Feel Safe Now? - US Security Services May 'Have Moles Within Microsoft,' Says Researcher

Feel Safe Now? - US Security Services May 'Have Moles Within Microsoft,' Says Researcher

www.pcpro.co.uk

“I don't think Microsoft was in on it, that it was helping the US government and I don't believe that because it looks very bad for Microsoft. I find it very hard to believe that Microsoft's top management would have approved that,” Hypponen said.

“It's plausible that if there is an operation under way and being run by a US intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off, just as they would in any other undercover operation,” he said. “It's not certain, but it would be common sense to expect they would do th

(visit the link for the full news article)

I'm not at all surprised, but this is really scary. If it were only threatening the security of non-allied nations, I wouldn't worry, but since I know surveillance of all citizens is another likely target for the US Government, this disturbs me further.

So much for trade secrets, privacy, and free enterprise. No wonder Microsoft didn't really get more than a slap on the wrists for the antitrust trials.

www.pcpro.co.uk
(visit the link for the full news article)

Microsoft jumped through hoops for years to get the chance to have there software used by the military. The military has been working with windows 8 for a while now. Microsoft and the military are working with windows 8 to test its security and incorporate it into every thing the military has. From jets to tanks to control centers and even to the soldier themselves. And the thing about the military they demand a gold cd from all software venders that not only contain the software but any hacking programs that are thought to be a threat to the software. All easter eggs and vulnerabilities are given to the military on the gold cds.

Yet another reason why I don't use Microsoft products...

But you trust linux when Richard Wirt is working on the software now and sits on the board? Yes I know Richard Wirt was VP at Intel but he also worked for CIA ran InQtel.

www.oxantium.com...

Heres the CIA page that tells you what InQtel is.
www.oxantium.com...

Good luck on that linux myth.

Originally posted by JBA2848
But you trust linux when Richard Wirt is working on the software now and sits on the board? Yes I know Richard Wirt was VP at Intel but he also worked for CIA ran InQtel.

www.oxantium.com...

Heres the CIA page that tells you what InQtel is.
www.oxantium.com...

Good luck on that linux myth.

You obviously don't understand how open source software works. First, I don't use Redhat or Ubuntu, which along with some other distros would be more likely to get infiltrated than others...but even so, that wouldn't really get any governemnt anywhere because of the code review processes in place.

Second, whether or not this guy is a government shill in intel, any code he contributes toward the kernel and drivers they release gets scrutinized by literally tens of thousands of programmers, all of which are capable of spotting purposely built exploits and holes. If something of this nature was found, it would be immediately reported all over the internet on places like Slashdot, and the hole would be fixed in a day or less.

Third, Linux really IS more secure, and this is because of what I explained above. You can go view the Linux source code in various places, check it out, and modify it as you wish! As long as you get it from kernel.org or another viable/trustworthy source, it's perfectly safe. Just build it yourself if you have doubts, and modify it if you are suspicious of any of code within...The same goes for all of the free/open software that Linux can run.

I should also point out that there is no real board of directors over Linux, because in the end, Linus Torvalds is the one who approves and disapproves most of the code in the very last of many stages to incorporate it. While Wirt may be part of the Linux Foundation, it doesn't mean that he has the power to sneak things in - it's impossible.

reply to post by joesomebody


It should not be a surprise when Bill Gates is a Bilderberg attendee shooting up people around the world with trojan horse diseases through his 'charitable' vaccine programs. The whole thing is to monitor people for the coming Beast's mark control grid system and who will speak out against the imposter 'Christ' that will be endorsed by the Vatican instituting into civil legislation around the world a change in the Divine Law (specifically the 4th commandment) to Sunday and against the biblical Sabbath (Friday sun-down to Saturday sun-down).

Most of these secret socieites were created by Jesuits to bring the papacy back to temporal rule over the world after the protestant reformers fingered them as the beast of the sea (rev 13)/little horn power (daniel 7). They could not continue their persecution of Christians under their own name so they set up all these secretive groups to carrying out the operations (wittingly or unwittingly) for them.

The top people in Microsoft and various key people in US intelligence are all batting for the same team, the Vatican.

Originally posted by JBA2848
But you trust linux when Richard Wirt is working on the software now and sits on the board? Yes I know Richard Wirt was VP at Intel but he also worked for CIA ran InQtel.

www.oxantium.com...

Heres the CIA page that tells you what InQtel is.
www.oxantium.com...

Good luck on that linux myth.

You apparently have no idea how the open-source peer review process works. If you think someone can just add in some malicious code and make it part of the standard package distribution channels, you are sadly mistaken. The process for submitting code branches is brutally rigorous, and much more thorough than any proprietary development could ever be.

Originally posted by JesuitGarlic
reply to post by joesomebody

 

It should not be a surprise when Bill Gates is a Bilderberg attendee shooting up people around the world with trojan horse diseases through his 'charitable' vaccine programs. The whole thing is to monitor people for the coming Beast's mark control grid system and who will speak out against the imposter 'Christ' that will be endorsed by the Vatican instituting into civil legislation around the world a change in the Divine Law (specifically the 4th commandment) to Sunday and against the biblical Sabbath (Friday sun-down to Saturday sun-down).

Most of these secret socieites were created by Jesuits to bring the papacy back to temporal rule over the world after the protestant reformers fingered them as the beast of the sea (rev 13)/little horn power (daniel 7). They could not continue their persecution of Christians under their own name so they set up all these secretive groups to carrying out the operations (wittingly or unwittingly) for them.

edit on 15-6-2012 by JesuitGarlic because: (no reason given)

I don't know about that, but Microsoft does suck...without proof you can't really claim the whole killing people with vaccines thing.

Also, the commandment just says to remember the Sabbath and keep it Holy - the day you take for rest doesn't really matter to God, and even if it did, as a believer we can't worry about such uncertainties, as Jesus already absolved us of all of our sins.

SF, I know what I am about to say is a bit off topic, but I have been thinking the past few weeks ever since I
began taking a summer astronomy course at a local community college. Alright, due to a few concerns I had before the class began,
I couldn't find the teacher's email so I began to google for it using his real name. What I found was extremely interesting. Upon searching, I found that
he worked for Parliment in the U.K., I immediately thought that this couldn't be the guy, for he only was an instructor at a tiny community college in Bloomington, IN. I looked around further, and discovered that he is a Father over an entire ministry. You may think that this could be possible this far, but let me keep going. Upon the first
day of school, on June 5th, We start sitting down for class. Immediately into the course he starts tooting his own horn.
I just thought that he was a typical guy just wanting to share his credentials. Not only does this guy have 20 masters degrees from various countries, but his father was in the military, and they've been traveling the world before he was even born. Sort of funny also, his mother went into labor in front of the Castle entry in England. Now, he's also worked for
U.N. and various organizations. He also said something about the D.I.A.. Following this introduction he mentioned that the only thing that he could tell us is
that the C.I.A. has funded lots of trips, and paid lots of money for various stays in different countries, but he said that he could not admittedly tell us anymore. I don't know, it may be nothing, but you'd know what I am talking about if you met him.
He also just paid 50 thousand dollars to go to a banquet with Bill Clinton at Barbara Strisan's house. I find this to be a bit of strangeness, because I am telling you, he just comes off
as a brilliant mind, he drives a really old car, and I mean he works at a job that would only pay 50 grand a year as an adjunc. I want to add, I don't think he is a Father because he is a Jesus believer, I think that he just does it to because he can, you know like in a mocking type manner.
I say this, because I bumped into a few old blog's of his on the net that criticized harshly upon the behavior or Christians and how they ruined Native American's, and how this religion has screwed up the preservation of information by other cultures.
I hate all of the Abrahamic religions, but this dued could get me to church if he asked, that is how interesting his viewpoints are. I'll quit ranting, but I want to add just one more note. Could there be many more like Kurt implanted within basic communities gathering intel and giving basic feedback on the surroundings throughout the world? I mean infaltrating every aspect of our world such as K-12 and colleges?
If so, how much money does this cost in tax dollars just to send them all over to rub elbos with people at dinners and other events? Sort of makes me angry a bit,
is it right that there are thousands of homeless children in the U.S., but we pay countless individuals tons of money and feed them good meals for really little reasons?






reply to post by joesomebody

Common knowledge that cyberspace is one of the new MAJOR battlegrounds in global supremacy. About 5-10 years back, the government began *heavily* recruiting young individuals with gifted hacking abilities. Wouldn't surprise me a bit to know they planted people at various companies. I know of at least one who works for Intel.

Originally posted by JBA2848
But you trust linux when Richard Wirt is working on the software now and sits on the board? Yes I know Richard Wirt was VP at Intel but he also worked for CIA ran InQtel.

www.oxantium.com...

Heres the CIA page that tells you what InQtel is.
www.oxantium.com...

Good luck on that linux myth.

Dr. Wirt is a Jason. Chew on that.....

reply to post by joesomebody


You must not understand a few things about security...

Open source operating systems are open to the world, and that makes it VERY easy to study the source code and find vulnerabilities in the system because people can see exactly how the entire system operates.

Microsoft's source code is private, and that increases security because it makes it much more difficult to find vulnerabilities in the system because people can't see exactly how the entire system operates.

That makes open source operating systems a lot more vulnerable.

It seems from your posts that you are only concerned about bad code and back doors being implemented into the source code of operating systems. Your concern is, Microsoft is private and you can't see the source, so you can't see if there is bad code. So you assume that because open source operating systems are open, so you can see if there is bad code, plus the community will find the bad code.... Although that is a concern, it's not the most important concern.

The government needs moles in Microsoft so they can learn about the private source code, and find the vulnerabilities. Not to insert bad code into the source...

Originally posted by IGotAllDay
reply to post by joesomebody

 

You must not understand a few things about security...

Open source operating systems are open to the world, and that makes it VERY easy to study the source code and find vulnerabilities in the system because people can see exactly how the entire system operates.

Microsoft's source code is private, and that increases security because it makes it much more difficult to find vulnerabilities in the system because people can't see exactly how the entire system operates.

That makes open source operating systems a lot more vulnerable.

It seems from your posts that you are only concerned about bad code and back doors being implemented into the source code of operating systems. Your concern is, Microsoft is private and you can't see the source, so you can't see if there is bad code. So you assume that because open source operating systems are open, so you can see if there is bad code, plus the community will find the bad code.... Although that is a concern, it's not the most important concern.

The government needs moles in Microsoft so they can learn about the private source code, and find the vulnerabilities. Not to insert bad code into the source...

You are obviously not educated in the realities of computer science. A proprietary, close-source product will never achieve the stability or security that a widely accepted open-source competitor will. In a proprietary system, there are a finite, limited number of developers working on and examining the code before it is released. This creates systems that can be easily exploited (as nearly EVERY Microsoft product has been), and demonstrate reduced stability (again, as seen in EVERY Microsoft product). Whatever it is you're trying to say about open-source vs proprietary systems is misguided and incorrect, as is supported by decades of data and experiential feedback.

Linux does not seem so secure when they keep putting out patches and warnings. I guess they need the community to under go more traing or get rid of the CIA moles.
packetstormsecurity.org...

SystemsAIX (353)
Apple (974)
BSD (303)
Cisco (1,251)
Debian (3,831)
Fedora (1,660)
FreeBSD (1,030)
Gentoo (2,474)
HPUX (687)
iPhone (95)
IRIX (217)
Juniper (60)
Linux (20,794)
Mac OS X (418)
Mandriva (2,215)
NetBSD (238)
OpenBSD (414)
RedHat (2,459)
Slackware (378)
Solaris (1,474)
SUSE (1,247)
Ubuntu (2,766)
UNIX (6,869)
UnixWare (148)
Windows (4,038)

20,000 patches for linux the one with the highest number. Next would be Unix with almost 7,000. Followed by Windows with 4,000 and Debian close behind with almost 4,000.

Originally posted by JBA2848
Linux does not seem so secure when they keep putting out patches and warnings. I guess they need the community to under go more traing or get rid of the CIA moles.

20,000 patches for linux the one with the highest number. Next would be Unix with almost 7,000. Followed by Windows with 4,000 and Debian close behind with almost 4,000.

You seem to be, incorrectly, linking system stability and security with patch releases. Is it more secure for an average Windows user to switch to Linux? Probably not. Why? Because the average the Windows user lacks the technical capabilities and comprehension to properly manage a secure environment. But comparing apples to apples, it's no contest.

SOURCE

The biggest security problem with Windows, however, still lies in too few eyes watching for threats -- and way too long a lag in fixing the issues. It can literally take months for Microsoft to address a security issue adequately.

"It cannot be said any more that Windows is a closed source system. It seems as if the folks that investigate and exploit Windows know more about how the code works than Microsoft does," said Williams.

One of the biggest advantages in terms of security for Linux lies in its huge, highly-skilled and diligent community.

"The open source nature of Linux allows for more peer review of the code to find and fix the code before zero day hacks can be done," said Williams. "It is a labor of love, not license."

reply to post by draco49


Actually, I am a software engineer. What you said is highly misleading and wrong...

Just because a specific software has limited numbers of developers, doesn't mean it is more vulnerable or unstable. In fact, from experience in software engineering with large companies, the more people working on a specific software, the more potential problems there are. "Too many cooks in the kitchen" is often the problem, and they often create "code salads" where multiple lines of code written by different people all are combined together to create all kinds of bugs and problems.

Having multiple people write different functions and methods that need to work together with other functions and methods written by other people mean those people all need to communicate together perfectly to insure they operate together effectively, and if they don't communicate every aspect of the code then it creates potential problems. That issue doesn't exist as much when there is less people working on the software.

Also, Microsoft Windows is the most used operating system in the world. That means it also is the most attacked operating system in the world. It also means it is the most user tested operating system in the world. Meaning, more people are finding and reporting problems than any other operating system in the world. That explains away all your points about stability and exploits in "every Microsoft product". It's used more than any other product.

Sure open source software can be read by everyone, and everyone could help solve issues that are found in the code. That is really the only good thing about it...

...but on the subject of SECURITY, open source software is potentially more vulnerable to attacks than private software.

For example, all software is vulnerable to memory hacks. If I wanted to memory hack a certain value on private software, I would have to manually iterate through an entire memory dump to find the position of a certain value before I can change/hack it (very long process). However, with open source code, I wouldn't have to search the memory. I could just read the source code and find where the code writes the value in the memory which is 100 times easier and faster.

Basically, open source tells me everything I need to know about the software. Closed source will leave me guessing. It's a huge security risk.

Originally posted by IGotAllDay
reply to post by joesomebody

 

Microsoft's source code is private, and that increases security because it makes it much more difficult to find vulnerabilities in the system because people can't see exactly how the entire system operates.

That makes open source operating systems a lot more vulnerable.

Microsoft SECURE??????????

OPEN-SOURCE operating systems more vulnerable than Microsoft GARBAGE????????

That maybe true in... FANTASY LAND!!!

Originally posted by HangTheTraitors
Microsoft SECURE??????????

OPEN-SOURCE operating systems more vulnerable than Microsoft GARBAGE????????

That maybe true in... FANTASY LAND!!!

Your ignorance is showing...

All software has vulnerabilities. Open source software is way more vulnerable than closed source software because hackers can just read the source code to find vulnerabilities instead of finding vulnerabilities on closed source software the hard way, by brute forcing.

If you were to secure your house, would you install a security system and keep it secret? Or would you install a security system and then tell everyone in the world?

Comparing Microsoft to other operating systems is like comparing apples to oranges. No other operating systems have a user base as large as Microsoft Windows. That means there is more hackers, more vulnerabilities found, etc.. Most of the time people like you joke and say "Microsoft SECURE??" because of ignorance of the facts, and belief in common myths.

Originally posted by IGotAllDay
Actually, I am a software engineer. What you said is highly misleading and wrong...

What language? If you only know/use .NET or something like php, you're not much of an engineer at all. I'd wager more than likely YOU may be a Microsoft employee or shill, or a government one perhaps.

Originally posted by IGotAllDay
Just because a specific software has limited numbers of developers, doesn't mean it is more vulnerable or unstable. In fact, from experience in software engineering with large companies, the more people working on a specific software, the more potential problems there are. "Too many cooks in the kitchen" is often the problem, and they often create "code salads" where multiple lines of code written by different people all are combined together to create all kinds of bugs and problems.

Not true. Look at github and bugzillas around various project. They exist so that the userbases can help find and report bugs - usually before they're actually able to cause issues (usually stability or efficiency), or rare security issues. With closed source, you have a limited pool of skills - some people are better at things than others. You're stuck with just one team with closed source, but with opensource, people step up to meet needs.

Originally posted by IGotAllDay
Having multiple people write different functions and methods that need to work together with other functions and methods written by other people mean those people all need to communicate together perfectly to insure they operate together effectively, and if they don't communicate every aspect of the code then it creates potential problems. That issue doesn't exist as much when there is less people working on the software.

That's why each opensource project has it's own core development team - the base and core of any given FOSS product is done this way...furthermore, if it uses standard libraries and a common style in it's classes, this again is a non issue.

Originally posted by IGotAllDay
Also, Microsoft Windows is the most used operating system in the world. That means it also is the most attacked operating system in the world. It also means it is the most user tested operating system in the world. Meaning, more people are finding and reporting problems than any other operating system in the world. That explains away all your points about stability and exploits in "every Microsoft product". It's used more than any other product.

Yes, but look at OSX - it's the second most used in the world and has a proportionally much smaller amount of exploitation attempts than Windows does in comparison to their respective user bases. Furthermore, with Microsoft, it's their way or the high way - you can't really customize past the limited choices they give you.

Originally posted by IGotAllDay
Sure open source software can be read by everyone, and everyone could help solve issues that are found in the code. That is really the only good thing about it...

...but on the subject of SECURITY, open source software is potentially more vulnerable to attacks than private software.

For example, all software is vulnerable to memory hacks. If I wanted to memory hack a certain value on private software, I would have to manually iterate through an entire memory dump to find the position of a certain value before I can change/hack it (very long process). However, with open source code, I wouldn't have to search the memory. I could just read the source code and find where the code writes the value in the memory which is 100 times easier and faster.

Basically, open source tells me everything I need to know about the software. Closed source will leave me guessing. It's a huge security risk.

Actually, wrong - these sorts of issues are 99% of the time shaken out of a piece of software before it's stable release. Each milestone goes through rigorous testing before being deemed stable. Furtermore, I don't see Micrsoft or Apple patching every reported 0-day by the end of the day it's reported as Linux does, either. There's no such thing as perfect security, but in truth, you can't get more secure than an opensource BSD or Linux variant.