Microsoft Is "a National-Security Threat" and Cisco Firewalls Hacked
A Bad Cybersecurity Week In Review For the U.S.
A former White House senior cybersecurity official finally said what nearly everyone who has ever had a computer virus already knew: Microsoft is a national-security threat.
The software company, apparently named by Bill Gates for a particular part of his anatomy, has a worse security record than the Ford Theatre, the Isabella Stewart Gardener Museum and the city of Troy, combined.
In just two examples from the decades-long dumpster fire that is Microsoftâs cybersecurity history, Beijing compromised Microsoftâs email software in 2021 and pilfered untold volumes of sensitive government emails, then, this year, Moscow also jacked emails from Microsoft containing government secrets.
The root problem for the government and security-conscious organizations is a lack of competition in the enterprise software market, argued A.J. Grotto, the former White House senior director for cybersecurity policy. Thanks to its dominance in that sector, Grotto said, âMicrosoft, in many ways, has the government locked in, and so itâs able to transfer a lotâ of the costs of âsecurity breaches over to its customers, including the federal government.â
Microsoft simply has âa ton of leverage,â Grotto told The Register, and is ânot afraid to use it.â
Within a week of Grottoâs public catharsis about Microsoft, another American tech giant had cybersecurity egg on its face. The federal government was again compromised by state-sponsored hackers who coordinated worldwide takeovers of Ciscoâs flagship firewalls.
The irony is that firewalls are meant to keep networks secure, and Cisco is both the worldâs largest manufacturer of networking equipment and a major supplier to the U.S. government. In this case, however, Ciscoâs mega-popular firewalls served as beachheads.
Next for the tech giants in this weekâs review, the recent antitrust suit against Google has surfaced a possible explanation for a widely noted mystery since 2020: the marked decline in Googleâs search quality. Edward Zitron mined internal Google emails that are now public court records and addressed the elephant in the room. He asserts that Googleâs search is dead, and that âa management consultant wearing an engineer[âs] costumeâ killed it.
Technical folks will almost surely nod as they read Zitronâs blistering critique of Prabhakar Raghavan, the current head of Google search, and of how todayâs culture in American tech companies is killing quality:
Itâs because the people running the tech industry are no longer those [who] built it. Larry Page and Sergey Brin left Google in December 2019 (the same year as the Code Yellow fiasco), and while they remain as controlling shareholders, they clearly donât give a shit about what âGoogleâ means anymore. Prabhakar Raghavan is a manager, and his career, from what I can tell, is mostly made up of âdid some stuff at IBM, failed to make Yahoo anything of note, and fucked up Google so badly that every news outlet has run a story about how bad it is.â
This is the result of taking technology out of the hands of real builders and handing it to managers at a time when âmanagementâ is synonymous with âstaying as far away from actual work as possible.â And when youâre a do-nothing looking to profit as much as possible, you only care about growth. Youâre not a user, youâre a parasite, and itâs these parasites that have dominated and are draining the tech industry of its value.
Finally, last but not least⊠Though Americans should never trust their data to Beijing or anyone under Beijingâs influenceâwe learned this week that the Great Firewall of China has likely been spying on every Chinese speakerâs keystrokes for yearsâno one, it seems, dares to note that Washington has publicly given up hope that the domestic tech sector would ever beat TikTok on the merits.
Rolling Stone named Martin MartyG Gottesfeld âThe Hacker Who Cared Too Much,â due to his âCrusade To Save Children.â He was Cisco certified in 2003 at the age of 19. In 2014, according to the Justice Department, he compromised 40,000 edge devices and used DNS amplification to orchestrate âone of the largest DDOS attacks ever conducted, in terms of traffic volume.â