Windows Update's Sneaky Updates

,----[ Quote ]
| "The only altered files that have been reported to date are 18 small
| executables used by WU itself. Microsoft is patching these files silently,
| even if auto-updates have been disabled on a particular PC."
`----

http://www.microsoft-watch.com/conte...129TX1K0000535

Damn it, Microsoft. And then they have that puppet Jeff Jones spewing lies with
fake figures. More examples below, including mentioning of this strategy.

Time for Microsoft to face an Enron, or a Nortel, or whatever...

SEC charges four more ex-Nortel officers in fraud

,----[ Quote ]
| The U.S. Securities and Exchange Commission said on Wednesday that it has
| charged four more former officers at Canada's Nortel Networks with engaging
| in accounting fraud.
`----

http://news.zdnet.com/2110-1035_22-6207565.html

Only the criminals at Microsoft Corp. seem to be immune to the law.


Related:

Microsoft reacts to kernel hacks, defends Vista

,----[ Quote ]
| Microsoft wasn't much help in figuring out exactly what was beefed up by the
| PatchGuard update; the accompanying information was extremely vague. The
| MSRC's release manager, Simon Conant, was just as tight-lipped in a posting
| to the center's blog. "The update adds additional checks to Kernel Patch
| Protection for increased reliability, performance, and security," Conant
| said. * *
`----

http://www.infoworld.com/article/07/...l-hacks_1.html


Skeletons in Microsoft’s Patch Day closet

,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions. *
`----

http://blogs.zdnet.com/security/?p=316


Beware of undisclosed Microsoft patches

,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?
`----

http://blogs.zdnet.com/microsoft/?p=527


Microsoft : Arrogance leads to Vulnerability

,----[ Quote ]
| Chatting with the Microsoft senior sales people, I was struck by
| their incredible arrogance. They know the company?s products are good,
| but they have no qualms whatsoever about charging top dollar as a
| result.
|
| It reminds us how Microsoft used to behave when it comes to their
| products' security records. IE5 and 6 were nothing short of being
| proper Swiss Cheese with loads of holes in them but hey, they had 95%
| of the browser market at that time and couldn't care less.
`----

http://securityblog.itproportal.com/?p=514


http://antitrust.slated.org/www.iowa...00/PX03096.pdf

“There’s an interesting article in the April 2007 issue of Harper’s magazine
about panels, audits, and experts. It is called CTRL-ALT-DECEIT and is from
evidence in Comes v. Microsoft, a class action suit in Iowa. Here’s a
paragraph from a document admitted into evidence, called “Generalized
Evangelism Timeline,” about guerrilla or evangelical marketing:

Working behind the scenes to orchestrate “independent” praise of our technology
is a key evangelism function. “Independent” analysts’ reports should be
issued, praising your technology and damning the competitors (or ignoring
them). “Independent consultants should write articles, give conference
presentations, moderate stacked panels on our behalf, and set themselves up as
experts in the new technology, available for just $200/hour. “Independent”
academic sources should be cultivated and quoted (and granted research money).

They advise cultivating “experts” early and recommending that they not publish
anything pro-Microsoft, so that they can be viewed as “independent” later on,
when they’re needed. This type of evangelical or guerilla marketing is
apparently quite common in the high-tech fields, and seems to be used
liberally by open source developers.

The document admitted into evidence also says, “The key to stacking a panel is
being able to choose the moderator,” and explains how to find “pliable”
moderators–those who will sell out.

It is all a big money game. Most activists in any field know of
countless “hearings,” in which hundreds of citizens would testify before a
panel, only to be ignored in favor of two or three industry “experts.” When a
panel is chosen, the outcome seems to be a foregone conclusion. As with
elections, they don’t leave anything to chance.”
(a post from a Mark E. Smith about exhibit PX03096 “Evangelism is War” from
Comes v. Microsoft).