Language Selection

English French German Italian Portuguese Spanish

Microsoft

Is Linux A More Secure Option Than Windows For Businesses?

Filed under
GNU
Linux
Microsoft
Security

There are many factors to consider when choosing an OS, security being among one of the most critical. The general consensus among experts is that Linux is the most secure OS by design - an impressive feat that can be attributed to a variety of characteristics including its transparent open-source code, strict user privilege model, diversity, built-in kernel security defenses and the security of the applications that run on it.

The high level of security, customization, compatibility and cost-efficiency that Linux offers make it a popular choice among businesses and organizations looking to secure high-value data. Linux has already been adopted by governments and tech giants around the world including IBM, Google and Amazon, and currently powers 97% of the top one million domains in the world. All of today’s most popular programming languages were first developed on Linux and can now run on any OS. In this sense, we’re all using Linux - whether we know it or not!

This article will examine why Linux is arguably the best choice for businesses looking for a flexible, cost-efficient, exceptionally secure OS. To help you weigh your options, we’ll explore how Linux compares to Windows in the level of privacy and protection against vulnerabilities and attacks it is able to offer all businesses and organizations.

Read more

10 Reasons To Change Windows 10 To Linux

Filed under
GNU
Linux
Microsoft

Windows 10 has been around for a long time, but not everyone likes it. On the other hand, support for Windows 7 ended in early 2020, and users must either upgrade to a new version or look for an alternative. For such cases, there are a huge number of free Linux distributions that you can try and start using.

In today’s article I will give 10 reasons why you should leave Windows in favor of Linux. Linux-based operating systems are open source and freely distributed, but this is not their only advantage.

[...]

In this article, we’ve covered 10 reasons why you should replace Windows 10 with Linux. Every year there are more and more such reasons. Previously, Linux was positioned only as a system for servers. Now everything is not so bad on home computers. In addition, thanks to Valve for Linux, games have appeared. I hope this article will help those who still have doubts. Have you already switched to Linux? What are the most compelling reasons for you? Write in the comments!

Read more

Microsoft and Windows Collapse in Web Servers

Filed under
Server
Microsoft
  • Why Is Linux Hosting So Much More Popular Than Windows?

    The 21st century has seen the rapid digitization of life. All things within daily life – be it shopping or eating out or commuting, technology and computers have a role in enabling almost all of these activities. Different countries, organizations and people collaborate on the internet and contribute to a better working world. And the internet works with the use of computers called servers or hosts. Humans interact with computers with the help of operating systems. The importance of Linux reseller hosting stems from the fact a big chunk of the internet (websites) is up and running, thanks to cheap Linux reseller hosting.

  • March 2021 Web Server Survey

    nginx gained 3.7 million sites this month and holds 35.3% of the market with a total of 419.6 million sites. By contrast, Apache lost 8.5 million sites and accounts for just over a quarter of all sites with 308.5 million. Microsoft lost 9.6% (-7.5M) of its sites this month and ceded third place to OpenResty which in turn gained 1.2 million (+1.6%).

Proprietary Software and Microsoft

Filed under
Microsoft

  • Mysterious bug is deleting Microsoft Teams, SharePoint files [Ed: "Mysterious" means secret code; Microsoft booster Lawrence Abrams seems to be growingly concerned about that]
  • Verkada [Cracker] Charged With Wire Fraud, Identity Theft in U.S.

    A Swiss computer [cracker] who was involved in the intrusion of Verkada Inc., exposing surveillance footage from Tesla Inc., was charged by prosecutors in Seattle with conspiracy, wire fraud and identity theft.

    Till Kottmann, 21, and their co-conspirators were accused of [cracking] dozens of companies and government entities since 2019 and posting private victim data of more than 100 entities on the web in a grand jury indictment released Thursday.

  • Ohio senator lashes govt over accountability for SolarWinds attack

    Portman did not take kindly to this and fired back: “So if everyone is in charge, no one is in charge, right? Who exactly, who is accountable?”

    A similar scene was played out in the House of Representatives on Wednesday with 14 politicians, both parties, on the House Energy and Commerce Committee trying to find out which departments had been affected by the attack.

    In a related development, questions are continuing to be raised over the extent of Microsoft's involvement in the SolarWinds attacks. As iTWire outlined, the company has been gradually revealing more about its connection to the attack.

  • 'Who exactly, who is accountable?': Rob Portman presses cybersecurity officials on SolarWinds [attack]

    In the House, lawmakers are similarly frustrated with the federal government’s answers on the fallout from the SolarWinds [attack]. A bipartisan coalition of 14 House Energy and Commerce Committee lawmakers wrote to Biden administration officials and Cabinet officers on Wednesday seeking answers to basic questions such as, “Has your department been impacted by the compromise?”

  • Serious Security: Mac “supply chain” backdoor takes aim at Xcode devs [Ed: The latest example of Microsoft-hosted projects (GitHub) causing security problems, which are then being blamed on "Linux" or "Macs" (but never Microsoft). Use Microsoft GitHub/NPM and get destroyed, just like Microsoft's own systems.]
  • Jussi Pakkanen: Microsoft is shipping a product built with Meson [Ed: Microsoft says it loves Open Source; it's merely exploiting it to cement monopolies of proprietary software, i.e. the antithesis of software freedom]

    Some time ago Microsoft announced a compatibility pack to get OpenGL and OpenCL running even on computers whose hardware does not provide native OpenGL drivers. It is basically OpenGL-over-Direct3D. Or that is at least my understanding of it, hopefully this description is sufficiently accurate to not cause audible groans on the devs who actually know what it is doing under the covers. More actual details can be found in this blog post.

    An OpenGL implementation is a whole lot of work and writing one from scratch is a multi-year project. Instead of doing that, Microsoft chose the sensible approach of taking the Mesa implementation and porting it to work on Windows. Typically large corporations do this by the vendoring approach, that is, copying the source code inside their own repos, rewriting the build system and treating it as if it was their own code.

Monopolies, Proprietary Software, and Microsoft Security/Downtime

Filed under
Microsoft
  • Rising Market Power—A Threat to the Recovery? [Ed: IMF warns against Pentagon-connected and taxpayers-subsidised technology monopolists]

    The crisis has hit small and medium enterprises especially hard, causing massive job losses and other economic scars. Among these—less noticeable, but also serious—is rising market power among dominant firms as they emerge even stronger while smaller rivals fall away.

    We know from experience and IMF research that excessive market power in the hands of a few firms can be a drag on medium-term growth, stifling innovation and holding back investment. Such an outcome could undermine the recovery from the COVID-19 crisis, and it would block the rise of many emerging firms at a time when their dynamism is desperately needed.

  • Even Murkier: Microsoft Says Some Bethesda Games Will Indeed Be Xbox, PC Exclusives

    Late last year, we discussed Microsoft's acquisition of Zenimax, the parent company of Bethesda, and what it would mean for the studio's beloved franchises. At particular issue, given that this is Microsoft we're talking about, was whether new or existing franchises would be exclusive to Xbox consoles and/or PC. The communication out of Microsoft has been anything but helpful in this respect. First, Xbox chief Phil Spencer and Bethesda's Todd Howard made vague statements that mostly amounted to: man, we don't have to make Bethesda games exclusives and it's hard to imagine us doing so. Only a few weeks later, another Microsoft representative clarified that while the company may have plans to make Bethesda games "first or best" on Microsoft platforms, "that's not a point about being exclusive." This naturally led most to believe that Microsoft might have timed release windows on other platforms, but wouldn't be locking any specific titles down.

  • WeLeakInfo Leaked Customer Payment Info

    A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data on 24,000 customers who paid to access the service with a credit card.

  • Microsoft Teams, Exchange and more went down for four hours on Monday

    Microsoft Teams went down for around four hours on Monday, alongside Azure and other Microsoft 365 services. Microsoft blamed the issues on “a recent change to an authentication system” took some Microsoft 365 services down. A roll back to the change took longer than Microsoft expected, with the company confirming at 12:35AM ET that “impact has been largely mitigated.”

  • Microsoft could be set for a US government windfall [Ed: Microsoft is being rewarded again for its crimes; taxpayers subsiding criminals against their will]

    Nearly a quarter of the Covid relief funds set aside for cybersecurity defenders will be going to Microsoft though some US lawmakers have voiced concerns that they don't want to increase funding for the company after it suffered two high-profile hacks.

    As first reported by Reuters, Congress allocated the funds in its new Covid relief bill after two major cyberattacks took advantage of weaknesses in the software giant's products to penetrate the computer networks of government agencies as well as those at tens of thousands of companies. Not only do these two hacks pose a major national security threat for the US but lawmakers also say that Microsoft's faulty software is making the company more profitable.

Proprietary Software and Microsoft Leftovers

Filed under
Microsoft

PoC for Microsoft Exchange Server re-appears on GitHub with comment

Filed under
Microsoft
Security

"This is huge, removing a security researchers code from GitHub against their own product and which has already been patched. This is not good."

The comment referred to by Vess was this: "Why does GitHub remove this exploit because it is against the acceptable use policy – but tons of other proof of concept exploits and frameworks are OK?

"Is it because GitHub is owned by Microsoft?

Read more

Third time's a harm? Microsoft tries to get twice-rejected compression patent past skeptical examiners

Filed under
Microsoft
Sci/Tech
Legal

In June, 2019, Microsoft applied for a US patent covering enhancements to a data encoding method known as rANS, one of several variants in the Asymmetric Numeral System (ANS) family that form the foundation of data compression schemes used by Apple, Facebook, Google, various other companies, and open source projects.

Its US patent application was published on the last day of 2020. Recently, the inventor of ANS, Jarosław Duda, assistant professor at Institute of Computer Science at Jagiellonian University in Poland, expressed concern that if Microsoft's patent application is granted, anyone using software that incorporates an ANS-based encoder could be at risk of a potential infringement claim.

[...]

"Google ended up abandoning that application," said Alex Moss, staff attorney for the EFF and Mark Cuban Chair to Eliminate Stupid Patents, in an email to The Register. "But it looks like Microsoft picked up right where it left off."

"Professor Duda’s concerns about the Microsoft application are similarly well-founded: these are broad claims that implicate practically any use of ANS without adding anything new and non-obvious," said Moss.

The USPTO has already said as much, Moss explained: It has rejected this application twice before, including a final rejection for obviousness.

The USPTO issued a non-final rejection of the application on May 21, 2020. Microsoft sought a review of the decision and the patent agency then issued a final rejection on October 27, 2020.

Yet on March 2, 2021, Microsoft tried one more time to get its patent application approved. In a USPTO explanatory filing, attorney Kyle Rinehart said, "The Applicant respectfully disagrees with the rejections."

"Microsoft’s recent filing takes advantage of what’s called the "After Final Consideration Pilot 2.0" program," Moss explained. "This program was started under former Director of the Patent Office, Andrei Iancu, and before leaving office, he extended the program through September 30, 2021."

Read more

Windows 10 is a bullshit. Update KB5000802 breaks LibreOffice work

Filed under
LibO
Microsoft

If you use Windows 10 and you didn't disable its updates then you could got an update KB5000802 pair days ago that breaks LibreOffice work.

Read more

More Microsoft Lies and Proprietary Software Blunders

Filed under
Microsoft
Security
  • Microsoft Retracts Paper Claiming Quantum Computing Breakthrough

    “I don’t know for sure what was in their heads,” University of Pittsburgh professor Sergey Frolov who was not involved in the research, told Wired, “but they skipped some data that contradicts directly what was in the paper. From the fuller data, there’s no doubt that there’s no Majorana.”

  • Microsoft-led team retracts quantum 'breakthrough

    And now, the researchers have accepted they were wrong. Their errors included:

    having "unnecessarily corrected" some of the data and not having made this clear

    mislabelling a graph, making it misleading

  • Retraction Note: Quantized Majorana conductance

    We can therefore no longer claim the observation of a quantized Majorana conductance, and wish to retract this Letter. After informing Nature of this decision, Nature issued an Editorial Expression of Concern and initiated the retraction process.

  • Peter Dutton launches Cyber Security Industry Advisory Committee Ransomware Paper [iophk: Windows TCO]

    To build awareness about the ransomware threat, the Minister for Home Affairs, Peter Dutton, and Chair of the Cyber Security Industry Advisory Committee, Telstra CEO Andrew Penn, have released the Committee’s first paper: “Locked out: Tackling the ransomware threat.”

    We're told this paper, a detailed, 14-page PDF, "helps educate businesses to protect themselves by making a number of recommendations relating to email security, multi-factor authentication, software updates, training, back-ups, data lifecycle management and built in security features.

  • Verkada surveillance cameras at Tesla, hundreds more businesses breached: [crackers]

    The [cracking] group, if it had chosen, could have used its control of the camera gear to access other parts of company networks at Tesla and software makers Cloudflare Inc and Okta Inc, according to Kottmann.

  • [Crackers] Target Tesla, Sandy Hook Elementary School in Sweeping Security Camera Breach

    Kottman said the collective then gained access to live feeds of 150,000 surveillance cameras, as well as the video archives of all of Verkada's customers and Verkada's balance sheet. Most company balance sheets contain a listing of its financial assets, liabilities and equity for any owners.

  • Is Congress finally ready to pass meaningful ransomware legislation? [iophk: Windows TCO]

    With the epidemic of digital extortion showing no signs of abating, though, and as ransomware attacks claim ever more victims across all parts of the U.S., evidence is mounting that the next two years could bring a more concerted push for legitlation.

    “I think it will be a focus because essentially every congressional district has had some kind of ransomware incident, whether public or not,” said Michael Garcia, a senior policy adviser in the national security program at Third Way, a center-left think tank. “Just look at the number of hospitals getting hit, of schools being hit.”

  • Spanish labor agency suffers ransomware attack, union says

    The cyberattack on Spain’s State Public Employment Service (SEPE) affected the agency’s offices around the country, forcing employees to use pen and paper to take appointments, according to the Central Independent Trade Union and Civil Servants. The union alleged that the SEPE had aging IT systems that the agency had not upgraded.

    SEPE plays an integral part in distributing unemployment benefits in a country where the coronavirus pandemic has hammered the economy. The number of jobless people in Spain is now 4 million, its highest rate in five years, according to official data. But SEPE Director Gerardo Gutiérrez said an interview with Spanish broadcaster RNE that the incident had not affected unemployment benefits, and that it has not led to the theft of personal data.

  • Federal agencies warn Microsoft vulnerabilities pose 'serious risk' to government, private sector

    The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) warned Wednesday that recently uncovered vulnerabilities in a Microsoft email application pose a “serious risk” to federal agencies and the private sector, noting that thousands of groups were at risk of being targeted by hackers.

    The two agencies additionally assessed that both nation-state actors and cyber criminals were exploiting the previously unknown vulnerabilities on Microsoft Exchange Server, which were reported publicly by Microsoft last week.

Syndicate content

More in Tux Machines

Noise With Blanket

Videos/Audiocasts/Shows: Linux Journal Expats, Linux Experiment, and Krita Artwork

  • You Should Open Source Now, Ask Me How!

    Katherine Druckman chats with Petros Koutoupis and Kyle Rankin about FOSS (Free and Open Source Software), the benefits of contributing to the projects you use, and why you should be a FOSS fan as well.

  • System76 starts their own desktop environment, Arch goes the easy route - Linux & Open Source news

    This time, we have System76 working on their own desktop environment based on GNOME, Arch Linux adding a guided installer, Google winning its court case against Oracle on the use of Java in Android, and Facebook is leaking data online, again. Become a channel member to get access to a weekly patroncast and vote on the next topics I'll cover

  • Timelapse: inking a comic page in Krita (uncommented)

    An uncommented timelapse while inking this page 6 of episode 34 of my webcomic Pepper&Carrot ( https://www.peppercarrot.com/ ). During the process, I thought about activating the recorder and I even put a webcam so you can see what I'm doing on the tablet too. I'm not doing it for everypages; because you can imagine the weight on disk about saving around 10h of videos like this; and also how it is not multi-tasking: when I record, you don't see me open the door to get the mail of the postman, you don't see me cleaning temporary accident of a cat bringing back a mouse at home, you don't see me typing to solve a merge request issue to merge a translation of Pepper&Carrot.

Kernel Leftovers

  • [Intel-gfx] [RFC 00/28] Old platform/gen kconfig options series
  • Patches Resubmitted For Linux With Selectable Intel Graphics Platform Support

    Back in early 2018 were patches proposed for selectable platform support when building Intel's kernel graphics driver so users/distributions if desired could disable extremely old hardware support and/or cater kernel builds for specific Intel graphics generations. Three years later those patches have been re-proposed. The patches then and now are about allowing selectable Intel graphics "Gen" support at kernel configure/build time so that say the i8xx support could be removed or other specific generations of Intel graphics handled by the i915 kernel driver. This disabling could be done if phasing out older hardware support, seeking smaller kernel images, or other similar purposes. The patches don't change any default support levels but leaves things as-is and simply provides the knobs for disabling select generations of hardware.

  • Linux Kernel Runtime Guard 0.9.0 Is Released

    Linux Kernel Runtime Guard (LKRG) is a security module for the Linux kernel developed by Openwall. The latest release adds compatibility with Linux kernels up to soon to be released 5.12, support for building LKRG into kernel images, support for old 32-bit x86 machines and more. Loading the LKRG 0.9.0 module will cause a kernel panic and a complete halt if SELinux is enabled.

  • Hans de Goede: Logitech G15 and Z-10 LCD-screen support under Linux

    A while ago I worked on improving Logitech G15 LCD-screen support under Linux. I recently got an email from someone who wanted to add support for the LCD panel in the Logitech Z-10 speakers to lcdproc, asking me to describe the process I went through to improve G15 support in lcdproc and how I made it work without requiring the unmaintained g15daemon code.

Devuan 4.0 Alpha Builds Begin For Debian 11 Without Systemd

Debian 11 continues inching closer towards release and it looks like the developers maintaining the "Devuan" fork won't be far behind with their re-base of the distribution focused on init system freedom. The Devuan fork of Debian remains focused on providing Debian GNU/Linux without systemd. Devuan Beowulf 3.1 is their latest release based on Debian 10 while Devuan Chimaera is in the works as their re-base for Debian 11. Read more