l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2012 May 28 09:01

Reasons to Avoid Microsoft


[Bug] [Education] [Government] [Fear, Uncertainty, Doubt] [Security Hole] [MSN Hotmail] [MS Internet Explorer] [MS IIS Webserver] [MSN Instant Messenger] [License] [Linux/Open Source] [Monopoly] [MS Outlook] [Piracy] [Privacy] [Virus/Worm] [MS XBox] [MS Windows XP] [WOW!]
Show All

[WOW!]

WOW!


These pages are a compilation of links and quotes to news articles and others sources that might help convince you to switch to Linux.


    Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
  • Your Loss, Their Gain (Infoworld, 2003.04.04)
    [License] [WOW!] A little advice for any company looking to sell off part of its operations during these troubled times -- you might want to check with Microsoft first to see how much it's going to cost you. ...Software Assurance is that very expensive maintenance program Microsoft pushed on volume-license customers last year by eliminating separate upgrade pricing. ... Did this mean SA customers would lose their investment on licenses that were part of a transfer? '...you become obligated to pay for the years that remain on the SA agreement covering those computers, but that agreement is terminated and Microsoft provides no further upgrades under it. The acquiring party just gets the rights to the current versions you already had on those computers.' ... Microsoft will [receive additional] license costs without providing a thing.

  • Microsoft Warns Windows Users About Flaw (Seattle P.I., 2003.03.20)
    [Security Hole] [WOW!] [MS IIS Webserver] Microsoft Corp. on Wednesday warned about a serious flaw in all versions of its popular Windows software that could allow hackers to seize control of a person's computer when victims read e-mails or visit Web sites. ... It was particularly unusual because it affected so many different versions of Windows, from Windows 98 to its latest Windows XP editions.

  • Microsoft WinXP Update spies on other PC software (The Inquierer, 2003.02.25)
    [Privacy] [MS Windows XP] [WOW!] Microsoft extracts more information from a person's PC when the update Windows facility is used running the WinXP operating system. ... [The data] transferred to Microsoft Central whenever you connect to its update web site ... [includes] a list of all of the software installed on an individual's computer, including [3rd party software].

  • Microsoft Media Player logs users' DVD picks (ITworld.com, 2003.02.21)
    [Privacy] [MS Windows XP] [WOW!] [Microsoft's] media player software keeps track of what DVDs are played on a PC and shares that information with the software maker via the Internet... The server is given a unique fingerprint for the DVD and the media player client, allowing Microsoft to track what movies are watched on a particular PC... A user could uncover what movies another user is watching. [The] privacy policy ... did not disclose that the software connects to a Microsoft server for an exchange of data...

  • Experts: Microsoft security gets an 'F' (CNN, 2003.02.01)
    [Virus/Worm] [WOW!] Computer security experts say the recent 'SQL Slammer' worm, the worst in more than a year, is evidence that Microsoft's year-old security push is not working. 'Trustworthy Computing is failing ... now I'd give it an 'F.'' ... 'It would be much better if the software shipped from Microsoft with fewer problems to begin with.'

  • Sneaky Toolbar Hijacks Browsers (Wired, 2003.01.30)
    [MS Internet Explorer] [Privacy] [WOW!] Xupiter is an Internet Explorer toolbar program. Once active in a system, it periodically changes users' designated homepages to xupiter.com, redirects all searches to Xupiter's site, and blocks any attempts to restore the original browser settings. ... Several versions of Xupiter also appear to download other programs, such as gambling games, which later appear in pop-up windows. Xupiter's site claims the toolbar isn't installed without express permission, but many insisted that they had not agreed to install the program.

  • Virus-like attack slows Web traffic (MSNBC, 2003.01.25)
    [Virus/Worm] [WOW!] The outbreak was so severe that while it infected only back-end Internet computers, general e-mail use and Web browsing were slowed by its effects. ... Within a few hours, 25,000 back-end database servers [running Microsoft SQL Server] had been infected... nearly 20 percent of Internet traffic was lost during the frantic morning attack...

  • Microsoft Warns of New Vulnerabilities in Windows (Reuters, 2002.12.12)
    [Security Hole] [WOW!] Microsoft ... warned customers about a series of new vulnerabilities in its Windows system, including one that could allow malicious programs written in Java to take over a computer. The vulnerabilities are in Microsoft's Virtual Machine for Java, which is in all versions of Windows since Windows 98... Computer users could be affected by any of the eight vulnerabilities by visiting a Web page that contains malicious Java codei on it.

  • Really critical hole in Microsoft Web software (The Register, 2002.11.21)
    [Security Hole] [MS Internet Explorer] [MS IIS Webserver] [WOW!] ust one day after raising the threshold beyond which it considers security vulnerabilities 'critical,' Microsoft Corp released a security advisory saying there is a 'critical' hole in its browsers and web servers that could cause serious problems, even if it is patched. ... 'This vulnerability is rated critical because an attacker could take over an IIS server or an Internet Explorer client and run code,' Microsoft warned. ... To make matters worse, it is currently possible to make patched systems vulnerable again, Microsoft said. A malicious attacker would be able to reintroduce the vulnerable control with just a specially [written] HTML document. Users that have their browsers configured to trust Microsoft-signed ActiveX controls by default would have the vulnerability reintroduced without their knowledge.

  • DANGEROUS new security hole (How to execute programs with parameters in IE) (alt.comp.anti-virus Usenet Newsgroup, 2002.11.10)
    [Security Hole] [WOW!] The above url when viewed WILL FORMAT THE A:\ drive when viewed on a fully updated and patched windows system. ... The technique used may open up far more dangerous attacks than seen before.

  • Serious Internet Explorer Defect (James Madison University, 2002.11.08)
    [Security Hole] [WOW!] A simple way to exploit an unfixed defect in Internet Explorer has been discovered that allows malicious web sites, and possibly malicious email messages read with Outlook or Outlook Express, to take control of a computer. All you would need to do is click a web link and the owner of the web site could take almost any action they desired on your computer. ... There is no patch to fix the problem. Anti-virus and personal firewall software will not prevent an exploit. ... There is only one technical defense Internet Explorer users can use against an exploit at the present time and that is to disable scripting in Internet Explorer, Outlook, and Outlook Express. Unfortunately, disabling scripting in Internet Explorer will adversely affect the operation of many web sites including ... the Windows Update Site.

  • Microsoft: You Need Permission to Sell Our Software (Slashdot.org, 2002.Oct.29)
    [License] [WOW!] Microsoft has objected to the sale of bankrupt KMart's Bluelight.com Internet unit to United Online. Microsoft's objection to the sale is based on the non-transferability of software licenses protected by copyright law... This action... should serve as a warning to any corporation that has a significant investment in Microsoft licenses. Dependency on Microsoft licenses may grant Microsoft the ability to veto your business decisions.

  • Bugbear Virus Spreading Rapidly (PC World, 2002.Oct.2)
    [Virus/Worm] [Security Hole] [Privacy] [WOW!] [The] virus generates random attachment names and subject lines to avoid easy detection by antivirus software and assigns multiple file extensions to the virus to disguise the fact that it is an executable file... Once activated, the virus shuts down vital processes used by antivirus and firewall software, records user keystrokes to capture passwords, sends copies of itself as e-mail attachments, and copies itself onto directories shared by networks that are accessible to the computers it infects. ... Finally, Bugbear opens a back door to the machines that it infects. Using a Web browser, the virus author or malicious hackers can access a Web interface created by the virus, browse local files on an infected machine, and execute programs on that machine...

  • Microsoft Flaw May Allow File Theft (Yahoo! News, 2002.Sep.13)
    [Security Hole] [Privacy] [WOW!] icrosoft's flagship word processor has for years had a security flaw that could allow a criminal to steal computer files by 'bugging' a document with a hidden code. The company said it will definitely repair the problem only for owners of the most recent versions of the software. That decision... may leave millions of users of Word 97 without a fix. All versions of Word are susceptible to the flaw, but the problem is most severe in Word 97. ... The attacker sends the victim a bugged document, usually with a request that the document be revised and returned to the sender - a common form of daily communication. When the document is changed and sent back, the file the attacker wants to steal is attached. ... A research firm reported in May that about 32 percent of offices have copies of Word 97 running...

  • Microsoft: 'Our products aren't engineered for security' (ComputerWeekly, 2002.Sep.06)
    [Security Hole] [Privacy] [WOW!] 'We really haven't done everything we could to protect our customers. Our products just aren't engineered for security,' admitted [Brian Valentine, senior vice-president in charge of Microsoft's Windows development]. ... In August [Microsoft] put out eight security bulletins. This month it has released two, so far, with the latest urging users to patch a flaw in its digital certificate technology that could allow attackers to steal a user's credit card details.

  • Expert: Banks yield to Microsoft flaw (CNet, 2002.Aug.26)
    [Security Hole] [Privacy] [WOW!] The Swedish hacking expert... demonstrated ... how it was possible within minutes to break through security on Web server software from Microsoft. The expert showed how to crack the security systems for Internet banking, breaking into three of Sweden's big four banks in quick succession. He was then able to show how to conceal his tracks, making detection difficult afterward. ... He relied on a variation of a weakness ... in Microsoft's implementation of Secure Socket Layer... 'There's been a lot of denial' ... Such flaws result from a mix of fatalistic acceptance and technical ignorance ... ''Everything is fine,' banks say. That's clearly nonsense.'

  • Microsoft discloses 'critical' security flaws - Office, IE lapses put millions in danger of being hacked (CNN, 2002.Aug.23)
    [Security Hole] [MS Internet Explorer] [Privacy] [WOW!] Microsoft Corp. said ... that 'critical' security lapses in its Office software and Internet Explorer Web browser put tens of millions of users at risk of having their files read and altered by online attackers. ... [An] attacker, using e-mail or a Web page, could... alter data and wipe out the hard drive as well as view file and clipboard contents on a user's system. ... In addition [they] reported vulnerabilities in the three latest versions of [Internet Explorer] that allows infiltrators to read files.

  • Exploiting design flaws in the Win32 API for privilege escalation. Or... Shatter Attacks - How to break Windows. ((Paper), 2002.Aug)
    [Security Hole] [WOW!] The flaws presented in this paper are, at the time of writing, unfixable. The only reliable solution to these attacks requires functionality that is not present in Windows, as well as efforts on the part of every single Windows software vendor. Microsoft has known about these flaws for some time; when I alerted them to this attack, their response was that they do not class it as a flaw... This research was sparked by comments made by Microsoft VP Jim Allchin who stated, under oath, that there were flaws in Windows so great that they would threaten national security if the Windows source code were to be disclosed. ... Basically, there is no simple solution, which is why Microsoft have been keeping this under their hat. Problem is, if I can find this, I can guarantee that other people have as well. They might not tell anyone about it, and the next time they get into your system as a low-priv user, you wouldn't have a clue how they got LocalSystem out of it. After all, you're all up to date on patches, aren't you? ... Imagine a company providing terminal service functionality to their clients, for whatever purpose. That company is NOT going to give their users any real privileges. Shatter attacks will allow those users to completely take over that server; localsystem privileges are higher than the Administrator, and on a shared server that's a problem. Oh, and it doesn't require console access either - I've successfully executed these attacks against a Terminal Server a hundred miles away.

  • Microsoft accidentally distributes virus (C|Net, 2002.Jun.14)
    [Virus/Worm] [WOW!] Microsoft's flagship developer tools [Visual Studio .Net] picked up [the virulent Nimda worm]... [This] is yet another stain on Microsoft's reputation as the company works to convince the public and the tech community that its products are secure.

  • MS security hole extravaganza (The Register, 2002.Jun.13)
    [Security Hole] [MS IIS Webserver] [MS Windows XP] [MSN Instant Messenger] [MS Internet Explorer] [WOW!] MS has been sitting on a number of security holes which it's decided to dump on us all at once. ... MS soft-pedals the severity in classic form, labeling this one "Moderate." But the eEye bulletin rightly points out that a target machine can be owned with a single session if the attacker knows what he's doing. ... Apparently, users had trusted the MS patch to fix their systems properly. Well it didn't... Apparently, the [previously reported Gopher exploit] is a bit worse than MS had originally thought, and affects not [just] IE...

  • Security Flaw Found in Explorer (Yahoo! Finance, 2002.Jun.04)
    [MS Internet Explorer] [Security Hole] [WOW!] A security flaw in Microsoft's Internet Explorer browser could allow a hacker to take control of a remote computer if its user clicks a link... [A] hacker could take over a user's computer simply by having the user click on a link... That one click would install and run any program the hacker chose on the victim's computer, and the victim might never know. ... All versions of Internet Explorer are believed to be vulnerable...

  • New Hotmail settings might share your info, addresses (Eastside Journal, 2002.May.14)
    [MSN Hotmail] [Privacy] [WOW!] Microsoft has changed the privacy settings for Hotmail What that means for subscribers ... is that the company can share a Hotmail address with its partner Web sites. Microsoft has given itself the right to share your e-mail address and other data with outside companies -- even if you explicitly told Microsoft not to do so when you signed up. It was done ... without anyone's knowledge or consent... 'It was done without our knowledge and consent in a secretive manner in violation of Microsoft's own terms of service'...

  • Microsoft Warns of Critical Instant Messaging Flaw (Washington Post, 2002.May.08)
    [MSN Instant Messenger] [Security Hole] [WOW!] A security flaw in Microsoft's instant messaging services could enable remote attackers to take control of users' computers... [it] can be exploited through a malicious e-mail message, Web page, 'or through any other method where Internet Explorer is used to display HTML that an attacker supplies.' ... [Even] non-active Messenger users, or those who access the service using a third-party ... should upgrade... 'The attack doesn't happen through the chat client, so as long as you have MSN Messenger installed, if I send you a special URL, I can [take over your entire computer]'

  • The pop-up ad campaign from hell (Salon, 2002.May.07)
    [MS Internet Explorer] [WOW!] It's the latest in Web marketing innovation: Hijacked Web surfers, exploited Web browser vulnerabilities and malicious spyware all wrapped up together. ... Thousands of unsuspecting visitors to a family entertainment site are discovering a cornucopia of unwanted, potentially malicious software on their computers -- the result of a pop-up ad campaign, a booby-trapped Web site, [and] a compromised Web browser... code in the pages at [the malicious website] exploited a known flaw in [the] Internet Explorer browser to covertly download the first of 10 files onto visitors' computers. ... 'When you exploit a security bug to get your program onto someone's PC, you've crossed the boundary into what we consider malicious'...

  • Compulsory Windows: for Macs, and people without PCs? (The Register, 2002.May.07)
    [Education] [WOW!] Microsoft has come up with another novel way to make its software compulsory - an annual subscription licensing system for schools where you have to pay for all of the computers you're using, even if you don't want them to run the Microsoft software you're licensing. This includes Macs... [The] Microsoft UK Campus Agreement [has schools] paying for software for people who don't even have computers.

Next 25 Articles

Collection originally created by, donated to LUGOD by, and maintained by Bill Kendrick.

Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.