Black Screen of Death Not Microsoft's Fault

Barence follows up to the ongoing Black Screen of Death Saga by saying "Microsoft says reports of 'Black Screen of Death' errors aren't caused by Windows Updates, as claimed by a British security firm. The software giant claims November's Windows Updates didn't alter registry keys in the way described by Prevx, which said that the Microsoft Patches caused PCs to boot with just a black screen and a Windows Explorer window. Microsoft is now blaming the problem on malware. Prevx has issued a grovelling apology on its own blog."

Comment removed

[account_deleted]

Comment removed based on user account deletion

Really?

[potscott]

Maybe if Windows was a little more impervious to malware, they wouldn't have this problem.

Re:Really?

[maxume]

When users are happy to type "sudo rm ...", it doesn't really matter how impervious the system is.

Re:Really?

[thisnamestoolong]

Yes. I agree. Microsoft Windows should be 100% secure from malware. Not like it is ever the user's fault or anything...

Re:Really?

[thisnamestoolong]

On a completely unrelated note -- how the fsck does that dastardly command execute itself? Isn't that kind of like eating your own head?

Re:Really?

Meh. ChromeOS is a good, fairly simple example of how to do away with malware (ONCE AND FOR ALL!). A capabilities-based OS is another, but alas, L4.sec, Coyotos, and even viengoos seem to have stagnated despite much promise.

Re:Really?

[Corporate+Troll]

Isn't that kind of like eating your own head?

No... rm is already in memory (and if it's not, then it's loaded into memory -- rm is usually part of the shell anyway so it most likely is loaded). Programs execute from memory and thus don't need their on-disk-alter-ego anymore. rm can thus do it's task.

There is no contradiction.

Re:Really?

[athakur999]

Does the sudo part really matter anyway? The most important files on my system are those in my home directory and they're owned by my own user account, thus no privilege escalation is required to touch them.

Having great security around the base OS is a good thing but if you don't also provide good security for the users' files, it's kind of like getting a bunch of guards to protect a bank but leaving the vault in an unprotected building next door.

On the other hand, I really don't want to have to deal with UAC/sudo/etc. every time I edit one of my own documents, so it's kind of an unwinable situation that only good backups can protect against.

Re:Really?

[Enderandrew]

openSUSE 11.2 ships with AppArmor and is stable today.

It is a very capable OS and extremely secure.

I'll even give you a free copy. Just don't tell anyone.

http://download.opensuse.org/distribution/11.2/iso/

Re:Really?

[plague3106]

There comes a point where the only way to improve resistence to malware is to deny administrator access to the owner of the computer. I don't really see that taking off.

Re:Really?

[ByOhTek]

so, is that why

$ touch ~/privates
works, but
$ touch /home/some-other-user/privates
gives me a rights error!?

Re:Really?

LOL, joke's on you, I'm going to post this on the internet!

Re:Really?

[cc1984_]

When users are happy to type "sudo rm ...", it doesn't really matter how impervious the system is.

I get "rm: cannot remove `...': No such file or directory"

However, I'm just trying "sudo rm ../." though and it s

Re:Really?

[SnarfQuest]

A little more than 0 is what?

Re:Really?

[rjolley]

Let me know when it ships with locate again.

Re:Really?

You're a horrible salesman.

Re:Really?

[donaggie03]

Yet that is exactly what I do with my mom and sister. It works out quite nicely.

Re:Really?

[jimicus]

Does the sudo part really matter anyway? The most important files on my system are those in my home directory and they're owned by my own user account, thus no privilege escalation is required to touch them.

Furthermore, running with no special privileges you can still:

- Start a process on an unprivileged port (>1024)
- Establish a connection to another system.
- Put a process in the background so it'll still run after you've logged off.
- Subject to permissions, write to network-mounted filesystems.
- (depending on cron configuration) Set up a process to run periodically without leaving anything tell-tale to the casual observer in the output of ps unless by sheer blind luck they hit ps when your process is executing. So it would still run on reboot (though it'd be really easy to find if you ever edited your own crontab, a lot of people simply don't bother checking such things).

All of which are quite enough to set up a system as a node on a hypothetical botnet somewhere. Now all you have to do is spread (easy, you've got enough power in that list to email something to everyone you can think of and stick a copy on a fileserver) and persuade people to run you - either intentionally (Click here for pictures of Britney nekkid!) or unintentionally (bug in email application).

Re:Really?

[Zero__Kelvin]

"On a completely unrelated note -- how the fsck does that dastardly command execute itself? Isn't that kind of like eating your own head?"

No. It is more like running the program from memory where it continues to be until after it completes, after loading it from the disk, and before pulling the rug out from under itself ;-)

Re:Really?

[Dog-Cow]

You are wrong. Malware, as a whole, does not rely on ANY privilege escalation at all. Capabilities are just another way to get privilege escalation.

Windows is actually very secure, or it can be configured that way. It's the users who are hopeless.

Re:Really?

[TheRaven64]

On UNIX-like systems, files are not actually deleted from the disk until the last open file descriptor is closed. You can use this to get completely anonymous temporary files that are garbage-collected when the program abnormally terminates by opening a file and then unlinking it. The file still exists, but it isn't in any directory. When you run the rm command, it and all of its dependent libraries are opened and mapped into the process's address space. Deleting them just removes them from the directory that contains them, it does not return their space for reuse until later.

Re:Really?

[aix+tom]

In fact, that's one of the main advantages of *nix over Windows. The reason that you have to re-boot windows so much during installations is that you can't delete / replace files while a process is accessing them.

In *nix you can delete a file while a process is accessing the file, and the process continues to see the file until it finishes, while other, new processes can't see the file.

Of course, once I started a five-hour database export job, then deleted the target file without realizing it, and after the export finished successfully (since it could still "see" the file it was writing into) the export file was gone.

Re:Really?

[EvanED]

ChromeOS is a good, fairly simple example of how to do away with malware (ONCE AND FOR ALL!).

It's also a good, fairly simple example of how to do away with... well, functionality and usability.

Re:Really?

[thePowerOfGrayskull]

On the other hand, I really don't want to have to deal with UAC/sudo/etc. every time I edit one of my own documents, so it's kind of an unwinable situation that only good backups can protect against.

I think that's exactly it - I've been experimenting with running linux as ::gasp:: root with a full desktop lately. The same rules apply as when running as admin on Windows: don't be stupid. But realistically, what does it save me to have to constantly enter a password to do something? I've never once said "Oops, wait, no I don't want to do this, I'm so glad you nagged me for a password so that I reconsidered it." And I don't think many people ever do have that experience.

When you're using an OS as a single-user system, it's extremely redundant to have to fight against multi-user controls all the time. If I'm stupid enough to type "rm -f /", then I'm also stupid enough to type "sudo rm -f /". (And yes, one one occasion I *was* that stupid. Guess what - it was nobody's fault but my own. I got what I deserved.) The other side of the coin: downloading malware. The answer for that is the same as it is for windows - don't.

Having an operating system that trips over its own feet trying to protect you from yourself is like government legislating use of seatbelts. Yeah, there are a lot of people who aren't wearing seatbelts. Having a law about it will change that for a few of them. But the remainder fall into two categories: those who will continue without the seatbelt anyway, and those those who used seatbelts all along. The "protections" don't really help either one.

Re:Really?

rm is usually part of the shell anyway

What shell would that be?

Re:Really?

[ironicsky]

You, good sir, just got bash.org'd

Re:Really?

[unitron]

It's liable to give you rights *and* lefts.

Re:Really?

[clang_jangle]

Don't do that, please. Put the following line in /etc/sudoers:
username ALL=(ALL) NOPASSWD: ALL
Obviously, replace 'username" with your username. Voila, no more password prompts from sudo.

Re:Really?

[ukyoCE]

The sudo part does really matter. In all 3 major OSes a mechanism similar to sudo is being used for ALL execution of new code (especially files from the internet), rather than just using sudo for root escalation.

If people are clicking "OK" to "run this unknown executable" it's, as you imply, nearly immaterial whether they're root or executing as your user account. The problem is the execution of code, and thats what the modern sudo-like (psuedo-sudo?) mechanisms are preventing.

It's a usability problem as much as a security problem.

Re:Really?

Because the rm program is loaded into memory before being executed.

Re:Really?

[silvaran]

I wonder if you had known about the accident before the process finished if you could have recovered it by checking open file handles in /proc:

~$ while true; do echo -n 1; sleep 1; done > tmp.txt &
~$ rm tmp.txt
~$ ls -l /proc/11336/fd/ | grep tmp\.txt
l-wx------ 1 me me 64 2009-12-02 16:51 1 -> /home/me/tmp.txt (deleted)

Is there any way to recover this?

Re:Really?

[thePowerOfGrayskull]

I had done that, but it doesn't really solve the problem. Two things - first, relatively minor: I still need to type "sudo" when I want to do something. Far more annoyingly -- desktop applications still prompt regardless of that setting.

I know the instinctive response is "no bad bad bad"... but as someone who has avoided any kind of viruses or malware on Windows for many years while being forced by the OS to run as admin... is there really any benefit to not running as root? If you assume that I'm willing to accept consequences of my own stupidity, what else is there?

Re:Really?

[aix+tom]

Yep, there is. You can just copy the open file handle from under /proc into a new file.

/tmp $ while true; do echo -n 1; sleep 1; done > tmp.txt &

[1] 4594

/tmp $ rm tmp.txt

/tmp $ ls -l /proc/4594/fd/ | grep tmp\.txt
l-wx------ 1 root root 64 2009-12-02 22:23 1 ->
/tmp.txt (deleted)

/tmp $ cp /proc/4594/fd/1 > /tmp/backup.txt

/tmp $ cat backup.txt

1111111111111111111111111111111111111111111111111111111111111

/tmp $

But in my case, I just fired it off before I logged off for the day, and only found out about it the next day. But it was nothing critical anyway, just a dump for a test environment.

Re:Really?

desktop applications still prompt regardless of that setting

Instead of using menus, install gmrun and set it to a keybinding (like ^F1) then start any GUI app you want to run as root with "^F1 sudo nameofapp". Unless of course, typing "sudo" now and then is really such a big deal to you.

as someone who has avoided any kind of viruses or malware on Windows for many years

You mean as far as you're aware you avoided them. I've known many win users who thought they were secure, but a thorough exam of the hdd with a bootable cd proved otherwise. :)

is there really any benefit to not running as root?

Considering it's pretty much the main defense against being pwned, it seems a silly question.

If you assume that I'm willing to accept consequences of my own stupidity, what else is there?

It's your data. Personally I believe in freedom, including the freedom to fsck yourself over if that's what you want.

Re:Really?

[bhtooefr]

It loads itself into memory first, then deletes everything. Things already loaded stay in memory, so the system remains surprisingly intact until you power down (not shut down, because all of the commands to do that are gone, although you could sync disks with the Alt-SysRq trick on Linux.)

Re:Really?

Smartest thing said in this thread.

Re:Really?

[pjotrb123]

> ChromeOS is a good, fairly simple example of how to do away with malware (ONCE AND FOR ALL

Hmmm. The Chrome browser already had it's share of vulnerabilities. It sounds like you are claiming that by wrapping it in a new OS this suddenly no longer can or will happen.

On top of that, no matter how good the OS might be that they started with, they are turning it upside down and inside out which I think will not improve initial quality or security either.

And think of this: If there ever will be a keylogger for ChromeOS it will be as profitable as with any other OS. Or even more profitable, because every action logged is web-related and therefore possibly exploitable, whereas on a regular OS my days worth of local Photoshop work and editing my thesis are useless crap for a logger to ignore while looking for the good stuff.


I will certainly give ChromeOS a try, but it will not be for the reasons that you mention.

Re:Really?

Yes, Worse Is Better.

http://www.jwz.org/doc/worse-is-better.html

http://www.osnews.com/permalink?291395

Re:Really?

[aix+tom]

Depends on your definition of "worse" and "better"

I like an OS better that does what *I* know is the right thing do do, not what *It* thinks is the right thing to do. After all, it only means you *can* replace libraries on a running production system, not that you *have to*

But that's mostly a matter of taste, really.

Re:Really?

I completely understand the sentiment, /however/, Dad bought his new HP P6240F from Staples in Canada on Nov 30. Dec 1 he's describing this weird new problem to me, and yeah, it's this black screen business. First thing he did after initial auto-updates was get Firefox and Microsoft Security Essentials -- which says the machine is clean. So where's the user problem here? I don't think it's unfair to blame MS on this one.

Re:Really?

[Corporate+Troll]

I thought it was an internal bash command. I'm wrong. Doesn't change the argument...

Re:Really?

[treeves]

And what exactly happens when a Windows user types "sudo rm"? Where do they have to type it? I just typed it here and not much happened.

Re:Really?

A little nitpicky, but something I learned yesterday:

while $(sleep 1); do echo -n 1 ; done

Does the same thing, but it's a little more elegant than "while true" and shorter to type. HTH

Re:Really?

[catmistake]

Malware infiltration on Windows is no more Microsoft's fault than a leaky roof is the fault of the builder: "no matter what you do/ don't put the blame on you/ blame it on the rain (yeah yeah)"

Re:Really?

[Fire_Storm82]

is there really any benefit to not running as root?

yes from your same post

desktop applications still prompt regardless of that setting.

when you run as root not only can do you anything to your system, so can any application that you run. any malicious program can do anything to your computer it wants when you aren't running as root, it has to ask your permission first

Re:Really?

[maxume]

You are supposed to hear bells. If you don't hear bells, you must hurry and kill a chicken.

Re:Really?

[Kalriath]

So, Windows 7 security model then?

But really, why shouldn't he? If he's the only user on the system, why should he have to use sudoers?

Re:Really?

[thePowerOfGrayskull]

Sure, but here's my point. If I'm stupid enough to run a malicious program, that means I'm just going to give it the permissions it requires, when I'm prompted.

And if I'm not stupid enough to do that, the extra step of being prompted does me no good at all - as I wouldn't have run it in the first place.

The only place I see it as being of potential value is in sandboxing your system -- so that a a security vulnerability that allows something in through a back door can't do harm beyond your personal account.

That being said, even this is of limited practical use for a single user system. If your personal account is compromised, it's just as damaging -- a process doesn't need admin/root to serve as a spam generator. Keyloggers don't need root/admin either. Finally, someone able to plunder my /home/me directory, or "My Documents", will have access to all of my personal info.

Rootkits are bad, but they are far from required to do serious damage. ANd from the user's perspective, the amount of damage which can be done by non-root compromises is just as bad.

Re:Really?

[Suhas]

Yes that is by design. Just like in C++ your friends can see your privates.

Re:Really?

[Kalriath]

Ditto for me.

What was the GP saying again?

Re:Really?

[ToasterMonkey]

is there really any benefit to not running as root?

yes from your same post

desktop applications still prompt regardless of that setting.

when you run as root not only can do you anything to your system, so can any application that you run. any malicious program can do anything to your computer it wants when you aren't running as root, it has to ask your permission first

This is true. However, in the case of Linux, there is no framework in place for an application to ask permission for anything, or fine gained access controls with which to grant permissions. A process starts as root or it doesn't, unless things have changed recently. I might be wrong. Anyway, OS X and Windows still don't really have the process dialed in perfectly. There's lots of opportunity for other systems to innovate and explore better ways of controlled privilege escalation, but I'm not holding my breath. Even systems that already have great fine grained access controls in place don't seem to be in any sort of rush to make them useable :\

Re:Really?

[westyvw]

Hear Hear. Windows choices for dealing with the file system and auto locking files *sometimes* for even reads is asinine. At least linux is consistent and gives me the power to choose.

Re:Really?

[aiht]

But if the system is not impervious, then even those of us who are not happy to type 'sudo rm ...' etc. are still screwed.

Re:Really?

[maxume]

Sure. The point is more that the presence of malware on a consumer system doesn't necessarily condemn the system.

Re:Really?

[DaVince21]

Too bad it'll even forget my history, saved tabs and even what network I was connected to. There's at least some things I'd like remembered, yes?

Re:Really?

[plague3106]

Nicely for you maybe, probably not so much for them.

And of course you can lock down a windows computer that much if you choose, but I don't its the right choice for the vast majority of computer purchasers.

Re:Really?

[treeves]

Just think: if I had used sarcasm tags on my comment, I would have denied you the opportunity to make this AWESOME joke!

Re:Really?

[thePowerOfGrayskull]

Thanks - that's the point I'm trying to get at. Given that I'm aware I could do something stupid, it's my friggin box...

I find it quite funny that my original post was modded "overrated". Apparently there is moderator out there who is so offended by this concept of user control that he needed to suppress the very idea...

Easy fix, or fixed easily?

[halcyon1234]

TFA says a piece of malware can knock out the null-terminator in a required string, which Explorer relies on to load properly.

While it's good to know that a simple problem can be solved quickly (and the root cause discovered, damn you malware), and it's also good to see that Prevx can apologize when the make a mistake-- but I have to wonder if Microsoft would have been attended to as quickly as they had had Prevx not complained as loudly as they did.

Re:Easy fix, or fixed easily?

[geekoid]

Historically speaking? no.
That said, MS is actually changing.

Of course, the root of this problem is the registry.

Re:Easy fix, or fixed easily?

[Kill+all+Muslims]

It's not really the registry per se; it's the fact that the Win32 API uses NULL-terminated strings while the underlying NT API uses Pascal strings. You can run into similar problems with the file system for the same reason. This dilemma can't really be fixed due to backward compatibility concerns, so this problem will continue to exist in all versions of Windows into the foreseeable future.

Re:Easy fix, or fixed easily?

[plague3106]

How would this be any different if the configuration settings were stored in a flat file?

Re:Easy fix, or fixed easily?

It wouldn't, but you would be able to FIX it much more easily. For instance if a Linux install won't boot due to a config file problem, I can pull the hard disk, plug it in as a slave in another computer, and edit away. Or just boot any of many Linux boot CDs and mount the broken volume and fix away.

How does one fix a Windows registry on a non-booted disk? Maybe there is a way- I'd love to know. I think the Windows registry is by far the stupidest thing MS has done.

Re:Easy fix, or fixed easily?

[wbo]

The regedit tool provided by Microsoft allows you to mount and edit registry hives stored in any file. So you can either boot the system from a bootable CD or DVD containing a Windows PE environment and run regedit from there or you can put the drive into another Windows system and run regedit.

Then all you need to do is select File->Load Hive and load the registry hive you want from the drive, make your changes and then select File->Unload Hive. It really isn't much harder then editing a text-based config file once you understand how the registry is organized.

Re:Easy fix, or fixed easily?

[maxume]

http://windowsxp.mvps.org/peboot.htm

Re:Easy fix, or fixed easily?

Ubuntu user with a stupid question: What the heck is a registry?

Re:Easy fix, or fixed easily?

[wampus]

You can certainly run an offline registry editor. It isn't friggin' magic, it just isn't flat text.

Re:Easy fix, or fixed easily?

[interploy]

Considering a lot of the reason they pushed out Win7 so fast was to erase the legacy of Vista, it's not much of a stretch to think they'd still have been pretty quick to quell any rumors of Vista-like qualities.

Re:Easy fix, or fixed easily?

[Yalius]

You slave drive over onto another Windows machine, open regedit, select either HKLM or HKU, then click on File, Load Hive. Point it to the registry folder on the drive to be repaired, make your edits, then unload the hive.

Re:Easy fix, or fixed easily?

[TheRaven64]

It's a hierarchical store of typed key-value pairs supporting fine-grained access control on individual keys as well as coarse-grained access control (providing a per-user tree and a global tree that unprivileged users can't modify). It's a single configuration database, shared by every Windows application. Linux users often rant about how evil it is, largely based on not understanding it, and occasionally based on the fact that in earlier versions of Windows it was easy to corrupt and difficult to recover and didn't scale particularly well. GNOME includes a system which manages to copy most of the disadvantages of the registry, with few of the advantages.

Re:Easy fix, or fixed easily?

Of course, the root of this problem is the registry.

What the hell?

So I suppose if Explorer looked for text files in a directory called "etc" or ".gconf", it would be totally immune to malware attacks and bugs from people authoring OS updates?

The registry is a configuration store. It's not inherently evil, at least not any more evil than having a config file, and it has the added benefit of not having to re-invent a config file format for every application. Lots of applications and frameworks have already re-invented registry-like functionality using similar approaches, namely, key-value pairs for configuration settings serialized to disk (vide: gconf).

Re:Easy fix, or fixed easily?

%windir%\system32\reg.exe can also do the same thing from the command line.

Re:Easy fix, or fixed easily?

[thePowerOfGrayskull]

and it's also good to see that Prevx can apologize when the make a mistake

Of course they can. Now they've gotten their publicity, it doesn't really matter that they needed to apologize after the fact.

Re:Easy fix, or fixed easily?

No, the registry is just a place to save your settings with proper access permissions, so basically this problem can happen with any other mean of defining settings, it is not a registry specific problem, if for example the registry corrupted the data inside causing this problem, I would have agreed with you, but in this case the registry just gave you the settings stored in it, if you saved Crap settings, you get crap settings

Re:Easy fix, or fixed easily?

[camperdave]

That's easily fixed. Just get rid of one of the APIs. Microsoft has had plenty of opportunities to do this.

Re:Easy fix, or fixed easily?

[magamiako1]

Since when has slashdot had anyone on here that has understood the Windows registry?

Even worse--it seems the people screaming about how terrible the registry is don't even understand how to make changes to an offline registry :(

I think part of the problem is all the GUID keys within the registry, and the structure of how everything is laid out. It's very technical in nature, rather than "easy".

But the fact of the matter is, and I stand by Microsoft's point in this--you shouldn't be in the registry unless you know what you are doing, and even then the most you should concern yourself with is HKCU\Software and HKLM\Software.

I would imagine at some point they might modify the layout a little bit to be a bit easier to follow, but it wasn't really meant to be human readable so....

Re:Easy fix, or fixed easily?

[Luke727]

If you remove the Win32 API, EVERY WINDOWS APPLICATION EVER WRITTEN breaks. Assuming we don't want to do that, the only other option would be to remove the NT API. Unfortunately, this is the API that allows user-mode applications to communicate with the kernel. I don't think you could write a very useful application that has no ability to access the registry, files, network, hardware, etc, all of which require calls to the kernel. You were right, that *was* easy!

Obviously you don't know the first thing about the architecture of Windows NT (and judging by many other comments I've read you are not alone). If anybody cares to educate themselves, I highly recommend Windows Internals.

Re:Easy fix, or fixed easily?

[tbannist]

You might want to sing the praises of the Windows registry for the discussion on an issue that isn't caused by the registry.
Now is not really the time or the place to try to convince people that a system that borks your computer because of a formatting error in a value string is a great idea.

"Easy to corrupt", "difficult to recover", and "doesn't scale well" are each a pretty good reason to dislike it. The current problem doesn't give me any confidence that the system is actually any better now.

Re:Easy fix, or fixed easily?

[ProzacPatient]

I was actually surprised to find that Gnome has a regedit-like utility called gconf-editor.
But thats where the similarities end because gconf-editor is basically a unified front-end editor for XML files, along with the ability to send updates to listening applications.

The great thing about this is that you both get your RegEdit-like interface, you get your human readable data if you want to do it the old fashioned way (Nano, Vim, Vi, Emacs, etc..) and it has little to do with the underlying system so an inexperienced user won't be able to prevent their system from booting by changing one key in some random place.

I have to admit I like the whole idea behind the Registry but in practice it really has some flaws, I'd prefer it to work more like GConf so that applications can have their settings physically stored in different places in a standardized human readable format.

Re:Easy fix, or fixed easily?

[BitZtream]

Citation needed.

There is no problem with the registry in principal. Acting like their is just shows your ignorance.

There have certainly been implementation issues with the libraries to access it. There almost certainly will be more in the future.

This is no different than any library that provides the same sort of functionality.

The problem could be the same if we used ini files, or xml files, or some random file format.

The only thing the 'registry' actually is, is a set of defined API calls to access data. The backend is irrelevant, and you can in fact remap just about any part of the registry into ini files if you know how.

So once you've flipped the bit to map to an ini file, are you going to now say that ini files are bad? You could put some effort into hooking the registry code so it used xml files if you really wanted, whats the problem now. If you're implying that the problem is entirely in the library behind the API that allows you to access the registry than I challenge you to show me a library that has never had any bugs that can be exploited. You can do it, but you're going to have to use a library thats either never been seen by anyone or has no useful purpose.

Bad code can not be prevented, it happens and will happen until humans are perfect, which is unlikely.

You can change the API, but you'll just create a new set of bugs and problems that manifest themselves in a new and exciting way.

Implying the registry is 'bad' is like implying stdin/stdout/stderr are bad. You realize these have had their implementations exploited as well right?

Re:Easy fix, or fixed easily?

[BitZtream]

"Easy to corrupt", "difficult to recover", and "doesn't scale well" are each a pretty good reason to dislike it.

Citation needed, for all 3.

The problem isn't caused by the registry, its caused by code that uses the registry API, more than a slight difference there.

I've written wrappers to access mysql and postgresql via an API that matches the registry API, I suppose you think it would apply to those as well?

Yes, large registry hives get slower for certain operations, but not all, and the same is true for any database. Thats all it is, a database.

Its easy to backup and recover, regedit will be happy to export the entire thing for you, and import it as well. Doesn't have to be done online, some things do require offline access and their are tools for that.

I've seen far more corrupted mysql databases than registries, and I've dealt with 100s of times more registries than mysql dbs.

Re:Easy fix, or fixed easily?

[bill_mcgonigle]

Linux users often rant about how evil it is, largely based on not understanding it,

Comprehension is quite difficult in the registry, it's not meant for human consumption. It's also not text, so unix people will shy away from it.

It has some good ideas, so does /etc. Config::Any has some more.

GNOME ain't doin it rite.

Is that any better excuse?

[tekrat]

So, Windows 7 is much more susceptible to malware than previously claimed? This is the big win for Microsoft? Sorry, but if that large enough of a percentage of folks are experiencing the problem, then it's a real issue that MS needs to address. It sounds like they are just saying "not my problem", and forgetting about it. Meantime Windows 7 will be completely destroyed by the time it gets decent marketshare.

Maybe MS turned their attention to Windows 8 a little sooner than claimed.

Re:Is that any better excuse?

[anthonyfk]

You assume that accepting blame and fixing the problem aren't mutually exclusive. Just because Microsoft said "that's not our fault" doesn't mean they won't fix it.

Re:Is that any better excuse?

[shutdown+-p+now]

Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that. You can pop up tons of prompts, but then it's the "dancing bunnies" problem - depending on how enticing the malware author can make it sound, the user can be convinced to click "Yes" on each and every prompt.

Re:Is that any better excuse?

[geekoid]

DId you rad the link? this is not being reported by very many people at all.

And in fact, it isn't their problem.

Re:Is that any better excuse?

[ShieldW0lf]

Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that.

Since switching to Ubuntu, I have had no need to install weird things off the internet. I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.

I consider it to be the case that my free OS does indeed protect me against malware, where proprietary offerings that cost hundreds of dollars more do not.

Re:Is that any better excuse?

[I_have_a_life]

This is a completely bullshi** statement. How does the article in any way suggest that Windows 7 is more susceptible to malware? And more susceptible compared to what? And where exactly are you getting the data that suggests a large percentage is suffering from this? I know this is Slashdot but could you at least make an effort to provide some evidence of statements you are making.

Re:Is that any better excuse?

[h2oliu]

Just out of curiosity, shouldn't Microsoft be responsible for ensuring that only valid data makes it into the registry? If this is the core information source for the system, it would seem that there should be checks in place, at the OS level, that prevent changes to core items.

Re:Is that any better excuse?

[neoform]

If I was more clever, I would be making a joke about Degrees and Radians right now.

Re:Is that any better excuse?

Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that, and no OS on the market today does that.

Since switching to Ubuntu, I have had no need to install weird things off the internet. I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.

I consider it to be the case that my free OS does indeed protect me against malware, where proprietary offerings that cost hundreds of dollars more do not.

So how does Crysis, Age of Conan, new Batman etc run on this "nubutunu" thing?

Funny thing how my Windows doesn't have viruses or attention seekin software either...

Re:Is that any better excuse?

[Snarkalicious]

Point taken, but I don't think the issue at hand has much to do with those who make informed, rational and proactive choices about what runs on their machines. The greater masses would rather pay for something that looks like the easy way up front and then enjoy bitching about the buggery they're subjected to later. Cuz there ain't nothin more Murcan than overspending and then voicing dissatisfaction with the results.

Re:Is that any better excuse?

Microsoft does this. As long as you only install and run Microsoft approved software on your Microsoft Operating System.

Re:Is that any better excuse?

[MojoRilla]

I think this is a key strength of open source. You can have a single organization package all the software you might ever need, and if they don't do a good job, you can switch to another. As opposed to closed source, where everyone jealously compiles their own binaries because they are afraid of anyone seeing the holy source code. Even Apple, which controls the IPhone with an iron fist and has a choke hold on app distribution doesn't have source level access to the applications on its platform.

Re:Is that any better excuse?

Until you need to upgrade to a newer version of libfoo and you have to go get it off the internet and compile it and install it.

Re:Is that any better excuse?

I can do that with Windowz too... it's called CNET's download.com, and there is more software there for Windows than your Ubuntu has.

Re:Is that any better excuse?

Ubuntu protects you from malware in the same way that a Geo protects you from carjackers.

Re:Is that any better excuse?

[natehoy]

And here I was thinking that a post could never be simultaneously Flamebait, Insightful, AND Funny at the same time. Bravo, sir!

Re:Is that any better excuse?

[AlfredZhang]

You are right. There is almost no malware on Ubuntu. But again it does not need a malware to be rendered completely unusable. A mindless update to a buggy version of anything from the repositories will do.

Re:Is that any better excuse?

[e2d2]

So you're saying that because you go to Ubuntu's repositories and download applications that you are secure from malware?

Pass the pipe sir, I think I need a toke to make sense of that.

Re:Is that any better excuse?

[rabbit994]

Microsoft could create a repository of software that users could download but I can only imagine the screaming that would develop from all the 3rd party developers. When you have less the 1% of desktop market share and 3rd party companies don't have any money tied up in your OS, you can make repositories. Microsoft does give away free Anti Virus and Anti Malware and put in UAC. There is probably little else they can do.

Re:Is that any better excuse?

[Like2Byte]

I agree with the sentiment of your post; however, you and other Linux-distro users are fairly savvy when it come to the installation of software devoid of malicious intent. However, as soon as Linux is "ready-for-the-desktop" and being used regularly and widespread by female teenagers and grandmas alike, things will steadily go down hill from that point forward for Linux' rather clean history of being malware free.

Do I really need to point out that great adoption of any one OS will yield malware targeting that OS?

People's needs (either professionally or personally) vary greatly. Some day, someone will create an entertaining cute dancing-bunnies app that will wind up infecting grandma's or sweet-sixteen-Mary's Linux box. And they'll tell two friends; and they'll tell two friends; and, ....

Recovery from such an infection is a different discussion. Most people do not realize they are infected.

Re:Is that any better excuse?

[shutdown+-p+now]

Since switching to Ubuntu, I have had no need to install weird things off the internet. I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.

On the other hand, this makes you susceptible to the "Google syndrome" - if it's not in your repositories, then it doesn't exist. That's a fairly limited world view, don't you think?

Also, while we're speaking about Ubuntu... I'm glad that they finally found the time to update the package for Eclipse to 3.5 in 9.10, but for the previous 5 (!) major Ubuntu releases it was stuck at 3.2 (so in 9.04, it was 2 versions behind upstream out of the box). The result was that virtually everyone who needed Eclipse on Ubuntu ignored the repositories, and downloaded and installed the newer version manually. Exactly the same way they do on Windows.

And the reason why there was no updated package? Well, apparently, the old maintainer was gone, and package was complicated enough to work on that no-one else stepped up to maintain it. It highlights certain deficiencies in "central repository maintained by distro" model, don't you think?

At the same time, Ubuntu certainly doesn't preclude one from installing packages semi-manually. Heck, if you click on a link to a .deb file in the browser, it will prompt you if you want to install it right then! So convincing a clueless user using Ubuntu to install something from a random web page isn't really any more difficult than convincing the same user using Windows. Two reasons why you don't see it actually happening are that, 1) Linux users are generally more knowledgeable, and 2) writing such malware for Linux specifically is simply not worth the effort.

Re:Is that any better excuse?

[Ogive17]

Wow, congratulations. I've been running XP for around 5 years and have never had a virus, malware or attention seeking software installed on my computer unless I specifically installed it myself.

Don't blame the software for stupid users.

Re:Is that any better excuse?

I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system.

If Microsoft did that they'd get slapped with another Monopoly lawsuit.

Re:Is that any better excuse?

[Caldeso]

For the entire time I've used Windows, I have had no need to install weird things off the internet. I just go to cnet's "software repositories", and I can download thousands and thousands of pieces of software that have been tested just for my operating system. In many other cases, I can go directly to the vendor's website and download yet more known-safe programs. No malware, no viruses, no attention seeking software that wants to embed a brand in my brain, no nagging to buy additional products, nothing.

Re:Is that any better excuse?

DId you rad the link? this is not being reported by very m...

Look I know many here consider Microsoft products a cancer, but c'mon already..!

Re:Is that any better excuse?

[zullnero]

The real question there is really a matter of user freedom vs. turning your choice over to whomever manages those repositories as a gatekeeper. It's an easier choice to make on a smartphone since people are going to generally use it for the same major reasons, but on a laptop or desktop, it depends more on what you want to get out of it.

Some folks don't mind being given the freedom to determine what is going to be bad for them and what is going to be good for them...and some folks want their hands held for them. Linux does give you both options, it just makes it a PITA for "ordinary folks" to do it one way and thus, guides them into the repos.

Microsoft announcing that they'd be the absolute gatekeeper for software installs would probably be like dropping an atom bomb on a lot of legitimate software companies along with a lot of illegitimate companies that produce badware. They had a little experience with this already, what with Palladium and Trustworthy Computing. Didn't go over too well, did it?

Re:Is that any better excuse?

The Flamebait aspect wasn't intentional; I'm not slagging Ubuntu as an OS, just pointing out that its low popularity makes it an unappealing target.

Re:Is that any better excuse?

Do not underestimate human naiveness. It can defeat even the most anal-retentive package manager.

Re:Is that any better excuse?

The best you can come up with are some GAMES?

Really, that's just sad. The PC has been reduced to a soupped Atari 2600.

Oddly enough, some people buy computers to play games on.

Go figure.

Re:Is that any better excuse?

The thing here is the user. YOU know not to let software do stupid things. A lot of users will download whatever garbage there is out there to see special emoticons or whatever. They'll click thru whatever prompts it takes to get their crapware, too.

You want to install some software? YES.

You want to add a startup item? YES.

You want to modify the registry? YES.

You want to send my vital data to a russian server? YES. JUST GIVE ME SMILEYS.

The malware authors could write software to do bad things to your wonderful free OS. They just know that 99.99% of Linux users won't approve of that garbage going onto their system. The return on investment just isn't there.

Re:Is that any better excuse?

[slimjim8094]

But if you were a stupid user (I choose stupid instead of ignorant), you'd be happy to do anything the "dancing bunnies" email told you to do, including "wget -O- http://dancing.bun/thing.deb | dpkg -i -" (no, I don't know if dpkg will read stdin).

It is admittedly easier to tell a user "don't get software unless it's in the repos" but that presupposes that some quality dancing bunnies/bonzi bunny/comet cursor replacement is in the repos.

In short, users will go to extreme lengths to fuck themselves up - I guess this is what makes them lusers.

Re:Is that any better excuse?

[Spykk]

Since Ubuntu protects you from Malware you should try my awesome new screensaver! I've included a copy in this comment:

#!/bin/bash
sudo rm -rf /

Re:Is that any better excuse?

[Dog-Cow]

The idea that ANY OS is safe from malware is a slashdot fallacy. It's simply not the case anywhere, for any OS in history. No OS protects the user from the user.

There is no proof that malware is as able to exploit its way to privilege escalation on Windows 7, and that's all any reasonable person can ask.

Re:Is that any better excuse?

[Dog-Cow]

I consider you to be an idiot of the highest degree.

And I bet everything I own that I am more correct than you.

Re:Is that any better excuse?

Same reason alot of things are not secured better in Windows: backwards compatibility.

One of the primary reasons Vista had so many issues was that they did make some core os changes for security that broke alot of old stuff. Microsoft is damned if they do and damned if they don't.

Re:Is that any better excuse?

Just out of curiosity, shouldn't Microsoft be responsible for ensuring that only valid data makes it into the registry? If this is the core information source for the system, it would seem that there should be checks in place, at the OS level, that prevent changes to core items.

In other words, what you are suggestion that Microsoft should make it impossible for the user to make modifications to files on their hard drive against the users wishes. That sounds similar to Apples security strategy.

Re:Is that any better excuse?

Since switching to Ubuntu, I have had no need to install weird things off the internet

Didn't you just install Ubuntu? ;)

No malware, no viruses, no attention seeking software ...

No decent video or music playback ...

Re:Is that any better excuse?

Quis custodiet ipsos custodes?

Re:Is that any better excuse?

[thePowerOfGrayskull]

depending on how enticing the malware author can make it sound, the user can be convinced to click "Yes" on each and every prompt. --

Worse than that. The user is trained, by the constant recurrence of that prompt, to automatically click yes.

Re:Is that any better excuse?

[vertinox]

Any OS is susceptible to malware

Yes, but the question is "by default"?

Take the default OS for the iPhone. It is basically impossible to get malware on there.

A jailbroken iPhone on the other hand... Well... Thats not Apple's fault.

Re:Is that any better excuse?

That's going in my signature!

Re:Is that any better excuse?

[Dog-Cow]

For the most part, the only thing I do on my Windows PC is play games. And browse the net, occasionally, or while playing games.

For everything else, there's my Macbook.

Re:Is that any better excuse?

[mcgrew]

Malware is what users explicitly run

No, trojans are what users explicitly run. Windows has had (and apears to have again) bugs that allow an attacker in despite the fact that no user has to explicitly run -- like a worm.

The Nachi family of worms, for example, tried to download and install patches from Microsoft's website to fix vulnerabilities in the host system - by exploiting those same vulnerabilities. In practice, although this may have made these systems more secure, it generated considerable network traffic, rebooted the machine in the course of patching it, and did its work without the consent of the computer's owner or user.

Re:Is that any better excuse?

[Nirvelli]

REGULAR USERS DON'T CARE ABOUT YOUR REPOSITORIES.
Sorry about the caps, but all of you crazy "my linux is better than you" people need to realize this.
If you put a normal computer user in front of your linux, they will still download the "dancing bunnies" or whatever from that fishy website, even though you've told them a thousand times to "use the repo."

Re:Is that any better excuse?

That's pretty much it right there, the free (trusted) software repositories.

Now imagine if everyone just dropped their teenage rebellious attitudes and made that software for the windows platform instead (no-one is stopping you) maybe I wouldn't have to suffer through all these crashes/bugs/reboots and stuff that simply doesn't work in ubuntu. 2 months going strong but I'm just getting fed up. The whole spaghetti code base is so obnoxious I feel sick applying fixes to stuff located in arbitrary locations with no coherence. If we were still in the 90's linux might have looked ok on the inside, but today... it's a mess.

Re:Is that any better excuse?

[mcgrew]

Microsoft is freedom? LOL! Weakness is strength, war is peace, hate is love.

Look, just about any program you need or want to run is in the repositories. And you're not given a single choice like your post suggests, but many. Even on the install CDs you have half a dozen different browsers, including all the majors (except, of course, IE and Safari).

Linux doesn't stop you from installing from elsewhere, either, it's just that it's seldom if ever needed. No freedom is lost, security and convinience are gained.

Re:Is that any better excuse?

There are a couple of reasons that you have not gotten any malware on your Ubuntu installation. Installing from repositories IS safer than downloading just anything off of the net and installing it. But thats not the only way to get malware on your computer. Linux has a small (but growing) percentage of the desktop PC market, so it has not been targeted nearly as much as Windows for malware attacks. That doesn't mean that things will stay that way. As Linux gains more market share, there will be malware written that targets Linux users. Another factor is how well educated about malware the user is. Do they know to not allow ANY web page to install anything? Do they know to NEVER view or click on ANY attachments, no matter who its from? Do they know that ANYTHING downloaded from the internet can contain a virus/trojan/malware program? Do they know that they must scan such downloads with an UP-TO_DATE virus scanner?

I think you get the point by now. How secure any OS is is at least partly determined by the user of that OS.

Re:Is that any better excuse?

[sglewis100]

That's going in my signature!

Great, once I see it, I'll finally know who this "Anonymous Coward" guy is that keeps posting hundreds of comments on every story.

Re:Is that any better excuse?

http://blog.pricewheels.com/2008/05/16/used-geo-metros-prices-going-up/

Re:Is that any better excuse?

[revlayle]

yes, playing GAMES - you know, that multi-billion-dollars-a-year industry... nothing major

Re:Is that any better excuse?

whats valid for x may not be valid for y

Re:Is that any better excuse?

[daveime]

I wouldn't say the entire registry, but it would be damned handy to know if *any* program was trying to add a startup vector, be it via the HKCU and HKLM run, runonce, runservice etc ...

It would also prevent every damn progam adding it's own "auto-updater" systray widget grrrr ...

It would also alleviate a lot of virus problems if the user was at least told "hey, program x wants to startup when you start your computer, are you sure you want to allow this ?".

Re:Is that any better excuse?

[mcgrew]

How does the article in any way suggest that Windows 7 is more susceptible to malware?

MS tried to say this OS was secure.

And more susceptible compared to what?

Compared to what they were claiming.

Re:Is that any better excuse?

[ShieldW0lf]

REGULAR USERS DON'T CARE ABOUT YOUR REPOSITORIES. Sorry about the caps, but all of you crazy "my linux is better than you" people need to realize this. If you put a normal computer user in front of your linux, they will still download the "dancing bunnies" or whatever from that fishy website, even though you've told them a thousand times to "use the repo."

My mother and stepfather, in their 60s, and my daughter and niece, both under 10, they all function just fine, and have for years. Clearly, it's because they're elite hackers with mad skills or something like that.

Re:Is that any better excuse?

[ukyoCE]

Give me one of those laptop dongle 3D cards and I'd ditch the desktop in favor of the laptop and never look back.

But re: GP post, yes, many of us put together PCs primarily for playing video games. And they typically have to run Windows, because there's no competitive cross-OS gaming platform.

Maybe it's sad to be paying $500+ to build a souped up Xbox360, but we still do it, at least for the time being. The death of PC gaming has been a long time coming. Maybe next generation? ;)

Re:Is that any better excuse?

[ProzacPatient]

I love Ubuntu but don't bathe yourself in ignorance like Mac users do.
Though unlikely, its entirely possible for a repository to be poisoned or for clever malware to change your repositories, and since you always have to give apt/deb permission to install any packages then this gives poisoned packages a free ride to unload their fury.

You ALWAYS have to be on the look out no matter what OS you use.

Re:Is that any better excuse?

How do you know you dont have a virus? Have you scanned for any?

Re:Is that any better excuse?

[WuphonsReach]

Microsoft announcing that they'd be the absolute gatekeeper for software installs would probably be like dropping an atom bomb on a lot of legitimate software companies along with a lot of illegitimate companies that produce badware. They had a little experience with this already, what with Palladium and Trustworthy Computing. Didn't go over too well, did it?

If Microsoft had been split into multiple companies a few years ago, Microsoft Operating Systems announcing such a thing would make a lot of sense. If they handled the payment side of the equation (similar to what SoftwareReg does), they could've easily swept up most or all the shareware software in addition to the big commercial software. Setting up a central repository for free and pay software, vetted by Microsoft, could've been a huge step up. They could've done the iPhone's "Apple Store" 5-8 years ago.

The problem is, of course, since Microsoft is a huge company that tries to compete in every possible market, there's no way in hell that ISVs would sign up for such a thing. Sure, it would make it easier for end-users to install your product, but you can pretty much make a sure bet that Microsoft would at some point cut you out of the equation. Probably by buying up a competitor and then competing against you in a channel that Microsoft controls at prices that only Microsoft can afford.

The sad thing? I'm pretty sure that Microsoft tried this back in the Win98/Win2k days. I can remember a built-in screen that would take you to a Microsoft online store where you could buy non-Microsoft software.

Re:Is that any better excuse?

[jedidiah]

> yes, playing GAMES - you know, that multi-billion-dollars-a-year industry... nothing major ...that is SHRINKING and is DWARFED by the console market.

Your attempt to justify spending too much for your PC does not impress most people.

Re:Is that any better excuse?

The registry has allowed invalid crap to be written to it for a long time. This is nothing new.

I think Russinovich even made a tool to delete registry values with mystery nulls because regedit couldn't.

Re:Is that any better excuse?

[99BottlesOfBeerInMyF]

Any OS is susceptible to malware.

True.

Malware is what users explicitly run, and then it does bad things to their system.

You're thinking of a trojan. Malware is simply short for malicious software, which includes trojans, but also worms, viruses, and others.

You can't secure against that, and no OS on the market today does that.

The iPhone and SELinux both seem to contradict your assertion.

You can pop up tons of prompts...

Why do users who seem focused entirely on Windows seem to think MORE prompts would make an OS more secure?

...but then it's the "dancing bunnies" problem

When I want to run Windows software I don't trust, I install it in a clean Windows VM by itself and roll back any changes to the VM after each time I use it. Are you telling me it is impossible to automate that level of sandboxing?

... the user can be convinced to click "Yes" on each and every prompt.

If you're giving people prompts that have a "Yes" button you've already failed and need to hire some usability experts with security backgrounds and then listen to them. All buttons should be verbs that describe a unique action. Otherwise the more prompts you have the more you condition users to a single response without reading. It's lot harder to convince a user to click the "Let this program from an unknown source have complete control of my computer forever", especially when that is the last option, they've never seen that before, and one of the other options is "Run this, but don't let it access my files" that safely runs the application in a sandbox or clean VM and hands it dummy resources when asked.

Re:Is that any better excuse?

[westlake]

I just go to Ubuntu's software repositories, and I can download thousands and thousands of pieces of software that have been tested just for my operating system.

Tested - or simply packaged for distribution?

What is your guarantee that all these thousands or tens of thousands of programs have been tested in depth?

no attention seeking software that wants to embed a brand in my brain

Let me introduce you to the GIMP.

More to the point - to Firefox and Open Office.

There are many open source projects which "sell" visibility and market share - along with tee shirts and coffee nugs - because they need a lot of money and a full time staff to keep going.

Re:Is that any better excuse?

[shutdown+-p+now]

You're thinking of a trojan. Malware is simply short for malicious software, which includes trojans, but also worms, viruses, and others.

True, I misused the word there. Nonetheless, most Windows malware is of the "explicitly run by the user" kind. Why aim for anything more complicated when this simple approach requires absolutely no security or hacking skills, and works wonderfully?

The iPhone and SELinux both seem to contradict your assertion.

SELinux can still be disabled, so in a sense it's equivalent to a particularly annoying prompt.

iPhone - it's not an OS feature, it's a "feature" of a locked-down distribution channel. A very dubious one at that, and I can't even imagine what an outcry would there be on /. (and elsewhere) if Microsoft ever went for white-listing applications that can run on Windows.

Why do users who seem focused entirely on Windows seem to think MORE prompts would make an OS more secure?

My entire reply was about how more prompts do not make an OS more secure, so I'm not sure what you're implying.

When I want to run Windows software I don't trust, I install it in a clean Windows VM by itself and roll back any changes to the VM after each time I use it. Are you telling me it is impossible to automate that level of sandboxing?

It's not impossible, but as described it's rather pointless. I dare say that the majority of software run requires some persistent access to system state (i.e. at least some changes should remain after it's closed - saved documents, etc). So full sandboxing is unfeasible for all applications. And now, if some applications can be launched without such a sandbox, or can prompt the user to drop it, we're back to square one: if malware author can somehow convince the user that his application doesn't need the sandbox ("dancing bunnies" etc), then user will run the application without the sandbox.

Then, also, a sandbox may block infection, but will not prevent malware from functioning otherwise. E.g. if sandbox does not block network connections (and, given the prevalence of network-enabled applications, I find it hard to believe a usable sandbox could do that), any malware run within can happily be part of the botnet for as long as the user is running it.

That said, the idea of automated rollback with an easy-to-use UI is an interesting one. There are third-party solutions for Windows that hook up into volume shadowing service to provide an efficient implementation of that - e.g. Acronis Try & Decide - but nothing out of the box. I'm not I'm not aware of similar stuff in OS X or Linux, however.

If you're giving people prompts that have a "Yes" button you've already failed and need to hire some usability experts with security backgrounds and then listen to them. All buttons should be verbs that describe a unique action.

I agree here. Curiously enough, this requirement was added to UI/UX guidelines for Vista (and remains for 7), and all other system dialogs were revamped in Vista to follow them - so e.g. a file overwrite dialog won't have "Yes" and "No" as choices, but rather "Overwrite" and "Don't overwrite". So, apparently, usability experts were hired. Why the new (!) UAC dialog has "Yes" and "No" is beyond me, however; and why this persists in 7 is even more incomprehensible.

Re:Is that any better excuse?

That's like saying "shouldn't Linux be responsible for stopping you from saving something incorrect into a config file".

Re:Is that any better excuse?

No, of course not, obviously it's because the plural of anecdote is "data".

Re:Is that any better excuse?

That is bullshit excusifying for Microsoft. I'm running an iPhone for 2.5 years, always-on, always-connected, running Web and native apps and no malware. Mac OS X for 10 years including the beta, and at no time has an app installed itself and done things in the background. People are having their banks emptied by their Windows PC's as they attempt tondo online banking. Why is a fucking $189 iPod secure for banking and a Windows PC not?

The issue is not apps you run yourself, it's that apps can install and run themselves. There is no excuse for the lack of basic Unix security in Windows anymore. It's sold to users as being Internet-ready, users who don't know what software is in many cases, let alone malware.

The only thing worse than Microsoft's lack of quality is the idiots like you who make excuses for them. Get a fucking clue.

Re:Is that any better excuse?

[ajlisows]

Ubuntu has a nice repository and the system works well. You will find no argument from me here. Granted, I do go outside the safe world of the repository to find software for my Linux boxes as well...just not terribly often.

That said, I can't even begin to imagine the public outcry (especially here on Slashdot) if Microsoft moved to that model. I'm pretty sure the general consensus would be "Microsoft is telling us what people can put on their machines! Micro$oft is the suXX0rz and the An+ichri+t!!!" even if the repository was indeed managed fairly and was as easy to use and as diverse as the ubuntu version. Another problem is scale. Yes, there is a lot of software out there for Linux but the amount of software written for Windows is mind boggling. It would take millions of man hours for this to be set up and inevitably many pieces of great software would see their death warrants signed by being excluded from the Microsoft Depot (I believe that most Linux users feel comfortable searching outside the Repos when needed, while an average Windows user would probably be pretty frightened to venture outside the safe sphere at all).

Not to mention the lawsuit implications of this. If they excluded some shaky third party calculator software or some obscure fourth rate browser for legitimate reasons (which I don't really trust them to do anyway...I'm sure they'd find a way to exclude Firefox) they would just be asking for that company to cry "monopoly" and file lawsuits against them. A small company couldn't really stand up to Microsoft's army of Lawyers, but 5,000 small companies sure would have Microsoft sinking a lot of money into litigation.

While it could be nice, I just don't see the same kind of setup that works for some Ubuntu and other distros working for Microsoft. At all.

Re:Is that any better excuse?

[westyvw]

I dont know, but Steam (and its games), Urban Terror, hundreds of many genres of games, and thousands of flash games work just fine on Linux, thank you.
I seem to be reminded of this: http://xkcd.com/484/ anyways.

Re:Is that any better excuse?

[westyvw]

I doubt there is more, but how about you do a package search, generate a list of about 100 software installs, and select and install them: At once. Good luck with that: enjoy your shareware/malware/crippleware/spyware/eula answering love fest, while watching your system constantly evolving the menus, right click options, meanwhile splattering your desktop with icons and reorganizing your menus. Sounds like fun.

Re:Is that any better excuse?

[westyvw]

Are you referring to MySpace or Facebook?

Re:Is that any better excuse?

People in their 60s who are willing to use a computer aren't "normal users."
Neither are people under 10.
Try somewhere in the range of middle school through 40.

Re:Is that any better excuse?

[Pigskin-Referee]

I consider it to be the case that my free OS does indeed protect me against malware, where proprietary offerings that cost hundreds of dollars more do not.

It also limits what software you can utilize. Now, if you do not mind being treated like a mindless drone, welcome to your "Brave New World". (http://en.wikipedia.org/wiki/Brave_New_World)

Re:Is that any better excuse?

[ShieldW0lf]

No, of course not, obviously it's because the plural of anecdote is "data".

When someone speaks in absolutes, rather than probabilities, an anecdote is all you need. If I say "American people have a higher than average chance of being illiterate", then having one American stand up and say "Hey, I can read" doesn't disprove my statement. On the other hand, if I make a blanket statement and say "Americans are ignorant and illiterate", then having the one American who can read stand up and say "I see a car, go car go!" successfully disproves my statement.

Re:Is that any better excuse?

[EndlessNameless]

All programs are expected to use the software hive of the Windows registry, and some may have legitimate reasons to change the system hive as well. Most apps or services that have a bona fide need to do so will be business-oriented, specialized scientific/industrial, or security apps.

Unless they want to utterly cut off system customization, they cannot block access to the registry any further than requiring administrator privileges to change it. And if we're talking about personal PCs, it is trivial to convince most users to accept a UAC elevation prompt.

And, of course, when you are dealing with core OS configuration you can break it. Perhaps making the GUI shell less dependent on an editable registry value would be wise (or even having a graceful failure mode when initialized with invalid options).

But locking the registry? No. Windows is already less configurable than Linux, and making this worse will not endear Microsoft to anyone.

Re:Is that any better excuse?

[99BottlesOfBeerInMyF]

Nonetheless, most Windows malware is of the "explicitly run by the user" kind. Why aim for anything more complicated when this simple approach requires absolutely no security or hacking skills, and works wonderfully?

While I agree trojans are a significant concern, I don't think you can dismiss other kinds of malware either. Last I checked the numbers, while trojans were the most numerous kind of malware (more kinds of trojans than any other malware) they did not make up the bulk of compromised computers. That honor was still held by automated worms which had no user interaction. While there are fewer different worms out there, each one exploited vastly more systems than any trojan.

You can't secure against that[trojans], and no OS on the market today does that.

The iPhone and SELinux both seem to contradict your assertion.

SELinux can still be disabled, so in a sense it's equivalent to a particularly annoying prompt.

But in the environment where it is deployed, it is not disabled and often users have ability to disable it, yet those same users can still install arbitrary software, it is just into a locked down sandbox.

iPhone - it's not an OS feature, it's a "feature" of a locked-down distribution channel. A very dubious one at that, and I can't even imagine what an outcry would there be on /. (and elsewhere) if Microsoft ever went for white-listing applications that can run on Windows.

The distribution channel is a feature of the OS. Ubuntu Linux, by the way, has a similar model on the roadmap where they offer commercial apps though a store built into the package manager and by default disable software installation from other sources. Apple has a single distribution channel, but would they be all that much less secure if the iPhone allowed subscription to multiple distribution channels, all signed? It's the fact that the applications come through a certifying body and are linked to real people and their ability to run can be revoked centrally that makes it very secure. MS could (and I think should) replicate the default sandboxing and centralized installation management. Further they should allow other software to run, but only in a locked down sandbox or VM that can't access any file not explicitly selected by the user. There's no reason you can't add the security features of the iPhone without making it a one company show.

My entire reply was about how more prompts do not make an OS more secure, so I'm not sure what you're implying.

I was commenting on your phraseology which implied that the OS was still not secure despite tons of prompts instead of because of tons of prompts.

It's not impossible, but as described it's rather pointless.

I disagree.

I dare say that the majority of software run requires some persistent access to system state (i.e. at least some changes should remain after it's closed - saved documents, etc). So full sandboxing is unfeasible for all applications.

Who said anything about full sandboxing. When I use a VM, I give that VM access to a single directory in a larger shared directory of the host OS. If I want it to access files I copy them into the directory. When I'm done, I can copy select files out of the directory. The directory is locked so it can never use more than a select amount of disk space. The VM has access to the internet or not on a one off basis, which I can disable at any time and excessive network use is easily detected by my monitors. All of these are reasonable secure defaults that don't interfere with the operation of normal software. Some are a bit cumbersome because I'm implementing them by hand, explicitly, instead of their existing as a part of a pre-built, polished security infrastructure. The easiest way is to limit applications to the ability to modif

Re:Is that any better excuse?

[shutdown+-p+now]

MS could (and I think should) replicate the default sandboxing and centralized installation management. Further they should allow other software to run, but only in a locked down sandbox or VM that can't access any file not explicitly selected by the user. There's no reason you can't add the security features of the iPhone without making it a one company show.

So long as MS has any control - real or perceived - over third parties who run such distribution channels, it will be fined to Hell and beyond for abusing monopoly (and rightly so, IMO).

he easiest way is to limit applications to the ability to modify their own files, in a specific directory, and files explicitly selected by the user. You want to open a file in a sandboxed app, just select it from the OS provided open dialogue. The OS then knows that you want the program to open the file and that it is not being done on its own.

You largely describe how sandboxed .NET applications (e.g. those installed using ClickOnce, or WPF browser applications running in a browser) work. That exists today. Application writers mostly don't bother with it, however, even when they build on .NET anyway.

And making it the only way to run "untrusted" applications... see above monopoly issue in case a whitelist is involved. And with no whitelist, it would be a usability hell.

As a side note, for all the good ideas, why do you think e.g. Apple doesn't implement them in desktop OS X?

Re:Is that any better excuse?

[xxuserxx]

Console games suck. PC exclusive games / simulators are years ahead of the consoles. Do not confuse success with quality. I am not interested in playing Mario.

Re:Is that any better excuse?

[99BottlesOfBeerInMyF]

So long as MS has any control - real or perceived - over third parties who run such distribution channels, it will be fined to Hell and beyond for abusing monopoly (and rightly so, IMO).

That's not how antitrust law works. For MS to be found guilty and fined they need to be leveraging their OS monopoly into another market. In this case, it would be the market for a specific kind of application. All MS has to do to remain compliant with the law is treat their own applications exactly the same as third party applications. That means no MS applications that don't have to use the same APIs or sandbox.

You largely describe how sandboxed .NET applications (e.g. those installed using ClickOnce, or WPF browser applications running in a browser) work. That exists today. Application writers mostly don't bother with it, however, even when they build on .NET anyway.

I don't want to quibble about the details there. For such a system to work, developers need to be given incentive to use such a system. For example, users won't be shown scary looking prompts that might lead them to use a competing product and it is the default behavior for apps built using mainstream dev tools. You can't just add it as an option, if developers are willing to put in more work for the same money, and expect it to make any difference.

And making it the only way to run "untrusted" applications... see above monopoly issue in case a whitelist is involved. And with no whitelist, it would be a usability hell.

That's easy from an antitrust perspective. Provide a greylist in the form of a regularly updated feed. Provide the API to third parties and allow any company willing to sign a contract (known parties that can be held legally responsible) to supply the same either for free or as a pay service.

I'd also note, a whitelist/blacklist is not sufficiently granular. Rather each app should be restricted by an ACL (already an option built into Windows) and the whitelist should approve/disapprove/or modify the ACL.

As a side note, for all the good ideas, why do you think e.g. Apple doesn't implement them in desktop OS X?

Because to date there have been what, two in the wild trojans and no in the wild worms for OS X. Apple implements a level of security that is appropriate to the threat posed to their users. Right now, looking for both trojans when downloading files from Safari and Mail.app seems to work just fine.

I might mention Apple has done a lot of work over the last two versions building all the underlying architecture needed to implement just such a system. They ported an ACL framework from TrustedBSD and wrote their own signing framework. That combined with the OpenStep implementation leaves them with everything but the manager app and the OS UI components. They already use the signing framework in their security and already apply ACLs to sandbox several potentially vulnerable applications and services. In fact it already prevented OS X from being vulnerable to the ZeroConf exploit that hit Linux and many Windows apps a few years back.

Re:Is that any better excuse?

[R4nneko]

The game market includes consoles.

The PC market is not (last I heard) shrinking, its growth may be outpaced by individual consoles, and certainly is if you add all of the consoles together.

Note also that the PC market is increasingly shifting into the digital distribution space, making retail numbers unreliable, and of course that the entire world is not reflected in NPD sales, most sales charts pretty much show numbers for the US, UK and maybe Japan.

Re:Is that any better excuse?

And the person you were so ineptly trying to refute WAS speaking in generalities, not absolutes. Therefore, your anecdotal evidence is worthless, and you're an idiot. You knew this already, of course, and are just trying to cover for your stupidity. So you're also a liar.

rofl

I had no idea Windows Vista and Windows 7 still had such large install bases of malware

KB976036 has conflict with Comodo Firewall

[ub3r+n3u7r4l1st]

We have a bunch of machines that can't properly shut down after this update (time zone update) is applied. It takes me few hours to isolate this thanks to some instant recovery software.

Re:KB976036 has conflict with Comodo Firewall

[Curmudgeonlyoldbloke]

Prevx had pointed the finger at, but then exonerated, KB976098 and KB915597. Are you sure that you mean 976036? MS' site doesn't seem to know about it.

Re:KB976036 has conflict with Comodo Firewall

[xxuserxx]

I would say comodo firewall is your issue. Is this a business? Why are you not using a hardware firewall? Also why not use Microsofts firewall as 1 its built in and 2 it works.

Re:KB976036 has conflict with Comodo Firewall

[Antiocheian]

Comodo is not only a firewall but an excellent intrusion prevention system (bundled with a crappy antivirus). It *is* a great product to have for free and it is not comparable to a hardware firewall. The point of Comodo is to prevent new executables from performing malware related activities (such as monitoring the keyboard) or even running without your permission. Of course its also a firewall. But Comodo, unlike the built in Windows Firewall, won't let applications change its rules without user intervention.

Really, modern firewalls are very different products to hardware firewalls... take a look here: http://www.matousec.com/projects/proactive-security-challenge/results.php

Groveling?

[PCM2]

Since when does apologizing to someone for your own baseless accusations amount to "groveling"?

From the post in question:

Having narrowed down a specific trigger for this condition we've done quite a bit of testing and re-testing on the recent Windows patches including KB976098 and KB915597 as referred to in our previous blog. Since more specifically narrowing down the cause we have been able to exonerate these patches from being a contributory factor
. . .
We apologize to Microsoft for any inconvenience our blog may have caused.

Wow. Way to kiss ass.

You know what would be even more pathetic and embarrassing than this kind of "groveling"? Standing behind claims that you know to be false.

Re:Groveling?

[C_Kode]

Maybe when you can get sued so bad that your business dies. Would you grovel then? I thought so.

Re:Groveling?

You know what would be even more pathetic and embarrassing than this kind of "groveling"? Standing behind claims that you know to be false.

Naw. That's how they do it in climate science.

Re:Groveling?

[PCM2]

So what's your point? Mine is that apologizing != "groveling." If more IT types could learn how to admit they're wrong gracefully, the world would be a better place IMHO.

Re:Groveling?

[DaveV1.0]

To the rabid anti-Microsoft crowd, any apology is "groveling", regardless of who was wrong.

Re:Groveling?

[Antiocheian]

Did you even read his posting ?

Re:Groveling?

[sorak]

I think GP agrees with you. He seems to be arguing that an honest human being should admit to his mistakes, without being denigrated for showing weakness.

Re:Groveling?

[Tim+C]

Yeah, but that wasn't grovelling, that was just "Oops, our mistake, sorry."

Grovelling would be more along the lines of "We apologise unreservedly for any inconvenience caused, we messed up and are truly, deeply sorry and crave the understanding and forgiveness of all those involved; sorry everyone."

Re:Groveling?

[u-235-sentinel]

To the rabid anti-Microsoft crowd, any apology is "groveling", regardless of who was wrong.

Whoa... I'd hate to see what the rabid Microsoft crowd would call an apology...

Re:Groveling?

[DaveV1.0]

Awww look, the rabid anti-Microsoft crowd has modded my truthful response as Flaimbait, completely missing the point that the summary of the article is Flaimbait

Re:Groveling?

[drinkypoo]

Could you please grovel some more? I missed how that went.

Re:Groveling?

[mjwx]

So what's your point? Mine is that apologizing != "groveling." If more IT types could learn how to admit they're wrong gracefully, the world would be a better place IMHO.

I agree with your point apologising != grovelling but why single out IT people. I mean if CxO's could learn the same thing it would have a hell of a bigger impact on the world.

Most of the people who have a problem with applogising have a problem with taking responsablity for their actions as an apology is an admission of guilt, thus many equate it to grovelling to demonise the act of apologising and weasel out of it. This is a major symptom of people who have an Antisocial Personality Disorder or commonly called sociopaths. I don't see the reason to single out IT people here when we are yet to see any of the wall st bankers apologise for the GFC.

Do we have to be nasty?

[Eevee]

Prevx has issued a grovelling apology on its own blog.

Grovelling? How sad it is that an honest apology gets an insult. If you find "We apologize to Microsoft for any inconvenience our blog may have caused." as grovelling, then I feel very sad for you and your vision of how people should relate to each other.

Re:Do we have to be nasty?

[qoncept]

What I don't understand is why people aren't still ripping Microsoft for this. They make software with an exploit that can prevent your PC from booting, .... meh. It's like a data center losing your data and blaming it on a fire. Yes, the fire destroyed the data. Yes, there should have been redundancy.

Re:Do we have to be nasty?

Uh, the "exploit" in question is called a "human". What exactly do you expect Microsoft to do about people doing stupid things like installing malware? Maybe they should just make it so if the user does something stupid, their computer will no longer boot.

Oh...

Re:Do we have to be nasty?

[uniqueUser]

Grovelling? How sad it is that an honest apology gets an insult. If you find "We apologize to Microsoft for any inconvenience our blog may have caused." as grovelling[...]

I agree with you @Eevee, I did not detect any "grovelling" either. Unfortunately for some, if every sentence does not begin and end with "M$ Sucks" then you are labeled a M$ Fanboy. While I admit I have my own Microsoft frustrations at times, MS not the root of all evil.

Re:Do we have to be nasty?

[Antiocheian]

Yes, that's why data centers are administered by professionals.

Let your average user inside a data center and you'll see what happens.

Re:Do we have to be nasty?

[nmb3000]

What I don't understand is why people aren't still ripping Microsoft for this. They make software with an exploit that can prevent your PC from booting

You're kidding, right? Go rm -rf /etc, /boot, /etc/password, or /etc/shadow and see what happens.

I don't understand why people aren't ripping on these stupid Linux distributions have such easily exploitable flaws!

Users with root/administrative privileges can preform (directly or via a software proxy) destructive actions to their operating system. This is not an exploit, it is by design.

Re:Do we have to be nasty?

[natehoy]

And my automobile (sorry, obligatory automotive analogy) has a steering wheel that allows me to turn the car toward pedestrians and kill people. This happens far more frequently, and has been happening since before the computer was even invented.

The PC was invented because people wanted to have a computer under their control that they could load anything they wanted to. Trick someone into thinking that the cute little fluffy sheep walking around on their screen is something they want, and they'll install it, and they'll answer the "Do you want this program to have access to core system functions?" and they'll have no clue what a core is except they don't own an Apple, and they'll say "sure, whatever it takes to just stop bothering the piss out of me and show me the fuzzy sheep".

The only way to really solve the problem is to prevent the computer from executing anything until it's been signed by a local administrator. And then the average "computer is appliance" user is going to click the "allow everything forever" button because they just want the poppy things to get out of the way of loading their new fancy cursor or BonziBuddy.

The user can control the computer, or they can't. If you give them control, they can and frequently will load things that will cause problems. If you don't give them control, they'll take it back to Wal-Mart because it can't do what they bought it for.

I intend no insult to inexperienced users here. It would be nice if computers were designed to slowly unlock functions as people get more experienced and knowledgeable with the operating system, but that just ain't gonna happen. Like ladders, chainsaws, hammers, and lathes - there's only so much safety you can design into something and still allow someone to get the work done they want with it.

Re:Do we have to be nasty?

[ArsonSmith]

"Go rm -rf /etc, /boot, /etc/password, or /etc/shadow and see what happens."

Hmm, didn't seem to have any issues with the system. It just gave me a bunch of permission denied errors.

Re:Do we have to be nasty?

[Dog-Cow]

It's more like you're a total idiot and you post to slashdot.

MS cannot prevent you from making your PC not boot. Period.

Re:Do we have to be nasty?

[ukyoCE]

The user can control the computer, or they can't.

Eh - there's a very very large grey area there. There are a lot of "application platforms" that are closed enough to prevent malware (or at least particularly harmful malware) by not supporting any potentially malicious functions. Look at the (non-cracked) iPhone, video game mods, winamp plugins, facebook apps, and many more.

You only have a problem if the user needs specific functionality that can also be malicious.

Gold spammers in WOW is a great example of malware authors trying to abuse any niche they can find in-game, and Blizzard cracking down on them further and further by locking down functionality for ALL users (or at least a class of users, free-trial users).

Interestingly enough, I've never really heard of a WOW addon being malicious. Perhaps because its so much more cumbersome to download+install a WOW addon, compared to IE prompting you to automatically run untrusted code? Or maybe addons are locked down so successfully that they can be massively popular without being exploitable?

Most people seem to miss this large grey area, even though it's been discussed a lot as Apple's reason for not allowing apps to continue running in the background. Killing battery life, privacy, and self-propagating worms are all in the realm of "potential harmful functionality" that would be enabled by running apps in the background. Since there are also legitimate non-harmful uses, we have power-users upset at the loss of functionality.

Re:Do we have to be nasty?

[natehoy]

Right, and the level of control the user has over their computer is inversely proportional to the security imposed by an external force (assuming that source can be trusted). Sorry if my original statement made that sound completely black and white.

Your iPhone example is an excellent one.

So you have people jailbreaking iPhones so they could do things that Steve said "no" to, then they are complaining when they get hacked.

They had a reasonably secure, if overly controlling, overlord looking out for them. Jailbreakers decided they wanted to go out into the big wide world, and got run over by a bus because Nanny Steve wasn't there to hold their hand and remind them to look both ways. :)

They gained control, and lost security.

Windows XP made the security model almost absolutely black and white. You ran as Admin and could install software (and, sadly, in a lot of cases could RUN software), or you ran as Limited User and couldn't do either. So the default was Admin. People who wanted more security created LUser accounts and suffered big hassles (not Microsoft's fault, a lot of crappy software just assumed it had Admin rights because that was the default). Even those of us who really WANTED to run as LUser found it almost impossible to deal with on a regular basis.

Windows Vista and Seven have improved on this considerably. You run as a sorta-kinda Admin, but whenever you try to do Adminish sorts of things, the system asks you if this is really what you want to do. But you still have the freedom of absolute control over your software - albeit with a few annoying "are you sure" prompts.

But I don't think Microsoft (or the majority of their customers) are ready to go with an iPhone-style control of what is "approved" to run on Windows and what isn't, with all control going through Microsoft. In fact, I bet if they tried it the Slashdot community would only be the leading edge of the fecalstorm they'd find themselves in.

Linux lives in the middle ground between the "Gates of Chaos" and the "Job of Control". Most software is offered in repositories, and those are relatively controlled and secure. But any user can, at any time, install whatever they please.

Re:Do we have to be nasty?

[99BottlesOfBeerInMyF]

The PC was invented because people wanted to have a computer under their control that they could load anything they wanted to. Trick someone into thinking that the cute little fluffy sheep walking around on their screen is something they want, and they'll install it, and they'll answer the "Do you want this program to have access to core system functions?" and they'll have no clue what a core is except they don't own an Apple, and they'll say "sure, whatever it takes to just stop bothering the piss out of me and show me the fuzzy sheep".

If your OS is asking end users if an unsigned application can have complete control of their computer, then you have already failed as an OS designer. A good OS lets the user run whatever they want, but sandboxes it by default so they can do so safely. If you make sure users know applications will run or not regardless of if they give it complete control of their computer, because the app itself doesn't have a good way to tell, then you can easily let users see the fuzzy sheep without letting it root the machine. This is s solved problem.

The user can control the computer, or they can't.

You can let the user control the computer if you give them good information, good choices, and good granularity of control. "Run it and let it control my computer forever" or "don't run it" is not sufficient granularity of control. It's like Word files back in the day. You could open them or you could not open them. My boss offered a grand for anyone in the office that could create a menu item that was "open but don't let it run macros and VB scripts and infect my machine".

If you give them control, they can and frequently will load things that will cause problems.

Only if you give them crappy defaults and poor choices without enough info.

I intend no insult to inexperienced users here. It would be nice if computers were designed to slowly unlock functions as people get more experienced and knowledgeable with the operating system, but that just ain't gonna happen.

There is no need for slowly unlocking functionality. Just put crazy options like running unsigned apps outside of the sandbox in a advanced options menu where users of legitimate software will never have to go and make sure it is appropriately labelled like "Allow the unknown person who created this software to control my computer from now on".

Like ladders, chainsaws, hammers, and lathes - there's only so much safety you can design into something and still allow someone to get the work done they want with it.

Chainsaws aren't designed so that if you cut into the wrong tree an eco-activist can at any point in the future take over your chainsaw and do what they want with it unless the user goes to great lengths and buys third party products to stop that from happening. OS's should have security appropriate to the threat level they are likely to be subjected to. For home users, Windows does not have sufficient security.

Re:Do we have to be nasty?

I stopped reading when you started grovelling in the first paragraph.

Re:Do we have to be nasty?

I intend no insult to inexperienced users here. It would be nice if computers were designed to slowly unlock functions as people get more experienced and knowledgeable with the operating system, but that just ain't gonna happen.

So you mean when they gain enough experience they can level up and unlock new abilities?!?

Re:Do we have to be nasty?

Or, as I have long put it to my students:

          the industry is incapable of building a foolproof computer, yet insists on selling them to fools.

A little pithier, IMHO.

Re:Do we have to be nasty?

[ajlisows]

I kind of like that idea but I can see some problems arising....

Congratulations! You have successfully installed Microsoft Office 2007 and reached achievement level 2! You are now allowed to change your screen saver!!!! :) :) :)

Uh oh! :( It seems that you just installed a piece of Terror Ware known as Open (as in opening the very gates of hell) Office. Your achievement level has just dropped from 5 to 3. Your hosts file has been modified with the line mail.google.com 64.4.32.7. When you figure out how to wisely choose what programs and services to use, this will change. Oh, and by supporting Open Office or Google you support terrorists.

You have attempted to install a program named "Firefox" (which is made by a company known to set foxes and other cute furry animals such as baby kittens on fire. Then they kick them. Uhm, in the face. Repeatedly) but your achievement score is only 6. Thankfully this system has been put into place or your inadequate ability to make your own choices would have hurt you and a small puppy.

You have just performed on a search on Bing (+1 Achievement) for something called "Ubuntu". Your Internet Access has been disabled. To reenable your Intertubes, open Microsoft Word 2007 and type (Sorry, copy and paste is also disabled) "Ubuntu is a complete piece of crap that is used only by communist radicals who never emerge from their parents basement and are allergic to sunlight." 5000 times or until the Microsoft truth headband decides you really mean it, whichever comes second.

Re:Do we have to be nasty?

Yeah, but it's really fun! You need to type in ur password LOL

Re:Do we have to be nasty?

Just to clarify, using your definition of sufficient security, no consumer PC OS has sufficient security.

People who single out Windows for problems that are systemic across all other Operating Systems are
a) moronic
and b) zealots

Re:Do we have to be nasty?

[99BottlesOfBeerInMyF]

Just to clarify, using your definition of sufficient security, no consumer PC OS has sufficient security.

Most Mac OS X users never have a significant security related problem. Most SELinux workstation users never have a significant security related problem. Most Symbian OS users never have a significant security related problem. These OS's all have differing level of security in different ways, some more and some less strict than in Windows 7. The difference is, the amount of effort put into security for those OS's is sufficient to meet the needs of the customers, because if it isn't customers move on to another OS. Microsoft does not have that issue, so they do not invest money in securing their OS to deal with the level of threat appropriate to the real world environment in which it operates.

People who single out Windows for problems that are systemic across all other Operating Systems are a) moronic and b) zealots

Or maybe you're simply not understanding how Windows is different from all other OS's. It is not being marketed in a competitive free market where customers needs are met because that is what maximizes profit. If MS were broken up into two companies both with complete rights to the Windows code, half the resources, and forbidden to in any way interact non-publicly or enter into exclusive agreements, how long do you think it would be before one of those companies introduced technology that made security no longer a major issue for their users as a way to win customers from the competing company?

Re:malware...

[nomadic]

When did they do that?

Still an MS Bug

[caseih]

Whether or not the problem is triggered by malware or some MS update, this is still a bug that MS needs to fix. That fact that malware can hide its keys from you through this method should be impetus enough for MS to fix this in programs like regedit. Certainly fixing Windows to properly parse the shell name from the registry key is a no brainer.

Re:Still an MS Bug

If you ran linux all the time as root would you have any right to complain when your system is pwned and damaged? The registry has access control lists, but like linux an administrator(root) account has full read and write permissions.

Re:Still an MS Bug

[slimjim8094]

As I understand it, NT strings aren't C-strings - that is, they don't end with the \0 null-byte. I think they may be Pascal-strings, preceded by the length. Windows uses the standard C-string terminated by the null byte.

Long story short, Registry entries are NT strings, while regedit displays them as Windows strings - and hence stops at the (valid) null-containing data. Therefore, it's not a trivial problem to fix, and it affects any program using the NT string as a C string.

Caveat - This may be wrong. It's been a while since I've fought these intricacies. Use at your own risk and all that.

Ladies and Gentlemen:

We have identified the malware that results in the "black screen of death" and it is......Windows.

Ok, mod it troll if you like, but it was so obvious it just HAD to be said.

Re:Ladies and Gentlemen:

[ArcadeNut]

Well, if it's that obvious, then your post should be rated -1 Redundant...

Re:malware...

[Conchobair]

The malware is Windows 7.

Yeah, ok.

[rmushkatblat]

This isn't altogether surprising. Though, to be honest, I'm not sure how they managed to bungle detecting which program modified the registry keys.

System Registry

[C_Kode]

Maybe one day Microsoft will get rid of the Windows Registry. It's like putting port holes on the bottom of your boat. Sure, they let you see the fish, but sooner or later one is going to break and sink your ship.

The Windows registry has always been a bane of Windows use since it's inception.

Re:System Registry

[BradleyUffner]

What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format? That will be much easier for the user than a centralized, standardized configuration system.

Re:System Registry

Yes, it's so much better to keep important system-wide configuration options scattered throughout a plethora of files and directories.

Re:System Registry

[geekoid]

Agreed. I have been saying this since it was announced.

Yes, they need a place to put shared data, but nothing that is critical to the operation of an OS or application should ever be put there.

Re:System Registry

[HerculesMO]

Not to rain on your hate parade, but in addition to the comments about the CONF files, the registry also makes Windows much easier to manage on an enterprise scale.

I can create an application, put its settings in the registry, and boom -- I can manage it through an MMC for thousands of computers with only the creation of a policy template to change settings.

The misunderstanding of the registry's use is always what people hated about it, sadly.

Re:System Registry

[V!NCENT]

"What do you want them to replace it with?"
Two registries. Number 1 for the system settings. Locked down. Number 2 for apps. This also makes it backwards compatible.

Re:System Registry

[V!NCENT]

/etc/ So shut the fsck up -_-

Re:System Registry

[DaveV1.0]

Yes! Because that is the *nix way! It has been around for 30+ years so we know it is the best way evar! /sarcasm

Re:System Registry

[BradleyUffner]

Registry items can already be locked down by ACLs, and the physical structure is already split in to machine and user specific files.

It would be nice if the ACLs were configured sensably by default though.

Re:System Registry

[Kill+all+Muslims]

This is already how it is. This particular key exists in HKLM, for which you need Administrator access to write to.

Re:System Registry

[kpainter]

"What do you want them to replace it with?"

Two registries. Number 1 for the system settings. Locked down. Number 2 for apps. This also makes it backwards compatible.

Are you saying "two wrongs make a right"?

Re:System Registry

[ZorinLynx]

Do it the Mac way. Standardized XML format (property lists) stored in a standard location (~/Library/Application Support/ApplicationName). Each app has its own file to work with, and completely removing an app and its detritus is as simple as trashing the folders.

The registry was a bad idea from the start. I imagine MS wants to get rid of it, but it has become too entrenched and backwards compatibility requires it to still be around.

Re:System Registry

[klui]

Yes. Instead of relying on a hidden file system where all the configurations are stored, rewrite the API so those calls write values on the file system as a bunch of folders and files. This alone should mitigate the case where a single byte written incorrectly into the registry file will cause the entire contents to be unavailable.

Re:System Registry

[BarryJacobsen]

Maybe one day Microsoft will get rid of the Windows Registry. It's like putting port holes on the bottom of your boat. Sure, they let you see the fish, but sooner or later one is going to break and sink your ship.

The Windows registry has always been a bane of Windows use since it's inception.

Because Malware would clearly have trouble modifying the config files that would be used instead?

Re:System Registry

[cstdenis]

And /usr/local/etc
and /usr/local//etc, /usr/local//conf, /usr/local//data...

Re:System Registry

[GrBear]

/etc/ So shut the fsck up -_-

If Windows used /etc/ I imagine it would look something like this..

sjkHFG12.cnf
2874asdf.dat
virsdefs.cfg
MYMLWARE.CNF
MSOFFI~1.cfg
MSOFFI~2.cfg

You know, full of highly detailed filenames with standardized extensions clearly indicating what programs they belong to.

Re:System Registry

[McNihil]

The reason why the registry exist is that the filesystems on Windows OS' have historically been lock on read (more than one program using the same file at the same time is a no-no.) Meaning that having a place where this was not the case was VERY meaningful to lessen access bottlenecks, thus enter the registry.

Having hundereds of conf files in /etc or having them in a registry "hive" is "same same but different" that's ALL. Gnome has a form of registry hive as well... organizing data whether being direct in the filesystem or special filesystem (DB or what have you) is the same.

I have to say that it is easier to edit a config file with vi/edit/ed/sed IF one knows where to go. Regedit command line tools sure... GUI... not efficient... Gnome registry either conf-editor or command line... I personally stick to CLI.

I agree that Windows should "drop the registry..." but only because they should drop the ancient approach of their locking behavior on the filesystem... this would also cure the reboot till you drop at update times. Later OS-X versions have started to reboot machinery after updates just to be more like Windows because that's what users EXPECT. It is painful!
 

Re:System Registry

[CoJoNEs]

Not to rain on your hate parade, but in addition to the comments about the CONF files, the registry also makes Windows much easier to manage on an enterprise scale.

I can create an application, put its settings in the registry, and boom -- I can manage it through an MMC for thousands of computers with only the creation of a policy template to change settings.

The misunderstanding of the registry's use is always what people hated about it, sadly.

Because its nearly impossible to edit a file remotely through scripting. Right..

Besides if Microsoft went this route they would modify the interface so you could still use policys to edit it just as you always did.

Re:System Registry

modifying a single config file affects the system ALOT less if it's not the system config file (which normally should/would be locked down with greater security)

So yes, in a decent implementation of multiple config files, malware would have more trouble.

Re:System Registry

[avatar4d]

It's been more of the "bane of Windows" in the respect to manageability within the system. Outside of malware and the like, what do you think causes Windows to slowdown over time?

Re:System Registry

[Ilgaz]

/etc
($HOME)/Library/Preferences

Please, enough really... Especially on Mac. Mac _always_ had Preferences in some sensible place, even in Pre OS X times.

If you want to trust your entire settings to a single bulky file which is also known to fragment&get redundant over time, it is fine but please stop this "random files" bullshit... No, nothing is at random place. Especially on OS X. Put your .plist file to some "random" place and see what happens.

Re:System Registry

[HerculesMO]

I didn't say it was impossible to edit a remote file. I just said it's easy to do with a centralized repository.

I could write perl scripts that modify remote files of thousands of machines too, but why would I if I have the ability to manage everything from a single console, with NO code, and maybe about 5-10 lines of a template which is easy to create and update on the fly?

I know it's hard to stomach, but the registry is a better idea than having thousands of CONF files. *Nix doesn't do *everything* better. It is that mentality though, that also prevents it from making inroads on the desktop.

Re:System Registry

This is what they have. HKLM for important stuff, HKLU for stuff the user can screw around with.

Oh, you mean you always run as administrator in Windows so malware can screw with HKLM? Well, running as root on Linux will allow malware to screw with your x.conf and you'll have the same problem.

Re:System Registry

[C_Kode]

Your right. Throwing all your eggs into one basket is by far the best way to do anything!

I guess you've never heard of configuration management systems. Or ever thought of using LDAP for application configurations rather than a registry.

Re:System Registry

[nacturation]

Yes. Instead of relying on a hidden file system where all the configurations are stored, rewrite the API so those calls write values on the file system as a bunch of folders and files. This alone should mitigate the case where a single byte written incorrectly into the registry file will cause the entire contents to be unavailable.

The registry is a database. If writing a single byte incorrectly into a database makes everything else unavailable, then the database engine needs to be fixed. It doesn't mean that databases are bad.

Re:System Registry

[nuonguy]

I wish the operating systems I use had a registry so I could remotely manage them as well. How very insightful of you to pinpoint the exact technology that enables this.

Re:System Registry

[sgage]

I'm saying three rights make a left.

Re:System Registry

So yes, in a decent implementation of multiple config files, malware would have more trouble

Because Malware would clearly have trouble modifying 2 files instead of one?

Re:System Registry

Windows has a registry file because it provided application software some degree of security through obscurity. Prior to adopting the single-point-of-failure registry file, various applications kept their configuration information in the same folder as the application itself. This could allow bad guys (that would be us, the users) to reproduce an application an a different machine by doing not much more than copying the contents of the folder. The registry file with it's obscure format and unintelligible contents provided a way to prevent casual cloning of applications by placing necessary information where users couldn't find it.

That said, and even if a central location for application information was acceptable, placing operating system information in the exact same file was a monumentally bad idea and has cost Windows users millions of upon millions of wasted hours trying to recover from registry corruption. An application registry and a separate OS registry would have absolutely trivial to implement but they chose not to do so. Why? Possibly because MS never seemed to accept that things could and would go wrong and users wouldn't be happy to just re-format the disk and re-load absolutely everything again.

The registry was probably also pitched as a way to save disk space (at a time when disk space was limited and expensive) by allowing lots of applications to share the same snippets of run-time code which could be then modified or updated in a single pass - giving us ".dll hell"

Allowing every application installer to modify the registry used by both the operating system and all of the other applications creates a sure-to-fail-eventually situation.

An alternative? Leave various configuration information and all necessary runtime code in the same folders as the applications (as it was before W95) and not in something such as "c:\program files\common files\microsoft shared". Perhaps a registry-like file with pointers to the application folders and to various configuration parameters which might be required for an application would also be provided. With, perhaps, a utility which could be run to scan all application folders and re-generate this pointers file. No single application could wipe out the ability of another to run - or wipe out the entire system by corrupting the pointers file. Something quit working? No problem, just re-generate the pointers file.

They came up with bad ideas 15+ plus years ago and have stuck with them ever since.

And don't even get me started on the whole idea of an OS not bothering to verify/limit string lengths and contents before passing them to applications as this was considered extremely poor coding practice when I started writing software more than 40 years ago.

Re:System Registry

[wbo]

The registry in Windows is already divided into multiple parts (called hives). Each hive is for a specific purpose and has its own ACLs:

HKEY_CLASSES_ROOT - File Associations, MIME types, registered DLLs, etc.
HKEY_LOCAL_MACHINE - System-wide settings
HKEY_USERS - User-specific settings, has child hives for each user account on the system.

There are other hives as well but the ones I listed above are generally the most important ones.

Re:System Registry

[natehoy]

I see where you were going with it, but I disagree. Having hundreds of .conf files scattered randomly about *my home directory* in Ubuntu/Mint beats the registry all hollow. Mostly because most Linux software is following relatively clear standards as to the location (if not format) of their configuration files. Functionally, having those configuration files as part of my /home, and not as part of the core system, works extremely well.

1. Core system functions are handled by configuration files stored in areas that are read-only to the user and require root/Admin/SuperUser access to change. In general, I neither know nor care where the config file is located nor what it's named, because I have GUIs to do all the configuration updates. I find myself running vi to edit a config file less often than I run regedit to edit the Windows registry.

2. Settings specific to me as a user are all contained within my /home directory, where I can see and control them. And if a certain piece of software starts acting erratically or I want to punch the "reset" button on it, I find its settings folder (usually a dot followed by the name of the application) and blow it away or rename it, then restart the application. This is as opposed to settings for the software stored in all manner of places within the Registry where I have to search for them.

3. Expaning on #2 - the REAL reason why I love the .conf file approach as implemented in Linux. I can reinstall a totally new version (or even a totally new distro) of Linux on my machine while leaving my /home directory alone, and when I boot to the new operating system everything is configured exactly the way it was before the reload. When I install Firefox, all my Firefox settings just load exactly like they were before the reload. And the same is true of every other piece of Linux software I've encountered. Reloads are just a complete no-brainer.

I can see the rationale behind a centralized configuration system, but there are both benefits and costs to having that centralization. And, frankly, with what I've seen the costs appear to outweigh the benefits, at least for me. And I use Windows XP every day, and still like it.

Re:System Registry

[Quirkz]

Maybe one day Microsoft will get rid of the Windows Registry. It's like putting port holes on the bottom of your boat. Sure, they let you see the fish, but sooner or later one is going to break and sink your ship.

Uh, how often do fish break through port holes on ships? I'd be willing to bet there isn't a single recorded instance of this happening. I see what you're trying to say, but the analogy makes for a very bad argument.

Re:System Registry

[ArsonSmith]

central repository like cfengine?

Used it many times, implementing it again soon at the new company I work at.

Re:System Registry

[Volante3192]

Two registries. Number 1 for the system settings. Locked down. Number 2 for apps. This also makes it backwards compatible.
You mean like this?

C:\Windows\System32\config>dir
  Directory of C:\Windows\System32\config

12/02/2009 10:28 AM 41,943,040 SOFTWARE
12/02/2009 10:31 AM 19,660,800 SYSTEM

(There's a few more in there actually, and that's not counting the user's personal HKCU in %userprofile%\ntuser.dat)

And as others have stated, the guts of the registry are structured surprisingly well.

Re:System Registry

[sorak]

I was going to argue one registry or config directory for system settings and then let each app put their config files back in their home directory. What's the point of letting firefox keep it's settings in the same file as Windows Media Player?

And why is it so scary to have random_app_x.conf in the same directory as random_app_x.exe?

As far as security goes, why couldn't Windows work out the permissions so that each directory within the "program files" directory is "owned" by the applications within, and they are the only ones with write permissions (other than the superuser). (Of course somebody may have to modify the permissions system to make that suggestion possible, but my point is that the registry is not needed for individual apps.)

Re:System Registry

[HerculesMO]

So you need to have a second product in order to manage things centrally, and then I assume -- tell it where the files would probably live on each computer. But if it was installed incorrect, and the conf file wound up in a weird location -- you wouldn't get to do anything with it.

At least it works though -- makes life easier.

But that is really all I was arguing, is that it makes things simpler and easier to manage. I think that's better than having thousands of files scattered in lots of places.

But hey, that's just me.

Re:System Registry

Having hundereds of conf files in /etc or having them in a registry "hive" is "same same but different"

Huh? It's the difference between putting all your eggs into one basket, and not. The windows registry is an extra layer of complexity which brings with it an extra chance of something going wrong. When this single point of failure becomes corrupted, you have big problems. That's all there is to it.

Re:System Registry

[sorak]

What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format? That will be much easier for the user than a centralized, standardized configuration system.

Well, if they stick the files in random places, then it may be harder. But, why couldn't the config file be located in the directory structure allocated for the app itself? This way, everything you need to run random_app_x is in the directory labeled "C:\program files\random_app_x".

As for separate formats, are you really arguing that learning to read both ini and xml files is more complicated than learning the windows registry?

Re:System Registry

What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format? That will be much easier for the user than a centralized, standardized configuration system.

How about a bunch of .conf files in a directory called /etc ? and keep the user specific settings in their home directory; perhaps hidden.

Re:System Registry

My default install of Ubuntu has nothing in those directories... Perhaps that's because they are simply there so that crappy, non standard software can be installed and not break anything.

Config files the user shouldn't be able to change (system config): /etc/

Config files each user has a unique copy of and can modify (application config): /home/user/ (generally hidden files)

Not that complicated. Of course, the concept of isolating system configuration from users would be a foreign concept to windows users.

Re:System Registry

[dissy]

What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format?

That would not be a replacement, since that is how it is done in Windows right now.

Tons of random folders within folders (That ironically all live in two files on disk), with no standard hierarchy, no standard method to store settings, no standard setting names, and tons of binary blob data.

This is why in Windows you have no choice but to reinstall your applications after you reinstall the OS.
No other OS has this problem. You reinstall, and copy your binary apps back, and they all just work.

Just do it the Linux way, or even the MacOS way, where you only have to remember one location. /etc/application-name/ ( Or library/preferences/ for OS X )

All global configs are in the same place, a config dir that contains subdirs named after the very app whos config files it contains.

Then per user config files also follow that same standard, except instead of /etc/ you keep them in your home directory, and the folder name there will tend to start with a dot so it is a hidden folder. But it will be named the same as the app and the same as the dir in etc.

In fact, to 'reset to defaults' all you have to do is copy the global config from etc into your home dir, and anything you broke is back to normal now. Windows doesn't even let you do that at all, as the initial configuration of the registry is not even IN most apps, only their installer/setup.exe files.

(I personally always found it funny that windows programmers put enough work into their apps so they can look for their settings missing, but not enough to just put defaults there when they aren't found instead of exiting with error codes)

Re:System Registry

[ArsonSmith]

you mean there isn't a domain controller to manage windows centrally?

Re:System Registry

[HerculesMO]

Domain controller is where your policies live and are sent out to client PCs.

Or am I not understanding the question...?

You can have local policies too, but that's kind of pointless to me.

Re:System Registry

Ahem. Could you please give me some pointers then how one can set a DWORD with value null? Using AD and MMC. Or how about creating those pesky management template files? What's that? Oh...You have to create those manually using some cryptic schema. And what if I want to reset my template to default old values? Oh, I'm sorry... that's not possible.

What I'm trying to say, is that AD has it's place. But when you need to do something that microsoft has not thought about, it get's very quickly back to editing regitry, creating scripts and hacking away in general.

If you need AD'like functionality on Linux/bsd whatever, check out cfengine which is a policy based management engine.

Re:System Registry

[tokul]

hundreds of .conf files scattered randomly about the filesystem

Since when /etc/ is random. In case you haven't noticed, Linux and Unix have standard locations for keeping configuration files. Locations start getting random when you start adding your own customization and don't follow these standards or when proprietary COTS vendors fsckup with standards.

Re:System Registry

[magamiako1]

@sorak

Then you run into applications and permissions hell. What if you have 2 or 3 different applications that need to communicate with each other? Or Application A needs to write to Application B's directory to fix something that Application B broke?

In this case, you would use sudo or UAC to temporarily give Application A super-user privileges to override the security permissions on Application B to make the changes.

But then this doesn't really solve the problem that this whole thread is about--that is malware being run that is allowed to screw with the system. It might move it into more semi-findable locations, but some XML configurations are not quite as human-readable as you would want them to be.

The idea that all applications are an island works in a managed environment. But out here in the real world we have applications that sometimes need to communicate and play nice with others.

Without package managers to create such users and permissions properly for repository-based installs, I really do question how many people go out and create these structures by hand? I know I have, on very small and specific applications--and it's certainly not easy to do.

You need to create the folders, create the user, change the user's shell to a non-valid shell, apply the user as owner of the folder, use your distro-specific launcher (sometimes start-stop-daemon) to launch the application under specific user privileges, or hope your application has some sort of built-in de-elevation privilege.

And of course, typing out start-stop-daemon --start /path/to/file --user application_name becomes a bit of a pain in the ass to start and stop the app, so then you need to write your init script, and to make it pretty put it in /etc/init.d/ and set it as executable.

Re:System Registry

[devent]

How is that Insightful? On Linux I can just open up a text editor to edit a config; I can just copy one file to clone the config; The system doesn't need to read all configuration in order to function; All the config files are checked by the normal file system check; I can even set a soft link from a samba-share to a config file, so the config will be read from the share.

What are the advantages of one big fat file with all the configuration in it again?

Re:System Registry

[mcgrew]

Later OS-X versions have started to reboot machinery after updates just to be more like Windows because that's what users EXPECT.

That's surprising, I didn't know that. That's like making all your faucet company's faucets leak because everybody else's faucets leak. Sounds retarded to me. Why would they cripple a very good feature?

Re:System Registry

c:\windows\system32\drivers\etc

have a look.

Re:System Registry

This is more about people running as admin, By default the windows registry has ACLs applied to it that prevent a standard user modifying the HKLM (Computer area). But if you run as Admin / Root then you and any process you install can do what it wants.

A common set of api for editing and reading settings is good. The downside is the risk if one of the registry hives does get corrupted.

But windows can back these up for you, And you can load them on another computer (Load Hive) to change a setting if you cant get in to the recovery console.

Re:System Registry

[BradleyUffner]

I just did a search for .conf files here on my linux box. Im seeing files in /etc sure, but there are also files in /usr, /usr/share, /usr/local, /usr/src, /usr/libexec, /var/spool. I'm sure some of them arent active configu files, but that's still a LOT of different locations.

This is a pretty much default install of Mandriva.

Sorry, I like the windows registry better. It's centralized, and editable in a consitant way, with decent tools. I know there is a *chance* of corruption, but I honestly can't remember the last time thats happened, i know it was before XP, probably windows 98 or even 95 era.

Re:System Registry

Why does Windows lock files like that again? What are the advantages? The fact that your files always end up locked for no good reasons is probably what angers me the most when i try to work on a Windows workstation.

Re:System Registry

[DaveV1.0]

Really? Do those files have the same config file format? How readable are they? Have you worked with SendMail? Are those config files in the same location across all flavors of Linux, let alone all flavors of UNIX?

Oh, and that config that is a soft link to a samba share better be loaded AFTER samba, right? You won't be soft linking all of /etc, right?

The *NIX way is no better and no worse than the Windows way. It is just different. And, you took the bait. I was making fun of fanboys like you who even the GPP thought would say "Do it like Linux!"

Re:System Registry

[ukyoCE]

Yes, but only if what you meant was "hundreds of .conf files in users' home directories that keep the app, the user, and the OS as independent entities".

Windows has this feature already, right? It's just not being used very extensively by 3rd party apps (or by MS itself either?).

Re:System Registry

[DavidRawling]

Ahem. Could you please give me some pointers then how one can set a DWORD with value null? Using AD and MMC.

A DWORD is a 32-bit number. How would you like to store that NULL as a number?

Or how about creating those pesky management template files? What's that? Oh...You have to create those manually using some cryptic schema.

Hurr hurr. Those pesky templates! It's a cryptic schema - one that bears more than a passing resemblance to an X configuration file, really (it's about the closest analogue I can think of off the top of my head). It's not that bad. If you do it often you'll have your own files to use as a template. Otherwise, perhaps someone, somewhere will come up with a way to search through thousands of documents written before, on a global network? Nah ... never happen.

And what if I want to reset my template to default old values? Oh, I'm sorry... that's not possible.

The template is never changed. Only the policy carries the value. In a proper policy, removing the setting reinstates the default value.

What I'm trying to say, is that AD has it's place. But when you need to do something that microsoft has not thought about, it get's very quickly back to editing regitry, creating scripts and hacking away in general.

If you need AD'like functionality on Linux/bsd whatever, check out cfengine which is a policy based management engine.

And when you admin a Linux, BSD or similar system, and you have to do something new, it "get's (sic) very quickly back to editing configuration files, creating scripts and hacking away in general". CFEngine is (probably, I haven't used it) good; does it come with sane defaults, and you just click some buttons / type a command to get all the OOB configuration applied? And it's done on a regular, hands-off schedule? AD's huge advantage in configuration management is that all this is in-box - and it tries to enforce good practice even without the admin knowing. Installs with sane defaults, and every corporate Windows OS from the last 10 years (2000, XP/2003, Vista/2008, 7/R2) can join the AD and participate in GP.

Re:System Registry

[V!NCENT]

Whenever I have to reboot into Windows XP I log in a user, not as an admin and right click run as admin whenever needed...

I don't realy know how Windows works. All I know is that the Vista kernel devs said in an interview at Channel9 (google: "Going deep in the Vista kernel" or something) that they wished the registry was never invented. I guess that's a case of 'nuff said.

Re:System Registry

[V!NCENT]

"What if you have 2 or 3 different applications that need to communicate with each other?"
Windows app communicate with each other through the kernel registry? What the...

Re:System Registry

"Yes, it's so much better to keep important system-wide configuration options scattered throughout a plethora of files and directories."

"/etc/"
^ possible solution

And there are in fact *.config files in /etc/ in Ubuntu. Xorg.conf, sources.list, etc.

Re:System Registry

[V!NCENT]

That's the TCP/IP stack :')

It shouldn't be there in Vista and 7 anymore...

Re:System Registry

[jpmorgan]

Allowing one to replace files that are open is a classic example of a solution that is simple, elegant and wrong. As annoying as it can be at times, there's a very sensible reason to lock files and require reboots.

Let's say, for example, firefox depends on some shared library for handling some kind of image format. There's a bug in that library, so I go to install the security patch. Patch installed, I'm safe now, yay. Except next week my favorite tech news website gets hacked, an exploit is uploaded and my computer is drive-by compromised. What? How did that happen? I installed the security update!

Well yes, I did. But I also had firefox open at the time, and it had the old library mapped. When the new library replaced the old, that only affects programs that open it AFTER the replacement. Any program that still has a reference to the old copy, will still get data from the old copy. So while the security bug on disk was fixed, the security bug still exists in memory until every program that uses it shuts down and starts up again. Which given the way I use my computer, could be weeks away.

There's worse problems too... say I have a few pieces of software that use a shared library to access some data on disk. If I update that shared library to a new version, suddenly programs that are running and programs I launch afterward are now using different versions of the library, even though I should only have one installed. Now I've got a data corruption! Not academic: I actually lost a subversion repository to this once.

By locking files that are in use, yes, you create an annoyance. It also prevents some VERY problematic issues.

Re:System Registry

[jpmorgan]

Because it's NOT a good feature. It's a very BAD feature. It's the UNIX equivalent to Windows' 'default user is an administrator' baggage... it's a terrible feature that is very convenient.

Forcing reboots after updates ensures that no software is running with an old, buggy (and potentially exploitable) version of a library. If you're installing OS updates without doing reboots in a UNIX based OS, you're either trawling changelogs with a fine toothed comb and have a detailed understanding of all the library dependencies for software on your computer, or you're putting your computer at risk.

Re:System Registry

[McNihil]

"It also prevents some VERY problematic issues."

Yes for users that are using a computer as a desktop and have no clue nor desire to understand what needs to be done (like restarting firefox... restarting X.org... what have you. Something that a power user can do at free will (yum/apt/pup should know what to restart after an update phase and ask if that is desired rather than a complete reboot... this though is a wish.) rather than being forced into a reboot for each and every single little update that may need to get on the system before another update can be put on the disk correctly (Various incarnations of Windows.) Dependency locks notwithstanding.)

From a server point of view where one has a lot more at stake regarding downtime and such (luckily mirror staging can be done IF your pockets are deep) file locks are more than just inconvenient. It effects a lot of users. Say on a real time system with a couple of thousand users m-n connected. Yes a filesystem that is locking by default is not good and I will forever defend my position on this subject (not talking about remote files with multiple access points.) File locks should only be used sparingly and on files that need it and can be done appropriately by using inter-process semaphores. This is NOT rocket science. Locking files by default is IMHO premature optimization of the problemset that causes more pain than gain. Think about it... how much time have every user spent rebooting a machine? How many man years is that? That's a lot of LIFE going wasted.

Re:System Registry

[drsmithy]

It would be nice if the ACLs were configured sensably by default though.

How are they not ?

Re:System Registry

[drsmithy]

Since when /etc/ is random. In case you haven't noticed, Linux and Unix have standard locations for keeping configuration files.

And as with most standards, the best thing is how many of them there are !

Re:System Registry

[ajlisows]

How many users do you know of have heard of the registry? How many do you know of who have actually went into it? I have met a lot of "Techs" and "Network Admins" in my day who were terrified to see me go Start, Run, Regedit and proceed to remove things from HKLM/Software/Microsoft/Windows/Run or whatever the key is to yank stuff from startup. Granted they were pretty shitty techies but still....

The biggest problem is that Microsoft would pretty much have to bite the bullet and declare that their new system was not compatible with any old software. There is no way Microsoft would do this unless their ship was 90% sunk.

Re:System Registry

[klui]

It's a pretty shitty database based on people experiencing registry corruption. NTFS works better. While I don't have any insight into Windows internals, I would guess NTFS is has more features, like journaling, than the registry "database." Why spend resource duplicating features in NTFS? I have no problem with the API--it's a nice way of keeping track of preferences. It's the underlying storage mechanism I have trouble with. It may have made sense when Windows ran on top of FAT, but not under NTFS.

Re:System Registry

[mahadiga]

I think it should be replaced with SQLite

Re:System Registry

[nacturation]

While I don't have any insight into Windows internals, I would guess NTFS is has more features, like journaling, than the registry "database." Why spend resource duplicating features in NTFS?

Because filesystems and databases aren't mutually exclusive. Otherwise, why would people run MySQL on top of a journaling filesystem?

But you're right... the Windows registry is a shitty database. SQLite would probably be way more stable and performant.

Re:System Registry

[sorak]

Thanks for replying. I do disagree with some of the things you mention, such as one app trying to fix another. Part of my suggestion was that, if app A and B are in the same directory, then they can both write to config files within the same directory.

So, if one app needs to correct a setting in outlook, for example, it would need to be physically located within outlooks' install directory. (Of course, you could still have a warning pop up when the app installs telling the admin "This application wants to patch "MS Outlook". Do you allow it").

As for communications, you have ports, web services, and I am also suggesting that apps be allowed to write to non-system folders, such as your "My Documents" folder.

But, I understand that this is irrelevant, because it cannot possibly be done without rewriting a substantial portion of Microsoft's security controls.

But then this doesn't really solve the problem that this whole thread is about--that is malware being run that is allowed to screw with the system.

I disagree. I feel that part of the problem with security is that Microsoft cannot get the permissions correct. Their security plan seems to be to cry wolf until the user either disables it, or learns to ignore warnings. The user is to blame, but I can't blame them for ignoring the good warnings, when they are bombarded with so many pointless or uninformative warnings.

As for your point about people/sysadmins not always enforcing the best security, I can agree with that.

Also, thank you for being respectful.

Re:System Registry

[devent]

Really? Do those files have the same config file format? How readable are they? Have you worked with SendMail? Are those config files in the same location across all flavors of Linux, let alone all flavors of UNIX?

At least the distributions using the LSB and using the http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard all system wide configuration is in /etc. Most of the time the config files are in a text format and the meaning of the configuration is in the manual.

Oh, and that config that is a soft link to a samba share better be loaded AFTER samba, right? You won't be soft linking all of /etc, right?

I don't get your point. So what is the problem? At least you can solve this problem without any help, just with a simple link.

At least you don't need any special program to read/modify the configuration. At least the system doesn't need to read the whole config in order to boot. In addition, you don't need to download any shareware to clean the registration every one and than.

The *NIX way is no better and no worse than the Windows way. It is just different. And, you took the bait. I was making fun of fanboys like you who even the GPP thought would say "Do it like Linux!"

The *NIX way is, make it simple, modular and use the tools already at place. The Windows way is, invent something different, make it monolith and use specialized tools.

Re:System Registry

[magamiako1]

@sorak

The warnings are pointless?

The only times UAC prompts you is when:

-You make system-specific changes (Control Panel, Adding languages, etc.)
-You attempt to write to C:
-You attempt to write to C:\Users\All Users
-You attempt to write to C:\Windows
-You attempt to write outside of HKCU registry hive.
-You attempt to write to C:\Program Files (in 64-bit, this is Program Files and Program Files (x86))

In Windows 7, Item #1 in that list has been toned down a bit. Microsoft's system control applications can control the system with silent elevation.

In both Vista and 7, UAC is a simple prompt. When the user is under a "Standard User Account", it will prompt them for a password of an Administrator account.

It's not that they have permissions incorrect, it's that a lot of applications tend to do things that require elevated privileges. Many linux users are saved this hassle by having centralized repos where they do something like "sudo apt-get install <application name>".

But then you have to trust the repository maintainer.

Otherwise the exact same problem exists in Linux.

Re:System Registry

[tokul]

I just did a search for .conf files here on my linux box. Im seeing files in /etc sure, but there are also files in /usr, /usr/share, /usr/local, /usr/src, /usr/libexec, /var/spool.

/usr/src is not for configs. It usually holds only kernel sources. Even if you build own kernels, it is better to build kernel packages on devel box and install only customized kernels on production machine.

/usr/share - how many files are not default ones and are not samples from /usr/share/doc?

/usr/local. What have I said about you doing something. Mandriva and other Linuxes don't put files there. Only basic directory structure.

Name configuration files that you have modified outside of /etc/ and /usr/local in order to make Linux work. I know only grub (which I usually don't modify and generate with /usr/sbin/grub-update in Debian) and qmail (which follows own standards)

FHS. Read and learn. Then you won't be lost in Linux directory tree.

Justification...

[stakovahflow]

Now, how do I justify my wife's having to user Ubuntu on her new notebook? Thanks, Prevx! You guys are awesome! --Stak

Re:Justification...

[stakovahflow]

Correction: -user + use

Malware, still?

[damn_registrars]

I suspect that the windows users are probably still insisting on logging into their new windows 7 systems with full administrator rights. From what I have seen, >90% of malware is completely useless when it tries to deploy on a system where the logged in user has user access instead of administrator rights.

In other words, this problem will never be solved until people finally get over the baseless notion that they need administrator rights to check their email and read the news online.

Re:Malware, still?

[Jawn98685]

In other words, this problem will never be solved until people finally get over the baseless notion that they need administrator rights to check their email and read the news online.

Not quite...
Were those the only applications required, the notion would indeed be baseless, but...
There is still a huge raft of Windows software that will not perform properly without admin rights. Until that is fixed, the problem will never be solved.

Re:Malware, still?

[SnarfQuest]

In other words, this problem will never be solved until people finally get over the baseless notion that they need administrator rights to check their email and read the news online.

But, a lot of the time you do need administrator rights to do simple things. If all you do is use mspaint, then you may be Ok, but if you want to do any real work, you're stuck with logging in as administrator, or the programs won't run.

Re:Malware, still?

[Dumnezeu]

Actually, your suspicion is wrong. It is not very easy to log on with full administrator rights. OTHO, it is quite easy to click the "OK" button on the UAC window that asks you if you want to give a running program full administrator rights. And we all know that any dialog should be answered with "OK" and "Yes," because it is a good thing to let the computer do its job - after all, you're just human. Then again, when was the last time you read all the road sings while driving? In my city, they put some new traffic semaphores to ease driving through a big intersection and only in the morning of the first day they were turned on there were five accidents. People don't even see blinking lights any more! The fact is people are getting used to ignoring information, no matter how you show it to them. This may be caused by exceeding stupidity or by the vast amount of useless information we are constantly bombarded with.

One way to fix this would be if the computer would only work if the users would attach a sensor to their genital organs. The next step would be to use the same wires to shock the users every time they are presented with a question. The final step would be to allow the computer to function properly for the users after they had a minimum of one year of training.
The other way would be to attach shock-wires the programmers' genitals. Every time they add a question dialog box in their application they get shocked. That will ensure most applications will behave as expected, will go through usability tests and every nag the users get will be paid for by the programmers. (- replace "programmers" with whoever makes application design in your company). Now, I'm not saying application questions shouldn't be used, but they should be used sparingly.

Problem solved.

Re:Malware, still?

UPS WorldShip software still requires users to be admin when it's installed and also every time it runs. Many small businesses (think Mom-and-Pop shops) use this.

We begged and pleaded for a solution from UPS to no avail, despite our rather large UPS shipping volume (millions of dollars). They came across as less clueful than other vendors so we switched to a competitor; our prices actually went down and the new software doesn't have this issue.

Re:Malware, still?

[Volante3192]

There is still a huge raft of Windows software that will not perform properly without admin rights. Until that is fixed, the problem will never be solved.

This.

A million times this.

Re:Malware, still?

[canajin56]

I guess I don't do any real work then, because if it's not an installer, it doesn't need to be run as administrator for me. I've never seen software that does! And even with installers, most of them are smart enough that they don't "need" to be run as an administrator unless you want to install it for all users, as opposed to just in your home directory.

Re:Malware, still?

[zippthorne]

Maybe, but a lot of things that think they need admin rights really don't, and so shouldn't be asking. Sure, it's not the user's fault that SuperPaint2009 asks for admin rights when you want to print, but that's not because programs need admin rights to send junk to the print queue.

And anyway, they should change the name. It shouln't be "admin rights" which implies a maximum level of authority, and who wouldn't want to maximize their authority. It should be "maintenance access" or something. You don't drive around with the hood up because that maximizes your authority over the car, you only put the hood up when you want to work on the stuff under the hood.

Re:Malware, still?

[natehoy]

My kingdom for a massive amount of moderator points.

Of course, with most of the software I fixed it years ago. I put it in the trash. Not the electronic kind like Windows has. The round metal kind that sends the offending crapheap software to someplace where the disks hopefully die a slow, horrible death.

For the rest, there's always "Run As..." which is a pain in the arse but marginally better than ALWAYS allowing everything Admin access.

Re:Malware, still?

[eth1]

In W7 (and prob. vista), one of the compatibility options is to run as an admin. Then there's the old "right click->Run as administrator."

This is really only a problem when running software like this in an environment where the users can't have the admin credentials (like a school lab, or something).

Re:Malware, still?

You'd think they could implement some sort of legacy mode for the registry - have some new flag you can set that says "This software is annoying. Please pretend that it has admin access", and it just loses the admin-level changes after each run or something.

Re:Malware, still?

[GravityStar]

I run as a limited user in XP. Since +-2005 most windows software performs correctly without admin rights. And since +-2006 virtually all windows software performs correctly without admin rights.

Groveling?

[Psychotic_Wrath]

This doesn't exactly sound like groveling

We apologize to Microsoft for any inconvenience our blog may have caused.

Breaking News

[sajuuk]

Microsoft denies that Windows is breaking computers. Details at 11.

Fault

[electricbern]

It is not Microsoft's fault, it is YOUR fault for using a MS product.

Re:Fault

[electricbern]

It is a joke, since Microsoft never accepts the blame for anything. Ah... nevermind.

Re:Fault

[xxuserxx]

The problem is not Microsoft the problem is the user base. The average Linux, Unix user is willing to learn complex text commands and actually learn how to use a computer. The average windows user just wants to click some icons and magicly make it work.

Re:Fault

[Culture20]

The average Linux, Unix user is willing to learn complex text commands and actually learn how to use a computer. The average windows user just wants to click some icons and magicly make it work.

The above average Windows user is willing to learn even more complex and arcane text commands/GUI clicks/rituals to use Windows at its full potential too. Linux/Unix focuses "ease of use" on the sysadmin (I can make those machines sing, sometimes literally). Windows focuses "ease of use" on the lay-person (Windows admining is a black-art).

Re:malware...

[sopssa]

Not really a surprise though. All the things I've read about Prevx come to just marketing their shit, somewhat like Symantec is. Not really a surprise they'll make shit statements like this and then just 'sorry' afterwards.

Re:Last I checked...

[furby076]

Malware is user error. Don't click yes to the prompt asking you to install a 32kb app that will give you unlimitted porn. You can't fix stupid, and neither can Microsoft.

Its the users, not the OS

[damn_registrars]

Maybe if Windows was a little more impervious to malware, they wouldn't have this problem.

As much as I hate to come to microsoft's defense, this problem is at least as much the fault of the user. Think of the windows users you know - how many of them log in to their computer with full uninhibited administrator rights every single time they user their computer? The vast majority of malware, rootkits, spyware, viruses, etc that plague windows so severely are completely dependent on having administrator rights. If windows users would join the rest of the computing community in the present century and realize that they don't need administrator rights to check their email, they would see the infection rate drop astronomically.

Although of course there are far too many software companies that write terrible code (for useful software) for windows that won't install without administrator rights, but that is another matter. The average user is not installing software that often in comparison to the frequency in which they use their computer for mundane tasks that have no need for administrator access.

Re:Its the users, not the OS

[Enderandrew]

There are several linux distros that won't let you log into gdm/kdm as root. Windows was designed for users to login as administrators.

Microsoft is trying to change that mentality with Vista and 7, except too many applications are having issues with UAC. What Microsoft should have done is said, "you're not allowed to claim your application works with Vista and 7 unless it behaves nicely with UAC."

Even better, it should be following a proper UNIX-esque security model. It could create users/groups for specific escalation. Apps shouldn't ask to escalte to administrator level. They should ask only to escalate the rights they specifically need, such as writing to C:\Program Files\Foo\.

Microsoft is happy to blame the users, but it is Microsoft who established the industry standards. They set the table. They tell the users how to use their OS, and they tell developers how to develop for their OS. If Microsoft shipped a more secure design from the get-go, we wouldn't have as many issues. I'm sure malware authors would still target the market-share king and eventually find chinks in the armor, but right now it is so easy to target Windows that every script-kiddie on the planet pulls it off with ease.

Re:Its the users, not the OS

Really, the blame goes right back to Microsoft given your argument. They left the default settings for users to be full administrators. Why? Usability. Anyone can pick up their computer and start doing whatever they want with it. Unfortunately, this allows malware to do the same thing.

Why would a company allow this? To gain market share. Its one of the reasons (not to say there are not other, more dubious ones as well) Windows became such a popular system. It has cultivated a culture of laziness that now balks at Microsoft when things become difficult to use as they try and move back to a permission-based model, and it is alienating the mediocre software developers that relied on this openness to make their software.

Had security been more of a focus years ago, we wouldn't be going through this today. Blame the uneducated users, or blame the company who fostered and developed the lax culture to begin with.

Re:Its the users, not the OS

[toadlife]

The vast majority of malware, rootkits, spyware, viruses, etc that plague windows so severely are completely dependent on having administrator rights. If windows users would join the rest of the computing community in the present century and realize that they don't need administrator rights to check their email, they would see the infection rate drop astronomically.

The days of malware failing without admin rights are gone. The vast majority of malware today is coded to be "rights aware", and stay in the users profile if limited rights or UAC is present.

At work, I took away users' admin rights around 2000 and our infection rates dropped to near 0%. Since Vista and UAC became mainstream adware infections are actually up. It's easy to clean though since it remains confined to the users profile.

Re:Its the users, not the OS

Mostly agree. But is that hard to just ask for administrator password when you want to install software and don't have the privileges?
I mean, Linux does that, at least in OpenSUSE when I launch YaST and want to install whatever piece of software, it says "No without root password, moron!" (well, actually is a little less rude).
If I download malware from the net and execute with regular user, two things can happen:
1) destroy my home folder, i mourn the loss of my precious data and the OS continues to live.
2) the OS finishes whatever I tried to execute claiming I need root access to do that.

Is that so hard to implement in Windows???

Re:Its the users, not the OS

If windows users would join the rest of the computing community in the present century and realize that they don't need administrator rights to check their email, they would see the infection rate drop astronomically.

I doubt it. Take UAC in Windows Vista and Windows 7, it basically does what you are asking for. Even when logged into an admin level account, most of the operations you perform on a system with UAC are done with user level permissions. However, if a program requires admin level privileges, you get asked to allow the program to use the admin level security token. If you say yes, then the program can go off and do whatever it wants. The problem is that many users will just click 'Yes' to everything. Hell, even after explaining to some people that certain programs are known vectors of malware, they will still install them. Alternatively, if a user is logged into a user level account and tries to do something which requires (or at least asks for) admin level permissions, they get a prompt asking for the admin user account and password (basically Window's version of sudo). And given that these are the same people who want to install the "Watch a Dancing Cat While We Clean Out Your Bank Account" screen saver, they are just going to bitch and moan that they had to go through the trouble of typing in the admin account info before they got to see it.

Yes, I do understand that UAC can be circumvented; and it would be nice to see MS tighten it up. However, no amount of technological barriers are going to prevent malware from getting in when the user is willing to install any old crap they find on the internet. Unfortunately, there is not yet a technological fix for stupid.

Re:Its the users, not the OS

[DJRumpy]

Someone correct me if I'm wrong, but Windows defaults new users during setup to full administrators. There isn't an option to change it during the installation.

How is this the end users fault?

That's a terrible answer. If you have a user who knows no better, then the design of the OS should be changed to prevent simple mistakes. Blaming the user is foolish.

To be more generic, safety standards are designed to prevent accidents, regardless of and with full knowledge of a persons likely mistakes. An OS should be designed with the same goal in mind. Giving the user the power, and then claiming shock when they use it doesn't make a lot of sense.

Re:Its the users, not the OS

[Sylver+Dragon]

Dammit, who check the AC box for me? That's me above.

Re:Its the users, not the OS

[jedidiah]

Microsoft is suffering the fruits of it's previous bad behavior.

Now they have this overwhelming legacy issue.

This is why you don't do stupid things to begin with and then fix them as soon as you can as soon as you realize what you've been doing wrong.

Re:Its the users, not the OS

[damn_registrars]

I generally agree with what you said, up to and including

it is Microsoft who established the industry standards. They set the table. They tell the users how to use their OS

Although I'm not certain aboutthey tell developers how to develop for their OS

Because there is a great deal of heterogeneity regarding the rights requirements for applications in Windows. Plenty of very good applications do not require administrator rights, while others (including others for the same purpose) do. Unfortunately because for a long time all windows users had full administrator rights, it became a fundamental assumption amongst some software companies that any user installing or running their software would have those rights, leading to software written on that basis. Whether or not this is completely the fault of microsoft is an open question IMHO.

Re:Its the users, not the OS

[toadlife]

Even better, it should be following a proper UNIX-esque security model. It could create users/groups for specific escalation. Apps shouldn't ask to escalte to administrator level. They should ask only to escalate the rights they specifically need, such as writing to C:\Program Files\Foo.

How in the hell is that a UNIX-esqe security model, and what version of UNIX does the things you describe automatically?

Re:Its the users, not the OS

[99BottlesOfBeerInMyF]

As much as I hate to come to microsoft's defense, this problem is at least as much the fault of the user.

One of the biggest failings of computer security is this idea that figuring out who can be blamed is part of it. It doesn't matter whose fault it is, just that the security has failed. Heck you could create Linux distro that prefaces every command with a warning that taking any action might result in the computer being compromised. Then it's the users fault, right? It's absurd. You have to take normal user behavior into consideration when designing a security architecture.

Think of the windows users you know - how many of them log in to their computer with full uninhibited administrator rights every single time they user their computer?

Most of them because most Windows users are still running a version of Windows where that is the default and they don't even know what the difference is. Others just want to get work done and have apps that run when they are administrators, but which they don't know how to run when they aren't.

The vast majority of malware, rootkits, spyware, viruses, etc that plague windows so severely are completely dependent on having administrator rights.

Where I'll give MS credit is where they recognized that regular user and admin accounts don't provide enough granularity of security for the modern era and moved to a more fine grained permissions scheme.

If windows users would join the rest of the computing community in the present century and realize that they don't need administrator rights to check their email, they would see the infection rate drop astronomically.

Actually what needs to happen is for MS to make all application developers, including their own obey strict rules for sandboxing of applications not just from the OS, but from one another. Then it doesn't matter if you're an admin or a regular users because it is the application that does not have permission to mess with anything without the explicit approval of the user. Since making sandboxing mandatory would also make applications attempting to do this very rare, UAC alerts could be an extreme rarity, without sacrificing security.

Although of course there are far too many software companies that write terrible code (for useful software) for windows that won't install without administrator rights, but that is another matter.

Actually, that's probably the biggest issue. MS has all the power here. They can enforce whatever restrictions they want on application developers so long as MS plays by the same rules themselves. You don't see a lot of malware on the iPhone unless users have gone out of their way to hack their own system. I don't advocate locking things down to a single repository, like Apple did, but there's no reason a full fledged desktop OS can't get all the same security advantages without the single repository lock-in... if the OS vendor put in the work to do it.

The average user is not installing software that often in comparison to the frequency in which they use their computer for mundane tasks that have no need for administrator access.

Average users shouldn't have to know the difference. They should just log in, be in normal user mode by default, and be asked for escalation of privileges in the rare instance where that is needed (NOT all the fricking time to do normal tasks).

Re:Its the users, not the OS

[toadlife]

Although I'm not certain aboutthey tell developers how to develop for their OS

Because there is a great deal of heterogeneity regarding the rights requirements for applications in Windows.

Microsoft laid down very specific guidlines ten years ago for coding applications so that they worked without admin rights. I believe it was part of the getting your application certified for Windows NT4/2000/XP. Devs just ignored the guidelines because they could.

Re:Its the users, not the OS

[Volante3192]

Windows was designed for users to login as administrators.

I have to disagree with this. That might be true for the 9x line, but Windows 2000 and beyond has the structure to allow users to log in as normal users with their own environment. HKCU is their own personal registry hive and they have their own 'home' folder at %userprofile%.

The real problem is programs are not built with this in mind. Installers have been designed to put files, by default, into C:\Program Files and HKLM\Software rather than %userprofile%\Program Files and HKCU\Software since day 0. They'll scatter stuff throughout the registry and require changes made without setting the right permissions on the keys. They'll scatter files all throughout the system and assume the user has full RWX across the entire file structure.

Sometimes these programs can be tweaked without much hassle (I know one that requires RW on one particular file in Prog Files, but everything else can be RO/RX) but others (I'm looking at you, UPS WorldShip) are just not worth the hassle to lock down when you have other pressing issues.

Re:Its the users, not the OS

[Enderandrew]

When performing a Windows 2000 or XP install, it prompts you to name a user, which is an administrator account.

So it is designed by default to log you in as an administrator.

Re:Its the users, not the OS

[RightSaidFred99]

You mean the UNIX-esque model that...UNIX doesn't have? UNIX doesn't work that way, I'm not sure why you'd think it does. When you use sudo, su, or graphical variations on such you get the whole enchilada. In terms of an ACL/permissions model Windows is ahead of standard UNIX by a long ways, with ACLs and user rights built in from the core up. Going to a "UNIX-esque" model would be a giant step backwards. This is a simple technical truth.

Maybe you mean that great NFS model where the server trusts the client? Sure, you can restrict access to specific machines, but once a machine is trusted you let "any old user" tell the NFS server "oh, I'm John T Hayes by the way, trust me!". 'course there's Kerberos and other schemes, but how many sites actually use that?

People in glass houses should not throw stones. UNIX is not only no more immune to bad user behavior than Windows, it's far less immune. The problem is most Windows users are idiots while most UNIX users are fairly computer savvy.

Re:Its the users, not the OS

[Dog-Cow]

Windows if far closer to having a capabilities system than most popular Unixes. How many times have you configured, say sshd, to only have permission to open port 22, but not do anything else as root?

In Windows, you can give an application access to specific system capabilities (through users/groups). The granularity may not be as fine as it could be, but it's there.

Re:Its the users, not the OS

[Enderandrew]

It is common practice in the UNIX and Linux world to create seperate users and groups for specific access. For instance floppy, cdrom, ftp, mail, etc. You can use this to elevate access to a specific device or folder.

I've seen several apps in the *nix world create an associated user or group account as well.

Re:Its the users, not the OS

[TheRaven64]

While most of what you say is true, it's also worth noting that the UNIX security model hasn't really been standard on UNIX for a while either. Most modern UNIX systems support POSIX or NFSv4 ACLs (or both). NFSv4 does not always trust the client.

It's also worth noting that it wasn't until the '90s that people started saying 'UNIX security' without laughing.

Re:Its the users, not the OS

[aix+tom]

Oh, yes. The "user". If we could only file a bug report for the user.

Just happened today:

Mom on Phone (Other side of Country): "Computer is Broken, can you check my mails for me?"
Me: "OK, what's your username and password?"
Mom: "Uhhhhhh.. I don't know. I go and ask the clerk at the shop who installed it for me first thing tomorrow."

Re:Its the users, not the OS

[RightSaidFred99]

Yeah, that's why I mentioned "standard UNIX". You can certainly beef it up but I work in a very large, very complex Linux environment (fortune 50 computing company) that has Linux at the core of a lot of its engineering operations. Guess what - we use plain old NFS, plain old UNIX permissions, etc... Just like with Windows, you can secure the shit out of it if you want but most people don't. Most UNIX installations just use 80's era UNIX security implementations.

So I'm still laughing when UNIX people in my company (and most) say "UNIX Security". Until not long ago people were still widely using xhost X11 security, FFS. Crikies.

And even with NFSv4 (configured properly, mind you, not in the backwards compatible mode most probably run it in) or POSIX acls it's still a bolt on and not as flexible or powerful as Windows ACLs, user rights, and security policy support.

The problem with Windows is not its security model, it's poor security programming by Microsoft (who has gotten much better) and third party app vendors. It's also a problem with a dumber (per capita) population of users for Windows.

Re:Its the users, not the OS

[RightSaidFred99]

This is trivial to accomplish with Windows or UNIX. Again - the standard UNIX security model is very simple and outdated.

Re:Its the users, not the OS

[bigstrat2003]

There's absolutely nothing wrong with an app putting files into its own directory in C:\Program Files (and it's complete bullshit that this trips UAC in Vista). The only problem would be writing to another app's directory.

Re:Its the users, not the OS

The reason directly in Program Files brings up UAC is because that's a "Per Machine" installation, which effects all users.
A "Per User" installation cannot put files in Program Files, they must all go in the %userprofile% directory.

This isn't rocket science. Microsoft has documented this stuff for more than 10 years. It's a requirement if you apply for Windows Logo certification of your application. But if you don't apply for Logo Certification, there's nothing forcing a developer to follow the guidelines.

Re:Its the users, not the OS

[toadlife]

Your scenario would require each app should have it's own account. That would be a administrative nightmare. Automating the behavior (required on a system for home users) it would be a programming nightmare.

But maybe I'm missing something. How would you implement such a feature?

Re:Its the users, not the OS

[bigstrat2003]

Bear in mind I'm shooting from the hip, so this probably has consequences I don't foresee, but: make all apps register themselves with the OS (technically, they don't have to do so now, a lot of apps will run great if you just copy the directory off a system where it was already installed). As part of this process, the OS will note where the app was installed. The app is then allowed to modify this directory (and all its subdirectories), and whatever else the OS deems is public enough to be modifiable by anyone and anything (such as user data directories for the current user). It wouldn't be all that difficult in principle to keep a list of matching apps and directories, and it wouldn't really be computationally expensive, either, as the OS already has to check to see if the user has permission to write to the directory.

Re:Its the users, not the OS

Microsoft is trying to change that mentality with Vista and 7, except too many applications are having issues with UAC. What Microsoft should have done is said, "you're not allowed to claim your application works with Vista and 7 unless it behaves nicely with UAC."

They've been doing this since Windows 2000. In order to obtain Windows certification a developers program had to work properly with Least User Privileges (LUP). Unfortunately most developers never seek certification.

Even better, it should be following a proper UNIX-esque security model. It could create users/groups for specific escalation. Apps shouldn't ask to escalte to administrator level. They should ask only to escalate the rights they specifically need, such as writing to C:\Program Files\Foo\.

UNIX-esque security model? Windows implements a security model that's on par, if not better, than UNIX. There is nothing in UNIX which makes anything other than root special (I am assuming we're not discussing an SELinux type security model here). If an application creates a user/group it sets the permisions on it's files to work with that user/group (Oracle is a good example). There's nothing in Windows preventing the same thing from occuring (again Oracle is a good example).

The reason administrative rights are required to write to C:\Program Files\Foo\ is because the filesystem ACLs are not set to allow non-privileged users to write to the location. It's the same as if you were installing the program in \usr\local\foo. Unless you specifically grant the user the ability to write to \usr\local\foo, either through setting the file permissions and/or assigning them to be the owner or a member of a group that has write access, the user will be prohibited from writing to the location. Just like in Windows. So I fail to see any benefit UNIX has over Windows in this situation. Am I missing something?

Re:Its the users, not the OS

[ironicsky]

Agreed.
  Cars are safe until PEOPLE get in them. Guns are safe until PEOPLE shoot them. Computers are secure until the USER uses them.

Windows is a very secure OS if the sys admins know what they are doing... Hell, Windows will let you restrict the names of executables you want being run. Mix that with some tight permissions (ie, no saving on the c:\ drive, have a seperate partition for swap/temp/paging/user docs, etc) and you have a secure system. Its wierd... I had Vista on my laptop for 3 years without ever formatting or getting a virus(formatted to upgrade to Win7), because I know what I'm doing. I haven't got in a car accident since I was a teenager, because I know what I am doing. I've never shot anyone, because I don't own a gun(I know what I'm doing)

Microsoft isn't to blame for all the viruses on windows (They were back in the 98/ME days), idiot users who download crap they don't understand are.

Re:Its the users, not the OS

[HermMunster]

If a car company builds a car and sells it to a customer then they drive it do we fault them? How about if the car blows up when it is hit from the rear? Do we blame them? How about if they know about it and drive it anyway (though they didn't know when the bought it)? How many of them would know about it and know how to find out about the fact that the car blows up when hit from behind? Does the family of the first incident tell everyone in the world personally? Do we expect everyone to go out and find every defect in the car that might potentially cause the car to fail resulting in a tragic death?

The point here is pretty damn clear and you should know well enough, period. NO, not everyone is nor will be expected to know about the issues with their computer. They buy it as they would any other device, such as a camera and use it as it was intended, as it was designed.

Microsoft designed the OS this way and thus these are the faults of Microsoft. One has to at least contemplate that the EULA was written primarily to cover them on this one issue alone.

When the iPhones began to overheat and some stated that it cause them to explode next to their head is everyone supposed to stop using the iPhone? How about all those Powerbooks that caught fire? Or how about the idea that all the use of cell phones could potentially cause the consumer to suffer brain cancer tumors?

We can't expect every consumer to know about these things. Even for a technical person knowing what is the cause is difficult. Which site did they visit? How are updates done? How about the size of the updates? How about making their computer worse by installing those things that are supposed to protect them (slow downs, incompatibilities, etc).

I find it difficult to believe that anyone would blame the average user for this stuff. Shift the blame back where it belongs--squarely in the software developer's lap.

Re:Its the users, not the OS

[HermMunster]

This is not completely true. There were plenty of platform tools (designed by Microsoft) that allowed you to write programs that didn't work this way. And it certainly was NOT a prerequisite to certification.

Re:Its the users, not the OS

[HermMunster]

I agree with the GP. Windows was designed to allow the user to log in as administrator. In fact, take a retail copy of XP and install it on a new computer. You will end up with an account that has administration privs. Enough said.

Re:Its the users, not the OS

[toadlife]

That would require Windows devs to program apps to a specific spec, something that history has shown isn't easy. Not to say that it isn't doable, but it would risk causing app developers to move to a different, less restrictive platform, a risk I'm sure Microsoft would not be willing to take.

Aside from that, user data (the most important thing on any computer system) would still be up for grabs, and there would still have to be a mechanism for escalation of privileges, which users would gladly use when promised dancing bunnies.

Re:Its the users, not the OS

[Enderandrew]

Except *nix has had this model for decades. I could create a specific user with very specific rights, and then run a daemon as that specific user.

Windows can do this as well, but it seems to be rarely used in the Windows world.

Re:Its the users, not the OS

[toadlife]

Fine, but my main point was the Microsoft has laid out guidelines for programming apps using the least privilege concept from the beginning. Regarding their platform tools, if they didn't allow you to write programs that perform administrative functions, the tools would be defective.

Re:Its the users, not the OS

[BitZtream]

What Microsoft should have done is said, "you're not allowed to claim your application works with Vista and 7 unless it behaves nicely with UAC."

Actually, they did, except they started that with at least Windows XP (probably win2k due to terminal services, but my memory is too fuzy to remember those Windows Logo guidelines), they just started really getting around to making the changes that breaks applications that didn't adhere to the Windows Logo program guidelines in Vista, 2k8 and Win7.

Apps shouldn't ask to escalte to administrator level. They should ask only to escalate the rights they specifically need, such as writing to C:\Program Files\Foo\.

They can, and my guess is MS will work that in better later. They are taking baby steps trying to give AMPLE time for software to be repaired or replaced.

Microsoft is happy to blame the users, but it is Microsoft who established the industry standards. They set the table. They tell the users how to use their OS, and they tell developers how to develop for their OS.

And they've told users not to do it for a while now, although it wasn't the default for XP. They also have told developers to use the least privilege model for a while, but many don't listen as they run their development software as an administrator to make things easier on themselves.

If MS shipped a more secure OS by design no one would use it right now, and they'd not bother to migrate to anything else. You have tunnel vision. You have the insight of someone who is used to using OSS software that someone else can fix for you.

MS hasn't completely switched from the DOS mode of thinking where everyone has free run of the system, but they are switching to a more UNIX-like way of thinking and access control. When you have the install base and number of third party apps that Windows has, you can't do it over night even if you did have the source, there are far too many apps out there when you take the number of old windows apps that are no longer maintained, all the existing apps, and the number of competent developers, the ratio is just too big. Even if everyone stopped developing software now and spent all their time fixing existing apps, it would still take years, and in the mean time nothing would get done.

I don't mind blaming MS for their own problems, but to pretend that they haven't been working to change it just shows your ignorance, They've been working on changing it, from a public perspective for at least 10 years. They just don't intend to shoot themselves in the face to accomplish the make over.

MS didn't become the 'industry standard' by taking the typical OSS philosophy of making radical changes and then telling users to 'deal with it' in the name of security. The typical OSS dev will break compatibility in exchange for a security fix, this is fine from some perspectives, but not from others.

Finally, Windows is at least going in the right direction. Its not like we're talking about Fedora here, who is going in the exact opposite direction and even though they've been smacked in the face by people explaining to them WHY its a bad idea, vow to do it anyway.

Windows is a BIG target, it would still have the most people target it even if it were 10 times more secure than any other OS you can find. Nothing else presents a barn broadside as large as the Windows install base. You only need one exploit to get in. Lets assume every OS has 1, and they do all have at least 1, then why would you target one with a lower target audience? You wouldn't do it for money. You might do it for prestige or research or because you like puzzles, but if you're trying to make money, Windows is your target, regardless of how secure it is or isn't. The fact that it appears to be relatively easy just makes it that much better.

Script kiddies pull it of because SOMEONE ELSE DID THE WORK. Script kiddies will always target whatever

Re:Its the users, not the OS

[toadlife]

Except *nix has had this model for decades.

NT, being derived from VMS has had this model for decades too.

Re:Its the users, not the OS

[BitZtream]

Except that its a system wide directory.

Theres nothing wrong with an app installing to the user installing it's directory.

It is retarded to allow a normal user to write to a shared system location.

By default there isn't really a reason to let users install to a shared system directory. It is acceptable to allow a group of users to install there, if no one is automatically put into that group rather than the machine admin(s).

By default users are more than welcome to install in their home directory, this won't trigger a UAC prompt, and it works like that on any sane UNIX I'm aware of as well.

Re:Its the users, not the OS

[TheRealSlimShady]

You are confusing designed by default with default behaviour. They are two different things. Default behaviour in the Win2k/XP timeframe was poor - Vista & Win7 change this.

I also suggest that you read the Windows 7 logo program requirements: http://go.microsoft.com/?linkid=9668061. One of the guidelines is around proper behaviour with UAC, and another is around programs putting data in the right place.

Re:Its the users, not the OS

[bigstrat2003]

I didn't say that a user should automagically be able to install to that directory, merely that, once there, an app should be free to write to its own subdirectory.

Re:Its the users, not the OS

[SlowMovingTarget]

Maybe I'm not understanding something but is the problem that Vista and 7 or more susceptible to AdWare / malware than XP is? So even if I only use Firefox and don't enable JavaScript and don't let flashtastic sites wedge in their crap, I'm still going to get malware? Or are we talking IE-using JavaScript-running Flashtastic-website-browsing yes-install-that-plugin-clicking bozos are more susceptible with Vista and 7?

I thought all the radioactive crap floating around on the Internet was still opt-in for the most part.

Re:Its the users, not the OS

When performing a Windows 2000 or XP install, it prompts you to name a user, which is an administrator account.

So it is designed by default to log you in as an administrator.

On Windows 2000, the administrator account is always installed as "Administrator", with the assumption that the admin will add their own user accounts. After all, it was designed to be a 'professional' OS for people who knew what they were doing...average users were supposed to run Win98/ME.

Would you be upset if a linux distro simply installed the root account and then let the admin add the users themselves? It doesn't seem unreasonable in an OS designed to be installed by experienced people.

Re:Its the users, not the OS

[supernova_hq]

No, absolutely NOT. This fails the privilege elevation test.

1. Application can modify it's own runtime files (or global settings)
2. User using application now has ability to do so (wether through the app or otherwise)
3. User now has ability to modify runtime behaviour/settings of an aplication for other users
4. User now has ability to cause execution of malicious code as other users
5. Any malware (previously restricted to messing with one user's files) now has the ability to cause execution of malicious code as other users
6. Malware can now propagate between accounts (or system-wide if root runs the application)

Please repeat this with me: "No user should EVER be able to modify the runtime behaviour, configuration or settings of any application for any other user without superuser privileges!"

Re:Its the users, not the OS

So first it's a ghost OS now it's a fairy OS :p

Re:Its the users, not the OS

[toadlife]

is the problem that Vista and 7 or more susceptible to AdWare / malware than XP is

No. Quite the opposite. To clarify, we don't use Vista or Windows 7 at work. All of our desktops are still XP Pro.

To put it as non-technically as possible, malware authors responded to the security enhancements in Vista by writing better malware, and the result has been more infections of our XP boxes at work.

Re:Its the users, not the OS

[drsmithy]

What Microsoft should have done is said, "you're not allowed to claim your application works with Vista and 7 unless it behaves nicely with UAC."

That *is* what they did.

Even better, it should be following a proper UNIX-esque security model. It could create users/groups for specific escalation. Apps shouldn't ask to escalte to administrator level. They should ask only to escalate the rights they specifically need, such as writing to C:\Program Files\Foo\.

I don't know what UNIX systems you've been using, but that's not how they typically work. Nearly all "normal" security escalations in UNIX systems are done to UID 0.

(Somewhat ironically, it *is* the way the Windows security system works.)

Microsoft is happy to blame the users, but it is Microsoft who established the industry standards. They set the table. They tell the users how to use their OS, and they tell developers how to develop for their OS.

Microsoft have been telling developers to write applications so they didn't need Administrator privileges for over a decade.

If Microsoft shipped a more secure design from the get-go, we wouldn't have as many issues.

The "design" of Windows hasn't changed, even for the consumer oriented releases, for the better part of a decade. For the "Professional" releases, over a decade and a half.

I'm sure malware authors would still target the market-share king and eventually find chinks in the armor, but right now it is so easy to target Windows that every script-kiddie on the planet pulls it off with ease.

Most malware doesn't find "chinks in the armour", it finds gullible end users.

Re:Its the users, not the OS

[Cl1mh4224rd]

When performing a Windows 2000 or XP install, it prompts you to name a user, which is an administrator account.

What's even more retarded is that you always have to one non-Administrator administrative account, even if the Administrator account is "enabled".

My head nearly exploded when I found that out.

Re:Its the users, not the OS

[drsmithy]

There's absolutely nothing wrong with an app putting files into its own directory in C:\Program Files (and it's complete bullshit that this trips UAC in Vista). The only problem would be writing to another app's directory.

I agree. That's why the first thing I do on any UNIX system after installing the OS is 'chmod a+w /*'.

Re:Its the users, not the OS

[drsmithy]

I didn't say that a user should automagically be able to install to that directory, merely that, once there, an app should be free to write to its own subdirectory.

Why would it need to ?

Re:Its the users, not the OS

[drsmithy]

One of the biggest failings of computer security is this idea that figuring out who can be blamed is part of it. It doesn't matter whose fault it is, just that the security has failed.

Of course it matters. Without knowing where the security failed, you cannot hope to take steps to remedy the problem.

Perhaps you need to substitute "responsibility" instead of "blame".

Actually what needs to happen is for MS to make all application developers, including their own obey strict rules for sandboxing of applications not just from the OS, but from one another.

this would result in the same scenario you called 'absurd' just above.

I don't advocate locking things down to a single repository, like Apple did, but there's no reason a full fledged desktop OS can't get all the same security advantages without the single repository lock-in... if the OS vendor put in the work to do it.

You can't secure a system where the end user can run arbitrary code. Heck, it's still nearly impossible to secure a system locked down as tightly as the iPhone.

Average users shouldn't have to know the difference. They should just log in, be in normal user mode by default, and be asked for escalation of privileges in the rare instance where that is needed (NOT all the fricking time to do normal tasks).

Please define, generically, how "normal tasks" can be identified programmatically.

Re:Its the users, not the OS

[drsmithy]

I agree with the GP. Windows was designed to allow the user to log in as administrator. In fact, take a retail copy of XP and install it on a new computer. You will end up with an account that has administration privs. Enough said.

I suggest you ruminate on the difference between "design" and "configuration".

Re:Its the users, not the OS

[Kalriath]

Think of Program Files as /bin. You wouldn't let your apps put stuff in /bin would you? Programs should store per-machine data in ProgramData (or All Users\Application Data for lower than Vista), which is more equivalent to /etc.

Re:Its the users, not the OS

That would require Windows devs to program apps to a specific spec, something that history has shown isn't easy. Not to say that it isn't doable, but it would risk causing app developers to move to a different, less restrictive platform, a risk I'm sure Microsoft would not be willing to take.

.

Developers... Developers... Developers... Developers!!!!!!!!!!

Aieahhhhhhhhhhhhhhhhhhh! I love this company!

Re:Its the users, not the OS

[SlowMovingTarget]

OK, that clears things up for me. Thanks for the reply.

Re:Its the users, not the OS

[toadlife]

Developers... Developers... Developers... Developers!!!!!!!!!!

EXCATLY! :)

Re:Its the users, not the OS

[toadlife]

exactly too....

Nobody does run as root all the time

Nobody does run as root all the time. So it's still MS needs to fix their act where most people do.

Re:Nobody does run as root all the time

[Antiocheian]

So, don't run Windows with administrative privileges either. It wasn't easy in the early years of Windows 2000 but it is very easy now and almost all major applications work in restricted user privilege level.

Why not?

Why not?

The registry makes far more and serious problems than the linux/unix conf files ever did.

And they have different formats for the same reason a raster image has a different format to a spreadsheet file.

Re:" Microsoft is now blaming the problem on malwa

[fulldecent]

I asked for them to get rid of the BSOD, they got rid of the BSOD -- that's Windows 7.

Not our fault

[Enderandrew]

Microsoft claimed that IE 8 was the most secure browser on the planet, and that Windows 7 was the most secure OS ever. It clearly isn't their fault for making an insecure OS that is subject to malware.

That is simply impossible.

Re:Not our fault

[SnarfQuest]

I*s*n*'*t* *V*I*S*T*A* *s*u*p*p*o*s*e*d* *t*o* *b*e* *s*e*c*u*r*e*?*

* Windows has determined that
    someone is attempting to type
    using the keyboard.
      [Allow] [Deny]

Re:Not our fault

[plague3106]

Can you cite where they said that? I've seen "most secure version of IE" and "most secure version of Windows" but I've yet to see "most secure product on the market."

Re:Not our fault

[Enderandrew]

Just Google for it.

http://www.lockergnome.com/blade/2009/04/13/microsoft-says-vista-windows-7-are-the-most-secure-os-ever/

They make those statements all the time.

Re:Not our fault

[natehoy]

* Windows has determined that
someone is attempting to type
using the keyboard.
[Allow] [Deny]

**** ERROR: Mouse Movement Detected. Press [A] to Allow, [D] to deny ****

(user tries to press "A")

* Windows has determined that
someone is attempting to type
using the keyboard.
[Allow] [Deny]

Lather, rinse, repeat...

Re:Not our fault

[mjwx]

Microsoft claimed that IE 8 was the most secure browser on the planet, and that Windows 7 was the most secure OS ever.

Microsoft is smarter then that.

They use marketing phrases like "IE8: the most secure" and "Windows7: the most secure version of Windows Yet". This way they avoid committing to a statement (fraud, deceptive advertising) but still give people the impression of what you said.

Re:Not our fault

[Enderandrew]

http://www.google.com/search?hl=en&ei=DNQXS4WbKI7JlAf0msjzAg&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CAYQBSgA&q=%22windows+7%22+%22most+secure%22+ever&spell=1

Microsoft has said it repeatedly. They've directly said it is more secure than Snow Leopard and Linux, and they've outright said it is the most secure OS ever.

Re:Not our fault

[mjwx]

Sorry but that doesn't cut it. The only one remotely from Microsoft is from a technet blog (first result) and that blog doesnt even mention "Linux", "Apple" or "Snow Leopard".

Geek News site saying that Microsoft said doesn't count. Your "repeatedly" also comes down to a single comment from a single event made by Microsoft COO Mr Turner, this is also not a binding statement as it is the COO's opinion. It is the same as McDonalds COO saying in a press release that "the Big Mac is the best tasting burger on the planet today", it doesn't make it true and it doesn't make it binding.

Only fools believe press releases and only the most foolish of the fools use them as evidence. Advertisements on the other hand are not considered opinions and must be factual.

Like I said, MS is smarter then that, they've been slapped around too many times for making misleading statements in advertising. MS is greedy, not stupid.

Re:Not our fault

[plague3106]

Hmm... some jackass actually said that. Of course I personally default to dismissing claims like that as marketing nonsense.

Actually yes (but no). OS X is an excellent model

[SuperKendall]

What do you want them to replace it with? hundreds of .conf files scattered randomly about the filesystem, with no standard format?

After having used Linux and Windows and OS X systems for years, OS X does this right.

Yes there are "hundreds of conf files". But they are not scattered around, they are all in ~/Library/Preferences.

And they are usually named via the company name + app convention, like com.apple.mail.

And as opposed to being in "no standard format", they are all plist files (which are basically XML).

So it's easy to find where they are, easy to figure out what plist file belongs to what, and easy to edit or remove them as needed. If there is corruption (which I have never actually seen in practice) it would be limited to a single file - and an app encountering a preference file it could not read would simply replace it with a new default version. You would at worst lose a few custom settings for one app - and even then only as long as it took you to pull a backup of that single file out of Time Machine, since it's easy to restore the preferences for a single application from any backup.

However, I have to add that even if you went with a Linux system where the conf files are scattered all over in many different forms, I can say with confidence it is still 100% better than the nightmare of the registry. In practice the files are very easy to edit regardless of format, it's really only the question of the location that gets annoying.

it's OK, Don't Worry

[Storchei]

Hey, young fellow! Don't worry about Windows 7 problems! M$ is now working on Windows 8 to solve older Windows problems. Just wait for Windows 8! =P

Despite the serious failures Windows has, it's a bit naive to believe ALL malware would be neutralized on Windows 7 (or any other OS, to be fair), considering ALL previous Windows releases.

On the other hand, this kind of problems (black/blue screens, and stuff) have always been characteristic of Windows. If you don't like it use another OS, or stop complaining about this on each Windows release.

In summary, this problem is more of the same..

Worst. Summary. Ever.

[mea37]

Ok, sadly that's not true. But this headline and summary suck.

1) How is vulnerabiilty to malware not MS's fault?

2) The summary organizes the facts in such a way to read as though this were just MS denying blame and vaguely saying "malware did it"; read the links (especially the last one) and you'll see a different picture.

3) In its continued zeal to paint MS and anyone agreeing with MS in a negative light, the summary insults the blogger for appologizing after he had posted technical information he later found to be false, which incorrectly blamed specific MS actions that were not in fact at fault.

Please note - the Previx's apology is accompanied

[Phizzle]

by loud sucking sounds.

Re:malware...

[SnarfQuest]

This is George W Bush's fault!

Well, that seems to be the cause of all Obama's problems, so why can't Microsoft use it too.

Re:malware...

[Ziekheid]

Oh wow, we haven't heard that joke before!

Re:malware...

[icannotthinkofaname]

No, the malware is the update. They didn't have this problem before Windows Update did its thing.

Even that won't solve it

[Sycraft-fu]

Two reasons:

1) Malware can be plenty problematic on just a single user's account. After all most people aren't running multi-user systems. For them, the system is their data, their account. As such even if the malware can't infect the whole system, infecting their account is all it needs to do. The only consolation to that is that virus scanners could remove it easier, but then that presumes they'll bother to run one.

2) People will give the malware admin permission. By default, Windows Vista and 7 make nobody an administrator. When UAC is on, you have to escalate to do administrative things. An "administrator" account is just one that can escalate without a password, you still have to give permission on a secure desktop. The problem is, people look at it as just another hoop to jump through. They say "Yes" any time the system asks. So they get some file "cute fluffy bunnies-totally not malware.exe" and they run it and 7 says "Hey, this needs admin, and has no digital signature. You sure you want to do that?" They click yes without thinking.

There really isn't a solution to this. Admin rights aren't the problem, people are the problem. Hell, I remember a virus we got hit with that, to get past virus scanners, put itself in an encrypted zip file. In the e-mail it gave you the password to decrypt the zip. So a user had to open the e-mail, save the zip to their system, open it up, get the password, decrypt the files, extract the malware, and run it. Guess what? We had no fewer than 3 that did. They jumped through a massive number of hoops to do that, you really think an admin prompt would have stopped them?

The best you can do is have good scanners that check incoming files and block them before people can infect themselves. That is an imperfect solution, but I've yet to hear of a better one.

Re:malware...

[Ziekheid]

Did you even read this article?

Malware?

Malware is what users explicitly run

I thought malware was a broad term used to cover viruses, worms, trojans, spyware and other bad software.

Duh

[palmerj3]

"Our Death Screens are blue! PWND!"

this still doesn't say how to fix it!

[ILuvRamen]

It's awfully hard to install anti-malware software to fix it if you get nothing but a black screen. I sure hope it doesn't do this in safe mode and that my antimalware software can install in safe more and that my definitions files have added this malware that may be like 2 weeks old or something. One of my customers is coming over today with a black screened laptop. How am I supposed to fix it? It sounds like they haven't even decided on the cause yet!!! Maybe it's malware, maybe it's a registry entry, maybe it's windows, who knows! In fact, if you actually read the article, they say this problem However, we do know that "black screen" behavior is associated with some malware families such as Daonol.A So in other words, MAYBE that's the problem. MAYBE! And since it's MS saying it, probably not. I don't think everyone with this problem suddenly all caught the same virus that I've never heard of before. Googling the issue comes up with fixes that people say don't work and useless speculation. Does anyone have an actual fix for this that actually works?

Same difference

[SuperKendall]

I can create an application, put its settings in the registry, and boom -- I can manage it through an MMC for thousands of computers...

If you can control one file, you can control many. Which is why a separate preference file per app would work just as well. Only moreseo because a user HAS to be able to write to the registry, where you can totally lock down a single file. Yes I know you can theoretically lock down sections of the registry but that to me seems like a weaker system, not to mention the danger of registry merges corrupting something.

Re:Same difference

"Yes I know you can theoretically lock down sections of the registry but that to me seems like a weaker system"

What? Why is finer-grained control a weaker system than broad-brush control? It's the opposite way around. You'd have to have file per registry key to match that.

Also, the inability to completely lock out the file is a feature in that it prevents denial-of-service if the file is opened without sharing read access.

See http://blogs.msdn.com/oldnewthing/archive/2007/11/26/6523907.aspx . Obviously, some of the things he mentions can be fixed with a different .ini format, but generally the registry helps with a bunch of issues.

Re:Same difference

[HerculesMO]

Policy runs at elevated priveledges regardless of the user's privledges. So if the user is only a basic user or guest, then they can't modify the policy settings -- they are set by SYSTEM.

If you're a local admin well, sure you can modify the settings but that's like saying you are root and you can modify something -- it's obvious. But you can set defaults and they will always revert on a policy refresh (15 mins or so). So when you set that registry key to be 0 instead of 1, it will change back to a 1 in 15 minutes, even if you're an administrator. The benefit is that I can lock down the registry security through policy as well -- so I can prevent even admins from changing their settings. Though that would be a bad idea, but it is technically possible.

Re:Same difference

[StuartHankins]

This functionality is also possible on Linux or OS X using config files, in fact all the other features of using files apply (ability to replicate only certain changes, no boot delays waiting for group policy to be applied, ability to use compressed tools such as rsync to send not only configs but entire subtrees & application installs as well as settings). The registry's only pluses are that it's graphical -- which increases the number of low-skilled workers to use it -- and it's integrated into Windows. Group policy is just an implementation of registry data.

Have you ever tried to look at a user's registry through a WAN connection? You know, in the event that you need to investigate something but you can't knock the user off or assume control of their machine? It's like the Windows Event Log -- absolutely ridiculously huge and terribly slow to navigate. I can run a single ssh command to query 8 Linux servers at once and show all their results on a single screen -- almost as fast as I can type it.

But even tools that access the WMI interface are painfully slow -- try using Sysinternals' psinfo on a computer over a WAN connection. Takes over a minute to run in some cases!

I prefer simple, small and fast, thank you very much. The Windows Registry is none of these.

Re:Same difference

[HerculesMO]

You need to read about Powershell.

Yea, I can do all that stuff, pipe it to something, grep it -- all the fancy bash stuff there is, and then some more.

And yea, it's also fast.

The point about *nix or OSX using the config files and rsync well -- sure you can do it, but you have to write the code. And to that point, I can still do the same thing using Powershell, but it's easier through policy. If I want to deploy software, I can do that through AD as well.

Just because you know one way in *nix doesn't mean it can't be exactly the same in Windows. Most things that *nix does well have been coopted or stolen and put into Windows over time.

Your using antiquated tools and methods to query data when there are faster and easier methods to do the same things now isn't the fault of the OS, it's your fault.

Re:Same difference

[gad_zuki!]

>Only moreseo because a user HAS to be able to write to the registry, where you can totally lock down a single file

You can change permissions PER KEY. You can make them what you want them to be. There's no all write or all read. ACLs all around.

Re:Same difference

[asdfghjklqwertyuiop]

So when you set that registry key to be 0 instead of 1, it will change back to a 1 in 15 minutes, even if you're an administrator. The benefit is that I can lock down the registry security through policy as well -- so I can prevent even admins from changing their settings.

Unless said admin uses his control of the machine to prevent the policy from working?

Re:Same difference

[HerculesMO]

Sure, but root can do that too, right?

Policies are created for ease of use and broad deployment and management. Not to control idiotic users.

Now if a user has admin rights and tries to disable the refresh on his policy or whatever -- he is free to do that, but the bigger question is why does he have admin rights to begin with? This is a higher level question than just the policy, and one down to the competence of the admin.

Re:Same difference

[magamiako1]

I read an interesting article in group policy a few months ago regarding the performance processing of group policy. It came down to the following:

Do you create a giant, single flat group policy object that handles every shared security setting that you need? or do you create small, targetted group policies that have everything "not configured" and only configure what you need?

When updating group policy in the first scenario, indeed every system needs to apply the entire group policy object again. When updating specific policies in the second scenario, it will only update what is configured.

This is, however, not necessarily a problem unless you're in a gigantic organization with a multitude of connection types, tons of users, etc.

Or if you need to change a policy setting often, you can do so with far less overhead by separating it out into its own policy.

You can read about it here: http://www.windowsnetworking.com/articles_tutorials/Optimizing-Group-Policy-Performance.html

"And I'm A PC" - Windows 7, 2009

[LifesABeach]

Maybe the malware would have a harder time getting into the system if m$ didn't load a pile of crap in along with the product they just sold? It takes me a couple of daze to clear the unwanted garbage that comes with any m$ product. Not m$'s fault? When I sell a house, as part of the "deal" I don't leave the contents of a Stadium Dumpster in my clients new front yard.

Re:"And I'm A PC" - Windows 7, 2009

[secretcurse]

What do you object to in a default install of Windows? Does having Minesweeper on your machine bother you that much? The crapware on a new computer is all installed by the OEM to subsidize the hardware costs. If you install a fresh copy of just the operating system, it's actually rather clean and nice. I think your beef is with whoever built your computer. They bundled all the extra crap.

Re:malware...

To be fair to Obama, George W. Bush was a really horrible president.

Microsoft should be the one grovelling...

[geekmux]

...as yet again, even with a year of RC testing, we're a month deep into the release of a "new and improved" OS that is obviously just as vulnerable as previous OSes with malware...Spank you very much, Micro$haft.

Re:Microsoft should be the one grovelling...

[wampus]

I agree totally. Microsoft should make the OS operate correctly after system configuration files are subtly corrupted by third party software. Using magic.

Re:Microsoft should be the one grovelling...

[geekmux]

I agree totally. Microsoft should make the OS operate correctly after system configuration files are subtly corrupted by third party software. Using magic.

There's a large difference between valid third-party software and true malware. Kudos to MS for a job (not-so) well done with the new OS Security. You would think they could learn the meaning of the term sandbox by now. Apparently it IS magic for Microsoft.

I suppose in the end we're going to blame the trigger-happy user running the mouse though, right?

Re:Microsoft should be the one grovelling...

[wampus]

Completely the end user's fault. What options do you have to prevent this problem short of denying the owner of the PC access to their own PC?

Re:Microsoft should be the one grovelling...

[geekmux]

Completely the end user's fault. What options do you have to prevent this problem short of denying the owner of the PC access to their own PC?

Are you shitting me? How about NOT running as a local Admin? How about proper sandboxing and protecting core OS files? Give me a break. Others HAVE done this.

What options do I have? I guess I have many options, as long as it doesn't come from Redmond.

Re:Microsoft should be the one grovelling...

[EndlessNameless]

//Are you shitting me? How about NOT running as a local Admin? How about proper sandboxing and protecting core OS files? Give me a break. Others HAVE done this.//

wat?

The registry is not executable. It is essentially a configuration file. It's stored as binary blobs rather than ASCII, true, but it's a glorified conf file.

"Protecting" a conf file doesn't work if you need to change the config. And before you rant further, yes, you can get per-hive (and finer) granularity for registry permissions. And beyond that, any organization with a domain can push those permissions globally via group policies.

At home though, this security is irrelevant. None of this protects against a user who clicks a UAC prompt to install crazy cursors or get free backgrounds on their desktop.

As I said in another post, it may be reasonable for the shell to handle invalid initialization options gracefully.

But this security canard is really getting beaten. Since Vista, even accounts which are administrators do not run with admin privileges. Windows generates a prompt when a process attempts to elevate. Local escalation exploits---common on XP---are far less frequent on Vista or 7. While Vista or 7 don't even compare to, say, BSD, the OS security is rarely the source of these problems anymore. Most current malware runs without administrator privileges. This restricts its activity to the account of the user that loaded it---which is all the OS security model should do.

If it's a matter of preventing users from running things they shouldn't, that is beyond the scope of the OS security model and into the realm of configurable security policy.

Re:Actually yes (but no). OS X is an excellent mod

[rcamans]

Part of MS registry problem is that they are single files. MS needs to have one for OS, one for MS apps, one for Standard apps, and one for legacy apps ( the current registry name works there). Changing to this separation would at least release most of the boot process from a corruption. Only having to revert to one part backup would keep life simpler. Having a transaction system for writing to registries would help roll back out of issues.
Then there is the need to properly parse the registries.

Sure it does

[SuperKendall]

Any OS is susceptible to malware. Malware is what users explicitly run, and then it does bad things to their system. You can't secure against that

Actually you can, to some extent. Anything the user runs on OS X for the first time after download issues a warning, and then you need an administrator password beyond that to modify the kinds of system level files we are talking about here.

The base issue is that in Windows 7 Microsoft weakened UAC, so even if you have it disabled a program can do some system level things without warning if you are logged in as administrator. Why should Microsoft get a pass for doing this? Sudo doesn't have these kinds of holes built in...

Re:Sure it does

[shutdown+-p+now]

Actually you can, to some extent. Anything the user runs on OS X for the first time after download issues a warning, and then you need an administrator password beyond that to modify the kinds of system level files we are talking about here.

Vista/7 do both things (warning about launching of binaries that originate from the Net, and requiring a confirmation to elevate to admin) as well. This doesn't solve the "dancing bunnies" problem, however, which is the source of vast majority of infections out there. Why bother with security vulnerabilities at all, if you can trivially convince the user to run the payload himself, and click through all the prompts?

The base issue is that in Windows 7 Microsoft weakened UAC, so even if you have it disabled a program can do some system level things without warning if you are logged in as administrator.

The "weakened" UAC in 7 doesn't let any random programs do any system level things without warnings. The only thing that's weakened is that certain (effectively whitelisted) programs that come with OS can change system settings without elevation - most notably, built-in screens in Control Panel.

Re:Sure it does

The "weakened" UAC in 7 doesn't let any random programs do any system level things without warnings. The only thing that's weakened is that certain (effectively whitelisted) programs that come with OS can change system settings without elevation - most notably, built-in screens in Control Panel.

Until someone cleaver discovered he could have some fun with the control panel process and then cause it to trigger an elevating condition (WriteProcessMemory + CreateRemoteThread).

Re:Sure it does

[drsmithy]

The base issue is that in Windows 7 Microsoft weakened UAC, so even if you have it disabled a program can do some system level things without warning if you are logged in as administrator. Why should Microsoft get a pass for doing this? Sudo doesn't have these kinds of holes built in...

Sure it does. The rough equivalent in UNIX is a SUID root binary.

Re:Sure it does

These are still just excuses. If 20,000 new malware are created for your platform every day you need to take action to fix the problem. Even if the user launches the malware themselves, it should not be able to take down the system.

And if they really are that inept that they can't fix this, then by now they should haveset up a 3rd party non-profit foundation that tests and approves Windows binaries ad certifies them anti-malware and marks them as such with some property or signature. Windows should come set so that it can't launch apps that don't have that approval. Many Windows machines only run MIcrosoft and Adobe apps. Why does thebuser had to have a system where any random shit can run? It's wy antiquated thinking with a healthy dose of nerd-blindness as well.

A friend of mine just lost her whole Windows system today because she followed a link in an email from a friend. She can only move one hand, she cannot do much without a computer. The ability to run arbitrary Win32 apps is not as important to her as a functioning system. She has paid thousands of dollars to an I-T consultant over the past 2 years to keep a fucking Windows PC up and running on the Internet. Thankfully, she has given that up and bought a MacBook Pro today.

There is no excuse for the malware and viruses on Windows. It is 100% Microsoftzms fault. Their only fuvking responsibility is the fucking system software. What processes are running or not is fucking basic. NO FUCKING EXCUSE.

Re:malware...

[davester666]

Yeah, they just promised everything about Windows 7 is easier, faster and more convenient. Not just for users, but also for malware...

Re:Second Edition

[conureman]

Microsoft kinda brings up the car analogy here; Like CalTrans, the highways will probably handle last year's traffic volume within the decade.

Re:malware...

[MickyTheIdiot]

Unless you make above 500k a year, then he was the best president ever.

Crock of shit

[plague911]

After after downloading microsofts update I had to do a system restore to get my computer to boot. Over the years of using windows the single program operation that ive found most risky to use is windows update...

false dichotomy

[jDeepbeep]

hundreds of .conf files scattered randomly about the filesystem, with no standard format?

False dichotomy. Why did you present the conf scenario as files with no standard format? They could be, and most likely would if it was presented as a replacement for the registry. Be intellectually honest, and present the option of a *de*centralized, standardized configuration system.

...but we here at /.

[Slash.Poop]

don't believe anything M$ says.

Re:Actually yes (but no). OS X is an excellent mod

[jason777]

After having used Linux and Windows and OS X systems for years, OS X does this right. Yes there are "hundreds of conf files". But they are not scattered around, they are all in ~/Library/Preferences.

Hmmm, the mac sounds like it has a similar solution, but that isnt much different than the windows registry. I'm wondering how its better?

Re:Actually yes (but no). OS X is an excellent mod

[PerfectionLost]

I have seen plists for active directory binding settings get corrupted before. That module on OSX is particularly buggy.

How is malware not microsoft's fault?

[presidenteloco]

Perhaps if their operating system properly separated and sandboxed applications, malware
would have a harder time crashing the whole OS?

Just a thought. Last time I checked my watch, it was 2009, and we've known how to do
that sort of OS design for probably two decades now.

Re:How is malware not microsoft's fault?

[natehoy]

As long as the person using it understands what a program should have access to and is capable of making an informed decision that "dancing fluffy bunnies" should not have access to the Master Boot Record or the /windows/system32/etc folder. As opposed to, say, a system management tool that should.

If you allow "my computer is an appliance" users to install software, then malware writers will be out there offering up useful-looking applications that are full of malware. What's an OS writer to do? In XP, Windows made the huge mistake to keep the average user running as Administrator, which was admittedly a huge error. They've seen the error of their ways, and tried to fix it in Vista and Se7en. With UAC, the USERS are STILL ASKING for this software to be installed, then people get upset when, lo and behold, it does get installed.

Case in point: Someone from a neighboring cube stopped by my desk not 15 minutes ago, asking about a "red shield screen" that came up and told her, out of the blue, that she had all these virus infestations that she could "pay $50 now and clean up immediately". She's clever enough to know that (a) she's already got a virus scanner installed, and (b) it's not called "Red Shield" and (c) she never asked "Red Shield" to look for viruses which raised suspicion as to where it came from. So she turned the computer off immediately and asked me about it today. In all seriousness, that likely puts her in the top thirty percent of computer users in terms of security awareness and savvy. Maybe better.

We can design the software to be as secure as we want. We can allow an untrained user to install software. PICK ONE.

Re:How is malware not microsoft's fault?

[99BottlesOfBeerInMyF]

As long as the person using it understands what a program should have access to and is capable of making an informed decision that "dancing fluffy bunnies" should not have access to the Master Boot Record or the /windows/system32/etc folder. As opposed to, say, a system management tool that should.

This is not necessary at all. Simply apply ACLs to every application. Apply more restrictive ACLs to unsigned applications and don't even give the user the option the escalate unless they go into advanced settings. Provide good sandboxing up to and including a VM that the malware will have difficulty knowing it is in. If all of the above fails, allow current security companies to provide an ACL/graylist for software using the built in security architecture.

If "dancing fluffy bunnies" is signed, then the malware author will be caught in short order and the signature revoked. If it is not signed and it wants to do anything useful, the user will have to have the knowledge to manually disable the security (which will not be necessary to run any software the user has ever seen that isn't malware) and it will have to have been missed by any security feeds the user subscribes to.

This is largely a solved problem complicated by several nontechnical problems. MS has a monopoly and it is more profitable for them to do little and make press releases than it is to actually invest in coding and testing this. MS is not great at innovation, and no other major vendor has done this for a mainstream desktop because there is no demand except on Windows. MS is terrible at UI usability, and usability is integral to security in this instance (one of the reasons UAC has failed to be effective).

They've seen the error of their ways, and tried to fix it in Vista and Se7en. With UAC, the USERS are STILL ASKING for this software to be installed, then people get upset when, lo and behold, it does get installed.

Users are not being given the information they need to make a good decision or the interface with granular control they need to make a safe decision. If you want to run software you don't trust, safely on Windows (even 7) the easiest way is still to install a VM, install windows in the VM, install the software in Windows in the VM on Windows, run the software, and rollback the VM when you're done. That is way beyond the capabilities of the average user and is way, way, way to slow and cumbersome of a method. Why can't Windows have a simple "This application is from an unknown source and wants to perform actions that may compromise your computer's security (Don't run it) (Run it safely in a sandbox) (Advanced Options)" With 'Advanced Options' being the only way to run the application and let it have more permission than a very restrictive sandbox?

We can design the software to be as secure as we want. We can allow an untrained user to install software. PICK ONE.

Bullshit. Untrained users install software securely on the iPhone. They do it on a good SELinux setup. The idea that you have to pick one is simply crap that people assume based upon having no idea about security except as it exists in Windows.

Suffering the fruits!

[zooblethorpe]

Microsoft is suffering the fruits of it's previous bad behavior.

Maybe it's because I haven't had my coffee yet, but reading this, I almost bust a gut. All I can think of is that scene in Time Bandits where Michael Palin and Shelley Long are in the middle ages and have been held up by the band of midgets and tied to a tree, and Palin begins shouting,

"Oh no. The problem. The problem, Pansy! It's started again! Ooh, oh... Fruit, Pansy! I must have fruit!"

Suffering the fruit! Hee hee!

Cheers,

Re:malware...

To be fair to George W. Bush (OMG!), all politicians are really horrible.

Re:Actually yes (but no). OS X is an excellent mod

"So it's easy to find where they are, easy to figure out what plist file belongs to what, and easy to edit or remove them as needed."

Furthermore, you can use the "defaults" command-line program in OS X to read and write preferences, so it is trivial to export them all and then re-import them in, say, an entirely different user account for all of the installed applications or only for selected applications. 'man defaults' for more details.

It's all just posturing.

[Crasty]

Fact of the matter is, OS's should be Malware free. But also, copy protected software shouldn't be crackable. Encoded movies shouldn't be copyable. Married women shouldn't be ****able. Banks shouldn't be robbable.

Anytime somebody wants bad enough to accomplish something, they will. The real thing protecting Apple and Linux... lack of market share. The pros don't target bums for the big heist. If you you are going to put effort into something, you do it for the returns, and writing a devastating linux/mac malware (when linux varieties are far less standardized than MS OS's, and mac has 80%+ less market share) just isn't going to get you the attention/money etc. that tampering with the market share leader will accomplish.

Re:It's all just posturing.

[natehoy]

True. There are some other factors at work, though, in the security end of Linux.

Most (not all, but most) Linux users install software pretty much exclusively through a series of trusted repositories. In order to get someone to install malware, you have to either invade the repository, or convince a user to point to a bad repository, or have them install software manually (the latter is generally not something you'll get an inexperienced user to do).

There are at least two major advantages to that type of setup:

1. Security patches for each and every bit of installed software can be deployed and installed by end users easily and quickly (think "Windows Update" except it covers everything in your system). Since this is a central updating system, the system can scan ALL of your software frequently and look for updates. So a vulnerability, once fixed, can simply be published out to your favorite repository and the updater will catch it within a day or so, or faster (Linux Mint by default checks for updates every five minutes, which I think is a little too aggressive).

2. All the software available to the user has been vetted by someone that the repository trusts, and the user of that system can easily be convinced only to load software from a trusted repository by simply virtue of the fact that it's harder to do it any other way, and there's LOTS of software out in repositories to choose from. If I want a pair of eyeballs that follows my mouse cursor, I can find it out in the repository, and I'm relatively certain it's free of malware because I didn't go to a random website and download the first one I saw. It's like having a free IT department protect Aunt Edna's machine from harmful software by only offering her stuff that's been reviewed by the repository owner to be OK.

Now, having said that, repositories can be hacked, and buggy software can and does get into repositories. But it's another (and an important) layer of defense. And most major Linux distros have a huge vested interest in keeping malware out of their repositories.

Re:It's all just posturing.

[daveime]

So your basic "security" model for *nix is that "the users are more savvy, and won't do stupid stuff" ?

(Something similar to the Apple security model, which is "the users aren't allowed to do stupid stuff because Steve says so").

Now welcome to the real world, where idiot-proofing a system just leads to more determined idiots.

Re:It's all just posturing.

[joeyblades]

I disagree with this premise. Not that Mac OS has less market share - that's clearly factual. The part I disagree with is your assumption of impact. If I wanted to develop malware I wouldn't choose the platform where there are thousands of people on the lookout for it and a large portion of the market has software tools installed to fight against it. I would choose the system that is more open and most of the users blindly/blithely assume they are safe.

In other words, the Windows market share that is susceptible is lower than the Mac OS market share that is susceptible. Also, given that Mac users tend to be in better economic positions than Windows users (in general), a well placed piece of malware on the Mac would get the perpetrator much more publicity/visibility.

Plus, imagine the kudos from the hacker community for the wizard that is the first to pull it off...

No, I don't think market share - as you measure it - has anything to do with it.

Re:It's all just posturing.

[natehoy]

No, I'm not saying that at all, though I can see how you might interpret it that way.

Let me attempt to be clearer.

The default install of any modern Linux distro includes access to a series of trusted repositories. Those repositories contain huge libraries of software that have been vetted out by the repository owners. It's also VERY easy to install software from those repositories. And I'd venture to guess that there is a solution for about 90% of the things that your average user would ever want to do sitting in the repository, generally a half-dozen solutions.

And, unlike the current mess in the commercial world where Acrobat, Flash, Google Earth, your video drivers, etc either have to have their own updaters or you have to remember to check for updates manually, ALL of your installed software is kept up to date constantly with the latest security patches using a central updater. It is possible to get bad software on those repositories, but it's a smaller risk than going to random websites and installing software one at a time. And it's very easy to keep all of your software at the latest, most secure versions.

If you want to add a repository to do something different, it's relatively trivial, but is an extra step. Once that additional repository is installed and trusted, any software installed from that repository is also updated as soon as the author comes out with a new update. It is possible to find and add bad repositories, but again it's harder than installing one-offs.

If you want to install something outside the repository, that's where things get risky, but it's also where things get more complicated. It's harder to do, usually requires some command-line work, and the user has to make sure to keep it up to date themselves.

The advantage of a repository model is that the user's default behavior (and the easiest way to do things) is directed toward the safest method for installing.

As the users become smart enough to handle installing software manually, they'll also have a better chance of understanding what they are doing.

Obviously, it's not a perfect solution. It's a significant iteration toward security, not a total guarantee of security.

The problem with systems (such as Windows) that do not have a good central repository is that users will immediately start searching the Internet at random for their software. Once installed, most of that software (assuming it's not malware) either bogs down the system with its own updater or gets hopelessly out of date and never gets patches to fix any security holes in it.

There used to be "tune-up" software available for Windows that would go out and get the versions of all of the software installed on your machine, then check them against an internal database of the latest versions of all the software it knew about. It didn't handle any of the installs, but at least it could tell you about it.

Re:It's all just posturing.

[mcgrew]

Banks would be a lot more robbable if bank robbery were legal, and there would be a lot less adultery if adultery were a felony. Copy protection is an unatainable goal due to the fact that if you have the CD/movie, you also have the key.

If market share were the deciding factor, Apache would be the most hacked web server there is; it has the lion's share of web servers. But IIS is the most hacked web server, despite its lack of popularity.

Liquor stores still get robbed, despite the fact that there are banks nearby, because the bank has better security. Like Apache vs IIS.

There are millions of Apples sold every year. You could make a HUGE Apple botnet, but why rob the bank and risk certain capture when you can hit the liquor store and get away scott free?

Re:It's all just posturing.

[NotBornYesterday]

Married women shouldn't be ****able.

Many don't, after you marry them.

Re:It's all just posturing.

[daveime]

No, I'm not saying that at all, though I can see how you might interpret it that way.

Sorry, my attempt at summarizing your post might have been too glib.

The default install of any modern Linux distro includes access to a series of trusted repositories. Those repositories contain huge libraries of software that have been vetted out by the repository owners.

So we have to assume that the repository is safe, and the owner is savvy.

It's also VERY easy to install software from those repositories. And I'd venture to guess that there is a solution for about 90% of the things that your average user would ever want to do sitting in the repository, generally a half-dozen solutions.

And for the other 10% the user is *just* as exposed as any other OS user. Likewise, your 90% of things is based on the current, limited set of *nix* users who tend to do limited things. I'd like to bet a large subset are into coding, and install things like perl, php, ruby etc. The traditional packages that people download are well established and maintained with a good history and behaviour. As the system becomes more mainstream, more bad things will creep in.

I know on *my* previous attempt with Ubuntu, (yes I do keep trying every year to believe), I got stuck on finding a decent software for my TV card that would allow playback and recording simultaneously (without wanting to install 100 packages including MySQL, servers, clients and all sorts of gubbins) ... MythTV, I'm looking at you. Once that chore passed the 12 hour mark still with no success, I gave up on Ubuntu again, and will maybe take another look in 2010.

And, unlike the current mess in the commercial world where Acrobat, Flash, Google Earth, your video drivers, etc either have to have their own updaters or you have to remember to check for updates manually, ALL of your installed software is kept up to date constantly with the latest security patches using a central updater. It is possible to get bad software on those repositories, but it's a smaller risk than going to random websites and installing software one at a time.

And it's very easy to keep all of your software at the latest, most secure versions.

Something like Windows Update, which we all know never goes wrong and bangs out bad paches that Black Screen your PC etc. There *are* a lot of times, I don't WANT Adobe pushing the latest 94MB update on me automatically, but when I do, going to their website is not that much of a chore.

Nethertheless, in the Windows world, they could never manage a repository for third-party software ... there's simply too much stuff, and once they attempted any "vetting" of potential malware etc, they'd be up to their ears in lawsuits and accusations of being anti-competitive.

If you want to add a repository to do something different, it's relatively trivial, but is an extra step. Once that additional repository is installed and trusted, any software installed from that repository is also updated as soon as the author comes out with a new update. It is possible to find and add bad repositories, but again it's harder than installing one-offs.

Again with this "automatic trust" of A N Other repository ... if *nix ever got a decent market share, how long do you think it'll be before "bad" repositories become the norm. Look at what happenned to the eMule / eDonkey search servers ... for every good server, there was 20 bad ones pumping out malware.

The advantage of a repository model is that the user's default behavior (and the easiest way to do things) is directed toward the safest method for installing.

As the users become smart enough to handle installing software manually, they'll also have a better chance of understanding what they are doing.

Obviously, it's not a perfect solution. It's a significant iteration toward security, not a total guarantee of security.

yes, for e

Re:It's all just posturing.

[SuiteSisterMary]

The problem with systems (such as Windows) that do not have a good central repository is that users will immediately start searching the Internet at random for their software. Once installed, most of that software (assuming it's not malware) either bogs down the system with its own updater or gets hopelessly out of date and never gets patches to fix any security holes in it.

Actually, the problem with systems (such as Windows) is that when they try to do such things, they get charged with antitrust, get accused of 'bundelling' and 'stifling competition' and all sorts of crap like that.

This is one of the few times you are likely to see

[bill_kress]

...microsoft admit that all their OSes are STILL extremely vulnerable to malware that can easily shut down the machine.

I'd much rather it was an update, this does not fill me with confidence and pride.

4 possibilities

[Ilgaz]

1) This thing happens although not as described by that vendor but somehow happens.

2) This is a major conspiracy by a major rival (e.g. Apple) to spread FUD about MS especially after Win 7 release.

3) This is the always mentioned (in theory) "evil virus" that is so good that it can't be even detected by current technology. (theorized since MS DOS)

4) This is a hoax by a large troll organization who can manage to send thousands of people, including slashdot account holders to say "yes, it happened to me too."

Trust me, even Apple can't get away with such a BSOD after update, even the "cult" won't let it. If you claim otherwise, you must be claiming one of the conspiracy theories above. This thing exists, it happens, it is not a major conspiracy and you do no good on behalf of MS when you claim "couple of random people" having it.

The side effect will hit US as usual, as Windows users now have second perfect excuse to turn off automatic updates. The first excuse was a damn legitimate one BTW, check WGA on Google. They installed it like a freaking trojan to their own users computers masking as something else.

ps: Black screen reminds me one of the "punishments" WGA does. Blacking the desktop background. Some routine got falsely triggered? Eh MS?

Re:malware...

[Mister+Whirly]

Why let facts get in the way of a good ol' fashioned Microsoft bashin'? Just repeat the same copy-pasta over and over until you start to believe it yourself!

Re:Actually yes (but no). OS X is an excellent mod

[painandgreed]

After having used Linux and Windows and OS X systems for years, OS X does this right. Yes there are "hundreds of conf files". But they are not scattered around, they are all in ~/Library/Preferences.

Hmmm, the mac sounds like it has a similar solution, but that isnt much different than the windows registry. I'm wondering how its better?

Well, it typically means that one bad file does not screw the entire computer. I haven't had issues with any OSX prefs becoming corrupted, but if it is similar to Mac OS 7-9, if you delete the corrupted file, the program in questions sees that there is no file and simply creates a new fresh one. You could go into your old MacOS Prefs folder and delete everything. The Mac would work just fine* and if any corruption in those files was causing problems, it would be gone. Sure everything was reset to defaults, but changing those is usually a minor issue. Let's see you go to the Window's registry and delete everything and continue working.

*Not quote true. Some 3rd party apps used the pref file to store registration keys so you'd have to enter them in again, or back them up because the key was specific to a random number that was created at the time of creation of the pref file.

Re:Actually yes (but no). OS X is an excellent mod

[Xtravar]

All of the data isn't globbed into some hidden binary file somewhere that is useless to people trying to move to a new computer or freshly installed OS. Or, god forbid, trying to fix their inoperable GUI OS via a terminal connection. Yeah, there's remote registry editing and probably some command that is half as useful as it should be, but why reinvent the wheel?

I don't fault the original registry developers. It's a good idea in theory, but a clusterfuck in practice. It probably wins the performance battle, but I never really understood why an application needs to poll registry values every second, anyway.

Gnome's got a hybrid registry + conf file solution as well. Me, I just prefer the standard linux free-for-all. You never need to touch most conf files, and you learn the ones you do. One format isn't the best for all apps.

Grovelling?

[NeverWorker1]

I didn't really see any grovelling, but that really is what they should be doing. The headlines microsoft got out of this were terrible. It was a major PR fiasco for them. Prevx should consider themselves lucky MS isn't suing for libel.

Well, no registry cleaning to begin with

[Ilgaz]

I have 700-800 plist files in my Preferences directory. All those widgets I tried, apps I installed, removed, run one time.

It must be like 1 line of command on Terminal or basic "Finder" order by date to find the old/unneeded ones and delete them but I don't bother. Why? Because it has zero effect on OS X. OS X wouldn't really care if there were 1000000 pref files there since it is not its business to maintain them let alone read them.

On Windows, while I hate the idea from the beginning, if you don't clean up your registry, OS will do it for you. Last time it was like 20% overhead required to clean it up at boot. If you get enough junk on that already huge, complex file, it will effect the entire performance of system. Windows _has to read_ that gigantic database to function and find its way in it.

ps: Now you understand why Windows technical user switchers insist on having "uninstall tool" or be amazed at "no add remove programs" on OS X? They generally think having redundant, old files, needless files will somehow effect their system. You can even add "universal binary haters" to that camp. I don't blame them, I blame Windows.

Re:Well, no registry cleaning to begin with

[magamiako1]

Applications not properly cleaning out the registry is not Microsoft's fault.

Re:Well, no registry cleaning to begin with

I think the word you were looking for is "affect". Twice.

Re:Well, no registry cleaning to begin with

[jpmorgan]

You know what else is a giant database? Your filesystem storing those all those pref files. Suggesting that one will inherently cause performance problems and the other won't, is either ignorant or disingenuous.

Re:Well, no registry cleaning to begin with

[Ilgaz]

Average OS X Leopard install is well beyond 1 million files. Systems, the way they use files, the way they store files are very different, I am saying as a person who is really using them in all kinds of configurations. In fact, needlessly "cleaning" files may cause B-Tree fragmentation itself...

Re:Well, no registry cleaning to begin with

Use the free program AppCleaner. It locates all of those files and allows you to remove them with one click. All clean, no reference to a program at all left on your system. It works great for cleanup.

Re:Last I checked...

[Neofluffybunny]

Yes, but you can uninstall it. Linix. Would a penguin lie to you?

Re:malware...

[Zero__Kelvin]

To apply your analogy properly, Steve Ballmer would have to blame Bill Gates for all of Microsoft's problems. Oh wait!

So Windows in Utopia land works with normal user?

[Ilgaz]

Installers, Games, Utility programs, Firmware updaters and even the Windows update itself.

Don't blame those users, blame the OS vendor for stealing everything from Apple but not stealing "Enter your administrator password to continue".

Bzzt!! Wrong Again

[mpapet]

but Windows 2000 and beyond has the structure to allow users to log in as normal users with their own environment. HKCU is their own personal registry hive and they have their own 'home' folder at %userprofile%

This statement is false. It's vaguely truthful in the sense that these the things mentioned exist, but attempting to use the OS it all falls apart.

Their file browser does not work correctly in less than Administrator mode.
Can't schedule a task in anything less than Administrator mode.
Windows update doesn't work at all in less than Administrator mode. Errors out, with no way to elevate privileges.
The is just the top of my list. I know this because I admin windows 2000 on-up servers as less than admin and run into stupid issues like this *every* *single* *day.*

We're practically 10 years into the 'new' Microsoft security thinking. Microsoft is selling their new-improved security ideal (and you bought it) but their inaction shows nothing has changed. 10 years, nothing has changed.

Linux and the BSD's have made huge progress in the same time span.

Back to the main story: hidden registry entries suggests what Microsoft critics have been maintaining all along, Windows 8 security is the 2000/XP security model with UAC lard on top.

Re:malware...

He's said so many times. But when you have a majority in the house, a majority in the senate, and the presidency, at some point you need to accept responsibility.

When you think "what's the difference" ...

[Zero__Kelvin]

"Having great security around the base OS is a good thing but if you don't also provide good security for the users' files, it's kind of like getting a bunch of guards to protect a bank but leaving the vault in an unprotected building next door."

When you are thinking "what's the difference?" you should be answering "I don't know; I'm obviously missing something since everyone with a clue says there is!" You are forgetting that Linux is multi-user. When you do stupid things, like run a trojan because it will give you free midget pr0n, I don't want my files, or the OS upon which I am running molested by your new midget friend.

Also, we all know you have good backups, right? So you obviously would rather just restore your backed up user data than re-install the whole fscking OS after learning your valuable lesson, right?

There is more, but I believe I made my point.

Re:When you think "what's the difference" ...

[athakur999]

Sure, Linux is a capable multi user system but the vast majority of Windows machines that /. would love to see converted to Linux will be single user systems. The fact that malware running with user-level privileges can't touch the files of other users would be of little comfort to single user machines.

Re:When you think "what's the difference" ...

[Zero__Kelvin]

I guess you missed or didn't undertsnad when I wrote: " Also, we all know you have good backups, right? So you obviously would rather just restore your backed up user data than re-install the whole fscking OS after learning your valuable lesson, right?"

Re:When you think "what's the difference" ...

[drsmithy]

You are forgetting that Linux is multi-user. When you do stupid things, like run a trojan because it will give you free midget pr0n, I don't want my files, or the OS upon which I am running molested by your new midget friend.

Newsflash (well, more accurately, "Oldsflash"). The world is no longer filled with green-screen trminals connected back to a central, professionally managed mainframe. The vast majority of computers in the world are single user, even though they are running multiuser OSes.

Also, we all know you have good backups, right? So you obviously would rather just restore your backed up user data than re-install the whole fscking OS after learning your valuable lesson, right?

No, I'd *much* rather reinstall the OS that a) have to go through the hassle of digging up backups and b) losing any data that's changed since the last one. The OS files are trivially available and essentially static - why would I be concerned about losing any of them ?

Re:When you think "what's the difference" ...

[supernova_hq]

Ok genius, if you reinstall the entire OS, why would you not still need to restore the backups...?

Re:When you think "what's the difference" ...

[drsmithy]

Ok genius, if you reinstall the entire OS, why would you not still need to restore the backups...?

By not formatting as part of the reinstall ? By keeping data on a separate drive ?

Re:When you think "what's the difference" ...

[Zero__Kelvin]

"By not formatting as part of the reinstall ? By keeping data on a separate drive ?"

If you didn't lose your data, you sure in hell didn't lose the OS when the OS is Linux. Keeping data an a seperate drive does absolutely nothing to save it. Think McFly! Think! (Who the hell did you steal that low SlashID from anyway?)

Re:When you think "what's the difference" ...

[Zero__Kelvin]

"The OS files are trivially available and essentially static - why would I be concerned about losing any of them ?"

So what you are saying then is that you've never actually used an OS beyond just installing it and leaving it in the out of box configuration then. That pretty much explains your complete cluelessness in a nutshell.

Re:When you think "what's the difference" ...

[drsmithy]

So what you are saying then is that you've never actually used an OS beyond just installing it and leaving it in the out of box configuration then. That pretty much explains your complete cluelessness in a nutshell.

So what you're saying is a) you didn't actually read what I wrote and b) you have no professional experience at all managing systems ?

Can you suggest a reason why I'd prefer to not lose an easily replaceable OS file over potentially irreplaceable user data ?

Re:When you think "what's the difference" ...

[drsmithy]

If you didn't lose your data, you sure in hell didn't lose the OS when the OS is Linux.

Wow, you really are stuck back in the past. You might be amazed to find out that most malware these days isn't about destroying the system.

Perhaps when you've dragged yourself into the early '90s, you might be able to make some relevant comments.

Keeping data an a seperate drive does absolutely nothing to save it.

It does when you're reinstalling. Which was what the comment was about.

Re:When you think "what's the difference" ...

[Zero__Kelvin]

Your a straight up moron

Re:When you think "what's the difference" ...

[Zero__Kelvin]

"It does when you're reinstalling. Which was what the comment was about."

Right, because I "... might be amazed to find out that most malware these days isn't about destroying the system", but that same malware destroyed the system, but left your user data intact. You can't even keep your own ridiculous bullshit consistent.

Re:When you think "what's the difference" ...

[drsmithy]

Right, because I "... might be amazed to find out that most malware these days isn't about destroying the system", but that same malware destroyed the system, but left your user data intact. You can't even keep your own ridiculous bullshit consistent.

Perhaps you can elaborate why the idea of malware destroying a system but not user data is "ridiculous".

Re:When you think "what's the difference" ...

[Zero__Kelvin]

I could write volumes on why you are ridiculous, but I think I'll just accept that you are bending over backwards to remain clueless and go help somebody who someday wants to have some kind of idea what they are talking about. Later luser.

Re:When you think "what's the difference" ...

[drsmithy]

Your a straight up moron

Gold.

Re:When you think "what's the difference" ...

[dbIII]

There's a lot of very good reasons why we don't run a single user knockoff of CP/M anymore and have gone back to the multiuser system idea that was stalled for so long by MSDOS. It's a step forward not backward.
The majority of the problems in the MS environment today are due to the single user on a single non-networked PC mindset - all that crap that has to run as "Administrator" creates huge security holes that even Win7 can't do anything about apart from nag the user.

Re:When you think "what's the difference" ...

[drsmithy]

There's a lot of very good reasons why we don't run a single user knockoff of CP/M anymore and have gone back to the multiuser system idea that was stalled for so long by MSDOS. It's a step forward not backward.

The difference between a single-user system, and a multiuser system with a single user, is largely semantics.

The majority of the problems in the MS environment today are due to the single user on a single non-networked PC mindset - all that crap that has to run as "Administrator" creates huge security holes that even Win7 can't do anything about apart from nag the user.

How, exactly, do you feel the lack of elevated privileges might stop the average piece of malware from working ?

Re:When you think "what's the difference" ...

[mjwx]

Newsflash (well, more accurately, "Oldsflash")... The vast majority of computers in the world are single user, even though they are running multiuser OSes.

This just in, from 12 years ago. Many PC's are used by multiple persons.

The problem is that many of them just use the same user, this is changing as many people are learning about the basics computer security albeit this is changing slowly. Windows Desktop has been a decent multi-user environment for 8 years now.

Re:When you think "what's the difference" ...

[dbIII]

The difference between a single-user system, and a multiuser system with a single user, is largely semantics. ...
How, exactly, do you feel the lack of elevated privileges might stop the average piece of malware from working ?

Very, very wrong on the first part (consider all of those things the system is doing in the background for example - that's one answer) and poorly informed on the second.
To answer the second question, consider that a major use of malware is to send email. For example if the malware can not get permission to send things out to the ports used by email without elevated privileges then it can't send email.

Re:When you think "what's the difference" ...

microsoft should just put a two user account windows out there, with the administrator one and the p0rn one, the latter data reset at every login.

Re:When you think "what's the difference" ...

[drsmithy]

Very, very wrong on the first part (consider all of those things the system is doing in the background for example - that's one answer) and poorly informed on the second.

Single user and multitasking are not mutually exclusive. Windows 9x and BeOS are two fairly high profile examples of single-user, multitasking OSes.

To answer the second question, consider that a major use of malware is to send email. For example if the malware can not get permission to send things out to the ports used by email without elevated privileges then it can't send email.

Firstly, that would require a simple firewall, not a multiuser OS and elevated privileges. Secondly, if malware can't send email then how can legitimate applications ? If it's a simple user prompt to decide, how can the user determine the difference between legitimate software and malware ?

Re:When you think "what's the difference" ...

[dbIII]

With respect Sir, the single user OWNS the firewall and can do anything it likes with it - thus the malware can do anything it likes with it.
Your complaint was that multiuser systems are an old idea and thus bad, and that somehow the older single user idea is newer and thus good. That argument has no merit at all so if you are going to push this unusual suggestion you are going to have to come up with a good reason. As a not paticularly promising year 8 student I knew about some of the advantages of multiuser systems in the 1980s (Microbee Z80) and do not understand how you can miss the point so badly more than twenty years later typing on a system that can provide you with many examples a few keypresses away.

Re:When you think "what's the difference" ...

[drsmithy]

With respect Sir, the single user OWNS the firewall and can do anything it likes with it - thus the malware can do anything it likes with it.

Actually, no, it's quite possible for the firewall to have its own authentication system.

However, the point is that situation is just like a multiuser system administered by a single, ignorant user.

Your complaint was that multiuser systems are an old idea and thus bad, and that somehow the older single user idea is newer and thus good.

Whoa there, tiger. My "argument" was nothing of the sort. My *point* was that a multiuser system that only has a single user using and administering it does not differ significantly from a single-user system.

As a not paticularly promising year 8 student I knew about some of the advantages of multiuser systems in the 1980s (Microbee Z80) and do not understand how you can miss the point so badly more than twenty years later typing on a system that can provide you with many examples a few keypresses away.

I haven't missed the point of a multiuser system. Quite the opposite. My point is that multiuser systems only provide a meaningful security advantage when they are professionally managed. Security boundaries aren't much of a barrier when the user can be easily convinced to circumvent them.

Re:When you think "what's the difference" ...

[dbIII]

Actually, no, it's quite possible for the firewall to have its own authentication system.

Which of course effectively turns it into a multi-user system only using a different way to do it. Try harder if you want to show your above statements are of any worth.
It's possible we are argueing about different things and you define "user" in your own made up definition as a physical person and not as it has been used in the context of computers for many decades. There is a lot of that sort of behaviour exhibited even by those that have a good enough education to know better.

Re:When you think "what's the difference" ...

[drsmithy]

Which of course effectively turns it into a multi-user system only using a different way to do it. Try harder if you want to show your above statements are of any worth.

No, it does not. No more than installing a telnet server onto Windows 95 turns it into a multiuser OS.

It's possible we are argueing about different things and you define "user" in your own made up definition as a physical person and not as it has been used in the context of computers for many decades. There is a lot of that sort of behaviour exhibited even by those that have a good enough education to know better.

I define "multiuser" the same way computer science does. What definition are *you* using that an application with authentication can make an OS "multiuser" ?

Re:malware...

[icannotthinkofaname]

Almost. I remember skimming over the last two links.

Please, Stop Defending Microsoft

[mpapet]

Win7 has to run on thousands of combinations of HDs, MoBos, CPUs and RAM, and then run thousands upon thousands of programs

Linux distros do this. In fact, much of the same code runs multiple processor platforms with great success. This is not a valid reason to forgive Microsoft.

It was built on a finite budget by a finite team trying to conform to something close to schedule.
As are most Linux distros, the Linux kernel, the BSD teams have schedules too. Lack of resources is not an excuse.

I could go on, but the point here is you are clearly married to Microsoft and are senselessly defending it. That's okay. I hope it works out for you.

Please, understand your thinking around Microsoft versus other OS's is clearly impaired.

Re:Please, Stop Defending Microsoft

[bigstrat2003]

I could go on, but the point here is you are clearly married to Microsoft and are senselessly defending it.

No he's not. At the end of the day, the fact remains that the biggest security hole is something Microsoft can do nothing about. People say shit about "make the user enter an admin password to install software", but ultimately that is just going to irritate most users, who don't want to practice good security. No matter how hard they try, Microsoft can't code their way out of this fundamental problem.

Re:Please, Stop Defending Microsoft

[AP31R0N]

"Please, Stop Defending Microsoft"

i'm defending objectivity and reason.

"Linux distros do this. In fact, much of the same code runs multiple processor platforms with great success."

By what measure of success? Effectiveness, sure. But what is the market share of all the Linux distros put together? What is the ratio of Windows to Linux boxes globally or in the US?

"This is not a valid reason to forgive Microsoft."

Says you. You're omitting how many devices don't work on Linux due to a lack of drivers or simple inoperability with Linux. It's improving, but there's a long way to go.

"As are most Linux distros, the Linux kernel, the BSD teams have schedules too."

How many customers and stockholders do they have to worry about? For every machine running Ubuntu, how many Win7 boxes will there be?

"Lack of resources is not an excuse."

This works because you omitted part of my post. You ignored the whole tall poppy thing.

I could go on, but the point here is you are clearly married to Linux and are senselessly defending it. That's okay. I hope it works out for you.

How does that look to you? Looks about right to me.

"I could go on"

Could you go on without cherry picking and the childish tone?

"but the point here is you are clearly married to Microsoft"

Not at all. i can defend something without being personally involved. Or is anyone who defends gay marriage gay? Do i have to be a woman to defend her right to choose? If MS went belly up before i post this, i wouldn't care a bit. They make a tool/toy. If a better thing comes along i'll be glad to use it. When Ubuntu can run everything as well as my XP rig i'd be glad to switch. It does not, so i haven't. Wine isn't there either. i use as much FOSS as i can.

i do find it offensive when people attack MS without seeing the big picture. On Fark i defend artists i don't like when people attack them without objectivity. MS is easy target. Big, clumsy and slow moving. But it's flaw is its success (ubiquity). The main flaw i find in Linux is the opposite. It's small because it's small. Developers don't want to double their efforts to sell to a handful of neck beards.

"and are senselessly defending it."

Same could be said of everyone participating in an OS holy war thread (or thread tangent;). Give me a Linux vs. Mac thread and it will be all manner of senseless defense. Whatever $otherSide says is senseless nonsense, posted by the clearly impaired.

"That's okay. I hope it works out for you."

This sounds condescending after the tone of the rest of the post. Why did you use double the letters to type OK?

"Please, understand your thinking around Microsoft versus other OS's is clearly impaired."

This comes across as very arrogant. Some day someone will say this about you or something you care about and you'll get why its so annoying. My thinking around OSes is just fine, i just defended something you dislike. It's also a bit internet tough guy.

i said the band you hate isn't so bad/or has problems someone else didn't take into account, so you have to either adjust your thinking to accept that maybe it's not so bad (world shattering!)... or you have to attack me and be dismissive of my claims.

Hell, i didn't even say Windows was perfect, or even good. People tend to latch onto the thing that offends their eye and ignore the rest.

Re:Please, Stop Defending Microsoft

LOL! I sure don't know whether you have won any supporters or "opened the eyes" of the original poster, but I sure enjoyed the fastidiousness of which you dissected his/her rant. Nice job!

For the record: I am not knocking or promoting Windows. I believe that each OS has its own strengths and weaknesses. I am a software developer and I currently develop for, and use, Mac OS X, Windows, and various distros of Linux/Unix.

Re:Please, Stop Defending Microsoft

[supernova_hq]

"Says you. You're omitting how many devices don't work on Linux due to a lack of drivers or simple inoperability with Linux. It's improving, but there's a long way to go."

And you are omitting how many devices work with only "one" version of Windows. I have a brand new laptop which linux runs PERFECTLY on, yet I had to spend 2 days searching just to get any sound or graphics support under XP.

Most hardware works under "A" version of windows. But the stuff that works under linux typically works under "ALL" versions of linux!

Re:Please, Stop Defending Microsoft

[oakgrove]

By what measure of success? Effectiveness, sure. But what is the market share of all the Linux distros put together? What is the ratio of Windows to Linux boxes globally or in the US?

How do you define success? Apparently for you, at least in this context, it's market share. That's a bit spurious considering the fact that Linux is Free. What is the market share of Linux anyway? Probably a lot higher than you realize. Oh, you thought only desktop computers ran operating systems? Ever heard of Tivo? Android? Routers? Embedded systems? Servers? I'll bet if you put every device that runs Linux vs. every device that runs Windows you might be surprised about the "ratio of Windows to Linux boxes globally". Besides, Ferrari has low market share. They're a success right?

Says you. You're omitting how many devices don't work on Linux due to a lack of drivers or simple inoperability with Linux. It's improving, but there's a long way to go.

Linux supports more peripherals than OSX; I don't see you bringing that up? You wouldn't happen to have an agenda would you? Besides, I've installed quite a few Linux boxes in my day. It's the very rare exception that I find a device that doesn't just work out of the box. Contrast this with literally every other operating system ever made. And everytime that has happened, I waited a few months for the next kernel update and it did work. A lot of hardware actually works better in Linux. For example, my Verizon USB aircard. In Windows, you have to wait over 30 seconds for it to do its thing and connect and it disconnects requiring pulling it out and reinserting it about once an hour. On Linux, it connects in about 5 seconds and works perfectly for as long as you want. Funny story, I was at my brother's house a couple of weeks back and his Windows 7 box bluescreened so many times, I lost count. Finally, I was like, dude, what does the error say when it crashes? Come to find out the problem was the USB network adapter he had was crashing his box. Plugged it into my netbook running Ubuntu 9.10 and it worked perfectly.

The main flaw i find in Linux is the opposite. It's small because it's small. Developers don't want to double their efforts to sell to a handful of neck beards.

I don't see Linux's smallness as a flaw. Actually, that tends to increase the signal to noise ratio quite a bit. There are quite a few quality software projects that only develop for Linux and/or OSX and refuse to port to Windows because of the inevitable flood of clueless users that would pull in thus swamping the project in handholding. This is a good example. Very high quality software.

As for the "handful of neck beards" comment, didn't you say something about the supposed childish and condescending tone of the GP? Besides, there are quite a few commercial projects that develop for Linux. But, if you stop and think about it, why would there be large amounts of commercial Linux development in any case? One of the possible reasons developing commercial software is such a niche for Linux is that practically anything you need is in the repositories anyway. And quite a bit of Free sofware spanks the commercial alternatives. K3B smokes Nero. Pidgin smokes YIM, AIM, and MSN Messenger. Firefox and Chrome smoke IE, Opera, Safari, what-have-you. And for the stuff where the Free stuff isn't as good as the proprietary bits, it's still pretty good. OpenOffice is pretty good, GIMP is pretty good, Eclipse is pretty good. Why pay for proprietary software when my needs are already met for free?

Wine isn't there either. i use as much FOSS as i can.

That

Re:Please, Stop Defending Microsoft

Oh, you thought only desktop computers ran operating systems? Ever heard of Tivo? Android? Routers? Embedded systems? Servers? I'll bet if you put every device that runs Linux vs. every device that runs Windows you might be surprised about the "ratio of Windows to Linux boxes globally". Besides, Ferrari has low market share. They're a success right?

I see. So what you're saying is the only place Linux succeeds is where user interaction with the OS directly is not required? Given the unusable and broken desktop environments that come with any desktop distro, its no surprise that nobody wants to use that crappy UI.

Re:Please, Stop Defending Microsoft

Given the unusable and broken desktop environments that come with any desktop distro, its no surprise that nobody wants to use that crappy UI.

Hey, troll.

Re:Last I checked...

[Dog-Cow]

The parent is not a troll. He is an ignorant piece of shit who hasn't used an MS product since 1994.

Re:You've obviously never used a real Linux disty

[maxume]

Try to think of it a little less literally.

Re:System Registry - how it ought to work

[Animats]

Actually, the Registry is a good concept. The Registry is just a file system for little data items. The trouble is that any application can write to any part of it. It lacks a security model. (Yes, you can attach security restrictions to registry keys, but nobody does this, because Windows 95 didn't have that, and applications didn't have support for it.)

The big problem with Windows security is Microsoft never put a security model in place under the concept of program installation. The way this ought to work is that there should be several classes of things one can install. Call them "applications", "plugins", "middleware", and "system modifications".

Installers of "applications" should be limited to writing to the application's subtrees in Program Files, Documents and Settings, and the Registry. Uninstalling an application consists of removing those subtrees. Applications cannot install anything that runs at startup or runs periodically. Most programs (especially games and entertainment apps) should be applications. Under these restrictions, installation of applications is relatively safe, and should be allowed with Power User privileges.

"Plugins" are sub-applications which affect one application. They go in their own subtree under the appropriate application. The application controls their installation, and they can't do anything the application can't do. Browser plug-ins fall in this category if the browser is an "application". If the browser is "middleware" (IE is, but Firefox is not), more privileges are required.

"Middleware" is programs run by other programs, like Java. Changing middleware can affect multiple applications, so that requires more privileges. Code signing is appropriate.

"System modifications", which modify the OS itself and may require a reboot, should require both code signing by a clearly identified party and administrator privileges to install.

Of course, if we had something like that, app developers would bitch that they couldn't load their "phone home for update" service or "prelauncher". Tough. You don't really need to know if ZowieApp needs an update until you run ZowieApp again. And if your app needs to be "prelaunched" because it loads slowly, maybe the problem is that it loads slowly.

Re:Worst. Summary. Ever.

[Volante3192]

1) How is vulnerabiilty to malware not MS's fault?

If someone wrote an application that made a popup every 20 minutes on your linux box that said 'Run TuxAntiVirusPro 2010 now!' and you intentionally executed it, how is that Linux's fault?

There's Lots to be Done

[mpapet]

Microsoft does give away free Anti Virus and Anti Malware and put in UAC.
Despite all of this, it's 2001 all over again. Same security problems, same security model with UAC larded on top, different year.

There is probably little else they can do.
There lots they could have done for their new version OS, but instead they chose to work on DRM. There is no reasonable excuse any more.

RegEdt32.exe

[CrashNBrn]

Or, loadhive.exe (~7kb) (that I downloaded earlier this year). In RegEdt32.exe's case, launch and click over to the HKLM or HKU window, then File/Load Hive and choose a registry.DAT (ie ntuser.dat in a user's home folder) to load. Make changes as needed, and File/Unload hive.

Re:RegEdt32.exe

Thank you all! The registry makes me VERY nervous, and I HATE that it is a cryptic binary file. I just don't understand the logic of it and its being critical to the OS.

I was aware of regedt32's capability to load and unload "hives" but I was afraid to try it. Thank you all again- next time I have a need I will try it. :)

Re:Bzzt!! Wrong Again

The is just the top of my list. I know this because I admin windows 2000 on-up servers as less than admin and run into stupid issues like this *every* *single* *day.*

You should find a different job because you have no idea what you are talking about.

Back to the main story: hidden registry entries suggests what Microsoft critics have been maintaining all along, Windows 8 security is the 2000/XP security model with UAC lard on top.

That's because there is nothing wrong with the NT security model to begin with. The implementation of the model was the problem.

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

"Try to think of it a little less literally."

Doing so, I come to the same conclusion. You said "When users are happy to type "sudo rm ...", it doesn't really matter how impervious the system is.", and I pointed out that on a real Linux distribution it absolutely does matter because the user can't do any damage to the system no matter what they type. You were wrong, so just admit it like an adult and move on. Hell, you might even decide to learn something in the process.

Re:malware...

[sexconker]

To be fair to Ron Paul, all politicians are really horrible, except for Ron Paul.

As if that makes it any better.....

[Tangential]

They put out a system that is inordinately susceptible to malware, but somehow its not their responsibility when the malware damages the system. Its interesting that most manufacturers are viewed as liable when their products are faulty and yet nothing is ever Microsoft's fault. I'll bet that the manufacturers of Polybutyl plumbing pipes, Masonite siding, plenty of cribs and children's toys and asbestos products wish that they could use that defense.

Re:As if that makes it any better.....

[Dog-Cow]

Perhaps it's because you are 100% wrong. That is, you are 100% wrong. But that may not be the reason MS isn't liable.

Re:As if that makes it any better.....

[Tangential]

Perhaps your response would be more intelligible if you wrote it in your native language and ran it through some translation software.

Re:As if that makes it any better.....

[toadlife]

Care to explain how is Windows "inordinately susceptible to malware" compared to other operating sytems with similar feature sets such as OSX and K/Ubuntu?

Re:As if that makes it any better.....

[natehoy]

Ford successfully uses it every time one of their products runs over a pedestrian. The steering wheel does exactly what it says. Turn the wheel left, the car moves to the left. Turn the wheel right, the car moves to the right. Unless you can prove that the steering wheel did something that the user did not ask it to do, and that the problem was a design defect, Ford can express their sympathies to the bereaved family in a totally non-liable way. Meanwhile, guilt is worked out between the pedestrian and the driver of the vehicle, usually with a strong bias toward the driver.

Windows, starting with Vista, does exactly what it says in the UAC warning popup. Click "Yes, please install fluffybunnies.exe", it installs fluffybunnies.exe. If fluffybunnies then moves on to get access to a protected driver, UAC asks again. And if you click "yes" again, it'll do precisely what you are telling it to do. The operating system has no way of knowing that messing with the core system registry is a bad thing under specific circumstances. If you've answered "yes, this software should have access to the core system registry." the OS has to assume that it's OK, because you've told it to. After all, you could be installing a system tool or an antivirus scanner, which can be as invasive as the worst malware but the invasion is generally beneficial rather than harmful. If your Antivirus scanner doesn't recognize the malware, Windows certainly can't.

Plus, I've never heard of anyone who has come down with asbestosis, black lung, severed digits, cancer, or death due to negative impact on a computer system caused by malware. If you've got a decent backup regimen, at worst they'd owe you a reinstall which you can already do with your recovery disk. It'd hardly be worth a court case, and would be handled under small claims court.

Re:As if that makes it any better.....

[Tangential]

Well, if you look at the number of security failures that happen at the OS level (ignoring application bugs) it becomes pretty clear. Windows basic flaw is that it is derived from a single user system. Because of that, MS has always taken kind of a square peg in a round hole approach to locking it down. For years, many DLLs, /had to have/ Admin privileges, just because that's how it had always been. (For that matter, the concept of DLLs and for that matter dynamically linked programs is a serious operational and security hole that /All/ operating systems should dump. RAM and disk are cheap enough and processors are fast enough now that this whole concept should be dumped. Everything should be statically linked and only contain the permissions that the user specifically needs to operate and none of those should be administrative permissions.) This basic, single user concept of an OS should have been dumped with Win95. Sadly it wasn't. Over the years they've added many additional layers of protection, but they've never really protected the box from the basic user. There's really no reason for a regular user to ever need administrative privileges. The OS should be message based and any part of it running with admin privileges should be seriously firewalled and protected by the vendor from anything the user tries to do. This isn't just a Windows limitation, OSX, Linux and many others have it as well. Setting all of that aside, there are literally millions of users worldwide of other (built from the ground up as) multiuser systems (with some of these same limitations) such as IBM iSeries, HP-UX, etc.. and we never hear of these kinds of problems happening. Yet the same users that end up with infected windows systems are using these systems everyday. The big difference is the OS and the design decisions that the OS vendor has made.

Re:As if that makes it any better.....

[toadlife]

Windows basic flaw is that it is derived from a single user system.

Incorrect.

For years, many DLLs, /had to have/ Admin privileges,

Incorrect.

Everything should be statically linked and only contain the permissions that the user specifically needs to operate and none of those should be administrative permissions.

Everything should be statically linked? lol!

This basic, single user concept of an OS should have been dumped with Win95.

It was.

Over the years they've added many additional layers of protection, but they've never really protected the box from the basic user

Actually, they did.

Setting all of that aside, there are literally millions of users worldwide of other (built from the ground up as) multiuser systems (with some of these same limitations) such as IBM iSeries, HP-UX, etc.. and we never hear of these kinds of problems happening.

lol.

Re:As if that makes it any better.....

[cheros]

Wasn't it Ford who calculated that it was cheaper to pay off people than to fix a fuel tank defect?.
You may have accidentally chosen an example that is closer to MS than intended :-)

Re:As if that makes it any better.....

[jpmorgan]

No, he was right. You're 100% wrong.

Re:As if that makes it any better.....

[0ld_d0g]

Windows basic flaw is that it is derived from a single user system.

No, its not. Its really not. You seem like a non-technical user... You should get yourself updated on NT design. A lot has happened this past 15 years.

(For that matter, the concept of DLLs and for that matter dynamically linked programs is a serious operational and security hole that /All/ operating systems should dump. RAM and disk are cheap enough and processors are fast enough now that this whole concept should be dumped. Everything should be statically linked and only contain the permissions that the user specifically needs to operate and none of those should be administrative permissions.)

Wow.. Wait, are you serious? I hope you realize that if we implemented what you're talking about, after fixing a security bug in any library each and every app that uses that lib would require recompiling and pushed as an update for the fix to propagate, as opposed to just updating the dynamic library. Brilliant idea... Gee I wonder why they never did it. :P

One point you may have had with much older versions of Windows, was the retarded notion of keeping the same name for the DLL, regardless of the actual version (partly because of the 8.3 limitation) . But with SxS that problem is gone too. So sorry, there are no major "flaws" with DLLs as of now. Feel free to investigate and report back though !

Re:As if that makes it any better.....

[0ld_d0g]

Except, if you apply a thought, you'd see that hes not comparing companies, hes comparing situations. You see, there is thing called an analogy, might want to look into it. Get with the program. Everything is an analogy these days!

Or should I explain the above in the form of a car analogy?

Re:As if that makes it any better.....

[cheros]

I think I was illustrating that his specific example had a background that wasn't helpful. Hell, I think I might even have used English for that, unbelievable as it appears.

You may thus want to look up irony, here's a link.

Oh, and the short form of "he is" is "he's". Notice the much misused apostrophe.

Windows firewall does not block WGA spyware

[ub3r+n3u7r4l1st]

Windows firewall does not block WGA and Adobe update, which are spyware that can deactivate your software.

ZoneAlarm unfortunately does not support Win7 at this moment.

Nope

[mpapet]

So, don't run Windows with administrative privileges either. It wasn't easy in the early years of Windows 2000 but it is very easy now

This is not true. Many applications Microsoft includes with their OS don't work correctly in less than Administrator mode.

I can't schedule a task in anything less than administrator mode.
File browser doesn't work right when using 'runas Administrator' options as a lower priviledged user.
Windows update doesn't work right at all.

I could go on, but my point is the OS doesn't work like you want it to in order to make some kind of parity claim with your average Linux distro.

Re:Worst. Summary. Ever.

[Dog-Cow]

1) How is being a stupid, ignorant, piece of crap not your fault?

Re:malware...

[howe.chris]

Yes. It sucks when the previous administration makes you a billionaire. Thank you sir may I have another?

Re:Actually yes (but no). OS X is an excellent mod

[canajin56]

That's how it works, except that MS apps aren't treated any differently than third party apps. There's System and Software (And Security and SAM and Users) and they're all separate files, treated as subkeys. And each user also has their own mini-registry they can be written to and read from without needing escalated privileges. Unfortunately, most Windows settings go in Software/Microsoft/Windows, when arguably, they should go in System/Settings or something along those lines. On the other hand, both System and Software require Administrator privileges to access...anyways, the boot process IS free from corruption. It's no different than Linux...if you have corrupted files, X11 might not load, but that didn't ruin your boot...if you don't know what you're doing without a GUI, you're just as hooped, but don't act like your system can no longer boot. Explorer went into failsafe mode, which is way better than it bluescreening.

Re:Last I checked...

[Logic+Worshipper]

Actually it was supposed to be a joke. Whomever modded it down is an M$ fanboy with no sense of humor.

I suppose this is from 1994? I doubt viewing fonts on a Linux system could end up rooting your machine. <bad sense of humor>Some would say that's because one can't view fonts on a Linux machine anyway.</bad sense of humor>

Re:You've obviously never used a real Linux disty

[maxume]

the "sudo rm..." part was intended as a stand in for a user taking a stupid, dangerous action. Surely you do not claim that, lets say, most Linux distribution have actually achieved stupid proofing?

BTW, you are correct about me not running a real Linux distribution, I don't use Linux at all (well, not for day to day pc tasks, I don't have good information about the software running on various devices).

Re:Last I checked...

[furby076]

Is that it, Dad? Did the penguin tell you to do this?

Sounds more like DLL Hell

[erroneus]

Someone installs software into the OS that links itself to the kernel. That software uses an outdated DLL of some variety or another. MS Windows Update comes in and updates this outdated DLL and kills software that was linked to the kernel.

Does that not sound familiar to anyone?

I'm not saying Microsoft shouldn't be able to update things. I am saying 3rd parties shouldn't be allowed to attach things to the kernel as that tends to result in an unstable system. All things that need to link to the kernel should be required to go through Microsoft for inclusion and/or approval.

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

"Surely you do not claim that, lets say, most Linux distribution have actually achieved stupid proofing?"

Yes, that is exactly what I am saying. That is how UNIX, and consequently Linux, are designed from the ground up.

Re:Worst. Summary. Ever.

[mea37]

...and you think that scenario is comperable to the scope of Windows' vulnerability to malware? Haven't been paying much attention over the past 15 years, have you?

How much did M$ pay for the retraction?

[dontmakemethink]

"Honey I'm home! Guess what! Turns out we TOTALLY goofed on that black screen of death thing! Yeah, hard to believe, we checked it like five times and everything. Turns out it was just some malware! Yup, those pesky kids... In other news I bought us matching BMW's!"

Re:You've obviously never used a real Linux disty

[GryMor]

Lets see, OP said "sudo rm ..." not "sudo rm", the ellipsis isn't part of the command, it's indicating that what has been written before it is a prefix sufficient to identify the full phrase/list, one of the more devastating finales would be (written out as a perl string)

"sudo rm -rf /\n$password\n"

Which, if the user knows the root password (and if it's their home PC, they probably will) it's a simple matter of social engineering to destroy the root filesystem.

OP was correct, you just seem to have some misconceptions about what is and is not normal and lack the imagination to complete the OPs command, which would seem to indicate you lack the imagination to recognize the prefix of something dangerous, which is itself dangerous since the suffix can be obfuscated.

Re:You've obviously never used a real Linux disty

[Culture20]

on a real Linux distribution it absolutely does matter because the user can't do any damage to the system no matter what they type.

Have you only used LiveCDs? You do know that root is a user, right?

Re:Last I checked...

Yes, but you can uninstall it. Linix. Would a penguin lie to you?

What the hell is a Linix?

Re:You've obviously never used a real Linux disty

[GryMor]

... right, drink more coke before replying:
s/knows the root password/knows their own password (and has sudo)/

But maybe that isn't actually normal, and every account I've had at every company I've worked at and on my own laptops was set up weird.

But then, I recognize that I shouldn't be entering my password all over the place and should know and udnerstand what I'm running (especially when sudo is involved).

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

In the context we are discussing, root is not a user; root is the system administrator, sometimes referred to as the "superuser" to specifically differentiate it from a normal user in your mind.

Also, on most systems set to boot to runlevel 5 (The GUI), you cannot log in to the WM as root.

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

"But maybe that isn't actually normal, and every account I've had at every company I've worked at and on my own laptops was set up weird."

It is good that you offered the caveat, because your suspicion is correct ... that is not normal. Most systems don't have sudo at all, or only allow system administrators to have sudo access. If you are user, on a properly configured Linux system, then you do not have sudo capabilities. In fact, sudo is short for superuser do . If it was for regular users, it would be called luserdo ;-)

(That last line is a UNIX BOFH joke; don't take it personally)

Who is stupid?

Do you think that is the only way malware finds its way onto machines?

Re:malware...

[Omestes]

Except, of course, when the roots of the problem can be traced back further than the year he's been in office.

Re:malware...

[CmdrPorno]

Exactly. Which means it is Microsoft's fault after all.

Re:malware...

[david_craig]

It's really easy in the UK to get someone to publicly say sorry due to the lible laws. If you are sued for lible you have to prove that your statements are true. It's much cheaper to just apologise than go to court even if the truth is on your side.

I would not be the lease surprised if the apology was the result of a legal threat.

Google McLibel for an interesting case where someone refused to apologise for statements that a reasonable person would consider true.

Re:Worst. Summary. Ever.

I agree with you, even though your summary is bit confusing too.

MS and the malware share blame for this, but the general issue is still very much a Windows

This sounds like a known issue: Malware app modifies registry (improperly), Windows does poor checking of input data ('cause there's *never* corrupted data in the registry), and responds with a scary black screen.
      - I prefer using a simple error message or alert box, but I'm very sure crashing to a big black screen really lets the client know he caused a boo-boo.
      - Dramatic for a small bug perhaps, but very effective!

You can't blame MS for the corruption, but I'd still blame them for very poor handling on the reg key (a known issue that is currently still unresolved, I'm assuming).

Re:Worst. Summary. Ever.

[Volante3192]

Well, I'll be nice and answer your questions despite you not answering mine.

1) No. Did I say it was? No. Did I give any indication that I was trying to make a generalizing sweep of the history of computer vulnerabilities? No. Your topic was focused on this particular incident, and in my personal experience, most bad stuff to hit Windows boxes (that I deal with) are from people who click stuff they should not. If you're going to make statements with such finality, you should expect people to bring up exceptions.

2) Not really; 15 years ago I would have been in middle school and most of my early PC history was "OK, what game can I play next?" I didn't *really* start getting myself educated on things like this until the early XP era. This isn't to say I'm ignorant of Windows' rather unflattering past but I was never on the receiving end of a Slammer, Code Red or Blaster storm.

Prevx apologized

[relaxinparadise]

at least they said they were sorry, better than most

Architecture forces them

[Ilgaz]

Think you are an Application developer for Windows. Your "uninstall code" also has a routine to empty the program's registry entries and switching back the entries you changed at install (file associations etc.) along with its entire "tree" in registry.

For 80% of users, you did a great job. You cleaned up well. For the 20%, they were just "re-installing" or "accidentally clicked uninstall" so they "lost all their preferences!!!".

That is why developers like to leave their prefs behind (exact same thing happens on OS X) but on Windows, it has a effect on overall OS because of a centric database file. On OS X, besides some clutter on disk, nothing changes. That is one of the reasons why "format and re-install" in some period, on same major OS version (10.3,10.6 etc) is considered needless and proven several times to be a pseudo speed enhancement.

I don't either love or hate both operating systems, both of them have their powers. It is just that "registry" which MS _insists_ for some reason which we mortal users doesn't really get. Apple has some similar acts too but not really insisting on them when some alternative/proposal exists. They also prove that even if one changes the entire OS architecture, even the kernel, some kind of backwards compatibility may exist. For example, I was really surprised when I found the reason of this "mini [0x0-0x1b01b].com.operasoftware.Opera[264]: Unknown argument: -psn_0_110619" entry in my system logs. That is some very interesting way of maintaining backwards compatibility. Hell they are still using ":" as directory separator internally.

Black screen of death heh?

Didja try turning the monitor on?

I thought...

[hesaigo999ca]

I thought the new security behind windows7 prohibited anything being able to alter the registry settings without having proper confirmation, as well, if this is the case, then they haven't done their homework, because those keys are not just any keys, they actually are integrated with windows directly and should not be able to be changed regardless if you have admin priviliges or not.

It is so their fault, but now the new thing is being able to push blame on malware, as
a) no one can defend the malware maker's , not even themselves.
b) because most do not know any better, they will dismiss this, and keep on using windows thinking it normal
for malware to be able to change registry settings.

Re:You've obviously never used a real Linux disty

so Um, which linux distributions wont let me delete my home directory?

"Oh Sorry, your entire data is gone. But fear not ! The system is still working ! Yay ! Right? Right? Linux rocks? Right? "

"Arrrghhhhhhhhhh..... fuck you.. "

Go feed your FUD sandwich to somebody else.

Also ironically, the "system protection" you're boasting about for this specific issue relies on RWX permissions. NT has ACLs - yes even on kernel objects, making it, as far as consumer distros go, way ahead of linux in this specific category. Unless you're running SELinux, etc.. Which AFAIK, no consumer distro ships with.

If we could finally read what the heck is happenin

[Ilgaz]

I will have a fresh Windows install tomorrow and I am not taking any kernel level security risks. I will simply enable "system restore" and will just enable all updates automatically installed. I can't really bother with some blaster like issue while Windows only purpose will be firmware updating my devices etc.

Whatever... Funny thing is, we can't even theorize on what is actually happening let alone having a clue about what to do if it happens. Thanks to Slashdot's needless "digg like" random moderation point distribution and horde of MSCE/Mono/Moonlight/Novell whatever commentators, there is a huge noise here.

I can easily talk on such weird issues since I am the person who found a very strange/unthinkable (before) issue hitting a OS X Update causing a black screen like situation myself. All I got from Apple was "thanks", the company who produced the component thanked too and updated their stuff, couple of Mac hint sites found it themselves already and issue was gone, forever. That is the Apple for you. I am still shocked since I was expecting denial, loss of bug reporting account, flames on IRC etc.

It is like parallel universe now, MS and the idiot unpaid Web 2 abusers are in denial mode.

I have some theories on this weirdness but as I am constantly marked troll, I keep them to myself. As someone reported the "screen backlight is turned off but it actually displays things", it became a very interesting thing to follow. Don't be surprised if it has something to do with beta version of a rare GPU driver.

Root of the problem

[Taco+Cowboy]

This little program demonstrate how screw up Windows (any version, including Win 7 ) are !

http://download.sysinternals.com/Files/RegHide.zip

Get the low down on Hidden Registry Keys from http://technet.microsoft.com/en-us/sysinternals/bb897446.aspx

Or test it on your test machine :

http://live.sysinternals.com/Reghide.exe

Re:malware...

what joke?

Shouldn't the registry be safe from this?

[Delgul]

A few points that have to be made here:

1) There shouldn't be a possibility for software to change the registry directly, period.
2) IF there are such ways, who is to say it is malware? Some stupidly programmed regular software could do the trick too.
3) IF this as possible, your system should at least be able to recover from a corrupted registry.

It's all well and good to shift the blame to others, but the problem is still in the OS.

Re:malware...

[Red+Flayer]

It's really easy in the UK to get someone to publicly say sorry due to the lible laws. If you are sued for lible you have to prove that your statements are true. It's much cheaper to just apologise than go to court even if the truth is on your side.

I thought that in the UK, truth is not an absolute defense to libel (unlike in the US, where you can say or write anything you want if it is true). My understanding is that not only must the statement be true, but it also must not be written in an attempt to deceive or mislead.

That said, this apology is probably part of the outcome of an offer to make amends which Microsoft has accepted. UK law provides specific instructions for offers to make amends, accepting those offers, etc... this allows the issue to be resolved without getting the courts involved.

Re:Bzzt!! Wrong Again

[BikeHelmet]

Errors out, with no way to elevate privileges.

Win7 doesn't even have an easy way to do that.

Try running Spybot under a user account rather than Admin. Use the Run as Admin option if you wish. You're locked out from altering startup programs.

RTFA

[jamie(really)]

So, the Registry API allows for non-null terminated strings. Explorer uses the registry. Explorer doesn't check for non-null terminated strings and causes black-screen of death. Seems to be a problem with Explorer to me. And the registry.

Re:malware...

[supernova_hq]

You do not have to prove that your statements were true, only that you believed them to be true.

Re:You've obviously never used a real Linux disty

[supernova_hq]

Yes you can, you just need to enable it. Just because you can't do something by DEFAULT doesn't mean it can't be done 5 clicks later.

Re:You've obviously never used a real Linux disty

[drsmithy]

Yes, that is exactly what I am saying. That is how UNIX, and consequently Linux, are designed from the ground up.

As is Windows. So, what's your point ?

Re:System Registry - how it ought to work

The Registry is just a file system for little data items. The trouble is that any application can write to any part of it. It lacks a security model. (Yes, you can attach security restrictions to registry keys, but nobody does this, because Windows 95 didn't have that, [microsoft.com] and applications didn't have support for it.)

And... we have a winner!

You are exactly correct. The fact that the applications can touch the registry directly is stupid to start with. They should be asking the OS to do the registry changes, but they are instead allowed to directly hack the thing all to hell. Good programs use a standard windows install API which prevents that issue, but most malware doesn't run installers, it just directly edits the thing. Re-tar-ded.

The big drawback to a unified registry (other than a single corruption can bomb the whole thing) is that no application, or the OS itself, knows what is supposed to be in there or not. If each application has its own conf file, then that file as a whole can be audited, and harmful changes can be scanned for and discarded. It also makes versioning much easier- if I want to update one app I only change it's conf file, so if I need to undo that update it's easy.
Another part of that is that if apps misbehave and don't clean up their registry entries, they clutter the whole thing up, and you often end up with orphaned entries. In a conf file setup, those orphans would just be regular files which wouldn't do anything more than take up a little extra disk space.

As for app devs bithcing about launchers, update mangers, etc. the problem is that they actually are installing more than one app on your system, but want to pretend it's still a single app. That behavior needs to change, but they realize that if users could easily ID launchers and update watchers that run outside of the app, they can also easily remove or disable them (the nerve of those users, actually wanting CONTROL over their computer!).

Re:You've obviously never used a real Linux disty

[drsmithy]

It is good that you offered the caveat, because your suspicion is correct ... that is not normal. Most systems don't have sudo at all, or only allow system administrators to have sudo access. If you are user, on a properly configured Linux system, then you do not have sudo capabilities. In fact, sudo is short for superuser do . If it was for regular users, it would be called luserdo ;-)

Why do you think the typical home user desktop is comparable to a professionally managed system ?

Re:You've obviously never used a real Linux disty

[drsmithy]

Have you only used LiveCDs? You do know that root is a user, right?

Root is _not_ a user. Root is a *superuser* - which, by definition, can circumvent the OS's security systems.

This is in contrast to OSes like Windows that have no superuser concept, where 'Administrator' really is just another user, merely one with a bigger list of privileges.

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

No shit sherlock. I can also set a system up so that logging in as supernova_hq makes me UID 0 and root is UID 1001, etc. We are talking about properly secured systems, not systems which have had their properly set up security mangled by a moron.

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

So you switched from "surely your not saying Linux does the impossible" to "Windows does what I said was impossible too!". ROTFLMAO

Re:You've obviously never used a real Linux disty

[Zero__Kelvin]

"Why do you think the typical home user desktop is comparable to a professionally managed system ?"

I don't. I think the typical home system is a piece of garbage designed by Microsoft ;-)

Now a typical Linux home user desktop system, excluding Ubuntu, has all of the security features and settings I described by default.

Re:You've obviously never used a real Linux disty

[smoker2]

The question replied to was a troll. You cannot sudo in most distros, definitely without knowing the root users password anyway. Most linux systems come "properly configured" out of the box. You have to work hard to make them less than secure. Whereas, windows logs you in as admin straight away, until you create another less capable user. In Linux systems, you have to create a standard user before the install is done, and that's who you log in as. Any decent distro would disable root logins anyway. Anybody who wants a root login from the machine can reboot and add "1" to the kernel arguments rather than hacking the user login. You'll need to be able to handle the shell though ...

Re:You've obviously never used a real Linux disty

[drsmithy]

Now a typical Linux home user desktop system, excluding Ubuntu, has all of the security features and settings I described by default.

A typical Ubuntu desktop has the same "security features" as a recent version of Windows and is a minor piece of social engineering away from a malware strike, just like Windows is.

Re:System Registry - how it ought to work

[complete+loony]

The structure of where things are stored in the registry is also an issue. Since registry keys are usually ordered based on how they are used, not which application they relate to. For example HKEY_CLASSES_ROOT/.ext or HKEY_CLASSES_ROOT/CLSID/{class id}.

So installing any application that requires a number of OS services to be able to find it, means you have to pollute all kinds of registry keys.

Re:Bzzt!! Wrong Again

[drsmithy]

Their file browser does not work correctly in less than Administrator mode.
Can't schedule a task in anything less than Administrator mode.
Windows update doesn't work at all in less than Administrator mode. Errors out, with no way to elevate privileges.

These are all false.

I suggest you pursue a new line of work, because you're incompetent at the one you're in.

Back to the main story: hidden registry entries suggests what Microsoft critics have been maintaining all along, Windows 8 security is the 2000/XP security model with UAC lard on top.

Of course it is. UAC is just a UI construct, like sudo or su. The Windows NT security _model_ has not changed since it was fist designed back in the late '80s (or even earlier if you want to count VMS, where it inherited it from), though the UI around it has improved significantly.

Re:You've obviously never used a real Linux disty

[maxume]

"Local System" at least comes close. An Administrator can gain those privileges using something like the following:

at current_time + 1 minute /interactive cmd

(I found that here:

http://support.microsoft.com/kb/926639

)

I don't know the specifics, but I came across that article when I was trying to edit the permissions on a HP printer driver service, they had been set to "D:(D;;DCWDWO;;;WD)" which essentially means "Deny rights to everybody", something the "Local System" account doesn't care about.

Re:System Registry - how it ought to work

[Johnno74]

Actually, the Registry is a good concept. The Registry is just a file system for little data items. The trouble is that any application can write to any part of it. It lacks a security model. (Yes, you can attach security restrictions to registry keys, but nobody does this, because Windows 95 didn't have that, and applications didn't have support for it.)

Um, 100% wrong dude. The Registry uses ACLs, just like the file system. Infact if you edit the registry permissions its the exact same control that you use to edit filesystem ACLs.
And as for "nobody does this"... Try logging onto windows as a non-administrator and editing anything in HKLM. you can't.

The "real" problem is that outside of a large company, all desktop users are administrators.

Re:malware...

Windows 7 runs 80% of XP malware.

This is still Microsoft's fault because malware is their fault. Other systems don't have it. There's no excuse.

Re:Bzzt!! Wrong Again

[Kalriath]

This statement is false. It's vaguely truthful in the sense that these the things mentioned exist, but attempting to use the OS it all falls apart.

Their file browser does not work correctly in less than Administrator mode.

False. Windows Explorer and even old Windows File Manager work perfectly fine with LUA (Limited User Accounts)

Can't schedule a task in anything less than Administrator mode.

True, but not as much of a big deal - it's infrequent for a limited user to need to schedule something

Windows update doesn't work at all in less than Administrator mode. Errors out, with no way to elevate privileges.

False. In Vista and higher, Update works fine in LUA scenarios. For XP and lower, you can elevate privileges with a single right click and a password entry.

The is just the top of my list. I know this because I admin windows 2000 on-up servers as less than admin and run into stupid issues like this *every* *single* *day.*

Apparently you don't admin Windows Server 2008 machines, and do a very poor job of adminning Windows NT4 and higher servers (runas has existed since, what NT 3.51?)

Re:malware...

[Opportunist]

That's pretty much my thought, who made it possible that malware could infect the machine?

Re:malware...

[Thinboy00]

Google McLibel for an interesting case where someone refused to apologise for statements that a reasonable person would consider true.

Wikipedia has the link

Re:Actually yes (but no). OS X is an excellent mod

[drsmithy]

Well, it typically means that one bad file does not screw the entire computer.

Typically, one bad Registry Key won't "screw the entire computer" either.

Let's see you go to the Window's registry and delete everything and continue working.

Try deleting every conf and plist file, and everything in /etc, and see how well OS X works, shall we ?

Re:System Registry - how it ought to work

[Animats]

The Registry uses ACLs, just like the file system.

The Windows 95 line didn't have ACLs, and most XP apps have their roots in Windows 95, not Windows NT.

Not equal

[SuperKendall]

Sure it does. The rough equivalent in UNIX is a SUID root binary.

But the distinction is an SUID binary is an already existing application that's allowed to run as root, not a hole whereby arbitrary code can potentially execute as root. The attack surface is far smaller and more difficult (not to mention that generally SUID things are verboten by the system and easy for automated scripts to destroy as soon as they are found).

Re:Not equal

[drsmithy]

But the distinction is an SUID binary is an already existing application that's allowed to run as root, not a hole whereby arbitrary code can potentially execute as root.

That's the same as the UAC whitelist.

(For reference, I disagree with the UAC whitelist - but it's nowhere near the security hole that the concept of SUID represents.)

The attack surface is far smaller and more difficult (not to mention that generally SUID things are verboten by the system and easy for automated scripts to destroy as soon as they are found).

"Verboten by the system" ? You're kidding, right ? The typical UNIX system would fall apart without SUID binaries - it's one of the standard ways to work around the primitive and coarse nature of UNIX's security model.

Re:malware...

[bemymonkey]

Except Aero. I just tried encoding a video for the first time since switching to Win7 Pro x64, and it turns out that Aero causes temps of 77 CPU (on a 25W TDP P7370!!!) and 86 GPU - on XP (or without Aero), these are 65 and 63, respectively.

And yes, I do categorize software that makes my laptop melt as malware...

You idiot

Erm, that simply suggests that Win7 is pushing your hardware as hard as it can to get the job done asap, which is probably what you want, if you're encoding video.

Oh wait, sorry, you're talking about Microsoft! Yeah, its shit isn't it? LOL, Micro$oft!!!

Re:You idiot

[bemymonkey]

Turning off Aero results in ~10 lower temps... I REALLY doubt that Aero is making my encodes faster by drawing pretty transparent window effects ;)

Re:System Registry - how it ought to work

[Johnno74]

ok, firstly WTF? Most xp apps have their roots in windows 95? Thats not even remotely close to plausible.

And secondly and more importantly an app doesn't need to *support* ACLs in the registry. It asks the OS to modify some key, and the OS will return an error saying you can't do that. If the app can't handle this, then it will crash and burn. Vista actually made the OS more forgiving in this regard, as it can "virtualize" parts of the registry so the app thinks it is writing to HKLM or somewhere, but in reality the changes it makes are visible to that app only. XP doesn't do that.

Update of 11/13

[hidave]

I've been unable to use Microsoft Outlook since the 11/13 update. System Restore didn't help. This is for Vista. I've had to switch to Windows Mail, which is much less user friendly.

Re:System Registry - how it ought to work

[Animats]

The structure of where things are stored in the registry is also an issue.

Which is the real problem. The use of the thing needs to be more structured if it's to be secure. This means getting applications to conform to some standards on what goes where. Windows applications are terrible at that. There are standards on where programs, application data, and temporary files are supposed to go, but they're not consistently enforced. Security requires some mandatory simplicity for things like this. (This, by the way, is why access control lists aren't very useful. They can express any security model, with enough work, work that never gets done.)

Re:malware...

[RobertM1968]

HEY!!!!

Symantec is WONDERFUL!!!

I just learned the other day on some TV commercial that they will protect my chicken from the metal band Dokken!!!! What other AV firm can claim their product does that?!?!?!?

http://www.youtube.com/watch?v=5hsKsUu3Qeo

Norton & Dokken

A very simple example as to why it is not the case

[dbIII]

I see you put no thought into this whatsoever :(
Put a few seconds of thought in there and consider that on a single user system you and the malware own all the system processes and all of the files and have access to all of the hardware. You and the malware can't run the firewall program without the password, but you can kill the process, delete all of its files and run your own. Once you have the concept of file and process ownership to stop this it is not a single user system anymore. Thus you can't have what you are suggesting unless it's all burnt into a ROM and the users application don't have any access at all to portions of memory - an enormous step backwards which is why you are attracting so much attention with your unusual and ill-informed statement.
In other words you are ignorantly advocating going back to something older than those green screens you were whining about because those green screens and the multiuser systems they connected to were old. The Apple ][ and MSDOS were not the good old days and there is no point going back there now that we can pack enormous numbers of junctions on the silicon and run them at high clock speeds.

Re:A very simple example as to why it is not the c

[drsmithy]

I see you put no thought into this whatsoever :(

I've put a great deal of thought into it. You're just too busy discussing what you think I said, rather than what I actually said.

Put a few seconds of thought in there and consider that on a single user system you and the malware own all the system processes and all of the files and have access to all of the hardware. You and the malware can't run the firewall program without the password, but you can kill the process, delete all of its files and run your own.

And on an unprofessionally managed multiuser system it's trivial to convince the user to do the same. Just promise them boobies or some dancing bunnies.

In other words you are ignorantly advocating going back to something older than those green screens you were whining about because those green screens and the multiuser systems they connected to were old. The Apple ][ and MSDOS were not the good old days and there is no point going back there now that we can pack enormous numbers of junctions on the silicon and run them at high clock speeds.

At no point have I argued anything of the sort.

A multiuser system is a technical solution to security. As such, it offers little relief from what is largely the social problem of malware. A multiuser system offers capabilities and features a single user system does not, certainly, but the strengths and advantages of those capabilities and features evaporate very quickly when an ignorant administrator is put in charge of leveraging them, as is the case with most of the world's multiuser systems.

Re:malware...

[HermMunster]

Does mocking Windows make you anti-malware?

Re:A very simple example as to why it is not the c

[dbIII]

I see the problem and where you do not understand.
You are blaming the user for a failure of the developer. The "dancing bunny" problem only occurs on "unprofessionally designed" (to borrow your irrelevant phrasing) multiuser systems. With decades of poor interface design we have also trained the users to click "OK" when confronted with confusing messages. Through some odd perversion of logic you wrote that because this happens on one multiuser system the entire concept is bad.
I suggest taking a more mature attitude and considering what you are writing instead of this ill-informed blame game on something that is clearly so far outside of your chosen fields of interest that you have not even attempted to grasp the basic concepts. Your twin assumptions that the OS files are static (you have forgotten that various files define how the computer is configured so you can actually use the thing) and that malware will play nicely with you and not disrupt or hide in your own saved files demonstrates this very clearly, along with your odd comments about green screens.
The malware plague is not a user problem. The same users have mobile telephones with more computing power and better internet connectivity than the best MS systems in use when this malware plague started. Their phone are not part of botnets so you need to consider it more deeply than just quoting the silly "dancing bunnies" excuse peddled by software developers that wish to be called engineers but put less consideration into their work than a basket weaver.

Re:A very simple example as to why it is not the c

[drsmithy]

I see the problem and where you do not understand.

No, you don't. I say this with confidence, because I can see you are still arguing against something you *think* I wrote, not what I actually did.

You are blaming the user for a failure of the developer. The "dancing bunny" problem only occurs on "unprofessionally designed" (to borrow your irrelevant phrasing) multiuser systems.

Rubbish. It's inherent to requiring the ignorant to make intelligent decisions with neither the knowledge now experience to do so.

With decades of poor interface design we have also trained the users to click "OK" when confronted with confusing messages.

The use of generic terms like "OK" in dialog boxes is not ideal UI, but it is far, far from a root cause. Users are not "trained" to click OK to get rid of confusing messages, they are "trained" to click whatever button both gets rid of the confusing message and gives them the result they want. Whether it says "OK" or "Let this application access my address book and send mail", they're going to hit that button if it lets them see the dancing bunnies.

Through some odd perversion of logic you wrote that because this happens on one multiuser system the entire concept is bad.

At no point, in this discussion or any other, have I even *suggested* "the entire concept [of a multiuser system] is bad", let alone stated it outright.

I suggest taking a more mature attitude and considering what you are writing instead of this ill-informed blame game on something that is clearly so far outside of your chosen fields of interest that you have not even attempted to grasp the basic concepts. Your twin assumptions that the OS files are static (you have forgotten that various files define how the computer is configured so you can actually use the thing) and that malware will play nicely with you and not disrupt or hide in your own saved files demonstrates this very clearly, along with your odd comments about green screens.

Firstly, saying the OS files are "essentially static" is not an assumption, it is a statement of fact (trivial example: if OS files were dynamic, then things like read-only network-booted systems would not even be possible, let alone practical (and in the UNIX world, relatively common)). The vast bulk are rarely modified - especially in day to day use - and can be either streamed back off a read-only media or downloaded from the internet in a matter of hours, if not minutes. System configuration in modern OSes is nearly completely automatic, and user preferences are part of the user's data, not the OS's.

Compared to user data, which is not only extremely difficult - if not impossible - to recover, but also has change patterns that are both relatively frequent and of high importance - OS files are most certainly "essentially static".

Secondly, I have made no assumptions that malware will not "hide" in user data - my statement was purely about the relative value of system files (very low) compared to user data (very high). Whether or not said user data may also host malware is an entirely separate issue.

The malware plague is not a user problem.

The vector for most malware infections is user interaction, and the proportion of malware infections caused by unpatched vulnerabilities is tiny.

The same users have mobile telephones with more computing power and better internet connectivity than the best MS systems in use when this malware plague started.

Oh, rubbish. Malware has only really been a problem since the early 2000s (late 90s at most), and even in 1999, I had a Windows PC with two CPUs, a gig of RAM and multi-megabit internet connectivity, easily 3-4x the power of my Droid.

Their phone are not part of botnets so you need to consider it more deeply than just quoting the silly "dancing bunnies" excuse peddled by software developers that wish to be called engineers but put less consideration into their work than a ba

Re:A very simple example as to why it is not the c

[dbIII]

Your first problem is that you are not viewing the situation from an end-user perspective

No, your problem is that you are refusing to look at this from a technical perspective yet you are providing technical solutions which of course make no sense because they are cargo cult knee jerk reactions.
Your assumption that your MS Windows registry files for example are trivially replaceable shows that you are way out of your depth on this one and would be far better off arguing about something you know about instead. That is why I've kept this going so that people are not tempted to follow the advice of an overconfident idiot.

Re:A very simple example as to why it is not the c

[drsmithy]

No, your problem is that you are refusing to look at this from a technical perspective yet you are providing technical solutions which of course make no sense because they are cargo cult knee jerk reactions.

I haven't "provided" any solutions at all.

You really aren't reading anything I write, are you ?

Your assumption that your MS Windows registry files for example are trivially replaceable shows that you are way out of your depth on this one and would be far better off arguing about something you know about instead.

They *are* trivially replaceable. In the worst case, a system can be reinstalled in a few hours.

That is why I've kept this going so that people are not tempted to follow the advice of an overconfident idiot.

I haven't offered any advice, and I certainly haven't done so "overconfidently". Much like you haven't addressed any of the points in my responses.

Windows Black Screen Prevention Solutions

[Dr3w$k!]

After having done some testing, and having other esteemed professionals verify the test results, we've come up with two methods to PREVENT this malware induced issue from occurring: Solution 1: http://www.apple.com/mac/
Solution 2: http://www.ubuntu.com/

  * Please be aware these solutions have not yet been approved by Microsoft. Use at your own risk.