Microsoft vs. Computer Security

ArieKremen writes "The Slate has a piece written for the average user attempting to explain why Windows is `still` grappling with security issues. Although Gates made security and privacy top priority four years ago, not much progress has been made." From the article: "Microsoft customers haven't stopped worrying. A year later, Windows was hit with several nasty worms, including Slammer, Sobig, and Blaster. The viruses caused major traffic bottlenecks throughout the world, which cost tens of billions of dollars to clean up. Vulnerabilities deemed 'critical' have forced the company to release an almost unending stream of patches and fixes to the Windows operating system, Microsoft Office, and Internet Explorer." An interesting look at the whole issue.

Security is damn hard..

[Ckwop]

Computer security will get worse before it gets better. It's the second hardest problem in computing, coming second only to DRM; which is provely impossible to do properly.

The problem comes from many quaters: some theortical, some practical, some managerial. For example:

1. We know that it is possible to write secure code in any language and we also know it is possible to write insecure code in any language.
2. We know that people are generally more prepared to pay for features than security but features are the enemy of security. The more features you have, the more code-paths you have and the more chance that you have a defect in any one of those paths.
3. We know that schedule pressure leads to crappy code and crappy code breeds insecurity.
4. We know that the attacker only needs to find one attack that works. We have to defend against all attacks..

I could go on for quite sometime.. the point to appreciate here is that it isn't all Microsoft's fault but they could do a whole lot more. If we could just get rid of the overflows that would be a good start!

Simon

What can you do to protect yourself?

[biocute]

The article is advising people: "Besides avoiding Microsoft products, one way would be to use substitutes whenever possible. If you run Windows or the upcoming Vista, use a different e-mail program, browser, and/or media player than the ones that come in the box. Stay up to date on patches and anti-virus software."

I thought most importantly users should be responsible enough not to simply click on or open anything in front of them.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:What can you do to protect yourself?

[Soko]

I thought most importantly users should be responsible enough not to simply click on or open anything in front of them.

Ummm... the recent WMF vulerability needed no user interaction, other than visiting a web page or getting an e-mail with a "specially crafted" WMF file disguised as a .JPEG or .GIF file. It wouldn't matter which program accessed the file either - the OS would bypass the extension based MIME type and treat the file as a .WMF anyway, complete with being able to execute code, as WMF files are able to do by design. IOW, there was very little defense for an end user, unless you knew what sites had these files in advance. Users are usually the weakest link in the chain, but not always.

Your first bit of advice was correct - security is a process, not a product, and as such needs to be maintained and thought out in advance. I'd add "Educate users why people want into thier machine and here's how they get in" to the list too.

Soko

The Only Thing...

[Mad Ogre]

The only thing worse that "Windows" in the common OS versions in use... is the orphaned version of XP called "XP 64 bit edition" that doesn't work with all the tools normally used to resolve security issues. Many applications that we use here in the shop just flat dont work with 64. It looks like MS just took Server 2003 slapped an XP theme on it, and then broke all the strengths of both OS's. As a result, I've got a number of issues over here that I can't get resolved. As soon as I get a decent copy of the latest Vista Beta, I'm just going to make that switch. XP x64 is just about useless because of the security issues. This box is getting hit left and right, and is constantly stumbling. I'm not looking forward to all the new issues with Vista, but at least I won't still be using XP64 any more. (Yes, I've got a Linux partition... but that's not the point)

Re:It's no secret...

[drinkypoo]

Hey, at least this guy wasn't claiming that IE was in the kernel, like the last slashbot that decided to argue with me about how Windows is put together...

Re:No Progress?

[Philip K Dickhead]

NT was designed to replace VMS at DEC.

It was written to be "OS/2 v3", once Gates poached Cutler's development team.

It was grafted onto the Windows shell as a long-shot, after tensions between MS and IBM began to manifest themselves over the success of Windows 3.0, the failure of Presentation Manager and the differing visions for the future of OS/2.

Drivers for NT were still alot like drivers for VMS, from the API point-of-view.

Re:It's no secret...

[pete-classic]

Microsoft has a long history of secret APIs used only by their applications. I remember some sort of hubbub about this around '94 when they were taking over the office suite market.

More recently the DOJ at least accused Microsoft of using secret APIs in support of IE, Messenger, Media Player, and Outlook Express.

I don't necessarily think that you are wrong, but the situation is certainly not as cut-and-dried as you seem to think it is.

-Peter

Re:Slow progress

[yotaku]

Thousands of Linux and Mac users get along just dandy with restricted user privileges apart from the occasional annoyance of having to either log in as root or in the case of OS.X feed a nag window the root password so that the occasional installation program can touch sensitive parts of the OS.

I would say that this comes under uneducated users again. You can do exactly as you said in windows. I run as a limited user, and everything works fine. Sure, sometimes I need to login as admin to install something. Or a game's copy protection wont allow it to run except as admin. But then you just change the shortcut to runas admin, and everything keeps going just fine. I dont really see how this is any different than having to login as root or feed a nag window.

I think Microsoft is to blame for limited user not being the default. But once you have it setup running as a limited user, its not any harder than running as admin and most of Window's spyware, and virus problems dont affect you.

Re:Unending stream of patches helped MS it seems

[Anonymous Coward]

The website url here

http://www.us-cert.gov/cas/bulletins/SB2005.html [us-cert.gov]

Showed facts that in the year 2005 more bugs and security related issues were found in Unix based or derived operating systems and softwares than in Windows and its wares.

(Contrary to the information often stated by the penguins and unix fans worldwide and very often here at slashdot).

So I must ask - why was the post which I am replying to modded down?

It only showed things as they are from a reputable 3rd party source's findings in us-cert.gov which is a united states government website specializing in security related issues and it is also fairly obvious that the United States government is not partial to Microsoft because of the antitrust suits they have plagued Microsoft with.

The findings on the website used were also not results found by a test sponsored by Microsoft which is another complaint used by the linux people here at slashdot very often.

Shameful and childish modding down the posting that way slashdotters. Is that what unix people are about?

Unix, Linux, and MacOSX users are now the ones with the least secure operating system platforms it appears, not Windows users.

Why OS vendors make LOUSY application vendors

[Anonymous Coward]

Can you name me which modern OS shipping made a MARKETING decision to put their video drivers in the kernal? When NT went from 3.51 to 4.0 and they tossed in the Win32 widgets and they FORCED the kernal team to put the video driver in RING ZERO. They did not like the numbers they were getting. Was the user going to pick another VENDOR'S OS? :-) They wanted a reason for the user to PAY for an upgrade. Nobody pays for a SLOWER OS. Those just don't sell well.

Want another example?

How about 'priority boosting'? That is where only MS boost the thread level of the actively running application so it 'appears' to run faster to the user. This has created all kinds of fun problems for developers but 'hey' it SELLS upgrades baby.

Here is a fun one for you.
Why is it when I go into my CMD shell I can do a 'NET STAT'? Where did that stuff come from?
That would be when they put it in the NT kernal to compete with Novell. They have just been too busy helping the customer to take it out. All of the NET commands came from MS Lan Manager. I'm sure there isn't a Netbui stack that has kernal access either. ;-)

And people wonder why Linux runs so much quicker? I mean has anybody bothered to empty the garage lately that we all call the XP kernal? I mean what else is running at ring zero these days? Seriously if MS Basic hadn't been in the EPROM I bet the LOAD command would still work. :-)

You think I'm kidding right?

Has anyone tried to nuke the msmsgs.exe task? That would be MS's Instant Messaging application. This is STUCK in your toolbar and if you TRY to remove it you are told
OTHER applications are USING it! Don't we call other programs that do this viruses or trojans? This is a very rich example of why an OS vendor should NOT be allowed to compete in the application space. But hey it allowed them to KILL Netscape even when they had 80% market share. This might have been OK when MS DOS was seen as a HOBBY only used by kids but NOW IT IMPACTS every companies BOTTOM LINE!

Final point. Anyone ever bother to read what the findings of fact were in the MS anti-trust trial? I mean we all paid several million in taxes for that one and it makes GREAT bed time reading. ;-)

Are you aware that MS MANAGEMENT STOPPED the release of Windows 98 UNTIL AFTER Christmas so key DLLs could be part of the kernal? Since this statement sounds like I'm on a narcotic I'm going to PROVE IT IS TRUE.

BTW

Not one other company could pull this kind of crap NOT EVEN IBM. MS has created their own monster. The reason their kernal has SOOOO many holes in it is because the product managers HAVE DRILLED them there in the first place. I mean even a blind guy can fall into ring zero and take over your system. Why is it folks can READ the code for the kernal in Linux and it is SAFER but I can blind fold you and you 'might' get admin rights in XP?

MS could never allow you to read their kernal code. You would see how too many of their APPLICATIONS work. :-D

The link for the DOJ trial doc is here: <URL:http://www.usdoj.gov/atr/cases/f3800/msjudge. pdf>

From page 83 of the above link:

Allchin followed up with another message to Maritz on January 2, 1997:
You see browser share as job 1. . . . I do not feel we are going to win on
our current path. We are not leveraging Windows from a marketing perspective
and we are trying to copy Netscape and make IE into a platform. We do not use
our strength -- which is that we have an installed base of Windows and we have a
strong OEM shipment channel for Windows. Pitting browser against browser is
hard since Netscape has 80% marketshare and we have <20%. . . . I am convinced
we have to use Windows -- this

Re:Whomever Geeks and Nerds Find Evil...

[bersl2]

To make a OS as robust as windows without things like this happening is hard to imagine honestly.

"Robust" is not an adjective I would ascribe to Windows.

If Macs were what windows is today, the story would be the complete opposite I assure you. You see the SAME thing in popular games as well. The most hacked games are the biggest and best, not because it is easier, but there are far more people attempting to exploit the system.

Homogeneity is weakness. Stop being so damn homogeneous (x86, Windows, the most popular software, etc.), and start being more diverse (POWER, SPARC; Linux, *BSD; good but not most popular software; etc.); otherwise, you're just bringing this upon yourselves.

I know that the herd mentality still affects humans' decisions, but please do try to balance your cognitive biases out.

Re:Slow progress

[Mancat]

I use Windows as a limited privelege user on a daily basis with little to no headache. Internet Explorer works fine as a limited user.

Please stop making it sound like being a limited user is absolutely terrible. Very few applications have required me to run them as Administrator or Power User. Those that do, usually require a few tweaks to their home directory or registry key permissions, and you're good to go. Get with the program, developers. Windows can have more than one user now, and we're not all Administrators.

Re:No Progress?

[Z34107]

Until its easy (not merely 'possible') to run limited accounts & control permissions, we're going to see major problems.

The use of limited accounts only goes so far. It will prevent a virus from doing damage to some areas of the machine; it will not prevent the creation of "zombie" DDOS networks, infection by spyware, or OS exploits. Correct me if I'm wrong, but the WMF exploit will work regardless of whether or not you're running with full or nil permissions.

Re:No Progress?

[Philip K Dickhead]

I wont tell you where I work. ;-)

In the field - you know, where the 'rubber hits the road' - it has been incredible progress in dealing with the security issues around MS software.

My background is as an assessment/penetration tester, and a remediation analyst for infosec. My toolset and personal choices are 'Unixy'.

I have yet to see anything as onerous as admin passwords written to logs - and I don't even BELIEVE it can be done. You can pass a hash, not text. No API will give you a plantext from either AD or the LanMan cached credentials. You need a refresher course.

Re:It's no secret...

[eikonos]

Undocumented APIs that the DOJ forced MS to document: http://msdn.microsoft.com/library/default.asp?url= /library/en-us/dnapiover/html/api-overview.asp [microsoft.com]

"Microsoft teams identified a few hundred undocumented Windows interfaces or parameters that were used by one or more of the Microsoft Middleware components."

Admin vs. root on OS X

[Jesus_666]

For everyone who doesn't use OS X: The main difference between an administrator and a normal user under OS X is that the administrator may sudo. When using shell programs as a normal user sudoing will fail (because the normal user is not in /etc/sudoers) and Aqua apps that require administrative access will ask you for both the name of an administrator and the corresponding password. As an administrator manual sudo works and Aqua apps will only ask for your password.

root has much greater (and usually unnecessary) privileges than an administrator and is locked by default. I have only had to use root twice, in both cases because I had broke /etc/sudoers.