Slashdot Mirror
Gates: 'You don't need perfect code' for Security
securitas writes "ITBusiness has an interview from the Microsoft Professional Developers Conference where Bill Gates says 'You don't need perfect code to avoid security problems.' Instead he suggests that users acquire and properly configure firewalls and make sure that they keep their software patches up-to-date. Considering that Microsoft says it is focused on security, the comments from the Chief Software Architect aren't inspiring, especially beacuse the underlying attitude seems to contradict the idea of well-written, secure code. What kind of message does that send to the developers who work for Gates?"
This is a typical problem, that was discussed a few days ago. People
are confusing microsoft's success in general with Technological
superiority.
I find it interesting that *anyone* would care what Bill Gate's
opinion is on security. The volume of critical problems reported, and
of actual viruses and worms that have spread across the internet
lately should've been enough to indicate that microsoft doesn't have a
good understanding of security in general.
His argument is an interesting point of view though. It sounds to me
like he's saying microsoft doesn't need perfect code because people
can just install firewalls. What if the code in the firewalls in turn
isn't perfect though? Doesn't that leave us in an insecure position
again? What about the e-mail scanning software? What if it misses a
virus? Shouldn't you have layers of protection, instead of an outer
layer of protection and a soft underbelly?
Of course he is shifting the burden back to the users of the software
again. If only they had our firewall product and a good e-mail
scanning software package, and if they kept their software up to date
none of this would've happened.
Of course if they didn't ship their software with nearly every service
turned on by default, and everyone running as root this wouldn't have
happened either, but let's not trifle with details.
I really liked the part at the end where he comments that all the
viruses and attacks on microsoft's os are really a compliment.
You keep telling yourself that Bill.
Doug Tolton
"The destruction of a value which is, will not bring value to that which isn't." -John Galt
For example, if you introduce a bug that breaks the TCPIP stack, that's going to really secure things nicely.
I couldn't agree more.
Majority of security issues come not from buffer overflows in the application code or similar stuff, but from dumb users clicking on e-mail attachments and downloading wicked screensavers.
Ever ran Spybot through a typical home user computer? Middle-aged women seem to be the worst offenders, Spybot and Ad-aware have pages and pages of stuff that the user usually isn't aware about.
and he's absolutely right. We could just unplug our computers and leave them in a cold, dark room all by themselves, with no power.
For the rest of us, however, security starts with the code.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
Buffer Overflow.
This post cannot be re-broadcast without the express written consent of Major League Baseball.
How do you firewall off a semi-legit request to a external MS-Exchange that "Admin's" the server? Even stateful devices like the Packeteer cant selectively block data in the TCP block... expessially 0-day exploits.
Yeah. You can use firewalls(cough). That's why Unix is the Internet OS.
If we are not going to rely on perfect code but expect firewalls to catch the problems, then what do we do if the code in the firewalls aren't perfect?
Do we string together a series of firewalls in the hope that the code problems don't overlap?
It makes sense to me. Don't rely on someone else to keep your computer secure. Take steps yourself.
Look at me, I'm just going to get the latest debian iso and install it and not worry about anything!
Look at me, I'm just going to go buy a car and not worry about locking the doors or using a club, because I expect that the ignition system is tamper proof.
Don't blame the architect when someone comes through an unlocked window in your home and steals your stereo.
No, you don't need perfect code. Linux has no "perfect code". If it did, Linus et al would be finished and have moved on to other things.
I dont rely on Linus for security, I don't rely on Bill Gates for security. At the end of the day, it's my system, and it's up to me to take steps to protect it.
I don't need no instructions to know how to rock!!!!
I don't want to sound like a troll :-). If Bill Gates said "perfect software" isn't necessary, he's somewhat on the lines we are at today because no software out there can be declared perfect or bug free. There is no such thing. But whenever bugs are found, it is good practise to patch software. We do this under Linux, Mac OS X and Windows. And having a good firewall configuration helps keep out the dirty world.
Banu
Isn't Microsoft the company that's trying to encapsulate object access on port 80? SOAP? What firewall will block that?
And what are home users supposed to do? Block off their e-mail ports so they can't get mail? That'll stop viruses for sure.
If tits were wings it'd be flying around.
Sounds like what Bill is actually saying is that "It's not our fault!" or "Security is not our responsibility!". By saying that security should fall to firewalls, etc., he is trying to shift responsibility from his company to the end user. Sounds to me like it is nothing more than justifying the trend in software, particularly MS (but admittedly others) to let software schedules be driven by the marketing department as opposed to when the software is actually ready for prime time.
The fact is, you won't get perfect code, whether you need it or not. You should design things to minimize the amount of code that does have to be perfect, and the damage done if it isn't.
Blame the user, not the developer, is the message.
Its not the users responsibly to compensate for poor design, regardless of the product. Be it an unsafe car, or insecure OS.
---- Booth was a patriot ----
By that logic, Microsoft software should be the securest software around.
"You don't need perfect code to avoid security problems."
Here is a guy who knows nothing about perfect code, nor security.
Reminds me of the child who keeps on flunking school responding to the first sign of criticism, "I don't have to be PERFECT, do I?"
Sdelat' Ameriku velikoy Snova!
"All code has at least one extra instruction and at least one bug. Therefore by extrapolation, all programs can be reduced to one instruction that doesn't work."
the major advances in civilization are processes which all but wreck the societies in which they occur - A.N. White
"You don't need perfect code to avoid security problems. There are things we're doing that are making code closer to perfect, in terms of tools and security audits and things like that. But there are two other techniques: one is called firewalling and the other is called keeping the software up to date. None of these problems (viruses and worms) happened to people who did either one of those things."
The first sentence is correct -- or moot. The last is pure bullshit.
"Perfect" code is probably unattainable in complex applications. This is why things like firewalls, IDS, backups, etc. exist. Code should be made as good as possible, but dwelling on perfection will only pull your focus from other issues.
However, no virus or firewall in the world is gonna stop a cluleless user from clicking on an attachment and screwing their system. Virus scanners are mostly reactionary -- if it isn't in their list of malware, they can't find it. If it is a new way to screw users, and they click it...
EVEN if users have to jump through hoops like not executing from inside the mail program, saving it to the desktop, unzipping, scanning -- they'll screw something up. It is the nature of the beast.
Even with sandboxing -- good luck getting a user to execute the code in a sandbox first, every time.
Learning HOW to think is more important than learning WHAT to think.
"Rarely is the question asked: is our children learning?"
Programming can be fun again. Film at 11.
What kind of message does that send to the developers who work for Gates?
That it's time to get more G5's because 18 isn't enough...
Business \Busi"ness\, n.;
A scam in which all people involved perceive as beneficial...
It's kind of hard to say any system, even open source, is going to have "perfect code," but the major problem that is pointed out here is that it does no good to patch a system when the customers aren't going to install the patch. With products like 'nix, which are used more by *ahem* "serious" computer users, admins and the ilk, as soon as someone says "There's a bug in the software," word gets out, and people in the know make sure they are protected. The general population doesn't respond that quickly, however. Many Windows owners aren't even going to understand how to update their systems. This is not so much a fault with Windows as a fault with computer users who don't attempt to fully understand the product they are working with. People don't understand firewalls, they don't understand basic security. They know that you double-click on Outlook, and, poof, there's your e-mail.
We're going to see some obvious responses to this post about the faults of closed-system software, but Gates does bring up a good point: It's hard to have a secure system if the end-user doesn't know what he or she is doing. It's like a car that you drive for five years without ever getting the oil changed; there is no patch for ignorance. And what's funny is: whenever a company tries to become more user-friendly, Windows, Macintosh, etc., the hardcore community gets on their case for it. If we could develop an open-source system with enough depth to satisfy the experienced users, but is easy enough to keep in control by the neophytes, then you could have a widespread, secure system.
Libertarians somehow believe that private businesses should be stronger than governments but weaker than individuals.
BillG: "You don't need secure code".
(aside to Ballmer - "The Force gives power over weak minds")
Ballmer: "Um yes, the Force gives power over weak minds."
BillG: "Steve, stop that!"
Ballmer: "Um... Steve, stop that!"
I want to delete my account but Slashdot doesn't allow it.
Microsoft's expertise is controlling the market, not writing code.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
How much trouble their products have when seperated by stateful firewalls. I mean, it wasn't until after AD was out for a bit that they realized you couldn't put a firewall between them and for large corporations, that wasn't acceptable. Now there is a bogus work-around, but ultimately W2K is horrible at dealing with firewalls inside the enterprise.
And the whole idea of a protected shell, soft middle has been destroyed by the likes of Nimbda, Nachi, etc. Eventually, someone gets past the outer shell.
We like to keep all of our satallite locations seperated by Firewalls, but as we started moving to W2K3 we found out Microsoft won't support our infrastrucure with internal firewalls...
Real nice Bill, thanks for the help.
This sig is the express property of someone.
re: don't need perfect code to be secure
Linux code is not perfect and is secure.
From a military perspective, "patching" is equivalent to deploying your forces to protect against kids throwing rocks over the base fence. That won't help when an organized force attacks.
Just like GWB said more people dead in Iraq proves that the American occupation of Iraq is working.
Gates is saying the more attacks and flaws that are exploited proves Windows success.
Do you believe either one?
Plus to add what you said (which I agree with) Gates qualifies his statement by saying: "There are things we're doing that are making code closer to perfect, in terms of tools and security audits and things like that. But there are two other techniques: one is called firewalling and the other is called keeping the software up to date".
/. style. A developer trying his/her best to release perfect code is a good thing. But it must be backed up with local security and up to date software.
So he just said, yes we are trying our best, but it's not gonna be enough. That's a pretty fair statement regardless of the environment. Perfect code does not exist. You cannot prove perfection but you can prove that your app is secure within reasonable tolerances, which MS software of late has been anything but. They need to step up their efforts to keep up with their competitors, direct and indirect. But his statement was of course taken out of context in typical
I'd say two things to him. First, the only completely effective firewall is the one where I unplug my computer. Assuming you leave a port open, that's a possibility for an attack. Second, all a hacker needs is a proper buffer-overflow in a user program that employs that port, and it's fun time. I'm sure Internet Exploder etc wouldn't apply there. No, not at all.
He has a point in that firewalls have to be a large part of the solution. However, the idea that I can write the world's shittiest code and this is OK because I have a firewall is ludicrous.
Naturally, all this assumes you don't buy your firewall software from MS. That would be pretty funny.
-Looking for a job as a materials chemist or multivariat
seriously.
I don't understand why no one raises the patch size issue. To fix a buffer overflow, you've got to need what, 2K of modified code, tops? But the patch is like 2MB? Or 20MB?
In the US, where most people are still on dialup, how can anyone reasonably expect that people are going to download tens of megabytes of patches?
Microsoft should be mailing out free CDs with the latest patches.
Let's be fair to Mr. Gates, for once. If you needed perfect code to achieve security, security would be impossible; I've never seen a nontrivial perfect program. All real-world large projects are going to have errors in them; it's a simple fact of our imperfect world.
Once you recognize this, attention must turn from achieving some mythical perfection to dealing with the probable scope and impact of errors. Just for example, one good thing about languages like (e.g.) Perl and Java is that (absent major kludging) they are incapable of expressing a buffer-overrun bug, a category of possible bug in (e.g.) C which is single-handedly responsible for a majority of significant net security holes.
In other words, once you admit that your code will never be perfect, you are forced to consider how to limit the damage your imperfections can do, and that in turn steers you toward technologies, processes, and practices that help you with that potential-damage reduction goal.
In that sense, Gates is entirely correct that one key to maintaining a secure system is to limit the accessibility of unneeded ports (and the services possibly behind them) from the net at large. Yes, ideally, all those ports and services would be invulnerable to attack. But we know that we're not perfect, so we play it safe and use a firewall. It's classic "belt and suspenders" engineering.
There is certainly a lot to be said about Microsoft's culpability for the low quality of their products, particularly with regard to security. But that doesn't mean Gates was wrong to say what he said.
When all you have is a hammer, everything looks like a skull.
thats hilarious .. you dont need good code to be sure .. you only need somebody else's good code to run a firewall.
oh lordy.
"Old man yells at systemd"
"make sure that they keep their software patches up-to-date"
They are pursuing a subscription based model which the regular release of software patches supports. Now users see regular patches for scary new security holes downloaded on a regular basis... I expect now that most people are getting used to it, that Microsoft will shorten its supported lifecycle for OS releases and require full upgrades... which of course you can get downloaded to your machine directly using a credit card.
Funny how Bill is using the Open Source community to help spread FUD about its own products which will then be used to help force regular costly upgrades on people.
Security concerns might cause some people to start using Linux Desktops, but the majority of people will just buy into a system of regular updates from Microsoft.
This is a no win issue for the Open Source community.
The evil is too strong to resist, the only way to win is to deny it battle.
"Instead he suggests that users acquire and properly configure firewalls and make sure that they keep their software patches up-to-date." Bill Gates is sending the message that in his opinion, security is not the responsibility of the software author, but of the end user. This is an obviously flawed point of view. Just as if a car manufactor knowingly released a car with faulty breaks, they would take the initiative to launch a recall, and would most likely face civil/crimial consequences for their actions. However, MS has been able to knowingly release a defective product and escape consequence. They are even so arrogant as to say that it is up to the end user to secure their system. Bill is clearly stating that MS does not take security seriously.
Common sense tells us to go to the Auto dealer to get a fix done when there is a recall. Granted we all get a notice if that happens but you know not to drive around too long if there is word it could be serious.
But the computer is a tool to most people akin to a screwdriver or hammer, people really dont look to take care of it, they just use it. If more people looked at it like a pet and not a tool, then maybe people would care for their computers.
That being said, it IS his duty to the customer to both make fixes visable and known and not hide them like Microsoft does on a routine basis, and more importantly make things work better the first time so this stuff doesnt happen every 3 weeks.
One of the things that pisses me off the most about Microsoft vs. Apple is that Microsoft defaults almost everything to being open and insecure half the time. Only with XP was stuff not defaulted to on and did they default you to having a firewall to protect stuff.
And it was always stupid stuff no consumer would ever use that was defaulted to being open, and of course you being the consumer didnt know any better. This is more dangerous now when we see more and more computers connecting full time with the use of cable and DSL vs. even 5 years ago when roughly 97% of traffic was 56k, and therefore only on for short periods.
They are taking steps, but Microsoft has to stop denying it has an important roll in this cause honeslty it does. Everyone is using your OS guys, the least you can do is make sure their computers will be safe.
"Slashdot, where telling the truth is overrated but lying is insightful."
This would prevent most buffer overflow attacks.
I think it's correct to assume that you'll never--on a box where many companies can write software--have 100% perfect code. Having hardware at the processor and network level to add security is a fine idea.
Microsoft isn't too far off the mark.
Best Buy can have you arrested
There is no such thing as software without bugs.
There is no such thing as an operating system without vulnerabilities.
No scan will find all the holes.
No firewall will protect you from all attacks.
No patch will fix all your systems.
No intrusion detection system will catch all breakins.
No employee screening process will weed out all the criminals.
No employee training program will eliminate all employee mistakes.
Security cannot be purchased.
Security cannot be achieved.
The security process is a checklist of items that should be evaluated and expanded periodically.
Continuously and actively search for vulnerabilities. If the cracker knows about the hole before you do, you have a problem. Run scanners, hire people to test your security.
Read security advisories, keep systems up to date with the latest patches, consult others who also try try to keep their security bar high.
Take preventative measures: install a firewall, train employees to use secure practices, implement stricter checks and balances.
Detect problems with intrusion detection systems. Put up honeypots and tripwires. Enable logging.
It scares me, but Microsoft is right.
Don't worry, Windows is making strides in stability every day because of it's open design and collaborative development process. One day, it will be a suitable desktop operating system. Maybe it will even be enterprise ready. But that's still a ways off.
This signature has Super Cow Powers
Like LOTR, Microsoft security is mostly fantasy.
One line blog. I hear that they're called Twitters now.
Perfect code is a myth, like extra money, or a temporary tax. What we really need is consistency between the calls, internal (local) or external (web) in the way the buffer is handled and access controls that make sense. At least on the M$ side they still have not recovered from the code mangling idiocy with MSIE and Explorer co-mingling.
errr....umm...*whooosh* *whoosh* Is this thing on ?
Does the same speech writer work for both Bill Gates and George Bush?? The both seem to be making some pretty preponderously dumb speeches lately.
my windows has the worst code, but i keep the power off constantly on that box. it's the most secure operating sys^H^H^H mode indeed
my blog
You *can't write perfect code. Luckily, you *don't* have to write perfect code, if you write everything in a language that properly handles exceptions. This doesn't mean you shouldn't try to write perfect code...just that if, like every other programmer that has ever touched a keyboard or punch card, you have bugs in your code, you're much better off if your tools are watching your back.
.1% off your linpack benchies...
A good example is the number one favorite tool of the hacker, the buffer overflow. I don't care what OS you have, if you have buffers that can be overflown, you have insecure code. It doesn't matter what "user" the code is running as when it gets full access to your memory and command stack.
So use one of the dozens of languages that won't let you write unchecked code. And you can write as sloppy as you like -- nobody's going to be able to bust down that door. To be honest, i think in the next few years we'll see more of this sort of problem with LINUX than we will with Microsoft. Microsoft is trying to get everybody to write for a virtual machine in languages like C# and VB.NET (which is significantly less of a joke than you think it is). Whereas open source developers seem to pride themselves in sticking to archaic C code...shit, that language was old when I was in MIDDLE SCHOOL (in fact, the computer librarian would only let you check out books on C++). It's not "faster" in today's world, where machines are three clock cycles FASTER than the fastest common interconnect...coding in C is simply some bizarre combination of laziness and bravado. Hey, if you guys want to code in a masochist's language, there's always PERL. The rest of the time we should all be in C++ and Java wherever possible. Sorry if those overflow checks take
Hey freaks: now you're ju
That sounds like a Microsoft way of thinking. Leave the code we have the same, just have add-ons to protect that and add-ons to protect that.....
The core of Windows is so bloated by patches or quick fixes I was confused on the column on Linux Hacks. Maybe it was ment as not to go down the same path. But the code that seems to be quick fixes rarely breaks anything, only makes it better.
No code is perfectly secure and I don't expect worms and such to stop on any OS, IMHO I feel that security needs to be a vital part of Windows' thinking, if they want to keep their market share.
Actually, that's true. For security, you want to minimize the amount of code that's important for security, and the security-relevant pieces have to be right in the sense that they don't allow security to be broken. Even the critical pieces can be imperfect as long as the imperfections don't harm security. But there's a danger here - typically the bar is set far too low. My fear is that this will be interpreted by his developers as "slipshod implementations are still okay." Which is not true - the parts that matter, still matter.
Tools and security audits can help, as can firewalling and keeping up with patches. But that's not enough. Training developers how to develop secure software , and giving them the time to do, is probably even more important. I know Microsoft has done at least some of that, though I don't know how widespread it is and how well it's compensating for all the years they did not do that. Techniques other than the ones he's listing are frankly more critical, too. In particular, the system needs to be broken down into smaller, mutually suspicious pieces with minimal privileges, so that breaking one component doesn't break everything. There needs to be multiple layers of defense. The system needs less tight integration, and it needs to be easier to disable and remove everything not strictly necessary for a particular task. In contrast, firewalling is only a first baby step - his competitors (like Red Hat Linux) enable that by default as a starting point, and so Microsoft is only just catching up there. Besides, viruses are almost entirely an Outlook-unique problem, other systems are designed to not have that weakness in the first place. Patch management is important, but given Warhol worms, they won't be enough - if attacks take a few seconds or minutes, we won't be able to patch every system around the world fast enough.
I hope that Microsoft is doing much more than Mr. Gates is saying here.
- David A. Wheeler (see my Secure Programming HOWTO)
When a program doesn't meet your standards, there's only one thing to do--lower your standards!
Chris Mattern
in a corporate environment.
If a computer in the act of being installed is exposed to the net unprotected, your System Admin's need to be dragged out and shot.
If it's getting infected by an infected computer INSIDE the corporate firewall, your IT department needs to be dragged out into the street and shot.
There is absolutely NO GOOD REASON that a computer should be freely attackable in a corporate environment unless the IT Department is grossly incompetent.
I can't agree with that. If the default behavior of all common mail programs so discourages people from executing attachments, I think the worm problem (at least as it exists today with things like sobig) would be effectively solved.
That's not to say that nobody will find a way to execute such a program. The problem with sobig, though, was that so *many* people ended up running it, because of how easy it is to do in mail programs.
Except many worms are spread through more than one means.
A real case I dealt with: the I LOVE YOU virus.
The ILY virus spread through local network shares and e-mail attachments. The parent office of a corp I worked for (2,000 PCs) was hammered with it. It took them two days to clean up.
Then, the next day, some idiot who originally *thought it was a real love note and saved the attachment to his desktop* executed it again -- out of the context of an e-mail attachment.
The shame and humiliation heaped upon him was enough to ensure he wouldn't ignore IT memos again. However, it brought the e-mail servers down a second day while it was fixed. Again.
In a LAN environment, all it takes is one idiot.
Learning HOW to think is more important than learning WHAT to think.
Bill Gates says 'You don't need perfect code to avoid security problems.' Instead he suggests that users acquire and properly configure firewalls and make sure that they keep their software patches up-to-date.
Come on now. I deal with end-users all the time. They have problems finding their damn "start" buttons, and the illustious Mr. Gates is suggesting that these users install and configure their own firewalls?
True, there is no perfect OS and all OS's are going to be vulnerable in some way. True again that Windows holds the desktop market in it greasy hands, but instead of attempting to meet "corperate deadlines" and wasting time and money by adding functionality into the OS consequently putting other companies out of business, lets start writing some quality code. Screw the deadlines.
This annoys me.
"I mean, people act like some other systems don't have vulnerabilities; actually all the forms of Unix as well as Linux have had more vulnerabilities per line of code."
;)
You know, I can think of at least two ways to take this.
This tagline brought to you by 1500 monkeys in just under 17 years.
Heaven forbid that anyone should read the article before posting.
Taken out of context, what Gates said sounds ludicrous. You also have to remember that this was an off the cuff remark. Read the whole article and it makes more sense. His point is that despite the holes in Windows code, patches were provided prior to the hole being exploited and the people who patched their systems and had reasonable security (i.e. many layers) in place had no problems.
My experience would seem to support this. I see a lot of networks in my travels. The folks who are on top of things don't seem to have a lot of problems. The folks who aren't have lots of problems, viruses and otherwise. I would say that the quality and quantity of the people involved is more important than the OS that you run at this point.
The biggest problem that I see is IT departments that have people with insufficient skills. The right person with the right skills can make all the difference in the world. Many companies deploy systems in a haphazard fashion without thinking about maintaining the systems. Before you know it they have a big stinking mess that is going to cost a lot of money to clean up when it could have all been avoided if the right people had been involved from the beginning. Once the mess is there, they can't afford to go back and fix it. They have systems everywhere that aren't patched and were never locked down properly anyway. They have no way to centrally manage the systems and don't monitor their network traffic.
If you have your shit together and pay attention to detail, you can maintain a pretty secure environment with Windows. I would say that this is the same for most major systems out there. Look at the security patches available for Linux, Apache, and most other software out there. If you are lax then you likely have security vulnerabilities no matter what you have installed. There is no perfect code out there. Any complex system is bound to have holes.
I think that it is unwise to underestimate Microsoft. In the past, stability was the main issue. They have come a long way in improving stability. Now the main issue is security. It is going to take a couple of years but I would say that you will see a level of improvement that is comparable to the stability improvements seen in NT. It won't be perfect but it will be good enough to keep people buying.
If you are a developer and you believe that code can be perfect or that it even NEEDS to be in order for users to be protected then I would suggest that you've never worked on any projects of any size. If you are a developer who claims to write perfect code then I invite you to send me your resume.
The truth of the matter, and anyone who has done professional software development knows this, is that it is impossible to write perfect code. Yes, even under our beloved Linux. Indeed, EVEN our beloved Linux. The challenge is to implement within that imperfect code solid security procedures that deal with, and protects the end user from that code.
Really folks, I hate Gates as much as the next guy, but he isn't wrong in EVERY single thing he says. Sheesh.
Anthony Papillion
Advanced Data Concepts, Inc.
"Quality Custom Software and IT Services"
That's why I find free software to be superior to non-free software. With non-free software you must "rely on someone else to keep your computer secure" because only one person or organization has the source code and the legal authority to improve the software. If a program is Free Software for me, I get to choose how much time am I willing to spend developing the skill to improve my software to suit my needs. It doesn't matter to society how much of that freedom I leverage, what matters is that I have the freedom. But I want that freedom for everyone else too. I benefit from more people having these freedoms because I benefit when those people leverage those freedoms in clever ways.
This is also where I somewhat part with the Open Source movement. On the one hand, I'm glad for all the attention they've helped bring to Free Software licenses (particularly the GNU GPL), but on the other hand I (as a user) want the freedom to share and modify software. I'm not against businesses having the freedoms of Free Software, but I don't want to tailor my message for them or pitch chiefly to them. The GNU project tells about an interesting episode in their their essay on the difference between Free Software and Open Source:
stratjakt wrote:
Nothing is perfect, so arguing about our need for perfection seems to me to be a moot point. I think we need a system to give as many people the freedoms to inspect, share, and modify software so software can meet people's needs. The proprietary model of software development and distribution does not give us these freedoms.
Digital Citizen
Users want software that works, that does the job it's supposed to do. What should users be expected to know and do? Basic security, such as updates and securing against somewhat standard threats (such as Outlook attachments) might be reasonable, but I was under the impression that the documentation for changing these features was less than outstanding. In some cases, the updates may either not work or may come with onerous EULA (WMP 9.0).
I didn't RTA, but BG seems to expect users to know as much as the virus/script writers and perhaps more than his own engineers to secure their computers. While there is a lot of avoidance of responsibility on the part of users for security flaws, it seems unreasonable to have to spend significant amounts of time to know the inner workings of their system to use it, particularly when Microsoft seems more interested in adding "features" such as "trusted computing" than to write correct code and patches.
In order to drive, I have to look at the oil, gas, and tire pressure to keep it OK, and I have to know how to drive competently, but I don't have to understand my transmission much to run the car. It would be harder for lots of people to secure their cars if, in addition to the locks, the engine had multiple overrides to allow other users access which would either be listed on p.600 of the Advanced Mechanics' Maintenance Manual for your car or available by downloading from the manufacturers' website along with great features such as a governor that limits you to 55 mph or which rejects non-Exxon gas. MS sells its OS to people solely interested in using it, yet it neither is willing to clarify the requirements for maintaining security nor to write working software or patches. Instead, MS is better at blaming or hindering its users than in actually achieving the "security" they trumpet so loudly.
If you want users' help in improving security, BG, a good start might be to work with your users rather than against them. Whatever legitimate points you make are diluted by your cavalier attitude about the flaws of MS software and the antagonistic attitude of MS towards the users of its software with respect to security (trusted computing again) - improvements at security seem to secure software from use by legitimate agents rather than from use by illegitimate agents (virus writers and crackers). Users should be your customers, not the enemy. If you believe that users should behave differently, than clarifying the correct behavior to users without a BS in EE/CS would help; setting insecure features to default off might help too.. Then if users want to shoot themselves in the foot, they might have to learn something (and thus might learn not to do that). MS warnings about user security sound like "don't engage in unsafe sex" talks from condom makers who make defective products.
Gates said:
I mean, people act like some other systems don't have vulnerabilities; actually all the forms of Unix as well as Linux have had more vulnerabilities per line of code.
Now, that is the best justification for MS code bloat I have ever heard. It reduces your security vulnerability density!
That a computer system's administrator should be fairly intelligent, able to read and learn how to do new and complex things and stay up to date with technology.
What the hell were we thinking....??
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Who is Bill Gates?
I would like to hear what a real security expert like Jeff Goldblum had to say, though. After all, he managed to interface a Mac with an Alien computer. I mean, he's no Sandra Bullock, but he's still a pretty good "hacker". (That's the correct term, right?)
indeed..
'You don't need perfect nuclear plants to avoid security problems'
Peolple should build radiation safe bunkers in their basements, in order to keep their families completly safe.
IS NOT
'you can't rely on perfect code for security'
First, imperfect code is a security problem. M$ has many flaws and they know it each time they ship code. The kind of problems M$ has extends to poor design as well, so it would break even if it were perfect.
Second, Bill's statement implies that his company never will get better. That's something anyone familiar with M$'s history and hype knows, but it's kind of in-your-face for him to put it that way then blame the users again.
Get back in your hole, appologist troll.
Friends don't help friends install M$ junk.
You don't need perfect code, you need a secure design. If you have a design that fails "closed", that defaults to not allowing access and requires an exception handler to function correctly for access to be granted, then most bugs will result in a denial of service rather than a security failure.
The problem that Gates isn't dealing with is that Windows has traditionally used security mechanisms that "fail open". For example, Internet Explorer used the same file type - application bindings as the desktop, and then added a bunch of rules to prevent insecure apps from being opened. Internet Explorer, again, allows local objects full access and then has exceptions to cover objects that aren't really local (like attachments in cache directories).
So, on the one hand, Bill is right that if you have a good design you don't need perfect security. On the other hand, he's selling a system with a lousy design. So where does that leave us? Well, it doesn't leave me with any warm fuzzies about Longhorn...
It was Microsoft who told these home users that they could be connected without any hassles. They can't just backtrack now and blame their users.
So yes Unix may be secure but it is arcane and difficult to learn and use.. but no unix vendor has ever stated (afaik) that anyone can use their product without any knowledge about computers.
What a rotten party, have we run out of beer or something?
There's a line between convenience and leaving the whole system completely open. This is on the wrong side of that line.
even calling gates a coder is a stretch
I couldn't google the link up quickly, but I started giving Gates credit as a coder when I read how his BASIC interpreter worked. I've done just a touch of assembly programming as a hobby, and Gates apparently, to save space, was able to cleverly reuse bits of the interpreter when newly written portions of his code matched previously written portions closely.
That is to say that he scoured the code he'd already written to see if there was any place he could JSR to reuse code -- essentially using functions in a language where there wasn't any such thing.
Sure, perhaps this was common practice then, but the point is that he got the concepts. And he, along with Allen, wrote something usable and sellable, and didn't shoot any blanks before becoming profitable. If you can't call Gates a programmer without stretching, people like John Carmack (afaict) are probably the only fellows that deserve the title around here. Which means not very many of us.
(Now this fact, of course, makes Microsoft's attitude towards security even less forgivable; it's not like they have some naive corporate exec running the ship. And, like I said, this makes Gates' comment about "perfect code" even worse. I don't think he's talking about "Code a la Plato's Forms". Rather, he seems to be justifying the security issues his reused, legacy code that didn't have networking in mind has when used in today's world! That's lazy and fairly irresponsible.)
It's all 0s and 1s. Or it's not.