CITIUS: Afinal de quem é que foi a responsabilidade do crash?

13 01 2015

image

“A situação foi provocada por uma falha da arquitetura de sistemas do próprio processo de migração…”. Carlos Brito, declarações no Jornal das 8 da TVI, 18 de Setembro de 2014

“Os técnicos talvez não estivessem preparados para todo este processo, da mesma forma que o não estava a consultora Microsoft que foi contratada para definir a arquitectura da migração, justificou Carlos Brito…”. jornal SOL, 15-11-2014

Para além da responsabilidade pelo colapso, que é evidente, quanto é que custou o contrato com a Microsoft? Este contrato, até há bem pouco tempo, não existia na página de contratos da administração pública.

Ler artigo completo.

Posted from WordPress for Android

Anúncios




Skype is following your links – that’s proprietary for you

15 05 2013

Yesterday it was reported that Skype, owned by Microsoft these days, seems to automatically follow each exchanged https link. Besides the fact that this is a huge security and personal rights problem in its own it again shows how important it is to not trust a proprietary system.

The problem, skin deep

Heise reported yesterday that Skype follows https links which have been exchanged in chats on a regular basis. First and foremost, this is a privacy issue: it looks like Skype, and thus Microsoft, scans your chat history and acts based on these findings on a regular base. That cannot be explained by “security measures” or anything like it and is not acceptable. My personal data are mine, and Microsoft should not have anything to do with as long as there is no need!

Second, there is the security problem: imagine you are exchanging private links, or even links containing passwords and usernames for direct access (you shouldn’t, but sometimes you have to). Microsoft does follows these links -and therefore gains full access to all data hidden there. Imagine these are sensitive data (private or business), you have no idea what Microsoft is going to do with them.

Read full Article

Posted from WordPress for Android





So much for online banking security with Internet Explorer

13 12 2012

On the 1st of October, 2012, we disclosed to Microsoft the following security vulnerability in Internet Explorer, versions 6–10, which allows your mouse cursor to be tracked anywhere on the screen—even if the Internet Explorer window is minimised. The vulnerability is particularly troubling because it compromises the security of virtual keyboards and virtual keypads.

The motivation for using a virtual keyboard is typically that it reduces the chance of a keylogger recording one’s keypresses and thereby compromising one’s passwords or credit card details. (c.f. bit.ly/YnNBYE; bit.ly/VpapWf)

Whilst the Microsoft Security Research Center has acknowledged the vulnerability in Internet Explorer, they have also stated that there are no immediate plans to patch this vulnerability in existing versions of the browser. It is important for users of Internet Explorer to be made aware of this vulnerability and its implications.

The vulnerability is already being exploited by at least two display ad analytics companies across billions of page impressions per month.

Demonstration of the Security Problem

Read Full Article

Posted from WordPress for Android





Former Microsoft Staff Xuxian Jiang Spreads Android FUD

13 12 2012

Summary: A former Microsoft Research Intern is spreading some more “malware”-themed FUD about Android

ABOUT a year ago we wrote about lawyer who was spreading Android FUD after he had removed evidence (from his CV) of former Microsoft employment. He just sort of airbrushed it out of his career history, and just in time for an attack on Android. He then collaborated with a Microsoft lobbyist (who routinely pushes journalists to publish Android/Linux horror stories) in spreading his FUD. This is not a coincidence. It’s a pattern we learned to recognise.

Several weeks ago, former Microsoft staff crafted another piece of “malware”-themed FUD against Android. They try to play an angle which is clearly neglecting to account for trusted repositories and such. If one really insists on installing malware on one’s system, then harm is self-inflicted.

A couple of days ago, Android-hostile sites flooded the press with the “malware” talking point again, attributing the claims to someone who came from Purdue University. His old homepage is gone from the Web now. It was removed recently, but Google still has a cached copy that says:

Read full Article

Posted from WordPress for Android





If your roof is made of glass

5 12 2012

Don’t throw stones at Others.

image

#WindowsRage

Click me #WindowsRage

Posted from WordPress for Android





Linux Has Not Won, Microsoft is as Dangerous as Ever, Fie on Secure Boot

5 12 2012

I think UEFI Secure Boot is a shuck and a bald-faced Microsoft anti-competitive tool. I’ll get to my reasons in a moment, because my most important point comes first:

Every purchase of a Windows license is an attack on Linux. Linux has not won, and Microsoft is as dangerous as ever.

Every time you buy a computer that bundles a Windows license just to save a few bucks over buying a Linux machine, you’re shooting yourself in the foot. It doesn’t matter that you blow Windows away and install Linux– it still counts as a Windows sale, which reinforces your vendor’s belief that they need Windows users and can safely ignore Linux users. It sends money to Redmond. It rewards all the junkware, adware, and spyware vendors that load their garbage on Windows PCs. And it cements the anti-competitive status quo more firmly. Buying Android devices sends a significant revenue stream into Microsoft’s pockets– Linux PCs and bare hardware are almost our only remaining options to avoid paying the Microsoft tax.

Independent Linux vendors like System76 and ZaReason do more than stuff Linux into off-the-shelf machines. They do their own engineering and design, build with quality components, and use hardware that supports open drivers. So you don’t need to worry about custom drivers or lockin, but can use your machines however you see fit. You’re not going to be plagued with strange errors and bad performance from sub-par electronics. You get good stuff that you control and better service.

UEFI Secure Boot is More Microsoft Abuse

Microsoft has a long history of gaming and bullying standards organizations. Probably the most egregious example was their scorched-earth all-out assault on the ISO/IEC during the MS-OOXML standard debacle, including costing Massachusetts CIO Peter Quinn his job, and flooding ISO with new members whose sole purpose was to vote for MS-OOXML.

Microsoft scored a quiet coup when they got their proprietary, closed exFAT filesystem (essentially it’s FAT64, an extension of the creaky antique FAT12, FAT16, and FAT32 filesystem line) made part of the SDXC specification for Flash storage media. The Free exFAT driver is immature and its developers are working in the dark because the spec is closed. Nor is there a commercial exFAT for Linux users, but only the Tuxera driver for OEMs.

Those are just two out of many hundreds of possible examples. And now we come to the UEFI Secure Boot. A lot of people are all excited over the phrase “Secure Boot” because it sounds like a good thing. Sure, who wouldn’t want a secure boot to keep all those pre-boot malwares off their nice Linux boxes?

What Linux pre-boot malwares? If you’re multi-booting Linux and Windows, then you’re at risk for everything. If you’re not running Windows I can’t promise that you’re immune. But your risk is magnitudes lower.

The biggest flaw in Secure Boot is the spec requires a single Platform Key. You can add more keys, but they must be signed by the Platform Key. This is the cause of all the woe from Microsoft requiring all Windows 8 systems to ship with Secure Boot turned on– if you want to multi-boot Linux and Windows 8 you have to disable Secure Boot, or figure out how to generate keys for Linux that are signed by the Windows Platform Key. You cannot easily use Secure Boot for Windows 8 and disable it for Linux.

Full Article

Posted from WordPress for Android





Microsoft dragging its feet on Linux Secure Boot fix

23 11 2012

Linux Foundation’s workaround held up by roadblocks

By Neil McAllister in San Francisco • Get more from this author

Posted in Operating Systems, 21st November 2012 23:21 GMT

The Linux Foundation’s promised workaround that will allow Linux to boot on Windows 8 PCs has yet to clear Microsoft’s code certification process, although the exact reason for the hold-up remains unclear.

As The Reg reported previously, the Secure Boot feature of the Unified Extensible Firmware Interface (UEFI) found on modern Windows 8 PCs will only allow an OS to boot if its code has been digitally signed with a key obtained from Microsoft.

That’s a problem for many Linux distributions, because some lack the resources to purchase a Microsoft key, while others simply refuse to.

To help get around UEFI’s restrictions, the Linux Foundation has been developing a signed “pre-bootloader” as a stop-gap measure that will allow Linux distributions to boot, until such time as open source developers can come up with more effective solutions.

Full Article

Posted from WordPress for Android