Slashdot Mirror
Microsoft vs. Computer Security
ArieKremen writes "The Slate has a piece written for the average user attempting to explain why Windows is `still` grappling with security issues. Although Gates made security and privacy top priority four years ago, not much progress has been made." From the article: "Microsoft customers haven't stopped worrying. A year later, Windows was hit with several nasty worms, including Slammer, Sobig, and Blaster. The viruses caused major traffic bottlenecks throughout the world, which cost tens of billions of dollars to clean up. Vulnerabilities deemed 'critical' have forced the company to release an almost unending stream of patches and fixes to the Windows operating system, Microsoft Office, and Internet Explorer." An interesting look at the whole issue.
Although Gates made security and privacy top priority four years ago, not much progress has been made. Excuse me? No Progress? Including a firewall with Windows is no progress?
will be under these kind of attacks all the time. Geeks, like everyone else, wants to stick it to the man. The man in this case is Gates and Windows. While this does not excuse the flaws and lack of attention at times, it does present another angle. To make a OS as robust as windows without things like this happening is hard to imagine honestly. If Macs were what windows is today, the story would be the complete opposite I assure you. You see the SAME thing in popular games as well. The most hacked games are the biggest and best, not because it is easier, but there are far more people attempting to exploit the system.
Invexi - a Phoenix, AZ based web design and web development company.
Gates urged that new design approaches must "dramatically reduce" the number of security-related issues as well as make fixes easier to administer. "Eventually," he added, "our software should be so fundamentally secure that customers never even worry about it."
Fair enough, but regardless of what is happening in the way of "new design approaches", the current installed base is the problem. The best ways to show dedication to the reduction of security issues would be a) rigorous code review + pre-emptive bugfixes and b) more rapid response to issues that are found elsewhere. There have been improvements, but the sum of the successes will not outweigh the sum of the failures.
I want to drag this out as long as possible. Bring me my protractor.
tens of billions of dollars to clean up
you know we as a tech community lambast the **AA whenever they (and the media) say a "hacker" did millions of dollars pirating
why do we not do the same when crap like this gets printed?
tens of billions? prove it, thats our job, thats what we do
The More Knowledge you have the Luckier you Get- J.R. Ewing
I don't know if I'd chalk this all up to lazy sysadmins. While that's a factor, there's also the IT director at whatever firm who wants "stability." Sure, some of it is sysadmins not paying attention. But some of it is also sysadmins at war with the suits because, "that system cannot go down... not even for maintenance. I don't care if nobody uses it between 1 and 4am or on the weekends." (Yes, I've seen shops like that... those are VERY costly errors on management's part.)
Critical patches should ALWAYS be installed as soon as it is feasible. You should have a test system available where you can install them and run your regression testing, if you're in software development. If all you do is use your computers for word processing, data entry, specific applications, etc, you should, for the most part, be installing those critical patches as they come out. I tell family and friends to do that. My seldom-used windows box here at work gets done by corporate IT, and they seem to stay on top of a lot of that.
OCO is Loco
the point to appreciate here is that it isn't all Microsoft's fault but they could do a whole lot more.
Actually it is all Microsoft's fault. Whether or not they deserve to be villified for it is another issue. But consider the following:
1) They don't fix bugs they know about so they don't break compatability with programs that rely on the bugs.
2) They don't submit their code for review by the public.
3) They don't follow security best practices, like turning off services by default.
4) They make their OS less secure by obfuscating design to make it difficult for competitors.
5) They use propriety data formats.
6) They alter the OS to make it work with their programs instead of designing a solid OS so that anyone can make programs run with it.
etc.
The real problem is that MS has a billion trillion gazililon lines of code to maintain and retrofit with "secure" code. Much of this code was written in the days when security was an afterthought and bugs were treated as an annoyance, rather than a threat.
I have never read a more scathing remark of Bill outside of /. :
And the next time Bill G. promises to make software that is so fundamentally secure that customers never have to worry about it, ask him what decade he plans to release it.We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
this article seems to me a bit on the unfair side off things... i personaly have even
stopped caring that much about the many security flaws.. i know there are just too many
found because the os wasnt designed with security in mind.
i'm just gonna wait and see how vista does.
Julien. http://free.hostdepartment.com/8/81fortune/
It makes no comments as to why Microsoft stuff is any better or worse than anything else. There's no mention, let alone a comparison between Microsoft and Linux, Apple, or anything else beyond just a mere fluff sentence.
But beyond that, my biggest issue is there are no FACTS in the damn piece. Everything is anecdotal. How are Microsoft product's better/worse? Why? By what measurement?
All this article does is pick on Microsoft because it's the biggest and easiest target, so any flaws make the news. It's like saying Wal-Mart still offers only low wages and busts up unions. Duh - so do a lot of other companies, but Wal-Mart gets the attention because they are the biggest.
Explain how they are better/worse/the same as the mean, or average, or some kind of realistic comparison. This is just a rant, nothing more.
Somedays it's just not worth chewing through the restraints...
Microsoft made the choice to tie things closely to the OS. In particular, their Netscape killing plan was to essentially make IE part of the OS. Outlook also requires the presence of IE to render html mail, or at least it used to. Similar decisions were made regarding hooks to the OS for other Office programs. These decisions were made for reasons of competitive advantage over competing software such as WordPerfect and Lotus.
The consequences of these decisions is an OS with fundamental security issues. Microsoft has an opportunity to change this with Vista, but I'm betting that they haven't.
Some mornings it's hardly worth chewing through the restraints to get out of bed.
An insane amount of progress has been made on Windows security. Automatic updates ensure even the most retarded of end users has a chance of being patched, built in firewall has resulted in a significant chance of end users having a firewall, the security added to IE in SP2 has given a whole lot of protection.
It doesn't matter who the dominant OS / company is, the biggest threat to security on anyones computers is the person sitting in front of it.
You can't win a fight against ignorance, misunderstanding or plain stupidity. Microsoft has made some pretty damaging blows and that is commendable.
I think it's time the end users' took just a little bit of responsibility for their security issues. It's callous to assume (and blame) Microsoft when so many 'issues' are avoidable with a little common sense.
God help the *nix world if they ever get bundled with the masses of ill-informed, ill-prepared and irresponsible people who use Microsoft software.
I like this whole "versus" thing. It encourages the idea that Microsoft is against or competing with the idea of Computer Security in general.
The popularity argument is pure bullshit. Non Microsoft runs most of the web and anything that's mission critical. Those foolish enough to try making M$ do things live to regret it and it has nothing to do with popularity, Geeks and Nerds but everything to do with marketing and crappy software. Apple, Sun, Linux and every other kind of software works better and non have had the kind of automated worm problems M$ has.
From the above, you can imagine that the functionality and features excuse is also bogus. Operating systems robust enough to provide services over the network can also be made with pretty GUIs that are equally robust. There is nothing a Windoze user can do that I can't do better with free software and many things that I can do that they can't without lots of effort and money. I share my classwork with anyone who's interested and I share my music and movies with myself without any of the problems Windoze users suffer just connecting to a network, reading their email or browsing the web.
When is the big Linux worm coming? Never, thanks to the diversity of excellence that a truly free market for software provides. Free software writers also don't make the mistake of mixing content with executable code, unless they are copying someone else's bad implementation for compatibility sake. Still everyone makes mistakes but that still won't do to free software what it does to M$. As an example, imagine Firefox had a problem. It would get about 1/3 of GNU/Linux users. Why? because the rest of them are using other browsers and all of them can stop using the browser with a problem until it's resolved one or two days later. Because Free Software is all about code, binary problems don't automatically propagate across distributions. A Red Hat exploit might not work on Debian and probably won't on Gentoo and won't do anything to a BSD box. The Free Software fix is always easier too. When things go wrong on a free software box, the user downloads the latest and greatest to fix it. The worst case is a rebuild, which preserves all user data and takes less than 20 minutes. In the Windoze world, the user takes out their "original CDs" or blows a few hundred bucks at the computer store for software that's at least two years old and probably has the same problems. Things are much much more difficult for crackers outside of the M$ monoculture of binary crap.
Friends don't help friends install M$ junk.
There IS reason to believe that Mozilla's coders are that much better; The most serious hole found in Firefox in some time actually ended up being a hole in Windows.
FF has gone through more versions because they don't release incremental security patches, and because their code is subject to public review. Microsoft does release patches, meaning there are less versions, and their code is not subject to public review, meaning they fix problems only when someone finds one accidentally.
Your arguments are universally specious.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Their overall conclusion that MS products are still vulnerable to security problems is correct, but it is not accurate to suggest that Microsoft has done nothing to address buffer overflows. Now it is clear that they have not done all they could. Specifically, they have not started writing their applications in type-safe languages, and they have only recently starting trying to apply automated static analysis to detect buffer overflows in existing code (A technical report about their efforts can be found
here ). And of course, they haven't even vaguely considered requiring that drivers carry safety proofs (using the proof-carrying code stuff from Peter Lee and George Necula, for instance).
However, they have added support for computer architecture features which guard against this sort of attack, such as flagging data memory as non-executable and requiring jumps into code be word-aligned, features which is available in most new processors. They've also begun loading libraries to random addresses making it much harder for worms to know what address to jump to. Although none of these is a silver bullet which prevents all buffer overflows, they have definitely made it significantly more difficult to exploit buffer overflow errors in both operating system and application code. These features even have benefits to third-party applications.
So although the battle is certainly far from won, suggesting that Microsoft is doing nothing is ridiculous. These sort of features are not going to be visible to the user in any obvious way, but they are very good steps in the right direction. I'm certainly no Microsoft lover (I have a Mac and a Linux box and tend to avoid MS products), but if you actually keep up on Microsoft's security research and what from that is making it into the operating systems, it's obvious that they're taking buffer overflow attacks very seriously and making progress. The simple fact of the matter is that the reporter has not done his research.
Keith
Apart from anything else, most Linux geeks I know see contributing to open source as a more than sufficient two fingers to Microsoft.
For the love of God, please learn to spell "ridiculous"!!!
One thing to help would be a default account type in the Users group, and if currently an admin, switch your group to Users. Third parties need to fix their programs that requires more privileges (not necessarily admin) after the program is installed because of write access to system folders and HKEY_LOCAL_MACHINE. Vista fixes this, but if you ask me I think MS is only encouraging the bad behavior of alot of third party programs by providing this method of keeping non-compliant applications compatible with least privilege. (Keep in mind, there are a$$holes like Even Balance who purposely wrote their anti-cheat to require true admin privileges)
Sure they have a firewall... you're screwed as admin because the code that launched can also create an exception for itself via netsh command or damn it all to hell and disable the firewall via "net stop". Malware does do this today, and sad how easy it was stopped.
Don't want to run as non-admin? XP can run specified apps automatically with User privileges even if you are admin (and I am not talking about Run As with a lower privileged account). And for fuck's sake, don't take the default of "SYSTEM" for your apache or whatever server software services.
Blame the user, not the software.
Actually the article is a lot of the same old "what's wrong," and darn little "why." Accurate enough, but nothing new—waste of a Slashdot posting, if you ask me.
I figure by 2030 or so my 6-digit UID will be something to brag about.
"Although Gates made security and privacy top priority four years ago, not much progress has been made."
Excuse me? No Progress? Including a firewall with Windows is no progress?(emphasis mine)
There's this thing called reading comprehension. There was never the claim that there was no progress made, only that there was not much, ie little, progress made. Considering how many and how deeply worms have been able to attack in spite of said firewall, I'd have to concur. Feel free to try to disprove his "not much process" claim, btw, because if you argue against the actual point you might be able to point at things with put at least some weight behind your counter argument.
Eurohacker European paranoia, gun rights, and h
Excuse me? No Progress? Including a firewall with Windows is no progress?
Of course that is progress but the real problem with Windows is the fact that it carries a burden of bad design decision at a fundamental level made for all sorts of business and marketing reasons. Why does a process like Microsoft Internet Explorer (Which is mainly a bigger gateway for malware than Firefox because it is badly written not becaue it is a Microsoft product) have to run with admin privileges? There is a reason why that is going to change in IE7 on Vista. Come to think of it, why the hell does the normal Windows user even have to have Admin privileges for day to day work to begin with? Thousands of Linux and Mac users get along just dandy with restricted user privileges apart from the occasional annoyance of having to either log in as root or in the case of OS.X feed a nag window the root password so that the occasional installation program can touch sensitive parts of the OS. You can try to write this off as *NIX evangelism but it is hard to deny that in the ancient past this sort of shoddy design work solved complicated problems for MS quickly and cheaply and for that reason it was allowed to happen without contemplating the long term effects. Unfortunately MS has since learned the hard way that thinking ahead sometimes pays but now they are also learning that back-pedaling is hard work.
Only to idiots, are orders laws.
-- Henning von Tresckow
You're confusing the layers, there. There are parts of Windows that Microsoft WANTS people to use, and those are reasonably clear. Then there are those part that Microsoft doesn't want people to use, and those parts ARE obfuscated. I only need name 2, ".doc" and "ntfs", both under vigorous attempts to reverse-engineer ***for the legally protected purpose of interoperation*** by third parties, for YEARS, with only marginal success.
Arguably, a clearly, concisely, well-defined data structure or format would also fall to reverse-engineering fairly readily. Many people have long suspected that Microsoft has deliberately complicated their formats, for the specific purpose of hindering interoperation. There have even been statements *from Microsoft* about "rich binary" data formats and protocols in order to protect their products. But the sword cuts 2 ways... Last I heard, there was no engineering or programming document describing ".doc", the documentation was the source code of the ".doc" reader. Maybe that's ok for a minority-share product, or a SOHO product. But about the time they're insisting that government institutions should use ".doc" as their archival data format, IMHO it just doesn't cut the mustard. Excess complexity also makes it difficult to get all the bugs out - just the thing you want in archival data storage - or a filesystem.
Microsoft may not be guilty of every sin that everyone would like to pin on them. But they DO have plenty of sins that do stick, and to not pin those is a disservice.
The living have better things to do than to continue hating the dead.
Ubuntu quite frequently tells me there are updates available for a large variety of packages I run, so what's the difference. This close-minded MS hating mantality gives me the shits. Everything is fallible to some degree, it's just a question of how much that degree affects you.
Anonymity of the internet is responsible for the views expressed in my post.
>>That's the big problem with many of the Microsoft glitches. They're not limited to the vulnerable Microsoft application. The vulnerable app provides a gateway for compromising the whole PC.
>I would like to know where everyone heard this crap, and why they keep repeating it vebatim., because it's a bunch of bullshit. Flaws in Microsoft products have no greater danger than equivalent flaws in any other Windows application.
That's partially true and partially false. I'll explain more below.
>A remote code execution flaw in IE executes code with the users rights, and therefore gets access to what the user has access too.
>A remote code execution flaw in Firefox executes code with the users rights, and therefore gets access to what the user has access too
Exactly true. The issue is, instead, the number of remote code execution flaws.
>There is no special conduit that Microsoft apps have to the windows kernel or any other windows system object.
Except that such is not needed. In general, Microsoft seems more focused on trying to build a strong perimeter than to make sure that components are robust. The result is that anyone who can manage to obtain any sort of local access to effect objects is bound to find a means to use said objects to execute code (look at WMF for example). And because a local user effecting an object to execute code isn't a security risk (as a general rule, at least), little focus is set on making sure components are robust against such attacks. So it's not surprising that little consideration is given when such components are used in internet applications (think of the security implications of printf(user_provided_string); for example).
>If you browse the web using firefox while running as administrator and you get hit with an exploit that exploit will have full access to your system.
Of course. Firefox isn't a panacea.
Eurohacker European paranoia, gun rights, and h
I learned long ago not to allow Microsoft OS's to autoupdate. The updates invariably break more than they fix. I simply don't use any M$ apps anymore. And with the rumors (plans) for Vista's DRM spyware, I'll simply be taking all my M$ boxes off the net entirely. Linux runs web apps beautifully.
You have the right to remain silent. Anything you say will be misquoted, then used against you.
Of course, you still can't show us the RunMSApp10PercentFaster() function call, can you?
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
Time to upgrade to OpenOffice.org 2.0. :)
The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
Microsoft security.
.wmf file format security hole, a real gapping maw of a hole. The following Monday, YESTERDAY, _two_ (2) more .wmf flaws are reported and posted with exploits.
That Microsoft has security like a cheese grater has bouyancy is a very well known fact, but the interesting point underlying the well known fact is _why_ Microsoft has such lousy security.
I suggest it's their attitude towards security. For example, last Thursday Microsoft released a patch for the
This is the way Microsoft does security: They wait for users to get hammered and scream, _then_ they might fix it, but just that one thing, anything else related is ignored until the cycle starts again with users getting hammered and screaming about it.
After the past two years of Microsoft "security," the only people who still run that junk are the ones locked in by their PHBs and the clueless pubic who buy PCs based on what they see on TV. Oh yes, and the willfully locked-in Microsoft fanbois who are out in droves today defending their sinking ship against the crush of reality.
Microsoft fans are much like the "Intelligent Design" people: They believe and insist their belief is the same thing as knowledge. This gives them the excuse to ignore reality with it's rather unpleasant (to them) consequences.
Face the reality of the situation with Microsoft products: They want your money first and foremost, anything and everything else is, at best, second thought. This includes security, quality -- everything else.
That's your reality, deal with it in a constructive way by getting off the Microsoft Gerbel Wheel from Hell (tm): It's the only way to be sure.
Cheers.
Everything in the Universe sucks: It's the law!
Yes, because this is oh so different from the way Apple handles everything, right? *rolleyes*
I'd say Apple is indeed doing something different, since it's five years and counting without a single instance of OS X-specific malware being seen in the wild.
And if you think it's because nobody's trying, you're deluded. There are plenty of assholes out there who would love to be the first guy to come up with genuine OS X malware. Any fool can pwn a Windows box, but you really have to be 1337 to crack a Mac. So far, nobody's measured up.
OS X was designed to be secure from day one. Until Microsoft give up, chucks everything they've got and starts fresh, Windows will always be betrayed by its roots as a completely unsecure, single-user OS that had the security (and everything else) bolted on later-- it's like a straw hut with a steel door.
Sounds like Bush. Now more people will switch to Democ^H^H^H^H^H Mac OS X.
Shop as usual. And avoid panic buying.
No, the WMF problem is an incredibly silly code insertion technique that was designed in - deliberately allowing the image to embed its own arbitrary code - in the days when anything on a machine was deliberately put their by the user and could arguably be trusted. There's no buffer overflow or anything here - just a windows object which is insecure by design.
This kind of code shows how little windows was designed with networking in mind. It wasn't a problem in 1985, but still working that way 20 years later shows how Windows still includes horribly insecure legacy code that should have been revisited if they were serious about 'secure by design'.
Justin.
You're only jealous cos the little penguins are talking to me.