves to hype up.
Links 11/2/2015: First Ubuntu Phone on Sale Today, Tizen 2.3 Source Code Released | Microsoft's Mole Strategy Against Free Software Spreads OOXML, Surveillance, Other Malice to the Real, Potent Alternatives

Recent Techrights' Posts

Microsoft-Connected Sites Trying to Shift Attention Away From Microsoft's Megabreach Only Days Before Important If Not Unprecedented Grilling by the US Government?
Why does the mainstream media not entertain the possibility a lot of these talking points are directed out of Redmond?
Firefox Has Fallen to 2% in New Zealand
At around 2%, at least in the US (2% or below this threshold), there's no longer an obligation to test sites for any Gecko-based browser
 
GNU/Linux in Georgia: Looking Good
Windows down from 99% to less than 33%
Tomorrow is a Historic Day for Press Freedom in the UK
Take note of the Julian Assange case
Hiding in a Forest Without a Phone and Hiding Behind the First Amendment in the United States (US)
some serial defamer is trying to invert the narrative
Links 19/05/2024: Iran's President Lost in Helicopter Crash, WikiLeaks’ Julian Assange Awaits Decisions in Less Than a Day
Links for the day
Links 19/05/2024: Microsoft Investigated in Europe
Links for the day
4 Old Articles About Microsoft/IBM SystemD
old but still relevant
Winning Streak
Free software prevalence
Links 19/05/2024: Conflicts, The Press, and Spotify Lawsuit
Links for the day
GNU/Linux+ChromeOS at Over 7% in New Zealand
It's also the home of several prominent GNU/Linux advocates
libera.chat (Libera Chat) Turns 3 Today
Freenode in the meantime continues to disintegrate
[Teaser] Freenode NDA Expires in a Few Weeks (What Really Happened 3 Years Ago)
get ready
GNU/Linux is Already Mainstream, But Microsoft is Still Trying to Sabotage That With Illegal Activities and Malicious Campaigns of Lies
To help GNU/Linux grow we'll need to tackle tough issues and recognise Microsoft is a vicious obstacle
Slovenia's Adoption of GNU/Linux in 2024
Whatever the factor/s may be, if these figures are true, then it's something to keep an eye on in the future
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 18, 2024
IRC logs for Saturday, May 18, 2024
Links 19/05/2024: Profectus Beta 1.2
Links for the day
Site Archives (Not WordPress)
We've finally finished the work
[Meme] The EPO Delusion
on New Ways of Working
EPO Representatives Outline Latest Attacks on Staff
Not much has happened recently in terms of industrial action
Links 18/05/2024: Revisiting the Harms of Patent Trolls, Google Tries to Bypass (or Plagiarise) Sites Under the Guise of "AI"
Links for the day
Links 18/05/2024: BASIC Story, Site Feeds, and New in Geminispace
Links for the day
GNU/Linux in Kyrgyzstan: From 0.5% to 5% in Eight Years
the country is almost the size of the UK
Justice for Victims of Online Abuse
The claims asserted or pushed forth by the harasser are categorically denied
[Meme] Senior Software Engineer for Windows
This is becoming like another Novell
Links 18/05/2024: Deterioration of the Net, North Korean IT Workers in the US
Links for the day
Windows in Lebanon: Down to 12%?
latest from statCounter
[Video] 'Late Stage Capitalism': Microsoft as an Elaborate Ponzi Scheme (Faking 'Demand' While Portraying the Fraud as an Act of Generosity and Demanding Bailouts)
Being able to express or explain the facts isn't easy because of the buzzwords
Links 18/05/2024: Caledonia Emergency Powers, "UK Prosecutor's Office Went Too Far in the Assange Case"
Links for the day
Microsoft ("a Dying Megacorporation that Does Not Create") and IBM: An Era of Dying Giants With Leadership Deficits and Corporate Bailouts (Subsidies From Taxpayers)
Microsoft seems to be resorting to lots of bribes and chasing of bailouts (i.e. money from taxpayers worldwide)
US Patent and Trademark Office Sends Out a Warning to People Who Do Not Use Microsoft's Proprietary Formats
They're punishing people who wish to use open formats
Links 18/05/2024: Fury in Microsoft Over Studio Shutdowns, More Gaming Layoffs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 17, 2024
IRC logs for Friday, May 17, 2024
Links 18/05/2024: KOReader, Benben v0.5.0 Progress Update, and More
Links for the day
[Meme] UEFI 'Secure' Boot Boiling Frog
UEFI 'Secure' Boot: You can just ignore it. You can just turn it off. You can hack on it as a workaround. Just use Windows dammit!
The Market Wants to Delete Windows and Install GNU/Linux, UEFI 'Secure' Boot Must Go!
To be very clear, this has nothing to do with security and those who insist that it is have absolutely no credentials
In the United States Of America the Estimated Share of Google Search Grew After Microsoft's Chatbot Hype (Which Coincided With Mass Layoffs at Bing)
Microsoft's chatbot hype started in late 2022
Techrights Will Categorically Object to Any Attempts to Deny Its Right to Publish Informative, Factual Material
we'll continue to publish about 20 pages per day while challenging censorship attempts
Links 17/05/2024: Microsoft Masks Layoffs With Return-to-office (RTO) Mandates, More YouTube Censorship
Links for the day
YouTube Progresses to the Next Level
YouTube is a ticking time bomb
Journalists and Human Rights Groups Back Julian Assange Ahead of Monday's Likely Very Final Decision
From the past 24 hours...
[Meme] George Washington and the Bill of Rights
Centuries have passed since the days of George Washington, but the principles are still the same
Daniel Pocock: "I've Gone to Some Lengths to Demonstrate How Corporate Bad Actors Have Used Amateur-hour Codes of Conduct to Push Volunteers Into Modern Slavery"
"As David explains, the Codes of Conduct should work the other way around to regulate the poor behavior of corporations who have been far too close to the Debian Suicide Cluster."
Video of Richard Stallman's Talk From Four Weeks Ago
2-hour video of Richard Stallman speaking less than a month ago
statCounter Says Twitter/X Share in Russia Fell From 23% to 2.3% in 3 Years
it seems like YouTube gained a lot
Journalist Who Won Awards for His Coverage of the Julian Assange Ordeals Excluded and Denied Access to Final Hearing
One can speculate about the true reason/s
Richard Stallman's Talk, Scheduled for Two Days Ago, Was Not Canceled But Really Delayed
American in Paris
3 More Weeks for Daniel Pocock's Campaign to Win a Seat in European Parliament Elections
Friday 3 weeks from now is polling day
Microsoft Should Have Been Fined and Sanctioned Over UEFI 'Lockout' (Locking GNU/Linux Out of New PCs)
Why did that not happen?
Gemini Links 16/05/2024: Microsoft Masks Layoffs With Return-to-office (RTO) Mandates, Cash Issues
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 16, 2024
IRC logs for Thursday, May 16, 2024
Ex-Red Hat CEO Paul Cormier Did Not Retire, He Just Left IBM/Red Hat a Month Ago (Ahead of Layoff Speculations)
Rather than retire he took a similar position at another company
Linux.com Made Its First 'Article' in Over and Month, It Was 10 Words in Total, and It's Not About Linux
play some 'webapp' and maybe get some digital 'certificate' for a meme like 'clown computing'