Microsoft Hack a National Security Threat

Scott Treadwell writes "The Center for Strategic and International Studies (CSIS) stated in a 73 page report, that the government and the private sector should be concerned about the " trustworthiness" of future Microsoft products. This, in the aftermath of the October hack into the Microsoft's network in which an attacker allegedly gained access to Windows source code. "With most military and government systems powered by Microsoft software and more generally reliant on [commercial, off-the-shelf systems], this recent development can pose grave national-security-related concerns""

Corrected link

[ortholattice]

here

does anyone find it funny that....

...it took a hack into the holy temple microsoft before Redmond's code was considered a security threat?

Personally, when MS and the NSA started colluding, that's when I started considering MS products to be a security threat. I could never figure out why the justice dept. would want to shoot itself in the foot by hobbling their (indirect) relationship with Microsoft.

Anyway, I suppose the hacker(s) could disclose whatever source they have and claim to do it in interst of National Security(tm). Kinda' like Zimmerman publishing a book containing the source for PGP inorder to get a grandfathered, post facto export restriction waiver.

Perhaps this is all some sort of grade facde by Microsoft to get their Win2K source under the many eyeballs that will (hopefully) make MS's thousands of bugs shallow.

But hey, as the saying goes, "[...] when the going get weird, the weird turn pro [...]" and MS's shares have taken a huge hit lately.

I was already suspicious

[John+Jorsett]

Remember the "NSA key" brouhaha around Microsoft a while back? I'd be equally concerned about MSFT putting stuff in their code on purpose, and not just some group of crackers. Not to mention the inadvertent (or are they? Hmmm.) security bugs that show up every week or so.

Re:Trust? Not our gov't...

[ocie]

The problem is that the "bad guys" may be more resourceful than those working for the government. Also, any code review might have been made under the assumption that this source code would not available to the attackers. Finally, consider this: the source code was lifted from Microsoft's site, Microsoft presumably knows their own software better than anyone and should be best able to secure it. If their site was compromised, how secure should other sites feel that don't have the "Home OS advantage"?

Re:And this comes as a shock?

[Lover's+Arrival,+The]

It's so true. I remember when I very first used Linux, after being in the world of Microsoft and Macintosh for years, and I thought it was really odd and backwards that I had to log in and out all of the time to do simple things! But now I can see that there are lots of advantages. Did you know that there are no viruses for Linux at all (except one that was made as an academic exercise just to show it could be done)?

That is what I like about Linux most of all - its security and stability. Its good when I'm working on my portfolio to not have to fearfullt press the 'save as' button all the time. I wish there were more art programs for it though.

The beauty of the 'I Love You' virus, AFAIK, was not in the program code itself but in the insightful understanding of Human Nature it showed. I know when I recieved one, I opened it (tee hee!) in a fit of curiosity. I really was disappointed though :-(

Re:How do we resolve this paradox?

[lomion]

Actually its more along the lines of what may have been altered as well as seen. Their is no real way for them to know if something was altered unless they do a full audit, im not even sure they could do such a thing in a reasonable amount of time due to the sheer size of the beasts they area talking about.

Also this code was stolen, it was never open so the bad guys may know something no one else can find out because no on else can see it.

In the long run i dont think either method is inherently more secure. Security by obscurity is know to fail, it has been proven many times. Now this is not the same as publishing a full exploit which imho is reckless and dangerous since it just leads to increased script kiddie attacks.

Source Revelation a Security Compromise?

[khog]

What surprises me is that they deem a revelation of source code a security risk. That, if anything, shows a lack of faith in OSS.

As much as it may chagrin me to admit it, Microsoft has some thirty-five thousand people working for it, and while they may not be able to or want to audit their code in an OpenBSD-like manner, I am sure they have an entire security department. And I am also pretty sure that they know that security through obscurity doesn't work.

My point, and I do have one, is that Microsoft does have its stuff together, to a certain extent. W2K and NT4, while not suitable for an Internet server, do well in a Microsoft only Intranet environment. If the government gets scared because of 9x or NTKRNL code being let out, what must they think about things who's code has always been available? Yes, it allows for public contributions and improvements, but it also allows for public analysis, scrutiny, and discovery of bugs.

Definitely not a Karma whore,
Mike "My Bucket's Got a Hole in It" Greenberg

Re:Source Revelation a Security Compromise?

[31:]

well, in the *article* it specifically says the concern was that some of the source code could have been modified, and they didn't trust microsoft's ability to sanitize it...

Moy... how many questions like this are gonna get moderated up?

---
I'm not ashamed. It's the computer age, nerds are in.
They're still in, aren't they?

Re:Source Revelation a Security Compromise?

[mmol_6453]

>Yes, it allows for public contributions and
>improvements, but it also allows for public
>analysis, scrutiny, and discovery of bugs.

I understood that to be the whole point...

Besides...If someone finds a bug and doesn't tell anyone about it, (hoping to use the bug for himself) someone else will probably find the bug, and it'll be gone within a kernel release or two.

Mike

Re:Source Revelation a Security Compromise?

[khog]

Ferdinand de Lesseps was the Frenchman in charge of building the Panama Canal. He elected himself to undertake the daunting project because he had recently completed the Suez Canal under budget and ahead of schedule; de Lesseps managed this because of the stroke of an engineer's genius. He counted upon a similar serendipitous event in a pathetic, humanist fashion. After almost forty years and a couple thousand men, the French gave up.

My point is that you shouldn't count on a bug being found. OpenBSD does code audits because it is necessary to be pro-active about bug and hole discovery. It's not enough to say "someone...will probably find the bug, and it'll be gone within a kernel release or two." You can't count on serendipity.

Mike Greenberg

Re:Source Revelation a Security Compromise?

[Virtua]

The answer is that open-sourcing may be good for discovery of bugs, but who discovers these bugs? The report-writers advocate that Microsoft products, being a critical private-sector asset, be made available to government security agencies.

Suppose that Microsoft products were made open-source. Then there would be a race to find the inherent bugs. This race is not just between individual well-meaning hackers, but also involves belligerent nations.

One of these is China. Chinese Information Warfare (IW) theorists have advocated the "take-home People's War", meaning that it will dedicate its indigenous IT talent to the task of bug-finding. Every bug then becomes part of its IW arsenal, which may be unleased immediately to disrupt US productivity, or kept in a knowledge repository for future use. This may be in regional conflicts (like Korea), in tactical disruption operations.

Therefore, what we should avoid is to allow this race-condition on the hacker level to occur, easing their IW task. No matter how good the OSS principles are in theory, you don't want a hiccup (an implementation imperfection) to leave you exposed unnecessarily.

Therefore, the information is restricted to Microsoft and US security enforcement agencies. There is a good point elsewhere about how we can trust Microsoft employees inherently. Well, you can't. That's how Russia got the atomic bomb, through spying. Now that's a real security headache.

Re:Source Revelation a Security Compromise?

[gatesh8r]

I am sure they have an entire security department.

They must be the laziest department in M$... :)

I wonder what the qualifications could be for that job? "Do you know how to point-and-click? If you can, we got a security job for you!"

NEWS for Nerds, Stuff that Matters

[suwain_2]

...this recent development can pose grave national-security-related concerns

Umm... Now I'm scared. Hasn't Microsoft always been a security threat? I started this post off as a joke, but then I realized something -- the US government is filing an "Anti-Trust" lawsuit against Microsoft. Now, last time I checked, "Anti-Trust" means that you don't trust them...

So why are they just now saying that they should be wary of Microsoft products? Strangely, I'm reminded of that ad Microsoft ran in Germany, with pictures of penguins with an elephant's trunk, etc..., saying something to the effect of "What if your penguin becomes something else?" It just seems so fitting when reversed. What if your "super-high-security" Windows server suddenly becomes the carrier of a virus the crackers did, when they "cracked" into Microsoft? Nothing! It's closed source; you're left to fear Microsoft. But what about Linux? If it suddenly warps into the same thing, you remove a few lines of code, and go over it to make sure it's secure.

Re:NEWS for Nerds, Stuff that Matters

[cyber-vandal]

The thing is, though, that there's nothing to stop you fixing it yourself, as you have all the source available. You don't have to wait for the Microsoft bureaucracy to decide it's important enough for them to fix.

Re:NEWS for Nerds, Stuff that Matters

[Graymalkin]

Or under the same token you can hire a professional security company to get a license from Microsoft for the component in question and audit it for you and then you're the only one who can use it. This is not illegal and according to a second hand account is actually endorsed by Microsoft provided you do not distribute the code to anyone (a pretty fierce NDA) and make them aware of the audit made. Costs just about as much money as having an open sourced component and sending it to professional auditors.

Re:NEWS for Nerds, Stuff that Matters

[cyber-vandal]

Does it really? Do you have any evidence to back this up? And it still doesn't fix the problem for everyone unless Microsoft sees it as a serious problem.

Re:NEWS for Nerds, Stuff that Matters

[Graymalkin]

Anti-trust has nothing to do with believing what someone says. Besides which, with Linux nothing is as simple as removing a few lines of code. Looking at some code doesn't give you some in depth knowledge of the underpinnings of a program. Linux is alot more complex than chaging a few lines of code and going over it to make it secure.

Re:NEWS for Nerds, Stuff that Matters

[Graymalkin]

Someone doing a quick code hack in Linux doesn't always fix the problem for everyone else either.

How could they modify Windows source?

[Nightlight3]

As if Microsoft doesn't have at least dozens of full source backups, scattered over several locations, online and offline. The most hackers could modify would be few online copies. It probably didn't take MS more than an afternoon to check and restore all the source files.

The article on the CNN site (and the junk "study" they chose to publicize) is nonsense. Since Time-Warner owns CNN and AOL owns TW (or it is about to), and AOL is battling Microsoft, it is obvious why CNN would select to publicize that particular instance of junk science. Some little weasel at CNN is trying to get on the good side of the new bosses.

Which Microsoft hack?

[Snowfox]

Which Microsoft hack would this be?

Is this the Windows9x-on-top-of-DOS Microsoft hack?

Is this the "invent your own language" MS Word Grammar Checker Microsoft hack?

Or is this the mutex display bit "one program freezes your OS" Microsoft 3.1 and 95 hack?

Or is this the web-browser-turned-drive-explorer hack?

Or is this the always-locking-up ftp hack?

Maybe this is the "some versions of Direct 3D render bitmaps upside down, others don't, depending on which version of the interface you probe" Microsoft hack?

No, I'll bet it's the unstable "oversized int destroys your registry and requires reinstall" Microsoft hack.

Nyet. It's got to be the brain dead Outlook stationery format Microsoft hack.

No wait, I'll bet it's...

Slowly they come around

Security-Enhanced Linux

It's about time the government

• got some software that does what they want, not what M$ wants (or what some hacker in Russia wants)
• advocated the use of standards (non-MS TCP, non-.doc)
• reaped some payoff from (arguably) the most successful government program yet (ARPAnet)

Yes, The People's memory is short. Nixon died a hero, Ollie North has a radio talk show and we still use punch card ballots. Maybe it'll take a M$ brekaup AND an hack AND another destroyer blue-screening before they get a clue. It seems that only scorched-earth crises like these work.

Re:How does the hack change things?

[richie123]

I sure milatary applications are different, but I doubt that most government agencies have any speacial relationship with MS, In my experience government departments buy and use compters in much the same way any business would.
The point is simple, if the code was lifted, than the code is out there, and the bad guys have it, and the good guys don't. That puts the government, and business that rely on MS code for security are at greater danger than would have been otherwise (not that relying on MS for secutiry was ever a good idea.)

Re:Worse than you might think

[Bluesee]

True. There are specific procedures for creating a document on a classified system and then producing an unclassified version of it. And for the reasons mentioned above (pieces of the document remain in the doc long after they are deleted), no unclass MS Word, Excel, Powerpoint documents are allowed to be created on a class machine (it is a security infraction / violation). Only pure ascii text and binary pictures.

I don't get this part: how can this be a Cracking (as opposed to hacking as CNN inaccurately refers to it) problem? No secure system is permitted to be on the Internet without proper encryption, which is supposed to secure the information independent of what OS is being used. So no one can get sensitive information if it is handled properly, i.e., according to the rules.

Re:And this comes as a shock?

[mrzaph0d]

Did you know that there are no viruses for Linux at all (except one that was made as an academic exercise just to show it could be done)?

i think the reasons that there aren't any viruses for linix is because 1) linux is still not as widespread as Microsoft. no reason to make a virus that will attack a minority of users when you can make one that will attack the majority; 2) most linux users (i'm assuming, could be wrong) will be the type who keep up to date on viruses and the like and therefore would know not to open attachments if they aren't sure what it is.

"Leave the gun, take the canoli."

Just a small text file

Are we forgetting that Perl and Shell scripts are also "small text file"-based. The problem isn't the "stupid text files", it's the fact that a user on Windows is running as the equivalent of root. Any program you execute (on purpose or by accident) can have total control of your machine. THAT is the mistake.

I can run a "small text file" on Linux that could wreck my machine, but I'd have to be running as root. Otherwise, it can only mess up my personal files, and never touch the system. Unfortunately it'll be quite a pain to re-engineer Windows to actually properly implement security, but that's not MY problem :)

And yes, I am a Linux user and I love it!

Re:Trusting Non-USA MS Employees?

[dattaway]

All windows development happens in Redmond.

But...

Re:Worse than you might think

[Bluesee]

>>The "ASCII text" restriction isn't exactly an ideal protection.

That's true, of course! But the government doesn't rely on pure technology to solve the security problem. They also screen and train people so that they can trust them with security.

There are no ideal protections, but there are 'cleared' and 'uncleared' people.

Very interesting thoughts about open source

[cr@ckwhore]

These concerns are certainly valid! Micro$oft products are inferior for mission critical tasks, and most everyone knows it. Granted, M$'s OSs are great for every John Smith home user.

What I find interesting is the comment about how national security is inheritly as risk because of a potential leak of source code. Why is that dangerous? After all, people @ m$ have had access to the code all along. I think they see the danger because the code was potentially gained by malicious activities.

With that said, what about open source? Wouldn't an OS like Linux be more dangerous because 'hackers' can get the source without effort? NOPE. In fact, I'd like to draw the conclusion that open source OSs like linux are more secure because the everybody can get the code. Security flaws are fewer because of the pure number of eyes looking at the code.

Perhaps the Fed should stop dumping tax dollars into M$ (especially since they are sueing the f* out of 'em). Think about that... FREE and true security, and some extra $$ to give back to the people who pay the bills.

--cr@ckwhore

Re:Very interesting thoughts about open source

[Graymalkin]

Who's ass did you drag your conclusions out of? With your logic process, Linux is inferior for mission critical tasks. Wait which tasks? Well you didn't specify either. Any networked operating system you pick out of a bin full of them all have their good points and bad points as well as their own fucking list of security flaws. Because an OS has the possibility for more eyes to look at it doesn't mean those eyes actually do or that they are qualified to make security audits? Great fucking conclusions man. Oh yeah, security audits take time and often times money. This is not a free process. Few people have the benefit of funding to basically do charity work auditing security of computer operating systems.

Re:Very interesting thoughts about open source

[cr@ckwhore]

I'm sorry you misunderstood my point. I was simply trying to spawn a little thought about *why* leaked code from a closed source system is *dangerous* versus freely viewable code from an open source system. I think there's something to be said about open source when drawing those parallels. Take a minute and think about it.

Who's ass did I drag my conclusions out of? Mine! A little FYI about me: I'm responsible for a number of 'mission critical' systems 24/7/365. These systems run various OSs and perform various tasks. They are considered mission critical because downtime is intolerable and lives are literally at stake. Where the ass meets the pavement, you can talk about or m$ systems all day, but they can't handle SERIOUS uptime. My m$ based systems will probably cause me heart attacks someday.

Re:People need to realize

[SuiteSisterMary]

We'll consider a default Window ME install to be very useable, but rather insecure. Now, add a small filesystem layer that encrypts and decrypts everything to and from the hard drive. Replace the usual login password with something that checks an individual's physical traits(such as DNA or maybe fingerprints). Make sure that it's checked as soon as possible. I'd replace the BIOS with whatever checks for the DNA/fingerprint. We'll also assume this workstation isn't physically connected to any other.

Spoken like somebody who has no idea what computer security is. I'll start with a few of the basics, just to get you started. For more information, in a fairly simple format, find O'Reilly's "Computer Security Basics."

1. There's no access controls. Great, you're checking DNA. What stops me from walking in and yanking the power? Or buggering off with the box itself for later decrypt?
2. What sort of user protections are there? You named Windows ME, so we'll use that. No ACLs, no auditing, nothing of the sort. A 'secure' system audits, generally through hard copy (which can't be invisibly altered) every, and I mean EVERY action.
3. This thing has a floppy drive, and a CD-ROM, so I won't even get into the idea of walking in with a linux boot disk and a parallel port ZIP drive and copying the drive for later perusal and decrypt. See point 1 above.
4. You failed to mention any sort of backup scheme, as well as disaster avoidance/recovery. That means I can deny the system to you with a flick of the circut breaker in the basement/closet.
5. Also, this being Windows ME, anything beyond the most basic of fault tolerence is impossible.
6. You failed to mention any sort of human protections; DNA/Fingerprints are very easy to get ahold of. I can convince you to put your finger on it, one way or another. Do you have a 'duress' password you can supply, which will trigger a silent alarm, but not tip off the intruder?
7. Again being commodity hardware, this thing probably isn't TEMPEST shielded.
8. This being Windows ME, it doesn't support process isolation, etc etc. I can write a two line program, in Visual Basic, that will grind the machine to a smoking halt.
9. If it's not connected to anything else, in any way, that obviously precludes a network, or the Internet. Suddenly it's not so usable.
10. This being Windows ME, you have NO way of doing a code audit, and no way of guarenteeing the swift and competant fixing of any bugs.
11. I won't even get into the inherant stupidity of trying to use WinME for anything, including games. Before you saying anything else, please do read up on the subject at hand. Start with the O'Reilly book referenced above, then a few others I can name, "Practical UNIX and Internet Security" being first on the list.

Obscurity

[Perdo]

Security through obscurity will always haunt microsoft. Obsuruity is obviously the only security they have. That is why they want to shut down bugtraq. Perpetual critical security updates are their only defence against people who uncover flaws in their operating systems. By nature of the way they operate, the crackers will always win. They will not post an update untill an exploit is found and used. The damage having already been done, they use a band-aid.

Re:Obscurity

[hammock]

Read the BugTraq archives, it is true.

Well, I guess so...

[DiviN]

Okay, if we believe for a moment that M$ was not entirely truthful in regards to the intruders not having changed anything [or if M$ hasn't nboticed the changes as yet], then there is certainly a certain danger.

Imagine the intruders, in the weeks they had access to win02 dropped a couple of trojans.
Imagine that any computer running that system in future can be rendered useless / or can be highjacked [chipnapped?] by anyone who has a certain key [like Alt+Tab+F12; Shift+F12; Shift+F12].

Now imagine that a second trojan is activated by the first one and the second's job is to collect all passwords/access codes, etc., compile a list and rename the list as a system or dll file, to be stored in an unsuspicous location.

The rest would then be easy... What if the computer in question belongs to someone working on calssified materials, or worse, on bank loan approvals, etc?

For once I agree that there is a fair chance of some danger to anybody's security - ie. every country's national security. More importantly, a danger to the security of our employers...

Re:Well, I guess so...

[mab]

Forget puting trogans in win200 or any of thier OS's the place to put this sort of stuff is in the compiler:)

Re:Why Linux wouldn't be better...

[31:]

well, their concern was the source was modified. In the (gasp! someone read it!) article, the concern was that the source code couldn't be sanitized... if someone did make a change, in millions of lines of code, is microsoft gonna notice?

And well, linux is not that hard to hack into... i've had to deal with too many friend's hacked boxes recently (thanks, RH)... but all computers suck. linux sucks, microsoft sucks, apple sucks... and well, frankly, the longer they suck and are insecure, the longer i've got a job.

---
I'm not ashamed. It's the computer age, nerds are in.
They're still in, aren't they?

Re:Title has an extra word

[31:]

hmm... would a post about "Linux a National Security Threat" be insightful? Or maybe the moderater was having homonym problems, and meant inciteful.

---
I'm not ashamed. It's the computer age, nerds are in.
They're still in, aren't they?

microsoft HACK a security threat?

[gbd]

hi all (george here)

christ on a stick, i think microsoft ITSELF is a national security threat! the fact that grown adults would trust sensitive security matters to an animated paper clip scares the CRAP out of me. what's next, are we going to drive down to disney world and give the plans for the B-3 bomber to goofy!! or maybe we should fax all of osama bin laddin's movements to daffy duck!! god!!

your bud

Re:just listen to your mouth

[BSOD+Bitch]

My mother has been dead for 24 years kid. I wouln't go there If I were you.

Re:People need to realize

[anothernick]

we know you like solaris. now shut up about it already.

Re:real link

[herwin]

The issue of the article is that a hacker outside MS has seen the source code, which makes it easier for him to design attacks. The real problem, however, is not this loss of security, but the general vulnerability of software crufted by the MS development process. Most software developed for the the Gummint is required to have a remaining software fault rate (read 'bug rate') around 1.5 per KSLOC and is supposed to take security seriously. I doubt MS code meets those standards.

Re:We better watch out then!

[herwin]

The nice thing about open source is that there are many eyes verifying that the code is solid.

Re:People need to realize

[thogard]

so far every fingerprint scanner I have ever seen uses IR so if the finger isn't the right temp, it won't work. Sad part about this is that it doesn't appear to part of the design, its just a constraint of the imaging systems they use.

Re:Worse than you might think

[thogard]

try running "strings" on the file.

Re:People need to realize

[richie123]

By that defenition nothing is secure. Ease of use and security ARE directly related.

The ability of the admistrator to check the state of his systems, the need for easy, reliable configuration, while balancing the needs of end users are all related to security. If systems are not easy enough to use, than the user is at greater risk due to the probability that he might create security holes by mistake.

There is no such thing as "secure", there is only ever "secure enough".

Re:I don't know what to make of this

[Rainy]

Uh.. the token phrase 'biting the hand that feeds you' implies that you're *not* paying for the food. If you are, it's not really feeding - it's buying, isn't it? For that matter, US gov't buys stuff from alot of companies, should they all be above the law? Interesting.

Re:So what?

[herwin]

Some systems have to be on the internet despite the fact that they work with sensitive data or provide critical functions. The right approach is to start with a strong firewall with a man in the loop. There are a number of other design rules, including the use of internal compartmentalization and redundancy, that can help. Just remember that no automated system can deal reliably with the threat posed by hacker creativity. There has to be a guard on duty somewhere.

Re:Worse than you might think

[Your+Login+Here]

The issue there was really a reporter was using a scapel like a hammer.
PDF's can contain vector graphics, text, bitmaps, etc... the reporter assumed that because he couldn't see it, it wasn't there. What he did is sort of like hidding html text by changing the background and forground to the same colour. Or blacking out text with a magic marker without realizing that you can read it if you hold it up to a light.

Re:People need to realize

[Jerf]

All of a sudden, you have an incredibly secure system, with the same useability(maybe a little slowdown for encryption/decryption, but there are fast, secure algorithms availble). So no I've already refuted the "inversely proportional" part.

No, you haven't. Current security systems are bastardized, ignored, and just plain not implemented well. What you are talking about are cheap, easy ways of increasing our crappy security.

Pretend for a moment that we take the computer you are currently using, and remove all processor cache from it. Now, someone could say "There are always tradeoffs involved with processor design; if you increase the performance of one thing, you will degrade the performance of another." Your response would be to say "That's nuts... all I need to do is add cache to it and look, it works great." You are correct, but only because the processor is so piss-poor designed that there were still easy design additions that could be made for big wins.

However, once you've made all the easy decisions, suddenly the tradeoffs rule comes back in full force. To improve, say, an Athlon, with current technology, would be a difficult undertaking. Because the chip functions as a gestalt, a unified whole, the easy answers don't work. Speed up the FPUs, and do nothing else, and your performance will hardly change at all, because the data can't come in fast enough. The easy gains are gone.

Security is much the same way. Yeah, we can graft some easy stuff onto our crappy systems nearly for free, but as you approach 100% secure, the ease-of-use goes down the toilet. OK, so the drive's encrypted... maybe only the people who know the password should be allowed to use it. Now the user has to enter a password. What if they leave the partition mounted and leave the machine? Should they be forced to re-enter the password every so often? That cuts into ease-of-use. Are they allowed to conduct big transactions without checking again that they are still the authorized person?

After the easy gains, easy-to-use and secure are mutually exclusive, because easy-to-use implies that there are fewer steps and checks being made, and that implies there are fewer steps and checks to bypass/fake if you are trying to breach security.

Of course, the true picture is more complex, this is a simplification. There are other axises in question, like complexity of the security implementation, complexity of the security use, expense, etc. Perhaps we point a camera at the user and try to make sure the face never leaves or changes. But then, perhaps a mask on the face can bypass this, so if we want to prevent that eventuality, perhaps we need to make some other check.

If you've had physics, it's like pressure, volume, and temperature in a gas. All three are related, and all else being equal, less pressure means more volume. All else being equal, more security means less ease-of-use. The full picture is more complicated, but the rule-of-thumb is still quite true.

(And to get back on topic, another one of those axises involves the security of the rest of the system. The entire point of the article is that Windows has now been proven to be weak on that axis as well, along with the ones we are so familiar with.)

Re:We already knew this,but apparently they didn't

[herwin]

The voice communications system used by the FAA enroute centers is currently transitioning from Tandem to Windows NT for the control subsystem. Think about it.

Trust? Not our gov't...

[Matt+Lee]

Think about it... you're assuming that Microsoft will give out the entire source tree to Windows 2000 to dozens of universities, but won't let the US Government, a MAJOR customer, take a peek?

Get real.

The people in the US Government who need to know if Windows is secure and backdoor-free most surely have access to all the source code they need.

is this bad?

[gTsiros]

is this good or bad?

Re:is this bad?

[BadM0j0]

Well depends ons who your asking, for Microsoft this isn't good news or publicity, for Microsoft administtrators working for *gov there jobs could end soon, for *nix administrators looking for government jobs, there might be some new job openings soon *grin*.

So it all evens out in my books, and well atleast *.gov become a little better at handling those attacks all the time.

Re:Worse than you might think

[Petrophile]

Another Word Perfect example: Portions of the Starr (Clinton Sex Scandal) Report were undeleted by the media, leading to some embarassing revelations.

Here's a thought......

[AnarchoFreak_00]

Ha!, wya well, We al know whats really going on now don't we.

MS had there system "brocken into", and now there's a warning saying that it could be comprimising ur security etc.. to ur computer. And MS have the perfect alibie for it.. "well, it must have happend when some of our source code was hached". Becasue if i remeber correctly, there was an artical on MS a while ago, about MS building a backdorr for the CIA or some other group with 3 letters that people get really paranoid about.

Sorry if what i just typed is unreadable, and dosn't kake any sence, but i havn't been much doing work lattely, and i thnk my brain is dissintergating. after all, ur brain is a like anyother mussle, if u don't use it, it will fade away. Or maybe i'm just lazy...

I spose i should have read the artical first, or even just read a few posts so i know what i'm talking about. But then again, that wouldn't be doing it the /. way.

Oh yeah.. it's nre year eve here in NZ, and i'm planing to (well, lack of plan really) to stay at home, hell, i might even go to bed before 12.

Re:Governments Using Proprietary OS'es

[WebCowboy]

The folowing is no exaggeration. There are EXACTLY ZERO power plants--nuclear, or otherwise--in North America that run their critical systems on Microsoft products. This is for several reasons:

1. Microsoft does not make a HARD REAL-TIME OS. For critical systems this is essential, because timing of critical tasks cannot be interrupted by non critical tasks such as switching operator screens or animating cursors and icons. You are more likely to see QNX or something similar in a power plant.

2. Microsoft waives all responsibility for death, injury or serious financial loss due to bugs in their software--REGARDLESS of it's use--in it's standard EULA. "No warranty, expressed or implied" and all that crap. Specifically they state that Windows and it's apps are not suitable for critical medical, aerospace and utility applications. So much for paying for "accountability and liability". If your CANDU goes China Syndrome because of a Microsoft BSOD you can't sue Bill OR his company because they warned you. Similarly if a bank loses your money or the government your tax return they cannot sue Microsoft either. Nobody should depend on Microsoft for accountability--they offer NONE. What they offer is for-a-fee technical support and the fact they are a relatively old, stable company that can offer those services and periodic upgrades for the forseeable future.

3. Microsoft is simply not willing to provide the support that mission critical systems demand. In the typical high-priced, ultra-stable critical systems the source is usually closed, but what you pay for is one-on-one support. If a bug is discovered, the company will send an engineer to look at it and the company will even write a patch to fix your particular problem ASAP. No waiting weeks to months for Service Pack 2 or Hotfix Q286745 or whatever.

4. The most critical of systems don't even rely on PC technology or commodity hardware at all. Even if all the "Critial" PCs crashed, the power plant would not shut down or blow up. It would idle along, all safety systems intact. The operators couldn't adjust any setpoints until the PCs came online, but the current setpoints would be in place. Safety and other ultra-critical systems rely on old but dependable technology used in your typical embedded systems. The continents power systems do not rely on PCs at all. They rely on little $2000 Z80-based PLCs and RTUs, or even electromechanical relays pneumatic or hydraulic systems that have worked well and are subsantially the same as they were in the 1940's and 50's.

Keeping these points in mind, rest assured that planes won't fall out of the sky, there will be no blackouts or hospital patients killed due to a Microsoft Malfunction.

OTOH, you could have your web banking account tapped dry or your Prozac prescription exposed because of un-patched security holes in a Microsoft product (or even poorly secured and administered systems of any sort). THOSE systems rely on closed source, often MS-based commercial software. It's not that closed source is the devils work--it's that Microsoft cannot and will not support their products in a manner REQUIRED for mission critical systems. THAT is what worries me...

Re:People need to realize

[SuiteSisterMary]

Of course, the good old Mac OS has no root level access

Actually, if you think about it, you'll find that ALL the MacOS has is root level access.... :-)

Re:Trust? Not our gov't...

[JimDabell]

The people in the US Government who need to know if Windows is secure and backdoor-free most surely have access to all the source code they need.

Then, assuming they do the sane thing and audit it, how does the hack change anything? One of the points I was making was that there is only a security hole if the U.S. government is already being stupid.

real link

[pirodude]

try this link http://www.cnn.com/2000/TECH/computing/12/29/csis. microsoft.report.idg/index.html

Re:real link

[Fishstick]

Make sure to preview and check those links! ;-)

Re:I don't know what to make of this

[Bluesee]

The government still put gas in their car when they broke up Standard Oil, and probably still made phone calls when the broke up Ma Bell. That's why it's a de facto Monopoly. You, me, and the government really have no choice but to use MicroCrap.

And this comes as a shock?

[active8or]

I see no reason why we should need a 73 page report to confirm this.

MS software has proven to contain lots of STUPID errors as security treats. Take the "ILOVEYOU" virus that wrecked havoc all around the globe, it was just plain stupid that a small text file (I looke at the script) with the suffix .VBS made all hell break loose...

- Knut S.

(one of the first posts?)

Re:And this comes as a shock?

[cyber-vandal]

There is that, and of course there's also a huge range of different configurations a user could have, making it more difficult for a virus writer to create a successful hack. Also there are no mail programs on Linux that automatically execute unknown programs.

Re:And this comes as a shock?

[atrowe]

VBS scripting isn't a stupid error it's a "feature".

Re:well, duh!

[iamblades]

hell, I've never gotten a virus in my ~8 years of using windows either... I did get a deltree once, but that was on purpose. I never use antiviral software either, as it is a useless battle, to try to check for every known virus out there. But, I digress, as for my opinion on windows: 95/98 suck ass, and should be burned alive. NT/2000 is an ok system in and of itself, but it's a victim of its own success IMHO. Theres simply too many win 2000 boxes that all have the same security holes. and more people know how to take advantage of those holes than other OSes. I don't think its even the fact the windows has more holes than other oses neccesarily, there's just more boxes out there, and more people trying to find the holes. I personally think that the various *nixes are the most secure network OSes, because they are strongly multiuser, which can have its downsides though, when it comes to usability. But about the whole national security bullshit, why would anyone put important secrets on a computer connected to the internet? No matter how strong your firewall is, it's a stupid idea.

Aldritch Ames

[anonymous+cowerd]

So some sinister nameless hax0r who maybe, maybe not, managed to download a few source code files despite Microsoft's "world-class" internal network security is a threat to our national welfare - but each and every one of the tens of thousands of Microsoft employees with unfettered day-to-day access to that same source code, well, all of them can be trusted implicitly?

Gee, thinking like that goes a long way toward explaining how Aldritch Ames got away with all he did to subvert the CIA (Completely Incompetent A**holes) so successfully for as long as he did.

Yours WD "untrustworthy" K - WKiernan@concentric.net

yes bill, i wll warm up the vaseline....

[evanfarrar]

it just occurred to me how bitching this hack was, window's closed secret source is where much of it's security lies, now that it's out, it seems we have discovered a blitzcrieg of sorts, an attack on the company thru litigation (anti-trust), thru espionage (hack), and also commercially (linux). now whether microsoft buckling under its own weight is a good thing stands to be seen, microsoft supports the economy, and companies must act quickly to swallow up their market share.
______

well, duh!

[mr_burns]

Somebody once posted or quoted here that running microsoft OS's on the net was like planting the same strain of corn throughout the entire country, and that a single corn disease could wipe them all out.

It doesn't matter whether or not some crackers futzed with the 'doze source. I think all of us agree that it's so darned insecure and widespread that even as a checksummed audited binary, it's a national security threat.

All a foreign nation needs to do to really screw us over is combine the growth mechanism of melissa or ILOVEYOU and the bittersweet tang of back orifice (modified enough to fool the 2 year old virus patterns most people are using), and they've got us by the balls.

Windows by itself is a threat to national security. Thankfully, we have alternatives who's component schemes have ACL's built in , whose source has been audited for buffer overflows, and for the most part are free. The applications are there, and free, to replace office, explorer and most other things.

And I know this works in practice, too. Because I've never owned a windows box in my 20+ years of computing, I've been able (combined with some common sense) to avoid getting a single virus, without the aid of virus scanning utilities.

A problem with one of the MS FUDs against OSS

[JordanH]

One of the more popular FUDs against OSS is that it's not secure because crackers can find all the holes and exploit them.

With Open Source, at least those who are seriously concerned about the security of the systems they run can do a thorough and targetted audit of the code to satisfy (to some reasonable degree of satisfaction) themselves that their systems are secure.

With Closed Source, you have to trust the vendor, the disgruntled former employees of the vendor and any cracker who might gain access to the source that there are no exploitable security flaws.

---

Relative Trust in Sensitive Areas

[Bandman]

This has been said so many times before, and everyone seems to agree, but no one does anything about it. The weakest part of the chain is invariably the human factors. The oft-cited example of people putting sticky-notes with their passwords on their moniters is sadly enough true way too many times. Or using personal information as a password. Or using the same password everywhere.
You have to assume distrust with sensitive information. One place i used to work at was compromised, not because of weak passwords, but because the network was sniffed and they wern't using SSL.
I would be willing to bet that the intrusion into Microsoft wasn't a flaw in their web server, or any other program misconfigured. I would bet it was some kind VPN account that was compromised.
Until people come to terms with the fact that you can't always trust the people you should be able to, things like this will continue to happen.

Broken links

[maxxon]

Broken links abound. Here's the real one.

I don't know what to make of this

[Grant+Elliott]

This article seems to contain a few contradictions. It seems a trite ironic that the US government is willing to admit that most of their machines run Microsoft software, yet they continue to take Microsoft to court. (Bite the hand that feed you, anyone?) If I recall, one of the recommendations made in the trial was to make Microsoft open source at least parts of their software. And yet, access to that source code constitutes a security risk. There is a slight contradiction here!

On another note, if we are ever to convince big-name organizations (ie. the US government) that Linux is a viable option, we can't exactly agree with the content of this report. If unwittingly revealed source code is bad, what is intentially released source code? They don't like code that may have been modified by one person, but we want to offer them an alternative in code that has been modified by hundreds of people. Somewhat humorously, the Linux community may have to defend Microsoft on this one.

By the way, you might want to fix that link.

Re:I don't know what to make of this

[Caspuh]

about your sig....month 12 of the millennium is still 12 months away.

Re:I don't know what to make of this

[Jamie+Webb]

Replace 'Linux' with 'Apache', etc. to taste:
The danger is that the Windows code is basically closed source. The hacker has access to back doors/bugs that we don't know about and can't fix, and if he changed it, we can't know about that either. Microsoft may not have the resources to audit their entire code, but I would guess that every line of Linux source gets scrutinised by someone somewhere every few weeks or so at least.
Linux has no back doors and bugs are fixed as they are discovered, because everyone can alter it. As for malicious alterations, code is checked by the maintainers as it goes in, and even if someone hacked linux.kernel.org and we all got bad code for a few days, someone would notice quickly, because we can all read it, and the problem would be corrected.

Re:I don't know what to make of this

no choice but to use MicroCrap.

Yeah, that's right. Actually, a while ago, I heard of this Linux thing that offered a free alternative Microsoft software, but hey, no need to think about things like that...

Re:I don't know what to make of this

[psychosis]

I think that they mean having closed source compromised is a problem. Since there are exactly two entities that have that code - M$ themselves and a possibly-rogue (mercenary?) hacker, basically none of the 'good guys' will know about vulnerabilities.
OTOH, if the code is open, everyone knows about the vulnerabilities (ideally), and they can be fixed.
If M$ opens portions of the code, we all would be able to see how it ticks (and blows up).

Putting all eggs in one basket

[gotan]

I mean, what do they expect? They make the proper functioning of the government and the military dependant on the products of one single software giant who won't even let them look at the intrinsic workings of their software (the source) and without planning ahead what to do if it breaks.

Now they need a security breach at MS to recognize this is a bad idea after hundreds of previous security holes didn't open their eyes? And what will all this lead up to? A few papers how this security breach isn't all that important for national security (and in fact it isn't, reagarding all the other gaping security holes in MS products) and that's it.

The alternatives i see are:
- look out for alternatives to work with and put them into use at least in some places, so if the security breaches in one OS forbid it's further use the alternative is ready for use in an overseeable time (anything less than a year is unrealistic here)
- engage in the development of the software they use (open source is a good starting point here if you don't want to do it from scratch) so at least they have a little control over the security and when holes will be patched.

All this is of no use if the people handling critical data aren't minimally trained (it is a bad idea to download software from the net and run it, regardless of the OS you use. If the OS faciliates this (like running applications from mailprograms at a mouseclick) it only makes things worse).

Re:Putting all eggs in one basket

[ghoti]

... single software giant who won't even let them look at the intrinsic workings of their software (the source) ...

Are you sure about that? I know that there are a few research institutions that have access to the windows source code, so I would guess this is also true for the military (but I don't really know).

I also find your subject line interesting ... if they used more different software in different parts of the organization that would also make breaking in harder. Because now, if somebody really found a hithertho unknown security hole in windows, they can easily get into many machines. But if only a part is windows, and there are also other systems, that means much more work.

Re:How do you remove the undo history?

[Zemran]

I frequently select the whole document and copy/paste it to a new document to lose all the crap as documents tend to grow in size as they are edited and doing this makes the file size drop by quite an amount. I lost a Mb on one document recently doing this so that it would go on a floppy.

Re:People need to realize

[SuiteSisterMary]

Here's a simple example that'll work on quite a few UNIX systems, as well as Windows based ones. I'll do it in pseudo-code, but you can do it how you'd like; even a shell script.

begin
mkdir X
cd X
loop

Re:People need to realize

[mpe]

Now, I'll point out that we're not talking single user operating systems in a non-networked environment

Becuase such a system would be utterly useless for any government (with the possible exception of Sealand).

The Gov't...

[local($punk)]

I still can't believe that the entire US Government's computer net is run by Microsoft!! Who are their network engineers? Have these people been sleeping while Microsoft was selling them crap that had "crap" written on the label and the entire geek community was referring to it as crap?
This is stupid. If some third-world country takes over their network (which is entirely possible) they deserve it.

NT error of the day: Operation could not be completed because operation was completed successfully!
--------------

Re:People need to realize

[SuiteSisterMary]

I merely cite the book as a really great basic introduction. And especially in this Internet world, the average user would find that installation quite tedious to use; needing to be present to put a finger on a plate during boot, no backups, no Internet access, etc etc....

frightening incompetence

[q000921]

The article and analysis is about as hostile to open source as it coulde be. The reasoning is that because someone may have seen Microsoft's source code, its security problems may become understood by crackers, and that puts the security of the system at risk.

"Whoever stole proprietary secrets at the heart of the ubiquitous Windows program can hack into any PC in the world that uses it and is connected to the Internet," the report states.

Of course, that's completely bogus and runs counter to decades of experience with computer security. If Windows were so full of holes that people with access to the source code could break in, Windows would be compromised a lot more than it is. Besides, lots of people have access to Windows source code already, and such security holes would be hard to keep under wraps. If Windows wants to become more secure, it needs more public exposure of its source code, not less.

It is scary to think that people like Hamre and his think tank are considered authorities when it comes to "cybersecurity", as they call it.

Re:Nope

[Petrophile]

NTFS supports an Execute permission bit too. One could disable it in the user profile directories, and see what breaks.

Of course, one big problem on Win2000 is 'legacy' programs that like to write all over the drive, making it virtually impossible to even get close to a permission setup like a typical Unix. (For example, %TEMP% is set to a private profile directory, but some software just uses C:\TEMP anyway.)

Re:People need to realize

[Fjord]

All of a sudden, you have an incredibly secure system, with the same useability(maybe a little slowdown for encryption/decryption, but there are fast, secure algorithms availble). So no I've already refuted the "inversely proportional" part.

No you haven't, since the system is still harder to use. You have to log in with you finger, etc (I didn't have to log in to my Windows ME machine, untill I made it part of a microsoft network). Inversely proportional implys one goes down as the other goes up and you example backs that.

If you could show where the easy of use goes up, then you would have refuted it. Even where it stays the same (although that won't be as impressive).

Re:We better watch out then!

[rob_au]

Amusing as this is, I think the concern arises not so much because of the breach of the source itself but moreso that this breach of Microsoft security demonstrates an oversight in basic security procedures on Microsoft's part. If this oversight in security (which I believe involved yet another patch to IIS) became evident on Microsoft's own systems, what does this the future hold for client systems?

I mean, if Microsoft can't even get their own security right ...

Just a few random thoughts,

Rob

Re:Governments Using Proprietary OS'es

[Bluesee]

This reminds me of that scene in "Pirates of Silicon Valley" (I know you watched it, so just 'fess up) where Bill and his pal are late for a flight and he says something to the ticket agent like "Do you realize what I'm carrying here? Critical software just like the software that runs your planes? That runs this building? yadayadayada..." Basically a threat, you recall it got the plane turned around and Bill made his flight after all.

What was cute and probably apocryphal in the TV movie is frightening and possibly apocalyptical if we think of that brand of arrogance as posessed by the man who supplies the pentagon with their 'critical' software.

And, judging by the responses to the DoJ (Justice Department. Don't mention it, Fantastic Lad... :) from Redmond, that is one singular sort of arrogance there.

Re:Worse than you might think

[Fjord]

This sounds like a mistake (probably somewhere down the line of the story). The original probably came from a known security problem with MS word where you can see revision history in some documents (I don't know enough about it to say if it is always on). There is a feature in word that will allow you to have it save revisions. You can later look at revisions and see the strikethoughs of past editing. There are U.L.s about companies putting humourous stuff in documents like "This client is a boob", which are later edited out but saved in the revision history.

The easiest way to make sure a document is revision free is to cut and paste it into a new document. The new document will not contain the revisions.

Re:The "Track Changes" feature

[clifyt]

The easiest way to make sure that the machine you are working on won't do all of this is to simply copy everything, open a new document and paste, saving the new document for redistribution.

I always love looking at others docs to see if they had anything negative to say about shit I'm working with and putting it right back in so this it is in plain text when I email the guys back :) Working in an academic institution, there are a lot of dumbasses that use M$ Word as their default Email Editor and there are a lot of petty rivalries between departments. Its always fun to send this stuff out to everyone and watch the reactions...

blah blah blah

clif

Re:now they are afraid?

[GC]

I believe governments are able to purchase source licenses for Microsoft Operating Systems.

That small US government probably can't afford it though!

Re:Governments Using Proprietary OS'es

[Lord+Omlette]

the military's view is: if it's been proven commercially, it's cheaper to use off the shelf than to build custom stuff.

I dunno bout the rest of the government, but the military is horribly strapped for cash... cutting cost is the biggest priority...
--
Peace,
Lord Omlette
ICQ# 77863057

Re:So what?

[am+2k]

Yes, what I wanted to say was the following:
At a Mac, you have to enable something to be insecure.
At Windows, you have to disable something to be secure.

Re:How does the hack change things?

[mpe]

Yup, they trust Microsoft enough to power state of the art navy vessels, and I can only assume they've fixed the it-stop-dead-now feature of a few years back, and have fixed the last bug that could cause such problems.

IMHO using Commercial Off The Shelf Software (or for that matter hardware) in a warship is utter stupidity. This stuff was designed for a nice safe office environment. It makes about as much sense as the USN buying a passenger liner and painting USS W H Gates on the side.

A secret agent running around as a senior Microsoft programmer could cause reams of damage, for anyody interested in real power over Windows boxes

The most likely concern is that there are "security by obscurity" issues in Windows.
The sensible solution would be to either write from scratch or use open source (N.B. not an off the shelf linux CD, since you can't buy "Red Hat Warship" or "Suse Submarine") both ways people familiar with the specific requirments can put together a suitable system. Which is likely to include such things as high availability, highly redundant and damage tolerant networking shock and seawater resistant hardware (with intergral UPS), etc. (Also should the whole thing fail manual overrides.)

Re:Trust? Not our gov't...

[Malcontent]

Of course they probably never did an actual audit nor do I think they audit every service pack or DLL. It would not surpirse me one bit to know that some foreign nationals or subcranted employee put in all kinds of crap into not only the kernel but the thousands of DLLs and activeX controls that make up windows.

Re:Worse than you might think

Your name and the title remain because they are not part of the document text.

They can be edited from the File menu, Properties option.

Re:Worse than you might think

I've just tested that, and it seems to be bullshit. At least it is under word2000. I haven't word word97 in ages, but I certainly don't remember it there either.

Maybe they were referring to fast saves (which I always disable)? Fast save only writes document changes. A full save re-writes the entire document to disk. That's been known and documented behavior for years.
Not knowing or forgetting is incompetence.

Just tried with fast save enabled. Still doesn't happen.

There was a thing where people distributed a PDF with sections blacked out. On slow machines the text could (momentarily) still be seen as the black boxes were drawn on a different layer to the text. Even that was incompetence, rather than a real flaw in the app.

CSIS not Canadian?

[Fantastic+Lad]

I thought 'CSIS' stood for 'Canadian Secret Intelligence Service.'

Guess it's a case of acronym overlap.

BTW, IMHO, /. needs an FAQ detailing all the BDSA's. (Bloody Damned Stinking Acronyms).

There's always a handful of geek-speak all caps terminology there to amuse and confound.

-Fantastic Lad

Re:now they are afraid?

[AtrN]

I find it interesting that they openly accept any software just because it is made by a large "trust worthy" company.

Good isn't it. The same company the government prosecuted for deceptive practices. Go figure.

Governments Using Proprietary OS'es

[penguin_nipple]

Any governmental agency, whether American or Canadian (being a Canuck myself, I can't really comment on the Yankees), should make it a serious goal to utilize the *nix's or custom developed OS'es in sensitive operations. There are a couple of reasons.

1) No coporate entity should have absolute control over the operations, however minimal, of a government. I think most of you would agree that a coporation, whether it is Sun or Microsoft, should not infiltrate a government agency in that manner. As a point, I am aware that the US Military and various agencies use the services of Sun Microsystems. However, my understanding is that Sun is contracted for customized development work, of both OS'es and apps (rather than just running out and buying 50 workstations preinstalled).

2) Its also my understanding that the original BSD distribution, developed at Berkley was contracted by the American government for use in critical systems. If that was the case, then why is a consumer OS like Microsoft Windows seeing such proflific use in government operations. Economic deals with major corporations should not dictate what what OS is holding our sensitive information. Again, American or Canadian, that basic point of fact should make you think.

3) If it was government policy to use a specific *nix, one or many (ie OpenBSD, FreeBSD, Linux, whichever was most appropriate for the particular task), then numerous engineers and scientists could be utilized to strengthen weak areas and improve already effective areas. In effect what would be happening is a re-conribution of code back into the main source trees of each distribution, or flavour. This would be the same as an influx of intellect and dollars into this area of Computing.(I also think most of you would agree that many of the best, and brightest minds in CS and OS development around today are working in government agencies - whether or not you know their names, this is the truth).

Finally, throughout the computing industry, it is being recognized that computing technology no longer exists only in the realms of research and science. This technology has become critical to the functioning of society, in a very practical, day to day sense. I did read an article recently on Ars-Technica about the recognition that fault tolerant computing is now getting. To this end, the government should seriously evaluate the use of a consumer OS. For instance:

Does NASA buy 50 Aibo robot dogs to launch into space? No

Do they hire TRW or Boeing to custom build equipment on a contract basis? yes

So, if these agencies already have a method for contractng the services of companies to design fault-tolerant and secure systems for various military and aerospace operations, why should the database which stores my medical, personal, or credit information be any different? In both cases, the lives of individual citizens is at stake.

I am certainly not trying to simplify the situation or even offer a blanket solution. I am saying one thing though no government should be purchasing and using off the shelf, shrink wrapped software to hold any of our information. Period.

Flame away if u think I am way off base =)

Re:Governments Using Proprietary OS'es

[mpe]

While your points are valid; it must be asserted that the point of shrink wrap apps is accountability and liability.

Would these be the same shrink wrap apps which say in effect "if this breaks then we have no liability, even if we knew it was broken".

If you sell CanduOS to Candu reactor users and an OS exploit causes a meltdown then you as the vender are held responsible.

No you say "sorry about the mess, but didn't you read the licence?" then maybe put "unsuitable for fission cooling systems" in CanduOS V2.

Free software is good but lacks the liability and accountability that governments and enterprise depends on.

In fact it's the only way of getting liability and accountability. Because your own experts can examine it and alter it to your organisations needs.

Re:Governments Using Proprietary OS'es

[mpe]

the military's view is: if it's been proven commercially, it's cheaper to use off the shelf than to build custom stuff.

When did the military start being an office? Or when did office workers start becoming soldiers?
It's effectivly saying "those apples make good apple pie, so they should make good orange juice too"...

Re:Governments Using Proprietary OS'es

[HiThere]

Either this is humor (possibly satire), or you've never read a MS OS License. Nuculear reactors are one of the things specifically excluded.

Actually the MS license disclaims just as much responsibility as the GNU license. They just demand a lot of duties from the "purchaser". (That's humor -- they specifically deny that they are selling you anything. Even the license is still theirs, and that's why they can change it even after you've agreed to it.)

Caution: Now approaching the (technological) singularity.

Re:Governments Using Proprietary OS'es

[gte910h]

3) If it was government policy to use a specific *nix, one or many (ie OpenBSD, FreeBSD, Linux, whichever was most appropriate for the particular task), then numerous engineers and scientists could be utilized to strengthen weak areas and improve already effective areas. In effect what would be happening is a re-conribution of code back into the main source trees of each distribution, or flavour.
<br><p>
The NSA did this very recently...a story about it <a href="http://slashdot.org/article.pl?sid=00/12/22/ 0157229&mode=flat"> was posted on slashdot</a>. A person more industrous then I might look it up for you ;).

Re:Governments Using Proprietary OS'es

[NullStream]

While your points are valid; it must be asserted that the point of shrink wrap apps is accountability and liability. If you sell CanduOS to Candu reactor users and an OS exploit causes a meltdown then you as the vender are held responsible.

Just like engineers who build faulty bridges are responsible should the bridge break and kill people. Free software is good but lacks the liability and accountability that governments and enterprise depends on.

Re:Governments Using Proprietary OS'es

[Tuzanor]

One of Microsoft favorite anti-linux slogans is that there is no central authority in linux and who do you blame when your mission critical software in nuked by the OS. Read the Windows user agreement. "Microsoft et all is not responsible for any damage caused my using this software" or something like that. So there's nothing stopping you from adding that sort of thing to "CanduOS".

I for one would never let any third party app run something like say, oh i don't know, a destroyer. When that ship was crippled by Windows NT the sysadmins were all probably playing minesweeper or death-matches.

How likely is this, really?

[WebMasterJoe]

Here's quote from the CNN article (which is a quote of the original report) that I found interesting, complete with my translations:

"Whoever stole proprietary secrets [ looked at source code] at the heart of the ubiquitous Windows program [it's surprising that this unreleased OS is already ubiquitous, or maybe this is magic source code that automatically recompiles all copies of Windows... but I digress] can [interpret that snippet of source code, understand its context, classes and general structure and purpose, and find big wide security openings that the programmers, who wrote the code themselves didn't see, letting them] hack into any PC in the world that uses it [it being the yet-to-be released operating system] and is connected to the Internet," the report states.

Now I don't program too much, but the source code I have looked at required a lot of examining to find out what the functions do, where these constant variables came from and what they mean, what this class means, and so on. And something tells me it would be difficult for a hacker to understand any one part of the Windows source code, especially since s/he wouldn't have access to all the source code (they don't keep all the source in one nfs, obviously). Then on top of that, the hacker has to add his/her own little hack that knows the name of the class to instantiate, how to contact the internet from within Windows code (which I doubt all that information was contained in the same location in the network) and then leave the source code there, with the new hack glaring at any programmer who looks at it (especially since all info has to be hard-coded in there).

I don't mind not using Windows because I don't trust its security, but this seems like a little bit too much. If you want to credibly bash Windows, don't overexaggerate problems like this.

Re:now they are afraid?

[sjames]

I believe governments are able to purchase source licenses for Microsoft Operating Systems.

By the time they finished wading through those millions of lines of bloat, the version would be obsolete. With Free operating systems, it is possable to follow the changes as they happen and not have to re-analyse everything from square one.

Re:How does the hack change things?

[cyoon]

The Navy doesn't use Windows to run its defense systems nor does the Air Force use it for guidance systems. As far as I know, they don't use off-the-shelf commercial products for critical systems. They do use it for support systems, however. Things that are critical for any kind of large organization or business to operate correctly, such as inventory tracking, messaging, accounting, etc. Of course, crippling a supply chain is just as devastating as taking out a critical weapon during a time of war, but it's like ships are going to run aground and planes fall out of the sky as a result.

Re:Win2000 is C2

[cyber-vandal]

Have you got a link for that, preferrably not on microsoft.com?

Re:How do you remove the undo history?

[antdude]

And I assume all formatting will remain the same. Even with footers, headers, etc.

Re:People need to realize

[mpe]

But let's look at it this way. We'll consider a default Window ME install to be very useable, but rather insecure.

How useable do you think the Windows UI is for driving a tank or an aircraft carrier. You need to add quite a bit on for flight sim remember...

Now, add a small filesystem layer that encrypts and decrypts everything to and from the hard drive. Replace the usual login password with something that checks an individual's physical traits(such as DNA or maybe fingerprints). Make sure that it's checked as soon as possible. I'd replace the BIOS with whatever checks for the DNA/fingerprint. We'll also assume this workstation isn't physically connected to any other.

If it's not connected to anything else how are you going in install the biodata on it in the first place, if it's not networked? Anyway unless something of the biometrics is used as the encryption key then anyone with physical access to the hardware can get at the data, which is probably useless sat on the workstation anyway. What do you do when someone else uses that workstation?

Defense Funding Ploy?

[Troy2000]

Could this be the beginning of the next big scare tactic that the government will use to fund big missiles?

Re:So what?

[rew]

If it's a national security issue then the machines shouldn't be on the internet.

No, no. It's not "being on the internet" that's a problem. It's that some highly untrusted individual had a chance to insert malicious code into the OS.

Like "if you dertermine yourself to be in a position to fire a missile: fire the missile ".

The danger is that this might go undetected for years until we learn "the hard way".

Roger.

Re:So what?

[coolgeek]

c'mon, the Army chose Mac for obscurity, not security.

Re:People need to realize

[mpe]

You failed to mention any sort of human protections; DNA/Fingerprints are very easy to get ahold of. I can convince you to put your finger on it, one way or another.

Especially if the system cannot tell the difference between a living person and one very recently dead. It's not as if this is a difficult "trick", it crops up in many films and TV shows where biometrics are used.

Re:now they are afraid?

[Asgard]

I have faith that those of us who don't trust them now would be sure to point out the contradiction to all who did should such an occurence come to pass.

Re:So what?

[JemalCole]

If it's a national security issue then the machines shouldn't be on the internet.

You're forgetting something - it doesn't have to contain a remote exploit to be dangerous. What if somebody inserted a simple michaelangelo style virus into the code? Every government employee walks into his office on July 4th to find that his hard drives are crashed beyond recovery.

Re:Worse than you might think

[mpe]

During a brief stint at Los Alamos as a researcher I heard this story: The classified portions of an MS Word document were highlighted and cut out so that the document could be sent to individuals without the proper clearance. Unfortunately, because the "Undo" feature works across sessions (the undo information is stored in the saved document) all the uncleared recipients had to do was Edit->Undo to see the classified portions.

The problem here is people treating .DOC (and for that matter PDF) files as being identical to what would be output if was printed. Black out parts of a paper document (and photocopy it) and there is nothing "underneath" attempt to do something similar with certain types of electronic formats and there might well be things "underneath". It's a WYSIWYG problem. You may get more than you see...

It's Not Just M$, Anymore

[VB]

While it is troubling that the closed source OS (some flavors/pieces, anyway) may have been exposed to an 3l33t3 few and chances are their motives are nefarious, that security snowball has enough momentum to keep it from attaining it's .NET Web ubiquity.

Much more concerning is the simplicity the Linux/UNIX vendors have put into their installations. From CD-ROM to *N*X system in less than 30 minutes for anyone. The one who most disturbs me is RedHat with the ServerInstall option. Every service, none secured. Since these boxes are usually put on public IP's to perform some service(s), they usually have the most potential for causing problems to servers that have been locked down. It would be nice to see a firewall script installed and enacted in any distribution, with instructions on how to unfirewall certain things post-install. This might help cut down on the DDOS agents out there. The hundreds of compromised hosts they're talking about are most likely not Micro$oft systems. The vulnerability was on port 111.

The RPC vulnerabilities have been around forever, along with the WU-FTPD problems, but, they have been around for ages and fixes, or at least host access and firewall techniques have been around just as long. For some reason, the patches just don't get applied, and, the systems get taken over. I just hope with all this newfound popularity, the Open Source OSes don't earn the same bad security wrap Windows has earned. And, I do mean earned. Because we can do something to secure our systems, if we think security is important. It is and we should.


Linux rocks!!! www.dedserius.com

Acronyms

[GeekDork]

You should have a look at the Jargon Dictionary. It explains some of the widely used acros, at least those from the IT sector.
A copy can be found at http://www.netmeg.net/jargon.

Re:Acronyms

[Fester213]

dunno why it modded you down. Sorry about that. (posting to clear my moderation)
-- Fester

Another example

[code_rage]

A similar exploit occurred with PDF files on the NY Times web site, where documents were posted pertaining to the CIA-assisted coup which installed the Shah of Iran. The names of certain operatives were blacked out in the graphics layer to protect their identities, but the text was still present in the document.

People do have access to the source outside MS

[Froqen]

There are a number of univerisities and other companies that do have access to the windows source code. Even if someone saw it from inside the firewall, it doesn't mean that they get any new information that isn't known in certain circles already. I don't see the new threat here.

Re:So what?

[protactin]

Well slashdot seem to be so worried about security, that they wouldn't even post the link to the CNN story! :) http://www.cnn.com/2000/TECH/computing/12/29/csis. microsoft.report.idg/index.html

Re:now they are afraid?

[Asgard]

True, MS could start blaming bugs on that hacker. However, they have stated that no source code was changed. If they turn around and start blaming bugs on the hackers, the confidence in their products will plument drastically.

Re:Worse than you might think

[Pig+Hogger]

The same goes for Word Perfect. We were once able to get a competitor's bid, kindly sent by the client, as a Word Perfect document in which they kindly deleted all the quoted prices, which we restored by doing "undo"... We got the contract, it was government and we underbid them by $200...

--

Say Word

[xp0rnstar]

Its funny how the government is now looking into possibly not using Microsoft products based on this incident. Last I checked at Attrition they couldn't even lock down their Unix stations either.

Maybe Mickeysoft should just open their source code to the industry everyone knows their op sys can only get better this way and maybe their programmers could stop focusing on all the patches they have to create stemming from posts @ SecurityFocus

Does this mean that since Glock sells to foreigners some of whom may be terrorists they should stop using them for possible leaks of information to customers, or perhaps because they'll be a fair leverage?

Gov sucks.

Windows2000 Spoof

Re:Worse than you might think

[signe]

LANL has a lot more security problems than that. I did a stint over there, and the security was deplorable. There were lots of people who had computer accounts that shouldn't have (including me). Password security wasn't enforced, shadowed passwords weren't being used. It was laughable. And the physical security wasn't too much better in most places. Most of the medium security places (ie. not the plutonium facility) didn't bother to check laptops and bags and such going in and out.

But I ramble.

-Todd

---

Re:now they are afraid?

[sjames]

What has kept Microsoft employees from doing the same thing?

The potential to be hanged for treason? The fact that even the amazing MS marketing department couldn't overcome the negative publicity MS spying for an enemy power? Since MS is the employer, they know that they bear responsability for the work related things their employees do, so they police it. They do not bear (legal) responsability for what A third party did without their permission.

As soon as the break-in became known, MS gained plausable deniability. Anything found becomes "Obviously the work of that evil foreign hacker".

I doubt that the fear level before was zero, it's just a lot higher now.

Open source = insecure?

[floki]

So the CSIS says there is a security risk because someone could gain insight into the code:

"Whoever stole proprietary secrets at the heart of the ubiquitous Windows program can hack into any PC in the world that uses it and is connected to the Internet".

They seem to hold the view that security can only be preserved by keeping the code closed. This statement implies that open source software is inherently insecure. The good thing is that nobody can verify that Microsoft has actually done some work to improve the security of it's products whereas in open source projects it's not that of a problem to admit having security issues much less showing the solution to the problem. Let's hope this fact will convince people to be wary when using closed source products in production use.

floki

Re:How does the hack change things?

[thrig]

Yup, they trust Microsoft enough to power state of the art navy vessels, and I can only assume they've fixed the it-stop-dead-now feature of a few years back, and have fixed the last bug that could cause such problems. Or maybe now the ships just reboot faster. :)

A secret agent running around as a senior Microsoft programmer could cause reams of damage, for anyody interested in real power over Windows boxes-- e.g. any nefarious government, corporation, or super villan.

It should also be easier to subvert existing programmers, now that they can't retire in a year like they planned due to the stock nosedive.

Why Windows will not be secure any time soon:

[Bistronaut]

I run a small network at work with a Win2K server and 98/ME/2K clients. You have to log into the domain to get access to sensitive files, and the server vaildates your password. The stupid part is that the client computer stores its own copy of the password! That means that if anyone gets access to a client computer they have the passwords of everyone who has logged in there.

I bet that there is a registry key somewhere that would turn this "feature" off, but my point is that the whole Microsoft mindset is not geared toward security. Leaving gaping holes in security by default, Microsoft has arguably made thier products easier to use, but at what expense? If security were a priority, user-friendliness would evolve rapidly. Securty, however, does not just spring up out of the ground.

Re:Um...

[Ig0r]

If someone sees a problem in open source software they're using, they'll most likely report it to the developer because they themselves are at risk of that problem. This problem will then be fixed by a submitted patch from the finder, or from the developer themselves.
If someone sees a problem in closed source software, they're most likely looking very carefully for it, and are looking for an exploit that they can abuse to harm other's systems.

Security through obscurity is no security at all..
Hiding the mechanisms in a black box just means that when a problem is found, it will most likely be exploited before it will be fixed.

--

Government uses a different OS

[Dorkman909]

The government doesn't use Windows, Linux or xBSD for its truly sensitive documents. Instead, the DoD uses Wang's XTS-300, which is tested more extensively than the OpenBSD project and is the highest security rated operating system in existence, as seen here. One thing I thought was cool about this system is that you can't tell with 100% certainty disk space because users could in theory devise a scheme where they could pass messages encoded in changes in availability. For the same reason, if you time a process, some margin is added to the value you would get, which makes message passing take extremely long. The full specs of the Common Critera, an updated "Orangebook" are here.

Re:So what?

[coolgeek]

No shell makes it harder maybe, but not impossible. If one discovered a buffer overflow on a Mac, instead of modifying return address on stack to return to shell, return to code injected with overflowing packet. Injected code could then, say, ftp another program into the target machine and start execution. Granted this exceeds the skill level of your average script kiddie, but it's certainly not rocket science either.

I believe not too many people are interested in expending that kind of effort to get into a mac, what with there being such a greater percentage of unix/linux and nt out there. Also, note most exploits against Windows do not use the shell, instead injecting code, or employing social engineering and/or scripting exploits. I don't see any reason why these techniques are any less applicable to Mac. Maybe, just maybe, it's the relative obscurity Mac enjoys that motivates hackers to look elsewhere.

BTW Not to push your professor under the bus, but I beleive he is repeating what he read here.

OK

[NuclearArchaeologist]

Just in case anyone is tempted to take this seriously, consider what you would prefer:

Code that is freely available and constantly auditied or,

Code that is only available to two groups, the company selling it to you, and the bad guys who hacked the company selling it to you.

Grammer Nazi, fuck off!

Re:People need to realize

[Trepalium]

Actually, on most Windows systems, you'll hit the 255 character filename/path limitation, and it'll die promptly, stuck in a loop where it can no longer change directories or make new ones under the current directory. XCOPY on windows/dos used to be stupid enough to do a cyclic copy which would eventually fill all available directory entries and clusters.

I think some UNIX-style operating systems have integrated protection from this sort of simplistic DoS attack, as well, aside from disk space/inode quotas.

Re:just listen to your mouth

[BSOD+Bitch]

im 32 kid. and you are????

Re:Why Windows will not be secure any time.. TIP

[�laC|n]

If it was the .pwl files you thought of, all you have to do to get rid of them, is to add the line
del c:\windows\*.pwl
in the logon script.

Re:People need to realize

[BSOD+Bitch]

And what bug flew up your ass?

And this NEWS for nerds?

[active8or]

Can somebody please explain how M$'s software's security problems is news for nerds?

This dosn't belong here on slashdot :-P


- Knut S.

Re:So what?

[gte910h]

Not from what I have learned in my computer classes at Georgia Tech (from Prof. Mark Guzdial). The reason that Macs are used is that since there is no command line by default, that its much harder to do something interesting (or dangerous) if you DO get in.

Re:OpenBSD

[BSOD+Bitch]

OpenBSD isn't as secure as you think it is.

Re:OpenBSD

[BSOD+Bitch]

um, ok. Not really. A friend of mine sold it to me for $6,000. Its a 300mhz Sparc 2, with 64mb ram, and a 15inch monitor. Its upgradable to 1gb of ram, and 650mhz. It does the job for building perl scripts, and messing around on the net. No, I don't have a static ip. Im on my supervisor's, LAN with DHCP. 10 megabits.

You must be thinking I am someone else. And my name isn't 'JD'. My name is Dave Uperton. I live in LA, Ca, where I have lived for the past 8 years.

Re:Worse than you might think

[Trepalium]

I think the original poster is a little confused. Word 97 and 2000 both support tracking changes to a document, however it's an optional feature that must be turned on to be useful. Despite this, however, it's known that Word documents can carry all sorts of data that has been deleted, on the clipboard, or from apps running on the same machine. Running a 'strings' command on a word document will often reveal data that was never in the document, was removed from the document at some point and other tidbits of information.

(top secret message)

[CdotZinger]

If you open this with Acrobat Reader, you just get a black box--

%PDF-1.2
1 0 obj
<<
/Creator (Adobe Illustrator_TM_ 7.0)
/Producer (Acrobat PDF File Format 1.1 for Macintosh)
>>
endobj
2 0 obj
<<
/Pages 4 0 R
/Type /Catalog
/Outlines 7 0 R
>>
endobj
3 0 obj
<<
/Type /Page
/Parent 4 0 R
/Resources << /ProcSet [ /PDF /Text ] >>
/Contents 5 0 R
>>
endobj
4 0 obj
<<
/Kids [ 3 0 R ]
/Count 1
/Type /Pages
/MediaBox [ 0 0 612 792 ]
>>
endobj
5 0 obj
<< /Length 6 0 R >>
stream

endstream
endobj
6 0 obj
0
endobj
7 0 obj
<<
/Count 0
/Type /Outlines
>>
endobj
xref
0 8
0000000000 65535 f
0000000009 00000 n
0000000123 00000 n
0000000193 00000 n
0000000303 00000 n
0000000394 00000 n
0000000448 00000 n
0000000466 00000 n
trailer
<<
/Size 8
/Info 1 0 R
/Root 2 0 R
>>
startxref
516
%%EOF
8 0 obj
<<
/Length 9 0 R
>>
stream
1 0 0 1 0 -21 cm
BX
/Layer << /Title (Layer 1)
/Visible true
/Preview true
/Editable true
/Printed true
/Dimmed false
/Color [20224 32768 65535 ]
>> BDC
/PointText <</Matrix [1 0 0 1 62 507] >> BDC
BT
0 0 0 1 k
0 i
%%Note:
0 Ts
0 TL
100 Tz
/PgfFormat <<
/WordGlue [100 100 200]
/CharGlue [0 0 5]
>> DP
/CharFormat <<
/AutoKerning true
>> DP
/F1 12 Tf
0 Tw
0 Tc
0 Tr
1 0 0 1 62 507 Tm
/Pgf BMC
(Lameness filter encountered. Post aborted.) Tj
EMC
1 0 0 1 62 492.5000 Tm
/Pgf BMC
() Tj
EMC
1 0 0 1 62 478 Tm
/Pgf BMC
(Junk character post.) Tj
EMC
ET
EMC
299 465 m
299 521 l
58 521 l
58 465 l
299 465 l
h f
EMC
EX

endstream
endobj
9 0 obj
623
endobj
3 0 obj
<<
/Type /Page
/Parent 4 0 R
/Contents 8 0 R
/Resources <<
/Font <<
/F1 10 0 R
>>
/ProcSet [ /PDF /Text ]
>>
/Rotate 0
/MediaBox [ 0 0 612 792 ]
/CropBox [ 0 0 612 792 ]
/PieceInfo <</Illustrator7.0 <</LastModified (D:20001130154110)>> >>
>>
endobj
10 0 obj
<<
/Type /Font
/Subtype /Type1
/Name /F1
/BaseFont /Helvetica
/Encoding /MacRomanEncoding
>>
endobj
1 0 obj
<<
/CreationDate (D:20001130154110)
/ModDate (D:20001130154110)
/Creator (Adobe Illustrator® 7.0.1)
/Producer (Acrobat PDF File Format dob for Macintosh)
/Author ()
>>
endobj
xref
0 1
0000000000 65535 f
1 1
0000001819 00000 n
3 1
0000001450 00000 n
8 3
0000000754 00000 n
0000001430 00000 n
0000001707 00000 n
trailer
<<
/Size 11
/Prev 516
/Root 2 0 R
/Info 1 0 R
>>
startxref
2002
%%EOF

--but, if you have a text editor, well...gee.

NOTE TO CIA: Rasterize!

Re:Um...

[mpe]

How are you going to get that assembly code to execute on my box, with sufficient privaleges to trap for that kind of behavior?

Or that even if they did, it would work?
Can they test every possible binary resulting from compiling an open source system?

Re:How does the hack change things?

[BSOD+Bitch]

The gov doesn't run that M$ crap. %97 of them Run Solaris, Linux. Mostly Solaris, or SunOS.

http://uptime.netcraft.com/up/graph/?host=www.na sa .gov

Re:People need to realize

[dbarclay10]

You missed my point. That thing about Windows ME was just to disprove the "usability is inversely proportional to security point".

Using that very simple and easy-to-implement security scheme I mentioned, you increased security several times over what it was before - with almost no loss in useability. By what that poster said, the 400-500% gain in security would have meant a serious loss in useability - obviously not so.

Now, since I'm in the mood for a little fight:

Points 4 and 5 have nothing to do with security. They had to do with good computing in general - always have a backup. I will ignore them.

1. You're right, you could do all those things. But it's all of a sudden a HELLUVA lot harder than a regular Windows ME install. And there's no guarantee you'll be able to decrypt the drive before you die. It could take that long. But only a minor speed loss is incurred(with the proper algorithms).

2. The ACLs and such you mention are for multi-user systems. Windows ME is not a multi-user system. Sure, you can have different backgrounds and preferences for different users, but that does not a multi-user system make. Since Windows ME is a single-user system, no ACLs are required.

3. See point 1 above.

4. Ignored.

5. Ignored.

6. Good idea about the "duress" password. Point taken.

7. We're talking about security vs. useability here. I am saying that with a certain value of security, you don't lose that same value in useability. The TEMPEST protection measures, though, shouldn't hamper useability of the operating system - although the size of such a computer might be a hindrance.

8. You can write a 2 line VB program that will grind my computer to a halt; I can write a 4-5 hundred line Intel assembly program which will completely preclude those particular VB instructions from ever being run.

9. It's still very usable. Games, word processing, office apps.

10. You're wrong there. Money buys a lot of things - including respect. Some of my employers pay Microsoft to have a team of engineers on standby, 24 hours a day, with access to Windows source. And Microsoft *HAS* given source to other companies.

Now, I'm not going to lambast you for purposefully taking my argument as something it wasn't. Before you say anything else, consider for a moment the point I was trying to make, and then refute the point itself - not my example.

Dave

Barclay family motto:
Aut agere aut mori.
(Either action or death.)

We gotta nuke Redmond from orbit...

[Gorimek]

...it's the only way to be sure!

Common Sense

[coryboehne]

Isn't rather funny how the government trusts ANY operating system that even the manufacturer cannot make secure, lets face it, if ANYONE should be able to make windows secure Microsoft should be the one, however in light of this recent incident I don't believe that it is even possible for windows to be anything even resembling secure. The first problem is the fact that it's closed source, the second problem is that it's sloppy, these two things make it impossible to improve (at least for anyone who doesn't work for MS) and impossible to find out exactly what is and what isn't secure, this should be reason enough to NEVER use this OS in any application where security is the key... but well, it's the government.

Re:They got the title wrong again . . .

[The+Welcome+Rain]

Actually, I thought the title was correct, but I'm not sure if it refers to the hacking of the website or the hacks who write Microsoft software. :)

--

Let the Government get scared of Windows!

[Ikari+Gendou]

This is a Good Thing. If they're scared that the new Windows programs are insecure due to the hack, they may look to other, decent operating system's like Linux or Open/Free BSD.

Let them be scared. Let the fear snowball.

How do you remove the undo history?

[antdude]

How do you remove this history? And for other possible history for confidential documents. Thanks. :)

Re: Security as obscurity

[chipuni]

The only addition to security that a closed-source software model adds is security through obscurity. In other words, it is harder to understand because you have to read the machine language, rather than the source code.

Time and time again, security through obscurity has failed. One article which goes into this in detail is: on Slashdot . (Or use your favorite search engine for the phrase "security through obscurity" )

If someone were to make an assembly-language hack against any open-source system, they would already have all the tools to hack any system.

No operating system can prevent physical hacking of the system. If you have enough access to a system to insert a boot disk, then you have enough access to the system to physically remove the hard drives and examine them elsewhere at your leisure.

Hole?? Threat??

[www.sorehands.com]

Is the concern because the source code was distributed?

Or is it that Microsoft so little knowledge of security that their own system is compromised?

Open source with many eyes can enhance security...Closed source that hackers have the source to is a security breach.

Re:Hole?? Threat??

[Graymalkin]

Open source != security!!!!!!!!!!
Fucking shit where do you people get this attitude from? Security comes from lots of places, none of which are source code being open for everyone to see. Linux doesn't have an A1 security rating dispite being open sourced, come to think of it no operating systems have an A1, the highest rated OS is Wang GS XTS-x systems. These aren't open sourced yet have the highest security ratings out of anyone. Systems get secure when they resist penetration better than nuns as well as not allowing trusted users too much freedom inside the system. If your security stops at the door you're fucked.

Re:Worse than you might think

[Dr.+Evil]

I gave it a very boring test on Word97... Using simple text, there are no problems.

I created a doc with the body of "This is confidential information" then the alphabet in lower case, then the same thing, except that it was not confidential information and the alphabet in upper case. I saved it, ran strings on it, and I saw all of my text (and the full name as registered in the product!)

I then selected the text with the mouse, hit delete, and checked strings.

All the information was gone... except that Word appeared to have taken the words "This is confidential information" as a title, and kept it in the document. The lower case alphabet was gone though. Of course my name was still there.

When I closed Word and reopened the second document using the run history, the undo buffer was empty.

Trusting Non-USA MS Employees?

[SEWilco]

"So the U.S. government trusts every single Microsoft employee with the authority to make changes to the source code?"

Does the USA also trust the non-USA MS employees and network?

Re:Worse than you might think

This is terribly frightening. It is against all computer security regulations to remove a MS document (in fact, any non-ASCII text file) from a system of higher classification to a system of lower classification. There's just too much possibility for a breach of security.
For instance, if a SECRET powerpoint file exists on a network rated for TOP SECRET processing, it cannot be moved down to a network that is only authorized to process SECRET - even if the data matches classification. Why? It's not just to be a pain in the ass of those who need to get information to different people - what if there is a graphic/textbox behind a "rectangle" shape that matches the background (white, in most cases - not hard)? You've passed that text/graphic without even knowing it.
I've seen this happen, and it's a nightmare.
BTW - even if you copy an ASCII file 'down', you need to do it with a special program to ensure that no extra bits are copied off the system...

Lo-tech solutions

[gte910h]

The most effective, most used, and most trusted security measures are locks, guards, vigilance, and effort. I don't care if you run triple-encrpyted, Extra-Tasty Secure BSD/Linux/WinNT..etc, if they have got to the computer, you are, for the most part, screwed.

That's why computers with secret/confidential/top secret data are physically locked up, and physically isolated from the internet. Places like the NSA run on a system where if an unauthorized person is in the room, flashing lights go off so you don't talk about secret things. You get layed out on the ground and searched if you have a badge that says "I need an escort" and you don't have an escort. These sorts of measures are what keeps us safe on a national security standpoint.

Insiders (i.e spies) in the Gov't are always going to be able to get to the data, no how many retinal/finger/rectal scans you require. Computers are not really a big issue. Sure, stuff like data left over on hard drives after you've "emptied the trash" used to be a problem. But that sort of thing has been covered now. People, as always, are STILL the only big security hole.

I am speaking from personal experience here. I work for a federal contractor that deals in information that requires a clearance.

I think that computer security issues apply much more to the real world then the military. But the rest of the government, well, that worries me too. And its still the people that worry me rather then the computers. A smart person with windows 95 is more secure then a stupid one with the most secure OS.

We better watch out then!

[dasunt]

Us slashdotters have better watch out, I'm told its pretty easy to get the source to linux. :)

Re:How does the hack change things?

[Kragg]

Generally, people writing code for a warship would want a safety-critical system. I think most safety critical systems are blue-screen free... While governments may use ms os's for their office type stuff, and they may be (just may be...) hackable, there's no danger at all of a nuclear plant blowing up, or some secret SDI platform in the stratosphere nuking Texas. Bit of a shame really...

Re:Troll Quotes (OT)

[MultimanZ]

And now you will see "Apparently slashdot is quoting trolls."

THEY WILL QUOTE YOU, TROLL.

Re:OpenBSD

[tssm0n0]

OpenBSD isn't as secure as you think it is.

Yes it is. It says so on their web site

Re:just listen to your mouth

[Elm+Tree]

Hey! Don't dis rot13! It worked for hundreds of years.. true that was about two millenia ago but...

Re:People need to realize

[SuiteSisterMary]

Especially if the system cannot tell the difference between a living person and one very recently dead.

Actually, I believe you can check for that by running a small electric current along the scanner surface; living flesh will alter the current differently than dead flesh. But I'm not so sure. :-)

Re:Trust? Not our gov't...

[CanadaMan]

AHA! good point. I would agree with you. I guess this raises the question of whether or not all of this talk about the dangers of hacking is really nothing more than government FUD/propaganda to allow laws that violate the constitution to be passed only so that the government can police the 'net. I think anyone with half a brain can see this point. It does not stand to reason that the military does not have access to the source of the operating systems that control mission critical applications. If that were truly the case, then one could argue that the US military has no idea how to run an effective military. Which would be scary as shit.

So what?

[DeafDumbBlind]

No system connected to the outside is 100% secure, be it unix, windows, MACOS, whatever. If it's a national security issue then the machines shouldn't be on the internet.
Regarless, the biggest security threat is the lack of dilligence displayed by users and admins. Far too many people use their name as the password or use no password.

Re:So what?

[Phroggy]

Duh. There's no fucking services running on a typical mac.

That was exactly my point. To get the same level of security on, say, RedHat, for example, you'd have to disable a whole bunch of daemons that are always installed by default, and that's assuming you can even find them. I know where everything is on Slackware, of course, but I've had somewhat-newbie friends try to lock down RedHat or Mandrake boxes and they can't even find which daemons are bound to some of those open ports. Obviously if you don't even know what services you're running, you can't be sure that you're secure.

--

Re:So what?

[Frymaster]

well, it depends on what you mean by "connect it to the internet". i've controlled macs across the internet using ana (the extension and app can be delivered via a simple AppleScript trojan).

i agree that the lack of command line make it more difficult to intuitively hack a mac than other os's, but remember:

a) AppleScript and other OSA implementations can be used as a fine substitute for a command line.
b) Very soon OS X will make even that illusion of security go away...

Re:So what?

[Phroggy]

Take a Mac. Connect it to the Internet. Do not take the four explicit steps necessary to render it insecure. Now try to access it remotely. Go ahead. I dare you to try.

While Windows always has TCP port 139 open even when file & printer sharing is not enabled, nmap can't even identify a Mac, because there are no open ports to get a TCP fingerprint from (assuming you haven't taken the first two of those four steps).

--

Re:So what?

[hammock]

A single user OS that still can't multitask or have protected memory can't go multiuser?

Get out!
MSDOS is pretty secure out of the box on a network too.

Re:So what?

[am+2k]

He wrote:
...Do not take the four explicit steps necessary...
You wrote:
...I disabled...
...it can also be disabled...

There's a small but important difference here.

Re:So what?

[Phroggy]

A single user OS that still can't multitask or have protected memory can't go multiuser?

Well, obviously it does the job. Hack it. I dare you.

--

(laugh)

[BSOD+Bitch]

:)

Re:you don't know what you are talking about

[WebCowboy]

I'm not sure how deeply you are involved in the technical aspects of your co-generation facility, but I must say that the statement that your entire emissions control runs on NT is probably not completely true. I don't dispute that your operating and engineering control workstations and perhaps other components of your DCS might be NT powered. However, the very important parts at the "front line" of the control system have no Microsoft code at all.

PC-based controllers most often use a customised, hard-real-time replacement NT Kernel. In the case of the controllers used in the Ovation system, architecturally they are pretty much the same as a PC (Probably a Pentium-100 to 133 with 8-32MB RAM. I Thing GE Fanuc or Modicon or someone has something like that too), but they run a custom RTOS, NOT Windows NT and NOT Solaris. Your systems also probably make use of Allen-Bradley PLCs, which while can take instruction from an NT-based control PC, do not depend on a controlling PC to operate.

It's been a few years since I've been in the control room of a generation facility and I'm sure NT has improved to the point that it can play a bigger role, but I bet that even today, the intricacies of start-up and shut-down sequences are NOT handled by NT-based PCs. I am aware that every important system in a generating plant has two or more layers of redundancy. I am unaware, however, of a completely NT/Commodity PC-based control system that offers true "bumpless" failover to a hot-standby. If there is such a beast, I'd be very interested in seeing it.

As to the comment that if your emissions control system goes down the plant goes down. I'm sure it would. But say some catastrophe were to take out all your NT worksatations (that can happen--remote as it might be). Without those important NT machines, how would the plant go about a safe, controlled shutdown? Probably with the assistance of a lot of embedded controllers, PLCs and so on. I'm not saying Windows NT is not to be found in important functions of a power plant. I'm saying that neither it NOR ANY OTHER non-real-time, commodity-PC-based operating system (yes that includes Linux--except perhaps the hard-real-time Linux some day) ever has a direct connection to systems that are "life-or-death" important. You might "run" the plant using NT workstations, but you probably "CONTROL" it with more specialised hardware and software.

OpenBSD

[TotoLeFoobar]

Hmm.. it would be so nice to see .govs running OpenBSD. Sure, they also need well trained staff, but OpenBSD makes the use of crypto much easier. (and no, this isn't an anti-Linux post, I also use Linux every day and it's a great system, but it also lacks "secure non-US distributions" where you could have all the Good Stuff already included)

Re:OpenBSD

[BSOD+Bitch]

Im running Solaris you idiot. Sun Ultra Sparc2. Dunno who the hell you are, but I wouln't fuck with me if I were you.

Re:People need to realize

[SuiteSisterMary]

I will point out that this conversation is quite civil, and I like it that way. Thanks for that. :-)

Points 4 and 5 have nothing to do with security. They had to do with good computing in general - always have a backup. I will ignore them.

I'm sorry, my good man, but that line demonstrates that you actually do not have any idea what 'computer security' really is. Two of the central tenents are data integrity and availability; you're just a fucked if a lightning storm takes out your harddrive as if a hacker does. Now, I'll point out that we're not talking single user operating systems in a non-networked environment; that's a contrived example that's against the slashdot article. They're specifically talking about using Windows OSs in a multi-user 'secure' environment. I'd really suggest that you find the O'Reilly book I mentioned, and read it. We're not really on the same wavelength here; I talking building a moated fortress, while you're locking your car door. :-)

Re:How do we resolve this paradox?

[johnathan]

Ok, troll. Surreptitious modification of MS code is a bit different than opening the source, don't you think?

--

now they are afraid?

[tolldog]

I find it interesting that they openly accept any software just because it is made by a large "trust worthy" company.
But since that software may have been compromised by somebody from the outside they are afraid.
What has kept Microsoft employees from doing the same thing? Or, as some would want us to believe, keep Microsoft from doing anything.
Any time a company (or a government) uses closed source software, there has to be a level of trust.

Re:now they are afraid?

[HiThere]

You mean the people who now trust them would remember their denial? That strains belief. If they trust them now, they've already forgotten many more then many false statements already made.

Caution: Now approaching the (technological) singularity.

Why Linux wouldn't be better...

[JFMulder]

Well simple, even tough Linux "could" be more difficult to hack than Windows (I'm no guru, so I'll just suppose it is), it's still as unsafe as Windows, because while WinNT code "could" have been stolen, Linux source code is available freely all over the Net, so if someone analyses it well, they could find a hole and exploit it, just as what they would do with the Windows source code.

Get over it

[foobarlabs]

It's most likely some gov't hack who needs to say *something* to insure his cushy job is safe. Nothing more. Remember when the US Navy had to reboot damn near an entire *WARSHIP* because it
had the bad taste to depend on M$?

The real CSIS article is here

[code_rage]

http://www.csis.org/homeland/reports/cyberthreatsa ndinfosec.pdf

The Microsoft angle is only one part of the report, which also discusses open-source, mobile computing, distributed computing, and nanotechnology. The specific areas of concern are predictably:
1. threat of disruption of communication
2. threat of exploitation of information
3. threat of manipulation of information
4. threat of destruction of information or infrastructure

Title has an extra word

[rknop]

It should read "Microsoft a National Security Threat".

-Rob

Correct Link Is:

[HiyaPower]

here

Gang, in the 80s it used to be that software had to go through a IVV cycle (independent verification and validation), before you could use it for anything critical. Admittedly, this slowed stuff down, but it had its merits. Even if M$ has the best of intentions and tries the best it can, I don't think I really, really want to bet my ass on their efforts. Do you?

Re:Um...

[Reality+Master+101]

There's a simple solution that Linux advocates use to give themselves perfect security: They just chant "security through obscurity is bad" over and over, and then they are magically secure!

--

Re:Worse than you might think

[HiThere]

But PDF's can be disassembled. If the text is there, then is could be peeled off. More to the poing, the black layer could be peeled off. I think that all that you would need is PageMaker and a Win32 (any version) system.

I must admit that I haven't tried this, but PDF's were never intended as a method for secrecy.

Caution: Now approaching the (technological) singularity.

The "Track Changes" feature

[alienmole]

For the record, it's not "Undo" that works across sessions, it's the "Track Changes" feature. There have been documented examples (i.e. not just apocryphal) of companies making available documents, such as contracts, which were edited with "Track Changes" enabled, and then sent out without removing the change history, so that simply by enabling change highlighting, details of prior edits to the document could be seen.

I haven't heard this story related to any classified material, but it's certainly quite feasible. Or, the commercial sector stories may just have been adapted.

re:Microsoft Hack a National Security Threat

[r-5]

An interesting theory that because attackers now may have microsoft's source its now a threat to our nation?, I was just wondering how that works when FreeBSD, OpenBSD and even Linux are all open source operating systems and does that pose a national security threat? No.. No it doesn't and almost all the major internet sites are powered by some form of an open source flavour of Unix.

Re:Worse than you might think

[HiThere]

Does XML count as text? What about hex dumps? There are lots of ASCII files that shouldn't be moved. Then there's the problem of steganography...

The "ASCII text" restriction isn't exactly an ideal protection.


Caution: Now approaching the (technological) singularity.

Re:How do we resolve this paradox?

[Jeremi]

When Linux's code is open, it is a security bonus. What bloody idiotic hypocrisy! You people should make up your minds.

What are you talking about? Any OS, when it source code is first exposed to the eyes of the masses, will become less secure for a short time (as security holes are found), and then more secure in the long run (as the holes are fixed). So for Microsoft, opening the source would be first a threat, then a bonus later on. Since Linux's source has always been open, there is no threat stage to go through; it's all bonus by now. Jeremy

Re:How does the hack change things?

[BSOD+Bitch]

Who the hell are you talking to?

Oh great....

[Dark+Nexus]

Guess this means that script kiddies can nuke countries instead of just other computers now...

(I know, it's not quite that bad)

But in all seriousness, this could be pretty bad. Who knows what kind of information is "protected" on windows machines. Who knows who might get their hands on plans for various weapons, etc, or just cause havoc with various databases throughout governments worldwide.

Maybe they should get some of those copy protected hard drives :)

Dark Nexus

Re:People need to realize

[BSOD+Bitch]

If you want a secure system.... Get digital Unix. It runs a 64 bit OS, which is actually unusable on 32bit Unix systems, or the 16bit windows systems. I believe there are some rumors going around about bringing Unix out to 64bit totaly. I for one would LOVE to see Solaris running like that. When I was in the army we used Solaris for everything. Security was a top issue. You can secure Solaris just as well as any other OS. It is just more complicated, and most people don't bother with it. When I got out 3 years ago I decided to buy a sparc and run it here.

How does the hack change things?

[JimDabell]

So the U.S. government trusts every single Microsoft employee with the authority to make changes to the source code?

Whether or not an intruder gained access to the source, the U.S. government would be fools to trust something for sensitive operations without performing a full security audit on the source themselves.

Re:How does the hack change things?

[BSOD+Bitch]

They talk about kids being on here but god. You must be an insane one.

Does this confirm suspicion of MS backdoors?

Since the US govt is now considering this unauthorised access to Windows' source code to be a 'security threat', doesn't that help to confirm suspicions that there is secret backdoors in Windows put there for the purpose of clandestine surveillance of Windows users? And now the cat is out of the bag.

euh what wrong with the link??

[}{@wkmooN]

well subject says it all ...

FINALLY! it has come!

[kinglink]

possible end to "NO SOURCE" Microsoft? Let's hope.. I for one would not mind.... But think of the scariness of Seeing Microsoft source would be? not only is it large and complex but there would be 100 bugs per page. You would have to get 100 men just to rework it and it would take them about a month at the least. :)

Re:How do we resolve this paradox?

[jhittner]

The difference is that Microsoft code is only open to people who will abuse it, and linux code is open to people who for the most part will analize it and make it better and more secure. I think the best thing would be for Microsoft to open the source completly (under a strict license so they can still make money) and benifit from open critisim on the net. I know that this will never happen, but its an idea

Nope

Are we forgetting that Perl and Shell scripts are also "small text file"-based.

ALMOST..

Perl and Shell scripts that are "small text files" can't be arbitrarily executed.. you have to chmod +x them first.

This is a subtle, but very important distinction. It provides a mechanism that stops arbitrary code from being executed. (The user needs to save it, then chmod +x it, then execute it)..

Granted it's not inconceivable that someone could write a MUA that would perform these steps automatically, but (in general) Unix programmers have more brains than this... which leads us to another issue: MS programmers (in general) wouldn't know a security hole if it came up and bit them on the ass (which, if you read NTBugtraq, happens pretty frequently :o)

The problem ... is the fact that a user on Windows is running as the equivalent of root.

Nope. The problem is that the system will run arbitrary programs based on the file name. The issue of "everybody is root" is an issue, but a minor one, as Windows is not a multi-user OS.

Re:So what? (corrected link)

[HiThere]

http://www.cnn.com/2000/TECH/computing/12/29/csis. microsoft.report.idg/index.html

If this doesn't work, the problem with the original link was a space after csis. and before microsoft

Caution: Now approaching the (technological) singularity.

Re:People need to realize

[IowaBoy]

Of course, the good old Mac OS has no root level access, so as off-the-shelf systems go is pretty damn secure. It also happens to be the easiest to use off-the-shelf OS going. ... Of course, Apple is shucking both ease of use and security with OSX. But then again, OSX is what you all said you wanted, wasn't it?

Win2000 is C2

[alacrityfitzhugh]

Need anything more even be said?

hrm..

[Twisted+Logic]

You mean using Microsoft software didn't pose a gigantic security threat before they were hacked?

Re:People need to realize

[darkwhite]

After the easy gains, easy-to-use and secure are mutually exclusive, because easy-to-use implies that there are fewer steps and checks being made, and that implies there are fewer steps and checks to bypass/fake if you are trying to breach security.

From a systems design standpoint, this is not fully true. Yes, there exists a balance between real usability and real security. However, a well-designed system can shift this tradeoff into the "it's not usable"-"system takes care of it" plane. A properly implemented system, with excellent design decisions, can greatly gain security while not compromising usability. As design of machines that directly interact with people improves, more and more features that were previously considered necessary hindrances or even okay-designed features will be replaced by user-transparent, "intelligent" features. For example, some recognition system based on some combinaton of biological analyses will sooner or later replace the current scheme of entering a user name and a password to gain access or sticking a key in the lock to unlock it.

Re:Um...

[Phroggy]

Wouldn't know the system's underlying code make writing assembly-based hacks a hell of a lot easier

How are you going to get that assembly code to execute on my box, with sufficient privaleges to trap for that kind of behavior? My server is set up in such a way that gaining the level of access required to run your code is (hopefully) very difficult.

Whereas with closed source, you really don't have a full understanding of how to attack it.

Don't be so sure. Someone goes looking, and finds a security hole in a closed-source OS. Nobody else has seen it, because nobody else was looking. They write a program to exploit that bug, and distribute it. You now have a security problem.

The open-source difference is, lots of people are looking at the code, and bugs are more likely to be found. Since the people finding these bugs also depend on the software themselves, they're quite likely to report the bug to someone who can write a patch, or patch it themselves and submit their patch to be reviewed and distributed.

--

you don't know what you are talking about

I'm a CRO at a mid-size co-generation facilty and our entire emissions control system is run on NT 4.0. If our emissions control goes down, we shut down. An increasing number of newer facilities are using Westinghouse Ovation as their DCS (distributed control system). Ask Westinghouse, about half are on solaris and the other half NT 4.0. Sure, there is usually at least one if not two layers of redundancy, but if you lose your dcs, you will shutdown.

Re:People need to realize

[dbarclay10]

Security and ease-of-use are mutually exclusive, and are usually inversely proportional.

I disagree. In many cases, yes, security can limit useability. For instance, the most secure system is one that has been broken down to its individual molecules and scattered out into space on a hundred million different probes. Of course, at that point, it's not very useful.

But let's look at it this way. We'll consider a default Window ME install to be very useable, but rather insecure. Now, add a small filesystem layer that encrypts and decrypts everything to and from the hard drive. Replace the usual login password with something that checks an individual's physical traits(such as DNA or maybe fingerprints). Make sure that it's checked as soon as possible. I'd replace the BIOS with whatever checks for the DNA/fingerprint. We'll also assume this workstation isn't physically connected to any other.

All of a sudden, you have an incredibly secure system, with the same useability(maybe a little slowdown for encryption/decryption, but there are fast, secure algorithms availble). So no I've already refuted the "inversely proportional" part.

Now, I've yet to see a security implementation that doesn't hamper useability in some form, but to say that it's impossible is downright moronic. Just because you can't think of a way to do it doesn't mean it's not possible.

Dave

Barclay family motto:
Aut agere aut mori.
(Either action or death.)

People need to realize

[SuiteSisterMary]

It's not that difficult folks; just remember the golden rule:

Security and ease-of-use are mutually exclusive, and are usually inversely proportional.

And remember, neither Linux nor BSD, nor any other OS you can probably name, are secure. Security is a) more than just the ability not to be hacked, and b) more than the OS. A truly secure OS doesn't have the concept of root, for example, and requires hardware support for quite a few of the security features. In other words, by definition, any OS you can a) buy off-shelf at the mall, or download freely (as opposed to 'a free download) or b) that runs on 'commodity' hardware, isn't secure. It might be 'secure enough for my purposes,' but that's it.

Worse than you might think

[phinance]

It's worse than just trying to fight off skilled crackers, etc. During a brief stint at Los Alamos as a researcher I heard this story: The classified portions of an MS Word document were highlighted and cut out so that the document could be sent to individuals without the proper clearance. Unfortunately, because the "Undo" feature works across sessions (the undo information is stored in the saved document) all the uncleared recipients had to do was Edit->Undo to see the classified portions.

The lab could educate the secretaries and researchers about the "gotchas" of every commercial product they use (and they do try), but people are bound to forget or make mistakes. If they deployed open source software they could inspect and modify the code to make these holes unavailable.

They got the title wrong again . . .

[Kreeblah]

It's not Microsoft Hack a National Security Threat. It's Microsoft Windows a National Security Threat. How many security holes can people exploit in Windows? And the gov't uses Windows in its networks? Sounds to me like we've got a genuine National Security Threat (TM) . . .

We already knew this,but apparently they didn't...

[juliao]

Critical systems, either from a security or from a reliability stand-point, are very different from retail systems.

You can never be sure of anything unless you check it yourself. Mere "trust" is seldom an option when it comes to mission-critical applications. And while trust if acceptable in commercial systems (if it breaks, let's sue them) it just isn't an option when break-of-trust involves lives or national security.

That's why I understand that banks use Microsoft products, but i get very scared when aerospace or medical systems even go near Windows...
-----

Re: Your sig

[PurpleBob]

Did Nostradamus really say that? I thought he predicted the world would end last summer, so I can't see why he'd make any further predictions. But if he did say it, that is really damn funny.
--
Obfuscated e-mail addresses won't stop sadistic 12-year-old ACs.