German Government Warns Windows 8 Is an Unacceptable Security Risk

An anonymous reader writes "Die Zeit has access to leaked documents from the German government warning that Windows 8 is an unacceptable security risk for sensitive workloads. The story is written in German here, but automatic translators (such as Google Translate) do a readable job. Particularly of concern is the inability to opt out of TPM 2.0 usage."

This is known

[ciderbrew]

Windows has always been a Security Risk.
Danke.

Re:This is known

Except in the last few months we have had complete and utter proof we are no longer paranoid enough of U.S.A. intelligence agencies and their co-opting of U.S.A. companies to do their work for them.

At this point we can completely trust that Microsoft Windows is and will be used for industrial and governmental espionage activities by the U.S.A. intelligence agencies.

Re:This is known

Always a security risk, and not intuitive at all. Prone to malware, and needing constant patching to the spaghetti code that lies under it all.

Re:This is known

It really isn't all bad, it created a need for multiple virus and malware businesses.
And untill Win8 has always helped chip companies to sell faster processors to deal with the increasing slowiness for each version of Windows.
Oh..right... maybe it sucks.

Re:This is known

When you're a government, there's a difference between a product whose bugs can be mitigated with sufficient money thrown at security vendors, and a product that by design keeps control in the hands of a company whose government has a known history of spying on you. The TPM in Windows 8 is the latter.

Re:This is known

[spire3661]

It bothers me that you still call it 'paranoia'. WE weren't paranoid, they really were doing bad shit.

Re:This is known

[DickBreath]

Are you trying to suggest that an OS from Microsoft would have debug identifiers called NSAKey? Surely such a thing would never happen.

Re:This is known

[SuperTechnoNerd]

It's one big trojan.

Re:This is known

[Luckyo]

If anything, most of the people who got called "paranoid" were actually too conservative in their estimates. That's the scariest part about it.

Windows is an option today - not an requirement

[madsdyd]

Good thing alternatives exists.

I am not advocating they should "just change". I am just saying that on a personal level I am very happy that thrustworthy alternatives exists, and that Windows (no longer) is an requirement at the workplace or at home, but just an option.

Thank you, Stallman, Linus, and all you other people around the world, who have used your time to provide us with these alternatives.

And, yes, I know some people will claim that Windows is an requirement for the specific uses you have. I don't really care - for the wast majority of computing users around the world, Windows is an option, not an requirement. And, I am happy for that.

Re:Windows is an option today - not an requirement

It's telling that around here Stallman and Linus are mentioned before Richie and Thompson.

It's be like me thanking the Lougheads and forgetting Ader, Whitehead and the Wrights.

Typical misleading Slashdorks.

Re:Windows is an option today - not an requirement

[inking]

Considering that the vastest majority of users have very basic needs--to quote someone I knew "I need to be able to use Facebook and the Internet"--modern Linux distributions and probably OSX are actually a better solution for them than Windows due to the simple fact that they are currently significantly less likely to get malware and thus break them.

Re:Windows is an option today - not an requirement

The license of Unix we use costs about $20,000 for the number of users we have.

Not practical for most people. Thank the people who make it practical. It's you who is wrong, not him.

Re:Windows is an option today - not an requirement

[RotateLeftByte]

Balmer is that you?

Re:Windows is an option today - not an requirement

[blackest_k]

I'm not so sure if running Linux would be any safer with a machine that has the trusted computer module built in. Does it even need to be a separate piece of silicon or could it be built into the cpu?

Maybe intel inside, might at some point change meaning and at what point does this occur ten years time, now or already?

Maybe Germany might create a demand for non trusted computers but would they keep them clean or just put in their own backdoors?

    Ok we know that the USA spies on everyone even their own, but lets not pretend it isn't happening all over the world. Name a trustworthy Government any where.
     

Re:Windows is an option today - not an requirement

[Pi1grim]

Yeah, because BSD worked out so nicely for FreeBSD and others in the family. And BSD community is now thriving, thanks to all the commits and return of code from the most open OS - iOS and OS X. Oh, wait, they don't? Ah, who cares about facts, when I can throw dirt at GPL, because those dirty programmers won't let me take the source add some stuff for incompatibility and then sell it off as my own, without sharing source code with the users, they 're clearly infringing on my entitlement to their work.

Re:Windows is an option today - not an requirement

[gmuslera]

Try to buy today a computer/notebook that don't includes Windows 8, even gets bricked if you try to use something else, and that the manufacturer refuse to support if you installed something else on it.

In the other hand, this should improve the selling of the ones that are open regarding that (i.e. that you can install Linux on it with all the hardware working, and that gets manufacturer support even if you do so), and put the ones that went fully on Windows 8 in even more troubles. Hope that most governments do the same recomendations.

Re:Windows is an option today - not an requirement

[Cassini2]

The concept behind TPM could work really well, if every user compiled their own operating system, and set up the unique keys such that only their code was trusted. Thus, every user would have complete control over all the source and binary software on the system. Even in a business environment, if at least the business was in complete control of all of the source and binary software, then TPM would be of some use.

The problem is that Microsoft wants to use TPM to play a bunch of DRM movies. The DRM schemes are inherently insecure, so Microsoft opens its security window accordingly. The result is that Microsoft's security model becomes "trust Microsoft, the NSA, movie companies. music companies, game companies, and etc", with no one knowing who the "etc" is. As such, from a secure systems perspective, the resulting DRM operating system has no obvious chain of accountability. Worse, any lesson in security starts with "never trust the vendors default installation." DRM assumes "never trust the customer." With the end result being that no one trusts anyone and TPM can never be secure (with commercial closed-box software.)

For TPM to truly deliver on its security promises, everyone needs to switch to open source software where everyone compiles unique binaries with custom keys. Microsoft will never do this.

Re:Windows is an option today - not an requirement

[MightyMartian]

Well, I guess I can always buy a Chromebook.

Re:Windows is an option today - not an requirement

[jmrives]

Perhaps, you need a lesson in history. The earliest Unix that came out of Bell Labs -- thanks to people like Richie and Thompson -- was essentially given away to Universities for free.

Re:Windows is an option today - not an requirement

[Karzz1]

....was essentially given away to Universities for free.

Actually it was licensed with the source code to Universities. This was still a proprietary license and the Univerities could not re-distribute except under certain conditions. This licensing was what lead to the lawsuit between Unix System Laboratories (USL) and the Univerity of California, Berkeley when the USL attempted to claim all the changes that UCB made to the source belonged to USL. There was a settlement behind closed doors, however as part of the SCO lawsuits I believe the terms of this agreement were made public.

Interesting read on this here.

Re:Windows is an option today - not an requirement

[unixisc]

But would require CS majors to know how to work them, and was not available on normal PCs, which were too weak then to run Unix. So anyone who could afford PCs would then need DOS, and then on top of that, things like WordPerfect, Lotus or dBase. So it's indeed the explosion in the usage of Linux that's made this possible.

Linux has also lowered the usability bar. With Unix, one was stuck with Bourne Shell or C Shell, and could only enjoy GUIs like OpenLook or Motif if one was at a company or university that had installed workstations from Sun, DEC, SGI, et al. With Linux, GUIs like KDE had been the default from day 1, and now there's a bonanza of them - GNOME, LXDE/Razor-qt, XFCE, Unity, Cinnamon, et al.

Re:Windows is an option today - not an requirement

[Billly+Gates]

... is an requirement for the spacific uses you have. I don't really care - for the wast majority of computing users around the world, Windows is an option, not an requirement. And, I am happy for that.

That is a frankly bold statement!

True that is starting to change thanks to web 2.0, HTML 5, cloud services, and PDFs replacing .docs in some areas.

But outside of slashdot, this would be modded down or have a million different responses.

As a linux geek are you positively absolutely sure you do not at least need a VM of Windows? What if a headhunter calls you and wants your resume in a .docx format because the client uses some statistics software searching for keywords?

What if you have a customer who wants a pretty brochure in a nice adobe or publisher format? Will it look like crap made in numbers or LibreCalc? How do you know that document wont have the margins and formatting messed up? Oh, billly send it as a PDF YOU MORON. Oh wait Officedepot needs to edit and trim some whatspace around that business card. Yes that actually happened to me and I sent them as publisher files for now on.

Same with resumes where HR loves .doc formats so they can highlight them and pass multiple versions with each other.

That my friend is a non niche general use applicable to every white colar job out there.

If you design websites Windows is a requirement! If you do advertising and marketing then Windows and or MacOSX is a requirement! If you are an accountant Windows is a requirement!

If you say I use Wine or use VirtualBox/VMWare then what you are saying is YES windows is a requirement, but I prefer Linux anyway. Not technical people have real issues with launching a VM as they do not know what it is and it is a confusing process.

This is why the corps are keeping XP instead of using XP Mode inside Windows 7. The calls to helpdesk would shoot through the roof otherwise as users do not know what this is and look for cute text around an icon for their win32 apps.

TPM is great for security so I do not understand the article. Yes DRM haters despise it, but corps and governments should love it?!

Re:Windows is an option today - not an requirement

[unixisc]

They do get returned code, particularly from vendors who want it merged into the main trunk, so that they don't have to maintain separate forks. Apple does that, Juniper does that, and so do a lot of other companies. With BSD, the contribution is genuinely voluntary, so that organizations only contribute when it's a win-win situation, and not because they have to. With GPL, it's a win-lose situation - win for the end user, as well as for the original software writer, but a lose for anybody in the middle writing improvements that then have to be practically given away.

Re:Windows is an option today - not an requirement

[nonicknameavailable]

They can't do that in Sweden.

Re:Windows is an option today - not an requirement

[Billly+Gates]

Funny when Vista came out they started selling XP units at all the major retailers by the following fall.

Not this time around and I wonder if MS is forcing OEMs not to bundle Windows 7 on these f*cking lines. I know at my bestbuy MS ordered the destruction of all copies of Office 2010 and Windows 7. Not sell them at a discount but actually destroyed them in a trash compatactor!

MS wanted to sell Windows 8 and ugly Office 2013 only. ... wait what do you mean you do not want to leave XP?! Oh how could this happen etc.

Re:Windows is an option today - not an requirement

[sjames]

It's not a matter of forgetting, we all know who invented Unix. We also know that until Stallman and Linus, Unix in it's various commercial flavors was a fantastically expensive OS that was entirely out of reach for most and BSD was so thoroughly tied up in legal wrangling that it might have gone *poof* any day.

So yeah, without Richie and Thompson there would be no nix, but without Linus and Stallman it would be several times more expensive than the hardware.

Re:Windows is an option today - not an requirement

[CodeOmar]

The problem isn't that Apple doesn't contribute their improvements; they do and even release some of their own innovations as open source. The problem is that the Linux kernel gets more attention because a lot of people pay attention to it (i.e. the same reason anyone uses Windows). Had the BSDs not had legal troubles in the 90s, Linus would not have even bothered writing Linux in the first place. GNU would either be a footnote in history, Hurd would actually be complete, or everyone would be using GNU/BSD instead (which actually exists, but isn't used much due to Linux having better hardware support because). There is nothing technically or legally superior about the GPL, it just looks nicer/worse to lawyers from different groups.

Re:Windows is an option today - not an requirement

[davester666]

So you bought a 1 user license...

Re:Windows is an option today - not an requirement

[You're+All+Wrong]

> What if a headhunter calls you and wants your resume in a .docx format because the client uses some statistics software searching for keywords?

I've said "no". Plain text, simple HTML, PDF at a stretch. If you can't work with that, I can't work with you.

Re:Windows is an option today - not an requirement

[Darinbob]

You think that's bad, my captcha was schaudenfreude!

Re:Windows is an option today - not an requirement

[Cacadril]

Libreoffice can save files in .doc and .docx format.

Re:Windows is an option today - not an requirement

[oreiasecaman]

With GPL, it's a win-lose situation - win for the end user, as well as for the original software writer, but a lose for anybody in the middle writing improvements that then have to be practically given away.

No such improvements would be possible if the original code wasn't there in the first place

Re:Windows is an option today - not an requirement

[Billly+Gates]

Shit even word doesnt support doc files fully!
Different versions of Windows running the same version of office put different margins on my resume. Libreoffice is a seperate can of worms and I run virtual machines to make sure it looks the same. I feel sorry for the document foundation to work with such a crappy product standard but its the glue that locks people in.

What we need is short of a revolution like a cross between the opendoc format and pixel accurcy of pdf with an add on for Office. After that then I wouldnt have to pay $250 for Office and macosx and Windows

Re:Windows is an option today - not an requirement

[Burz]

Linux has also lowered the usability bar. With Unix, one was stuck with Bourne Shell or C Shell, and could only enjoy GUIs like OpenLook or Motif if one was at a company or university that had installed workstations from Sun, DEC, SGI, et al. With Linux, GUIs like KDE had been the default from day 1, and now there's a bonanza of them - GNOME, LXDE/Razor-qt, XFCE, Unity, Cinnamon, et al.

Your slip is showing. The Linux fans, apparently, don't even realize that OS X is the most popular Unix (a certified one, at that). That segue from "Sun, DEC, SGI" straight to Linux was a sight to behold. That you had to list 6 GUIs for Linux tells us that none of them are very good (despite the thickly caked-on makeup), and the Linux fans who normally promote and critique them scarcely know what they even are.

Think that's a bizarre thing to say? Here's why it isn't: You all deprecate the meaning of the "Interface" part of "GUI" such that it no longer conforms to the usual standards of computer engineering. Every computer expert wants good interfaces--whether they be in software or hardware--and its a constant concern for us. But by definition, a computer interface (in an API, machined metal, etc.) must remain consistent... the definition of an interface is that of a "contract"----- a PROMISE to maintain a certain form!

Linux fans insist on good contract-like interfaces for the technically adept, even though this is the demographic that can most comfortably deal with system changes. But when it comes to user interfaces, all bets are off. Then the fans change their tune, berating users for not embracing "freedom" when they question the lack of consistency in and among so-called "Desktop Linux" distros.

Furthermore, who can say if there is any Desktop Linux that rates as a real OS? I am sometimes reminded by the fans that the textbook description of an operating system doesn't even include a user interface. That's fine. However, the defacto definition of a desktop OS was laid down by Apple and Microsoft and I don't think any FOSS project has managed to honor that. If such a definition were expressed in English, one aspect of it should be that programs are neatly divided between OS components and applications (apps). Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run without gotchas... ie a predictable runtime environment.

What are the chances of this happening successfully?

Isn't that why other OSes have so few grey areas between OS and apps... to create a predictable runtime environment?

Now, tell me why people aren't lining up to write great apps for "Desktop Linux". Tell me why we (former advocate here) can't even give this sh#t away.

As for having "lowered" the usability bar... *chuckle* One raises the bar when something is made better. You confused the metaphor with a similar-sounding one, lowering the bar to entry. It almost sounds like lowering ones' standards. We all know what you meant but the choice in phrasing is, I think, indicative of a certain attitude that looks at GUIs as peripheral and something to be tacked-on noncommittally later.

Re:Windows is an option today - not an requirement

[mjwx]

I am just saying that on a personal level I am very happy that thrustworthy alternatives exists,

I like Linux too, but I'm not that excited.

Re:Windows is an option today - not an requirement

[Zaelath]

Try?: Dell Ultrabook that I bought took a Windows 7 install just fine thanks.

Bricked?: What are you smoking? I'm not aware of any computer/notebook that doesn't let you turn secure boot off.

Support?: Dell has the Windows 7 drivers right there on their web site...

Maybe you should postdate your post about 5 years or something, it might all come true.

Re:Windows is an option today - not an requirement

[gmuslera]

Regarding bricking, this could put you in the right context. Maybe it was a "mistake" from Samsung, maybe not, maybe others could or will have the same. And going to Windows 7 don't change the core problem of why is a security risk.

Re:Windows is an option today - not an requirement

[Zaelath]

Yeah, that Samsung stuff up was funny, but hardly supports your thesis of "you can't buy a computer without these features".

I might be misinterpretting what you're trying to say given the context of the article, is it some kind of complaint about monopolies and Windows Tax...?

Oh, and my ultrabook dual boots Linux...

Re:Windows is an option today - not an requirement

[ogdenk]

With Linux, GUIs like KDE had been the default from day 1, and now there's a bonanza of them - GNOME, LXDE/Razor-qt, XFCE, Unity, Cinnamon, et al.

Ummmm.... No.... they really haven't. You obviously weren't a Linux user around 1995. Just getting X11 running was a serious PITA affair much less getting it to do anything. FVWM and FVWM95 were pretty popular. xfm was a common file manager. OpenLook was around for Linux too. Commercial versions of Motif and CDE were around I think.

DOZENS of Window Managers for X11 have existed over the years. Full desktop environments you can probably count on 2 or 3 hands.

Re:Windows is an option today - not an requirement

[bingoUV]

TPM is great for security

Yes, security of the entity the module trusts. And of no one else.

but corps and governments should love it?!

Only the corp or government whom the module trusts. Rest all should doubly hate it.

Re:Windows is an option today - not an requirement

[DUdsen]

The problem with the TPM is not the TPM it's that win8 equipment is using something that should really be called UEFI lite ie a TPM with a reduced set of key management features mostly binding the end user to always trust what was shipped with the chip and everything trusted by those, ie should Microsoft loose control over one of their keys you as a user have a system that will run viruses and spyware as trusted OS component and there's nothing short of removing the TPM chip, you can do to fix it as antivirus is not allowed to mess with trusted code(ie antivirus would only be effective against signed malware in unsecure mode). Ohh and the NSA have full access to MS's signing keys. With the non TPM systems antivirus can prevent any binary library/driver it identifies from running(it's the identifying that the hard part.)

Had UEFI/TPM been implemented as Intel/IBM intended it the system owner would have full edit access to the keystore using hw overide, Ie the system owner would have full control over what software that gets trusted, and the user can even add their own keys, this is not how secure mode on win8 systems work.

Re:Windows is an option today - not an requirement

[ThomasMcA]

Your slip is showing.

And so is yours.

That you had to list 6 GUIs for Linux tells us that none of them are very good (despite the thickly caked-on makeup)

No, those 6 GUIs are called "choices." One of the greatest things about Linux is that if you don't some something about Linux, you can change it. If you don't like an application, or even the look and feel of an entire desktop, just install a different one.

and the Linux fans who normally promote and critique them scarcely know what they even are.

Really? How the hell do you know what somebody else does or doesn't know? I know lots of Linux fans who have tried multiple desktops, and what Linux calls "Window Managers," myself included.

Every computer expert wants good interfaces--whether they be in software or hardware--and its a constant concern for us.

If that's such a concern, then Windows 8 just screwed you.

But by definition, a computer interface (in an API, machined metal, etc.) must remain consistent...

Really? Windows 3.1, Windows 95, Windows 7, and Windows 8 are consistent? Dude, you need to get a better dictionary.

Linux fans insist on good contract-like interfaces for the technically adept, even though this is the demographic that can most comfortably deal with system changes. But when it comes to user interfaces, all bets are off.

Bullshit. Put a Windows user with an open mind in front of KDE or Gnome, and they'll feel right at home. They'll have a "Start button", a system tray, toolbars, familiar window controls, and more.

Furthermore, who can say if there is any Desktop Linux that rates as a real OS?

Anybody with an open mind that actually tries it, that's who.

I am sometimes reminded by the fans that the textbook description of an operating system doesn't even include a user interface.

So what's your point? Windows servers, Linux, UNIX (and probably more) can run without a GUI. But that has nothing to do with your "argument."

Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run without gotchas... ie a predictable runtime environment.

What are the chances of this happening successfully?

Do you even know how to make a point that has merit? In what world would a "novice user" ever try "programming high-level features?"

Now, tell me why people aren't lining up to write great apps for "Desktop Linux".

They are. The "application manager" or "package manager" in most flavors of Linux contains tens of thousands of software packages. Granted, many of them of "utility libraries" that are used by multiple applications, but there are still many, many free applications to choose from. Just check out how many apps are listed at http://linuxappfinder.com./

Tell me why we (former advocate here) can't even give this sh#t away.

What rock have you been living under? I guess you've never heard of Ubuntu.

As for having "lowered" the usability bar... *chuckle* One raises the bar when something is made better.

And you think Windows is "better?" Was Windows ME better? What about Windows Vista? And is forcing a touch-screen interface onto desktops (a.k.a., Windows 8) better than Windows 7? Perhaps you should buy a new dictionary.

Not just Win8

[geek]

Everything Microsoft produces. I have the misfortune of working with the MS developers on a regular basis and if I had a nickle for every time they told me they didnt know how their own software works I'd be richer than Bill Gates.

Nevermind the inherent security flaws in their crap OS, my concern, and the concern from every foreign country should be MS's willingness to work with the NSA. If ever there was a time to ditch Microsoft and go Open Source it is now.

Re:Not just Win8

[cyber-vandal]

Which Microsoft software are you referring to? If you expect people that develop in ASP.NET to know how the Windows kernel works, do you also expect people who develop websites in OSS languages to know the intracacies of the Linux kernel?

Re:Not just Win8

[h4rr4r]

Are you totally ignorant of the software world?

Linux is at this point more popular than windows, if we count embedded devices and servers. Windows has come a long way, but until very recently it had some serious problems. The issue stems from the design philosophy not any level of obscurity.

Re:Not just Win8

[somersault]

He didn't say anything about Development Environments, he was talking about Operating Systems.

Re:Not just Win8

[GrBear]

If ever there was a time to ditch Microsoft and go Open Source it is now.

Sure, soon as my PC games all work on an OSS alternative I'll switch without hesitation. Until then Windows will be the OS du jour.

Re:Not just Win8

> The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity.

No, obscurity doesn't offer much security at all.

Open Source stuff tends to be more secure because it has so many people looking at it, from many different perspectives, both professionals and amateurs, all working together to improve the code and make it more secure.

Microsoft, on the other hand, are the only people who can patch and improve their code. And they have demonstrated again and again that they can't be trusted to do this in a timely and useful manner.

Re:Not just Win8

[Skapare]

The advantage of Open Source is that you or anyone else can fix the software if/when security problems are found, whether in the OS, core libraries, network stack, or any Open Source applications. We are not dependent on the original developers to make any such fixes. I have done this a couple times in the past by fixing security issues in open source code before the developer fixes were available (I could have waited a day and got the developer fixes).

Re:Not just Win8

[somersault]

Windows. And he isn't talking about people who write software in ASP.NET, he's talking about the people who created and maintain ASP.NET.

Re:Not just Win8

[LQ]

I had a nickle for every time they told me they didnt know how their own software works I'd be richer than Bill Gates

If it takes them 10 secs to say that, and Bill Gates has 50 billion dollars, it would take you 16000 years to get that rich.

Re:Not just Win8

[h4rr4r]

Windows 8 runs on other platforms too. Go look at the linux tablet market share and compare that to windows 8 tablet share.

I have used linux for that long on the desktop. Works fine.

Marketing matters far more than you think. Bud is a very popular beer, and no one really thinks it is a good beer.

Re:Not just Win8

[Trimaxion]

Indeed. On large software products like those Microsoft is famous for, is often necessary not to know how every component of product works at a detail level. There are abstractions in place to allow the work to be easily divided amongst a large number of developers, and you typically won't know the implementation details of modules that you didn't have a hand in creating. There's simply too much code for anyone to truly know how everything works. "I don't know" is often the right answer.

That is, unless you're actually responsible for the implementation detail in question. If you don't understand your own code then you are going to a special hell reserved for H1B sponsors and people who talk at the theater.

Re:Not just Win8

[Zero__Kelvin]

"I have programming friends that applaud Visual Studio, so I'm not sure if other professionals share your hatred."

Yes. True and competent professionals share the hatred. Even those who begrudgingly use Microsoft software share it. Show me a guy running around saying "I like Windows; it's great!" and I will show you someone who is by definition incompetent.

"The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity."

That is the best reason I have seen in quite some time to stop thinking about the issue with your current level of knowledge, which is exceedingly inadequate, and to start actually learning about what you are talking about.

"That's to say it's not safer because it intrinsically better programmed, but because it's not popular enough to warrant as many people trying to find exploits in it"

It is safer if not poorly administered for many, many reasons. An improperly configured system is unsafe, no matter what OS you use. That being said, a properly administered Linux system is more secure than a Windows system, and it has absolutely nothing to do with the number of people trying to find exploits. People focus on Windows because it is the low hanging fruit. The much more desirable target is Linux, which runs in all the major corporations including Google and Microsoft. The market share for the desktop is greater with Windows, but the important data is on Linux servers, meaning the real professionals would much rather find Linux exploits.

Furthermore, the homogeneous nature of Windows makes it less safe. Because Linux comes in many, many flavours and the kernel in use can and will be different even with the same version release (due to varying config options) it is literally impossible to create an attack that works on all, or even most, Linux systems. Any exploit you can come up with will only work on a very small subset of systems in the wild. Ergo, only targeted attacks make sense on Linux. Trying to come up with a virus that will affect all Linux systems the way one can come up with one that will affect all Windows 7 systems, for example, is a fools errand.

Re:Not just Win8

[pr0fessor]

I see it this way... people that write malware, trojans, or what ever do so to make money and they pick the largest easiest target doesn't matter the OS or the software that runs on it but one way or another they will make money. You cannot make an OS secure enough to persuade them to do something else when there are so many gullible user to take advantage of. This is why there is now boat loads of malware, adware, crapware for android.

Visual Studio could be better but it's more like a rapid development environment and shouldn't be compared to a regular IDE.

Re:Not just Win8

[h4rr4r]

iOS is not linux. Android is. It uses the kernel and is not proprietary.

Re:Not just Win8

[colinrichardday]

Yeah, too bad there isn't a German Linux distro

Oops

https://www.suse.com/

Re:Not just Win8

[cyber-vandal]

Yes of course. I misread it as "working with MS developers" not "working with the MS developers". My apologies.

Re:Not just Win8

[Zero__Kelvin]

How about: read the whole post I made yourself? I did exactly what you said already, though it is not a comprehensive list. The reasons are many, including but not limited to the fact that Microsoft cannot be trusted. Period.

That being said, a complete education is beyond the scope of a single post, or even a set of hundreds of posts. I won't say Google it yourself, but I will say to go get yourself an education on the subject.

Re:Not just Win8

[Zero__Kelvin]

"That's basically the security by obscurity claim."

It isn't even close to a security through obscurity claim.

" But that does not mean a targeted attack is any less possible."

Hey, what a great point! I wish I had mentioned targeted attacks! Oh wait ... that's right ... I did. That being said, you are right. The heterogeneous nature of Linux is not what makes a targeted attack less likely to be successful. What makes a targeted attack less likely to be successful is that Linux is written from the ground up by competent software engineers and programmers, and is Open Source, so that it gets reviewed by many, many highly competent security professionals.

"Anybody that runs around and says Linux should be used every where and every instance in place of Windows is just as incompetent as someone claims Windows should always be used over Linux."

Bullshit. Unless you are a victim of vendor lock-in, or have a very special corner case such as a need for Photoshop or specific CAD software, etc. then use of Windows is tantamount to incompetence in 2013.

( Important Note : Most companies that use Windows in 2013 are victims of vendor lock-in. The point is, if that isn't your reason for continuing to use it then you haven't got a clue.)

Re:Not just Win8

[Zero__Kelvin]

A piece of software, no matter how "nice", that targets a garbage OS is by definition a piece of garbage, no matter how useful it would be if it targeted a decent OS.

Re:Not just Win8

[somersault]

I'd be horrified if the NSA could monitor me posting funny pictures to my friends on Facebook.

Re:Not just Win8

[Kielistic]

It isn't even close to a security through obscurity claim.

That's to say it's not safer because it intrinsically better programmed, but because it's not popular enough to warrant as many people trying to find exploits in it.

So perhaps not what is usually defined as "security through obscurity" but is definitely what the parent post was talking about because that is exactly what they said. It is certainly a type of security through obscurity in the way that has been explained also. You have an obscure platform or implementation and therefore there are less people working on exploiting it.

What makes a targeted attack less likely to be successful is that Linux is written from the ground up by competent software engineers and programmers

What do you mean by "Linux" here? I'll give you the benefit of the doubt and assume you meant the kernel and not the entire userland. You will assert that the engineers and programmers working on the Windows kernel are incompetent? I'd wager a guess that every single one of them knows more about the topic at hand than you do. The Linux userland is rife with garbage programming. And even if all the Linux kernel devs are vastly more competent than the Windows ones (a very bold claim) that does not imply that the Linux kernel is magically free of programming flaws.

so that it gets reviewed by many, many highly competent security professionals.

There are no security professionals working on finding Windows exploits? Again, I would wager a guess that there are far more highly skilled and/or well paid security professionals searching for exploits in Windows than there are in Linux.

Your definition of "vender lock-in" seems to be: "has the software I want and does a better job than the competition". That is not vender lock-in. That is the definition of a product that might just be better than alternatives in many circumstances.

Ignoring some more no true Scotsman fallacies (you really like those don't you?). You sound like someone that is so ideologically stuck with Linux and anti-Windows that you are in a serious case of cognitive dissonance.

Re:Not just Win8

[Zero__Kelvin]

" You have an obscure platform or implementation and therefore there are less people working on exploiting it."

Again, it has nothing to do with security through obscurity. The platform is neither obscure or nor is the implementation. It's Open Source.. I think you may need to look up the word heterogeneous. I'll give you an example. If I am doing a targeted attack then I know the particular machine I am attacking runs CentOS. I can go get the source code. I can look at it. Maybe I find an exploit. That is great for that machine, but the next one I want to attack is Debian based. My exploit probably won't work. It doesn't mean there is any obscurity. That being said, security through obscurity is a vaild defense, so long as it is a small part of a complete approach.

"There are no security professionals working on finding Windows exploits? Again, I would wager a guess that there are far more highly skilled and/or well paid security professionals searching for exploits in Windows than there are in Linux."

Why would you make such a ridiculous statement, that directly contradicts what I wrote. I specifically said that far more security professionals look at Linux code than Windows code, because the Linux code is Open Source.

"Your definition of "vender lock-in" seems to be: "has the software I want and does a better job than the competition". "

I suppose, as a completely uninformed person unable to understand what I wrote, or the complexities of software ecosystems in general, it would seem that way to you. Of course, I have extensive experience with both platforms while the same can clearly not be said by you.

" You sound like someone that is so ideologically stuck with Linux and anti-Windows that you are in a serious case of cognitive dissonance."

I am also a huge fan of sex, but totally anti-venereal disease. I wasn't anti-VD at one time, but then I actually got a sex education. (I was a Windows developer well before discovering Linux. What you call "bias" is actually called having a clue; the kind of clue that comes from being educated on the issues.)

Re:Not just Win8

[losfromla]

***I'm willing to bet serious money that the number of people who could actually find a back door and have reviewed the entire Linux kernel can be represented by one bit.**

I agree, I too think it can be represented by any number which is either 0,1, or any multiple of two also. Clever bet if one is allowed to place that bit at the location of one's choice.

Re:Not just Win8

[h4rr4r]

Please name some of these viruses. I will wait.

Re:Not just Win8

You would have to be explicitly excluding Linux installations to get less than 1% these days. GNU/Linux has had a greater market share than this for years and propagating this myth that it is non-existent is pure FUD. Just because you don't like it on the desktop doesn't mean it doesn't exist.

I work for a company that sells wifi adapters. The GNU/Linux market for USB wifi adapters is about 500,000 a year. That alone is about 1.1% of the market. If you factor in that most computers sold today are not desktops (it is about 80/20 split) and already have a wifi card built in the market has pretty much got to be about 4x this number minimally. That means we are looking at a market share of about 5.1% minimally. It very well could be higher as about ¼ of wireless cards sold are not USB.

Re:Not just Win8

[Kielistic]

Again, it has nothing to do with security through obscurity

define: obscure. Definition number five. Staying out of notice is a type of security through obscurity.

Why would you make such a ridiculous statement, that directly contradicts what I wrote. I specifically said that far more security professionals look at Linux code than Windows code, because the Linux code is Open Source.

Exactly; that is almost definitely incorrect. Just because people can see the source does not imply more people will care to look at it. Windows is still target number one and attracts huge numbers of people looking for exploits. Whether they can see the code or not. I'm sure Microsoft employs lots of professionals to audit their code as well.

I suppose, as a completely uninformed person unable to understand what I wrote, or the complexities of software ecosystems in general, it would seem that way to you. Of course, I have extensive experience with both platforms while the same can clearly not be said by you.

I understood perfectly what you wrote and what you meant. I use both on a regular basis as well but i would never be presumptuous enough to assert that one is always better than the other. Nobody as experienced or informed as you claim to be would make such sweeping generalizations.

You keep going back to that fallacy so I'm going to assume you don't understand why it is a fallacy. no true Scotsman. You keep claiming that everyone that doesn't agree with you does so because they aren't experienced, educated or intelligent enough; if they were just smart/experienced/educated then they would know you are correct. That is extremely faulty reasoning.

Re:Not just Win8

[kiwimate]

The advantage of Open Source is that you or anyone else can fix the software if/when security problems are found, whether in the OS, core libraries, network stack, or any Open Source applications.

Theoretically? Totally, no worries. Alpha plus.

In the real world? How often does that occur? How many people are investigating the code to find security problems? How many of those people are sufficiently competent to fix security problems?

There are bugs which remain open for years. There have been reports of security flaws discovered which have been present for years before being detected. If thousands of developers truly were poring over the code, this shouldn't occur.

I won't deny the advantage you state is very real. I will assert that it is an advantage which is rarely exploited in any meaningful fashion.

Re:Not just Win8

[roc97007]

Thank you, Sheldon.

Re:Not just Win8

[jbmartin6]

but the important data is on Linux servers, meaning the real professionals would much rather find Linux exploits

Any hard data on this? I understand your logic, I just don't think this is borne out in practice. Usually we see Windows exploited since it has access to the data AND has a user to trick with phishing emails and the like. I don't recall any stories like 'we really tried to exploit the Linux server but had to settle for stealing the data from the Windows workstations that accessed the server' For example, see the value to certain actors in Stuxnet,Flame, etc. I doubt those teams were wishing they had Linux exploits to use against Iranian users on Windows.

Re:Not just Win8

[BronsCon]

No operating system requires a password safe for any purpose. Many include one and offer it to you as a convenience so that you do not have to type in common passwords e.g. for network shares and such, but you are not required to use it. It is also not intended to keep them safe, just to keep them; though most do encrypt the passwords in some way, even if only to prevent casual snooping. However, if what you were trying to say is that the password safe used by most Linux distros still has to encrypt passwords to keep them safe... well fuckin' duh! You have to encrypt *ANYTHING* to keep it safe. I don't care what OS you're running, if your data is in plaintext in the disk, *MY* OS can read it, so *YOUR* OS becomes irrelevant at that point.

As for Linux requiring a firewall... any system that runs network services you wish to control access to requires a firewall, it's just how the world works. Most consumer Linux distros ship with all services disabled (sometimes you'll find one that has SMB enabled) by default, but you can usually turn a few of them on (namely SSH) during install. Most server distros ship with SSH enabled and that's all. It would be reasonable to run one of these systems in a default state (no network services, or only SSH) with no firewall, since there's no point of attack anyway. If you've running an SQL server, a local web server, SMB, or anything else you want to control access to, then a firewall is only necessary if you don't configure the services to only listen on the appropriate interfaces and only listen for the appropriate IP ranges. If you run any services that don't give you that level of configuration, or any consuler-grade software that interacts with the network on any level, that software may expose its own services and vulnerabilities, which, really, is why you need a firewall in the first place. It's nothing to do with the OS at all.

I would also like to point out that, as far as self-replicating viruses go, Linux anti-virus apps detect Windows and Mac OS viruses; they do not detect Linux viruses; one would have to exist first. As far as user-initiated malware, detection is the only option for automated protection; you can't stop the user from downloading a random binary and giving it their root password, but you can warn them not to. Okay, well, you *can* stop the user from downloading a random binary and giving it their root password, but didn't a team of security researchers just prove that you can slip just about anything past the iOS App Store reviewers if you delay activation of those routines?

How much malware has been found on iOS? Not all of it, because those who would look for it aren't allowed the tools to do so. You can rest assured that there is plenty. All because there is no way to detect it, all because Apple doesn't allow anti-virus apps into the App Store, all because you're supposed to trust them to keep you safe, even though they've proven they can't (and aren't even really trying).

That's not a knock at Apple or iOS, either. It's an illustration of why these basic security measures are important and how insecure any system actually is that tells you you don't need them.

Re:Not just Win8

[unixisc]

Is it 'German' any more? I thought it had been bought by Novell eons back.

But didn't the city of Munich do its own Linux distro? And the Germans pretty much dominate the KDE project, so everything there they can adapt and make local

Re:Not just Win8

[Stan92057]

http://www.unixmen.com/meet-linux-viruses/

http://www.internetnews.com/dev-news/article.php/3601946/Linux+Malware+On+The+Rise.htm

http://www.geekzone.co.nz/foobar/6229

http://www.slideshare.net/kumar_sunil/is-linux-operating-system-virus-free

want more i have tons more

Re:Not just Win8

Yes, one of the many fallacies of Open source software.

I do software assurance for a large enterprise and I have had this quoted at me. The many eyes argument is rubbish. There may be opportunity for many eyes to look at it, including the attackers, but how many Open Source projects have people with a security mindset looking at their code? How many Open Source projects have just a few or in many cases one maintainer, who may not have any secure coding background and training.

Before integrating Open Source projects as part of other systems, we require groups to do security testing against it, and the code produced is not materially more or less secure than the closed source or the internally produced code we have.

Re:Not just Win8

[colinrichardday]

The Attachmate Group acquired Novell, but I assumed that SuSE still had a presence in Nuremberg.

http://www.attachmategroup.com/

Re:Not just Win8

[UnknowingFool]

The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity.

I don't think the word means what you think it means. Everyone in the IT field knows about Linux. Hackers included.

That's to say it's not safer because it intrinsically better programmed, but because it's not popular enough to warrant as many people trying to find exploits in it.

If you narrow the attacks only on desktop users. Which is potentially more lucrative? Attacking someone to get their banking credentials or attacking the bank and getting all of their customers' credentials? Attacking the bank is much harder as they are more likely to have hardened systems but not impossible. If popularity was an index of attack, you'd think that OS X would get 7% of the malware out there; they don't. You would think Linux would get a huge amount of successful server side attacks; it doesn't.

Re:Not just Win8

[UltraZelda64]

Are you ignorant yourself? We are talking about Windows 8 (a desktop and recently tablet OS). Linux desktop has less than %1 market share.

If it was a better product , users would prefer it with its free price. I have used Linux for 15 years (on servers) but I cannot bear it on desktop.

Most people talking about Windows 8 since, well, long before it was even released were talking about how bad it sucks. So I guess according to your claims, Windows 8 and Linux are about equal on the desktop then. Although I would strongly disagree; it's 2013 and Linux has been pretty damn good "on the desktop" for years now. I switched to it from Windows XP back in 2006 and it improves all the time... and at this point, I would never switch back.

Meanwhile, on the Windows side you've got the usual increased bloat and system requirements, high prices and restrictive licenses, Vista brought in kernel-level digital "rights" management, Windows 8 prepares the ringing of the death knell of the traditional "desktop Windows" environment, which ironically I was under the impression that you were claiming was better in the first place. So, what happens when Metro becomes default and the traditional Windows desktop is gutted out of the system? Face it: it's going to happen. And to Microsoft, it can't happen soon enough.

Re:Not just Win8

I like Windows. That's a loaded term because it would be more accurate to say "I like Windows more than X" and even more accurate to say "I like Windows about feature X more than how Y implements it". But I think that's too much for you to take into account with your simplistic argument.

Here's the problem: Without knowing anything else about whomever makes such a statement and about what they may have achieved or not you have concluded that they're incompetent. And by definition no less!

In reality, this along with your "whoever doesn't share my hatred for something is not competent" makes you by definition a prejudiced fundamendalist, because this is the only thing it takes to mark someone as one, unlike your assertion. Have fun thinking about your competence.

Re:Not just Win8

[UltraZelda64]

Oh, wait--I re-read your post. You are equating quality with popularity, which effectively renders your entire argument invalid because economics almost never really works that way, and I just wasted time on my previous post responding to what now looks like it was rightly labeled flamebait. Oops. Disregard my previous post.

Re:Not just Win8

[Stan92057]

Go away troll. When you grow up then come back and have a real conversation.

Re:Not just Win8

[GrBear]

Who (when concerned about security and the NSA/GCHQ/FIS snooping) give a rats ass about gaming?

The majority of the public obviously I'd say. Which is why Linux is still hasn't reached critical mass for the mass populus.

Re:Not just Win8

[Billly+Gates]

If ever there was a time to ditch Microsoft and go Open Source it is now.

Sure, soon as my PC games all work on an OSS alternative I'll switch without hesitation. Until then Windows will be the OS du jour.

Back when I was a Linux fan I kept saying this.

3 years have passed and that situation has not changed. Unfortunately, Windows software is a fact of life for people who do more than text their friends and play farmville on facebook.

Re:Not just Win8

[Billly+Gates]

> The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity.

No, obscurity doesn't offer much security at all.

Open Source stuff tends to be more secure because it has so many people looking at it, from many different perspectives, both professionals and amateurs, all working together to improve the code and make it more secure.

Microsoft, on the other hand, are the only people who can patch and improve their code. And they have demonstrated again and again that they can't be trusted to do this in a timely and useful manner.

Microsoft has been excellent with timely updates and do make much more secure operating systems than they used too and have a whole dedicated department with many teams in charge of dismantling bot nets, finding security holes, and doing r&d in better security, complete with a command center monitoring the internet just like Norton and Google.

Just because you have not run windows since Windows 2000 doesn't mean things are the same. Infact Linux lacks ASLR, and kernel level sandboxing that Windows Vista and higher have. It does have DEP I believe but that is it. In many ways UAC is even more secure than sudo as a limited user in Windows uses a token to another account admin complete with a passowrd that needs to be entered which then send another token to the admin account. A real admin is disabled for the desktop. Windows 7 admins are not really admins but just regular users with the tokens.

These make it pretty hard to hack compared to an OS that just checks for a password and occasional buffer overflows if it is compilied with amore recent version of glibc but nothing else.

Re:Not just Win8

[Billly+Gates]

"I have programming friends that applaud Visual Studio, so I'm not sure if other professionals share your hatred."

Yes. True and competent professionals share the hatred. Even those who begrudgingly use Microsoft software share it. Show me a guy running around saying "I like Windows; it's great!" and I will show you someone who is by definition incompetent.

"The only reason that I can think that an open source OS would be more secure than Windows is because of obscurity."

That is the best reason I have seen in quite some time to stop thinking about the issue with your current level of knowledge, which is exceedingly inadequate, and to start actually learning about what you are talking about.

"That's to say it's not safer because it intrinsically better programmed, but because it's not popular enough to warrant as many people trying to find exploits in it"

It is safer if not poorly administered for many, many reasons. An improperly configured system is unsafe, no matter what OS you use. That being said, a properly administered Linux system is more secure than a Windows system, and it has absolutely nothing to do with the number of people trying to find exploits. People focus on Windows because it is the low hanging fruit. The much more desirable target is Linux, which runs in all the major corporations including Google and Microsoft. The market share for the desktop is greater with Windows, but the important data is on Linux servers, meaning the real professionals would much rather find Linux exploits.

Furthermore, the homogeneous nature of Windows makes it less safe. Because Linux comes in many, many flavours and the kernel in use can and will be different even with the same version release (due to varying config options) it is literally impossible to create an attack that works on all, or even most, Linux systems. Any exploit you can come up with will only work on a very small subset of systems in the wild. Ergo, only targeted attacks make sense on Linux. Trying to come up with a virus that will affect all Linux systems the way one can come up with one that will affect all Windows 7 systems, for example, is a fools errand.

Seriously?

You mean no security like this and servers running linux are never targeted.

Mac users at work keep going ballastic when their accounts get disabled because they do not run AV software and think they are invulnerable because the highschool kid at the Apple Store said so. Same is true with Linux users who refuse to patch their damn Apache boxes. Incompotence is in every platform and I would say profession.

Windows users use Windows because they need to get stuff done. Software is written for it. That does not make then incompetent. If you are an accountant and you use some project at SourceForge then how the hell can one of the big 4 accounting firms audit your work? They wont and will tell you to put it in excel or quickbooks/great plains and get back to them.

Windows 2008R2 and Windows 7 and later are fairly secure and have more security options in the kernel like browser sandboxing, UAC, ACL, ASLR, DEP (linux uses dep for some services now), and other things. It is not Windows 98 anymore where everything runs in ring 0 and shares ole activeX components unsigned, full admin, to the os and other apps anymore.

Yes Windows 98 was fucking crap. XP meh ok kernel for the 1990s with crap thrown on top of it from windows 9.x, and a horrible browser framework.

I have AMD/ATI hardware and Linux updates are known to break except for Centos or Fedora distros on both my computers due to the lack of a stable ABI. So would I be competent to run Linux then with all these issues or anyone else who doesn't want to play with these things and just needs to get to work?

Re:Not just Win8

[geek]

I've seen Red Hat and FreeBSD support people work up security patches in a matter of hours and release them to customers. I've even seen them do this with bug fixes that later get incorporated into the kernel or whatever other source package they are supporting.

Its just just the freedom to compile and fix your own OS, it's the freedom to audit it. You do not get that with Windows.

Re:Not just Win8

[webnut77]

What you're saying is Linux is more popular if we include installations that are managed by professionals earning $100K+ and installations on devices that are usually customized by a small group of very skilled people to perform a set of specific tasks for "dumb" users. The end users of these systems neither know or care that Linux is powering them.

The desktop is a different matter and penetration figures show it.

Well, here's the problem with hiring unskilled, pointy-clicky admins. If your instance of any service stays inside the GUI coder's box, maybe all is well. But if you need something the GUI coder didn't include then your out of luck. And if you stay inside the box and things still don't work, well the pointy-clicky admin doesn't know what is wrong and has no clue where to begin looking.

I recently looked at a Windows administrator's network and discovered that all traffic, public and private, is on the same wire. He's not using VLANs or anything to separate it. He doesn't understand what a tremendous risk this is. Everything works and that's good enough.

Re:Not just Win8

[Billly+Gates]

Here is just one and sometimes even Linux desktop users are targetting too because they refuse to run AV software and feel invulnerable.

Slashdot will never post an anti linux article. There are plenty out there in places like itworld, neowin.net, and other sites.

Linux machines are frequently targetted because many run SQL databases and good old fashioned SQL inserts and other exploits are easy targets. Windows kernel actually has more security features like ASLR that Linux does not have.

I had someone at a Linux Users group whose SuSE Enterprise servers were all rooted and bank phising site was hosted on it. Rootkit installed to make it undectable and everything. It was found by the CISCO guys noticing strange traffic and it took 3 weeks before IT could track it.

Where do you think the term "Root"kit came from? They would be called adminkits otherwise.

Re:Not just Win8

[geek]

Only if they had 1 dev. However if they have 16000 devs saying it simultaneously................

Re:Not just Win8

[Kielistic]

In open source, usually doing it *RIGHT* is king.

I'm afraid that's just not true. If we are talking about the FOSS movement then the outlook that is king would be "doing what I feel like until I get bored". That's just what hobbyists are like. Few open source projects have that much dedication to doing it right. Luckily the Linux kernel devs seem pretty dedicated to doing it right but they do not speak for the rest of "open source".

Re:Not just Win8

[Kielistic]

A hobbyist is not qualified to fix major security issues- they will probably only make it worse. A decent programmer is not qualified to fix major security issues. I wouldn't even want a good programmer working on my kernel. I want an expert. So you are still at the mercy of a few experts that know the code and are capable of fixing or finding a problem.

Re:Not just Win8

[Kielistic]

You mean like server core?

Re:Not just Win8

[Darinbob]

1.2% is a massive number of users. As a reference, the population of the state of California is about 0.05% of the population of the earth.

Re:Not just Win8

[Kielistic]

Obscure can mean a few different things. It looks like you're missing one of them.

If popularity was an index of attack, you'd think that OS X would get 7% of the malware out there; they don't.

No I wouldn't think that because that's not how it works at all.

Re:Not just Win8

[Zero__Kelvin]

You didn't understand a single thing I wrote, actually. You can't even comprehend that heterogeneity has absolutely nothing to do with obscurity. It has absolutely nothing to do with "staying out of notice", even if that were what the actual term "Security by Obscurity" meant. Security by Obscurity refers to the idea that your security mechanism relies on the source code not being available.

Indeed, you are so phenomenally clueless that it would be tantamount to trying to teach a pig to sing to teach you about security. Plonk.

Re:Not just Win8

[Zero__Kelvin]

The attack you mention is not an attack on Linux at all. It is an attack on Apache. You may as well say that a bad lot of Firestone tires means bad design by ford bcause some people put Firestone tires on Ford cars. Furthermore it was on Slashdot already, making your claim that you would never see it here ridiculous. Furthermore, an attach on a SQL database is not an attack on Linux, either. You should probably learn what Linux is before you post any more absurd claims.

"I had someone at a Linux Users group whose SuSE Enterprise servers were all rooted and bank phising site was hosted on it. "

What your anecdote doesn't indicate is how the rootkit got there. Absence of proof that it wasn't done by someone with root privileges, your anecdote is less than meaningless. That being said, you seem to have decided that more secure means impenetrable. Nobody, and I mean nobody, is impenetrable.

Re:Not just Win8

[Zero__Kelvin]

Yes. They finally got this capability. It only took them about 15 years.

Re:Not just Win8

[Kielistic]

Oh nice- you switched up your logical fallacy. Good to know you aren't a one trick pony. Ad hominems still don't make you right though.

It has absolutely nothing to do with "staying out of notice"

Except we know exactly what the original poster meant when they used the word obscurity because they, quite literally, defined what they meant. The second header on your wikipedia link describes exactly what the OP was talking about for heaven's sake. Did you even read it or think for two seconds before posting? Obviously the two concepts are closely linked when they share your citation.

But you're probably right. It must be me that's the clueless one ;-)

Re:Not just Win8

[Zero__Kelvin]

It would help if you knew what a trojan was. They don't take advantage of security weaknesses; they exploit people. It has literally nothing to do with the security of an OS.

" That does not make then incompetent. If you are an accountant and you use some project at SourceForge then how the hell can one of the big 4 accounting firms audit your work?"

I already stated there was an exception for corner cases like this. If you weren't so gung ho on proving me wrong (a fools errand, BTW) then you would have stopped to think about what I wrote long enough to realize this.

"I have AMD/ATI hardware and Linux updates are known to break ..."

An even marginally competent person would use hardware that works with their system if they weren't competent enough to pick a decent distribution or handle these issues. You are clearly not even marginally competent.

Re:Not just Win8

[Billly+Gates]

It would help if you knew what a trojan was. They don't take advantage of security weaknesses; they exploit people. It has literally nothing to do with the security of an OS.

" That does not make then incompetent. If you are an accountant and you use some project at SourceForge then how the hell can one of the big 4 accounting firms audit your work?"

I already stated there was an exception for corner cases like this. If you weren't so gung ho on proving me wrong (a fools errand, BTW) then you would have stopped to think about what I wrote long enough to realize this.

"I have AMD/ATI hardware and Linux updates are known to break ..."

An even marginally competent person would use hardware that works with their system if they weren't competent enough to pick a decent distribution or handle these issues. You are clearly not even marginally competent.

Why don't you read that article?

The trojan installs itself through backdoors by visiting a website. Not by a user clicking on anything. That shows an exploit in Linux.

Right I chose the best hardware for the price so I can run VMWare Workstation makes me incompetent.

I run VMWare Workstation and got a nice 6 core cpu with full hardware virtualization that was not crippled in the bios for $599. Nvidia crap has made unstable products in the past and I found my ATI hardware very good quality all for $599. The intel ones would have cost $300 more at least when you combine a chipset that doesn't disable hyperthreading and virtualization and a bigger PSU and only would have had 4 cores!

The fact that Linux lacks a stable ABI which means drivers wont work after a freaking kernel recompile show that Linux is incompetent and I would be equally incompetent to throw money away to use the Intel/Nvidia branded hardware. Every other OS in the world has this but the GNU purists actually think hardware makers can opensource their drivers when IP agreements with patents prohibit them! So its CentOS or SuSE Enterprise only for semi stable work.

It is wonderful to have a stable crash free os like Windows 7 that also runs office and all my games. I guess that makes me incompetent too to use an OS that meets my needs right? You know my wife used to say the same about Linux as I had to use wine and sometimes struggle to join her in Wow and Vent when her Vista machine just worked! I left Linux after gnome shell 3 and after I got my AMD system with Windows 7. I found no reason to hate Windows other than the gui is not as customizable.

You are a fanboy with no basis in reality. FYI I run Linux on my VMs and used Unix since 1999 and I am not a paid shill. I refuse to blindly follow one religion in the OS/browser wars so I do not appear like an ass.

Also the accounting guy is not corner case. Every profession out there has their apps if it is white collar. Sales would be the only exception I can think of, but even they need to trade files with customers in MS ecosystems and a margin error in a file can cost a sale worth millions of dollars!

Re:Not just Win8

[Zero__Kelvin]

"The trojan installs itself through backdoors by visiting a website"

No trojan does that. If it does that it is called a worm. If your source doesn't know the difference between a trojan and a worm there is certainly no reason to listen to a word they say. OTOH, nowhere does the article state what you claim, but they do state "In fairness to Kessem, she said a Hand of Thief sales agent recently suggested using social-engineering attacks to infect users of the open-source OS."

"You are a fanboy with no basis in reality"

One of us certainly is ;-)

". Sales would be the only exception I can think of, but even they need to trade files with customers in MS ecosystems and a margin error in a file can cost a sale worth millions of dollars!"

So you don't know what vendor lock-in is, then. Huge surprise there.

Re:Not just Win8

[BranMan]

I'll list a few.
1) Linux / Unix was designed from the start to be a networked OS - so network security was baked into how it was designed, from the start. Windows started as a single user system, THEN added networking. Network security has thus never been job 1 from the start, and even now that still shows

2) Permissions. Linux uses Unix permissions, built from the start to protect users from each other, over a network, and to protect the OS from the users. Windows never was, and too many things run with full permissions to trash the OS. That's one reason Windows has so many vulnerabilities.

3) Windows is the UI, the UI is Windows. In Linux the kernel (OS) is separate from the UI - the UI runs on top. At the user permissions. So if the UI is crashed or compromised, malware can trash the user's account, but can't touch the system or other users. In Windows, the UI runs with full permissions, and any exploit in the UI gives full access to trash the OS.

4) Media - in Windows popping in a disk or plugging in a flash drive runs software on that disk or flash drive automatically - for convenience. In Linux, you need permissions to mount the media and anything you do with it is explicit - nothing is run automatically.

That enough to start with?

Re:Not just Win8

[Billly+Gates]

I wish I didn't comment already so I could have modded you up. I had a feeling some evanglists would use this as a shiny model of the evils of MS and capitalist made operating systems.

You can't argue with a crazy man. If you discredit your colleagues before even replying with a general statement like what Kevin did then it gives the crazy guy a mental excuse to discredit whatever you or I say. You can't win as any argument you make will be a personal attack back.

Or he is a troll and is laughing right now.

I used to be such a Linux guy myself in my youth, but I at least understood non technical people have no reason to leave as soon as XP came since it is fairly stable by design.

Go ask slashdotter Hairyfeet how many Linux boxes you sells at his shop? Lol. The calls of where the fuck is the start menu? To an update breaking X. To why can't I run MS Office cdrom all ring a bell to most users. Even with knowledge I turn the tables and ask what can Linux do that Windows 7 can't on a desktop or workstation? I can't think of anything other than some rare tools. The same can't be said vice versa.

MS ecosystems are sold as a great advantage too for the corporate folks as it makes sure things like MS excel, MS Access, and MS SQL Server all talk to each other with MS Visual Studio for cheap development. I do not want to go all 100% proprietary to not be trapped, but for many corps who are already MS shops this makes sense. They prefer Windows even if the software is available for Linux and MacOSX as evident as only a few offices use Macs even if all they need is Office.

Re:Not just Win8

[sabt-pestnu]

If thousands of developers truly were poring over the code, this shouldn't occur.

Examining N sections of code (or programs, or systems...) is an O(n) problem. Examining N sections of code as they relate to each other of the N sections of code is an O(n^2) problem. And it only gets more complex from there once you add in the dimension of time.

If there is one person studying each piece of code, there's still more than a lifetime of work, to examine how that code interacts with all the rest of the code in the world. Viewed that way, it is not surprising that security flaws remain undiscovered for years.

But you're right. Software for the typical user "just works". And if it works, it doesn't get examined closely.

Re:Not just Win8

[Stan92057]

not when it comes to products nice try though

Re:Not just Win8

[Stan92057]

Denying that there are viruses is being a troll and spreading lies that there are none is worse. Im not going to give you links because your just a linux zelot troll simple as that.

Re:Not just Win8

[Kielistic]

Not really. Mistakes Windows has made in the past does not reflect its current state.

The current Windows kernel is not the same one that they started with so number 1 is meaningless.

Current Windows has a nice permission system so there goes number 2.

Ctrl+Shift+Esc : nope explorer.exe is running under my user account.

Windows doesn't do this anymore and I'm pretty sure I've had Ubuntu auto mount and load stuff on me before "for convenience" (that could be a complete fabrication on my part; I honestly don't remember clearly). Agreed that it is a user convenience that is easily exploitable but it is definitely something that a normal user would want. "Of course I want to run it; why else would I put it in?"

Re:Not just Win8

[Kielistic]

Or he is a troll and is laughing right now.

That's alright; I take strange satisfaction in pointing out logical fallacies.

This is also an interesting case for moderator abuse. Their original post got modded to +4 or +5 almost immediately before slowing getting knocked down closer to where it belongs. My post got immediately hit with an overrated as well. I wish we could see moderation timing though. It may just be because it is a heated topic and a lot of people were moderating before thinking. But it is also additional evidence for the troll theory. Poe's law will probably ensure we'll never know.

Re:Not just Win8

[Alsee]

You're welcome.

-

Re:Not just Win8

[vux984]

1) Modern Windows is based on NT. NT was built with networking in mind. Modern windows rebuilt the entire network stack with Vista so what was true for Windows 3.1 / 95 / 98 just doesn't have any bearing on current reality at all.

2) Windows didn't start out with permissions. But NT added them, and with Vista onwards, things have gotten substantially better.

3) This simply isn't true. You can install windows server without the UI now. The UI is separate from the rest of the system. The only reason you can't with the desktop editions is that there would be zero point except as as academic feat.

4) Mounting it is automatic, nothing else is. And this can be turned off quite easily via policy. Several linux distros now mount media automatically too, by default.

That enough to start with?

Keep going. So far you've got bupkiss.

Re:Not just Win8

[Cacadril]

I am not qualified to fix major security issues. However, I did report mistakes I spotted when reading the source, and they got fixed. I guess there are enough nerds around the globe who explore some code from time to time, and keep studying until they understand it, that most kernel source files gets regular scrutiny.

Re:Not just Win8

[Kielistic]

That is exactly how it works in the Windows world too though. Find a problem, report it, wait for someone that can fix it to fix it.

Yes you can find bugs from reading source code. Does it turn out better than a closed sourced project? Perhaps sometimes. There is no reason to assume it is better always, inherently, just by being open source.

Reporting a few glaring mistakes still will not find all problems. Some exploits would still take an expert to spot. At which point it's really no better than a properly security audited closed source system.

Re:Not just Win8

[rsborg]

see it this way... people that write malware, trojans, or what ever do so to make money and they pick the largest easiest target doesn't matter the OS or the software that runs on it but one way or another they will make money. You cannot make an OS secure enough to persuade them to do something else when there are so many gullible user to take advantage of. This is why there is now boat loads of malware, adware, crapware for android.

So iOS has more apps, more installs/downloads, and yet Android is the king of mobile malware. Why is this the case?

It's not like iOS is inherently more secure, and neither are iOS users smarter, so perhaps the issue is that Google just doesn't care to curate their Play store enough to prevent these apps from proliferating.

If you bring up side-loading, I'll bet you significant money that less than 1% of all installs are sideloaded.

Re:Not just Win8

[Billly+Gates]

Go check out neowin.net if want to see the same in reverse? Until Windows 8 split the community it is filled with MS die hards

Re:Not just Win8

[TemperedAlchemist]

"Anything MS produces"

Re:Not just Win8

[TemperedAlchemist]

I was modded down to troll level.

For nothing but sharing my own opinion, written in a personal manner that was in no way intended to reflect factual presentation.

I believe there's just a lot of MS hate floating around, and anyone who dares say anything in support of MS is immediately declared a troll.

Re:Not just Win8

[bingoUV]

I'm sure Microsoft employs lots of professionals to audit their code as well

And to put in backdoors to be used at NSA's behest. Which may or may not align with Germany's interests.

Re:Not just Win8

[pr0fessor]

I wasn't trying to single out android I was just pointing out that it exists. I didn't address iOS because I'm not that familiar with it, I don't have any apple devices and most of the people I know have android devices or kindles. I have noticed a big uptake in android phones, tablets, and even tv boxes in the past couple years. Even my non-techie brother has an android based tv box he uses for netflix and hulu.

Re:Not just Win8

[h4rr4r]

You mean you are making claims you cannot backup, fine just say so.

There are none spreading right now. The ones you tried to show off generally impacted other software or are lab stuff. The same BS we have seen for ages.

Could someone make one? Possible, but very unlikely so far.

I am not sure what a zelot is, but I am no zealot. I am typing this on a mac!

Re:Not just Win8

[UnknowingFool]

That's not what the OP is claiming. Linux is not obscure in the IT field. How Linux works is not obscure either as you get access to the entire history as well as all the protocols, etc. Linux isn't popular as a consumer desktop but it is very much a factor everywhere else. Claiming that Linux isn't attacked because it's obscure is mangling the definition of obscure. Claiming no one attacks DEC-Alpha systems because they are obscure is the right use of the word.

Re:Not just Win8

[Kielistic]

because it's not popular enough to warrant as many people trying to find exploits in it.

That sounds like the OP meant obscure to me. Just because we all know what it is doesn't make it popular (we are a minority). Linux is beyond obscure to the people you actually want to make massive attacks on.

Re:Not just Win8

[UnknowingFool]

Obscure does not mean not popular.

1. (of meaning) not clear or plain; ambiguous, vague, or uncertain: an obscure sentence in the contract. 2. not clear to the understanding; hard to perceive: obscure motivations. 3. (of language, style, a speaker, etc.) not expressing the meaning clearly or plainly.

If anything Windows practices security through obscurity as only MS really knows how it works.

Re:Not just Win8

[david_thornley]

Linux/Unix is more popular than Windows, counted by the number of computers being sold that people use. This is somewhat obscured by the wide variety of UIs on the Linux/Unix devices (my Nexus 7, my iPhone, my Mac Mini, my Linux box, and my wife's Nook Tablet don't all look the same). Windows only dominates on desktops and laptops, and those are getting less relevant.

Re:Not just Win8

[willaien]

Open Source stuff tends to be more secure because it has so many people looking at it, from many different perspectives, both professionals and amateurs, all working together to improve the code and make it more secure.

Why, exactly, did it take 2 years to discover the Debian SSL Keys weakness, then? If we have so many pouring over every aspect, why was this allowed to slip through, with a crippling bug that makes the very security and privacy of the internet something that can be easily broken? Why did it take so long?

Re:Not just Win8

[david_thornley]

I'm not convinced that "many eyes" is all that good for security, since security isn't an easily recognizable property. It does help code quality, which helps security. However, Microsoft got serious about security quite a few years ago, and has been doing a whole lot better. Having a company-wide focus on security is likely to give better security than many eyes in general.

The reasons why Windows is likely to be less secure than other OSes are different. MS supports a lot of legacy code, a whole lot of it third-party, and that is going to have security ramifications. Also, while people don't generally do much as root on Linux/Unix systems, there's still a lot of tradition for using a MS Windows box as Administrator. Microsoft's pushing to change that, but cultural changes are slow, and Microsoft still does not seem to me to quite get security where humans are involved.

Re:Not just Win8

[Stan92057]

Here ya go troll. I never said linux had more viruses but it does have viruses/malware as you claim it does not. I am right you are wrong troll, a mac troll at that lol https://en.wikipedia.org/wiki/Linux_malware I guess The poster to wikipedia is mistaken too

Re:Not just Win8

[h4rr4r]

read that link numbnuts. Which of those are kernel exploits/viruses? How many are for add on programs?

Think about it, it will come to you.

Re:Not just Win8

[romons]

tablet market share in 2012

How is TPM a security risk?

[afidel]

TPM is nothing more than a hardware keystore, I'm not sure how they'd see it as a security risk unless they're worried that the NSA has the MS signing key's private key (probable) but even then it doesn't exactly give you worse security than other OS's without access to a hardware keystore.

Re:How is TPM a security risk?

[Sique]

Just read TFA, it does a good job at explaining the security risks and concers. One important concern is that while the BSI (the german Federal Office for Information Security) was involved in the TPM 2.0 specification, all their proposals were denied, while the proposals the NSA had were accepted. And the final acceptance was announced with "The NSA agrees".

Re:How is TPM a security risk?

A hardware keystore you don't have the keys to.

Re:How is TPM a security risk?

http://en.wikipedia.org/wiki/Trusted_Platform_Module [Wiki]
See "Criticism" section:

"... The concerns include the abuse of remote validation of software (where the manufacturer — and not the user who owns the computer system — decides what software is allowed to run) and possible ways to follow actions taken by the user being recorded in a database, in a manner that is completely undetectable to the user.
In simple words, it removes user's ability to control the hardware he owns, reducing the device to hardware maker's stealthy agent.
It is "Trusted" to hardware manufacturer, but, the same makes it "uncontrollable" for the user - making the user dependent on trust to the manufacturer, or whatever government or authority there is at particular location."

Re:How is TPM a security risk?

[Megane]

I think rectal divination is the preferred means on Slashdot.

Re:How is TPM a security risk?

[Jesus_666]

The concern is mainly that the system hinges on the TPM, which in version 2.0 of the standard is controlled by the OS and can't be deactivated. Either you unconditionally trust the operating system (and its vendor) or you can't trust the entire system. Plus, the NSA got to mess with the standard while at least the German BSI (who issued this warning) tried but didn't get anywhere (e.g. they failed to get an opt-out function added to the standard). Plus, all TCG members are American companies and several of them are known to have made deals with the NSA before (such as giving information about security flaws to them first).

In short: The BSI doesn't unconditionally trust Microsoft around sensitive documents and recommends that no TPM 2.0 compatible OS from Microsoft is used where those might show up because TPM 2.0 makes trust in the OS vendor mandatory. Win8/TPM2 is okay for home users who don't want to think about computer security but it has no business being around stuff that might cause harm if leaked to foreign intelligence agencies.

Re:How is TPM a security risk?

[IamTheRealMike]

So we have a case of sour grapes, then? Unless one of the NSA requests was "we want a backdoor" then this by itself doesn't mean much because the NSA is a weird creation that not only spies on everyone, but has an "information assurance" department that tries to design secure systems for US usage. They're behind the creation of SELinux which is both highly sophisticated and well reviewed by independent third parties. It does not have back doors. Also, many important constructions in cryptography were designed by the NSA. For example SHA2 was designed by the NSA and it is extensively studied. It has never been found to contain even a hint of a back door.

This crap about how the TPM allows Microsoft to remotely control computers for DRM purposes came up over a decade ago when trusted computing extensions were first designed. It was FUD back then with no connection to reality, and it's certainly FUD today too. If you want to learn about the actual next-gen TC technologies, go and read up on Intel SGX. Then go and read this post on bcflick, a use of the TPM and trusted computing designed to make Bitcoin wallets more secure. That's the kind of thing the tech is designed for. The TPM isn't even electrically capable of controlling the CPU.

Re:How is TPM a security risk?

[drinkypoo]

I am a bit unclear as to how you go from "everything the Germans wanted was ignored" to "sour grapes". Could you please explain your thought process there?

Re:How is TPM a security risk?

[Skapare]

So I can write and erase anything I want to in the TPM?

Re:How is TPM a security risk?

[gstoddart]

Unless one of the NSA requests was "we want a backdoor" then this by itself doesn't mean much because the NSA is a weird creation that not only spies on everyone, but has an "information assurance" department that tries to design secure systems for US usage.

But since nobody actually knows, and because if the NSA informed Microsoft to hand over the keys they'd be legally required to, and because while they help design 'secure systems for US usage' nobody trust them for anything that isn't the US.

So, it's OK if you want to trust TPM, Microsoft, and the NSA. But that doesn't mean that the rest of the world has any reason to do so.

I think you are increasingly going to see governments around the world look at Microsoft and say "do we want to put all of our infrastructure in the hands of someone who has to take orders from a US spy agency?" And I think the only logical conclusion is going to increasingly be "no, not really".

Re:How is TPM a security risk?

[cardpuncher]

Some issues:

It's a hardware keystore under the control of the vendor: they have access to your keys, you don't have access to their keys.

If you've bought only-certified-for-use-outside-the-US hardware you may find yourself only able to run the OS-with-NSA-backdoor "export" version of your chosen operating system.

If your software vendor decides (or has decided for them) that your web browser (for example) should not permit you to access certain websites, it can be enforced in hardware outside of your control.

The remote "attestation" feature as originally designed could effectively identify individuals (or at least individual pieces of hardware) on the Internet, effectively abolishing any vestige of privacy. It is siad that Direct Anonymous Attestation introduced in the latest round of TPM specs permits the integrity of the TPM (for Digital Rights Management) to be tested without revealing the identity of the device.

In other words, if you have control of the TPM, it's exactly "just" a hardware keystore. However, if you don't have control, or if control must be ceded to another party in order to run some particular piece of software, you are entirely under the control of that party - and whoever controls them. And if you suspect your security is being compromised, you can't necessarily fire up a debugger or trace system calls, because unless that debugger has been signed by the OS vendor it's not going to run and you have no means of knowing whether it behaves as documented. It's a potential rootkit mechanism: you have to trust the OS vendor implicitly. And that's the point - it's not about allowing you to "trust" the vendor, it's about the vendor's "trust" in their control of you.

Re:How is TPM a security risk?

[thegarbz]

I was also a nice trustworthy person which caught people by surprise when I stole money from their wallets.

Ok no I wasn't but just because the NSA has at times released software without backdoors should in no way influence your opinion of their future performance, especially given future performance is malware that provides a back door, not to mention back doors to every ISP in the country, spying on international conferences etc. Honestly it would be outright foolish to assume that anything they had a major hand in is safe.

That said TPM serves one purpose, secure the system from the prying hands of the user. The only thing holding back DRM being the primary beneficiary of TPM is the lack of adoption and the fact that TPM is entirely voluntary. If every computer had a TPM module regardless of the users preference you could be damn certain that many DRM schemes would be using this. A trusted key store safe from the user is exactly the kind of security system a DRM scheme needs to operate well.

Just because something hasn't (yet) come true does not make it FUD.

Re:How is TPM a security risk?

[cbope]

This. This is overblown BS written by someone who doesn't understand TPM and what it can and can't do.

The story also fails to mention that the TPM module is usually an option and typically only available on corporate PC's. Not to mention the fact that it can be disabled in BIOS/EFI if you are admin over that system.

TPM is not even required by Windows 8. RT... well that's another issue but this article is mainly about PC's, not RT tablets.

Re:How is TPM a security risk?

[VortexCortex]

I think you are increasingly going to see governments around the world look at Microsoft and say "do we want to put all of our infrastructure in the hands of someone who has to take orders from a US spy agency?" And I think the only logical conclusion is going to increasingly be "no, not really".

Oh hey, look, a Windows Update -- A remote root level patch to my operating system, one that in the past has had glaring issues with certificate signing, and now we suspect could be gag ordered and required to hand over the keys to install anything the NSA wants into any Windows system on the planet.

I think the question will be, "Do we want to use software with a HUGE BACKDOOR in it for anything at all ever?" And I believe the conclusion is going to be far worse than, "no, not really".

Meanwhile the "conspiracy nuts" who've seen the writing on the wall for decades (Omnivore, Carnivore, ECHELON, PRISM, etc) can smugly declare either, "Finally" or "I told you so." then go right back to being ignored by fools at large.

Re:How is TPM a security risk?

[Kjella]

The only thing holding back DRM being the primary beneficiary of TPM is the lack of adoption and the fact that TPM is entirely voluntary. If every computer had a TPM module regardless of the users preference you could be damn certain that many DRM schemes would be using this.

Microsoft has announced that from January 1, 2015 all computers will have to be equipped with a TPM 2.0 module in order to pass the Windows 8.1 hardware certification. And while not every computer will run Windows, I very much doubt you'll find a computer that can't run Windows so that's the end of TPM-less hardware. Of course Windows 8.1 will run on non-TPM hardware but I figure in a few years Windows 9 will refuse to run on anything but TPM-enabled hardware. That's the end of the PC as an open platform and you can already prepare for the funeral.

Re:How is TPM a security risk?

[Jesus_666]

As far as I can tell (and I admit not being an expert in the field), TPM 2.0 is always enabled (it's neither opt-in nor opt-out) and under the operating system's control. As such, an OS too old to use a 2.0 TPM effectively (such as Windows 7) isn't much of an issue as one can still assert control over one's system. Likewise, an OS that can be audited (like Linux) is okay since, as long as one can replace the bootloader, one can control what the system does. Apparently the BSI assumes that this is possible.

Windows 8 and later, however, are essentially black boxes that control the system down to the TPM. And they're controlled by a foreign corporation which in turn can be ordered to do unpleasant things by its government. Also note that as of Windows 8.1/January of 2015 TPM 2.0 is mandatory for the Windows hardware certification*, which makes it likely that from 2015 onward most ready-made systems and probably also most new mainboards will come with it. The easiest way to avoid running an untrustable box seems to be to avoid Windows 8+ altogether.

Interestingly, Apple never warmed up to the technology; they added them to Macs in 2006 and reportedly dropped them in 2009, never even having written a driver. Given how they handle iOS one would expect them to be more interested in TPMs. Then again, it wouldn't surprise me if they're just using similar custom hardware.


* Windows 8.1 also requires that all laptops come with a 720p-capable webcam. Insert paranoid comment here.

Re:How is TPM a security risk?

It IS in the German Nation's interest to abandon the US corporation's closed product.

Re:How is TPM a security risk?

Note that TPM 2.0 is required by Windows 8.1, as shown by Microsoft's certification requirements. The BSI cautions against Windows 8 because apparently Win8 supports TPM 2.0 while Win7 doesn't.

Let's be a little more precise. TPM 2.0 is not required by windows 8.1. It will run just fine without and people are currently doing that with the leaked RTM builds.

In the document at your link Microsoft says that they will require that all new systems that OEMS wants to certify after January 1st 2015 must have TPM2.0 to pass certification and get the sticker. It is a marketing sticker requirement, not a Windows 8.1 system requirement.

Re:How is TPM a security risk?

[X0563511]

It will be interesting to see what happens when I cut the leads to the TPM chip.

Re:How is TPM a security risk?

[afidel]

Nope, since a VM can't talk to the TPM there's no way they'd require it at the OS level, way too many enterprise customers do VDI today.

Re:How is TPM a security risk?

[freeze128]

Yes! If thine TPM offends you, PLUCK IT OUT!

You can disable it in the BIOS, then the OS can't use it. However, the PC may be like my 2+ year old Vostro that has a built-in Wireless NIC that CANNOT be disabled via the BIOS. What do you do then?

Well, you do what I did: I went into Device manager and disabled the sucker. There! No more wireless NIC, no more security risk.

Re:How is TPM a security risk?

[spire3661]

There is no way to verify your claims, that is the whole point. MS offers absolutely no transparency on this issue. It comes down to 'do we trust a foreign company'

Re:How is TPM a security risk?

[Kjella]

Nope, since a VM can't talk to the TPM there's no way they'd require it at the OS level, way too many enterprise customers do VDI today.

It'll be just another layer in the signature chain, your TPM-signed OS will only run under a TPM-signed virtualization tool that runs on a TPM-enabled machine and so it'll be digitally signed all the way down, just like an application running on a TPM-enabled OS.

Re:How is TPM a security risk?

[Darinbob]

TPM doesn't allow Microsoft to remotely control computers, but it does make sure that they have a majority of users with DRM ready computers.

Re:How is TPM a security risk?

[Darinbob]

With a desktop you will probably be able to remove the TPM but that will be impractical for laptops. (as for tablets those consumers have already voluntarily relinquished all personal control of their own computing environment)

Re:How is TPM a security risk?

[marcosdumay]

Well, the TPM is an open specification. You don't really have to trust anybody, just read it and see for yourself how it's a problem.

Re:How is TPM a security risk?

[thejynxed]

Intel and AMD are both moving the TPM to the die package of the CPU. Unless you have a good microscope and tools able to operate at that kind of scale, good luck cutting the lead.

Re:How is TPM a security risk?

[cbhacking]

So use hardware that doesn't even have it. My desktop (less than a year old) doesn't. Run Win8 just fine (and Linux, FreeBSD, and probably MS-DOS too)

Re:How is TPM a security risk?

[cbhacking]

Exactly. If you don't like it, just don't use it. Tons of hardware doesn't even have the option of a TPM; in most of the rest, it's possible to remove, disable, or simply never install one.

Win8 runs just fine without any TPM installed.

Re:How is TPM a security risk?

[X0563511]

Damn :(

The security-conscious part of me applauds that move, but the rest of me is revolted.

What?

[DogDude]

This doesn't make any sense. It's insecure because you can't NOT use TPM?

Re:What?

It is insecure because you CAN'T use it for your purposes.

It is only there for MS and, by extension, the NSA.

You didn't think that secure boot crap was for YOUR benefit, did you?

Re:What?

It makes complete sense, a government wants to ensure they have complete control over the hardware being used for sensitive data. If they are unable to opt out of using TPM that means the keys to that hardware would be under someone elses control.

Not exactly strategically sound to have key hardware at the mercy of foreign providers, or even domestic corporations in some cases.

I was under the impression that TPM2.0 was still opt-outable though

Re:What?

[Sique]

It is insecure because you have to use TPM and can't opt out. So it's not you defininig the security parameters, it's Microsoft. And the agencies sitting in Microsoft's back and dictating the rules.

Re:What?

It is insecure because you have to use TPM and can't opt out. So it's not you defininig the security parameters, it's Microsoft. And the agencies sitting in Microsoft's back and dictating the rules.

But this is patently untrue (if we care about facts), you can opt out.

Re:What?

[gstoddart]

This doesn't make any sense. It's insecure because you can't NOT use TPM?

If you don't trust the security of TPM, or that it doesn't have in-built stuff the NSA can use to spy on you ... then, yes, you have to consider it insecure.

It's a 'secure' system you don't control, which means if you need a secure environment, you need to trust a 3rd party.

If that 3rd party is Microsoft, who we know is beholden to the NSA -- then you betcherass it's considered insecure. Essentially, the German security people are saying "we don't trust Microsoft or the NSA/US government" -- therefore the entire platform is considered not secure.

One of the biggest complaints about TPM is that you have to explicitly trust whoever controls the keys and the like. And if you don't control it, and don't trust the 3rd party, the whole thing is garbage.

So, it makes perfect sense -- because TPM has never been about the users ability to define their own trust, it's about the manufacturer saying "you're going to have to trust us or not use our stuff". So, not using their stuff is the logical conclusion.

Re:What?

[drinkypoo]

It is insecure because you have to use TPM and can't opt out. So it's not you defininig the security parameters, it's Microsoft. And the agencies sitting in Microsoft's back and dictating the rules.

But this is patently untrue (if we care about facts), you can opt out.

The TPM is going into the CPU. You will not be able to opt out. It's a fact. It will still be in there. Do you really believe there won't be a way to turn it on and use it against you? And if so, on what basis? By the very specification, you are not permitted to be in charge of your own hardware. That is unacceptable to say the least.

Re:What?

[gstoddart]

When it comes to hardware, the only way to completely trust it is to go to where the chips are being manufactured, and study the entire design of each chip being used in whatever device you're worried about.

True as that may be, there are encryption keys stored in there that the owner of the device doesn't control.

So, if I'm building a secure environment, and I know there is a component I do not control or can't isolate (you can't disable this, remember) -- then I have to try to remove that component. That component is TPM, which is more about DRM than securing the computer for the owner.

I'd much rather trust Microsoft than some generic Chinese chip maker.

Well, have fun with that.

Due to the Patriot Act, Microsoft is no longer a trustworthy entity. In fact, no US company is anymore. Not for their cloud services, and not for any installation which needs to be secure.

If the US government wants to make US corporations an arm of their spy agencies, don't bitch and moan when other governments decide there are risks they can do without in using those products -- because unless they're willing to take MS or the NSA at their word (and, really, why would they?), they have to assume these systems are compromised.

A year or two ago when some of us were saying these cloud services were something you couldn't trust due to the Patriot Act, people were saying "oh, don't panic, it's no big deal". But since it's now patently obvious that the NSA can and does tap Microsoft to provide them some data -- I would have to say it's pretty much objective fact that, no, you really can't put trust in them beyond what you can 100% control.

You feel free to trust who you like. And the rest of the world will do the same. I'm sorry, but the US government and Microsoft have pretty much demonstrated that they're not something you can trust.

Re:What?

[DogDude]

I'm sorry, but the US government and Microsoft have pretty much demonstrated that they're not something you can trust.

And the Chinese are? Unless you can design and fabricate your own chips, you have to trust somebody. I'll take Microsoft over the Chinese any day. But, to each their own.

Re:What?

[gstoddart]

Well, you can mitigate against the chips with some isolation onto an air-gapped network.

But having a component of your machine control your encryption keys, you can't. Because if MS has handed those over to the NSA (and there's no reason to believe they haven't), all they need to do then is try to gain access to systems they know they can decrypt. You can do more social engineering or other traditional espionage if you know you the systems exist, where they are, and have the encryption keys.

It's the stuff that is controlled by this TPM crap that you can't trust anymore, and that has a lot of ways it can be exploited. It makes the rest of the platform out of your control. An cryptography you don't control is essentially useless if there's any reason to believe you can't trust the entity who does control it.

I'm not saying you need to trust the Chinese chip makers any more than you trust Microsoft, but you can more readily mitigate against the Chinese-made chips than something which is tied into the operating system at a fundamental level.

Re:What?

[Rockoon]

True as that may be, there are encryption keys stored in there that the owner of the device doesn't control.

The only key that software does not control is the master RSA key, which of course you cannot control because the safeguard is that every device ever to be made (should) have a unique one, which is why its burned into the silicon (not rewritable by anyone.. ever.. not you.. not by the operating system.. not by a software update)

Why is it that people on slashdot dont have a clue how technology works anymore?

Essentially the root key is like a UUID taken to the hardware level, but instead of passing around ID numbers you pass around certificates. Instead of "My name is FOO." its "Here is proof that I'm the same guy that you talked to yesterday. Call me whatever the hell you want."

Everything else about TPM -- all the DRM hypermania and so on -- is entirely software-based. Don't want to run software that utilizes the TPM chip instead of some other certification method, then don't run that software.

Re:What?

[gstoddart]

Why is it that people on slashdot dont have a clue how technology works anymore?

Why is it that every smarmy little shit on Slashdot thinks everyone else is an idiot?

Don't want to run software that utilizes the TPM chip instead of some other certification method, then don't run that software.

Yes, exactly. But in this case "don't run that software" applies to Windows.

It's the OS which is utilizing the TPM, and therefore it's the OS you can't trust. What part of that are you not understanding?

This was the whole point of TFA -- since Windows 8 uses this TPM shit, and you can't turn that off, you inherently can't trust the OS. The software you stop using because you don't trust the TPM isn't your own software, it's the fucking OS.

Re:What?

[jader3rd]

since Windows 8 uses this TPM shit, and you can't turn that off, you inherently can't trust the OS.

Given that Vista was TPM aware that means that Win 7 is too. Why isn't the BSI saying that any Windows OS greater than Win XP unsecure?

Re:What?

[gstoddart]

My understanding was TPM became mandatory with Win 8, and in previous versions was optional.

It's the non-optional part that is the problem. Microsoft made it mandatory, and that changed quite a bit.

So, if you deem TPM isn't trustworthy, it makes Win 8 not trustworthy.

Re:What?

[Rockoon]

Why is it that every smarmy little shit on Slashdot thinks everyone else is an idiot?

Maybe because there are idiots like you complaining about not being able to control the master RSA key (I even quoted you doing it.)

You are a completely ignorant fuck by making that the issue. Thats why I get to be smarmy. The problem here is that you want there to be an issue, but because you don't know what issues are real and what are FUD you just go with everything.

You willingly chose to harp on the FUD. I quoted you doing it. You willingly did it. Either you knew that it was FUD making you an idiot for using it anyways, or you didn't know that it was FUD making you an idiot for just parroting someone else without any understanding at all of your own. In both cases, your real intent is quite clearly not to be informative.

You are the reason that I get to be a "smarmy little shit" yet still have outstanding karma.

Re:What?

[gstoddart]

You know, the fact that you're both wrong AND and asshole isn't my fucking problem.

There are keys mandated by TPM which the owner does not control, and use of TPM in Win 8 isn't optional.

The entire fucking point of the article is that those keys exist, you don't control them, you can't turn TPM off in Win 8, and if you don't trust the source of this to tell you which applications the OS is going to allow you to run or not, you can't trust the entire platform.

Did you miss the whole article where the German security people are saying it's not a trustworthy platform for this exact fucking reason?

Seriously, it's YOU who don't seem to understand this. So fuck off.

Re:What?

[jader3rd]

My understanding was TPM became mandatory with Win 8, and in previous versions was optional.

Given that Microsoft has published upgrade paths from XP to Win 8 I don't see how it could possibly be mandatory for Win 8, given that XP didn't have TPM. Plus, my home machine is running Win 8 and it certainly doesn't have a TPM chip.

Re:The next time you call FauxNews Sensationalisti

[Sique]

If you actually had read the article, you would have seen that this is especially mentioned. Maybe the article is a little more insightful and balanced as you can imagine?

And the follow-up article

[DingerX]

Where the BSI takes issue with their reporting.

Of course, with the extent now clear of the US government's use of US IT companies to maintain American political and economic advantages, if you were running a non-US-based company or a non-US-governmental organization, you'd want to do as much critical business with non-American hardware, software and services as possible.

Re:And the follow-up article

[bfandreas]

Where the BSI takes issue with their reporting. Of course, with the extent now clear of the US government's use of US IT companies to maintain American political and economic advantages, if you were running a non-US-based company or a non-US-governmental organization, you'd want to do as much critical business with non-American hardware, software and services as possible.

I wouldn't take technological advice from Die Zeit. They still think steam engines will never replace the Spinning Jenny.
Also ... the BSI ... bruahahaha.

*snort*

Whatever backdoor MS has planted for whoever asked them will propably have made its way into any older Windows version via their automatic update.

Re:And the follow-up article

[Jesus_666]

While the original article was a bit on the hysterical side, the basic point remains: Windows 8+ in combination with a TPM is not deemed trustworthy enough to handle sensitive documents. It's an unacceptable security risk for people who handle classified government data, which is all the BSI ever said.

NSA VPN searches on XKeyScore

One of the example searches about XKeyscore, (the NSA software that lets them do ad-hoc searches on everyone's private comms) was

"show me all new VPN connections in country X"

How does it get the VPN connection data? When I investigated Windows *7*, I notice that when a VPN connection is made by the OS, the software makes two connections, one directly to a Microsoft server bypassing the VPN and one through the VPN. Both share session ids. It seems to flag to Microsoft (and NSA) the two IP addresses (via the VPN / original un-routed VPN address).

So they're focussing on Windows 8, but Windows 7 has its share of nightmares.

Then has anyone looked at Symantec / Norton 360 etc.? With all it's "password vault" features and online URL checks. It could be the NSA has served these companies with secret warrants. So we may not be able to trust that it will flag NSA spyware, or that passwords are not making their way into the Utah Stasibase.

Re:NSA VPN searches on XKeyScore

Do you have a link to some sort of evidence? I'm sure lots of people would love to see that.

Re:NSA VPN searches on XKeyScore

Just watch the network connections a Windows 7 pc makes when connecting the VPN, its not hidden.
For the XKeyscore's 'vpn' search example, see the XKeyscore leak documents.
As to whether this network connect is the source of that XKeyscore's VPN search data, that's unprovable. We know NSA get that information because it was in the leak, we know this feature provides that information you can see it in the network connects. But proving that the latter provides the former is impossible without further leaks.

I think its better to be safe than sorry, connect to VPN's only via a trusted router rather than on a Windows PC VPN service, and avoid VPN services from US based companies as that is another possible source for that data.

Re:NSA VPN searches on XKeyScore

[radish]

I think it's much more likely the NSA figure out the VPN stuff by simple traffic analysis - they don't need Microsoft to tell them anything (particularly as I'm sure they're well aware that a large percentage of VPN connections don't involve Microsoft platforms). Doesn't mean I'm not interested in the phone home connection though...

Re:NSA VPN searches on XKeyScore

Bullshit and FUD. If this were the case the web would be lit with packet dumps from people demanding an explanation. Pics or it didn't happen.

Have you looked closely at ANY "cloud based" AV lately? They all communicate with the mothership if you don't wrap the ethernet in tinfoil! *snort* Surely we need to move to Russian or Chinese sourced AV for complete security right?

Re:NSA VPN searches on XKeyScore

[pfigura]

Do you think the Kaspersky password vault would be more meaningfully protected against US authorities? That being said, it's probably thoroughly infiltrated by Russian Intelligence.

BSI published a clarification

[Golden_Rider]

The BSI (Bundesamt für Sicherheit in der Informationstechnik) published a clarification after websites reported about that Windows 8 warning: https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2013/Windows_TPM_Pl_21082013.html

Basically, they pedalled back a bit. They now claim they never warned about Windows 8 itself, but about possible risks when combining Windows 8 with TPM 2.0, because the user no longer has complete control over his system and that because of that, the user could end up in a situation where the system is permanently unusable. They no longer mention the US / the NSA and the possibility for backdoors, instead they now just mention the possibility of "sabotage", and the need for an opt-in AND opt-out for things like TPM 2.0.

Re:BSI published a clarification

Sorry, but they didn't "pedalled back". The just released a broader, more general second statement, which doesn't contradict the first. They haven't denied anything of what they said before.

Most importantly, nobody trusts american hardware anymore after the revelations about the NSA. I live in Austria and my company is trying to get rid of any american and chinese hardware, excluding the CPUs (no alternatives to Intel and AMD for those).

Re:BSI published a clarification

[Lawrence_Bird]

this whole thing is typical anti-Microsoft hype however, one example of where you can get fucked is if you use disk encryption with the TPM module. Your disk is forever mated with the motherboard and if the mobo dies first, so goes your disk.

Re:BSI published a clarification

[greg1104]

In Windows 7 at least, you can access the disk after a motherboard/TPM failure. I went through this when a firmware update destroyed the TPM in one of my Thinkpads. You can unlock the disk if you have the very long decryption key BitLocker shows you at initial setup.

Re:BSI published a clarification

[K.+S.+Kyosuke]

It's not "easy" at all. That's low-level firmware. Can you see exactly what your CPU is doing in every nanosecond? If it's doing some NAND, XOR or other operations? No, you can't. You need to trust it.

Isn't is possible to detect SMM using the measurement of code execution timing discrepancies? Also, this is a very good reason to have your own firmware, of course.

How can something...

[Skiron]

...not used by anybody be a 'security risk'?

Re:How can something...

[aaaaaaargh!]

It is used by Windows 8 and TPM 2.0 will be mandatory for all Windows 8.1 certified machines starting from 2015. It's part of a long-term strategy to introduce BIOS/UEFI-level digital rights management into consumer operating systems. The central idea behind all this is to bind the customer to the OS maker forever, make it hard to switch to alternative operating systems, and control application dispatch via app centers and application whitelisting instead of malware blacklisting.

After the tremendous success of locked-down phone hardware, managers in large corporations have come to think of the idea of a general computation device as a real threat, especially in light of free software that is starting to become more of a nuisance to software makers. They want to sell you new shit every 3 years, whereas the times where you need new shit every 3 years are long gone since computers have become fast enough for all everyday computing tasks. Hence, they really need control of the platform as a whole, from hardware over software dispatch to the software itself, and they form business alliances to achieve this goal.

Re:How can something...

[marcosdumay]

I guess the GP was asking how Windows 8 could be a security risk. Not TPM. (And, yes, if that was the case, it was a joke.)

How prophetic was this:

[redmid17]

From Wikipedia's TPM talk page in 2007:

As much as I love the NSA looking through email and phone records, I would prefer that the had to *at least* work for it. Trusted Computing (What a crock BTW) says it can be turned off, but does anyone know how? Fosnez 07:52, 13 February 2007 (UTC)

Oblig Blackadder quote

[Cryacin]

Have you seen any suspicious operating systems? Nein! I mean... 8!

Re:Oblig Blackadder quote

[smittyoneeach]

Only if you're ordering three shots at a bar in an Inglourious Basterds reference.

Re:Oblig Blackadder quote

[interval1066]

John Banner was a talent. Here he is in an MST3k production of "Crash of Moons".

Re:Oblig Blackadder quote

[IwantToKeepAnon]

Have you seen any suspicious operating systems? Nein! I mean... 8!

How many planets are there? Nine! I mean... 8!

more government FUD

[TheSkepticalOptimist]

I mean, the moment that "government" is included in a statement about technology policies, you should just look away. There is no reason why TPM makes Windows 8 less secure, and as a platform, Windows 8 is one of the most secure versions of Windows created. While I would argue greatly that Windows 8 is about as secure as any other OS (I mean hell, Linux is full of security patches just as much as any other mutha fucking OS), this screams of stupid anti-Microsoft lobbying using FUD as their "factual" grounds.

The point is moot because people are arguing about who is dominant on a dying platform. In 5 years nobody will use PC's/Macs/Linboxes except the people creating the content on the "other" 99.99% of the devices used by governments and the general population, and those other devices have way more security issues then a PC ever has had, regardless of what OS they are running.

Re:Zeitgeist

[colinrichardday]

Wouldn't the Germans prefer SuSE?

Re:The next time you call FauxNews Sensationalisti

[NatasRevol]

I'd like to know when the Germans thought they had control over the operating system.

https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2013/Windows_TPM_Pl_21082013.html

4th paragraph translated through google:

"From the perspective of the BSI, the use of Windows 8 in combination with a TPM 2.0 is accompanied by a loss of control over the operating system and the hardware used. This result for the user, especially for the federal government and critical infrastructure, new risks. In particular, on a hardware, which is operated with a TPM 2.0, with Windows 8 caused by accidental errors of the hardware or operating system manufacturer, is also the owner of the IT system error conditions that prevent further operation of the system. This can cause such an extent that in case of error in addition to the operating system and the hardware used is permanently no longer be used. Such a situation would not be acceptable for the federal nor for other users. In addition, the newly established mechanisms can also be used for sabotage of third parties. These risks need to be addressed."

Re:"I like Windows - it's great!"... apk

[Zero__Kelvin]

""1st they ignore you. Then they laugh @ you. Then, they fight you, & then you win""

I'll stick with ignoring you, thanks. You do a great job of making my case for me without my help ;-)

Advantage of closed source - HOSTS file

[recoiledsnake]

The advantage of Open Source is that you or anyone else can fix the software if/when security problems are found, whether in the OS, core libraries, network stack, or any Open Source applications. We are not dependent on the original developers to make any such fixes. I have done this a couple times in the past by fixing security issues in open source code before the developer fixes were available (I could have waited a day and got the developer fixes).

Advantage of closed source - you can edit the HOSTS file and be done instead of doing all that.

Re:Advantage of closed source - HOSTS file

Try again... Windows 8 does not honor the hosts file. Apparently there are too many contributers having their ads blocked via hosts.

Re:Advantage of closed source - HOSTS file

[Billly+Gates]

The advantage of Open Source is that you or anyone else can fix the software if/when security problems are found, whether in the OS, core libraries, network stack, or any Open Source applications. We are not dependent on the original developers to make any such fixes. I have done this a couple times in the past by fixing security issues in open source code before the developer fixes were available (I could have waited a day and got the developer fixes).

Advantage of closed source - you can edit the HOSTS file and be done instead of doing all that.

That is one of the reasons I run Windows 7. I am working on a pet project which I hope to turn into a business and have DNS address to my virtual Linux servers in my HOSTS file. Windows 8 ignores the hosts file and I do not want to put physical IP addresses in my source code for obvious reasons.

But, Linux at a kernel level does lack somethings Windows has for security like ASLR and I am not trolling here honestly, but I would also rely on a good AV package for Linux and not just a host file for security. Arstechnica.com 2 weeks ago mentioned a Linux banking trojan that only works on Linux. Why? Linux users feel invulnerable to viruses and do not take security precautions or run AV software! ouch.

to bad mac os is tied to limited and high cost sys

[Joe_Dragon]

to bad mac os is tied to limited and high cost systems the new mac pro does not even have slots and 2 video cards at base?

mac mini is to small

I don't like the other AIO's as well.

Laptops are high costs and hard to fix also can't do easy swapping of battery out as well.

Re:The next time you call FauxNews Sensationalisti

[FatdogHaiku]

I feel a comment from Sheldon Lee Cooper Ph.D should be heard at this point...
http://www.youtube.com/watch?v=eDdnAmEQf4A

Get a life moron.

The US government cannot be trusted, and that means US corporations cannot be trusted.

What the fuck does China have to do with it?

If you're worried about them yellow reds and insist this is a problem because all the chips are made by them and the boards assembled by them, then you have no choice but to not use TPM2.0 because *CHINA* is not to be trusted.

Ray of hope

[fritsd]

Luckily, the article shows a ray of hope, on the second page:

"(...) Laut Microsoft könnten die Hardware-Hersteller zudem durchaus Windows-Geräte bauen, in denen das TPM deaktiviert ist. Wer die volle Kontrolle über seinen Computer haben wolle, müsse eben ein solches Modell kaufen.

Falls die IT-Experten des Bundes keine solchen Geräte finden, die bezahlbar sind und auch sonst ihren Ansprüchen genügen, bleibt ihnen wohl nur der Weg, den zum Beispiel die Münchner Stadtverwaltung eingeschlagen hat. Auf deren Computern läuft ein Linux-Betriebssystem. Die schrittweise Umstellung von Windows auf Linux begann vor zehn Jahren und soll Ende 2013 abgeschlossen sein."

IOW this TPM 2.0 "default on at first boot" is not a problem as long as governments buy only computers with a trusted signed Linux kernel and system. Additional advantage is that it's cheaper.

German government too wordy.

[gestalt_n_pepper]

They could have just stopped at "Unacceptable."

Privacy issues

[jones_supa]

I think the Microsoft Account and related stuff is also quite bad privacy and security risk. Apparently 8.1 will send your searches to Microsoft in a similar way to Unity's "Amazon shopping lens". When enabled, the IE SmartScreen filter will send your browser URLs to MS. All sorts of little things here and there -- "would you like to send information to company X to improve our services". I suppose you can get rid of most of it by carefully unticking each buried checkbox, but it's getting increasingly hard to opt out of this kind of junk. What if I just want to be alerted about Patch Tuesday updates?

Re:"I like Windows - it's great!"... apk

[losfromla]

apk?
You forgot to log in. Seems hard to trust you'd deliver high quality software if you posted with such vigor while forgetting that important point. Is it really you? Or, are you impersonating someone and besmirching their name with idiotically formatted posts?

Link to original B.S.I. source

[fritsd]

If only there was somewhere that could explain what the article means without RTFA.

Here you go: it's a lot shorter, but it's still in German:
https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2013/Windows_TPM_Pl_21082013.html

It's more nuanced: the Bundesamt für Sicherheit in der Informationstechnik (B.S.I.) says it *doesn't* warn agains Microsoft Windows 8, it only warns the (German) government not to use Microsoft Windows 8 in certain scenarios on computer hardware with TPM 2.0:

"Hierzu erklärt das Bundesamt für Sicherheit in der Informationstechnik (BSI): Das BSI warnt weder die Öffentlichkeit, deutsche Unternehmen noch die Bundesverwaltung vor einem Einsatz von Windows 8. Das BSI sieht derzeit jedoch einige kritische Aspekte im Zusammenhang mit bestimmten Einsatzszenarien, in denen Windows 8 in Kombination mit einer Hardware betrieben wird, die über ein TPM 2.0 verfügt."

Then, they first say that you can go ahead and buy MS Windows 8 on a TPM computer, as long as you don't worry/care ("kümmern") about the security of that computer. (There must be use cases within national and other governments where it just doesn't matter so much that a computer is insecure).

In the next paragraph, If I read it correctly (German is not my first or second language), they warn against using MS Windows 8 on a TPM 2.0 computer in case where security is of value: for " die Bundesverwaltung und kritische Infrastrukturen", they warn for the dangers of D.O.S. attack and sabotage where both the hardware and software become unusable. You got to read it yourself if you don't like my crummy translation. Corrections welcome.

I interpret the end of the press message as: maybe one day there will be a TPM 3.0 spec with "(...) ein bewusstes Opt-In sowie die Möglichkeit eines späteren Opt-Outs (...)" and then the BSI would be happy again.

Re:The next time you call FauxNews Sensationalisti

[devent]

As a German I get regularly headaches when I'm watching Fox News or similar "news". The American news are like game shows, flashing light, CGI effects, running texts everywhere, cut screens, cut clips. It's like news for babies, like the assumed average concentration span is only 5 seconds of the viewers.

Trusted Hardware

[Froggels]

How long might it be before "trusted hardware" renders even [semi]-trusted operating systems such as Linux untrustworthy? Is this even an issue?

TPM ...

[ultrasawblade]

I played around with some of the Linux TPM tools on a Dell system.

Seems like all that it's meant to be is a way to sign stuff with a key locked to a machine that cannot be retrieved unless you know how to read the nonvolatile memory of the TPM chip.

The whole remote attestation crap is handled by something else, Intel's TXT being such an implementation I think. That would seem to be the feature you want to stay away from, or NICs that have an integrated TPM and I presume something with TXT also available ...

And on this system I could tell the TPM to create a new, revocable EK, which to my understanding is the "root" key in the whole TPM scheme.

I kinda like it. What's the big deal about the TPM other than I'm sure it has a hidden debug mode that reveals the EK to whoever the manufacturer wants to give that ability to.

Re:TPM ...

[tatman]

I feel that trusted hardware has more do with ensuring copyright holders that their intellectual property is not being violated. It takes control of hardware you bought and ensures it is used to the satisfaction of others. If I remember correctly, when TPM was mandated/implemented, it was a chip and could be removed. But windows would not install on the system. Linux distros would not install if the chip was on the motherboard (because it was prevented by the chip) until Linux got "the keys". The big deal is that you can't just use your hardware the way you want. It has to come from approved sources.

Re: Windows is an option today - not an requiremen

[unixisc]

It's GPL, so one should be able to remove the source code to any spyware and recompile it, right? Assuming that one knows what that is

Definition of "Quality"

[Zinho]

You must be using the industry definition of "Quality", i.e. compliance with quality standards like ISO 9001. Your comment reminds me of a business plan, "Monkey Maid Service", made by an engineer friend of mine:

Step 1: Purchase a supply of monkeys, monkey housing, and monkey chow from traceable sources, documenting the origins of every piece of material involved.
Step 2: Draft a standard process for "Performing maid service" using the monkeys purchased in step 1. If I recall correctly, his rough draft of this process included "dress the monkeys in French maid costumes, then release them in the house for the period of time specified in the contract".
Step 3: Have supervision in place to ensure work performance follows documented procedure, and record performance metrics (% monkeys dressed as French maids, deviation from contract time) for auditing purposes.
Step 4: Advertize the service as ISO 9001 compliant.*

If every can of Budweiser tasting the same is your definition of quality, then sure, it's a quality product. By the way, my friend has a maid service you may be interested in using after your next party.

*I've probably missed a few crucial 9001 compliance steps; quality geeks, please don't crucify me over that ;)

How Pathetic

[ThatsNotPudding]

If there ever are any rollbacks to NSA spying, it will be done not because of right and wrong or on Constitutional grounds, but merely due to the decline in fucking corporate profits.

In the boxing ring

[bytesex]

On the one side, you have hackers from everywhere, just aching to add your machine to their botnet (while ISPs just stand there, whistling, looking the other way), and on the other side, you have Microsoft behind whose back stands an ever more enabled US government, ready to copy your secrets 'for your own security, or that of the state'.

And you *must* choose. I say PJ had a point - that choice is just un-makeable.

Re: Windows is an option today - not an requiremen

Of course. Get back to us with what you find.

Re:The next time you call FauxNews Sensationalisti

[Darinbob]

Once the reprogramming has been completed the headaches will go away.

Re:The next time you call FauxNews Sensationalisti

[gweihir]

Indeed. Cretinization of a whole large population.

Funny thing

[marcosdumay]

With the Raspberry Pi, we got the start of the open ARM PCs. If Microsofts succeeds in closing the x86 ones, I don't think they'll get the expected result.

What do slots do?

[tepples]

the new mac pro does not even have slots

And the original iMac didn't have a floppy drive. What do slots do that Thunderbolt doesn't?

Re:What do slots do?

[Joe_Dragon]

more then pci-e X4 no $30 cables, no $600 Expansion Chassis.

Logical leaps

[WaffleMonster]

Perhaps it is the google translation but I don't understand the logic in the point being made by TFA.

I agree the world is better off without TPM or anything like it because it becomes too cheap and easy for opressive regimes to lock down computation to only approved operating systems modified to constantly monitor and snitch on the end users activities. There is also risk of PCs turning into lockdown hell that is smart phones and tablets.

Real world "secure boot" benefits to end users are questionable at best. With physical access all bets are off and an attacker could just as easily replace a motherboard as they could a disk drive.

The "freedom" arguments seem to be logically separate from trust argument being made..and this is the problem I don't understand how TPM negativly impacts trust in a vendor/OS.

It seems to me whether the operating system is booted secure or insecure you are still very much at the mercy of the underlying OS not to do shit behind your back contrary to your interests. This requires trust in the vendor and trust in the legal regime the vendor is bound by force to operate.

If you want to say MS is not trustworthy because of NSA fine. If you want to say MS is not trustworthy because it is Microsoft fine... But the TPM argument...I simply don't see the connection.

Re:The next time you call FauxNews Sensationalisti

[Rinikusu]

I was reading your comment and then OOOOH SHINY!

Re:The next time you call FauxNews Sensationalisti

[Rinikusu]

... Sigh.. the better joke: TL;DR

Mod parent +Insightful

[Burz]

But we might not have that choice in front of us today if MS had done its Windows (software, not hardware) security push a decade earlier. They allowed criminal organizations to become well established and resourceful.

Clarification...

[Burz]

"Another should be that if a novice user decides to try programming lots of high-level features using tools that came with the OS, they should be able to create a single executable file or appfolder that can be easily run on another system running the same platform without gotchas... ie a predictable runtime environment."

[ ] Click if you accept these terms and conditions

[eyenot]

So, let's look at this another way out.

By making this statement, the German government is informing the population of people they are legally/politically responsible for, the German people.

So, the German government can release themselves of any responsibility for what happens to you or your information if you're a German using Windows 8.

Does the headline read, "German government bans Windows 8 in Germany"? No.

So, this is similar to the President of the American Psychiatric Association stating to the press that the field of Psychiatry has no idea how psych meds work or what they really "do", that it's all theoretical. Though he stated this in context of an academic rebuttle on a loosely related subject, it was still a statement. And didn't the rate of class action lawsuits against the drug companies over the side effects of psych meds decline to the point where it's been awhile but new drugs are still coming out all the time? Or are we to believe the art was also, coincidentally, perfected at around the same time?

Now the German government is released from responsibility of what happens to you or your computer while you're using Windows 8.

But wait, there's more!

Not only could you no longer hold the German government responsible for protecting you while you use Windows 8 as a German citizen ... *gasp*!

You can't hold the German government responsible for what the German government does to or with your computer as a citizen of *any* country while you're using Windows 8, especially not if you dare to contact a server or client located somewhere in Germany!

Anything is malware-ridden

[tepples]

Android is malware ridden also!

So is GNU/Linux if you talk the end user into adding the wrong repository.

Popular web services that block mobile devices

[tepples]

most computers will be arm based iOS, Android, Chrome style devices.

This means most computers won't be able to access much of YouTube ("The content owner has not made this video available on mobile"), the free version of Spotify or Hulu, or much of Facebook (need a desktop computer to create a nickname, Page, or ad).

I HIT THE NAIL DIRECTLY

[drinkypoo]

Two trollmods for sharing facts with you. These facts must be important.

Re:Zeitgeist

[colinrichardday]

As far as I know, SuSE is still in Germany. Hence, its officers are subject to arrest in Germany.

Re:You didn't ignore me (lol, liar)

[cbiltcliffe]

Here - chew on these now - they're security advisories from a reputable & respectable enough source:

http://secunia.com/advisories/product/42761/

http://secunia.com/advisories/product/40664/

http://secunia.com/advisories/product/28234/

http://secunia.com/advisories/product/17543/

http://secunia.com/advisories/product/29592/

http://secunia.com/advisories/product/16896/

http://secunia.com/advisories/product/42480/

http://secunia.com/advisories/product/43263/

http://secunia.com/advisories/product/29809/

http://secunia.com/advisories/product/32977/

* QUESTION: How many unpatched security issues are there in those tools from Microsoft?

That's just great. Now how about these?

http://secunia.com/advisories/product/27467/

http://secunia.com/advisories/product/1175/

http://secunia.com/advisories/product/18255/

http://secunia.com/advisories/product/13223/

http://secunia.com/advisories/product/43073/

http://secunia.com/advisories/product/34591/

http://secunia.com/advisories/product/21625/

http://secunia.com/advisories/product/17277/

I think that the lesson here might be that if you're not on the very latest release of a Microsoft product, even if what you're running is still supported, you'll be low priority for security patches. Latest release gets patched promptly, but previous major release doesn't.

Re:The next time you call FauxNews Sensationalisti

[RockDoctor]

It's like news for babies, like the assumed average concentration span is only 5 seconds of the viewers.

When did that increase occur? Last time I looked at US-ian TV, 3 seconds was considered a long attention span.

Re: "I like Windows - it's great!"... apk

[Zero__Kelvin]

It is hard to take someone seriously who not only calls Linux bad for developing when every developer worth his salt knows it is far better, but then goes further to refer to game developing as if that is the gold standard. Obviously if you want to play games, toys are better for that, and Windows is where you want to stay. If you want to develop real software that actually serves a business purpose, Linux is far superior. Maybe you didn't know that the vast majority of the big name companies from Google and Facebook to Industrial Light and Magic use Linux these days. I don't know.