Bonum Certa Men Certa

British Government Owned by Crackers Thanks to Microsoft

London



Summary: Microsoft dependency is said to be behind poor decisions from the GCHQ and the Tories, whose Windows site is said to have just been compromised by 4chan

Conficker is back in the headlines. Yesterday it had the following in the British press:

  1. Don't stone the DNS heretics
    I recently asked Rodney Joffe, chief technologist at Neustar, four-decade industry veteran and chair of the Conficker working group, about why he founded UltraDNS and implemented IP Anycast.

    [...]

    On October 21, 2002, a DDoS attack was launched against the root name servers. The ones that survived were those that had quietly switched in the background to using Anycast. When a more powerful DDoS against the root servers occurred in 2007, only the two root servers that had yet to switch to Anycast were laid low.


  2. ZeuS baddies copy Conficker tactics
    Licat infects .EXE, .DLL and .HTML files on infected systems. The malware also generates around 800 pseudo-random domains a day, which it contacts in order to attempt to download new malware code.


  3. Hackers claim to pwn Conservative Party website
    Hackers claim to have pwned the official website belonging to the UK Conservative Party.

    Details on the 4chan website, where they discussed the supposed attack, were sketchy, but they claimed the site was vulnerable to a SQL injection exploit. An email to The Reg claimed the site had been defaced, but at time of writing, there was no proof, and the site appeared to be working normally.


The Tory Web site is Microsoft-based. Glyn Moody complains that the Government Communications Headquarters is also clueless with its attitude towards Microsoft's stack:

Instead of this blind faith in ever-bigger Patch Tuesdays, have those boffins at GCHQ ever thought of turning to software like GNU/Linux that is rather less vulnerable to all those nasty, malicious emails in the first place?

The fact that GCHQ makes no mention of this option means one of two things. Either it is terminally clueless, and we can expect the country's computing infrastructure to be taken out on a regular basis in the future (hello Stuxnet 2.0), or else GCHQ is actually being dead cunning here - pretending to be terminally clueless by wittering on about Microsoft patches to mislead attackers, but secretly swapping out all those vulnerable Windows systems as fast as they can, so that the infrastructure is inherently more secure.


For more about Stuxnet see:

  1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran's Nuclear Programme
  2. Windows Viruses Can be Politically Motivated Sometimes
  3. Who Needs Windows Back Doors When It's So Insecure?
  4. Windows Insecurity Becomes a Political Issue
  5. Windows, Stuxnet, and Public Stoning
  6. Stuxnet Grows Beyond Siemens-Windows Infections
  7. Has BP Already Abandoned Windows?
  8. Reports: Apple to Charge for (Security) Updates
  9. Windows Viruses Can be Politically Motivated Sometimes
  10. New Flaw in Windows Facilitates More DDOS Attacks
  11. Siemens is Bad for Industry, Partly Due to Microsoft
  12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
  13. Microsoft's Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
  14. Microsoft Software: a Darwin Test for Incompetence
  15. Bad September for Microsoft Security, Symantec Buyout Rumours
  16. Microsoft Claims Credit for Failing in Security
  17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
  18. Windows Users Still Under Attack From Stuxnet, Halo, and Zeus
  19. EU Concerns Highlight Need to Remove Windows From the Network
  20. Guest Article: Windows NT and the Deepwater Horizon


It's no surprise that the British government is deluded about Microsoft security when the MSBBC publishes Microsoft propaganda and the same Microsoft propaganda comes from Lance Whitney of Microsoft TechNet Magazine. By controlling coverage Microsoft sells the impression that those security troubles are not its fault and not serious either.

GCHQ

Recent Techrights' Posts

[Video] Why Microsoft is by Far the Biggest Foe of Computer Security (Clue: It Profits From Security Failings)
Microsoft is infiltrating policy-making bodies, ensuring real security is never pursued
Harassment Against My Wife Continues
Drug addict versus family of Techrights authors
 
Links 29/04/2024: "AI" Hype Deflated, Economies Slow Down Further
Links for the day
Gemini Links 29/04/2024: Gopher Experiment and Profectus Alpha 0.9
Links for the day
Debian 'Cabal' (via SPI) Tried to Silence or 'Cancel' Daniel Pocock at DNS Level. It Didn't Work. It Backfired as the Material Received Even More Visibility.
know the truth about modern slavery
Lucas Nussbaum & Debian attempted exploit of OVH Hosting insider
Reprinted with permission from disguised.work
Software in the Public Interest (SPI) is Not a Friend of Freedom
We'll shortly reproduce two older articles from disguised.work
Syria, John Lennon & Debian WIPO panel appointed
Reprinted with permission from disguised.work
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, April 28, 2024
IRC logs for Sunday, April 28, 2024
[Video] GNU and Linux Everywhere (Except by Name)
In a sense, Linux already has over 50% of the world's "OS" market
[Video] Canonical Isn't (No Longer) Serious About Making GNU/Linux Succeed in Desktops/Laptops
Some of the notorious (or "controversial") policies of Canonical have been covered here for years
[Video] What We've Learned About Debian From Emeritus Debian Developer Daniel Pocock
pressure had been put on us (by Debian people and their employer/s) and as a result we did not republish Debian material for a number of years
Bruce Perens & Debian public domain trademark promise
Reprinted with permission from disguised.work
Links 28/04/2024: Shareholders Worry "AI" Hype Brings No Income, Money Down the Drain
Links for the day
Lawyer won't lie for Molly de Blanc & Chris Lamb (mollamby)
Reprinted with permission from disguised.work
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, April 27, 2024
IRC logs for Saturday, April 27, 2024
Links 27/04/2024: Spying Under Fire, Intel in Trouble Again
Links for the day
Lucas Kanashiro & Debian/Canonical/Ubuntu female GSoC intern relationship
Reprinted with permission from disguised.work
Pranav Jain & Debian, DebConf, unfair rent boy rumors
Reprinted with permission from disguised.work
Links 27/04/2024: Kaiser Gave Patients' Data to Microsoft, "Microsoft Lost ‘Dream Job’ Status"
Links for the day
Gemini Links 27/04/2024: Sunrise Photos and Slow Productivity
Links for the day
Microsoft: Our "Goodwill" Gained Over 51 Billion Dollars in the Past Nine Months Alone, Now "Worth" as Much as All Our Physical Assets (Property and Equipment)
The makeup of a Ponzi scheme where the balance sheet has immaterial nonsense
Almost 2,700 New Posts Since Upgrading to Static Site 7 Months Ago, Still Getting More Productive Over Time
We've come a long way since last autumn
FSFE (Ja, Das Gulag Deutschland) Has Lost Its Tongue
Articles/month
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, April 26, 2024
IRC logs for Friday, April 26, 2024
Overpaid lawyer & Debian miss WIPO deadline
Reprinted with permission from disguised.work
Brian Gupta & Debian: WIPO claim botched, suspended
Reprinted with permission from disguised.work