| Events |
|
|
|
|
|
|
|
|
| Services |
|
|
|
|
|
|
| Interact |
|
|
|
|
|
|
| About Us |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
REASONS TO AVOID MICROSOFT
![[Bug]](gfx/bug.gif "Bug")
![[Education]](gfx/edu.gif "Education")
![[Government]](gfx/fed.gif "Government")
![[Fear, Uncertainty, Doubt]](gfx/fud.gif "Fear, Uncertainty, Doubt")
![[Security Hole]](gfx/hole.gif "Security Hole")
![[MSN Hotmail]](gfx/hotmail.gif "MSN Hotmail")
![[MS Internet Explorer]](gfx/ie.gif "MS Internet Explorer")
![[MS IIS Webserver]](gfx/iis.gif "MS IIS Webserver")
![[MSN Instant Messenger]](gfx/im.gif "MSN Instant Messenger")
![[License]](gfx/lic.gif "License")
![[Linux/Open Source]](gfx/linux.gif "Linux/Open Source")
![[Monopoly]](gfx/monopoly.gif "Monopoly")
![[MS Outlook]](gfx/outlook.gif "MS Outlook")
![[Piracy]](gfx/piracy.gif "Piracy")
![[Privacy]](gfx/priv.gif "Privacy")
![[Virus/Worm]](gfx/virus.gif "Virus/Worm")
![[MS XBox]](gfx/xbox.gif "MS XBox")
![[MS Windows XP]](gfx/xp.gif "MS Windows XP")
![[WOW!]](gfx/wow.gif "WOW!")
Show All
WOW!
These pages are a compilation of links and quotes to news articles and
others sources that might help convince you to switch to Linux.
- Major IE8 flaw makes 'safe' sites unsafe
(The Register,
2009.11.20)
The latest version of Microsoft's Internet Explorer browser contains
a bug that can enable serious security attacks against websites that
are otherwise safe. The flaw in IE 8 can be exploited to introduce
XSS, or cross-site scripting, errors on webpages that are otherwise
safe... Ironically, the flaw resides in a protection added by Microsoft
developers to IE 8 that's designed to prevent XSS attacks against
sites.
- After one year, Conficker infects 7 million computers
(Network World,
2009.10.30)
Conficker first caught the attention of security experts in November
2008 and received widespread media attention in early 2009. It has
proved remarkably resilient and adept at re-infecting systems even
after being removed.
- ECIS Provides A History of Microsoft's AntiCompetitive Behavior
(Groklaw,
2009.04.21)
'Once Microsoft had achieved wide distribution for its own browser
through these tactics, it then moved to "extend" (in effect,
customize) industry standards for HyperText Markup Language ("HTML")
and Cascading StyleSheets ("CSS") to ensure that users would become
reliant on Microsoft's own web browser. Microsoft also introduced its
ActiveX technology extensions, which allowed software written much
like traditional computer programs to run in the Internet Explorer
browser, but that only worked on Microsoft's monopoly operating
system.' ... 'Even when Microsoft claims to be implementing a standard,
the reality is that Microsoft's implementations routinely either only
partially conform or else somehow extend the standard, so that software
developed to work with Microsoft's version of the standard will not work
with other vendors' implementations of the same standard.' ... '"We
need to slaughter Novell before they get stronger....If you're going to
kill someone, there isn't much reason to get all worked up about it and
angry. You just pull the trigger. Any discussions beforehand are a waste
of time. We need to smile at Novell while we pull the trigger."'
- Draconian DRM Revealed In Windows 7
(Slashdot.org,
2009.02.17)
The days of capturing an audio program on your PC seem to be over...
Win7 allows programs like Photoshop to insert themselves stealthily
into your firewall exception list. Further, that the OS allows large
software vendors to penetrate your machine.
- Windows worm trickery for Vista
(BBC News,
2009.01.21)
The worm is unusually clever in the way that it determines what server
to contact... 'This makes it impossible and/or impractical for us good
guys to shut them all down'... [The virus] has spread to an estimated
9m computers globally.
- 1 in 3 Windows PCs Still Vulnerable To Worm Attack
(Slashdot.org,
2009.01.16)
The worm that has infected several million Windows PCs, Downadup or
'Conficker,' is having a field day because nearly a third of all systems
remain unpatched 80 days after Microsoft rolled out an emergency fix.
- Sneaky Blackmailing Virus That Encrypts [Your] Data [and holds it
hostage]
(Slashdot,
2008.06.05)
... the criminal tells the victims that the file has been encrypted
and offers to sell them a decryptor. Is this a look into the future
where the majority of malware will function based on extortion?
Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 574 and defined in /var/www/lugod/microsoft/includes.php on line 38
- Hacker, Microsoft duke it out over Vista desin flaw
(ZDNet 'Tracking the hackers' blog,
2007.02.13)
![[]](gfx/vista.gif)
[A security hacker] stumbled upon a 'very severe hole' in the design
of UAC (User Account Control) and found out -- from Microsoft officials
-- that the default no-admin setting isn't even a security mechanism
anymore. ... [UAC] assumes that all setup programs (application
installers) should be run with administrator privileges. ... 'That
means if you download some freeware Tetris game, you will have to
run its installer as administrator, giving it not only full access
to all your file system and registry, but also allowing it to load
kernel drivers.'
- Internet Explorer Unsafe for 284 Days in 2006
(Washington Post 'Security Fix' Blog,
2007.01.03)
For a total 284 days in 2006 (or more than nine months out of the
year), exploit code for known, unpatched critical flaws in [IE] was
publicly available on the Internet. Likewise, there were at least 98
days last year in which no software fixes from Microsoft were available
to fix IE flaws that criminals were actively using to steal personal
and financial data from users. ... In contrast, [the Open Source Mozilla
Firefox browser] experienced a single period lasting just nine days
last year in which exploit code for a serious security hole was posted
online before Mozilla shipped a patch to remedy the problem.
- New Windows attack can kill firewall
(Network World,
2006.10.30)
Hackers have published code that could let an attacker disable the
Windows Firewall on certain Windows XP machines. The code, which was
posted on the Internet early Sunday morning, could be used to disable
the Windows Firewall on a fully patched Windows XP PC that was running
Windows' Internet Connection Service... ypically used by home and
small-business users.
- Onerous Vista Activation -- A Time Bomb?
(PC Magazine,
2006.10.16)
There has been a lot of chatter recently over some of the newer
activation and validation schemes that Microsoft may or may not
implement with its new Vista operating system. ... Microsoft wants to
put yet another layer into the mix, and this layer -- Windows Genuine
Advantage -- could become a problem if the layer itself is ever targeted
by a virus or Trojan horse. ... I'm more worried about some joker
creating a virus or exploit that turns the good cop [WGA] into a bad
cop, and I can only imagine the destruction and hassle that will ensue.
First of all, this policeman program is also a traffic cop. Aside from
having the potential ability to turn your operating system off so that
it cannot work at all, it is the program that allows your OS to be
upgraded. There will be no patches for an exploit against the program
that turns off upgrades. Once a virus that makes the cop refuse to
authenticate Vista hits the Net, then how can the problem be fixed?
- Vista & Longhorn Server.s .Improved. Security
(The NeoSmart Files,
2006.10.12)
[If] an operating system doesn't get more secure as it progresses and
evolves, there is certainly something fishy going on. ... So what's
the problem? Windows "Longhorn" Server is! While Windows Vista.s
security has steadily improved build-by-build, and while Longhorn.s
kernel and applications may be more secure, Windows Longhorn Server
as a whole most certainly isn.t. Why? Because it never prompts you to
set an Administrator password!
- Tracking down hi-tech crime
(BBC News,
2006.10.08)
If every hour a burglar turned up at your house and rattled the locks
on the doors and windows to see if he could get in, you might consider
moving to a safer neighbourhood. And while that may not be happening
to your home, it probably is happening to any PC you connect to the
net. ... When we put this machine online it was, on average, hit by
a potential security assault every 15 minutes. None of these attacks
were solicited, merely putting the machine online was enough to attract
them. The fastest an attack struck was mere seconds... Often once a
machine has fallen under someone else's control, a keylogger will be
installed to capture information about everything that the real owner
does -- such as login to their online bank account.
- The Vista budget vacuum
(smallbusiness.itworld.com,
2006.10.05)
If your company plans to play the Vista game, start cooking your
books now. I estimate each Vista user will cost your company between
$3,250 and $5,000. That's each and every Vista user. Money will go
to Microsoft for Vista and Office 2007, to hardware vendors for new
PCs and components, and possibly a few bucks to Apple for those users
jumping to a Mac. After all, if Apple's higher cost has been the factor
keeping your company from trying a Mac, that factor just washed away.
- With Exploits Out, MS Braces for Worm Attack
(eWeek,
2006.08.10)
A network worm attack exploiting a critical Microsoft Windows
vulnerability appears inevitable... An exploit module [exists] that
could launch attacks against all unpatched Windows 2000 systems and
some versions of Windows XP. ... "The nature of the vulnerability
itself is something that should be taken very seriously. The fact that
exploits were out even before Patch Day and now that public code is
available for anyone to download and use, that's enough to treat this
as a high-priority issue..."
- Flaw finders lay siege to Microsoft Office
(The Register,
2006.07.22)
So far this year, the software giant has detailed at least 24
Office flaws found by outside researchers in its monthly bulletins,
six times the number of Office flaws found in all of 2005. The count
also surpasses the 20 flaws that Microsoft has fixed so far this
year in Internet Explorer, a perennial favorite among vulnerability
researchers. ... While a vulnerability in a remote network service could
be exploited to create a worm and tends to worry system administrators
more, the rash of attacks leveraging the Office vulnerabilities to
compromise specific companies underscores the seriousness of the
current threat. ... While Office files require some user interaction
to compromise a victim's system, most workers are now accustomed to
receiving such files, especially if attached to an e-mail that appears
to be genuine...
- Hacked Ad Seen on MySpace Served Spyware to a Million
(Washington Post,
2006.07.20)
An online banner advertisement that ran on MySpace.com and other sites
over the past week used a Windows security flaw to infect more than a
million users with spyware when people merely browsed the sites with
unpatched versions of Windows... online criminal groups have been using
the flaw to install adware, keystroke loggers and all manner of invasive
software for the past seven months. This stuff bombards the user with
pop-up ads and tracks their Web usage. Only a little more than half
of the anti-virus programs [tested] flagged the various programs that
the Trojan tried to download as malicious or suspicious.
- Microsoft's Calling Home Problem: It's a Matter of Informed Consent
(Groklaw,
2006.06.11)
No doubt many of you saw on Slashdot the article "Microsoft Talks
Daily With Your Computer" or in Steven J. Vaughan-Nichols article for
eWeek titled, Big Microsoft Brother, about allegations that Microsoft's
Windows Genuine Advantage validation tool phones home daily to report
information to Microsoft about you on each boot. Lauren Weinstein broke
the story on his blog. Microsoft has now put out a statement, asserting
that the Windows Genuine Advantage tool is not spyware, that they're
going to change it some, and that one thing that distinguishes it from
spyware is that they get consent before installing it. I question the
accuracy of the statement.
- Rotten Effort
(ComputerWorld,
2006.05.08)
It's bad enough when Microsoft strong-arms other software vendors into
submission as a means of thwarting competition. But when it engages
in underhanded tactics to intimidate users in order to land a software
deal, we have a very disturbing situation on our hands.
- OpenDocument Approved by ISO/IEC Members
(TheConsortiumInfo.org,
2006.05.03)
With adoption of ODF by ISO/IEC now assured, software that implements
the standard will now become more attractive to those European and
other government purchasers for whom global adoption by ISO/IEC is
either desirable, or required. Given the ongoing unhappiness in Europe
with Microsoft over what the EU regards as unacceptable bundling and
other practices, this may be particularly significant, especially when
taken with the desire of many European and other purchasers to use
open source products whenever possible. Offerings such as OpenOffice
and KOffice therefore should receive a boost in appeal and usage,
as well as for-sale versions, such as Sun's StarOffice and IBM's
Internet-based offering.
- Internet Explorer Window Loading Race Condition Address Bar Spoofing
(Secunia,
2006.04.04)
[A] vulnerability in Internet Explorer [has been discovered] which can
be exploited by malicious people to conduct phishing attack.
- Invasion of the Computer Snatchers
(Washingtonpost.com,
2006.02.19)
Hackers are hijacking thousands of PCs to spy on users, shake down
online businesses, steal identities and send millions of pieces of
spam. If you think your computer is safe, think again. ... At the
moment, [the hacker interviewed] controls more than 13,000 computers
in more than 20 countries. This morning he installs spyware on just
a few hundred of the 2,000 PCs that he has commandeered in the last
few hours
- January Virus and Spam Statistics: 2006 Starts with a Bang
(Commtouch press release,
2006.02.15)
The numbers are indeed concerning: 19 new email-born significant virus
attacks, of which [...] 4 (21%) were massive attacks - a rare
phenomenon for a single month. ... Commtouch was able to compare
detection times of 21 leading AV engines against 19 new viruses
in January. The results: [1] On average, each AV completely missed
6.2 viruses (the attack was [already] completed, and a signature was
[still not] available). [2] The average response time to new viruses
among all AV engines was 8.12 hours. "The data should be of great
concern to AV vendors and IT managers alike. [...] An eight hour
response spells a simple truth - a traditional AV solution does not
stand a chance against massive attacks that end before a signature is
even released."
- Microsoft probes report of IE flaw
(CNet News,
2005.09.28)
A new flaw in Internet Explorer could be exploited to launch
spoof-based attacks, or access and change data on vulnerable PCs,
security experts have warned. ... An attacker could spoof a legitimate
Web site, access data from the Web browser's cache or stage a so-called
man-in-the-middle attack, which taps into traffic between a user
and another Web site... Fully-patched computers running Windows XP
with Service Pack 2 and Internet Explorer 6.0 are vulnerable to this
issue...
Next 25 Articles
Collection originally created by, donated to LUGOD by,
and maintained by
Bill Kendrick.
Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are
trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.
|
|
