Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft a Weak Link In Possible Cyber War

Posted by CmdrTaco on from the almost-as-bad-as-hfcs dept.

climenole writes 'Microsoft has vast resources, literally billions of dollars in cash, or liquid assets reserves. Microsoft is an incredibly successful empire built on the premise of market dominance with low-quality goods,' says former White House advisor Richard Clarke in a recent book. Microsoft makes the list of risks because so many people have installed its software for critical systems.

24 of 371 comments (clear)

  1. Microsoft's Business by HeX314 · · Score: 5, Insightful

    One of my computer science professors once stated, quite succinctly, that Microsoft was not in business to make a quality operating system (or quality product). They are in business to make money.

    On a related note, if they were in business to make a quality operating system, they would have a tough time selling "upgrades."

    1. Re:Microsoft's Business by Em+Emalb · · Score: 4, Insightful

      The entire point of starting a business is to make money.

      This is false. While a company needs to make money to be successful, this is not the only reason for a company to exist. And I thought I was jaded.

      --
      Sent from your iPad.
    2. Re: Microsoft's Business by Black+Parrot · · Score: 4, Insightful

      Linux may have some technical merit, but is a mess where people without advanced computer skills are left in the dark.

      The same can be said of Windows. People ask me for help with their Windows computers all the time, but I can rarely help because I don't often use anything besides Linux, and contrary to what you'd like to believe, there's nothing inherently intuitive about the way Windows works.

      --
      Sheesh, evil *and* a jerk. -- Jade
    3. Re:Microsoft's Business by TheRaven64 · · Score: 4, Insightful

      The level of complexity between Windows and OSX is incomparable. OSX works on like 5 hardware configurations, while windows will run on pretty much any hardware

      Yup, OS X only runs on three hardware platforms; ARM, PowerPC, and x86. Five if you count the 64-bit variants of PPC and x86 as different. Windows runs on x86, x86-64, and PowerPC (XBox). It used to run on MIPS and Alpha as well, but hasn't since NT 4.

      Or are you talking about device drivers? Because I hope that you realise that most of these are provided by the hardware manufacturers, rather than by Microsoft. So, your argument for Windows' superiority is that more third parties support it? That's certainly a valid reason for using it, but not really an indication of its intrinsic quality.

      --
      I am TheRaven on Soylent News
    4. Re:Microsoft's Business by Captain+Splendid · · Score: 4, Insightful

      The entire point of a business is to provide goods and services for money. Otherwise you're running an NPO.

      No, the real world's not binary like that. Plenty of people running businesses not just (or not at all) for the money. Yes, the balance sheet at the end of every month needs to be right, but there's a huge difference between lots of profit, and enough to get by.

      --
      Linux, you magnificent bastard, I read the fucking manual!
  2. Re:He said what? by decipher_saint · · Score: 5, Funny

    *in deep trailer-guy voice*

    "In 2010; Chairs WILL be Thrown"

    --
    crazy dynamite monkey
  3. It is simple Darwinism by filesiteguy · · Score: 4, Interesting

    If you look at any ecosystem, you'll find that there are pests trying to gain a foothold into that system by exploiting a weakness. If there is only one type of organism, the pests will adapt and exploit the weakness of that organism. This is why you need ever more powerful pesticides when cultivatign monoculture crops such as corn, wheat or even soybeans.

    Same goes for ecosystems of comptuers. Given 90% are running Wintendo, you find that the pests (virus and other exploit authors) take adavantage of that monoculture. The weaknesses are then exploited and have to be "patched" in order to ensure survival of data and/or systems.

    Given an ecosystem with multiple operating systems - Windows, Linux, Unix/OSX, zOS - you'll find a greater ability to defend against continual threats.

    --
    The Kai's Semi-Updated Website Thingy
    1. Re:It is simple Darwinism by betterunixthanunix · · Score: 4, Insightful

      There is more to it than that. A very carefully managed Windows system can certainly withstand a number of attacks, just like a carefully managed *nix system. The problem is that most Windows systems are not carefully managed, and a carelessly managed Windows system is much more vulnerable than a carelessly managed *nix system. Windows started out as a single user OS, and even though the NT kernel has everything necessary to support multiuser setups, it is very difficult for Microsoft to push better security as the default in Windows -- there are just too many people who have a habit of doing everything as "Administrator," and too much software the relies on that sort of behavior. Things have started to change, but Windows XP is still widely deployed.

      Really, if Microsoft wanted to, they could start marketing an OS designed for security sensitive environments (perhaps with a compatibility mode that allows Windows software to run in some kind of VM), and leave Windows as a "home PC" operating system. The fact that they are not doing anything like that, despite the fact that MSR developed such an OS, speaks volumes about Microsoft's priorities.

      --
      Palm trees and 8
    2. Re:It is simple Darwinism by TheCarp · · Score: 5, Insightful

      I would submit that most non-windows systems are also poorly managed.

      The difference is monoculture vs diversity. Look at windows users, and you will find lots of people using the same tools. Outlook, as soon as a company installs exchange you can be sure that the vast majority will be using outlook to connect to it. You find a vulnerability in outlook, or word, or a system service, and you can suddenly hit huge swaths of machines.

      Now, Unix? You have multiple hardware architectures, distributions of even similar systems like Redhat and Debian Linux have made different choices for default daemons for various services. A hole in pine or mutt may not effect evolution users, or thunderbird users.

      So in addition to a smaller audience, you get a smaller percentage of that audience.

      to put it in business terms, the ROI of windows vulnerability exploits is just higher. That is, unless you are targeting a specific system, in which case, well, I know that where I work, many more windows servers exist than the entire unix environment, but, the Unix environment has a higher percentage of the mission critical (or more to the point, patient care critical) servers.

      So thats not to say there isn't definite ROI on such attacks, it can even be higher. However, I don't think that such attacks realy factor into this discussion since specific attacks on specific machines for their content is the exception rather than the rule for most systems/users.

      -Steve

      --
      "I opened my eyes, and everything went dark again"
  4. Summary misdirected by ATestR · · Score: 4, Insightful

    For once, I RTFA. The summary seemed interesting. However, the FA was even more interesting, although it had little to do with all the money that Microsoft had in its back pocket, and how it's market dominance was based on low cost products.

    The main thrust of the FA, for those of you who don't want to click the link, is that because the Windows OS is so prevalent in civilian and corporate usage, a Cyberattack could devastate the economy (and western civilization).

    --
    âoeAny society that would give up a little liberty to gain a little security will deserve neither and lose both.
    1. Re:Summary misdirected by Bert64 · · Score: 4, Informative

      While true, by the time MS became an expensive option it no longer mattered - millions of people were already locked in.

      Back in the days, MS (and the cheap hardware they ran on) were a cheap option compared to Novell, Sun, DEC, SGI, IBM, Apple and all the other highend vendors... MS and x86 were massively inferior to everything else on the market, but with such a huge price differential they were able to make it up on volume...

      Ford cars are clearly inferior to Rolls Royce or Ferrari, however you see a lot more Fords on the roads for the same reason. However, cars are standardised enough that its impossible to lock someone in, thus ensuring there is a healthy level of competition in the industry.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  5. I disagree by 2names · · Score: 5, Insightful

    I am not a Microsoft fan, but I believe the weak link has much more to do with the meat sitting in front of the computer than the software on the computer.

    --
    "I'm just here to regulate funkiness."
  6. Re:He said what? by StuartHankins · · Score: 4, Insightful

    If Microsoft execs aren't already aware of that, they should be fired. Part of managing a company is knowing your weaknesses.

  7. Re:He said what? by siloko · · Score: 5, Insightful

    Part of managing a company is knowing your weaknesses.

    Knowing your weaknesses is not the same as having them advertised to the world by a White House advisor!

  8. Clark is all right by Rogerborg · · Score: 4, Informative

    Remember, he was the guy who warned Rice and President Cheney about an imminent Al Qaeda attack. Or depending how you view it, failed to convince them of it. Still, as ass covering goes, his was iron clad.

    --
    If you were blocking sigs, you wouldn't have to read this.
  9. Interesting by DaMattster · · Score: 4, Insightful

    All of the money spent on lobbying the government against using Linux would have been much better spent on developing a reliable, secure operating system. The shortsightedness of large corporation never ceases to amaze me. Since they spent all of this money on lobbying, which ultimately was unsuccessful, they had to spend money on securing Windows anyway. So, Microsoft spent a large sum of money in total, when they could have just made a better product to being with.

  10. Re:He said what? by M.+Baranczak · · Score: 5, Informative

    Clarke is not on the "White House team". He retired a few years ago. Come on, people, would it hurt you to at least read the summary?

  11. Re:He said what? by causality · · Score: 4, Insightful

    No, there's a big difference. If he was a current government official, then the statement would represent a government policy.

    "This company dominated the market with low-quality products" is not a policy. It is an observation. It's true or it's false no matter who says it or how "official" they are. Try thinking for yourself and being less impressed with authority.

    --
    It is a miracle that curiosity survives formal education. - Einstein
  12. Re:Microsoft Weak Link ... by 1s44c · · Score: 4, Insightful

    Film at 11.

    I mean, seriously, it's the most widely used OS on the planet. It's also the most likely target.

    That's a flawed argument. It isn't bad because lots of people use it, it's bad because it's bad.

  13. Re:Windows is widely used where it matters by causality · · Score: 4, Insightful

    Compared to home desktop PCs, servers are more likely to be administered by someone with a clue about locking down and updating the system.

    Most of whom choose a non-Windows OS. When people with a clue avoid something and people who don't know better flock to something, it says a lot about that something.

    To put it another way, I have never met a person who was highly competent with using Windows and also highly competent with using a Unix-like OS (Linux, *BSD, etc) who still preferred Windows. I'm sure someone will pipe up now that I've posted this but the point remains, such people are quite rare. Your preference for one thing is meaningless if you are not at least as familiar with an alternative.

    So barring a security hole in something like a home router appliance, desktop PCs running Windows are likely the juiciest targets for establishing a botnet.

    Actually a beefy *nix server with extremely high bandwidth, multiple CPUs, and multiple gigs of ram is the juiciest target to be a member of a botnet. It's also a lot more difficult to compromise. Windows PCs are not the juiciest targets. They are the low-hanging fruit that can be harvested in large numbers with automated tools, making it not worthwhile for the botnet owners to spend too much effort taking over any one target no matter how tempting it is.

    --
    It is a miracle that curiosity survives formal education. - Einstein
  14. Re:Windows, vs. LINUX, vs. MacOS X (security vulns by oakgrove · · Score: 4, Insightful

    Linux 2.6x KERNEL SECURITY VULNERABILITIES

    It doesn't make sense to compare a line of kernels dating back to 2003 to an operating system that came out last year. The 7 kernel is just a derivative of the Vista kernel, for example. And in '03, XP was still going strong. Furthermore, 2.6 or whatever is just a name. I am running 2.6.32. How does the NT 6.1 you are presumably running compare to that?

    --
    The soylentnews experiment has been a dismal failure.
  15. Re:He said what? by erroneus · · Score: 4, Insightful

    Could it be that someone "out of office" is the only one with the freedom to say such things in public? Anyone in office would fear for his job. It would be my guess that this statement was desired and even requested by people in office. Who better than someone who once held the seat (read: an expert on the topic) and someone who has nothing to lose (read: already out of office).

  16. Re:Windows, vs. LINUX, vs. MacOS X (security vulns by erroneus · · Score: 4, Informative

    It's a frequently used troll post. It has been completely debunked in the past several times. All of the critical bugs listed for the Linux kernel, for example, were local exploits only -- NONE were remote. In contrast, Microsoft's exploitable bugs are famously remote exploits meaning they can be done over a network connection. Mac OS X is another bag of worms... but thankfully, Apple controls and limits its users such that it will never be big or ubiquitous enough for large scale general use like Windows and will never likely get used in critical government or business operations.

  17. Re:Windows is widely used where it matters by eth1 · · Score: 4, Insightful

    To put it another way, I have never met a person who was highly competent with using Windows and also highly competent with using a Unix-like OS (Linux, *BSD, etc) who still preferred Windows. I'm sure someone will pipe up now that I've posted this but the point remains, such people are quite rare. Your preference for one thing is meaningless if you are not at least as familiar with an alternative.

    OK, I'll bite :)

    Most people that are competent couldn't answer the question "Do you prefer Linux (etc.) or Windows?" (unless the answer is "both"). It begs the question, prefer it for *what* exactly? At work, I have both Windows 7 and Ubuntu systems at my desk running Synergy. I use whichever one happens to be best suited for my current task. Same at home, except that the Linux box has been decapitated and shoved in a closet. I prefer windows (7) on the computer I sit at at home, because in my experience, I spend far less time screwing with it trying to get stuff to work (Mac might be an option, if it wasn't for games).