Windows coders write buggy code - ON PURPOSE.

1.) It's been known for a while now that Microsoft works with the government and law enforcement. I guess nobody has heard of their "Coffeecup" software written for the purpose of getting into Windows without the users password. Google it.

2.) Anytime I see someone using a handle that implies they have computer knowledge then go on to praise Linux or Apple's OS as being the most secure I have to laugh. If you're really into OS security then you would follow news of it. Apple's OS has always been the least secure. Windows is always found to be the most secure followed by Linux. Windows is heard of more often for the simple fact that it has the most users. Notice that once Apple switched to Intel and their user base grew, it became a bigger target? Google how many security holes have been found for each OS and you'll find that Apple always has the most.

3.) People keep attacking Apple over the news recently that their iOS has been secretly storing tracking information. You'll find the same information being stored on Android phones and how much you want to bet it's also being stored on Windows Phones? Something like that is going to be stored on any smartphone out there. If it was this huge secret thing they didn't want anyone to find, they would have encrypted it and not made it that obvious.

4.) If this were true and there was proof out there that Microsoft is doing this (purposely writing bugs and working with CIA) you wouldn't be going to ATS as a means to out them. Sounds more like some Linux fanboy spreading FUD.

All this can be proven by using Google to do some actual research and before anyone thinks about shouting "MS fanboy", I use Linux, Windows and posted this from an Android phone. Apple on the other hand, Ill never touch.

reply to post by nightmare_david


1.) Coffeecup is a forensics software that was leaked onto the web, it doesn't have anything to do with Windows itself

2.)

Windows is always found to be the most secure followed by Linux.

that's just false, windows can never be more secure than linux, Linux being open source is patched and updated far more often than Wndows and the kernels are always updated, granted there on Linux viruses, but none of them do anything serious.

3.) Not if you use a custom rom..

4.) I agree.

yes, it would be idiotic to assume that the software is not used for such things. Even i have been involved in "pranking" people some 10 years ago by spreading a little tool for a certain popular fps game, that was used to collect some code of players using it.

That said,we did no harm to the victims, and only used them to provide the same service in the future - a kind of cat-and-mouse game between the players and the punkbuster.

You see, i do no, and have never supported closed source for exactly this reason. There is no way to know what the program will do.

Now for the bombshell:

I am sad to say linux currently is not much better for the normal user - what point is it to have open source, if the exploits are introduced just before compiling the binaries. As long as the sourcecode used to compile theprogram is not the same on-live version that is used in the development work, there is always a risk the received software has a nasty surprise hidden.

Gentoo and other compile-based distributions are a dying breed, and this is really alarming - the spirit of opensource is dying out in favor for new developers and users being lured by the easier method.

nightmaredavid: I wonder from what year that statistics is, and from where? Since "linux" is not an operating system, its a kernel design. There are differences in linux 32/64 bit, in linux vanilla, linux SE, linux AA. There are differences in the distributions. SE and AA linux 64bit kernel based distributions are, to my knowledge, the most secure operating systems by far - as long as they are installed in the secure mode and the user is not making it vulnerable by issuing the wrong commands.

Just a theory: "Business as usual."

Purpose: Create chaos/problems, provide solutions, make customers pay for solutions and VOILA! The well-paid drones and heartless management get to keep their jobs!

Works for the government models, too.

reply to post by coder22
I personally had concluded long ago that elements within the NSA , other Government Agencies, including but not limited to the Military and its allies in the computer and other industries have been playing every conceivable dirty trick imaginable upon humanity, not limited to the creators of so-called computer viruses being in a joint effort with the companies that offer the cures. More clearly stated, groups create the problem, why the other groups create the cure and all involved benefit at our expense. Moreover, I have no doubt that our Operating Systems and many of the software programs we all use are laced with crap used to monitor and manipulate us.

Let's face it, if there is no "Satan" or "Lucifer" or devil, there are human beings out there who are doing everything possible to fulfill that role. However, there is one mechanism which these people can not overcome and that is death; all humans die, what they create inevitably falls apart and it would not take much on a galactic level to put an end to the evil such people produce. Unfortunately it is a case of throwing the baby out with the bathwater, as ridding humanity of these scum will probably mean the survivors being thrown back into the dark ages, although it is possible that for all the holes they have dug in the ground and other measures these so called "Elite" have taken, that the planet will not cooperate and the survivors of the deviation that we all sense is coming will be a luck of the draw and a few people with the means to carry the technologies we have developed forward into a new world without these evil bastards. Have I said it well enough? If not, let me say I hope that John Titor was right.

Just to shoot this idiocy down one and for all. Given the number of people required to program a product like a Microsoft OS, there must be at least a thousand people that have full access to the source code. Available to everyone of those people is full access to the resources of the Secure Windows Initiative team, people who are the best in the world at secure programming. They work at Microsoft because that is the company that pays best. They have the experience of these people plus software tools that sniff out problems such as buffer overflow vunerabilities. If any of them were to find anything, it is their job to report it to the team. Might as well, if they don't do it, any number of a thousand others will find it. Suppose one of them were to find something and believe he could keep it a secret. He could sell this info for a billion dollars to Apple and maybe a few hundred thousand or so to one of the far less profitable linux companies. Microsoft could not stay in business if the subject of this thread had any basis in reality.

reply to post by stanats


Pure BS and all the response such warrants. There are in fact any number of individuals who can and do work on final versions of source code, can and do insert whatever they decide prior to release to the public. However, you Sir might be a perfect example of one of those "Puppet Socks" discussed in another thread or maybe you just don't know what you are talking about.

reply to post by coder22


coder22 such meddling from upper management is the reason my next PC will never again be a HP. In our house we were faithful Hewlett-Packard customers some 15 years. Each of these PC's ran MS Windows OS platforms naturally, but my problem is not with the folks at Windows.

My high-use PC's are well maintained but still get sluggish after 1 year +/- of changes, updates, trying out software and what-not. The pipeline clutters with a little flotsam & jetsam so I would do a full reset if it seemed necessary.

The last time I tried to reset my HP Pavilion Desktop PC I got the purple screen of death. Yes, purple. The stack of Back-up Discs I copied within minutes of first taking the (then) new unit from the carton failed to load. Tech support was useless, made several calls. Finally HP admitted there is a problem, and they were willing to sell me a set of factory discs. Weeks went by, discs arrived, nothing.

For the first time I had to take a PC to a professional for attention. The young guy explained to me that the people in charge at HP had engineers encode a identification string unique to each unit. Should you try to upgrade the PC you are left with an expensive boat anchor. HP later found the mobo tattoo became a sore spot for many PC owners after time. But they did nothing about it.

Wondering how many people across America lost reports, homework, vacation photos and music collections due to this problem I got angry. Because I realized there was probably a lot of people who threw their PC away and had to buy another because of this built-in snafu. I don't know if this is common practice. I feel it is pretty shady and I will never spend money on a HP product again.

HP Pavilion a400n was the Model I had to spend $100.00 on for repair. Never again.

reply to post by LargeFries


I've said it already in here, but 10 times out of 10 the problem exist between keyboard and user

I've maintain countless HPs and they all worked flawlessly, but only a fool would buy a prebuilt computer, it's cheaper to build your own , and YOU know whats going in it.

Originally posted by bhornbuckle75
reply to post by coder22

 

I suppose the only problem with this Idea is that U.S. Government Officials would also be using same software. Wouldn't this just jeopardize the U.S. as much as help us? Putting a back door into a program means that anyone can open it..

And indeed other people do.

What is the prize? Windows Update. Whoever controls Windows Update controls the computers.

This is what the US intelligence community wants:

a) knowledge of all holes and entry points in commonly used software
b) no holes and entry points in commonly used software that anybody else knows about.

Microsoft will patch unintentional bugs and bugs which It Has Come To Their Attention Of A Vulnerability. In other words, when a bug appears to be exploited by a foreign intelligence service or criminal activity, the intelligence services will inform the software makers, in this case Microsoft.

There is the possibility that such a fix may also harm an ongoing surveillance project of a US intelligence agency. In this case, they want to push out a fix which creates a new bug which they can exploit.

Ideally, they would want sufficient cooperation such that Windows Update itself would either fail to update or update "differently" those machines which have a configuration which shows they are being monitored by a US intelligence agency.

This is the sort of thing which may be ongoing. Generally cooperation with the US intelligence agencies is Strongly Recommended if you are a US corporation. How many copies of Office does the US Government buy? Lots. The government has a very strong way to influence Microsoft.

Posts like this force to rethink myself actually using this forum

I've been a professional programmer for 7 years now. I've written code since I was 7 starting with my trusted Atari XL.

Have you got any idea how difficult it is to write a big application let alone a complete OS?

Have you got any idea how difficult it is to actually stick to specification?

Have you got any idea how difficult it is to write a new feature and test feature? How much time it takes to takes to fully test a new feature, how many stages it requires?

I will never say programmers don't make mistakes. They make tons of them. So do rocket scientists and surgeons. Buffer overflows (easy to take advange of), bad memory allocations and so on.

But saying that you can somehow predict and write "faulty" code that is somehow usable by an external system you have no idea of - is beyond logic and frankly says a lot about a person making such claims.

I sugest: learn to code. Learn to limit your code exposure to malicious actions and then you will see that such an action (what the OP claimed) is highly unlikely.


And for the record: open source is full of bugs and fixes, contraty to popular belief, aren't popping up faster than from M$ or Apple.

Want a secure Windows/Mac/Linux/whatever system? Install a third-party firewall and sniffer. Something that will alert your whenever any application (yes, including the kernel itself) tries to send *anything* from your mashine.

People, stop blaiming OSes. They all have their perks. All are flawed in some way (although I detest OSes without a microkernel, but that is just me). Do something. Take control of your own computer.


Now... a backdoor is another whole story... But that is not a faulty code mister.

reply to post by Nobama


So true, especially when talking about linux. The change from windows to linux is in most cases accompanied by a "this # won't boot" -scenario. When helping people at the support channel, i literally can not remember even one case where the problem was not caused by actions only possible as root, and 8/10 times the problem is console magic gone wrong.

rm -rf is enough magic to wipe the entire drive.. 7 keystrokes.
dd if=/dev/null of=/dev/sda... 1 command and 2 parametres and the whole harddisk is gone.
the only thing i have encountered capable of this under windows is.. not surprisingly "dd for windows" and even that needs special setting up of the OS before it is possible.

I've suspected this since the later 90's, obviously there'll never be a way to prove it, just like you said, plausible deniability... It makes sense the government would be part of it since the majority of computer systems in the US are windows based, obviously they want the vulnerabilities right at their fingertips ready to be manipulated.

Originally posted by JohnPhoenix
This reason ( The original post) is why I do not ever use windows update. I go through all my processes and services when I get a new operating system and shut down all except that I need for the system to run. i do not allow any new process or service to be run. This takes a long while to set up. Before I go online I use a sandbox that's known to have no security holes to protect any process that I allow to access the web. (Sandboxie)

My PC runs very fast and secure and I am confident that nothing is getting accessed that I don't know about and allow.

Unless something is broken and no longer works, there is Never a reason to use windows update or to update any software simply because someone tells you to. Only update if you KNOW if will fix a problem that you must have.

I have used operating systems this way for years with never having any update and nothing has ever failed to work properly.

In this case your Computer is vulnerable to a gazillion known exploits, that can create an Admin account on the fly .. you should really read the MS security bulletins associated with each KB-number.

reply to post by coder22


This thread is a perfect example of why i'm on a Mac.

Typing from my MacBook Pro.

reply to post by coder22

I've always suspected that, why it's so convenient to program malicious software into an operating system that is used world wide, and make it look like just plain old vulnerabilities, or flaws that go with the territory. It doesn't take a rocket scientist to think of something like that.
Great thread, and great to see someone bring this out into the open. S&F

reply to post by coder22


It doesn't matter if this story is true or false.
Think of it this way in terms of Logic. If they wrote Perfect Code with no bugs, why would
anyone even think about upgrading. Due to the complexity and decreasing chip size of hardware they also breakdown much easier and more often, supporting M$ model of why make Perfect Code. Why do car manufactures design cars to last 10 years, or in the case of GM 5 years, because nobody would buy a new one, they would have no need to. Everything IS designed to last X Years, the problem is that X is getter shorter and shorter, so we are constantly replacing things.

Live your life in fear, guys. They are spying on us. They are watching your every move. Cover your windows, do not go outside. World ends in 2 years.

Linux versus Windows, I will agree that if you are just a web browser, or playing DVDs or playing music or writing letters or working with openoffice etc then Linux in various flavors is just as good as Windows. However, if you like to game, as another poster mentioned, forget Linux. Sure, a few games will work well, depending on what your games you like are, but anyone with even a limited library of Windows games(and face it, Windows is what the developers develop games for), will get very frustrated with Linux. As I experienced, I wanted to play Company of Heroes with Ubuntu(yes, a Newbie distro, so what?), and I found at best it would play with the graphics of my squads either messed up or not even showing, and the sound cutting out.And I had a Nvidia 9800GTX graphics card, not AMD graphics, and I knew Linux favored Nvidia, so it should work right?(and I upgrade my video once a year, with the latest driver). Unless Linux developers get Windows games to work as Windows users expect, without glitches, Linux on the desktop won't replace Windows for very many gamers. I went back to Windows 7 because it plays my library of games(and my cousins when they visit like to play theirs), not because its a great OS, its not, but had to face that Linux even with WINE doesn't cut it for gamers. Maybe someday, I keep looking at WINE maybe twice a year, but still not good enough. Its too bad Microsoft won't offer a Windows gaming compatibility layer for Linux, but then Windows would lose its one advantage over Linux.

reply to post by skeptic_al


This is true, unless you are nobama and build everything you use yourself.