Bill Gates Mugshot

The Evil Empire
Information about Microsoft, bugs, security holes, and dirty business tactics.
Updated irregularly (about once per week)


December 29, 2003

The IT industry is shifting away from Microsoft

We are experiencing a major IT industry shift right now, and if you know where to look you can actually see it as it happens. This shift is all about Microsoft and open source.

Until very recently, Microsoft owned everything in the personal computer business, both low and high on the food chain. Everyone who challenged it was bought out, cheated out of the technology, or generally beaten into the ground with dirty tricks, by ruthless competition, or on rare occasions, with a better product. Listing the failures would consume more column inches than a person could read in a year.

Just as the press proclaims the inability of anyone to challenge the Redmond beast, control is slipping from Microsoft. As with any company faced with a huge loss of market share, Microsoft is acting predictably, pretending it is not happening, and putting on a smiley face when asked about prospects. On the inside, Microsoft is as scared as hell. More... [The Inquirer]

Posted by Horst at 01:43 PM

December 25, 2003

Microsoft's festive advice: Don't plug our PCs into the Web

Its slogan is "where do you want to go today?" But Microsoft asks that if you get a Windows computer for Christmas, don't take it to one particular place: the internet.

At least, the company says, not until you've been to the shops again to buy extra software, and protected the system from the deluge of viruses and worms that target the flaws in Microsoft's software as soon as you take it online. More... [The Independent]

Posted by Horst at 11:14 PM

December 14, 2003

Muckraking, the PC Way

Security technologist Richard Forno explains a few differences between Mac and Windows to see why Macintosh systems are inherently more secure than Windows systems: The real security wisdom of Mac OS lies in its internal architecture and how the operating system works and interacts with applications. It's also something Microsoft unfortunately can't accomplish without a complete re-write of the Windows software. More... []

Posted by Horst at 08:49 PM

Microsoft probes IE flaw that allows spoofing of Web sites

Microsoft Corp. is investigating a reported flaw in its Internet Explorer software that could allow "phishers" to lure users even more convincingly to forged and potentially malicious sites.

The flaw, which appears to affect all versions of Internet Explorer and possibly other Web browsers, allows attackers to craft URLs that make it appear as if a Web page is being hosted on a domain different from its actual location, according to a description of the flaw on the popular BugTraq newslist. More... [Computerworld Security News]

Posted by Horst at 08:44 PM

December 10, 2003

Did MSBlast cause the Aug. 14 blackout?

The report doesn't say that MSBlast caused the blackout. Conventional wisdom is that MSBlast did not cause the blackout. But it's certainly possible that MSBlast contributed to the blackout. The primary and backup computers that hosted the alarm systems failed at the same time MSBlast was attacking Windows computers on the Internet. What operating system were the alarm computers running? Were they on the Internet? These are interesting questions worth knowing the answers to.

And regardless of the answers, there's a very important moral here. As networked computers infiltrate more and more of our critical infrastructure, that infrastructure is vulnerable not only to attacks but also to sloppy software and sloppy operations. And these vulnerabilities are not the obvious ones. More... [CNET]

Posted by Horst at 08:59 PM

Internet Explorer Spoofing Vulnerability Found

A new vulnerability discovered this week in Internet Explorer could allow for the spoofing of URLs in the Web browsing, potentially putting users' sensitive information at risk.

Security researchers confirmed a vulnerability in Internet Explorer 6 that could let an attacker display a fake URL in the browser's address bar in an attempt to disguise the real domain, according to a security bulletin released on Tuesday by Danish security company Secunia Ltd.

Using the security hole, an attacker could trick users into providing sensitive information or download malicious software by leading them to think that they are visiting a trusted site, the advisory said. More... [eWeek]

Posted by Horst at 08:55 PM

December 09, 2003

Hold the Presses: No December Security Bulletins

Today is security-bulletin Tuesday for the month of December for Microsoft. And it seems the company is claiming it has none to issue. Neowin notes, however, that Microsoft has said nothing on the seven Internet Explorer holes discovered by Chinese researchers earlier this month. The zero-bulletin news comes, ironically, at the same time as a report from Symantec on the worst security risks discovered in November. Windows-related flaws occupy seven of the top 10 spots in Symantec's rating. More... [Microsoft Watch]

Posted by Horst at 08:52 PM

December 04, 2003

Windows ATMs raise security concerns

Last week's revelation by Diebold that its automated teller machines (ATMs) operated by two financial services customers were struck by the W32/Nachi worm raises the specter of even wider disruptions from virus and worm outbreaks and highlights a growing security concern that cash machines running Windows XP and interacting with other Windows systems are vulnerable to attack.

The security problems on ATM networks come as many banks worldwide are migrating off of an older generation of machines using IBM's OS/2 operating system to new systems running Windows. More... [InfoWorld]

Posted by Horst at 11:09 AM
© Copyright 1999-2003 Horst Prillinger, 

Valid XHTML 1.0!  Dublin Core used here   Made with a Mac