l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2012 May 28 09:01

Reasons to Avoid Microsoft


[Bug] [Education] [Government] [Fear, Uncertainty, Doubt] [Security Hole] [MSN Hotmail] [MS Internet Explorer] [MS IIS Webserver] [MSN Instant Messenger] [License] [Linux/Open Source] [Monopoly] [MS Outlook] [Piracy] [Privacy] [Virus/Worm] [MS XBox] [MS Windows XP] [WOW!]
Show All

[Privacy]

Privacy


These pages are a compilation of links and quotes to news articles and others sources that might help convince you to switch to Linux.

  • Microsoft IE Flaw Exploited by Hackers to Steal Info From Google (Dailytech.com, 2010.01.15)
    [MS Internet Explorer] [Security Hole] [Privacy] In this case the flaw wasn't overly severe, but the attackers were unusually sophisticated and struck out at businesses, looking to steal their data. Writes Dmitri Alperovitch, a vice president of research with McAfee, 'We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space.'

  • Draconian DRM Revealed In Windows 7 (Slashdot.org, 2009.02.17)
    [WOW!] [Privacy] The days of capturing an audio program on your PC seem to be over... Win7 allows programs like Photoshop to insert themselves stealthily into your firewall exception list. Further, that the OS allows large software vendors to penetrate your machine.


    Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38

  • More gnashing of teeth after Microsoft update brings PCs to a standstill (The Register, 2007.10.25)
    [Privacy] Something seems to have gone horribly wrong in an untold number of IT departments on Wednesday after Microsoft installed a resource-hogging search application on machines company-wide, even though administrators had configured systems not to use the program. ... Critics cried foul on the principle that users should have absolute control over their machines. They also argued that the stealth update could hamper compliance requirements.

  • Microsoft dispels rumors of stealth Windows updates (The Register, 2007.09.14)
    [Privacy] Reports of secret updates began circulating after at least two sites reported that Windows Update pushed patches on machines - even though the automatic update feature had been disabled. ... The issue has touched off concern among some that allowing Microsoft or any other company to install files without their prior knowledge and consent sets a dangerous precedent.

  • Internet Explorer Unsafe for 284 Days in 2006 (Washington Post 'Security Fix' Blog, 2007.01.03)
    [Security Hole] [Privacy] [MS Internet Explorer] [WOW!] For a total 284 days in 2006 (or more than nine months out of the year), exploit code for known, unpatched critical flaws in [IE] was publicly available on the Internet. Likewise, there were at least 98 days last year in which no software fixes from Microsoft were available to fix IE flaws that criminals were actively using to steal personal and financial data from users. ... In contrast, [the Open Source Mozilla Firefox browser] experienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to remedy the problem.

  • Was HP.s traceable 'PattyMail' spyware? You decide (ZDNet Blogs, 2006.09.29)
    [MS Outlook] [Privacy] If you've been following the HP privacy scandal at all, then you'd know that HP resorted to (or considered resorting to) several techniques in hopes of smoking out whoever it was that was leaking information from its boardroom to the press... [including] sending traceable email ... I also showed how the versions of Microsoft's Outlook that are currently in circulation ... make it impossible to successfully forward an HTML-based e-mail without re-activating its traceability.

  • Microsoft's Calling Home Problem: It's a Matter of Informed Consent (Groklaw, 2006.06.11)
    [Privacy] [WOW!] No doubt many of you saw on Slashdot the article "Microsoft Talks Daily With Your Computer" or in Steven J. Vaughan-Nichols article for eWeek titled, Big Microsoft Brother, about allegations that Microsoft's Windows Genuine Advantage validation tool phones home daily to report information to Microsoft about you on each boot. Lauren Weinstein broke the story on his blog. Microsoft has now put out a statement, asserting that the Windows Genuine Advantage tool is not spyware, that they're going to change it some, and that one thing that distinguishes it from spyware is that they get consent before installing it. I question the accuracy of the statement.

  • Invasion of the Computer Snatchers (Washingtonpost.com, 2006.02.19)
    [Security Hole] [Privacy] [WOW!] Hackers are hijacking thousands of PCs to spy on users, shake down online businesses, steal identities and send millions of pieces of spam. If you think your computer is safe, think again. ... At the moment, [the hacker interviewed] controls more than 13,000 computers in more than 20 countries. This morning he installs spyware on just a few hundred of the 2,000 PCs that he has commandeered in the last few hours

  • Spyware Barely Touches Firefox (Yahoo! News, 2006.02.09)
    [Linux/Open Source] [MS Internet Explorer] [Privacy] Internet Explorer users can be as much as 21 times more likely to end up with a spyware-infected PC than people who go online with Mozilla's Firefox browser, academic researchers [said]. ... [Researchers] sent their crawlers to 45,000 Web sites, cataloged the executable files found, and tested malicious sites' effectiveness by exposing unpatched versions of Internet Explorer and Firefox to "drive-by downloads." ... no domain managed to infect the Firefox-equipped PC in a drive-by download attack.

  • Internet Explorer DHTML Edit ActiveX Control Cross-Site Scripting (Secunia, 2004.12.16)
    [MS Internet Explorer] [Privacy] A vulnerability in Internet Explorer [has been discovered], which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.

  • Click here to become infected (The Register, 2004.09.22)
    [MS Internet Explorer] [Privacy] A junk mail message doing the rounds today provides an even more compelling reason [to not press the 'click here to remove' link on spam messages]. ... 'Typically, your machine may be turned into an open proxy, have passwords extracted, and keyloggers installed. So not only do you confirm your email address to the spammers, you also get to host their next spam run, and get your bank account cleaned out.'

  • New Worm Installs Network Traffic Sniffer (Netcraft, 2004.09.13)
    [Privacy] [WOW!] A new worm whose payload includes the SDBot trojan tries to install a 'sniffer,' seeking to use infected computers to capture login and banking information for other computers on the same network.

  • Meet the Peeping Tom worm (The Register, 2004.08.23)
    [Security Hole] [Privacy] [WOW!] A worm that has the capability to using webcams to spy on users is circulating across the Net. Rbot-GR, the latest variant of a prolific worm series, spreads via network shares, exploiting a number of Microsoft security vulnerabilities to drop a backdoor Trojan horse program on vulnerable machines as it propagates. Once a backdoor program is installed on a victim's PC it's game over and an attacker can do whatever takes their fancy. ... 'If your computer is infected and you have a webcam plugged in, then everything you do in front of the computer can be seen, and everything you say can be recorded...'

  • Computer 'spy' that could clean you out (The Guardian, 2004.07.31)
    [Privacy] [WOW!] Spies sitting in your computer could be sending signals to international fraudsters determined to clean out your bank account or use your credit card. ... Deats believes criminals have details of more than 1,000 financial institutions including all the major UK banks. The code transmits that you are online to the bank. But the real killer application is that it reads every keystroke you make, as you make it. This means it can replicate your user name and password for future use.

  • MyDoom.O Harvesting Email Addresses from Search Engines and Causing Denial of Service Attacks (Businesswire, 2004.07.26)
    [Privacy] [MS Outlook] MyDoom.O searches user files (DOC TXT HTM and HTML) for domain names, then uses search engines (Lycos, AltaVista, Yahoo and Google) to search for 'e-mail' and the harvested domain in order to gain access to other email addresses. There is a strong likelihood that web-based lists such as phone books, memberships, discussion boards and general user home pages will be harvested by the machine and in turn infect others.

  • Microsoft Internet Explorer Multiple Vulnerabilities (Secunia, 2004.07.13)
    [MS Internet Explorer] [Security Hole] [Privacy] [WOW!] [Vulnerabilities] in Internet Explorer [allow] malicious people to bypass security restrictions and potentially compromise a vulnerable system. ... Successful exploitation allows execution of arbitrary script code in the context of another website. This could potentially allow execution of arbitrary code in other security zones too. ... Successful exploitation may potentially cause users to open harmful files or do other harmful actions without knowing it.

  • U.S., citing security concerns, steers consumers away from IE (EE Times, 2004.07.01)
    [MS Internet Explorer] [MS IIS Webserver] [Privacy] [Security Hole] [Government] [WOW!] The Department of Homeland Security's U.S. Computer Emergency Readiness Team touched off a storm this week when it recommended for security reasons using browsers other than Microsoft Corp.'s Internet Explorer. ... The particular virus initiated this week ... allows keystroke analysis of user information. The target is believed to be credit card numbers. CERT estimated that as many as tens of thousands of Web sites may [have been infected with the malicious code, via a vulnerability in Microsoft's 'Internet Information Services' webserver software].

  • New scam targets bank customers (SANS, 2004.06.29)
    [MS Internet Explorer] [Privacy] [Security Hole] [WOW!] The victim of the attack found that a file ... been loaded onto their machine. ... The second half of the file consists of a ['Browser Helper Object', which Internet Explorer loads when it starts up]. Created BHO's then have access to all the events and properties of that browsing session. This particular BHO watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries. [The malicious code] grabs any outbound POST/GET data from within IE before it is encrypted by SSL.

  • Internet Explorer Is Just Too Risky (BusinessWeek, 2004.06.29)
    [MS Internet Explorer] [Privacy] [Security Hole] [WOW!] People who browsed there on Windows computers got infected with malicious code without downloading anything. ... The biggest security problem in IE, one that has plagued Microsoft and its customers for at least four years and is at the heart of the recent exploit, is a flaw that lets a Web site trick the browser into running an alien program in violation of its own security settings. In effect, an unknown program on a Web site is treated as though it were a trusted program on your computer. Compromised Web sites can covertly install programs ranging from nuisances that cause ad pop-ups to real threats that record your keystrokes, allowing the site to steal your passwords and account information.

  • Web browser flaw prompts warning (BBC News, 2004.06.26)
    [MS Internet Explorer] [Privacy] [Security Hole] [WOW!] Users are being told to avoid using Internet Explorer until Microsoft patches a serious security hole in it. The loophole is being exploited to open a backdoor on a PC that could let criminals take control of a machine. The threat of infection is so high because the code created to exploit the loophole has somehow been placed on many popular websites.

  • Microsoft warns on IIS 5 and IE attack (vnunet, 2004.06.25)
    [MS Internet Explorer] [MS IIS Webserver] [Privacy] [Security Hole] [WOW!] Sites are appending JavaScript to the bottom of web pages that, when executed, attempts to access a file hosted on another server. 'This file may contain malicious code that can affect the end user's system. US-CERT is investigating the origin of the IIS 5 compromises and the impact of the code that is downloaded to end-user systems,' the organisation said.

  • DoS Attack May Tap Web Graphics Flaw (eWeek, 2004.06.24)
    [MS Internet Explorer] [Privacy] [Security Hole] [WOW!] When visitors to a few particular Web sites-including popular auction, shopping and price-comparison sites-request pages that include the malicious graphics, the code automatically downloads itself onto their machines. Once installed, the code unpacks itself and loads a keystroke logger on the PC. NetSec officials said the attack seems to exploit a vulnerability in Internet Explorer.

  • New virus reads keys you type (OverclockersClub, 2004.06.04)
    [Virus/Worm] [Privacy] [WOW!] A new virus is on the prowl that can infect your Windows XP/2K system and record every key you hit on your keyboard. The keys are then sent back to the virus creator where he/she can steal your passwords and credit card information. ... [You get the virus] without even knowing it. It does not arrive by email, but simply by being connected to a network or to the Internet...

  • Korgo-F Threat Level Heightened (eSecurityPlanet, 2004.06.02)
    [Virus/Worm] [Privacy] [WOW!] Korgo-F is a worm that attempts to propagate by exploiting a Microsoft Windows vulnerability... 'Korgo.F includes backdoor functionality that could leave systems open to unauthorized access ... This backdoor functionality could result in a loss of confidential data and may also compromise security settings.'

Next 25 Articles

Collection originally created by, donated to LUGOD by, and maintained by Bill Kendrick.

Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.