Pixel Envy

Written by Nick Heer.

A Disaster Foretold and Ignored

Patrick Barker:

On my home forum Sysnative, a user (wavly) was being assisted with a WU [Windows Update] issue, which was going well, aside from the fact that wavly’s WU kept getting disabled randomly. It was figured out eventually after using auditpol.exe and registry security auditing that the program that was responsible for disabling WU was Disable_Windowsupdate.exe, which is part of Samsung’s SW Update software.

SW Update is your typical OEM updating software that will update your Samsung drivers, the bloatware that came on your Samsung machine, etc. The only difference between other OEM updating software is, Samsung’s disables WU.

The BBC:

Adobe has released an emergency software patch for Flash after it found a serious vulnerability being exploited by hackers.

The company said it had evidence of “limited, targeted attacks” and urged people to update their software immediately. […]

This vulnerability – which enables hackers to take control of a computer – affects Windows, Mac and Linux systems.

Craig Timberg, in the Washington Post:

Your computers, [hacker collective LOpht] told the panel of senators in May 1998, are not safe — not the software, not the hardware, not the networks that link them together. The companies that build these things don’t care, the hackers continued, and they have no reason to care because failure costs them nothing. And the federal government has neither the skill nor the will to do anything about it.

[…]

The result was a culture within the tech industry often derided as “patch and pray.” In other words, keep building, keep selling and send out fixes as necessary. If a system failed — causing lost data, stolen credit card numbers or time-consuming computer crashes — the burden fell not on giant, rich tech companies but on their customers.

It isn’t working.