Slashdot Mirror
Gates: 'You don't need perfect code' for Security
securitas writes "ITBusiness has an interview from the Microsoft Professional Developers Conference where Bill Gates says 'You don't need perfect code to avoid security problems.' Instead he suggests that users acquire and properly configure firewalls and make sure that they keep their software patches up-to-date. Considering that Microsoft says it is focused on security, the comments from the Chief Software Architect aren't inspiring, especially beacuse the underlying attitude seems to contradict the idea of well-written, secure code. What kind of message does that send to the developers who work for Gates?"
I couldn't agree more.
Majority of security issues come not from buffer overflows in the application code or similar stuff, but from dumb users clicking on e-mail attachments and downloading wicked screensavers.
Ever ran Spybot through a typical home user computer? Middle-aged women seem to be the worst offenders, Spybot and Ad-aware have pages and pages of stuff that the user usually isn't aware about.
"You don't need perfect code to avoid security problems. There are things we're doing that are making code closer to perfect, in terms of tools and security audits and things like that. But there are two other techniques: one is called firewalling and the other is called keeping the software up to date. None of these problems (viruses and worms) happened to people who did either one of those things."
The first sentence is correct -- or moot. The last is pure bullshit.
"Perfect" code is probably unattainable in complex applications. This is why things like firewalls, IDS, backups, etc. exist. Code should be made as good as possible, but dwelling on perfection will only pull your focus from other issues.
However, no virus or firewall in the world is gonna stop a cluleless user from clicking on an attachment and screwing their system. Virus scanners are mostly reactionary -- if it isn't in their list of malware, they can't find it. If it is a new way to screw users, and they click it...
EVEN if users have to jump through hoops like not executing from inside the mail program, saving it to the desktop, unzipping, scanning -- they'll screw something up. It is the nature of the beast.
Even with sandboxing -- good luck getting a user to execute the code in a sandbox first, every time.
Learning HOW to think is more important than learning WHAT to think.
How much trouble their products have when seperated by stateful firewalls. I mean, it wasn't until after AD was out for a bit that they realized you couldn't put a firewall between them and for large corporations, that wasn't acceptable. Now there is a bogus work-around, but ultimately W2K is horrible at dealing with firewalls inside the enterprise.
And the whole idea of a protected shell, soft middle has been destroyed by the likes of Nimbda, Nachi, etc. Eventually, someone gets past the outer shell.
We like to keep all of our satallite locations seperated by Firewalls, but as we started moving to W2K3 we found out Microsoft won't support our infrastrucure with internal firewalls...
Real nice Bill, thanks for the help.
This sig is the express property of someone.
There is no such thing as software without bugs.
There is no such thing as an operating system without vulnerabilities.
No scan will find all the holes.
No firewall will protect you from all attacks.
No patch will fix all your systems.
No intrusion detection system will catch all breakins.
No employee screening process will weed out all the criminals.
No employee training program will eliminate all employee mistakes.
Security cannot be purchased.
Security cannot be achieved.
The security process is a checklist of items that should be evaluated and expanded periodically.
Continuously and actively search for vulnerabilities. If the cracker knows about the hole before you do, you have a problem. Run scanners, hire people to test your security.
Read security advisories, keep systems up to date with the latest patches, consult others who also try try to keep their security bar high.
Take preventative measures: install a firewall, train employees to use secure practices, implement stricter checks and balances.
Detect problems with intrusion detection systems. Put up honeypots and tripwires. Enable logging.
It scares me, but Microsoft is right.
I don't expect perfect code but I also don't expect that car door locks to be defeatable by toothpicks or that a "master" remote unlocker unlocks every car in a parking lot in a second with one button press.
I think security should be important in _all_ phases of product usage, not just the user. It should be important in design, coding, testing and actual use. Any weakness in those four reaps a weakness in the entire product.
It is important for the user to take proper steps but that doesn't releave any product maker from their end of the responsibility of properly designing and producing secure code. Yes, the user should take steps but then being a user of any particular piece of software shouldn't be a "kick me" sign.
There's a famous quote, wish I could remember who said it (someone leap in with attribution!) (and I'm quoting from memory, so I'm sure I'm misquoting...)
;-)
"It is axiomatic that every program contains at least one bug and can be reduced in size by at least one instruction, therefore, every computer program can be reduced to a single instruction which does not work."
There's the singularity on your asymptotic curve
Windows has root in *exactly* the same sense that UNIX does. :-). They *are* root. No, difference.
Do you think Administrator or LOCALSYSTEM on a box can't do
anything root can ? Change ownership of files to an arbitrary
SID (that's a lie in the Microsoft docs, claiming that can't
be done, I wrote a Win32 program to do just that about 11 years
ago
What you are complaining about is NFS, not UNIX.
Stop comparing *one* of the remote file system protocols in
the UNIX world with UNIX itself. And stop claiming that Windows
is architectured any differently. You're simply repeating
Microsoft propaganda, and people who know better will point
out you're lying. You're lying btw.
Jeremy.