Slashdot Mirror
TCP/MS, We'll Cure What Ails You
Cringely can string some words together from time to time, and this week's installment is a pretty good one. He's been reading a little too much Gibson (raw sockets have nothing to do with the spread of MSTD [?] 's), but overall, he's probably right. When the time is ripe, I think we'll see a move exactly like this.
While I can't help with 2-4, I wrote 2 things that help with #1. My web site offers to ability to Test Your E-mail Defenses by e-mailing you a harmless VBScript file. (It reads your registry, but doesn't change anything or send any info out.)
I also wrote Script Sentry which traps those VBS scripts (as well as DOC, XLS, SHS, SHB, REG, HTA, and more), shows you details as to what it would do if run, and lets you decide whether or not you really want to run it. So if a user opens up that new Love Letter they just got in the mail and sees a "This will change your registry" message, hopefully they will be scared/wise enough to cancel the action.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Someone needs to write some viruses that do the following things:
1) educates -- infects your computer and gives you
a multimedia presentation on flaws within "Hi! I'm Victor Virus!
I'm an Outlook Virus. How did I get in your machine?"
2) secures -- "Would you like me to install a Zone Management
package?"
3) explains alternatives -- "Did you know there are other alternatives
to Microsoft?"
4) Highlights Microsoft abuses...
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
Actually, I've heard that IPv6 is not popular because none of the current backbone equipment will switch it and no one wants to be responsible for conversion from v6 to legacy IP...
If MS's implementation is buggy/not compatible, then it probably won't work through any switches or routers, and they will have to change it. IPv6 does have some provisions for vendor specific fields, ala Kerberos, but that'll go over about as well as MS's TNF email format (read 'not at all'), esp. in such a wide open environment as the 'net.
After all, it's not called the INTERnet for nothing. However, I don't doubt that they will be able to push their proprietary extensions into corporate environments, but they really already have done that (SMB & MAPI).
The reality is that TCP/IP is really too low level for MS to worry about. There is no added value to controlling packets, only the payload, which is why they are pushing
Chris.
-- I don't have a cool sig.
Cringely makes a very astute observation: How did MS manage to avoid having all those VBS viruses tagged as MS Windows viruses or MS Outlook viruses instead of "email" viruses?
Laws affecting technology will always be bad until enough techies become lawyers.
We could implement a secure user identity system precisely like telephone Caller ID. It would be essentially an Internet ID. All Internet transactions could be based on it. Anyone who sends me e-mail can be identified. Anything I send can be traced to me. People wouldn't be forced to participate, but if they remain anonymous, I might choose to block them. I certainly wouldn't accept file attachments from them.
You can already do this. You can trace email. You can block email from those you don't know. And this system won't work to block email worms because usually they come from people who you know.
Get with it, man!
Dancin Santa
SO don't be so sure that something like this would save the world. The infrastructure you describe is daunting to say the least with smart cards, and keys, etc. Just ask anyone who has tried to implement an enterprise sized PKI - its a scary task and its not in Microsofts interest - they'll probably continue to use plain old userids and passwords.
WHich will make for funny TV the next time there is a worldwide virus that wrecks a lot of systems, the FBI will track the virus using Microsofts info and arrest some poor grandma who had her credentials lifted.
Top Most Bizarre/Disturbing Error Messages
This seems like a nice idea, but I'm not for it, and I'm not sure if it even feasible. An IP address is already like caller ID.
Lets say you were assigned this new unique ID. Who's responsible for ensuring the identity of the payload remains unaltered? The software maker? That sounds familiar! Today, when you send mail, your message might sit at several relays. Is it up to the mail server to implement tracking of this ID? Could you not simply make a mail server that ignored this precedent and spoofed whatever it wanted? This seems the same as someone getting a shell on a box and running some kind of custom relay meant for delivering spam mail anonymously.
I also can't imagine a business deciding to ignore mail based on the lack of this identification. If you have to favor security over a new customer, you have other problems.
The funny thing about this article is that a PC implementing his ideas for security could easily exist now, but the fact is Microsoft isnt going to do that. If they can't follow measures to implement good security now, why would they under this new system?
Personally, I hope the answer to all this DOS'ing does not involve me losing what anonymity I do have (which doesnt seem like much at this point anyway).
We already have a replacement for IP that does many of these things. It's already supported under Linux, and probably a couple of other OSs I don't know about.
It's called IPv6, and it has QOS, guarenteed delivery, traceablity, and a whole host of other goodies. C'mon, do you really thing Cisco would let MS take away their bread and butter? IPv6 has been in the works for years and was designed specifically to solve all of the issues he mentions. I guess he thinks that only MS is smart enough to develop a new protocol...
This whole article is a red herring, and Cringley's about a technically literate as a door knob.
-- I don't have a cool sig.
When i worked at a Air Force base - and we had perfectly good Sun Sparc20's running as our servers (mail, dns, SQL, etc)...
.NET.. why should we think that they will stop there?
my boss told me that because we were upgrading to Windows 95.. that it was time to ditch all those servers and get Windows servers with Exchange, et al...
i asked him why should we get rid of our perfectly running servers which had given us no trouble at all just to move to Microsoft? "Because, we're getting in contractors now, and they only know Windows Nt 4.0."
Later on, it was then decided that instead of bases having their own servers and their own email systems, that now that we'd all moved to Exchange, that we'd all put our GALs together (Global Address List - the list that Outlook/Exchange VBScripts use as their distro lists to replicate themselves), then we'd really kick ass.. no more joe.blow@otherairforcebase.af.mil...
my reply was - um... LDAP servers? open Source? Hello? Anyone?
well, skip ahead to today - the US Air Force (and soon all of DoD) is going to be moving from its now Air Force-wide GAL (why we just pull the plug now during virus scares and why we were down for weeks during Melisa) to Active Directory.
back when i shut down all my Sun boxes.. i told my boss that this was just stupid.. why should we give up on what works just to buy what Microsoft is giving us? Their goal was not to give us good products, but to get us to buy their products... and things like Exchange, with its GAL, are just the first protocols that they are trying to hijack and take back on the internet... eventually, all the open ones would be overthrown by the new default MS proprietary ones that would ship someday with newer versions of Windows.
I thought it might end with email.. but i see that i'm wrong.. i agree with Cringley... its going to go all the way.. and we have no way to stop it..
MS will take over the internet.. they are already took over filesharing with SMB, they are taking over email with Exchange, they have taken over HTM L with Explorer, they are trying to take over java with
sigh.. oh well..
guns kill people like spoons make Rosie O'Donnell fat.