Slashdot Mirror
Gates Says Windows Reliability Is Greater
mogrinz writes "According to an interview with the New York Times, Bill Gates is proud of the achievements Microsoft has made in increasing the security of Windows. As for the effects on people being attacked by SoBig.F, etc? Gates says this is "something we feel very bad about". Gates summarizes the Microsoft position very succinctly: "We're doing our very best, and that's all we can do"."
Bill's made it possible for any random high-school loser to destroy $14 billion of other people's hard work. He's soaked the world in gasoline and handed out a billion matches. That's an "achievement"?
Why? His company released a patch to fix it a few months before the attack started.
Would Linus feel particularly hurt if a worm went around that attacked kernel v0.94 ???
Tom
Someday, I'll have a real sig.
http://www.nytimes.com/2003/08/31/technology/31SMI C.html?ex=1062907200&en=97bebbbc61452055&ei=5062&p artner=GOOGLE
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
They didn't even bother locking down any of these dangling ports until somebody exploited the fuck out of them. Now they are at least going to ship Windows with the Internet Connection Firewall enabled by default, which is a good thing. They are a reactive organization - it comes with the territory of having a dominant market position and being scared shitless of change, unless and until it forces itself on them, usually by inducing fear of losing the dominant market position.
Say what?
A patch for the blaster worm came out before the attacks. People [regardless of the OS] are just too stupid to run the fucking update process.
Even if they ran FreeBSD they'd have to keep ontop of updates. That is unless they want their apache server to get rooted or their ssh daemen pwn3d or their wuftpd completely j4ck3d.
Tom
Someday, I'll have a real sig.
Whether his best is good enough is indeed an interesting question, but the world has obviously thought they are good enough since his companies products have sold very well.
Microsft software was never designed with security in mind. And it was and is not their primary goal, even now. It is quite different than non-Microsoft software.
If security were *that* important, wouldn't they take some of those many *billions* and actually make that silk purse?
Consider even just today's news post on Slashdot. Each and every one of them is about Microsoft is about money, and *not" about fantastic security advances. And yet the security problems plague us everyday.
Microsoft Introduces IM Licensing
Microsoft vs. Burst.com
Now that's just mean.
If by reliability, you mean it's ability to function in a proper way without self-destruction, I'd say he is succeeding. Windows XP is indeed better than the previous offerings. Once upon a time, you didn't even have to touch your computer and it would spontaneously have problems. It has gotten much better. Now, it's resilience against the evils of the internet...
That's another story. Indeed, Gates should institue a moratorium on new projects until the old ones can become stable enough to actually properly handle the internet.
Sobig.F is a good example of how fundamental the problems with Microsoft software is. The changes required to secure (pick one: Windows,IE,Outlook,Exchange,IIS) need to happen at the API layer. Unfortunately, this would take industry-wide support, something not even Microsoft can make happen overnight. It would seem with all the money companies already have invested, there is a lot of corporate inertia to overcome.
You can't legislate goodness. Let each to his own destiny, by will of his freely made choices.
The truth is, every other mainstream OS has solved the security problem better than Microsoft. Most other OSes, especially *nix ones, have a philosophy of least privelege. But not Windows - its big "innovation" is to bundle the (insecure) web browser directly into the OS and enabling all sorts of nifty auto-executing controls so that drooling little kiddies all over the world can pass the time by bringing random network-connected Windows machines to their knees.
The usual refrain from Microsoft and its apologists is that its software is attacked so much because it's so popular. No. It's attacked so much because it's so easy to do.
Buffer overruns are as old as the hills and not Windows specific per-se. But this just highlights how hard it is to get people (in this instance just about everyone in the SDLC) to do the right thing. These things are so prevalent because of various combinations of factors:
- programmer ignorance
- management blindness
- marketing pressure
- auditing failure
Even if only one of the above factors was strongly mitigated you would get a massive reduction in these slipping through.
At the very least, there must be some level of automated checking of code to check for the grossest and most repeated coding mistakes.
The world doesn't care if security is good enough.
MS give people what they want, not what they need. Combined with their marketing bulldozer, ofcourse they're selling well.
If any other OS should have a chance to compete, it'll need to think about what the end user looks for, not what they should be looking for.
With the resources of the OS community it's not at all impossible to create something secure, but still as userfriendly as Windows.
The next great MMORPG.
Dear Bill: Would you please give me one good reason why a system intended for home use needs to implement remote procedure calls at all?
Would you please point out one benefit this provides to the average home user?
"How to Do Nothing," kids activities, back in print!
The only way m$ gives people what they want, is by looking to their competitors and ripping off their ideas (Dr. DOS, Netscape, word perfect, etc.. ) .
Constant feature bloat does not lead to a secure product.
most UNIX variants have it right, provide a solid securable platform for developers, not a competitor for developers.
Agreed. Microsoft took the appropriate actions. They recognized the problem, and released a fix far before any damage was done. They even made AutoUpdate enabled by default, to cover the rear ends of lazy/unknowing/careless users. I think Microsoft is making steps forward - small but important steps, such as ahead-of-time patches, offering a foundation for cooperation with 3rd party IM client producers, and admitting to and showing indications of intention of addressing security and stability problems.
Microsoft has a long way to go. There's no doubt about that. But *some* of the recent news concerning Microsoft has surprised and pleased me.
If users would leave AutoUpdate on, or take the time to check for patches once every week or two themselves.. and MS doesn't bloat 2004 and instead focuses on security/stability... I think things will be just fine.
"The Tree of Liberty must be refreshed from time to time with the blood of Patriots and Tyrants." --Thomas Jefferson
"We're doing our very best, and that's all we can do"
In the words of George Carlin: "If this is your best, perhaps you should keep it to yourself."
Great. So my choice is to remain vulnerable to a hole in Windows, or install a patch that brings a draconian EULA that allows MS to do whatever it wants with my machine. Remind me again why Windows is a good choice...
I think the key is "systematic".
Or you could... *not use IE*
There's a concept.
I think also that the level of integration with the bulk of the OS is in need of dire repair. All of these applications cause the most problems, and due to thier integration, a comprimise in say IE usually results in the entire system being compromised. Making these programs function the same as any other program in windows would solve some of these problems I think.
If you're worried about draconian EULAs, why would you be running Windows in the first place?
Before everyone starts chiming in on how real system admins would have been prepared. Remember a few things:
1) After being burned by a few bad patches, some corporations now have a policy that specifically states that patches must be tested first. With the huge amount of patches that is released by MS, this is a full time job.
2) Remote users (laptop users, VPN users, etc.) are like sailors coming back from overseas. Who knows what they were exposed to and what viruses they have. This is outside the control of most admins.
3) Microsoft itself was not prepared for Slammer. SQL servers that were being used in a development environment (read outside of normal sys admin networks) were not patched. With large organizations, sometimes there are unknown, rogue installations.
Well, there's spam egg sausage and spam, that's not got much spam in it.
actually linus might take it pretty personally if there was a hole found in linux that affects every linux kernel from 0.94 to 2.6test4.. even if he did then release a patch for it a bit later.
(as equivalent as the holes that have found to be in all nt based ms os's)
-
world was created 5 seconds before this post as it is.
Turning off AutoUpdate is a scary thing, in the case of the casual user. This is one area where I wish there was *more* harrassment and hassle required before disabling could be accomplished. A big bold warning box as soon as that checkbox is clicked, and another when the changes are saved. Many of my non-technical friends have heard about the 'insecurity' or 'privacy concerns' that are 'inherent' in auto-installs such as AutoUpdate and virus definition updates... and so they figure out how to turn it off, not knowing that THAT is the most dangerous thing they could do.
The harm caused by a worm to the user who disables AutoUpdate is his own responsibility. But the warnings should be more clear and in more places, when one considers what you pointed: that the user's choice may very well prove harmful to countless others. It is his machine, it is his choice. But he should be compelled by the software itself to make that choice in a more educated fashion.
"The Tree of Liberty must be refreshed from time to time with the blood of Patriots and Tyrants." --Thomas Jefferson
Like you, I find the $14B figure highly suspicious. However, I cannot help but notice how much things add up. My company's cost for the last few virus/worms is tens of millions in helpdesk time (all metered, hence easy to count), plus lost productivity. Take a high-level engineer whose lab time, including salary, equipment, real estate and benefits come to $250/hour. Have him spent the morning fiddle with his Windows machine that has to be brought up to the last service pack, then rebooted 3 times, then he has to download and install three patches from saturated servers... (even if the guy actually never caught a worm and wasn't dumb enough to open an attachment titled "Free XXX Pics!", Networking won't let him reconnect before he patches his machine). And even on machines that said engineer has carefully kept patched, Networking insist that he downloads and runs an update verification program that will certify this machine is indeed patched. Oh, and the verifier is a bit buggy so on some machines, you need to tweak it before it runs correctly.
And soon your cost is a cool grand. Multiply by many, many instances all over the world for every outburst. It adds up quickly.
Meanwhile, of course, the Linux machines in the lab are perfectly happy. It's just that the engineer needs Windows to access his email because of the boneheaded all-Windows desktop strategy that the higher-up morons barfed on unsuspecting cubicle dwellers. But that's a different problem.
Don't tell me that these procedure are wasteful and inflexible. I know it. Unfortunately, that's still better than sending helpdesk technicians to each machine, which is even more costly.
So the total figure can easily come to billions because of the huge mandatory waste of time to update and run the verification program on each machine.
Right now, this weekend, in many colleges and universities, thousands of IT depts and student/faculty helpdesk techs are running around like crazy patching machines of students coming back to school. The cost for our local college alone (5000 students) is estimated at $15-30 per student. Do the math.
Conclusion: The $14B might well be optimistic after all.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
Ahh their position for everything. The RPC 026 vunerability was discovered by a 3rd party.. not Bill's code reviews. The vunerability was in OLD code that existed back on Win 95... carried forward to the current versions. Even for those that deployed the fix, unless you had 100% coverage, you suffered the effects (Blaster.D ping traffic). And of course you lay blame with the very people that support your defective products (it's THEIR fault the fix wasn't applied).
Great question, lame dodge.. and the 'solution' you propose will not fix the problem, but will only satisfy another agenda.
Understand this, Gates: MS products are riddled with vunerabilities by the nature of your very development process. Peer review process is either non existant or done by folks who wouldn't know a Buffer Overflow if it smaked them over the head. Your programmers can get away with writing crap and because of the development model and your tight release schedules are forced to use 'quick and dirty' rather than 'quality' and 'wide peer review'. Code is slapped together and tucked away in a vault never to see the light of day... and forgotten. That is the best you can do with your business model - and it is not good enough and never will be.
Give me open source any day: worldwide peer review.. garbarge code is rejected and sent back, fast. A developer learns very quickly in this development model to use best practices or face rejection. Can't get away with 'quick and dirty'. And the funny thing is this cannot be bought. IBM realizes this.
Lawsuits won't fix this.. Marketing slogans won't, either. Insecure by design.
1) firewall on by default or equivalent
2) Separate Securtiy updates from feature updates so that sys admins will be less reluctant to apply them to stable reference platforms.
3) make the system default to autoupdate so that nearly all desktops will be patched.
4) "Behavior Limitation". By which I assume he means something like requiring root privliledges for some operations, and not making the user root by default.
If they do all this, and it sounds like they will, then it would seem that Windows will soar past Linux in security. Because Microsoft controls the entirety of their "distro" they will be able to have a robust patching mechanism that GNU/Linux with its highly custom configs wont be able to do (robustly at least). Moreover MS is mocing towards an instituinalized formal system for checking every line of code for sommon security errors like buffer overflows. Linux/GNU is dependent on developers checking theirt own code and the results will vary, and exerience will not be instituionalized.
Sure they've gotten hammered but the comment lament on Slashdot is that "boy they are dumb. if they just did a few simple things this would not happen. linux Rulez". Well apparently they are goinf to do a few simple things and a few more. How is the Linux desktop market (aka common user) ever going to succeed if it cant match the future windows for security.
Can someone please explain why after these changes Linux is somehow intrisically better than Windows has the potential to becomein terms of security?
This is a legitimate question, flamers will just be proving my point.
Some drink at the fountain of knowledge. Others just gargle.
Duh... people on my side disable their auto update because they own a illegal copy of windows and they don't want to be busted.
There--- Used the code you told me to.
./crashlinux
...
bash-2.05b$ echo "main(){for(;;){fork();}} | gcc -o crashlinux && chmod +x crashlinux &&
>
bash-2.05b$
Seriously: 'format c: \q' should do more than that, but you had to create some smart script and hope that we added an extra '"'
Windows update needs a little work. Its a pain in the ass. It pops up while your doing something, wihtout thinking you hit remind me later, because your in the middle of something and dont want to have to wait for it to install and the reboot the computer. What they need is a remind me at next shutdown option. I dont run windows update all that often because i'm always in the middle of something, but i know i wouldn't mind spending an extra five minutes before i shut down.
"Sic Semper Tyrannosaurus Rex."
I agree with you, but I was pleasantly surprised to find that a lot of users actually cancel Windows auto updates when they become available because they think they're viruses attacking their computer...
No, actually many users disable auto update because Microsoft has a history of releasing updates that break other functionality. When your business or work relies on computer uptime, having this broken functionality happen is unacceptable. Therefore many folks 1) test the updates on non-essential systems which may take time given the extent or number of systems affected and 2) wait for bugs to come out or problems that others report because of the updates. The other issue is that many folks that use computers use them to get work accomplished and not to "be using computers". Their needs may be such that spending lots of time managing the computers is time not spent accomplishing their goals and yet they are not big enough operations to hire dedicated IT folks.
I still have some needs that are being met by Microsoft products and most likely will have for years, but I have been moving as many essential tasks as possible onto other operating systems (OS X) because of the security issues, reliability issues, management issues and others.
Visit Jonesblog and say hello.
I like your idea about seperating critical updates from feature updates, but there is another problem. Microsoft frequently puts nasty licensing changes on their click-through agreements for updates. You may ignore this, but a business can only do so at their own peril.
"Sorry, we haven't installed the blaster update because we have not yet cleared the EULA with our lawyers..."
While that update may not have something previously unseen in it, we have all seen this in security updates and in media player updates (remember that media player has some arbitrary code exploits that are exposed every now and then... to fix those you need to update media player and 'agree' to their fruity terms).
With the likes of the BSA, software licensing can cause a business alot of pain. On the other hand, actual virus/worm can be blaimed on evil hackers, avoiding litigation.
Business will update more when it is not a legal liability to do so.
"Never, never suspect the dreams within the dreams of dreaming children." ~The Amazon Quartet
Funnily enough, that same tactic works on Windows. Making it worse, Windows doesn't have something like ulimit.
Heck, one copy of I.E. all by itself can make Windows unusable by eating up CPU, memory and GDI objects.
How is it Bill's fault that users are stupid with regard to e-mail attachments? Is he going to come to people's doors and tell them not to run attachments?
Honestly, jamie, that was a cheap shot that had no basis. As if sendmail hasn't had its share of problems over the years. Imagine if it had the marketshare Windows has.
"Sufferin' succotash."
When auto-update stops trying to patch apps I don't use or want installed maybe I'll consider enabling it. Suddenly finding WMP9 installed would seriously annoy me for instance, finding Outlook executable would make me litigious (can't be run on my PC and I have no address book for viruses to find).
Until it distinguishes between critical, must have patches and whatever shovelware M$ wants to inflict on users a lot of us will keep it disabled.
Its also going to take a long time to lose its well earned reputation for breaking systems. We remember the bad a long time, and M$ havce been very,very bad.
...except the credibility that they actually will do it, instead of talking about it.
Linux/GNU is dependent on developers checking theirt own code and the results will vary, and exerience will not be instituionalized.
Really? In my experience, there are quite a few people that "check out" the code without actually developing it. Not to mention people testing out automatic error detection systems, I know Linux has been getting good help from research in that area.
Can someone please explain why after these changes Linux is somehow intrisically better than Windows has the potential to becomein terms of security?
You speak as if they've already happened. Of course Windows could simply copy everything Linux has done, there's no magic over it. That aside, I don't think it will. Primarily, because it doesn't sell as well and because security is sometimes inconvienient. Windows has been building their market share on those new to using computers, and more are still joining. But I don't think Microsoft can hold on to being both that and the professional OS.
Around Windows 2000, I really thought they could. It was stable, clean and professional, and in general vastly superior to the Linux distros of its time. After WinXP, the "plastic" theme and setting up all the users as administrators in the *professional* version, I don't believe that at all anymore. I this you should ask the reverse - what is it Windows can do that Linux doesn't have the potential of doing better, not to mention cheaper (free) and with greater flexibility (access to source code)? I certainly haven't been impressed with the "improvements" I've seen lately...
Kjella
Live today, because you never know what tomorrow brings
The Linux I run on my computers today works a lot better than any combination of wishful thinking and promissory notes about future Microsoft products.
Windows' so-called potential for improvement is so large because it's so far behind. In any race, the smart money's on the consistent leaders, not on the lame duck with "great potenrial".
Sure, I'd be happy to explain after those changes actually happen. Until then, I'd be trying to compare actual working software with vapour. And that would be silly.
For those who are completely ignorant of computer security and never update their systems, they are akin to someone buying a power tool, not knowing how to use it, then trying to sue when they lop off a body part. You don't blame the manufacturer for those problems, you chalk it up to natural selection.
For those who are a bit more knowledgable, there is the issue of trust. After having used Microsoft's products for roughly 2 decades(since msdos), I feel I can't trust them to do something right anymore.
I know of people who got burned by the auto-update feature and their system was rendered unusable until they either restored or went into safemode to undo whatever "fix" was applied. Granted this is better than the "good old days" when a patch might require a clean re-install. Lots of good weekends gone to waste because of MS's "fixes".
Just this past week, I installed a update and suddenly, I couldn't make backups of my system because Autoupdate dinked with the drive access dll's. Thankfully, this only required the re-installation of the backup software to restore the DLLs to a working condition, but at what cost to the other parts of the system?
I have auto-update's download feature enabled, but I review the updates before installing them. I didn't get hit by the worm since I patched my system almost immediately after the fix came out.
The problem can't be completely attributed to users or to the producer of the software. But when the design of the software is so buggy that after literally tens of thousands of fixes, it is still riddled with security holes, you have to wonder if they are truly serious about security and about delivering a quality product to the end-user or if they are trying to do just enough.
It is understandable that MS is saying that they are doing the best that they can. That is all well and fine. But there is such a thing as their best not being good enough. Especially when there is so much slack to be made up for.
There is also the issue of this "got to be secure" attitude is recent. If it hadn't been for Linux arising quickly in the server and business markets both domestically and globally and if it hadn't been for the recent DOD government contract renewal, do you think MS would be so hot to trot to respond to problems like this?
Having watched and used MS's products for as long as I have, my personal opinion is that they've got a long way to go still and they aren't breaking even.
Winged Power Photography
> I've said it before and I'll say it again, there are no changes you could make that would stop SoBig from spreading except not allowing users to open attachements. All the crap about "In Linux you have to save the attachment, make it executable, and then run it" is crap, because that is what the users would have done. They WANTED to run the attachment. If it took 2 extra steps, they still would have run the attachment, because that was their intention. SoBig was a user stupidity problem, pure and simple. They wanted to run the attachment and did. Adding 2 more stpes wouldn't have changed that.
Part of SoBig was the Trojan port it opened; that port needed root access to do real damage to more than the original user.
If this Linux user were to have saved & opened that Linux SoBig attachment, then only that user's work would have been affected, not the whole system. Most MS users have Administrator access enabled on their accounts so they can conveniently install software and have that software run; a running SoBig in *this* environment threatens the whole machine.
Linux: +1, MS: 0.
The biggest problem with windows update is that it doesn't include any sort of "Criticality" level that indicates what should be applied, and what shouldn't. The hotfix for the blaster worm was rated just as high as an upgrade to MediaPlayer 9. Until Microsoft releases some sort of control for the sys-admins over what updates are applied, no network admin in the WORLD is going to allow windows update to run automatically. What happens if someone cracks the windows update site and manages to upload a signed trojan? Congratulations, he has now successfully 0Wnzored more boxes than anyone else on the planet.
And let's not even mention some of the "Updates" that microsoft has put out. Or the hot fixes that you have to de-install to install service packs, or any of the other muck-ups that they've managed to pull off...
Well, if those applications weren't so tightly linked into the OS kernel, microsoft wouldn't have that monopoly. So, yes, windows (any version) is intrinsically less secure than any OSS, because of microsoft's business model.
I agree that automatic updates should be something every causal user should have implemented. They simply don't know enough to properly administrate a computer and keep themselves from getting viruses and such.
However, I also think that the community as a whole is a bit irresponsible. If you should something long enough, soon people will hear you... and when I find people I know talking about Linux who really don't know anything about computers, I'd say the voice of the community is certainly reaching the average user. The FUD coming from this side of the fence nearly equals that of Microsoft. Despite what everyone thinks, Microsoft isn't necessarily out to get everyone when they change their EULA that allows them to do something they couldn't before... companies have to cover themselves from frivolous lawsuits as well, and I would think that Microsoft is more wary of this due to the hostility and negative image with the courts.
So, after so much screaming and yelling that Microsoft's updates are the devil, is it any surprise that people have learned how to disable it?
If you were a subscriber to NTBugtraq (as any sys-admin who has to wrangle MS boxes should be), you'd know that Windows Update has been having critically serious problems in the last few months. Problems that have broken systems, or worse, claimed to have patched them and NOT ACTUALLY HAVING DONE SO. Granted, the *concept* of auto-updating is good... but its fairly clear that MS management isn't doing the quality control necessary on the updating wizard *or* on the patches themselves properly. Take a look at the increase in "patch recalls" in the last 12 months. My concern is that critical personnel have been lost (no, software people are not interchangeable entities, my dear managers) in those areas of MS where they're needed most.
Guys
One common theme I see frequently throughout this thread is the constant assertion by linux users that MS products are fundamentally flawed out of the box and lead to all kinds of security and other problems for end users. However, when they make this comparison, they invariably take the non-computer literate windows user versus someone who has a fully tweaked linux box as their example. This to me is completely unfair on MS. The person who has the linux box is invariably far more PC aware and has done all sorts of tweaks and updates to get their box the way they want it. If that same, computer-savvy user were to apply themselves to setting up a windows box, they could achieve similar levels of reliability and security that they can on their linux box. On the other hand, if that joe bloggs, barely-knows-how-to-switch-it-on windows user was to try and install a linux distro, even one of the up to date ones, and I guarantee he will have an unusable comp and be looking at a re-install within a very short space of time.
I consider myself fairly computer literate and am running xp pro on my main box at the moment and have to say its the most stable, reliable os I have ever used and this includes several linux distributions. The box is up 24/7/365 with only occasional reboots for patches and so on. I run it behind a NAT router, use zonealarm, have up to date AV software and am up to date on all security alerts. These precautions couple with that most valuable of commodities i.e. common sense and I have never had a virus or security problem.
Its not that I dont like linux - I have been using it on a secondary pc which I like to dabble on - i have used RH 5.0,5.2, COL, SUSE 6.0, MDK 8 and currently RH 9. I went through the whole linux addiction, compiling apps and kernels like nobody's business but since getting married dont have the time to go and search for a new version of gcc or glibc because I want some plugin for xmms and have broken dependencies. Windows lets me get things done quicker and to me is more reliable - FOR THE AVERAGE USER.
So please people lets compare apples to apples in future when slating MS.