Slashdot Mirror
Whistler MAY Refuse To Run All Unsigned Code UPDATED
Carnage4Life writes: "This ZDNet article describes how Microsoft's next generation consumer OS, condenamed Whistler, will begin a tradition started by Windows 2000 where programs that have not been digitally signed by Microsoft certified signature are flagged. Currently Windows 2000 merely issues a warning when an uncertified/unsigned device driver is used, the Microsoft vision is to expand this to include all executable programs.
On the surface, this may seem like a good idea until one realizes that this means that it is conceivable that all executables that expect to run on Windows will have to be Microsoft certified or risk being flagged or even worse refused to run on future Microsoft OSes. As the ZDNet article speculates, this will put even more power over Windows software developers in the hands of Microsoft. " This story has been turning up a bit over the last few days - while I'm not one to buy into conspiracy theories, this whole thing seems like a plan that originally had good intentions, but the potentials for foul play are pretty easy to think up.Well, I've finally got X running again and can update this story - I should have been more clear that this is /not/ set in stone, but a potential path.
Y'know, this kind of crap doesn't help the Geek Community At Large overcome the image of being a bunch of fanatical morons
Hemos took a lot of liberty with my submission including changing the title as well as cutting of some technical analysis at the end of my submission.
Basically the gist of my submission was that Microsoft is taking a heavyhanded and incorrect approach to attempting to solve the problems with Outlook viruses and the like. Specifically, instead of coming up with some Draconian all-or-nothing security policy why not introduce more granular access levels to Whistler?
For example, I currently run ZoneAlarm and it prompts whenever a program I haven't given permission tries to access the Internet (in fact I found a Trojan this way). ZoneAlarm has three permission settings Always Deny, Always Allow, and Always Ask. I wouldn't mind seeing such functionality moved to the OS and made even more granular so that programs have very explicit permissions as to what they can do (similar to java.policy files). Outlook should not be able to tweak the registry nor delete files (via the ILOVEYOU virus) regardless of whether it is signed by Microsoft or not.
Basically I am proposing something similar to Access Control Lists for executables on the OS, after all, there already is a central repository of information (the registry) so adding that data shouldn't be too hard.
Second Law of Blissful Ignorance
[bill] :: The Win2K launch has been a raging success. What items do we have to discuss for future development.
[steve] :: Well, we've had very strong feedback regarding the unsigned driver warning in 2K. We'd like to expand that for Whistler.
[bill] :: Tell me more.
[steve] :: We'd like to require that all apps be signed and certified by a special team of Application SSigning Speciallists, or ASSes before they are permitted to run on Whister.
[bill] :: What's the up side for us?
[steve] :: Through effective marketing to the open source community we can get them to submit their code for certification. This will undoubtedly provide us insights into how to fix things in our own system. Additionally we can charge for this service and eliminate the drain from our evil tactics fund.
[bill] :: I think we should run this by legal. Jim, what's legal's take on this.
[jim] :: We're on board for now. Now that things in Florida are starting to look like Dubya will win we can divert some of our team from the anti-trust case to preparing the spin for this. We should be able to cut our potential detractors off at the knees.
[bill] :: Great! To prepare for this, we need to send all of our coders through that advanced firearms training course. We don't want anybody to miss their foot when release time comes.
Code commentary is like sex.
If it's good, it's VERY good.
My office has been taken over by iPod people.
Whistler will have the option to only run signed applications. You can turn this off. If people find that they need to run older software, then they WILL turn it off. Since developers need to be able to run unsigned applications (you can't get a certificate for each incremental compile), this will have to always be an option.
God, no kidding. What amazes me is that when this cropped up a couple weeks ago on The Register, I submitted an article about this being an option... it was refused in the space of an hour.
Apparently refusing to read the entire article and making the headline as sensational as possible is a formula for success when you're looking to get a Slashdot headline.
From what I read on the article, it means that you have the *option* to set up the OS to warn you if you are trying to use an application that is unsigned by Micro$oft. It also says that you have the option to send it to them for testing so they can approve it and stuff. I think that is fine, so long as this ability is an option. It sounds like a decent security feature to me for a closed system. I know it goes completely against the open source ideals, but for M$ to improve their security this is one way to do it. If you are running a machine at work running Win2k or Whistler (when it comes out) that could be good to have this option enabled because you only want to run a few applications and services that your company approves, and you don't want people installing software that could potentially cause a problem on your system or network. Also, you can leave it disabled on your PC at home (if you want to run one of these crappy OS's) and install whatever you want. I don't really see a downside to this, if someone doesn't want to use this option but wants the OS, they simply turn it off. If this were mandatory, It would be crazy.
Mas vale cholo, que mal acompañado.
Y'know, this kind of crap doesn't help the Geek Community At Large overcome the image of being a bunch of fanatical morons. Every time I think that Slashdot just might be making the transition into mature, thoughtful news reporting, this kind of rubbish appears on the front page. It's an OPTION. you can turn it OFF. I don't recall seeing healines of "Linux Installs Insecure By Default" because several distros automatically installed and configured an insecure WU-FTP...
When am I going to be able to read Slashdot without feeling like I'm listening to a bunch of pre-teen 133t k1dd13z taking shots at The Man on #haX0rzC3ntRa1?
$ man reality
Obliteracy: Words with explosions
The only freedom we have exists because we can connect Turing devices to the net. Once we are forced to use hardware or software that can perform only "approved" functions, any freedoms we have are in the hands of the people who approve those functions. You will only be anonymous if Bill Gates wants to allow anonymity. You will only have free speech if Bill Gates prefers it. Even your intellectual property rights will be mediated through Bill Gates' software.
Here's how the net ends -- not with a bang but an upgrade. The government won't put a gun to your head and make you give up your civil rights online. Instead, Microsoft and other vendors will come out with new features that you've just got to have. Well, maybe not you, but when every other person on the internet blindly upgrades, you will find yourself longing for them.
That's the dark flipside of the law of network efficiency. A network's value is proporational to the square of the number of people on it. And as the rest of the net flees to a Microsoft-only, proprietary operating system, using proprietary protocols, with none of your code allowed, you will discover that the remaining free network's value to you is being square-rooted.
No, you say, I'm a hardcore free-software supporter. Sure. You may be the hardest of the hard-core, but will even you continue to use a truly free, non-proprietary internet when the only people on it are you and RMS? How will it feel, being the Amish of the next century? As the world around you embraces Windows 20xx and its wonderful billg-approved code, you'll be stuck in your horse and buggy, refusing to use them newfangled zippers because you think they're the tool of the devil.
C'mon, you know you'll want to send email to all your friends, and check out the cool new holographic websites (that 2-D stuff is so 2000). All you have to do is install the new version of Windows. No, you might not be able to compile your own programs, or upload websites which the Nonobscenity Certification Board fails to approve, but isn't that a small price to pay?
Jamie McCarthy
Jamie McCarthy
jamie.mccarthy.vg
Whistler will have the option to only run signed applications. You can turn this off.
The average user does not tweak defaults, especially when the menu options are as hidden as they are in Microsoft products. After all there has been an option to turn of scripting support in Outlook for several years yet Melissa and ILOVEYOU theoretically caused billions of dollars in damage because people do not change the default settings.
Anyway, how many non-computer savvy people are going to run an executable if Windows pops up a suitably scary error message up? After all Microsoft effectively killed Dr DOS with phony error messages. If Microsoft decides to implement this policy it is very conceivable that all the major software houses will get Windows Certified(TM) thus pressurizing smaller shops to do the same. Where does this then leave independent developers?
Second Law of Blissful Ignorance