Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.

More Than Two Decades of Causing Worsening Cybersecurity

posted by janrinok on Sunday October 31 2021, @11:45AM   Printer-friendly
from the it's-deja-vu-all-over-again dept.

canopic jug writes:

Back in 1998, Paul Strassmann, a former CIO of Xerox, NASA, and the US Department of Defense, wrote in Computerworld about how Microsoft's overly complex, defective, and vulnerable systems which were already a threat to national security even back then. The intervening time has shown Strassmann to have been more than correct as the problems he identified with Microsoft and its products worsen monatonically. Mitchel Lewis writes a guest post at Techrights about the current situation and how Microsoft remains a security threat against national security and systematic reliability of our computer-based society today:

That said, I think enough time has elapsed to confirm that Paul Strassmann is an authority on such matters and that Microsoft is precisely who he said they were. Further and with hindsight in our pocket, it seems as if Microsoft was merely projecting when they said Strassmann's paper was flawed and that he made errors in analyzing the state of computer security and its causes in light of their 95–99% monopoly on ransomware infections alone and that ransomware is already considered to be a national security threat.

[...] However, I'd like to think that Microsoft would get creative if the government were to sanction Microsoft by allowing allow citizens and businesses impacted by ransomware to bill Microsoft for the cost of the ransom and their losses in productivity. And although Microsoft cannot be faulted for the attacks, they can be faulted for their shit-in-hand approach to quality and security while sanctioning them until they actually take a common-sensical approach to quality and security appears to be the simplest means of combating ransomware and mitigating the threat it poses to our national security.

While 2% of known ransomware affects Android, which makes 72% of the mobile market and 41% of all clients, the rest is for Microsoft's product line which weighs in at 32% of the market nowadays. So far Microsoft's response has been weak and based on strawman fallacies with the occasional feeble ad-hominem fallacy thrown in.

Previously:
Many posts about Windows ransomware
(2021) The State Department and Three Other US Agencies Earn a D for Cybersecurity
(2016) DNC Creates A 'Cybersecurity Board' Without A Single Cybersecurity Expert
(2016) Execs: We're Not Responsible for Cybersecurity

Original Submission

 
This discussion has been archived. No new comments can be posted.
More Than Two Decades of Causing Worsening Cybersecurity | Log In/Create an Account | Top | 94 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by hendrikboom on Sunday October 31 2021, @10:54PM

    by hendrikboom (1125) Subscriber Badge on Sunday October 31 2021, @10:54PM (#1192317) Homepage Journal

    I have yet to see ANY code that has NO bugs.

    The only significant piece of code I've heard of with the reputation of being bug-free was the Kruzeman Aretz Algol 60 compiler that ran on an Electrological computer in the 60's and early 70's.

    Oh yeah. There was the one-instruction clear memory code that we used to clear the memory of the IBM 1620 in the 60's. It would clear memory until you stopped the machine by powering off or rebooting it.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2