Slashdot Mirror
Microsoft Vows Security Commitment on Win2K
dieMSdie writes "MSFT is pledging a firm commitment to security with measures such as equipping its upcoming Windows 2000 operating system with 128-bit encryption and interacting with users and rival vendors to detect software breaches and bugs" reads this story on CNN. There is also a poll; the results so far are quite amusing." I bet they'll be even more amusing once our readers get a crack at it.
"unzip" under Linux will allow you to read the contents of this file.
--
Xenu loves you!
NT's security is NOTHING like you'll find on linux or any other unix or similar
Wow, you think? NT has to implement access control on many different types of things... yes, everything's an "object" - but on Unix and Unix-alike systems, everything is a file. That's why NT's security is very different from Unix security - it's just a plain different approach.
On the fact Unix's security is based on 1 superuser which is needed for all daemons? on userrights instead of object rights?
That doesn't necessarily make it more or less secure (unless something in the OS is implemented badly, has some kind of hole, etc.)...
NT is in the US/Canada area already 128bit for years. Windows 2000 will be using 128bit security worldwide.
Uhhh. They'd have to have government permission to export "strong" encryption outside of the US. Also, "worldwide" is a relative term - there're still several nations on the US government's shitlist that they won't allow ANYONE to export crypto technology to (and some like France, where they simply don't permit crypto technology at all). Simply, I think you don't know what you're talking about here.
Windows2000 will use Kerberos strong encryption
Uhhh. You obviously don't understand what Kerberos is - Kerberos is NOT an encryption method, it is a secure ticket-based authentication system. (It doesn't necessarily use "strong" crypto, afaik.) And an "industry standard"? It's certainly a standard, but (a) it's not a standard in "the industry" proper (because far as I know, most Unix vendors don't ship a commercial Unix with Kerberos plugged into it), and (b) Microsoft, of course, is using their own bastardized version of Kerberos, not the standard protocols that the rest of the world uses (minimizing compatibility, as usual).
MS fixes security leaks within 24 hours most of the time. Arguing it takes ages to get a fix are therefor unfounded.
I don't know what planet you've been living on, but Microsoft has taken its sweet time fixing security-related issues. (Unless of course, you're a huge corporate customer...)
Still, unskilled administrators install the basic set [of IIS modules].
"[U]nskilled administrators"? I believe I heard it said best like this (roughly quoted): "If you need point and click to be an administrator, you shouldn't BE an administrator." Microsoft harps on how "easy" it is to admin NT - yet all the people I know who admin NT say "you really need to know what you're doing, not just any monkey in a 3-piece suit can do it"... Next.
IE holes are a problem, but who surfs the net on a production server.
Well, when EVERY Microsoft product requires IE to be installed for installation, and all the help and stuff like that is provided via IE, that's what you get. YASMD. (Yet Another Stupid Microsoft Decision)
but MOST of the system administrators, ALSO on unix, are not people with 10 to 12 years of experience with administrating servers
I don't have 10-12 years of experience (I have 4-5 years of Linux experience under my belt now), but most people I know consider me fairly learned, and I read ORA books, check up on BugTraq, and try to keep up on recent information and issues. You don't have to have a virtual lifetime of experience, but you need to have some, and you need to read up. That's the same whether you're running NT or Solaris or IRIX or Linux or HPUX or whatever.
No-one says unix is unsave because sendmail is crap.
Well, that's very true, but Sendmail is just one MTA - there are several others; also, the bad old days of poor Sendmail security have mostly passed us by. I think the developers of Sendmail learned a LOT from the days of the Internet worm.
if you don't follow the security sites, if you don't apply patches REGULARLY!, if you don't know what to close and what to remove from the system to keep/make it secure, and most important: if you DON'T let a 3rd party, specialized in security, scan your systems for leaks, your system won't BE secure, no matter what kind of OS you have. Admitted: some OS-es have LESS open doors than others, but NO OS has NONE closed doors. Don't forget that.
All I can say to that is this: It's a lot easier to secure a Unix box than an NT box, if you know what you're doing. And by the very admission of NT admins that I've spoken with, you need to know what you're doing on NT too. Besides, with closed source, you never know what ports they're leaving open (at least till you portscan your own box), and that can be dangerous. I'd rather stick with Linux, where I can verify my own security (as well as having someone from outside check it), instead of depending on big daddy MS to do it for me.
Ask all those Solaris administrators currently suffering the DoS worms
Which are those? The main admins I feel bad for are SCO admins (seen loads of recent SCO issues on BugTraq) - and admins of NT 4 systems, who are soon to be orphaned unless they pay big bucks to update to the latest, greatest Microsoft product.
Bashing the FUTURE without knowing what it will bring with the facts of old material from the past is not fair.
It's called history. History is important - those who do not remember it are doomed to repeat it.
If you turn around the roles and people will bash Linux using the hundreds of holes in all the distributions
Not everyone runs the most holey of distros, but Linux security holes do (in general) get patched quickly. I happily run Debian, and have found it to be plenty secure for my needs (masq box/shell server/Web server for a public school district), and any security issues are quickly resolved with Debian, in my experience. NT's holes are just harder for the end-user to deal with - namely because you have to wait for them to come from above. You can't do anything about them on your own.
Your claim that NT security is "better" than Unix security is, IMO, quite false. Look at the history - then tell me what you believe.
Sam: "That was needlessly cryptic."
Max: "I'd be peeing my pants if I wore any!"
This from ZDnews3 09474,00.html
http://www.zdnet.com/zdnn/stories/news/0,4586,2
If the Microsoft security challenge was meant as a publicity stunt, it may have backfired. As soon as the site went online, Microsoft ran into technical difficulties with the test server. Early visitors reported problems with the home page's HTML and JavaScript -- some serious enough to prevent them from accessing the page at all.
Posted status logs indicate that the server had to be rebooted at least once because the system log was full, and some services were unavailable at reboot.
Most significantly, the server has been repeatedly forced offline. The site was only intermittently available Tuesday and went down for approximately 8 hours Wednesday. Web service was restarted at least once Wednesday evening, and the server was rebooted after a reconfiguration on Thursday morning. Access continues to be intermittent, and the site was unavailable at press time.
Microsoft has offered conflicting reports as to the source of their problems. A Microsoft spokesperson attributed the difficulties Tuesday and Wednesday to router failures and thunderstorms in Seattle, while the site's status log blames the Wednesday crash on a "known bug". Microsoft was unavailable for further comment at press time.
So, do we know if it was hacked or not.
Linux is only free if your time has no value. Windows is only free if you threaten to use Linux.
Too bad they can't be bothered to pick more secure default settings.
9:30 A.M. CDT
Poll: Do you trust Microsoft's Security?
GAHH! Looks like all 835 of Microsoft's directors and managers weren't at work in the last couple days. (Blatant UserFriendly reference)
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
If that has been your experience, then you didn't know how to utilize the resources that are presented to you as an MCSP from MS. Business down calls to their highest level support is FREE for MCSPs. Access to the knowledge base is FREE for EVERYONE. You get 5 or so support incidents to their premium level support for FREE. Bug fixes or problems because cost you NOTHING for their support. MS charges NOTHING for their current security website fixes.
One of the trade mags had an article about Barnes and Noble recently. They are using Win2K internally and on the back end now, but not for their web site. The thinking being, if they ran into issues due the beta status of Win2K on the shipping side of things, they can take the time to sort the problem out. On the web site, however, they can't afford to run into any such slowdowns, because people expect to be able to place their orders immediately, and if they ran into a problem, might switch to another bookseller. This was especially relevant during the Christmas shopping season.
Cheers,
ZicoKnows@hotmail.com
We're talking e-commerce here, not pages for family pets and innumberable "How to set up PPP under Linux" pages. NT is slaying Linux when it comes to e-commerce, even Netcraft's SSL statistics show this.
Cheers,
ZicoKnows@hotmail.com
No, it was a case of putting HTML tags into the guestbook, namely javascripts to redirect the viewer to a different web site. When someone went to the site, their browser would parse those tags and act accordingly, which in this case was to go to a different site. The guestbook originally didn't filter these out. Same thing happened to the LinuxPPC site, too, actually. Neither were server hacks.
Cheers,
ZicoKnows@hotmail.com
Sure, a weather crash sounds odd, but it's happened to me before, so I can relate. The reason why it doesn't sound suspicious to me is because there were times when the server crashed due to bugs, poor sample configurations, and DoS attacks, and the Win2K guys didn't seem to have any trouble admitting these. If they're going to admit the other problems, why bother making up the weather/router one?
Cheers,
ZicoKnows@hotmail.com
Great isn't it?
Sure, if you're the kind of person who needs cheap validation from others to help make all your decisions for you, even when you know deep down that the results are rigged -- I'm sure it must be wonderful. Party on, homes. Baaaaaa.
Cheers,
ZicoKnows@hotmail.com
- When I use "Add/Remove Programs" to uninstall Microsoft Office from my C: drive, and then reinstall it on my E: drive, it should actually remove the "Microsoft Office" folder from my C: drive. At the very least, if I do this and then delete the "C:\Program Files\Microsoft Office" folder myself, running the Word program that's on my E: drive shouldn't give me an "Unable to locate DLL" error.
- When my colleagues have compiled a class library with version N of Microsoft's C++ compiler, and all I have is version N+1, I should be able to compile a program with my compiler that links to their class libraries.
ObSecurity: if they can't release software that handles these simple interactions with other software from the same company, how can they write an OS that protects users from malicious code written by outsiders?...--
"But, Mulder, the new millennium doesn't begin until January 2001."
send all spam to theotherwhitemeat@ropine.com
The fact that they've only put 15 people on fixing the gaping holes suggests that this is not in earnest. I mean, honestly... we're to believe that 15 people combing through thousands of lines of spaghetti logic visual basic code are going to be able to make W2k a secure OS??!? I would suggest that this is merely a way for them to say "look!! we're secure!!"
waiting on my OS/2 cds and Mandrake 7.. gotta nuke this win98 install.
jim
That's funny.. considering it already went gold!
Of course it has an 'NTish options'.. it *IS* NT.
It's NT 5.0, they just renamed it to Windows 2000. Remember.. it was *going* to be their new OS.. they were going to scrap the 9x line... but that's not gonna happen either...
There's a difference between having security bugs and having an insecure OS policy. Ever since the PC-AT (80286), MS-DOS has refused to use protective hardware and has insisted that major parts of the system (hardware and software) be available to every program. It made malicious programs trivial. I suppose then there were no security problems as there was no security. (But "Then" is still "Now" as MS Windows runs MS-DOS...as every virus checking program knows)
I would also really like to see an intelligent attempt at command line completion. I recently discovered that NT's cmd.exe supports it, so I turned the feature on and tried it. I tried cd'ing into a directory but didn't give enough letters to make it unique, and it cd'd me into the first match. I was hoping it would give me a list like bash does, but nope, first match. Oh well...
Nice try, but that's not the behavior of the command line at all - it doesn't just "Cd you into the first match"... it shows you the first match, after which you can hit TAB again to show the next match, or hit SHIFT+TAB to show the previous one. Sheesh.
Simon
Coming soon - pyrogyra
I'd say it's Microsoft's problem if they put up a page which won't render properly on one the most popular browsers. Although I agree that Netscape is pretty much a piece of junk.
This is the same argument which makes Microsoft's "Embrace and Extend" policy perfectly valid and acceptable.
Choose your poison: Follow standards, or have core standards with branches coming off them. But don't be a hypocrit and expect to have both whenever Microsoft would choose the one you didn't.
Simon
Coming soon - pyrogyra
The issue is not about finding bugs and security breaches but about fixing them quickly.
dave
(strangely tempted to shout first post, but resisting)
Well, security is one thing - everyone talks about security, however, we forget that the main threat to security is the human element. Passwords discarded in trashcans, to start off with. Disgruntled employees. One could make a whole list of these. Furthermore, any vendor which doesn't list security as a primary concern should be shot anyway.
...). However, let's look at the back-end for a change?
Well done to MS, they're now looking at security. How about stability? I know for a fact that quite a few financial institutions use NT on the desktop, but have banned it from their servers. Or actively discouraged the use of it there. How about MS showing us definite proof of W2K's stability, as compared to, for example a Sun Enterprise server or SGI enterprise class server, or IBM, or HP etc etc etc.
The desktop user does tolerate BSOD's and the occasional reboot (once an hour is annoying, but provided you don't lose data, it's fine
.my 2p
The stable kernel branch is not beta (it's release quality), and it's certainly more stable than most other software that gets pushed out the door by certain corporations. Most of the system apps you're running have had stable versions for years. Most of the non system apps you're running have had stable versions for years.
In conclusion: Linux is not an unstable beta product and is not one by definition. Just because there's always a development version getting kicked around at a furious pace (and immediately so after a stable version is declared so), doesn't speak to the contrary.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
I guess everyone here in /. already knows that M$ does not hold a track record for providing bug free software. Their internal coding habits are also pretty atrocious and its credit to the programmers that they are producing stuff that are as stable (*cough*) as it is now.
Giving the source out to 70 external agencies is a
meaningless gesture. Is it going to be ALL of the code? or some of the code? or maybe just snippets here and there? And of course these agencies will
likely have to sign NDA's which will limit the exposure to the people who actually *can* help.
And for helping out, what do we get? Do we get a piece of the M$ pie? Stock mebbe?? I think NOT.
It's likely that M$ will charge for the source as well.. So us grubby non-M$ coders will have to like.. *PAY* to take a look at it.
All in all, its a lose-lose situation for anyone
involved in this goofy business..
Sheesh.
-vanth
I'm assuming this also reveals their previous strategy for securing the operating system.
"Gosh, if they want security, I'm sure they'll just solve the problems themselves. No reason we should spend any of our monopoly supported profits on fixing the problems for them."
Work for Change & GET PAID!
A couple of points I'd like to make:
:-) The K.I.S.S. principle applies doubly to security. Keeping track of more possible permutations of security aside, MS is not targetting this enchanced security model at people who understand it -- "Learn Windows NT in 21 Days" has become the rule of the day, which means it's wasted and (more often than not) leads to more problems than it solves.
"NT uses security throughout the system on objects. It's then way more flexible to set security flags, without the necessity to open up the system because a certain daemon needs root access, for example."
1) Linux supports stuff like this via POSIX.1e, which allows you to flexibly drop what you don't need (super user wise). An example is ProFTPD, which has mod_linuxprivs. When it's used, ProFTPD loses all super user abilities, except for the binding to ports lower than 1024 one.
2) More complex does not mean better. During WWII, German artillery had 49 moving parts and could strike more accurately, whereas American artillery only had 9 movings parts -- it's only feature was it broke less
"MS fixes security leaks within 24 hours most of the time. Arguing it takes ages to get a fix are therefor unfounded."
It doesn't take ages to get a fix.. It just takes ages for them to post it on their website. They do really have a long latency time between a patch, and a posted patch.
"IE holes are a problem, but who surfs the net on a production server. "
Except that IE is now integrated into many other applications that don't need it (I've tried NT 5, and I really hate the grey-child-like Notepad common dialogs which huge "My Network Friends" buttons, and webenabling).. When you take an insecure code base, and cram it everywhere to stop people from ripping it out, you compromise a lot more than your morals. Then you have the marketdroid angle -- NT 5 Work^H^H^H^H Professional (where's the non-professional?) is targetted at those people who like saying they're using the "professional" version. I betcha they surf the web lots.. Do you want your CEO to go and get BOed because of their workstation OS choice?
"MS provides a bulkload of security documents how to implement security on your servers."
I'll have to go with Theo (de Raadt) on this one, and say ship the default config secured -- don't document what you have to do after the fact. When you have to install 500 workstations with a secure setup, it doesn't pay to have to go to each one and click on the same frickin' security wizards, over and over. There are ways around this, but I don't know why they don't ship with more things turned off, or at least with a visible off switch. I received some funny emails from my IDS when NT 5's probing of port 445 ("microsoft-ds") on the Linux firewall set it off..
NT 5 is better, but the ideas behind it are a mishmash of idealistic engineering, hopeful marketting, and sadly failed implementation. As the users on Bugtraq said, "it's getting better [with things like run as alternate user], but it still has lots to catch up on compared to Unix."
---
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
Optimally three. NT isn't the reboot whore Win95/98 are. One after resetting the NT 4.0 user/ACL/network/subsystem/registry settings, then inspect. One after installing IIS, then run through the IIS portion of the checklist. Reboot once more (this is the third) and everything should be as good as it gets on a NT box.
Of course, if you wanted a secure webserver, you would have to wipe the partition table and install OpenBSD on the box. That would require two additional reboots.
.sig: Now legally binding!
prompt for a reboot after application
It's been my experience that the reboots can be avoided during a clean install. On a 'used' machine I usually reboot, but then I'm only installing a couple of SP/HF and the extra reboot can't hurt. I'm a little faster and looser with NT than I should be, however. Then again, the Windows boxen are behind a Linux Masq firewall and then a commercial NAT and a PIX. 'The Company' buys into the security-through-paranoia model of things.
.sig: Now legally binding!
Encryption keys are great for security only if you can't compromise the system some other way.
MS has already released 2 security bulletins this week alone, and of course, these are publically known exploits.
They release fixes as quickly as they release bulletins, but anyone who installs a hotfix the day it is released is pretty much a masochistic guinea pig. I mean really, how does a service pack that totally borks WINSOCK get released?
..... subject says it all.
DO NOT DISTURB THE SE
It's C++
DO NOT DISTURB THE SE
The "autoinstall" of drivers is a side-effect of this: if the Windows or NT is in a position to detect new hardware being added to the PCI (or ISA) bus, it makes (a certain) amount of sense for the OS to attempt to install the relevant drivers for the new hardware. This led to the behaviour first seen in Win95, where the OS detected that you'd added a new card and pleaded to be allowed to install drivers for it.
With the advent of more highly "swappable" bus specs such as PCMCIA and USB, as well as laptops with swappable floppy and CD-ROM/DVD drives (and no-one who's ever installed NT3.51 on a laptop from a stack of floppies will ever forget the experience) the need arose for NT to be able to handle devices arbitrarily appearing and disappearing again. Since NT, at the moment, scans the busses at boot time and then starts device drivers as appropriate, a new approach was needed.
The solution adapted is to say that PnP devices which are added when the machine is shut down (i.e. internal cards) are just a subset of all PnP devices and therefore to say that drivers shoudl have the capability to be started on demand by the PnP Manager. Obviously this is, in many cases, not highly useful (the ability to start the RTC drivers at a point other than boot time is probably not going to see much real-world application ...) but it implies that load-on-demand for USB devices and PCMCIA cards (and IEEE 1394 devices, come to that) drops straight out of the design.
Now, to answer the question: the first time you add a new USB/PCMCIA/IEEE 1394 device to a Win2K box, you need to be logged in with Admin-level rights to install the drivers - but once that's done, anyone can hotswap to their heart's content no matter what their permissions.
--
Cheers
Cheers
Jon
That bugs are the result of human fallibility was implied by the statement. Software's nature comes from human hands; humans make mistakes; therefore software is buggy. I didn't think it needed to be said; I guess some people like everything spelled out for them. *shrug*
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
And the reason that there are so many bugs in the first place is because that is the nature of software. Any piece of code, even slightly complex, will probably be buggy until you take the time to debug it.
Sorry, but you are wrong. Bugs are not the nature of software, but a symptom of the nature of human beings.
Our software is faulty because we are fallible. And that's because our software development processes mostly suck. Is your software buggy? Your process was lousy, and your own fallibility got you.
I would like to ask every coder around here to read this great article, only to learn a little about what perfect software development takes, and how difficult it is to tame our own tendency to screw things up.
Of course it is possible to write perfect software, just eliminate the coders' ability to fail. Perfect software development is very non-human.
The Win2K box wasn't hacked it went down from the load and Microsoft claimed it was due to electri cal storm interference, then refused to put the machine back up. The Win2K box wasn't hacked because nobody got a chance it was slashdotted. :) PS: They did put it back up again but took it down soon after the machine's guestbook got hacked
personnally i think that their 24/7 'bug line' wont really help as i know it. personnally i dont use windows 2000, and usually 70% of the people using it will be people that if you'll say bug near them they'll say "huh?!", and if it comes to submiting bugs, also if they've found a bug, and they know what is it, i doubt if they'll ever submit it. it's not the same with linux, when people are programmers and are aware of bugs and submit them as fast as they can. therefore, they're 'bug line' efficiency is in doubt.
Dan.
it's hard to use this list to compare linux vs. NT, because lots of the bugs listed for the operating systems are in add-ons and third-party products.
the nearest statistical comparison of openrating-system-security is on attritions web-defacement-counter. in the overall OS-count from august 1999 to present Win-NT is leading clearly with 55%, followed by linux with 19% and solaris with 13%. source: http://www.attrition.org/mirror/att rition/os.html
these total number of defacements should also take into account, that there are more webservers running on linux than on NT, as can be seen here.
open source brings a security-problem which is not as big in closed source: it's far easier to write trojans. but this risk is small compared to backdoors intentionally implemented by clodes-source software manufactures. a good example is the international version of lotus notes where the NSA knows 24bit of the 64bit-key.
>We all know that the W2K machine that was "naked" on the internet had no problems at all. Nooo. Uh uh. And if they gave you that Administrator password, it'd be *fine*.
>The Win2K guys posted the Administrator password, what's your point?
His point is that the machine was NOT naked on the internet, it was behind a firewall. That test had nothing to do with cracking Win2K.
Perhaps you weren't paying attention, but the Linux box was compromised due to an insecure 3rd party CGI script. That is the fault of the administrator for using such a script, not the OS.
What do you know, Zico? I wonder...
WMBC freeform/independent online radio.
1. Don't open-source the code. Some poor college students who love MS will waste hours poring over it, and their SO's will dump them.
2. Get rid of the required GUI. That's just asking for trouble, really. If people want the shiny happy face buttons, let them have them. But maybe if your OS overwrites the video drivers randomly, people should be able to at least boot their server to a useable state until they can comfortable fix it after-hours.
3. Actually do what they just said. Every week a new bug comes out in ActiveX. Every few weeks, an exploit comes out for NT or 9x. It always takes them a lot longer to fix it than the Linux or BSD people. Plus, when they found a bug in the Linux 3C59x driver, I hand-edited the file and fixed it myself. However, I DON'T want them to go OSS, as stated above.
4. Keep the "happy marketing" away from the server products. Servers are not named "My Computer". Servers have ugly names, so that crackers cannot guess them, unless you feel like putting up a script-kiddie magnet by naming it something like "exchange.getbent.com". I am not in a Network Neighborhood; I'm on a LAN. Blechh.
WMBC freeform/independent online radio.
According to Netcraft, Barnes and Noble is running IIS4., not IIS5
www.bn.com
is running Microsoft-IIS/4.0 on NT4 or Windows 98
www.barnesandnoble.com
is running Microsoft-IIS/4.0 on NT4 or Windows 98
This leads me to speculate that you do not have a source for your information.
--
He lives in a world where those who do not run the client software of the omnipresent meme are unacceptable.
Someone on one of the local newsgroups at my ISP spoke about "Cargo Cult Security" recently. The Cargo Cults were people who lived in remote areas of the Pacific who, seeing the wealth of the people who could call down the bright shiny airplanes, built replica airplanes and runways out of vines to entice the airplanes to visit them and give them wealth. Cargo Cult Security is installing software of following some second hand security recommendations without understanding why you are doing it. The biggest problem here is that when something breaks, you won't know how to fix it or even that it's broken. That is the biggest problem with Microsoft "security".
Anomalous: inconsistent with or deviating from what is usual, normal, or expected
Anomalous: deviating from what is usual, normal, or expected
Canard: a false or unfounded repor
Although NT's security model is easily vulnerable to a plethora of attacks, -As are all the Backoffice products, are they any more vulnerable than most other OS's? If you have the most secure OS in the world (I, know, NetBSD) and it is set up incorrectly and most importantly administered incorrectly, then you'll never achieve a level of security that is satisfactory. One _downfall_ of NT is it's useability. I know this is an advantage to many, but also it lets a NOVICE admin guy set up a server any time. If NT OR Linux, Or nearly any other OS is set up by some fool who clicks "next,next,next", you are not going to have the best performing or secure OS in the world. I will say that NT's defaults are some of the worst choices that could ever be made, but these are intended again - to produce an OS thats optimized out of the box - for an idiot. Do you think that "EVERYONE" Full Control is a great default permission? It Sucks. MS Has PLENTY of resources to fix this though. If your NT Server, BSD Server, or Linux Server is working like a sick horse- or being routinely cracked from the web, don't criticize MS or anyone else- RTFM, and then RTFM again. That box is there because someone made a choice to install it. They chose to install it and run whatever backoffice application that your now concerned with. I've worked with NT, Linux, FreeBSD, OS2, BeOS, and many others for as many years as I can remember. If the admin on any of these is lazy in his/her auditing and PRO-active security measures, then the OS is vulnerable. New cracks WILL be found- Its evolution. People with more time on their hands than me spend it finding them. WHEN the company fixes the holes - the Admin has to apply the fix.... Any way- NT is optimized for a half-wit out of the box. If you leave it so, then its your choice. MS neads quicker response time, but SO do most network administrators. Check out http://www.ntsecurity.net http://www.ntfaq.com RTFM. Regards, L0ki
"You never truly understand a thing until you can explain it to your grandmother" -Albert Einstein
Hmm. But exactly _what_ is being encrypted? Your passwords? (does it matter how strong this encryption is, when there's 1000 backdoors waiting to be discovered?) Your network connection? Or just your browser? Do they even say? Does it really matter? Knowing how secure Microsoft OS's have been historically, this sounds like putting a strong deadbolt into a flimsy wood-panel door that's really only suitable for indoor doors.
And here's an even better question: can you export this encryption? (The French just might not care anyway, if it's the only strong link in a weak chain.) Another is to ask whether the filesystem has any security whatsoever, besides "are you sure you want to delete everything in this directory?" Of course, filesystem security doesn't mean jack when you can do whatever you want from the outside anyway.
---
I can't wait for proper speech-recognition.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Actually, if they open sourced the OS, or if they completely redesigned it so that I don't have to reboot it so bloody often, I would cheer them on. I've been begging for _years_ for Microsoft to _please_ make an operating system that wasn't able to suck a golf ball through a garden hose. The last thing I want to do is spend such a large percentage of the time I spend fixing computer problems by waiting for the bloody OS to reboot. 18 times in one session. (okay, I exagerate about the 18 times... more like only 9)
;) but at least I won't hate them for making Billions of dollars each year off of something that completely sucks and everyone would love to be without.
It wouldn't be so bad if we've got a "standard" operating system (alright, dominant/monopoly) that actually works very very well.
Things I would LOVE to see Microsoft do in Windows are proper process control - including being able to kill a process NOW, because _I_ think it's safe, rather than letting whatever program has gone zombie decide if it's safe or not, before finally letting the operating system say "okay, it's dead now. Should I kill it?" after about 45 seconds. The applications that most people use to create documents with already have some sort of functionality to automatically save your work every couple of minutes, just in case things go bad. (why? Because everything is so damn unstable...) The process control Windows has now doesn't help this problem any, because once a program has gone south, 99% of the time there is No Going Back to save your files anyway. Included in "proper process control" are things like telling any process to re-read its configuration file, which you just changed, and to do it without rebooting the whole OS. I hear they've managed this with W2K, but I'm skeptical.
I'd also like to see some decent Protected Memory designed into the OS. I understand that they might have gotten it sort of right this time with W2k, with its much-hailed stability.
And for the love of god, design the filesystem so that you don't _have_ to defrag the drive! It takes long enough to do on a 2 gig drive, let alone the 20 gigs that are typically in new computers.
Another neat functionality that any unix user would really appreciate, is a checkbox somewhere, maybe even hidden deep in the GUI away from clueless eyes, saying "No, I'm not an idiot. You can stop asking me if I'm really sure I wanna do that. (I hereby declare that if I screw up, it's my own damn fault, and I won't sue Microsoft.)"
If Microsoft can do all of these things, that would make me very happy to use Windows. I still won't like Microsoft, because they're Completely Evil(TM), (It's true! Isn't that what the CE in Windows CE means?
---
I can't wait for proper speech-recognition.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
No matter WHAT they do, they're going to be raked over the coals here.
If they hire 1000 people to do nothing but track down bugs and security problems, you people will say it's not enough.
If they totally open-source Win2000 and give away everything, including the source code....you people will say "oh, they're just trying to jump on the Open Source bandwagon...it's all hype".
If they say: "ok, we give up...we're getting out of the OS business"...you people will THEN yell at them for being quiters.
So what I want to know is this....WHAT do you want Microsoft to do?
I disagree. Different people have different skill-sets. If you are an 31337 crypto expert, by all means work on the security, however, if time pressures or a "real" job or plain lack of talent (in my case) or whatever prevent you from contributing actual code base, you can still make a difference to the progress of the open-source steamroller by exposing Micro$haft to ridicule wherever their marketing-driven FUD rears its ugly head. Remember that the mis-perception of a platform's security is in itself, a security flaw.
The poster of the self-extracting .exe link made a valuable contribution. Remember, in marketing perception not reality is everything.
After reading that link, my perception of Microsoft's commitment to security was that it is non-existant.
I'm no expert on win2k security, but I do notice the addition of Kerberos 5, which was not in NT4. Kerberos 5 is not a "minor change".
And what is the "overall picture" you're speaking of? Sounds kinda vague.
I'd like to think that IIS5 is more secure than IIS4; if not, expect to see Barnes and Noble go down some, since they've been running win2k for months now on their servers.
Lest the Slashdot community get too holier-than-thou when it comes to security, let us remember that GNU/Linux has had its share of security problems over the years.
VMS has had it's share of security problems too. So what? A more interesting metric is not whether an OS, or any underlying apps, present security holes, but how quickly they are fixed. See this Securityportal cover story for a comparison of time from announcement to vendor fix between Redhat Linux, Windows NT, and Sun Solaris (see, I can add gratuitous links as well!) I note that Redhat Linux won hands down in this competition, and that's only security updates from a vendor supplied source! I don't know about you, but when I hear about a serious security hole in lpd (for example), I don't wait around for Redhat to go recompile the fix. However, the Securityportal article makes a reasonable assumption that most small to medium sized businesses would probably rely on vendor supplied fixes rather than trying to find a hot Linux guru to compile up to the minute security fixes.
Now, of course, GNU/Linux developers are generally faster than Microsoft when it comes to fixing security holes and they don't, as a rule, engage in the same coverups and spin control as the Microsoft's PR flaks, but the question remains, why are there so many bugs in the first place?
DUH. Because C doesn't bounds check during compilation or run time. That's just ONE reason. Look, I'm no security "expert", but if you're uptight about security, and don't consider yourself competent at securing your own code, then either hire a professional to go through your C code with a fine tooth comb, or write it in some interpreted language like perl, LISP, Scheme, Python (whatever) and let the LANG developers deal with security.
Not that this will make your application any more secure, but it will pass the buck to the likes of Larry.
Other open source operating systems, such as FreeBSD, NetBSD and OpenBSD have had security problems, but not in such numbers as the various GNU/Linux distributions.
This is bogus. And I run OpenBSD, the BSD distribution tailored for security, on my cablemodem gateway and consider it an excellent secure distribution out of the box (CD). But, so what? Can you give me ANY specific examples of userspace application security holes present in Linux that were not present in BSD? Hell, most of the networking kernel holes seemed ubiquitous across just about every OS and networking stack, BSD sockets and streams based.
On the kernel side I seem to remember that both BSD and Linux (and NT!) were vulnerable to the Ping of Death, various Tear Drop attacks and fragmented TCP attacks, and those lovely smurf DOS attacks. Don't see a significant difference here... both the BSD's and Linux kernel groups figured the problems out and posted solutions in record time, while the commercial vendors picked their butts and didn't post fixes for their products I might add.
On the userspace side of things, this is managed project by project. Since much our application software is ported between the BSDs, Linux, and most any other commercial UNIX, there's little difference. A bug in one version of lpd on Linux is almost surely the same bug on BSD
Rather than making fun of Microsoft for its own failings in the security realm, GNU/Linux users and developers could better spend their time improving the security of their OS of choice.
There. Now you said something rational.
For all the things Microsoft say they will do, and which should have been done before, they just don't have the necessary level of paranoia guiding the design.
I haven't tried Win2000 yet, but under NT4 if you can gain access to the PC I use, and you can steal my NT domain password then you can use my digital identity. I selected high security when installing it in browser and mailer, but those applications can just use my private key without so much as a dialog to warn me. It is as if they had decided that dialling in the combination of the safe is too inconvenient so they provide a robot that will do it for anyone who can walk into my office.
There needs to be a fundamental change of attitude, not just some fixing of holes (although that is necessary).
Linux and the BSDs (especially OpenBSD) have a poor (ie., all-or-nothing) security model which is very well-implemented.
Windows NT, on the other hand, has a really good security model but the implementation sucks.
(/me waits for howls of laughter from Slashdot)
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
I am a big fan of accuracy, and so I think that people should probably all use "Linux" when talking about the kernel, and "GNU/Linux" when talking about the system commonly known as "Linux". But that's not going to happen...heck, _I_ don't even follow it :)
However, where can the line be drawn? Do you look at the security of Sendmail and say hey, that counts as Linux? Well, no...Sendmail is run on lots of platforms all over the place. Do you look at a hideous malformation like rdist? Not really...I don't even think that's GNU. X Windows? Not GNU, either.
What, then, is left of Linux? In my mind, Debian shows it best. If you install from floppy disks, you have your basic UNIX system, about 30MB of software. Tar, gzip, more, ftp, telnet--all the collectable charachters! THIS is Linux. Though even then, tcpwrappers is included, which is not Linux-specific...
Of course, the reason that I agree with you is that no one could use that system. OpenSSH or SSH would go first, and then Apache, Sendmail, etc. depending on the function...but, I could just as easily use AOLserver, zeuss, zmailer, qmail, etc. as those 2. That's why it's hard to nail apps to Linux...sure, there are ones that MOST people use, but there are no real DEFAULTS. With Linux, you get to pick from several GNU alternatives, each interesting in its own way. With NT, you get One Microsoft Way...not fuzzy at all. But not my style, either.
And, it is too bad about the zealots. My machine _is_ dual boot, and I know my TNT is faster under '98...but I haven't booted '98 in months, since I got the PSX...
WMBC freeform/independent online radio.
NT's security is NOTHING like you'll find on linux or any other unix or similar. Whohoa. On what kind of fact is this based?? On the fact Unix's security is based on 1 superuser which is needed for all daemons? on userrights instead of object rights?
To me it sounds like people who rate NT's security as 'lame and nowhere the level of security on Unix is' really don't have a clue about how NT's security works.
Let me sum up a small list of items, related to the topic. This is not ment for a flamebate, but to let unixpeople learn it's not windows 9x we're talking about, but NT/windows2000.
- NT is in the US/Canada area already 128bit for years. Windows 2000 will be using 128bit security worldwide.
- NT 3.x and 4.x uses the weak NTLM protocol. It could be tough to break but in areas outside US/Canada, the encryptionkey was too short to hold long. Windows2000 will use Kerberos strong encryption, which is an industry standard. Poking at MS that their encryption is weak (especially in their upcoming product) is without ground, because Kerberos is a proven secure technology.
- NT uses security throughout the system on objects. It's then way more flexible to set security flags, without the necessity to open up the system because a certain daemon needs root access, for example.
- MS fixes security leaks within 24 hours most of the time. Arguing it takes ages to get a fix are therefor unfounded.
- In the past year, there were some minor security glitches in NT itself. The security bugs in IIS are due to leaks in modules that IIS uses, not IIS itself, like the idq.dll module for old style indexserver queries. Today you don't need these modules. Still, unskilled administrators install the basic set. Like unskilled administrators will with RedHat 6.x on their hands. That's why there are idiotproof docs to guide these (majority, unfortunately) people.
:) - IE holes are a problem, but who surfs the net on a production server.
- MS provides a bulkload of security documents how to implement security on your servers. These are perhaps silly for die hard techies ("Duh! don't install the examples!!"), but MOST of the system administrators, ALSO on unix, are not people with 10 to 12 years of experience with administrating servers. Don't forget that. Most sites which are hacked are setup by not well skilled people. Pointing at the OS is silly. No-one says unix is unsave because sendmail is crap. the administrator should be aware that the sendmail on his system is likely an older version than available today.
- Which brings the last and most important subject to the surface: if you don't follow the security sites, if you don't apply patches REGULARLY!, if you don't know what to close and what to remove from the system to keep/make it secure, and most important: if you DON'T let a 3rd party, specialized in security, scan your systems for leaks, your system won't BE secure, no matter what kind of OS you have. Admitted: some OS-es have LESS open doors than others, but NO OS has NONE closed doors. Don't forget that.
NT 4 was a wise lesson for MS. They have it on track now, but it has been a long road. It's nowhere near the end, there are still areas for improvement, but these are there too in other OS-es, like Linux or *BSD. Being aware of the weaknesses of your own system is a Good Thing (tm). You can then secure it more. Blinding yourself with talk that only MS makes insecure stuff is silly. Ask all those Solaris administrators currently suffering the DoS wormsBashing the FUTURE without knowing what it will bring (have you all used Win2K server??? have you tested the security???) with the facts of old material from the past is not fair. If you turn around the roles and people will bash Linux using the hundreds of holes in all the distributions which were found in the last 2 years and say: "linux is not secure... because of all those leaks in it in the past years." is that fair? I'm pretty sure you'll say: "No!".
Never underestimate the relief of true separation of Religion and State.
Lest the Slashdot community get too holier-than-thou when it comes to security, let us remember that GNU/Linux has had its share of security problems over the years.
Now, of course, GNU/Linux developers are generally faster than Microsoft when it comes to fixing security holes and they don't, as a rule, engage in the same coverups and spin control as the Microsoft's PR flaks, but the question remains, why are there so many bugs in the first place?
Other open source operating systems, such as FreeBSD, NetBSD and OpenBSD have had security problems, but not in such numbers as the various GNU/Linux distributions.
Rather than making fun of Microsoft for its own failings in the security realm, GNU/Linux users and developers could better spend their time improving the security of their OS of choice.
Ooo, 128-bit encryption, that's 16 whole BYTES. No one will ever break that...
We all know that the W2K machine that was "naked" on the internet had no problems at all. Nooo. Uh uh. And if they gave you that Administrator password, it'd be *fine*. (Compare to the linux box. um... no, no comparison.)
What are they going to do to enhance security, stop selling Office? Those pesky macros, always making my paperclip sick...
But seriously, folks, now that Microsoft released this to the press, that they're really *really* serious about it this time, and they're going to be extra-nice by charging us more for this week's upgrade, don't you think we should let them play with the big boys yet?
Nah, I didn't think so either.
Sure, it's easy to criticise Microsoft. Because it's so much fun. And historically accurate. I mean, if they wanted to try to do better now, they'd have to issue a formal apology to anyone who ever had to suffer through an unpatched Windows bug. Whoops, I think that's everyone!
</CHEAP SHOT>
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
I think that's pretty obvious when they don't open source the OS! :)
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
This marketroid piece was so full of holes it's not even funny anymore...
Microsoft has made a comprehensive effort to build Windows 2000 with security in mind, including having a staff of 15 people study the code for breaches, denials of service, and bugs.
15 people to review... What was it? 30 MILLION lines of code? And what was the qualification of these people? Script Kiddies??
A preliminary version of the product also was put on the Internet to enable users to look for security breaches, Valentine said. Within two weeks, four denials of service bugs were found, but no breaches were discovered, he said.
As Dr Evil would say: "Riiiiiiight"... Within two weeks, the NT2K server crashed so many times they decided to put it off-line. I'll let you, gentle reader, decide for yourself what that means...
Source code also was delivered to 70 agencies and universities around the world for their perusal.
*Yawn* Which Universities? Which Agencies? (Mindcraft???!!!) Names, references, Web site? Results of aforementioned "perusal"? Are these results published anywhere? (Probably not...) Were the "agencies" able to modify the source code?
As someone else said: "Microsoft is not an answer. Microsoft is a question. The answer is: No".
Read my lips Microsoft: Open-Source is going to bury you alive. Commodification of hardware, commodification of OS is the end of Bill's Evil Empire. The penguin and the demon will dance on your graves... (insert Dr Evil most sinister laughter here)
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
This is too funny - check out what Microsoft recommends for you to do, to see the IIS 4.0 Security checklist.
It's good to see that they're giving us those safety tips already.
This is off of http://www.microsoft.com/security/ - the link is in the article too, but it's broken.
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
I used to work for a Microsoft Solution Provider, whose job it was to sell and support Microsoft products. And yet they have several different levels of support which they charged us for. We actually had to pay for "Premium" support to get access to information, knowledge base articles etc that would help us fix or workaround a problem one of our clients had with their products. In other words, they were denying us access to information, fixes, known problems, incompatabilities, etc. that would help us do our job supporting THEM and THEIR software unless we paid them. And we were an "Official" Microsoft Solution Provider!!
Microsoft, security, commitment, 128-bit encryption....
I've read this yesterday:
There was a kangaroo in one zoo. And every day it somehow been managing escaping from its cell. Then the zoo has built higher fencing around it. But kangaroo escaped once again. Then the zoo has built a 20 feet high fence. Once again - kangaroo escaped. A neighbour hippo chatting with our hero:
H: Well, how high you think they'll build it?
K: Don't know, 100 feet maybe. But really - they should've start locking my cell door first.
Morale: No zillion bits encryption will help M$ as long as their "NT security guide" is dedicated to selecting proper chains to attach servers to the room walls.
Asking several interesting poll questions to the average cnn reading user:
Do you trust linux security?
Average users thoughts: "hmm that's internet isn't it? that must be insecure"
result:
yes : 25%
no : 75%
Do you trust *BSD?
"huh, *BSD? that must be something I don't know
result:
yes : 5%
no : 95%
Do you hand a waiter you don't know your credit card to pay the bill?
"what would they mean by that? why not?"
result:
yes : 95%
no : 5%
Again I feel forced to criticize this "poll". Ppeople don't trust internet.. why? no reason really.
They trust the mailman with postcards but they don't trust a server with their boring e-mail message.
They trust waiters in tiny restaurants in the most corrupt nations in the world with their credit card yet they have doubts about using that card in a way that actually transmits their number/expiry date encrypted.
So what do we learn from this poll?
Well, the only thing I learn is that people don't want to do or use stuff for irrational reasons until told by those people who are least knowledgable about said stuff (their neighbours-brothers- second cousin) that doing/using it is ok.
The internet is just as secure as any shopping street, but you need a college level education to be a pickpocket.
I know I don't have to say it, but the security is nothing like what you'd find in Linux (or any UNIX that comes to mind). The Win 2000 "Administrator" account has nothing on root :)
Thumbs up to Microsoft for (at least) making a decent effort at a flexible, easy to use, and relatively secure operating system (to say it bluntly, "as good as Windows will be for a long while").
Build 2195 has also made some great strides from the bugged menus and SMP slipups of the early betas (you might remember even RC1 had some serious pitfalls). As much as I may hate to admit it, Microsoft did its homework on this one.
Win 2000, although perhaps not the Ultimate answer to Linux, is IMHO better in most aspects than NT. It's going on my first personal box for the time being (Red Hat 6.1 on the other) - and also on my webcam server until there's decent USB support in Linux.
--------
Oscarfish.com: tropical fish with attitude. Way t