Interesting Behavior: Is It a Leitmotif for Big Tech?
October 18, 2021
A leitmotif, if I remember the required music appreciation course in 1962 is a melodic figure that accompanies a person, a situation, or a character like Brünnhilde from a special someone’s favorite composer.
My question this morning on October 18, 2021, is:
“Is there a leitmotif associated with some of the Big Tech “we are not monopolies” outfits?”
You can decide from these three examples or what Stephen Toulmin called “data.” I will provide my own “warrant”, but that’s what the Toulmin’s model says to do.
Here we go. Data:
- The Wall Street Journal asserts that William “Bill” Gates learned from some Softie colleagues suggested Mr. Gates alter his email behavior to a female employee. Correctly or incorrectly, Mr. Gates has been associated with everyone’s favorite academic donor, Jeffrey Epstein, according to the mostly-accurate New York Times.
- Facebook does not agree with a Wall Street Journal report that the company is not doing a Class A job fighting hate speech. See “Facebook Disputes Report That Its AI Can’t Detect Hate Speech or Violence Consistently.”
- The trusty Thomson Reuters reports that “Amazon May Have Lied to Congress, Five US Lawmakers Say.” The operative word is lied; that is, not tell the “truth”, which is, of course, like “is” a word with fluid connotations.
Now the warrant:
With each of the Big Tech “we’re not monopolies” a high-profile individual defends a company’s action or protests that “reality” is different from the shaped information about the individual or the company.
Let’s concede that these are generally negative “data.” What’s interesting is that generally negative and the individuals and their associated organizations are allegedly behaving in a way that troubles some people.
That’s enough Stephen Toulmin for today. Back to Wagner.
Leitmotifs allowed that special someone’s favorite composer to create musical symbols. In that eminently terse and listenable Der Ring des Nibelungen, Wagner delivers dozens of distinct leitmotiv. These are possible used to represent many things.
In our modern Big Tech settings, perhaps the leitmotif is the fruits of no consequences, fancy dancing, and psychobabble.
Warrant? What does that mean? I think it means one thing to Stephen Toulmin and another thing to Stephen E Arnold.
Stephen E Arnold, October 18, 2021
Office 365: A Petri Dish for Malware?
October 18, 2021
Microsoft has a PR problem? Microsoft may have other issues as well, but “Infosec Expert Beaumont Slams Microsoft Over Hosting Malware for Years” seems like a semi-negative write up. Is the situation as dire as the article suggests? I don’t know, but it seems as if it is not what you would call:
- A ringing endorsement for Microsoft security
- An illustration of Microsoft’s approach to Office 365
The write up asserts:
An overwhelming majority of ransomware attacks only Windows, with an analysis by staff of the Google-owned VirusTotal database last Thursday showing that 95% of 80 million samples analysed — all the way back to January 2020 — were aimed at Windows.
How has Microsoft responded? The write up quotes infosec expert Beaumont as saying:
Before the train of MS employees arrive saying ‘just report it’, try getting them and future ones taken down yourselves. I did. It was a disaster.
The write up, which is a mish mash of quotes and tweets, contains a number of interesting allegedly true factoids.
True? Maybe. Not-so-great PR for the company that follows China’s content guidelines? Sure seems like it.
Stephen E Arnold, October 18, 2021
Another Reason for Windows 11?
October 13, 2021
The team at Beyond Search talked yesterday about Windows 11. One individual installed the system on one of our test-only machines and reported, “Not too exciting.” Another dismissed the Windows 11 as a distraction from the still-lingering SolarWinds and Exchange Server security face plants. I took a look and said, “Run some tests to see what it does to the performance of our AMD 5950X machines.”
Then I turned my attention to more interesting things. This morning my trusty Overflight system spit out this headline: “Microsoft: Here’s Why We Shrunk Windows 11 Update Sizes by 40%.” I noted this statement in the article:
…It was necessary to reduce the size of them, which in the past have been almost 5 GB in size. In a word, it’s about bandwidth, which millions of households in the US have a shortage of due to poor broadband in remote areas.
Maybe cost is a factor?
My hunch is that Microsoft has many employees who have opinions about the shift from the last Windows to a last-plus-n Windows.
Several observations from our underground computer lab in rural Kentucky:
- Updates create problems for Microsoft; for example, security issues lurk and actors world wide are enthusiastic about exploring “new” code from Microsoft. Vulnerabilities R’Us it seems.
- Implementing procedures which produce stable code are more expensive than figuring out how to reduce code bloat in updates. Therefore, the pitch touted in the write up cited above.
- Microsoft has shifted from 10,000 sail boats going in the same general direction to 20,000 motor boats going someplace. Evidence? The changing explanation for the existence of Windows 11.
Net net: Big and changing operating system may add vulnerabilities, not just rounded corners and a distraction from deeper issues.
Stephen E Arnold, October 13, 2021
Microsoft and Its Post Security Posture
October 1, 2021
Windows 11 seems like a half-baked pineapple upside down cake. My mother produced some spectacular versions of baking missteps. There was the SolarWinds’ version which had gaps everywhere, just hot air and holes. Then there was the Exchange Server variant. I exploded and only the hardiest ants would chow down on that disaster.
I thought about her baking adventures when I read “Microsoft Says Azure Users Will Have to Patch these Worrying Security Flaws Themselves.” Betty Crocker took the same approach when my beloved mother nuked a dessert.
Here’s the passage that evoked a Proustian memory:
instead of patching all affected Azure services, Microsoft has put an advisory stating that while it’ll update six of them, seven others must be updated by users themselves.
Let’s hope there’s a Sara Lee cake around to save the day for those who botch the remediation or just skip doing the baking thing.
Half baked? Yeah, and terrible.
Stephen E Arnold, October 1, 2021
Forgetting the Lessons of the Phalanx: Zooming In Does Not Work for Some
September 14, 2021
I read a write up from the Android mobile of Captain Obvious. The title? Here she be: “Study of Microsoft Employees Shows How Remote Work Puts Productivity and Innovation at Risk.” Ground breaking!
The article explains without a trace of Saturday Night Live humor:
A new study finds that Microsoft’s companywide shift to remote work has hurt communication and collaboration among different business groups inside the company, threatening employee productivity and long-term innovation.
To make the academic goodness of the report even more credible, the write up explains that the research report was:
published Thursday morning by Microsoft researchers in the journal Nature Human Behaviour. It coincides with Microsoft’s announcement that employees won’t be returning to the office Oct. 4 as previously expected.
I circled this quote nestled in the article:
The desire of employees to have both flexibility and connection with others is what Microsoft CEO Satya Nadella calls the “Great Paradox.” The company is also announcing new features in Teams, LinkedIn and other products meant to address some of the challenges revealed by the data.
War fighters employing the reliable phalanx figured out that Zooming in to a battle was not a reliable way to win. Teaming in, even with new features, is unlikely to yield better results.
Perhaps the lack of togetherness at Microsoft makes life easier for those exploiting the security peculiarities of Microsoft systems and software? No, hold that thought, please. Microsoft’s Windows 11 is a Covid era product. The Microsoft Exchange Server and Azure issues are from PC time; that is, the pre Covid period.
Perhaps the already present communications and togetherness issues have been present for many years. The work from home approach just amplified them.
Paradoxical? Nope. Management acting as a 50000 watt AM radio station. Static, anyone? Will Microsoft employees do the Thermopylae thing to defeat Microsoft’s antagonists? Sure, just via Zoom and one hopes a functioning Teams with extra features.
Stephen E Arnold, September 14, 2021
Microsoft: What Is the Priority?
September 8, 2021
Two items caught my attention today (September 3, 2021). The first was “Conti Ransomware Now Hacking Exchange Servers with ProxyShell Exploits.” What’s interesting is that Microsoft Exchange is in the news again. Here’s the interesting part of the write up:
The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits…. While Microsoft fully patched these vulnerabilities in May 2021, technical details regarding exploiting the vulnerabilities were recently released, allowing threat actors to start using them in attacks. So far, we have seen threat actors using the ProxyShell vulnerabilities to drop webshells, backdoors, and to deploy the LockFile ransomware.
Isn’t this like a 45 rpm recording of the The Trashmen’s “Surfin’ Bird.” Repetitive much? Here’s the lyric. Just substitute breach or break for bird, and you may have a hit on your hands:
A well a everybody’s heard about the bird
B-b-b bird, bird, bird, b-bird’s the word
A well a bird, bird, bird, the bird is the word
A well a bird, bird, bird, well the bird is the word
(Repeat endlessly)
The second item was “Don’t Like the New Windows 11 Start or Taskbar? Don’t Worry – Microsoft’s Got Your Back.” The main thrust of this write up is that Microsoft trashed the task bar and start menu of Windows 11. I learned:
Affected Insiders found, according to Microsoft, “that Start and Taskbar were unresponsive and Settings and other areas of the OS wouldn’t load.” The result was a hurried update requiring those impacted to do a bit of Registry tinkering in order to get things back to normal.
From the all-important security assurances to the suggestions of the best Windows ever, Microsoft delivers flawed experiences for some it seems.
Trust, confidence in Microsoft software, and commitment to providing secure and stable tools are in short supply in Harrod’s Creek. Your mileage may vary, but bad actors continue to get useful tips about ways in which Microsoft says, “Hey, pay us a visit.”
Stephen E Arnold, September 8, 2021
The Print Nightmare Method Advances to the Windows 11 Tool Bar and Start Button
September 8, 2021
Once again someone has discovered a bug in Windows machines. The vulnerability allows bad actors access to remove code execution and local privilege escalation. Tech Radar details how this is the second issue related to this vulnerability in “There’s Yet Another New PrintNightmare Hack.” The problem started when Chinese security researchers shared a proof-of-concept exploit online, believing that Microsoft had patched the hole in Windows Print Spooler. Nope!
Microsoft quickly released a patch, but not before damage was done. Creator of the popular exploitation tool Mimkatz, Benjamin Delpy exploit exploited the bug again. The bug enables anyone to gain admin privileges on vulnerable machines. It works like this:
“According to reports, Delpy’s workaround takes advantage of the fact that Windows doesn’t prevent Limited users from installing printer drivers. Furthermore, it won’t complain when these drivers are fetched from remote print servers, and will then run them with the System privilege level.”
Microsoft issued another PrintNightmare patch, but Delpy and other security researchers are not happy with it. They say that Microsoft checks for remote libraries in PrintNightmare patch and it gives an opportunity to work around it. Delpy and other security researchers have since learned a lot about printer spooler and drivers. He released his own proof-of-concept that downloads a rogue driver that misuses the latitude to allow Windows users access to admin privileges. Delpy and others explain this will not be the last of Windows printer spooler abuse.
And how’s that Microsoft method working out?
It is consistent. “Windows 11 Preview Glitch Hits Start menu and Taskbar” explains:
“Recently, Windows Insiders in both the Dev and Beta Channels began reporting that Start and Taskbar were unresponsive and Settings and other areas of the OS wouldn’t load,” wrote the Windows Insiders team at Microsoft in a blogpost.
Yep, consistent.
Whitney Grace, September 8, 2021
Microsoft: Maybe ESET-Type Companies Are a Problem?
August 12, 2021
Microsoft security may have a problem other than bad actors compromising systems. The news cycle has moved forward, but I still chuckle at the SolarWinds’ misstep. How many super duper cyber solutions failed to detect the months long compromise of core Windows processes? I don’t know, and my hunch is that whoever knows does not want to talk about the timeline. That’s understandable.
I read “IISpy: A Complex Server?Side Backdoor with Anti?Forensic Features.” The source appears to be We Live Security which is reporting about an ESET research finding. (I find it interesting that cyber security researchers report interesting things that other cyber security vendors appear not to report or possibly know about. Interesting or a signal that cyber security systems are not particularly effective when new methods poke through a secured system, saying, “Surprise!)
The write up states:
According to ESET telemetry, this backdoor has been active since at least July 2020, and has been used with Juicy Potato (detected as Win64/HackTool.JuicyPotato by ESET security solutions), which is a privilege escalation tool. We suspect the attackers first obtain initial access to the IIS server via some vulnerability, and then use Juicy Potato to obtain the administrative privileges that are required to install IISpy as a native IIS extension. According to our telemetry, IISpy affects a small number of IIS servers located in Canada, the USA and the Netherlands – but this is likely not the full picture, as it is still common for administrators to not use any security software on servers, and thus our visibility into IIS servers is limited.
If the affected server is the exact one the bad actor wants, numbers may not be germane. Also, does the phrase “not the full picture” indicate that the cyber researchers are not exactly what’s going on?
Interesting questions from my point of view.
If I step back, what’s my observation:
Perhaps cyber security is in a quite pitiful state. If this is accurate, why would the US government offer Amazon AWS another $10 billion deal? Microsoft will contest this important award. You can read the Microsoft News story “Microsoft Challenges the Government’s Decision to Award Amazon a NSA Cloud-Computing Contract, Which Could Be Worth $10 Billion” to get a sense about the disconnect between selling and addressing what may be fundamental security issues.
Would that money, time, and effort be better invested in addressing what seems to be another troubling security issue?
The answer to this question would be in my opinion a true juicy potato.
Stephen E Arnold, August 12, 2021
Microsoft: Amazing Quote about Support
August 12, 2021
I read “El Reg talks to Azure Data veep as Microsoft flicks the switch on Azure Arc for SQL Managed Instances: Longevity, PostgreSQL, and the Default Relational Database of Choice.” I like the phrase “default relational database of choice.” Okay, confidence can be a positive.
Most of the interview is not-so-surprising stuff: End-of-life assurances, hits of a catholic approach to the Codd structure, and a general indifference to the Amazon database initiatives. That’s okay. The expert is Rohan Kumar, who is going to speak Redmond, a peculiar dialect of jargon which often reveals little relevant to the ordinary person trying to restore a trashed SQL Server table.
I did spot one tiny comment. Here is this remarkable assertion:
“We will never let any of our customers run into challenges because Microsoft decided, ‘hey, we’re not going to support you’.”
No kidding? For real? I mean none of the code blocking, security challenging stuff?
Stephen E Arnold, August 12, 2021
Strong Sinequa Helps Out Hapless Microsoft with Enterprise Search
August 9, 2021
Microsoft has enlisted aid or French entrepreneurs have jumped on the opportunity to enhance the already stellar software system available from the SolarWinds and Exchange Server misstep outfit.
Business Wire reveals in a hard hitting write up “Sinequa Brings Intelligent Search to Microsoft Teams” an exciting development. Wait, doesn’t Microsoft search work? Apparently Sinequa’s platform works better. We learn:
“Sinequa for Teams enables organizations to unleash the power of Sinequa’s Intelligent Search platform right within Microsoft Teams. … Sinequa continues to recognize the need to make knowledge discoverable so employees can make better decisions, regardless of where and how they work. The Sinequa platform offers a single access point to surface relevant insights both from within and outside the Microsoft ecosystem. Built for Azure and Microsoft 365 customers with Teams, Sinequa has extended its powerful search technology to Teams to help enterprises elevate productivity and enable better decision-making all in one place.”
The tailored Teams platform promises to improve data findability and analysis while bolstering collaboration and workflows. Sinequa is proud of its ability to provide enterprise search to large and complex organizations. Founded in 2002, the company is based in Paris, France.
Excellence knows no bounds.
Cynthia Murrell, August 9, 2021
-
- Subscribe to Beyond Search
Feature archive
News archive
-
