Wednesday, January 04, 2006

More Microsoft Security Holes

There once was a time, all of five years ago, when I thought Microsoft was the biggest threat to this planet. Then Dubya stole an election. Even so, Microsoft is working hard to compete for the top spot.

I've long known that Microsoft products were a steaming pile of shit full of security holes. I've long known that Microsoft products have more holes than swiss cheese. I've long known that Microsoft has never come up with an original idea other than in marketing and steals technology if it can and buys technology if it must. Most Microsoft "enhancements" to Internet Standards are deliberate attempts to lock out competing operating systems and products. I've frequently seen Microsoft deliberately modify its products and operating systems to lock out competitors.

I admit to being truly scared by Microsoft on-line updates. They can be used to apply security patches (although those patches frequently do not fix everything they should because if they did it would break Microsoft's "enhancements" to Internet Standards and stop their own browser from being able to look at "enhanced" web pages served up by their own web server). But those updates can be used to do so much more. Like upgrading Microsoft Tord (pronounced to rhyme with "word," which is how Microsoft spell the name of the product) so that it can no longer read its older file formats (which competitors had reverse-engineered so that people using Linux could create documents readable by Tord, until the "update"). Like updating Windows and Windows Media Player to lock out Real Player (by re-jigging a system call Real Player relied on). Like scouring your hard drive to find out which Microsoft products you may have installed illegally (and there's nothing to stop them getting all your private data if they wish).

For a more comprehensive exposition of Microsoft's flaws, take a look here. You can find more nuggets of Microsoft's fool's gold (dog turds wrapped in gold-coloured aluminium foil and sold as 24 karat gold) here (see the links under the "Microsoft" heading).

Anyway, Microsoft have done it yet again. Another security hole. One which has apparently been waiting to be found since Windows98. This article states that Microsoft has released a temporary patch which is not completely effective. Microsoft themselves say that the problem affects Windows XP (SP1 and SP2) and Windows 2003 server; that various anti-virus products give complete protection; that Windows OneCare Users who see a "green" status are completely safe. Microsoft lies.

See this page (it is linked to from the "World+dog scrambles to fight Windows flaw" page I linked to above) for more truthful details. Read between the lines and you'll see that the loophole also exists on W2K and Windows/ME and probably also exists on Windows98 but that so far exploits have only been seen in the wild for XP and 2003 server. That page also makes clear that there are many ways to get infected, not just from rogue web sites (as Microsoft claims). It also has a link to an unofficial patch that does fix the problem. Oh, and just to hammer the point home, the same source recently released this stating that this bug is now being exploited by a worm spread by MSN Messenger (oh, the irony).

To summarize:

  • There's a fucking big security hole in Windows that will let people rape your computer.

  • The Microsoft temporary patch does not completely fix the problem.

  • Microsoft lies about the severity of the issue.

  • The Microsoft official patch, due on the 10th, may fix the issue if, and only if, it doesn't mean some of their "enhanced" web pages will break. I'm serious here. There was a previous security hole about a year ago that Microsoft refused to fix completely because it would break some of the proprietary web technology they use to try to lock out competing web browsers and web servers.

  • Microsoft products are a pile of steaming shit.

  • Microsoft are cunts.

In the meantime, I am thankful that I use Linux. Far fewer security holes. More efficient so it runs faster. More reliable (never crashes). Has features (such as disk journalling) that Microsoft charge extra for. Oh, and it's free. Yes, free. You can pay for it if you want all the manuals and a good deal of hand-holding, or you can download the ISOs of one of the many competing Linux distributions, burn them to CD, and install it for free.


Post a Comment

<< Home