Tag Archives: Windows

May 1, 2019 · 10:56

A little pain to Huawei

Yes, there is finally a moment where we need to ask Huawei questions. Bloomberg reported (at https://www.bloomberg.com/news/articles/2019-04-30/vodafone-found-hidden-backdoors-in-huawei-equipment) that backdoors have been found. More accurately: “Vodafone asked Huawei to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained, the documents show“, yet knowing the track record of Vodafone, that is not the whole story. Is there an issue? Seemingly not, as the headline gives us: ‘While the carrier says the issues found in 2011 and 2012 were resolved at the time‘, so an issue found 7 years ago was resolved at the time. Is that issue there now? Bloomberg does not really give us that do they? It gets to be a larger issue of what is seemingly called reporting when we see the ZDNet report from 2017 (5 years after the Bloomberg reported issue: “Thousands of routers, many of which belong to AT&T U-verse customers, can be easily and remotely hacked through several critical security vulnerabilities“. that as well as: “Among the vulnerabilities are hardcoded credentials, which can allow “root” remote access to an affected device, giving an attacker full control over the router. An attacker can connect to an affected router and log-in with a publicly-disclosed username and password, granting access to the modem’s menu-driven shell. An attacker can view and change the Wi-Fi router name and password, and alter the network’s setup, such as rerouting internet traffic to a malicious server“, these are much larger issues and were they resolved? We would think yes, but the article did not give us that. They did give us: “The report said Arris NVG589 and NVG599 modems with the latest 9.2.2 firmware are affected, but it’s not clear who’s responsible for the bugs“. The small fact that this constituted 5 flaws as well as a reported statement of: ‘the vulnerabilities are not limited to the hard-coded credentials flaw‘ give rise to a whole range of issues. So even as we might think that this one flaw is a stitch in the high regard for Huawei, the fact that an American solution has well over 500% the amount of vulnerabilities and as stated on several levels give rise to the reliability of Huawei. Moreover, the length of the issue is also a given at times as well as the need for better 5G equipment. Yet in all this, how much actual damage has either caused, Bloomberg was willing not to disclose that either. Yet Huawei is not out of the woods yet. The article gives us ‘further testing revealed that the security vulnerabilities remained, the documents show‘ and that is indeed a larger problem, yet these documents were from 2012, when was it actually resolved? The fact that we do not see that it was never ‘not resolved’ implies that it was, in addition, the 2012 issues in Italy were resolved that year. Then there is the quote ‘it couldn’t find evidence of historical vulnerabilities in routers or broadband network gateways beyond Italy‘ making it a localised temporary issue.

In all this Huawei has an issue to deal with and even as we see the lack of comparison flaws (I added the AT&T issue so you can be aware), the unbalanced reporting, as well as the clarity that there is to some extent an issue remains. The fact that the huge AT&T disaster was never called to answer questions might be equally a consideration to make. All computers and most software have bugs and security flaws. When I looked this morning, I found a list of 845 vulnerabilities in Windows 10, some of them critical. So when we compare these issues, we should consider that your Huawei router is not the largest problem and that is merely the beginning of the issue. Historically speaking, from 1999 we see that Windows have had 113,811 vulnerabilities; 4911 vulnerabilities regarding the ability to gain privileges, 10377 on getting information and 6001 on bypassing options. So in all we need to consider that your choice of Windows is a much bigger concern than your Router is, if the Chinese government wants to get access to your data they merely need to wait for you to switch on your windows machine, there are plenty of options to get to the stuff no matter which router you buy and if you got the Arris NVG589 or NVG599 modem it would have seemingly been easy as pie to just copy whatever you had, so in the end can you see that the entire Huawei mess is merely an American mess to project the notion that you should not buy Chinese, but consider the optionally more flawed American solutions?

And whilst I got to AT&T, the news (three days ago) was ‘AT&T claims title as first U.S. carrier to hit 2Gbps on 5G network‘, yet when we consider the quote by VentureBeat: “It’s great in the abstract that some businesses in Atlanta may be able to get 2Gbps speeds on a 5G device regular consumers can’t buy. But what really matters is the actual speed normal 5G users across multiple cities will see on actual consumer devices. Verizon has provided a sub-1Gbps sense of what to expect, but AT&T hasn’t.

We see that what is regarded as reliable in America is a bit of a stretch at some point, for the most I was most disappointed with is the fact that the Bloomberg article should be regarded as an attack on Huawei whilst there is no comparison given as to how that flaw related to the flaws others had, more important the fact that there were larger flaws from others much more recent is a missed part. Still Bloomberg did raise a really valid point on a flaw that Huawei seemingly has, with the perception that the news could have been given in 450 words, the rest was a lot of smoke around an issue that dwarves against some of the other issues, issues where there is actual fire, not merely smoke.

But that is merely my $0.02 on the situation.

 

Leave a comment

Filed under Finance, IT, Media, Science

Tagged as , , , , , , , , , , , ,

March 1, 2019 · 11:38

The BS of Software and hardware

 

We all have that moment where we wonder where ethical boundaries are. Where is the boundary of deceptive conduct, where is the boundary of profiteering and who knows what a moral centre is?

From my point of view Microsoft skates on every boundary not really giving a damn, especially giving a damn and regards towards their consumers.

The consumer has been deceived for a long time, Microsoft will never call it that, but Computerworld (at https://www.computerworld.com/article/3342416/new-non-security-win10-patches-fix-numerous-bugs-but-wheres-version-1809.html) gives us: “you’ll only get them if you manually download and install them or if, in Windows Update, you click Check for Updates. That’s a deception I’ve railed against for months, but apparently somebody at Microsoft thinks that being a seeker – clicking Check for Updates – gives the updater permission to install these lurking patches, without notification or consent.

In addition Variety gives us in part more with “New hardware sales dropped 6.1%. That drop, GameStop says, was because of 2017’s strong Xbox One X sales, but was also offset by strong growth in Nintendo Switch sales. New video game sales dropped 8.3%“, with an added “Microsoft has seen the following growth as a result of Xbox Game Pass“, which is in all honesty an awesome deal for any gamer, especially as the price would be great at twice the amount, there is no denying that. Yet every indication I have seen gives me the clear indication that the 8.3% drop might be including the Game Pass offer as that is also new video game sales. You see all those new mighty titles that were added with the launch day premise is part of new software sales making the hardship of Microsoft a lot harder than we thought it was. Tech Central adds to this with ‘Microsoft’s Surface sales edge $2bn despite chip shortage‘, you might think it is good, Yet as a surface is set to $1350, the math gives us less than 1.5 million surface pro systems sold, which on a global scale is really bad news. When I expect my own IP to do at least twice that amount, the entire stage of Microsoft is just faltering on too many levels.

Their approach to gamer exploitation (too much advertisement on the console home page, leaving much less space for game icons to start, the never ending pushed Microsoft advertisement on our consoles without the option to switch it off, the news giving us Nintendo Switch Sales Pass 32 Million in under two years, whilst the estimated lifetime sales of the Xbox One is now around 41 million (in 6+ years), that so called ‘strongest console in the world‘ equaled now by the weakest console, exact numbers are unknown as Microsoft is no longer giving us exact console sales numbers.

We saw only two weeks ago on how all surface laptops and tablets are getting massive discounts, sales are not good. From my point of view, Microsoft played a very dangerous game and comes up short. The short selling of hardware, below essential needs to push for accessories, consoles that are too shallow, with a mere 1 TB whilst the going need for basic use passed the 2 TB point two years ago, no corrections were ever made. When we take a critical look at the Financial Express article (at https://www.financialexpress.com/industry/technology/satya-nadella-bullish-on-microsoft-surface-sales/1472634/), and consider “Revenue in personal computing was $13 billion and Surface is now almost a $2 billion business for Microsoft” most will ignore the hidden parts of too few Surface systems sold, the increased discounts making revenue interesting, yet profits would decrease to almost zero. It is the stage of badly expecting the needs of the consumers. It goes from bad to worse when we see VentureBeat giving us: ‘Microsoft really doesn’t want you to buy Office 2019‘, with the added “Microsoft today launched a marketing campaign pitting Office 2019 and Office 365 against each other. The goal? To prove Office 2019 isn’t worth buying — you and your company should go with Office 365 instead.” It is product versus SaaS, and they want Software as a Service to win (likely for tax reasons which is purely speculative from my side). There is also the need of more and more commitment, subscription versus one off sales. So when we see: “Office 365 includes fully-installed Office applications — the latest versions of Word, Excel, PowerPoint, and Outlook. But those apps keep getting better over time, with new capabilities delivered every month“, it would initially make sense to get the subscription. Yet I do not want to be online all the time, having to connect is just too much of an inconvenience when I travel and all the excuses that Microsoft hands us are not getting accepted by yours truly. As for the bugs, we need to be fair here, MS Office is so huge, a bug free version is pretty much out of the question, the issue is, does it actually impact you? The few bugs that bug me only happen in extreme situations and I have for the most used Office 2012 without any hitches. If there are ugly bugs, I never really stumbled on them, another reality we need to accept, but it is not about acceptance.

You see, all this got started with ‘‘We won’t be war profiteers’: Microsoft workers protest $480m army contract‘ (at https://www.theguardian.com/technology/2019/feb/22/microsoft-protest-us-army-augmented-reality-headsets ), you short change consumers, mislead people on a global scale through carefully phrased words and you have an issue with a defence contract? It is even worse when we see “Workers say augmented reality headsets provided to US army risk ‘turning warfare into a simulated video game’“, it is from my point of view that these people have no or almost no comprehension of warfare. The images are those of warfare and terrorism, if we can diminish that impact on US soldiers, why would the Microsoft employees resist? In addition, in the shown concept image, if the mini-map keeps them alive, for Zen’s sake give it to them. When I see the lack of ethics that Microsoft has shown with their concept of what is perfectly acceptable and legal, the response ““We did not sign up to develop weapons, and we demand a say in how our work is used,” reads a petition being circulated inside the company, a copy of which was published on Twitter on Friday afternoon. More than 50 employees had signed the letter as of Friday afternoon, according to an employee“.

The response fails on two levels. In the first the augmented lenses are not a weapon, it is a tool and we can go as far as calling it a tactical tool that could give an edge on military and police. Consider the chance that these glasses prevent any innocent person to get shot as they were unlucky enough to get in the middle of it all. In the second part as we accept ‘how our work is used‘, we need to also accept that these employees knowingly and willingly were involved in exploiting consumers; you cannot get it both ways. And if they accept that then they have to be willing to go out and state: “We knowingly exploited consumers as this is part of our income and optionally our bonus!” If that would be the case and whilst the architectural flaws remain in the Xbox One, the lack of connectivity in the Surface devices, I really believe they should shut up or get out. It is their choice which of the two they select.

 

Now, I will accept that for some civilians the expression: “Under the terms of the army contract, however, the devices will be used to “increase lethality by enhancing the ability to detect, decide and engage before the enemy”” is awkward and harsh. The Pentagon sat on a live grenade a little too eagerly. The tactical setting should have been: “Under the terms of the army contract, however, the devices will be used to create increased awareness of the area, to be able to see hostile actions before they could have normally been aware of them and to decrease the chance of civilian casualties through people caught in that area without any feasible option to avoid harm.” Basically the same setting yet phrased a little different (Microsoft knows all about phrasing, do they not? In addition, the entire quote “The application of HoloLens within the IVAS system is designed to help people kill. It will be deployed on the battlefield, and works by turning warfare into a simulated ‘video game’, further distancing soldiers from the grim stakes of war and the reality of bloodshed” is open for debate. When you fire and actual firearm, the noise, the blow back of the weapon, it will not feel like a video game, not in the least. I also have an issue with ‘is designed to help people kill‘, the device does not give you skills to kill, it does give the imagery that could avoid one getting killed in the process and that is still an important factor. Add to this the need to keep civilian casualties at zero whenever possible, the part that this enables if a clear stage that a better equipped soldier gets a better chance in keeping 100% of the civilians out of harm’s way. Interesting that these so called ethically high ground Microsoft employees never gave that much thought. Although, seeing my Xbox One icon bar where 50% is used for advertisement as well as the push for more subscriptions is also an ethical debate, especially when the person who paid for a gaming console has no way of switching that part off. In that frame of mind, the Microsoft employees are actively promoting psychic assault, did they consider that part?

I wonder just how convoluted a person needs to be to walk away from half a billion dollars, a device that could save lives, it is interesting that that was a side that no one gave any attention to (media wise that is).

I am not stating that there is a negative side to this device that would be ludicrous as well. Yet if DARPA had not gone to the length it did to get us in 1970 ‘ARPANET, a pioneering network for sharing digital resources among geographically separated computers‘, we would not have the internet and we would not have e-commerce, did they consider that?

These Holo-Lenses might start in defence, yet they can go so much further. Rescue operations (finding life signs in natural or unnatural disasters), medical solutions that give surgeons direct layered information during an operation. In a large hospital not a big thing, but in small rural places, it will be a life saver. All issues that cannot come because these places do not have the billions needed to fund it, the military does and the visionary on these projects can see what else it can be used for. So when we get a couple of Microsoft sissies cry for a ‘ethics review board‘, they should consider the millions that do not want to face forced advertisement on the device they bought, or a diminished device that requires all kinds of accessories and storage to be regarded as actually functional. Their consumers have rights too, but that is apparently not in their frame of mind.

It seems to me that Microsoft has two filters, one for when things are really good and when for when that is not the case. It does fit the style of the military (making them a good match) where clothing is only available in two sizes, too large and too small. Go figure!

Have a great Friday! (60 hours until Monday morning)

 

Leave a comment

Filed under IT, Media, Military, Science

Tagged as , , , , , , , , , , , ,