NetWitness found a botnet with control of 74,126 Windows systems spread around 196 countries. These systems are found at medical companies, insurance companies, educational institutions, energy firms, financial companies, Internet providers, and government agencies.
Prevx came upon a cache with logon credentials for 74,000 FTP accounts. These accounts were for companies such as NASA, Cisco, Kaspersky, McAfee, Symantec, Amazon, Bank of America, Oracle, ABC, BusinessWeek, Bloomberg, Disney, Monster, and the Queensland government.
You know, you start to become jaded concerning the security of the most popular OS on planet Earth.
The OS that 90% of the people viewing this blog use.
The OS that your company runs on.
The OS that your government runs on.
The OS your school, college or university runs on.
The OS that your bank probably uses.
The OS that despite being quite clearly not fit for use, somehow continues to be used, because so many people’s lives dependent on it.
What people? Well you, me, the IT department that won’t even let you change your desktop pattern wallpaper at work, your parents, your friends, the guy you overheard talking in the bus queue this morning about how his computer has become unusable again, or the other guy he was talking to who said that all he had to do was:
a) pay for more security software
b) visit this site that tells you how to solve your latest Windows problem in 38 easy steps
c) buy a new computer
d) don’t do anything on your computer to do with online banking or payments of any kind.
And, yes that last group of people who benefit from the crap that Gates & Ballmer peddle every day – the criminals and ne’r-do-wells that use the money they generate from hacking your computer to buy & supply drugs to your kids, fund terrorism, and various other nasties.
Lots of fun for all concerned.
Thank you Mr Gates and Mr Ballmer for all this, and thank you Apple for allowing me to write this blog on a computer that is not affected by any of this.
Sorry for being so jaded, but I don’t see anyone, anytime soon kicking Windows technology out of the door.
Amongst Microsoft’s many, many accomplishments, is this lovely little gem:
There are bugs that Microsoft patch pretty quickly, there are bugs that take a little more testing and take longer, there are bugs that they take ages to patch for some reason.
And now, from your trustworthy business OS supplier comes a first in long history of innovation – a bug that cannot be patched.
It can’t be fixed.
Why this isn’t more widely reported is beyond me. Microsoft’s solution is to run IE8 in a restricted mode which seems a band-aid solution to me.
Sure, Vista solves this little hiccup, but just about every Windows box that I can see from my happy little Mac studio, is still running XP.
What galls me the most is that this little feature has been present in every version of Windows up until Vista, they’ve only just discovered it as far as I can tell.
A few years from now, will there be another ‘unpatchable’ flaw in Vista, Windows 7, 8, 9 etc that they discover?
Why do people not question them? Why do they just accept this? Why is the news full of Apple releasing another device that everyone fails to understand, because it just happens to do something different, and not full of Microsoft’s unbelievable, amateurish and downright dangerous coding?
No other web browser on the Windows platform is affected. Does that not say something about this company?
I remember a Christian once saying to me that the best day’s work that the Devil ever did, was to convince everyone that he didn’t exist.
A similar analogy, is that the socialists have convinced everyone that George Orwell’s book ‘1984’ was about fascism, when actually it’s about the dangers of unrestricted socialism (IngSoc, stands for Engligh Socialism).
These thoughts were piqued when I read a newspaper article in the UK’s DailyMail newspaper, outlining the experience the reporter had when they accidentally clicked on a spammer’s email.
The chaos that ensued, highlighted the dangers of clicking on these sorts of emails, and the article well worth a skim:
I always like to read articles like this because they show the computer experiences of your average Windows user; and I mean the really average Windows user.
The average Windows user makes up the majority of Microsoft customer base, and this article perfectly illustrates the clever trick that Microsoft has played upon them.
The article in question is basically about someone who received an email that asked for all sorts of personal information. This email was a spam email, but the user dumbly accepted it as legitimate, and duly got conned – malware was installed and all sorts of chaos ensued.
Now you can comment on the ineptness of the user, but this article isn’t about their stupidity, it’s about the person that they ultimately blamed.
It’s a big, long article that goes into great detail about what happened to them, but nowhere and I mean nowhere in the article is the word ‘Windows’ or the word ‘Microsoft’ mentioned. Not once.
Ultimately the person who they blamed was – Yahoo. They blamed the email service for failing to filter out the email.
Not themselves for being so inept, not Microsoft for selling them an OS with security holes, but Yahoo. Poor Yahoo.
From the article:
Finally on Monday, three days later, smooth-sounding Jessica from ‘the Yahoo concierge service’ called to help me get back into my account and reassure me that Yahoo took such violations very seriously.She would not be drawn on who might be responsible at Yahoo for stopping hackers. I wanted to know why Yahoo’s own filter system hadn’t spotted a bogus email sent in their name and taken it out before I opened it.
- You for not constantly being on your guard to make up for the fact that an email link can allow remote software to be installed.
- The ‘bad guys’ who send out these emails and take advantage of the security holes in Microsoft software
- The email provider for not filtering out the ‘bad guy’s’ emails.
Courtesy of Rixstep:
Words don’t often fail me, but the sight of a dozen minor-geeks, awkwardly clapping and trying to dance, under the guise of spontaneity… well I don’t know what to say or where to begin.
Microsoft, you’re making a complete fool of yourself. You really don’t know what (hopefully) irreparable damage you are doing to your brand (such that it is) and your public image.
Years from now, when Microsoft are long, long gone, people will look back at the YouTube video and say that this was one of the 10 or so key moments where severe blows were dealt that added to this company’s downfall.
The reason why Microsoft have survived and prospered this far, is because of the army of Windows IT Professionals that have propped up this loose assortment of sloppy hacks and ass-backwards ‘me-too’ and ‘just good enough’ coding.
They have survived because of the mass-ignorance of your average PC-buyer, who needed their hand held whilst buying their computer.
But now things have changed. Apple, Google, Twitter, Facebook and dozens of others have caught up whilst Microsoft were sleeping, and Microsoft’s customer has changed – they are armed with geek-knowledge and they know how to use it.
Ballmer, like the captain on the Titanic, tried to ignore it, but now, with market-share and mind-share slipping he has to do something.
He calls on his troops, but more and more of these troops are bringing in laptops with Apple logos on them. They have iPods, and iPhones, they use Google instead of Bing, and Office is the last thing on their mind with free alternatives readily available.
So he does something – Vista. A total failure that would have finished most companies – but Microsoft isn’t ‘most’ companies.
He tries ‘new’ and ‘different’ advertising campaigns. They are met with derision, confusion and worst of all – laughter, the ‘at’ kind, not the ‘with’ kind.
Plan B. If you can’t beat them – join them. Or copy them. Copy them in exactly the same way you’ve copied them before, back when that ‘computer for the rest of us’ was first released.
Copy it backwards and upside down. In such a way that although all the pieces are there, they just don’t quite fit together.
What you are seeing in this poor, poor, sad video above, is Microsoft in the raw. When the support from all the IT professionals has gone.
They have to compete. On their own. This is who they really are.
I’ve often thought Microsoft were indestructible and I would be writing this blog to the end of my days with them always there, always copying, always getting it totally wrong.
You know I’m beginning to see, at last, the end of this once never great company.
There’s a critcal update for Windows 7, this, even before it was released.
“Do not install this critical update until you have (successfully) installed Windows 7. The code in the update may corrupt earlier Windows systems, destroying your own data and making it impossible to upgrade to the fabulous Windows 7.”
You know, leaving aside the seriousness of this bug, and the fact that it shows, yet again, that Windows is the swiss cheese of operating systems, doesn’t it strike you odd that Microsoft is asking it’s users not to install this update unless they’ve first installed Windows 7. This could corrupt their system.
WHY DOESN’T WINDOWS AUTOMATICALLY SENSE WHICH OS YOU’RE RUNNING AND ONLY PRESENT THE OPTIONS FOR THAT OS?
You know, like Mac OS always has done?
It’s no wonder some Windows installs go bad – the OS doesn’t even help the user make the right choices.
Windows 7 doth approach, and Microsoft, in it’s wisdom have organised ‘Windows 7 parties’ to encourage the poor deluded majority to bet, once again, that this version of Windows is the one they will actually enjoy using.
The one that will at last, be intuitive, won’t crash much, will be free from viruses and malware, just like those other computers that they don’t like to mention very much.
The general reception that the Windows 7 party idea has had is predictably consistent; it’s an awful, cheesy, cliche and pain-inducing idea that only reinforces the idea that Microsoft are so totally uncool and unhip, that it’s a wonder their bums don’t fall off (to quote Zaphod Beeblebrox).
However one excuse for all the fallout has been, ‘there’s no such thing as bad PR.’ Meaning that it doesn’t matter that the idea is awful, it doesn’t matter that everyone is laughing at Microsoft, the number of column inches it generates is worth all the bad press.
However I do not agree.
Many years ago I worked alongside a person who I had great respect from in the creative and advertising industry. Our team was tasked with creating a straightforward campaign for a large supermarket chain to advertise a sale.
This advertising took many forms, but one part was bus-shelter posters.
Now being trained graphic designers we new that the thought process for the consumer was thus:
You hook in the consumer with a gimmick, an offer or an angle.
You then hold there attention with an attractive, easy to ‘consume’, flowing, logical design.
You then let them go, away from your adverts influence, with a thought, or memory of your offer.
The last part is the most important. The consumer will spend infinitely more time away from your ads influence, than being exposed to it. You don’t have long to get your message across and that message has to hit home first time, and it must stay with them when you ad is long gone.
This period is the time where your influence has to be positive so that the consumer can pass your message along to another person.
This is why ‘viral marketing’ is a difficult and dangerous approach. You have to get your message and every possible interpretation of that message absolutely right.
Anyway I digress a little- back to the supermarket’s ad.
We created what we thought best fulfilled those 3 critera, to hook, to hold & give right memory. However the client didn’t see it that way.
They wanted something much more direct, simple and gaudy. Put simply they wanted their ad on a dayglo green or orange background, so that it ‘stood out’ and shouted their message.
It certainly would hook & hold, but the memory? My colleague commented that, “We’ve hooked them in, the ad will be noticed most certainly, they will even read the ad, but what memory are they left with? a cheap and nasty one.”
The client, whose product was most certainly not cheap and nasty, finally relented, but this experience made me think about the Windows 7 party.
It’s getting the column inches, and we’re certainly hooked and held, but what’s the memory we are left with? What are we saying to others about this approach?
Microsoft seems to think that any news is good news… I don’t think so.