Announcement

Collapse
No announcement yet.

XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Originally posted by LightBit View Post

    If someone claims "Windows is choke full of backdoors", I expect proof. The same way I expect proof for "Windows has no backdoors".

    So you are actually the same as those who claim Windows is full of backdoors. But you fail to see it, because you are so opinionated.
    Among over 200 people that I know no one has ever been hacked by using windows.

    There's zero evidence that other people and companies fare worse. Some do get hacked but normally either via third party malware or targeted attacks by third parties using e.g. 0-day vulnerabilities, not backdoors. Yes, Windows has seen thousands of vulnerabilities but so did Linux, and other OSes.

    I'm an evidence based person, lots of people here are not. They claim Windows users are getting hacked left and right without providing an ounce of evidence.

    Windows has over 2 billion users. Again, where are all the stories?

    Comment


    • Originally posted by LightBit View Post

      Well, avis is so agressive about Windows being free of backdoors and demanding proof of backdoor. That is why I said that. I expect, if someone makes such strong statements to provide proof instead of demanding proof he is wrong.

      This can not be proven. Not for Windows, not for Linux.
      Asking to prove there is a backdoor is missing the point by a mile anyway. (Besides it's work and work require pay. The bill for this one would be quite substantial.)

      The source code of Linux (and of open-source software) is there for everyone to see. If someone wants to look, he can.
      Windows is closed source so one's only recourse is to trust the company.

      I, for one, feel more comfortable that, on open-source code, no significant issue can exist for long enough thanks to the public availability of the source.
      I don't trust Microsoft with Windows as the source is not available and checking for vulnerabilities or backdoor is next to impossible.

      I don't need a proof there is a backdoor on Windows. I will just not trust there isn't one.

      That seems simple enough.

      Comment


      • Originally posted by LightBit View Post

        If someone claims "Windows is choke full of backdoors", I expect proof.

        .
        This statement was made on the front page and has the highest number of likes.

        Linux fans don't need any proof.

        And the fact that the finux fan's boss, accounting department, legal department, company board, CEO, etc. use windows only proves their stupidity .

        That's why oen source fans beyond the lowest specialist levels never occupy any important positions with a lot of responsibility - mentally they are not fit for it.

        ​​

        Comment


        • Originally posted by LightBit View Post

          .
          Many large banks and financial institutions still run closed z/os on closed DB/2, designers work on closed CATIA, Autocad, electronics engineers on closed Altium Designer, closed SAP or Oracle are popular etc., the widespread use of Windows in companies worth billions that process confidential documents is not mentioned, because it's obvious.

          In the real professional world, there is no room for open fans with their claims that closed source is full of bacdors.

          It is safe to claim that since billion-dollar companies use Windows it is a secure system without backdoors.

          Trust.


          Do you trust your baker not to poison you? Do you constantly examine your bread before you eat it? How do you know it doesn't? Have you ever tested your baked goods? WHY DIDN'T YOU??? This is about your health and your family's health. Trust?


          Why would M$ put backdoors in Windows????? So that investors would lose billions after the scandal broke???? To lose trust in a brand they've been building for decades????

          Only Linux fans dream of backdoors in Windows. They wish there were. That's why they keep writing about them.​​
          ​​
          Last edited by HEL88; 30 March 2024, 02:09 PM.

          Comment


          • Originally posted by HEL88 View Post

            In the real professional world, there is no room for open fans with their claims that closed source is full of bacdors.
            You are beating strawman as I did not claim "closed source is full of backdoors" and I do work for company with only closed source products.

            Originally posted by HEL88 View Post

            Do you trust your baker not to poison you? Do you constantly examine your bread before you eat it? How do you know it doesn't? Have you ever tested your baked goods? WHY DIDN'T YOU??? This is about your health and your family's health. Trust?
            If you trust baker, it does not mean he won't poison you eventually. Everyone has to decide whom to trust, but trust is just belief.

            ​
            Originally posted by HEL88 View Post

            Why would M$ put backdoors in Windows????? So that investors would lose billions after the scandal broke???? To lose trust in a brand they've been building for decades????
            Maybe Microsoft doesn't even know it. It could be act of any of many employes.

            Comment


            • Originally posted by avis View Post

              1. They signed someone else's code. They did not distribute anything themselves.
              2. Ditto.
              3. Not Apple's own software.
              4. Ditto.
              5. Not Microsoft's own software.
              6. Ditto.

              For examples of Linux "stores" willingly distributing actual malware look no further, only there will be a ton more than that:

              1. https://popey.com/blog/2024/03/exodu...et-part-three/
              2. https://checkmarx.com/blog/pypi-is-u...ion-suspended/

              This is for the past two weeks alone.

              There have been countless more instances of malware in Python, NPM, Ruby, etc. "stores". Don't start this please.
              and xz isn't Red Hat:s nor Debian:s software either, they simply signed some one elses code and distributed the result in their app store. But so it is exactly apples to apples, but since it doesn't follow your bias you refuse to acknowledge it and are now trying to invent all types of no true Scotsman.

              edit: btw one of the links where lost:
              This is MS accidentally distributing their own software Visual Studio .Net in Korea with the Nimda virus)
              The software giant's Korean-language version of Visual Studio .Net carries the virulent Nimda computer virus to Asia.
              Last edited by F.Ultra; 30 March 2024, 03:18 PM.

              Comment


              • Originally posted by avis View Post

                Among over 200 people that I know no one has ever been hacked by using windows.

                There's zero evidence that other people and companies fare worse. Some do get hacked but normally either via third party malware or targeted attacks by third parties using e.g. 0-day vulnerabilities, not backdoors. Yes, Windows has seen thousands of vulnerabilities but so did Linux, and other OSes.

                I'm an evidence based person, lots of people here are not. They claim Windows users are getting hacked left and right without providing an ounce of evidence.

                Windows has over 2 billion users. Again, where are all the stories?
                Yes, usually it is phishing. I'm personally not worried about Windows security at all. I actually hate the fact I can't really permanently disable Windows Defender.

                I would expect, if there is backdoor, it would only be used for very important targets. When Alies broke Enigma, they were careful not to reveal they know everything.

                Comment


                • Originally posted by avis View Post
                  That roliverio guy heavily implied and joked about MS/Apple/Google actually distributing malware (an interpreter is not malware cause otherwise a compiler in your distro is ALSO an attack vector and Python gets installed by default in pretty much in all distros) and I'm sad these companies won't sue him for libel.
                  Github is owned by Microsoft and distributed the whole point of this article.

                  Comment


                  • Originally posted by avis View Post

                    Among over 200 people that I know no one has ever been hacked by using windows.

                    There's zero evidence that other people and companies fare worse. Some do get hacked but normally either via third party malware or targeted attacks by third parties using e.g. 0-day vulnerabilities, not backdoors. Yes, Windows has seen thousands of vulnerabilities but so did Linux, and other OSes.

                    I'm an evidence based person, lots of people here are not. They claim Windows users are getting hacked left and right without providing an ounce of evidence.

                    Windows has over 2 billion users. Again, where are all the stories?
                    I've personally had to cleanup over 200 instances of Windows installs being compromised with no other software installed than base Windows (this back in the Windows 2000 days).

                    Comment


                    • Damn this broke my ubuntu noble install, as they pulled the vulnerable gnome-session-bin 46* package and ubuntu-session depends on yaru-theme-gnome-shell which depends on gnome-sesison-bin >= 46

                      Crazy things happening.. You wonder how many such exploits are already inside some libs without being noticed..

                      Comment

                      Working...
                      X