Slashdot Mirror
Hillis' virus solution: Limit OS Usage
robobabe writes "The NY Times today (free login) has a front page article on viruses. The article has a history of the origins of the terms in science fiction, and ends with an interview of Danny Hillis (Connection Machine founder). Hillis argues that the current vulnerability to attacks is due to running a single OS and that a solution is "no government agency should be allowed to run more than 34% of its personal computers on one proprietary operating system."
user: slashdot_effect pass: slashot
and i think user: cypherpunks pass: cypherpunks
Now that's scary. Micros~1 has indeed ruined computers forever.
I have a question about Word macro viruses: Where can I get more information about them? I know about several, but today one of my users came to me with a Word document that - when opened - popped a dialog that said "I think XX is a big jerk" (where "XX" are her initials.)
To me, this looks like a Word macro virus, since Word stores the user's initials and that should be easy for a macro to retrieve.
Any hints or suggestions?
May I guess that on relatively large sites different "IT"-people will manage different segments. And if your segment fails and your colleague's not then yes *you* will have problems *but* not your (probably smarter) colleague.
;-)
And that's called healthy concurrency...
BTW: NT SP3 and NT SP4 are different or not
M$ surely will say yes...
Multiple in this case equals "two".
Take the storage off the desktop and have it managed professionally, and viruses lose their power.
Same goes for applications. Ever hear of an Apache virus?
It's a fact ... other OSs ARE more secure than Windows. This does make it more difficult for virii to infect the system.
.... BUT unless security is a bit lax, the user could not damage others accounts, can't damage networked files and they probably can't even trash the OS on the machine on their own desk. The same goes for the virus.
... they can't cope with bloat, it damages both ease of development and infectiousness.
... and certainly NOT for opening unsolicited executable attachments to email ... the chance of macro or other simple viruses doing system damage is extremely limited.
... it's already there. You don't need to be non-mainstream to duck those virii. You just need a bit of security and windows just hasn't got enough.
Linux, other unixen and other OSs out there do at least have a bit of security built firmly into the OS. Windows does NOT have this. If you've access to the Windows machine, even as pleb user you can trash it completely. If you have access to a secure OS machine, you don't usually have the capability of damaging much but your own files.
When giving someone a unix account companys give people access to a part of the file system, printers, more
If the virus can't use the OS to cause damage it has to get MUCH more intelligent with machine and device dependant code and possibly even incorporating it's own drivers in order to access different parts of the system. Virii can't be written like this
Because root or superuser accounts are used sparingly
When someone gets a PC with Windows they are given the capability of trashing their own machine along with an easily configurable device which will happily serve most viruses needs. The virus running on this system is given a wide choice of OS calls with, in fairness, quite a limited set of security features.
Software doesn't need to be developed to combat "threats"
James.
In the business world, you will have software that is compatible across operating systems. Ie in IBM we mainly have Windows NT, 95, OS/2, and AIX (Unix). However, in order to work together, we all run Lotus Notes on our desktops as a common mail client. Thus meaning you could have a Notes virus, that could hit the whole company.
Businesses will always set up their information systems to be cross-compatible for productivity reasons, whatever OSes they are using. Otherwise, if people cannot share information, the whole point of the system is lost.
Dividing operating systems won't work; if /.
that were done, Microsoft would merely port
Visual Basic for Applications to all the other
platforms. Even if not Microsoft... any attempt
to develop a multiplatform language (e.g.
perl, java, autoconf,
every OS that ships with an ANSI C compiler,
etc.) can be used to develop a multiplatform
virus or trojan. Of course, text can be read,
but the vast majority of people aren't
programmers and wouldn't know to look in the
configure script for things that generate rm
-rf
Logons and properly security-restricted user
accounts won't work, either. You could still
get an e-mail virus that wipes all YOUR data,
even if it doesn't wipe the other users' or
the system. A business can lose money that way,
too.
Every other solution I've seen -- forcing
incompatible applications, incompatible file
formats, incompatible OSes, incompatible
networking -- does make things harder for
virographers, but it makes things harder for
ALL other programmers as well. Don't propose
things that punish the many for the crimes of
the few! We need something simple that will
render all viruses impotent.
I see only one solution, and two ways to
implement it.
1. Regular backups. In fact, automatic backups.
If you're a government or a business, it might
be nice to have WORM media always logging
everything you do. The result? Total, perfect
undo. You could undo all the way back to when
you got this system installed, then selectively
redo, omitting the virus installation. You could
encrypt the log, if privacy is a value. No
virus could harm you. NOBODY can erase a WORM
disk!
(This is also why it's nice to buy or burn CDs.)
2. The biggest mistake any OS makes is giving
any program all the permissions of its user.
This is unsafe for the user in question, even if
it is safe for other users and the OS. Obviously,
not all programs can be trusted in such a way.
Running every program in a sandbox, even
automatically, would be a major pain -- but
if you could not afford WORM logs, or your OS
didn't support it, you could sort of simulate it
with sandboxes.
-- an Ayn-onymous coward
To all webmaster:
It's no cookies or it's no hits. Your choice.
- Privacy is king
Nobody has even thought about the cost to this stupid idea. Triple the # of OS's, and you're going to triple your administration/training costs. If the US gov't were to do this, expect your taxes to take a pretty big jump. It makes much more sense to just be smart with what you have. Keep important stuff on backed-up, redundant servers. Don't have trusted domains, etc. Security is easy to implement. No need to spend a mint and give everybody headaches to do it.
Now that NYTimes is responding I can see they're saying we need OS diversity to combat these virii. What would be much better IMHO would be to scrap these insecure single-user OSs (i.e. __________ you fill it in >;) ) which allow the rapid spread of these trivially easy macro virii. :)
... only joking ... a bit.
... but these macro viruses are so trivially easy to make it's just scary. I think we should at least give these bored malcontents a bit more of a challenge. If they've got to get around a secure system it should at least give them less time or perhaps a better alibi for other anti-social behaviour they're normally accused of.
... in unix how can it access files the user can't?
:)
... I suppose to actually release a virus you would have to be a bit malicious/malcontented. Okay, malcontented, yeah.
Alright
I know unix/other(not windoze) security is of course not insurmountable
If a virus wants to get outside a user account in Linux it then has to get much more specific. Think
1. a security hole in the OS
2. it's own file system code (including drivers), OR assumptions about OS
3. ? any ? more ?
So the malcontent has to start writing virii targeted at a much smaller market. Targetted at specific holes in specific versions of OSs. Hard to get in there. Targetted directly at OSs and/or CPUs. This can only be good.
I must agree that it _would_ be possible to take linux, one of the small distributions, hack it down to a tiny version, add a bit of self reproduction and by distributing itself as source code, recompiling itself on each target machine and deploying on every machine it can access you would probably have quite an effective and scary linux virus. Any volunteers to get this project started >;)
But there is still the problem of distribution though. How to actually infect everyone. Even if Linux is/was a huge mainstream OS with millions of plebian users then would this work well enough. I must think on it.
If any linux people had the time they should experiment with their own linux virii development but NOT deployment in the hope pre-empting malcontent virii and beefing up security and anti-virus aspects of Linux. Hmmmm, probably better if this was NOT an open source project.
Hmmm, are they malcontents? Dunno about that
James.
Think about this though. If you write a program and spent a lot of time on it, and somebody finds out it's got a bug that prevented them from saving a large document and they lost it, should you be sued? If the industry worked like this, nobody would program anything out of fear of being sued by some litigous clown. The problem with Windows is that it tries so desparately to maintain compatibility with older versions and MS-DOS, that security holes like memory protection and the like just can't be fixed properly without a complete rewrite which blows the compatibility as well (read: NT). You do have a choice of OS's to use though and the best way to voice your concern is simply not use Windows. For most mainstream appliciations (word processing, database, image manipulation, etc) there is an alternative available for most any OS, be it Unix/Linux, MacOS, or whatever. The more people that do this, the better the marketshare will be for that OS and thus more apps as well. Remember, the cream always rises to the top, but it may just take some time. Who knows, maybe the threat of Linux will force MS to come up with a stable, secure OS in the future!
-Lord Crass
The OS security (or lack thereof) has had no effect on the latest type of virii. These depend upon social engineering (getting an email from a friend) that causes the stupid user to run an attached virus (for Mellisa, this was a macro virus; for this new one, it's an executable). People running arbitrary code on their machines *will* get burnt. It doesn't matter how good your OS security is.
I think the word you're looking for is "heterogeneous", not homogeneous. Homo is latin (or greek?) for "same".
Sure, diversity helps protect against attacks. The Morris worm was most effective against Sun workstations, for example.
But in organizations, standardizing upon one system solves a whole slew of problems and reduces costs. Interoperability issues go away, training is simplified (and you don't have to retrain employees just because they change groups), costs of software go down because you can buy licenses in bulk, etc.
My guess is that the cost of dealing with the occasional virus is far less than the savings gained from having a standard OS on employee desktops. Training users not to run random binaries or macros is the right solution.
http:/ /www.techserver.com/noframes/story/0,2294,59187-94 348-654243-0,00.html
...well, fsck, it's got to be true!
Sigh... virus and worms and other such thinks are not the sole monopoly of the Wintel cartel. That which makes things easy and convient tends to become a target. Beware my fellow OSSians; we're next. It is, after all, as inevitable as total world domination.
On the other hand, the more OS' are in active use, the more competition will drive the OS' to increase security. Also, running multiple OS' will drive users towards using standard protocols rather than proprietary OS-specific protocols, and those protocols tend to have been more carefully designed to be secure.
So we'd have just as bad a problem with destructive virii if 95% of the computers out there were running Linux? I think not!
The problem is not that everybody is running the same OS. The problem is that the OS they are running is a DOS-derived kludge, whose original architecture never anticipated it being connected to a network! Add that to MICROS~1's notorious bad choice of defaults, and their monolithic integrating of products (they actually think it's a good idea to let any VBscript read files on your disk, or to let Excel macros send email without human intervention!) Also, the closed source, little-or-no peer review, release only when we can charge more money for bug fixes development model used by MICROS~1 virtually guarantees that new security holes will constantly be discovered.
In short, if the OS that everybody was using was better designed, it wouldn't matter that everybody was using the same OS.
EDUCATE THE USERS! Users have no business whatsoever sending executables to others which is traditionally how viruses spread. Teach them how to turn off those options which facilitate this madness. If you're going to stick an idiot in front of a computer, you had better damned well make sure that computer is idiot proof, or these problems will continue to happen. Make something idiot proof, and someone will invent a better idiot.
EDUCATE THE USERS! Users have no business whatsoever sending executables to others which is traditionally how viruses spread. Teach them how to turn off those options which facilitate this madness. If you're going to stick an idiot in front of a computer, you had better damned well make sure that computer is idiot proof, or these problems will continue to happen.
Sorry to rain on your parade, but is it really fair or necessary to call all people who aren't computer saavy or who use computers as a means to an end idiots?? We don't see physicists calling people who don't understand special relativity idiots, and we don't see accountants insulting people who aren't well versed in the tax code (in fact those people are their clients, it would be self-defeating to insult their lack of knowledge).
So, lay off of calling people "idiots" and "progammer drones" just because they don't know as much as you do. Instead, help them and teach them a thing or two. You're right on about education. Teach them how to avoid viruses. I'm sure they don't want to see their work flushed down the toilet as much as you don't want to see yours vanish.
When installed from scratch, the default file system (FAT) doesn't even allow for the possibility of security (ACLs), you have to convert to NTFS, and at that point, all the ACLs are blank and wide open.
:(
NTFS is the default file system on NT server. When you install under NTFS, NT setup applies a reasonable set of ACLS for you. When you install under FAT and convert to NTFS manually later on, you have to apply the ACLs yourself
Cheers
Alastair
There are ALWAYS bugs.. period. You can't test every interaction, platform, configuration or phase of the moon. It's just not possible.
-Nic
Interesting argument. But...
...in the real world, you need to consider that most of the users on a network are not geeks, but would, when faced with the prospect of selecting a mail/web/news client undergo a nervous breakdown.
Therefore, someone needs to decide (for better or worse) what the policy in the way of client software applications will be.
Most of the time the only training an end-user needs is to undertake are the standard uses of a mail/web/news client.
IMHO something like Netscape and Notes(for example) are good because they function much the same way on any OS.
Regards,
*BSD Weenie
--Another one bytes the M$.
Interesting argument. But...
...in the real world, you need to consider that most of the users on a network are not geeks,
Sure - so say something like "Those that want help, training, or any support in this company, have to use standard product z. Those few geeks who want to do their own installation/admin use whatever they want, but won't be allowed more time for administration than we use on a standard workstation."
A simple, best-for-all solution. The inevitable few geeks will be happy, but there's more: They will be testing various other systems which is very useful when time comes to re-evaluate what the standard should be. And there will be at least a few working workstations even if a virus takes out the standard platform.
that's not enought. outlook and co. is asking whether to run or not so definite solution is ONLY education.
:-)
.exe and .doc files.
Give them a mail reader that don't handle attachments in a user friendly way, i.e. the only option is "unattach". The dumb ones won't figure out this, they'll have a harder time finding the file afterwards, executing it would be even worse.
Attatchments is something the "dumber" users don't have much use for. No - they don't need to mail their word documents either. They can paste the text into the mail program instead. This would offload the mail servers too
For max security, use a mail server that strip off attachments, particularly
Unfortunately, it is the antithesis of what Richard Stallman, and other radical supporters of Linux Uber Alles, seem to want. Stallman's "GNU Manifesto" specificially states that a goal of software created under the GNU General Public License is to eliminate competition -- or, in the words of Eric Raymond, achieve "total world domination."
This would, of course, make the world as dangerous a place as one dominated exclusively by Microsoft. One serious security glitch -- one nasty bug that can be exploited maliciously -- and the entire house of cards can come tumbling down.
The best way to ensure diversity is to encourage competition. Perhaps it's time to publish code that many vendors can re-use in their own products, rather than preventing commercial re-use by licensing it under the GPL. Other licensing schemes, such as the MIT X license and the BSD license, are far more appropriate for open source software, and have been shown to foster great diversity. Ultimately, the unwarranted spite and malevolence toward commercial businesses that's embodied in the GPL could hurt us all. Let's change course now before that happens.
--Brett Glass
That's why you don't give them root. It's the most rediculous concept in the world, that the two "easiest" OS actually force all users to have root, or (in the case of NT) at least far more permission than they can handle.
Actually, Danny Hillis didn't suggest that policy as a solution, Art Amolsch, editor of FTC Watch, did.
Well, there was bliss, but that was kind of cheap -- you still needed root permissions. It's doubtful that we'll see any unix virii capable of smashing the stack on their own, as long as code remains open enough that people can nitpick out the simple things (overflows, etc).
;)
Really, the problem with UNIX-style OSes are DOS (denial of service) attacks, which generally don't harm the box -- they just render it useless to the outside world. Which isn't to say this can't be done to any other OS, of course.
>to run more than 34 percent of its personal computers
>on one proprietary operating system by a date certain," he said.
So then if the government was using any open OS then they could be running 100% of one OS? With an open OS this makes much more sense... all the bugs found are quickly patched... Might this mean that the government might start leaning towards open OSes?
The point is that a virus/worm could do rm -rf / on a UNIX system too, deleting everything, even if it was run as a user. All it has to do is exploit one of the many security holes in suid root programs. Once the virus/worm gets itself root access, your "security" is worthless.
And don't tell me there aren't security holes. Ever taken a look at rootshell.org? Every time one is fixed, 5 more pop up.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
The security of unix does a huge amount to limit the damage of the virus/worm. instead of doing the equivalent of "find . -name '*.xls' -exec rm {} \;", what prevented the author of the latest worm from doing the equivalent of "rm -rf /"? On a windows 95/98 system, any user can execute that command and destroy the system. On unix, if one user is compromised, he can only delete his stuff. That is why you shouldn't run as root, even if you are on a single user system.
Also, if virus writers only attack systems with large market shares, why didn't they write virii to disable sendmail, which handles most of the e-mail on the internet (maybe they did, I don't know)? How about a virus to disable apache web servers. You could disable more than half the internet's web sites (estimate depending on the quality of the sampling done by netcraft).
Maybe I don't know the mind of the typical script kiddie, but I wonder what the real reason for virii is. Is it just the recognition factor (like the egoboo of Linux development), or the knowledge that you crashed machines (because I'm sure the writers would not want to be recognized and caught)?
Posted by beer4me:
First of all, there is the old problem of keeping all your eggs in one basket; Sure, splitting to 3 different os's will reduce the impact of a single type of attack, but it will triple the chances of a smaller attack, and in the gov't, that's not a good thing.
Not to mention the administrative headache that would be. Between having to integrate different OS's, to getting 3 licences for each piece of software you want to run company-wide, to people changing OS's all the time, because some new guy comes in that only knows 95, it's just not worth the hastle... --A good thought, and if this guy wants to do it for his company, that's fine, but let's not push the issue on others.
Posted by Lord Kano-The Gangster Of Love:
I think you miss the point. OS diversity in and of itself is a form of protection. Worms/Virii/Trojans that affect win/32 will not hamper un*x. Ones that target un*x can't hurt a Mac. Malicious code that targets Mac will leave a Be system unscathed. This is the point.
No one piece of code can disable an entire network when there is diversity. Maybe 34% of your machines will go down and as bad as that is, it's still better than 95%+ of your machines going down.
Here, where I work, for example I have a Mac on my desk, but in the back room I have Linux and NT servers that I administrate. I can remain (fairly) confident that nothing short of an environmental disaster (be it large or small) will take down all of the machines that I am responsible for.
LK
Posted by Lord Kano-The Gangster Of Love:
Who determines what is "business related"? Even if it is deemed by the priests in the Ivory Tower to be "business related" things can still slip through by accident. I recieved an e-mail mack in march from one of my suppliers that was infected with a MacroVirus. It was a Pricelist, most definately business related. Fortunately, I was procrastinating and never opened the file. But then again I have a Mac, so only MS Office apps would have been effected.
LK
Posted by Mary CW:
I disagree with the various comments about how the virus problem would be solved if those "stupid lazy" users would just do as they're told.
One great truth about human civilization: Every existing problem would be solved if people would just do what they're "supposed" to do. But they don't. For various perfectly good reasons. Just because people don't behave the way you think they should, doesn't make them dumber than you.
Human (incl tech) systems need to be designed with the expectation that people will NOT do what they're "supposed" to do. That's reality.
So, yes, education is good, but you can't shrug off the problem as being totally the fault of "those dummies." People don't like this when their government, bosses, or teachers say it to them -- why should they like it any better when IT guys say it to them?
Posted by Lord Kano-The Gangster Of Love:
Blame M$. VBA being incorporated into office apps is a gaping security hole. I need excel macros for doing the math on orders. If I were using a Windoze box I'd be screwed. I can handle a macro virus on the Mac because in my situation it would be confined to excel documents. If I were using win9x I'd have to be concerned with everything from my word processor to Outlook...
LK
As a Unix admin for over a decade, this is the one thing that has most boggled my mind about WNT since I've had it inflicted on me in the last year: almost no attention is paid to file system security. When installed from scratch, the default file system (FAT) doesn't even allow for the possibility of security (ACLs), you have to convert to NTFS, and at that point, all the ACLs are blank and wide open. This makes negative sense to me.
Mashed potatoes can be your friends!
Latin day is dies (accusative case diem), so your neologism mean something more like
"My opinions are my own, and I've got *lots* of them!"
First, I think that the frequent problems with viruses are due to places that rely strongly on WinNT/9x, rather than Unixes. (I know there are Unix viruses, but if you are a script kiddie, who are you going to have more fun putting out of commission - a thousand or a billion users?) Worksites that, in general, are unix-run tend to be more secure to virus and other hacks than NT places, only because that unix admin are that much more diligent.
You wonder how people can run unauthorized code without having the source. Again, we're talking Windows-run shops, not unix. Additionally, when I buy Office or Quake from the vendor, I don't have the source, can I trust this code? There *is* a certain degree of trust that vendor-supplied software is virus-free, but....
About pgp-trusted mail: I'm only speaking when it comes to the attachments. Additionally, I'd expect, *especially* in the gov't, that the email is for work-purposes only (even though I know this is naive), and thus, I should only be trusting of attachments that come from my PGP-identified coworkers. The key thing is that unless you've stupidly enabled such an option, the end user *HAS* to initiate the program that launches the virus; just getting does nothing.
About the sysadmin: Yes, more than likely, a virus will go unnoticed until it's too late. However, with both Melissa and Zip.Explorer, *BOTH* were warned about on news.com, here, and other sites that specilize in such info. Yet, the *NEXT* day, the problems got worse. Understandable, there is some lag in the news, but this can be measured in hours with a diligent sysop. If this was truely the case, these problems would not have been as severe. If 100% realiablity and functionality of your systems are required, and your sysadmins are pushed to the bone above and beyond such that virus warnings cannot be monitored, then it would make sense to just hire another sysop for this security, and spend the extra $100k a year compared to the millions lost by the system failure.
About backups: Yes, the backup might be infected, but who doesn't, when restoring from a wipe or crash, doesn't rerun a virus scan on just recovered backup files ? (Again, a virus cannot launch itself by itself). Then, of course, backup again with the clean system.
However, I strongly stand by education at the key way to defeat these viruses. Neither Melissa or Zip.Explorer would have done as much harm if the users were smart enough not to initialize them.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
I can tell that this 34% is going to get a very
strong slam here today, so instead, let's actually
look at the *REAL* solutions:
- Teach users what email is (including basics of email, including POP, IMAP, MIME, and sendmail & friends at a very basic level so they known how their mail gets routed. Teach users that opening an attachment on an insecure OS is asking for trouble, and should never be done unless the source is absolutely trustworthy... which leads to...
- Using PGP/GPG or other secure identification methods to be able to trust the validity of the mail. Just because it's from a co-worker doesn't necessarily mean it's legit.
(These two stand out only because the latest big virii have been email ones, not that this is the only route)...
- Make sure all installations that require it have a quality and up-to-date virus program.
- Have the sysadmin be diligent about reading the various virii advisory lists and visiting the web sites of the makers of the virii programs on a daily basis. I've yet to see any major virii come out (at least in the states) and not have a virus eliminator or such within a 24hr day.
- Um, backup frequently and often. A virus may just eventually get through, but a virii can't do damage to tape backup, only possibly reside on there.
The situation with virii today is that we have a bunch of lusers running around thinking they know everything but end up in these situations, *and* because we have lazy sysops in many places. Fixing both these problems would cost *much* less than reequipping gov't offices with up to 66% in new computers, as opposed to just simple training and effective sysopping.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
Woops, got that wrong. :)
--
Ben Kosse
Remember Ed Curry!
If X percent of your users have a given system, than only X percent of your whole system can go down.
Now, this would necessitate the use of open standard or at least multiplatform systems (e.g. StarOffice or *god forbid* pure HTML for word processing).
I don't see too much difficulty sharing documents with that type of issue in place.
--
Ben Kosse
Remember Ed Curry!
"Homogenous" isn't a word in general usage; it's a biological term. The words people are probably thinking of are "homogenized" and "homogeneous".
:)
"Homogenized" means "blended into a uniform mixture". Milk that has been homogenized will not separate into milk and cream.
"Homogeneous" means "all of one kind".
"Heterogeneous" is the opposite of "homogeneous" and means "consisting of dissimilar or diverse ingredients or constituents".
Hence, for operating systems at a site to be homogenized would mean that regardless of their different origin, they were indistinguishably and inseparably mixed together. This might be accomplished by having a common user interface. A site with Windows and Linux systems, where both were running Netscape Navigator and StarOffice and the Linux systems were running fvwm95, might be the beginning of a homogenized site.
For operating systems to be homogeneous would mean for them to all be the same in origin and appearance. An all-Windows site is homogeneous.
And a heterogeneous site would be one which had diverse, clearly distinct, yet intermixed systems -- for instance, one where Linux, Windows, Unix, and MacOS systems all shared data over common protocols.
IMHO, a heterogeneous site is a much better approach than a homogenized or a homogeneous one.
Maybe I don't know the mind of the typical script kiddie, but I wonder what the real reason for virii is. Is it just the recognition factor (like the egoboo of Linux development), or the knowledge that you crashed machines (because I'm sure the writers would not want to be recognized and caught)?
:-). that is why I did it. I didn't have destructive payloads but I could have easily done a drive scribble every time the user went to get a directory listing and a file had a "q" in it. Or opened a .wp5 file.
Actually it's neither... at least not for me. I used to be one (back when I was a teeny-bopper) and I did it just to see if I could manipulate DOS on the level that DOS manipulated itself. I directly played with MCBs to grow the last allocated block of memory to hide in. I discovered that if you followed the last MCB (theoretically the end of memory) you were in high memory. In fact, that's exactly what LH did: it changed the last MCB to a link rather than an end and you suddenly found yourself a chunk of memory in HMA. I intercepted int13h and int21h calls. I intercepted DOS calls to change interrupt vectors to link myself in and then set up timer interrupts to make sure I didn't get taken out of the loop by direct access to 0:0. I intercepted int03h and wrote code that would detect debugger activity. I wrote virii that occupied memory but couldn't be found through normal means. I wrote a stupid little TSR that caused the drive to do a complete end-to-end seek before it wrote any block of data. I wrote virii that attempted to go out and intecept other virii. Christ, it was the thrill of manipulating a machine without the user knowing what I was doing because I could do it quickly and unnoticeably (well, except for the seek thing
From my studies I wrote a few little utilities. One told DOS to allocate according to "best fit" or "last fit" instead of the default "first fit" algorithm. I wrote a little MCB follower that told you what was where and whether it was a device driver or other program. Another was a program that allowed access to HMA regardless of LH being called before.
I did it because it was fun and becuase I learned more about how DOS worked than I could ever learn from any book or class or other means.
I have seen quite a few ways of dealing with this, none of which has really worked. And most of which are expensive and time consuming - to deal with a problem that MS created! /mnt/c/windows.
Our approach goes something like this.
PCs - general on Ghost or BootP so they are instant cleaned.
Email - using twig - and planning to write simple virus blocking software to it - so we can ban known virus before they get in.
Web Proxy with known virus files blocked.
User education - it helps but dont rely on it!
Moving away from MS - this is an aim, but not a reality yet, when all the core apps are ready on Linux, we will have a very strong case - eg. graphics, 3d, midi(compose). We are close but not quite ready to say rm
Hong Kong Linux Center home of squidblock, and other cool stuff
Hm, I was just reading about Hillis' work in a genetic algorithms book when this was posted. Talk about coincidence.
The article also mentions Dawkins. I've been doing some alife reading lately and they're both in there.
Of course virii/worms have great alife analogies.
--
Marc A. Lepage
Software Developer
Think about this though. If you write a program and spent a lot of time on it, and somebody finds out it's got a bug that prevented them from saving a large document and they lost it, should you be sued?
Absolutely. If there is a bug that was due to clear negligence on the part of the programming/QA team then they should be held responsible. At very least you should have to obtain a signed disclaimer of warranty if you want to sell software without the legal protection.
If the industry worked like this, nobody would program anything out of fear of being sued by some litigous clown.
While I agree that some limits (Perhaps only actual damages etc.) would be in order, the system now is terrible since it shifts the cost for bad software to the user. If the cost of bad software were on the hands of the programmer, then less software would be written, but the software that was written would be of far greater quality. I'm tired of the notion that software is impossible to get right since there are so many variables. Civil Engineering in Los Angeles is difficult too, but an engineer that negligently designed a bridge that collapsed in an earthquake would be sued. Engineers have malpractice insurance, perhaps programmers should get it too.
You seem to have support in the legislative system. UCITA threatens to make it trivially easy for a company to produce software that does not work even as claimed in advertising or documentation, and as long as he disclaims the warranty on shrinkwrap, the user has no legal recourse.
--
"L'IT c'est moi!"
Second of all, you mean "viruses". "Virii" is not a word. Details available upon request.
OK, I'll bite. Why is virii not a proper plural of virus.
--
"L'IT c'est moi!"
These all are valid and have their place. I think that most users have no need to run any executable that is not provided by their network adminstrator. Those that do are probably intelligent enough to take reasonable precautions.
Hence the following precautions would be reasonable:
Clearly, well designed OSes and programs are essential for any solution to work and infinite undo is great for other reasons, but it is important to change our view of the OS and realize that most users in a business setting do not need, nor should they have, full access to a general use OS.
--
"L'IT c'est moi!"
I see that you answered it already
--
"L'IT c'est moi!"
I'm not sure how Art Amolsh expects OS diversity would help things. Essentially right now the other OSes are somewhat safer from viral or worm attacks than other OSes. Not necessarily by design or the capabilities of the operating system, but by having a small market share. The wastes of flesh who code these things target Windows systems because they can then nail greater than 90% of the systems with knowledge of one code base. If other systems were more popular more virii and worms would appear for them as well.
In order to really use diversity to hamper the spread of worms and virii you'd have to go to much wider extremes anyway. Not only would you have to have different operating systems, but users would have to use a variety of different packages for storing information complete with different file formats. Of course that would diminish the benefits of having a shared network: interchange of information would now be much more difficult.
In reality until software is developed which can detect and respond to software threats autonomously people will always be susceptible to the whims of worm and virii coders. You can minimize the risk somewhat by using a robust OS or a non-mainstream OS. Once that OS becomes mainstream you've lost the 'protection'.
I used the word "monoculture" in my response to the Linux: Look Before You Leap article. Glad to see that the consequences have been raised here. Now let's see if someone comes up with an article containing Serendipity.
"Here's a better rule - simply strip binary attachments from email automatically on the mail server"
Communication systems exist so that people ("users", or in other words the people who pay the bills) can communicate. Solutions which destroy the capability of the system to communicate, for the convenience of the system administrator, will be rejected by the user (that is, customer) base.
Yes, I know the pain-in-the-ass consequences of the above statement: I have been doing this kind of work for 12 years. But (IMHO) that's reality and we have to deal with it.
sPh
what makes you think the operating system will become an irrelevant concept? That doesn't seem possible
This isn't about OS diversity, or the biological nature of machines, it's about Windows 9x being a buggy hack of dos. Funnily enough, that means it doesn't have a security model. On any other decent OS (I think I'll even include NT in this), what 9x users consider a virus would first be considered a root expoit or DOS attack. You'd notice there still seem to be alot of those, but they are due to minor patchable flaws in the design of software, not major flaws in the design of the OS.
Virii will really be solved when everyone moves to an OS (be it WinNT Consumer 2010, linux, etc..) that actually has some internal permissions-type safeguards against, say, random writes to the HD.
There's no mystical energy field that controls my destiny. It's all a lot of simple tricks and nonsense.
like repeatedly lost work because of error in system? (not necessarily virus :)
hany
people have to know that running untrusted code is like signing something they did not read!!!
hany
the problem with "the one" (call it that way - do not want to advertise :) OS is that making it "multiuser" (i.e. splitting things into "root/admin" and "user") broke almost whole system - nothing will work; it'll take a lot of time and work to get it to the same usability as before this "secure patch"
hany
This has been explained too often already so I won't bother.
--
Fuck the system? Nah, you might catch something.
The problem is *not* that they use a single OS, but that they use a *single-user* OS. Ever since I started using Linux, the concept of single-user OS seems totaly stupid to me, esp. in a company or government agency. It's kinda like running every single application as root.
The key to defeating viruses is not in limiting the percentage of machines running a particular OS, but in limiting user's permissions. Not only is it an excelent way to get rid of any virus problem, but also a great way to prevent stupid users from doing stupid thing, subsequently cutting on support costs.
This is guaranteed to solve 90% of the problems, and frequent backup will solve the remaining 10%.
I haven't heard of any Linux viruses, btw... I know there are troyans, but they are harmless unless ran by root.
___
If you think big enough, you'll never have to do it.
It would be very, very difficult to write a virus which would simultaneously damage a Win95 PC, a Solaris/Sparc box, a BeBox and an MVS mainframe. It would get insanely more difficult to damage all the different OSes there on all the different chips, somehow choosing the right bugs in each OS version to exploit to get privileges to do anything.
This isn't a matter of virus writers being dumb. It's a matter of the problem being nigh impossible. After all, how many apps do you know which can use the _same binary_ on all the different platforms around? And people actually want to run them....
I could be wrong here, but I was under the impression that PocketWord that comes with WinCE is more akin to WordPad with a spell-checker, and doesn't have any of the more "advanced" "features" of Word, such as macros and what-not.
I've no first-hand experience with WinCE (I've got a Psion 5), but everything I've read has bemoaned the dearth of features in all the WinCE "Pocket" applications.
Well, while your argument holds for most virii, it does not hold for this explorer.worm thing. Let's go quickly through it's behavioral patterns:
...).
/var/run :-)
...
...)
- It comes in an attachment. Well, I also use attachments under linux, and have done that for years.
- Clicking on that attachment automatically performs an action based on file type. Hmmm, most advanced graphical mail programs do that under linux (xfmail, kmail, netscape mail,
- It goes through the users hard disk drives and wipes out all productivity related files. Well, while most of my file system under linux can not be hit by a normal user, most of a user's productivity related files do indeed sit in his/her home directory, which is writable by that user. Or at least I can't remember the last time when I put a Starwriter document in
- It catches all incoming mails and automatically replies to every one with a delayed response. This is no problem whatsoever under UNIX and linux. Everyone with basic knowledge in system programming could hack such a thing within a few days (or probably less).
I fail to see one action in this list that requires root privileges. Ok, you could wipe out only your own files and not everybody elses, but since this worm/virus spreads around via email and I get emails from my friends and coworkers all the time, it would barely make a difference
And I hope you do not suggest that people run a process viewer at all times and check every minute whether there is a daemon running that shouldn't be there. As linux installations get easier to install and more and more people with very little computer knowledge use linux regularly, you simply can't expect that (it would even be a pain for experienced users).
I do agree that well written multi user OSs can prevent a lot of trouble and stop a large number of really lame virii from spreading around. But they are definitely not a siver bullet. Combine that with the fact, that many users hate the multi user concept and circumvent it where possible (I know lots of people who run NT always as admins to avoid lame permission problems. And look in the average linux news group and count the newbee posts with sender root@localhost
Cheers
Rudi
PS: The reason why there have been so few linux virii in the past is because linux is not on everybody's sh*t list. Most people with more than average computer knowledge despise Microsoft and their products (although they might use them at work and thereby gain programming knowledge under Windows) and I could assume that it is considered cool in certain misguided communities to write virii that trash a Windows box. I can hardly believe anyone would get peer recognition for writing a virus/worm that shreds a linux lab and takes down www.linux.org.
Hear hear! I agree. I have spent time explaining to people that the recent virus problem is with MS's OS and tools, and not with the virus programmers that the FBI is enjoying a major publicity-stunt/witch-hunt over.
It's hard to get people to understand that perhaps a word processing macro should not be able to modify your system registry. It seems common sense to me.
A segment failing isn't always because of a lack in management, but many times lies in fault of users on the segment.
BTW: NT SP3 and NT SP4 are different and why would microsoft imply there was a difference if there wasn't, not like they sell the 30 some odd meg service pack that you use their bandwidth to download for free.
matguy
Net. Admin.
matguy(.com)
If 34% of my computers that I manage went down due to a virus I'm reletively sure I would still have a major problem, and I'm no government agency by far. As I now think about it what would we have to do to justify different os's, do different distributions of Linux count?
matguy
Net. Admin.
matguy(.com)
Educating the users is nice in theory, but almost impossible in practice. I deal with this constantly. I had a scene which was amazingly like a uf cartoon. She was convinced that the OS at her previous job was "Gateway 2000" and Netscape was their ISP. All I could do was smile, nod, and say "Oh yeah! I've worked on those before". And we all also know that any jerk-off who has bought a Packard Bell at CompUSA and managed to get it on the internet is an expert now and can tell you how you should fix problems. You cannot tell this kind of user how not to use email. They know better.
One of the main education issues I can see is the same faith that some people put in the government they put into Microsoft (microsoft.gov? who knows). Microsoft is in the media the same way the white house is. They can spin stories just as well as the Clintons can. Trying to tell your average user that GUIDs and sending personal data through the Windows 98 Update Wizard is bad is like trying to tell media zombies that the internet and quake do not make kids go bonkers with weapons.
Basically, I think all of us who admin Windows machines have a massive challenge as far as this goes. I can rant about it until I lose my voice around here, but heh, I'm just the long haired weirdo geek in the back room with the servers that run that other OS. What does he know.
Seems to me that one of the weakest points in the whole thing is the fact that most computer systems are monolithic. Even SMP is still modelled after a monolithic machine. What we need is multiple independent machines coexisting in the same memory space and able to run checks and balances on each other. This has the added benefit of being able to run multiple platform apps in their native format. Seems to me that this type of watchdog system would prevent a lot of lower level crap that the current systems allow. A cooperative file system based on a server metaphor would allow only authorized access and it could be that programs were allowed certain rights upon initial execution (which is what the encryption stuff I'm working on now enforces)And I mean at the level of a specific Word Macro, not ALL Word Macros. Most people would do fine with this since once something is installed and loaded, it would have the rights it needed and wouldn't be any different than today.
I wish people would quit posting links to these logon news services. There is no way in Hell am I going to fill out their demographics survey so they can target me with more advertising.
I havent had time to make sure thay have detailed info on macro viruses, but they have some..
http://www.sarc.com/
http://www.av.ibm.com/current/FrontPage/
http://www.cert.org/
http://www.avertlabs.com/
all of these are commercial with the exception of CERT, who I recomend as a good resouces to watch. Usually, when they say somethings up, it is, though they are abit slower than the vendors. Have fun.
Quick pointer (I wrote this a few days ago when the story was on slashdot).
http://slashdot.org/co mments.pl?sid=99/06/10/2319242&cid=242
We need a homogeneous mix of Platforms, OSes, Applications.
Each of these should use well documented open protocols to communicate with each other, so they all do the same things, but in different ways.
Diversity, it's how nature does it.
Consider a live, naturally-evolved plant. It can't be too picky about the kind of soil it's planted in, the temperature of its surroundings, the amount of sunlight it gets each day, the amount of rain that falls on it, the chemical content of the rain, etc. It has to convert whatever resources it has available into forms of matter and energy that it can use for growth, reproduction, and defense against predators.
Since it's competing with other plants for survival, it has to make engineering trade-offs. For example, a plant may secrete a bad-tasting chemical, protecting it from predators -- but the raw materials for that chemical may restrict the plant to certain soil chemistries, or the extra energy necessary to produce it may restrict it to environments with a certain minimal level of sunlight.
By contrast, our computers are designed to "live" in a tightly controlled environment. If a CPU is running a binary program, and comes across an instruction that makes no sense, it doesn't have to try "digesting" the program into a more sensible form. If a network router gets a packet with a syntactically incorrect header, it doesn't have to send the packet any farther.
Security-related protocols add to the level of control; they are filters between sensitive and untrusted parts of a computer system. Since our computers "live" off of electricity, not programs, they can be as picky as we want them to be about what programs they execute and what permissions they execute under. Since our operating systems are designed by (occasionally) intelligent humans, not evolved by natural selection, humans can design better operating systems, in which security against untrusted code is a fundamental part of the architecture.
send all spam to theotherwhitemeat@ropine.com
Macro viruses are spread by executables. A "MS Office file" is a package of variables passed to an executable according to a conventional interface such as a *.doc to WINWORD.EXE.
---
It says "...proprietary operating system..."
I would hardly call Linux a proprietary OS, it being OpenSource(TM) Software. So I'd guess you'd be pretty safe with 100% Linux.
---
Ilmari
Remove the capital letters from the e-mail-address
© ilmari. All rights reserved, all wrongs reversed
How dumb do people think virus writers are? A single transgenopolymorph properly instructed would take out almost anything it came in contact with. Who is this guy to think it isn't possible?
Almost nothing upsets me as much as some ubercrackwhore that thinks mixing a stew or adding crackers to it, automatically makes it soup.
Ever hear of uuencode?
DrLunch.com The site that tells you what's for lunch!
The terms "virus" and "worm" originally referred to the form of the code, not its method of propagation. A "virus" was a object code patch which made a program or operating system do additional viral tasks (such as patching other programs); a "worm" was a stand-alone program or process which propagated. If you replace "worm" with "bacterium" the biological analogy is clear: a virus is inert except when it's integrated into existing executable code (DNA), a worm/bacterium is self-contained and directly infects a host (multi-cellular organism).
I'm sure it wouldn't be too much more of a headache for the people who write them one in the first place, and anyway, one third of the computers going down would still be a bit of a bitch.
~ Artificial intelligence is no match for natural stupidity ~
The only suggestion that has viable merit is to disable the ease at which a user can destroy and propagate malicious code.
Implementing that is a whole other arena.
Supporting 6.02^23 different configurations is bad, which is why businesses standardize.
I'm not saying standardizing is a good thing (I run my own stuff anyways), but with clueless users, it's about the only way.
"Some computer scientists believe that in the rise of the Internet and the World Wide Web, society has struck a Faustian bargain...."
:)
Yeah, and I'm sure some computer scientists believe that JFK was a space alien.
Here's a handy rule:
#ifdef REPORTER_SPEAK
#define SOME_PEOPLE ALMOST_NO_ONE_CREDIBLE
#endif
Remember the handy guide to thesis paper jargon? ("It is generally acknowledged that...." means "I think that....")
The comparisons between a real-life virus and a malicious computer program are quaint and romantic. It's just too bad they're not real accurate.
/* Sorry I'm so grumpy. I forgot BOTH my St. John's Wort AND my coffee this morning. */
Save the whales. Feed the hungry. Free the mallocs.
Arrrrrgh! Four semesters of Latin and you're giving me flashbacks!
sharpei diem -- seize the wrinkled dog
sharpie diem -- seize the felt-tip marker
Save the whales. Feed the hungry. Free the mallocs.
While I am extremely supportive of any corporation that decides to limit its Microsoft usage for "anything else" (tm), doing it for the sole purpose of escaping viruses is both silly and doesn't solve the real problem. The acronym PEBKAC applies here (Problem exists between keboard and chair).
.exe files to other users, viruses don't spread.
I see 3 reasonable solutions to this issue:
1 - Don't use any combination of programs that can facilitate the uncontrolled spread of any program, worm, virus, word macro virus, trojan, etc without direct authorization by the user. In this case, don't use Word and outlook express together if the two can be used together for the uncontrolled replication of viruses and other nasties.
2 - Limit the damage a single user can do. If a user receives a virus, fine. That's done. However, if that user doesn't share write permission on executable directories, then the virus won't be able to spread over a network without copying files. If the user is not able to forward
And 3, the most effective, yet most difficult:
EDUCATE THE USERS! Users have no business whatsoever sending executables to others which is traditionally how viruses spread. Teach them how to turn off those options which facilitate this madness. If you're going to stick an idiot in front of a computer, you had better damned well make sure that computer is idiot proof, or these problems will continue to happen.
Will switching a corporation over to all linux prevent this problem? Sure, or it will at least slow it down. But even on *nix boxes there have been worms in the past. Script kiddies enjoy easy access to well written exploit code, and while it is simple to patch this code up, most corporations are probably so mired down in procedure that these patches would take a great deal of time to get implemented, and any user that can gain root access, or any virus/worm for that matter, can do just as much damage regardless. And there will always be the users that only use the root account on their private systems, and one day will download a malicious program and wipe out their system. It happens, and it will continue to do so. Until computer users take proper care of their systems, viruses will continue to spread. Use a bit of intelligence, or in appropriate situations a raincoat, and viruses will become far less prevalant.
-Restil
Play with my webcams and lights here
It isn't a bad idea to have binaries stripped from external e-mail, and put into a directory where expected binaries could be picked up. With a policy of allowing only business-related binaries to be picked up, many of the social engineering worms would be filtered out without the loss of the usefulness attachments.
Yah.
Thus the heavy use of such things as "much" and "cut down on" in my post. There is no really good solution if your business requires the exchange of executables. (I refuse to believe that VisiBasic macros are really necessary entities)
If everyone is using encryption then these e-mail virii will have something new to send around the internet.
Private key, anyone?
Or maybe they'll just corrupt it for you. Wouldn't that be just great...
Andrew.
99.99% of all email consists of messages that do not require any technology more sophisticated than a flat ASCII editor. The majority of people who need more sophisticated transfers can be accommodated by HTML with embedded graphics.
The tiny minority of computer users who need anything more sophisticated are capable of making their own decisions about how to handle files.
Microsoft should be sued for the irresponsible actions of promoting highly complex formats that perform automatic actions that the majority of computer users cannot understand or control.
In a national radio broadcast of the Commonwealth Club, circa 1993 or so, Scott McNeally (president/CEO Sun Microsystems) suggested that the government shouldn't be able to buy closed operating systems at all.
Quite a few more tidbits on open systems and the "future" of the Internet which are interesting when looking back. I've got this on tape and could produce a transcript if there were sufficient interest.
Of course, if we're to take Agent Smith seriously, it is humans that are the virus. In 20 years or so when the Operating System is no longer a relevant concept, these government agencies should be limited to "no more than 34% of the same species".
[btw: Did you ever wonder what happened in The Matrix after the credits rolled?]
BLAMMO shaken not stirred
Word macro viruses can affect Word on multiple platforms.
Secondly, no the more OSs you support, the weaker your admin and security model will be, due to sheer complexity.
Here's a better rule - simply strip binary attachments from email automatically on the mail server.
It's 10:05 am EST here, and it looks like the Times is having some trouble. Anyone else getting in yet?
I think this whole phenomenon is fed by the fools who will execute anything. "Oh what's this file? I have no idea what it is or what it's supposed to do but I'll try it." That's not good thinking. Consider this biological metaphor (since talking about virii takes you in that direction to begin with): Your computer represents your body. Applications are food. Would you try eating something that you haven't seen before with no guidance? Doubtful. What if you smell it (sniff it with a virus scanner) and it smells okay, but you're still unsure. Let's say your friend left it on your doorstep with a shady-looking note. I really doubt anyone with an ounce of sense would eat this mystery food.
For some reason, when people get near computers, and don't have much experience with them, they do one of two things. They turn into the paranoid freak (oooh don't click on anything computers are dangerous) or the gluttonous downloader/tinkerer. I promise you the people who are afraid of computers didn't get this virus. Just the clueless individuals (millions of them right?) whose curiousity got the best of them.
Things like this just reaffirm my notion that common sense isn't so common anymore.
Use SMTP and POP3 for email, local newsgroups (NNTP) for open discussions, web pages for read-only information, and NFS (or SAMBA) for file sharing. Let users pick the mail, news and web clients, and OSes, that they work with best. Then, Netscapers and IE-ers and Opera-ers, Exchangers and Notesers and MHers and Piners, Linux-heads and BSD-ers and Solaris-folks and Mac-fans and NT-ites and, yea, even those poor souls trapped in DOS, can all go boldly together into the bright brave new world.
Diversity good. Monoculture bad.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Yes, there's an expense in supporting diversity. (With proprietary software, there are also licencing cost issues; 100 copies of M$ Exmange might be cheaper than 50 copies of Exmange plus 50 copies of Bloated Notes.) But there's more of an expense when your talented and expensive Unix geek has to waste half an hour trying to get Bloated Notes on his Win95 desktop to attach a file to a message (only to find that it's a known bug that sometimes it just plain won't), when he could do it instantly using his client of choice, exmh.
You save on training, and increase productivity, when users can use tools with which they are already skilled. Let the clueless have whatever the local default is, but don't hobble the clueful.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
There are plenty of other systems in place on the internet in which to exchange files, just keep binaries separate from communication, and we'll all be fine.
--------
Your approach is the one used for a long time by those without an operating system. It is demonstrably insufficient. By way of contrast, the "make it impossible" solution employed by Unix has had markedly improved success.
Now you're just shutting the barn door after the horses have escaped. This is not a viable approach. It requires constant diligence and luck. You can't expect these things. This is good advice, but hardly insufficient. How do you know your backups were clean? You don't.If you do not approve of the newspaper article's wise advice to diversify your hardware and software platforms, then the remaining simple solution to these insane virus problems is merely to install an operating system. One has but to compare the orders of magnitude of viruses for Microsoft systems compared with those for Unix systems to see the difference. How many Unix viruses are there? Since the RTMjr worm of 1988, which affected Suns and Vaxes only but left other hardware untouched, we haven't seen much.
My organization runs predominantly on three different chipsets (sparc, intel, power pc). Code that runs on one will not blindly run on the other. Moreover, there are several different operating systems installed on each chipset. This helps even more. But best of all, these actually provide real operating systems to get intercede between the program and the hardware.
Telling people not to read mail as root is one thing, but more important to make the mail reading procedure 100% secure against problems, and to make the operating system secure against user issues. Anything else is a joke doomed to fail, just like all the toy systems that have fallen prey to random attacks.
Number of viruses which I or people in my organization have been affected by in the last fifteen years: ZERO.
Beat those odds, Wintel.
Here's an example: if you make it illegal for user code to access page table hardware, you need never worry about this form of attack. This is so incredibly superior to various techniques to scan for code that does this in advance or detects its effects after the fact, that there can be no question of efficacy.
The proper entity to be sued for these violation is Microsoft. Yes, you heard me, sue Microsoft for viruses. If you had a car that blew up if you put the ignition key in the wrong way, you'd sue the manufacturer. The source of these viruses is Microsoft. They carry the full burden of responsibility for creating an operating system only a drooling cretin could love, and which even a script kiddie can break into. They've sold you a car not merely without seatbelts, but one without brakes, a speedometer, mirrors, or a transparent windshield.
PS: *virii is a script-kiddie's nonword. The plural of virus is viruses.
I'm pessimistic that any of this can work for *.gov. Having been on both the program and the systems administration/support side of things in the federal government, the following are pretty clear:
1) There is no funding for proactive measures of any sort. What matters is that there is virus scanning on the system, not that the scan engine or virus defs are up to date.
2) There is no funding or urgency to train employees. Heck, they can't train employees to use win95 word processors much less train them about macros, DCOM, IMAP or anything else. And when training is provided, it is often tragically bad. Take a tour of offices and count the number of win95 boxes where the only app being run is wp5.1...
3). PGP/GPG would be swell. However, many government agencies are squeamish about encryption (at the top) and most aren't aware of GNU/free software. Those that are typically think of it in terms of "shareware" and dont trust it. Besides, most users face a learning curve to handle zipped documents much less PGP/GPG.
Could the government mix up OSes on the desktop? Not likely. The amount of money it would cost to cross train everyone would be prohibitive, and barring that, the Feds wont do it. Heck, they are still scratching and clawing to drag everyone from DOS to win95.
One caveat: this will vary tremendously from department to department. I know that there are some government shops that on top of things and which use and contribute to GNU and Free Software. But if you look at a large department like DHHS......
..its back to the old practice of trading/mailing floppies around. Hardly an improvement. Not that it doesn't still happen. Just last year I was mailed 5 floppies in the name of "security." Oy.
Biologically, a virus is a microscopic organism that reproduces (in layman's terms, I'm not a bio person :) ) by invading host cells an restructuring the cell's DNA to essentially "make" it a virus. These converted virii then go and find other non-infected cells to invade.
Biologically, a worm is a macroscopic organism that crawls slowly along the ground, eating any food it happens to smell nearby--at a much slower rate.
In the computer world, a worm, as the author correctly surmises, is self-propelling, that is, a program sent within the attachment can then send itself along without any action by the person who receives it.
In the computer world, virii have been (as the author again correctly surmises), software codes that infect computers by attaching themselves to documents or programs that are passed along.
It seems to me we have our definitions reversed. A computer worm is much closer to a "self-propelling" object than a computer virus, and a computer virus is much slower (with a geometric, not exponential expansion rate) than it's worm counterpart.
-
Be grateful that it happens in that order - with your computer, the worms have to come before last.
Seriously, people will just deal with this sort of thing. "Practicing safe computing" (I love that cybervenereal phrase) gets harder as new attack programs are written, seemingly at a more rapid rate for the "Average User" than for those using open source software. Unfortunate for all, but - that's life. As the capabilities of hardware, software, and network links get better, there will be more to be guarded against in turn.
So people will be more guarded, reasonably, dealing with the new tricks and inconveniences. The first massive parallel attacks on ADSL/cable modem users with "always on" Internet connections will be followed by appropriate firewalling, whether perpetrated against users of Microsoft Windows 9X/20XX or New Redhat Linux release ##.#.
Already all - well, most - of the users I deal with as System Admin are clued in enough to avoid most trouble using the Microsoft OS and suites. Nevertheless disaster may strike in the form of a quick attack of a novel type. Oh my. I hope it can be avoided. I issue memos. I back up. I update against root attacks on the Linux systems.
I keep spare parts too, tend the UPSes, place extra 200 volt MOV devices on incoming modem lines, watch for roof leaks. The Universe is as or more likely to deal an impersonal random blow as a malicious outsider.
Neither of these compares to the unavoidable havoc done by attempting to use the network and systems to get work done; the unravelling of anomalies, repair of data and programs damaged and destroyed - by the most careful attempts to use them in the manner intended.
That what I'm paid for, not to whine, to complain that there are bugs in the software purchased. Software development does not result in bug-free programs for any reasonable expense, and my boss won't wait for Windows 2010. I hope this type of event will spur the move towards the more robust OSS approach, but in any case... the world will go on.
--
[all incoming email will be automatically delayed 24 hours until further notice..]
Also, I'd like to point out that Danny Hillis was the founder of Thinking Machines Corporation, not "Connection Machines". The Connection Machine was TMC's core product. One of his current projects is to build a clock that will run for ten millenia.