Category: Information

A Yuletide pause for reflection

Much has been said in the popular press recently regarding Julian Assange and his notorious Wikileaks website. Three things strike me about the Wikileaks saga…

1. Our leaders’ total lack of integrity.

Wikileaks has verified what I have suspected for many years, namely that many of our politicians have four priorities:-

First priority for our leaders is pursuance of their own careers. Their second priority is the political party to which they belong. A very close third come the big corporations, upon whom these political parties depend for their funding. Finally, last and very much least, come the poor schmucks who vote for them and ultimately pay their wages.

Worse, the above rule-of-thumb applies to our relatively honest politicians. The dodgier specimens, (e.g. Bush, Blair, Cheney, et al), are even more disgusting and worthless. Seems these scum-sucking lowlifes are happy simply to grab as much taxpayers’ money as possible and squander it on stupid wars and/or to line their own pockets. They don’t care how many people die, or how much of our money they waste in the process.

2. Covering up is more important than reform.

As a result of those very damning revelations from the pages of Wikileaks,  the planet’s political class is now striving very hard indeed to find more effective ways to cover up its lies and evil doings. However, I feel it is much more significant, not to mention depressing, that not one of our “leaders” seems in the least bit interested in the concept of better governance. Perhaps if our politicians genuinely cared about honest and open government, then there would be less to cover up in the first place?

3.The “Special Relationship” scam.

Any nation that considers itself to have a “special relationship” with the United States should urgently reconsider its position. Old Blighty in particular, please take note!

Honk! Honk! and Merry Christmas.

Seems that despite Enron, Worldcom et al, the US financial administration has learnt absolutely nothing from its myriad of previous failings. Dell’s paltry (US)$100 million penalty for its chronic cooking-of-the books bears testament to fact that the US authorities are still unwilling or incapable of dealing effectively with America’s thoroughly bent and corrupt corporations.

The pathetic personal penalties paid by the perpetrators of these crimes are even more astonishing. For example, Dell’s CEO and arch-crook Michael Dell should be doing time, not fined a mere four-million bucks (petty cash to him) and allowed to carry on business as usual…

http://www.sec.gov/news/press/2010/2010-131.htm

But let’s stand back from this latest US corporate fraud for a moment. Acer founder’s recent observation that many American IT corporations will become irrelevant within 20 years, seems very poignant.

http://www.zdnet.com/blog/gadgetreviews/acer-founder-thinks-american-it-brands-will-be-dead-in-20-years/11340

If devices such as this hit the market…

http://www.bbc.co.uk/news/world-south-asia-10740817

…then Dell, Microsoft, IBM and even Apple Computer Inc will be in very deep trouble.

Even if this particular device never hits the market, you can be absolutely certain that others will. We are rapidly approaching a time when really good unbranded computer hardware, running free, open source operating systems such as Linux will be available as complete, working devices for less than the cost of a proprietary American operating system.

We are also entering the second dip of the worst recession in 80 years. Several key western economies, including the USA are hopelessly in-the-red and are now teetering on the brink of bankruptcy:-

https://www.cia.gov/library/publications/the-world-factbook/rankorder/2187rank.html

So who is going to pay $100 for Mac OSX or Windows operating systems, (other than the very rich and handful of brand-loyal fanbois,) when you can buy a complete, working computer, c/w operating system and all the software you need, for a fraction of that? Who will stump-up all that hard-earned cash for an Apple iPad when you can buy a device that’s just as good, for less than one tenth of the price? And the days of average folks paying $500+ for a jazzed-up mobile telephone are certainly drawing to a close!

Trouble is that the fat-cats running the US IT corporations have their heads so far up their own proverbial bottoms that they cannot see the writing on the wall. Indeed, this lack of vision beyond the current fiscal year’s profits is a disease that has infected much of corporate America.

On the other hand, perhaps America’s rich-and-powerful know exactly what’s happening and that’s why they are scrambling to ram their snouts in the trough before the gravy train pulls out of the station?

Honk! Honk! Mind the gap! Stand clear of the doors please!

Micro$haft operating systems hit by yet another “zero-day” malware strike is hardly news. But this latest attack in the guise of “Stuxnet” is different. Seems from my albeit limited reading on the subject that the Stuxnet concept strikes right at the very heart of the “Windows way of doing things“.

For example:-

1. Windows 7 64bit insists on so-called “signed drivers” – the excuse being that it makes the system much more secure. But Stuxnet worm uses stolen digital certificates (from Realtek & JMicron). So it can freely install its payload ( a.sys file rootkit) as a legitimate driver.
2. Whilst Verisign has now withdrawn one of these stolen certificates, it is clear that digital signing can no longer be relied upon as a means of verifying the integrity of Windows software or drivers.
3. Microsoft has been crowing about its “better than Unix” UAC (user access control) system. Stuxnet completely bypasses that. In fact, it appears that in this context that the “.lnk” files that MS uses for its short-cuts are not subject to any form of UAC at all!
4. This does not only spread by USB sticks as some would have us believe. Infected machines can spread the worm via ethernet connections too. In fact, you don’t have to open a file. You merely need to use Microsoft’s file Explorer to view a directory! So external SMB connections and Sharepoint are both vulnerable now.
5. Now it is “in the wild” and currently infecting roughly 1000 Windows PCS a day, other “copycat” criminals will use the same or similar techniques.

So, if your computing is important to you, then please don’t put all your proverbial “eggs in one basket” by relying solely on Micro$oft’s poor quality, over-priced operating systems. Or better still, dump M$ completely! It is perfectly achievable and will save you a small fortune:-

http://www.garfnet.org.uk/joomla/index.php?option=com_content&task=view&id=66&Itemid=16

Some further reading:-

http://news.softpedia.com/news/New-Stuxnet-Related-Malware-Signed-Using-Certificate-from-JMicron-148213.shtml

http://www.controlengeurope.com/article.aspx?ArticleID=35267

Probably most easily digested Stuxnet analysis I have read so far:-

http://www.theregister.co.uk/2010/07/20/win_shortcut_vuln_exploit_code/

Honk! Honk!

Worst thing about British pubs is not the prices – though I have to say, they are pretty shocking! It’s the rubbish standard of service, the queuing forever at the bar, dirty glasses, surly staff who make out they are doing you a tremendous favour serving you in the first place. And unless you choose one of the few independent pubs, the beer is pretty poor too. And does anywhere in the South of England know how to keep Guinness properly?

CF. continental Europe, where you sit down with your friends and a few minutes later, someone (often an unbelievably pretty waitress) takes your order. You can choose from a list of beers – and there are generally quite a few good ones, in amongst the dross. Most of the time, if you are a stranger in town, you can enquire which is the best brew to try first. This is an altogether much more pleasant and relaxed way to enjoy your beer.

If you are with someone who doesn’t drink alcohol, e.g. Mrs Goose, then the establishment will offer you coffee, hot chocolate or at least something that she likes. Whilst prices tend to be very close to UK ones these days, due to the plummeting value of Sterling against the Euro, the quality of service makes the price worth while.

No wonder UK pubs are closing at such a rapid rate. They seem stuck in a post-WW2 time-warp or something and seem to think that having an ear-splittingly loud jukebox and a few plastic oak beams will provide the “atmosphere” needed to get the punters through the door, and compensate for the grunting bar-staff. And don’t get me started on the horror they call “quiz-nites“. UK pubs simply have not caught up with what customers really want, i.e. a bit of service, please! Frankly “yer average boozer” here in Sunny Southampton is simply dreadful and they would have to pay me to set-foot through the door.

Now where’s that crate of McEwan’s Champion? Honk! Honk!

When I first heard about iPads, I thought it was something that geek girls might use during their iPeriods. But it seems I was mistaken.

Actually, I think the tablet form factor is an interesting one and may have great appeal in areas such as education. That’s why Nicolas Negroponte and his team have adopted it for the next generation X0-3 OLPC. However I have serious misgivings with regard to both the price and even more so with regard to Apple’s heavy-handed deployment of DRM (digital restrictions management) in these devices. In a nutshell, Apple can:-

• Decide what software you are allowed to use.
• Delete any content it disapproves of.
• Disable the device completely.

Nevertheless, a reasonable degree of commercial success for the iPad will no doubt inspire Chinese and Taiwanese companies to produce perfectly adequate generic clones. These will be significantly cheaper than the iPad, whilst not being infected with Apple DRM. Then it would not take the open source community long to write and compile decent apps for the clones. I understand that the XO-3 will be 100% OSS (open source software). So I suspect that many existing OSS apps will be ported to the generic pads very rapidly.

Therefore I’m perfectly happy to let the Apple fanbois have their fun. If they are prepared to pay through-the-nose whilst Steve Big Jobs & his minions @ Apple Computer Inc. spy on their data and dictate what apps they can and cannot use, then more fool them! Meantime, smart people will wait for one of the new generation generic pads that will undoubtedly follow – running some form of GNU/Linux and c/w 100% open source software of course.

Translated into practical terms my little goslings, that means 1/3 the cost of an iPad, 100% freedom regarding what software you install and infinite superiority in terms of privacy and security.

Honk! Honk!

References:-

This was the title of a blog post over at ZDNet. So should you dump Internet Exploder. Now let me see…

Yes! Yes! Yes! Along with all Microsoft’s other products!

Let’s stand back from this for a minute folks. Microsoft is a big, greedy, highly profitable US corporation that has systematically stifled its competition whilst deploying a variety of highly dubious methods to force equipment manufacturers to bundle its products. Microsoft has a long track record of producing poor quality and insecure products. Meantime, its senior executives have become very rich indeed. One would have more sympathy with Microsoft if it had poured its vast profits back into securing its products. But it hasn’t.

I hope that legislatures around the planet will go much further than just recommending users stop using one of Microsoft’s products. I hope they will explicitly outlaw Microsoft “bundling”, so that consumers actually have a choice of operating system. It is entirely unacceptable that consumers are forced to buy Windows whenever they buy a new computer. Why should we be forced to pay what amounts to a “Windows Tax” to Microsoft, regardless of whether we want to use its rotten products or not?

The good news is that it seems the Microsoft racket is finally unravelling. I would say to consumers everywhere, now would be a very good time to write to your MP/congressman. Complain to your national/regional consumer protection organisations. If you can buy equipment OS-free then do so. Boycott IT suppliers that still persist with bundling. The writing is on the wall my little goslings…

The Hungarian Government recently voted its public sector should adopt open standards:-

http://news.cnet.com/8301-13505_3-10419262-16.html

http://nyissz.hu/blog/10-points-on-the-mandatory-use-of-open-standards-in-hungary/

Meantime it seems the good people of Italy have started a class action against Microsoft to get their Windows Tax refunded:-

http://arstechnica.com/microsoft/news/2010/01/italian-class-action-suit-targets-unwanted-windows-installs.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

The GarfNet team successfully dumped Microsoft back in May 2007 and it was one of the best business decisions they ever made. Moreover, it proved beyond all reasonable doubt that Microsoft-free businesses are perfectly viable:-

Actually MS-free businesses are more than merely “viable”. Being free from Microsoft has considerable advantages, both in terms of cost and in operational terms, i.e. reliability, security, ease of replicating systems, lack of malware etc.:-

Meanwhile GarfNet is compiling a formal complaint to the UK Office of Fair Trading and to the European Union Competition Commission regarding the forced payment of Windows Tax here in the UK. There is still a lot of work to do but this is the progress so far:-

Final comment before the Microsoft apologists and “fanbois” get up-in-arms. I’m not actually advocating the total annihilation of Microsoft. However I think the world would benefit from a much downsized Microsoft, with much lower profits and perhaps a 20-30% market share. I have no doubt that a Microsoft that actually had to compete in the marketplace would produce higher quality and more secure products. This would be better for the consumer, better for national security, better for the economy and better for the IT industry. Long term it might even be better for Microsoft too!

Though I suspect that I will stick with the Penguinisitas, whatever happens to Micro$haft. Honk! Honk!

Seems its not just the Germans who have serious misgivings regarding Micro$haft’s ailing Internet Explorer web browsing software.

Today the French information agency CERTA (Centre d’Expertise Gouvernemental de Réponse et de Traitement des Attaques informatiques) also issued a warning to French users advising them to give Internet Explorer a wide berth:-

In a blackly comic twist, a comedian (he must be a comedian in order to say the things he said) from Microsoft’s propaganda department called Cliff “Trust-me-I’m-from-Microsoft” Evans claimed that Internet Explorer version 8 is really more secure than other browsers. In a two-minute-long harangue largely consisting of inane drivel, half-truths and omissions, punctuated with the occasional downright lie, published in video form on the BBC website, Evans says users must look at the overall security picture.

In a nutshell, users should ignore the fact that Microsoft Internet Explorer has more holes than a Swiss cheese and carry on using it anyway. Whilst droning on about the virtues of Internet Explorer, Evans neglected to mention that the same vulnerability that allowed hackers to gain illegal access to Chinese users’ gMail accounts last week, still remains un-patched and probably won’t be fixed until next month!

Nor did Evans mention that some of those who were let down by his company’s appallingly poor-quality products were in fact Chinese dissidents that now risk being arrested, imprisoned, and even tortured or executed.

However, in-line with our European colleagues, the official word from the Goose Pond, regarding Internet Explorer, my little goslings, remains pretty much the same as in my last post, namely:-

Don’t use Microsoft products, ever!

Microsoft’s problematic Internet Explorer web browsing software has raised the ire of the German Authorities.

Bundesamt für Sicherheit in der Informationstechnik (which translates to Federal Office for Information Security), issued an unprecedented warning to users, not to use Microsoft Internet Explorer. This follows the discovery of a security hole that led to attacks against Google and other US companies by hackers, allegedly based in China.

The warning applies to all the latest versions of Internet Explorer, namely versions 6, 7 and 8:-

Instructions telling hackers how to exploit the security hole are available on the web – but I haven’t found them yet! However, the US Department of Homeland Security has published more details of the problem. Seems it is a so-called zero-day exploit and Microsoft does not have a fix for it yet.

Not surprisingly, Microsoft has tried to play the affair down. Since it is unable to offer a patch, Microsoft has offered a “workaround” instead. Basically it involves putting your browser into what some refer to as “cripple mode” by setting the Internet Zone Security setting to “High“. However, the German authorities say even this won’t make it safe.

The reason for the furore is that it seems Google’s Chinese servers were attacked by hackers exploiting one of Internet Explorers many security holes. Machines belonging to Chinese gMail users were compromised via Microsoft Internet Explorer, allowing hackers to get access to their gMail accounts.

It seems this has allowed the Chinese Authorities to obtain vital information regarding dissidents. If this is true then, it could result in imprisonment, torture or even death. Of course, we don’t know how deep these attacks have gone and no one has actually proven it was the Chinese behind the attacks either. After all, the United States has a long and sad history of creating “bogeymen” to act as scapegoats for all evils of the world. And if there is one government that is less trustworthy than China’s, it is that of the United States – along with the British one of course!

Likewise, Microsoft Internet Explorer running on Microsoft Windows has a long and sad history of serious security flaws, one of which is that your machine can become infected with malware simply by visiting a website. Worse, Windows fans – people daft enough to believe all the rubbish than emanates from the spindoctors at Redmond – will tell you that its the user’s responsibility to make sure a website is safe before you visit it. I’m not sure how exactly? Thousands of perfectly legitimate sites are hacked every day.

Fortunately, it seems that the computer-using public is slowly waking up to the fact that Internet Explorer is indeed a very poor quality product. According to hitslink.com it seems that Firefox has 25% of the market and the combined market share of all the Internet Explorer versions has fallen to 63%. Interesting to see what the figures look like in a couple of weeks, don’t you think?

Moreover, the W3Schools stats make really interesting reading. Granted, its clientèle is likely to favour standards-based browsers. Nevertheless, its figures indicate that IE’s combined share has fallen to below 40%:-

A couple of final notes of caution…

Firstly, many of the articles regarding this debacle refer to the BSI. This is of course the Bundesamt für Sicherheit in der Informationstechnik, which translates to (German) Federal Office for Information Security, not the British Standards Institution. Interestingly the somewhat pro-Microsoft British Government has remained very, very quiet on the subject!

Secondly, the official Goose advice to computer users who really want to remain safe, regardless of what country you live in:-