Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] Microsoft LIES in Vulnerability Reports, More Trojan Problems Arrive

  • Subject: [News] [Rival] Microsoft LIES in Vulnerability Reports, More Trojan Problems Arrive
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Tue, 21 Aug 2007 01:20:38 +0100
  • Newsgroups: comp.os.linux.advocacy
  • Organization: Netscape / schestowitz.com
  • User-agent: KNode/0.10.4
Storm worm authors switch tactics

,----[ Quote ]
| The "updates" - loaded with Trojan code - attempted to trick gullible users 
| into becoming infected even in cases where their machines are fully patched 
| and up to date.  


See the links below. Microsoft secretly patches security holes and it calls the
patches something else. It also groups things together to alter the numbers.
Also listed below is Microsoft's **own** (leaked) description of this tactic
which involves lies and so-called 'researchers'.

Last week:

Microsoft reacts to kernel hacks, defends Vista

,----[ Quote ]
| Microsoft wasn't much help in figuring out exactly what was beefed up by the
| PatchGuard update; the accompanying information was extremely vague. The
| MSRC's release manager, Simon Conant, was just as tight-lipped in a posting
| to the center's blog. "The update adds additional checks to Kernel Patch
| Protection for increased reliability, performance, and security," Conant
| said.


Skeletons in Microsoft’s Patch Day closet

,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.


Beware of undisclosed Microsoft patches

,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?



“There’s an interesting article in the April 2007 issue of Harper’s magazine
about panels, audits, and experts. It is called CTRL-ALT-DECEIT and is from
evidence in Comes v. Microsoft, a class action suit in Iowa. Here’s a
paragraph from a document admitted into evidence, called “Generalized
Evangelism Timeline,” about guerrilla or evangelical marketing:

Working behind the scenes to orchestrate “independent” praise of our technology
is a key evangelism function. “Independent” analysts’ reports should be
issued, praising your technology and damning the competitors (or ignoring
them). “Independent consultants should write articles, give conference
presentations, moderate stacked panels on our behalf, and set themselves up as
experts in the new technology, available for just $200/hour. “Independent”
academic sources should be cultivated and quoted (and granted research money).

They advise cultivating “experts” early and recommending that they not publish
anything pro-Microsoft, so that they can be viewed as “independent” later on,
when they’re needed. This type of evangelical or guerilla marketing is
apparently quite common in the high-tech fields, and seems to be used
liberally by open source developers.

The document admitted into evidence also says, “The key to stacking a panel is
being able to choose the moderator,” and explains how to find “pliable”
moderators–those who will sell out.

It is all a big money game. Most activists in any field know of
countless “hearings,” in which hundreds of citizens would testify before a
panel, only to be ignored in favor of two or three industry “experts.” When a
panel is chosen, the outcome seems to be a foregone conclusion. As with
elections, they don’t leave anything to chance.”
(a post from a Mark E. Smith about exhibit PX03096 “Evangelism is War” from
Comes v. Microsoft).

Microsoft is Counting Bugs Again

,----[ Quote ]
| Sorry, but Microsoft's self-evaluating security counting isn't really a 
| good accounting.
| [...]
| The point: Don't count on security flaw counting. The real flaw is 
| the counting.


How secure are Linux, Window and Mac OS?


2006 Operating System Vulnerability Summary


Linux vs. Windows: Which is Most Secure?


Linux Security: A Big Edge Over Windows


The problems with Vista laid bare - What might have been


Why Windows is less secure than Linux


Linux more secure than Windows, national survey shows


Microsoft Windows: Insecure by Design


If Only We Knew Then What We Know Now About Windows XP


Why Windows is a security nightmare.


The Structural Failures of Windows


More than half of Microsoft Vista needs re-writing 


Windows Fiji: Now second half of 2008?


Microsoft admits Vista screwed - report 

,----[ Quote ]
| Vista SP1 is code named "Fiji", presumably after a pretty looking
| island which is paralysed by coups.
| In a statement regarding the service pack Microsoft admits that
| Vista has "high impact" problems.


Microsoft cuts Windows virtualization features


,----[ Quote ]
| "Right now, Microsoft has nowhere to run, and nowhere to hide. After all 
| the hype surrounding Vista, the Emperor has finally been revealed in all 
| his naked glory. Some folks have been predicting the demise of Microsoft. I
| wouldn't go that far, but I am wondering how we?re ever going to take
| Microsoft seriously again?"


A history of Microsoft Windows - the inside story exposed 

,----[ Quote ]
| 2004: (...)
| THE MANAGEMENT: "What do you mean it still doesn't work? Try
| harder!"
| 2005: (...)
| "MAKE IT WORK! FOR GOD'S SAKE, MAKE IT WORK! Well, throw it away
| and use the server version then, that seems all right. Look, they
| won't know the difference, drop the database stuff, nobody remembers
| what we said in 1995 now! That was ten years ago! "Apple has what?
| 3D acceleration? So, we have DirectX. What, in the desktop? Really?
| What, even Stallman's beardie-weirdies have it? Oh hell. Right, you
| lot, make it look like this!"


MS Insider: The Office Crew Isn't Smart Enough to Supplant Real Windows


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index