A Taste Of Computer Security
andrew_ps writes "Amit Singh has published on his KernelThread.com a paper (mini book really) on computer security. A Taste of Computer Security is a VERY comprehensive paper in what it covers, but is remarkably easy to read. This is not some list of "sploits" though! Topics covered include popular notions about security, types of mal-ware, viruses & worms, memory attacks/defences, intrusion, sandboxing, review of Solaris 10 security and plenty of others. Most notably it includes probably one of the most fair and intelligent analysis of the Unix-Vs-Windows security issue that I have ever seen."
Looks like an interesting read, and if nothing else, something we should be slipping onto our PHB's desks!
Funny how the games listed there are all microsoft games. You'd think that MS would know how to get a game to run without Admin access... Well, I'd like to think anyhow :)
"Something's wrong with you...and I hope we never do meet again." - Deftones When Girls Telephone Boys
Most notably it includes probably one of the most fair and intelligent analysis of the Unix-Vs-Windows security issue that I have ever seen."
Ok, so his thesis seems to be that Windows is insecure because it's too hard? Is this guy on crack?
There are too many "knobs." The exposed interfaces are either too complicated, even with documentation, or too weak and limited. Security on Windows is hard to configure correctly (try setting up IPSEC).
This guy can't seriously expect me to buy his argument that properly configuring a unix box is "easier", can he?
This isn't a fair analysis, it's just more "MS is teh gay linucks is awwwwsome!!!!!11!" tripe.
It's really not hard at all to secure Windows, and you can lock it down every bit as tight as any Unix if that's what you want to do. Just because people don't doesn't make it the OS's fault.
How about all the newbies running their X sessions as root because it's the only way they can get the soundcard/dvd-r/tv-tuner/misc hardware to work?
Is it Linux's fault that once you start piling OSS layers onto ALSA and jam the whole pile of shit into Gentoo's default devfsd setup, that it's a huge pain in the ass to get a non-root user to be able to play sounds? Cuz it is. Don't give me the bullshit about "all you have to do is add the user to the audio group" stuff.
What about lazy fucks like me who quit trying to have their daemons chroot and su to another user, because every fucking time they type emerge -u world portage decides to change all the file permissions and ownerships around, so now all of a sudden slapd cant read or write it's data directory, hosts.allow and hosts.deny are no longer world-readable, etc, etc.. Fuck it, the only way to guarantee my LDAP server stays up is to have it run as root. And, of course, it has to stay up, else noone could log in.
I can't remember which distro now, but it shipped with a single * in the xdm's Xaccess file - ie; anyone anywhere could get a local X session on it.
What about every app that uses svgalib having to be suid root, or run as root. Those mythTV boxes and advanceMAME cabs are just big fat fuckin backdoor waiting to be exploited.
The only point I'm trying to make is, any PC out there is no more secure as it's user/owner/admin and the apps they run. Most normal people dont enjoy spending 8 hours a day doing nothing but configuring their systems.
I don't need no instructions to know how to rock!!!!
The core security problem with Windows is that Microsoft has been unable or unwilling to take advantage of the core security capabilities of Windows.
It's more than just the fact that there are existing applications that expect to have write access to system directories and do other dengerous things, it's that Microsoft doesn't seem to be able to respond appropriately. For example, our early Citrix-based server showed the path to solving the problem of writing to system directories... it mapped system write access into the user's profile, and you had to switch to an explicit "installer" mode to actually modify things in the system.
Microsoft owns that code now, it's surely in Terminal Server, but instead of implementing it they created a high level workaround... the sort ofthing you'd expect to see coming from a third party... that monitors the system and puts files back when they change. This not only breaks more applications than the old Citrix-style code did, but it provides another hiding place for viruses that manage to infect the repository or trick the system into backing them up.
Similarly, the whole protocol/handler problem in Internet Explorer... or rather the Microsoft HTML control... (and being inexplicably copied by Apple and the KDE people) could be almost completely prevented by simply making the protocol and helper application binding the responsibility of the application calling the control instead of making the control guess whether the application it's calling is hardened for use by untrusted pages, and if not then it has to guess whether the page it's displaying is trustable or not.
On this Windows box at work I'm protected from thousands upon thousands of viruses except the one that gets written tomorrow and the idiot that opens its brilliantly socially-engineered email attachment.
This is rhetorical and wishful: when are we going to get some anti-virus software that protects us before an outbreak?
(please don't say don't run Windows, it is realistic but not realistic today right here)
Speak truth to power.
No, this is a fault of Windows. We don't know how these games run or why they require admin authority. It might be to access the sound card, or the video drivers, or DirectX or something similar. But in all those cases it's a fault of Windows for not providing non-admin-level access to the required resources.
It may have something to do with backwards compatibility with Windows 9x. In that case, yes, the application probably could have littered itself with millions of 'if (WindowsVersion >= 4) SafeFunction() else UnsafeFunction() calls, each of which would have killed performance dead. They also could have shipped fat binaries or even two binaries, and had the installation program make the right choice up front. All those solutions add their own problems to an already complex product, though, and if those types of bad solutions are required, I'd say it's the fault of the OS for requiring them.
I would also think that if it were something they could easily fix at the application level, Microsoft's newest releases would not make this list. However, since it includes "Microsoft Flight Simulator 2004 - Century of Flight" I'd say that in these days of Microsoft waving the "Security First" flag, they have never actually addressed the root problem. And the root is Windows, not the application.
John
Given that, explain why "Microsoft Flight Simulator 2004 - Century of Flight" should still make the list? If software they've released years after they've been aware of these problems still demands bad security practices, who is to blame? The application programmers or the environment in which they must work?
You said, "if an application requires administrator access to run, it is not the fault of the Operating System." Explain how a train simulator could possibly require admin authority except in a poorly architected environment? Then answer, 'who provided that poor architecture?'
This is Microsoft -- author of both these applications as well as the OS. They've had the chance to address it, they've had the incentive to address it, but they have not done so. I stand by my comment.
John