Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: yet another victim of Microsoft malware ..

"Kelsey Bjarnason" <kbjarnason@xxxxxxxxx> wrote in message 
news:rqqqt4-7n.ln1@xxxxxxxxxxxxxxxxxxxxxxx
> [snips]
>
> On Wed, 03 Oct 2007 23:26:38 -0400, jim wrote:
>
>> Windows made computing accessible.  Windows made computers popular and 
>> drove
>> the entire industry.  It matters not that it was/is insecure.
>
> It does when the cost of that insecurity is measured in tens of billions
> per year.

What I was referring to when I said "It matters not that it was/is 
insecure." was the fact that Windows made the PC an industry regardless of 
the facts of its insecurity.

>
>> IMHO, the real problem in the loss of trust is ignorance.  PCs are so
>> simple that any idiot can screw one up - and they frequently do.
>
> FSVO "PC" perhaps.
>
> Sit a typical user down at an unprotected Windows box, they'll screw it up
> readily, just by emailing, browsing the web, etc.  Or having it hijacked
> by inbound threats.  Sit a typical user down at an unprotected Linux
> system, different story.

You know (or should know) that *the* main reason that Linux PCs are not 
subject to malware, viruses and such as much as Windows is simply because 
the target is uninteresting from a hacker's point of view.  Who wants to 
hack 1.2% of user PCs when they can hack 90+% of user PCs?

This idiotic notion that Linux coders and code base are somehow magically 
stronger than Windows (or any other OS) really makes Linux advocates look 
uneducated.

If people (your regular, run-of-the-mill people that use Windows) were to 
use Linux as their primary OS, you can bet your ass that they would run the 
OS under the root admin account and that more hackers would see the 
potential gains in money to be stolen and "fame" to be gained by hacking 
Linux and the apps that run on it.

I really wish this fantasy of Linux being so "secure" would stop being 
spread.  You are only setting Linux users up for dissappointment and the OS 
for a fall.

>
> Ain't nothing perfect, but Windows takes that notion to unprecedented
> heights.
>
>> The problem is that some people think that end user ignorance can be
>> coded around (i.e. UAC).
>
> Yeah, UAC and the like are kinda silly.  Still, as the Linux methodology
> shows, such problems can be greatly reduced.  Software installed from
> trustworthy repositories, for example, tends to limit that source of
> problems.  The lack of any listening services by default on many distros
> limits inbound threats.  The failure to execute embedded scripts in emails
> and the like limits things again.  Keeping users firmly in _user_
> accounts, rather than admin accounts, again reduces the issues,
> particularly when the software actually _works_ when run in a user 
> account.

When you remove functionality you naturally remove possible abuses from the 
code used to put in that functionality and possible coding mistakes from any 
code removed.

As for "Keeping users firmly in _user_ accounts, rather than admin 
accounts"....you are in a land of fantasy that I can only dream of attaining 
if you think that your average PC users would run under anything but and 
admin account.  My original post was of PC use in general - that means 
mostly home use...not the tied down, restrained green screen world of some 
workplaces.

>
> UAC is putting a band-aid on an amputation.  Linux shows that the
> situation can be vastly better than it is, that software can be both
> functional and significantly more secure, but getting Windows there is,
> apparently, just too damn much work, or would break too many things which
> rely on its existing "we'll run anything from anywhere" design concepts.

Linux does have fewer holes than Windows.  It accomplishes this primarily by 
reduced functionality and reduced integration (as compared to Windows). 
Just as anything that gives people more power to "get things done", that 
power is subject to its own flaws and may be misused even when no flaws are 
being exploited.

Power means responsibility.  The general public evidentally cannot be 
trusted with such power - hence UAC.

>
>>  That, somehow, programmers can make a system
>> that stupid users and malicious crimminals cannot destroy.  That, my
>> friends, is a fantasy of the highest order.
>
> Sure, but you can reduce the likelihood of the malicious sort getting in,
> and reduce the likelihood of the clueless doing significant damage.  You
> can't _eliminate_ it, but you can _reduce_ it, and that is quite enough.

I agree.  You can reduce the likelihood of malicious code - just remove 
functionality.  Linux is, in part, more secure than Windows because it is 
less integrated and has fewer features that coders can abuse to harm its 
users.

It's like freedom.  In a democratic country you are more likely to be the 
target of scams and crooks.  But, would you rather give up those freedoms in 
exchange for the security of the state?  I can only speak for myself, but I 
would not.

>
> Take something as trivial as how programs can be executed.  Send one as an
> email attachment, for example.  If you "open" the attachment, does it
> execute?  That would be the worst possible design.  Almost as bad is "save
> it to disk, click to open" - where "open" equates to "execute".  Both make
> it far too easy to get malware on a victim machine, particularly if you're
> trying to hide the executable as an image or some such.  Now add the
> notion of an execute bit.
>
> The really clueless users are likely going to find the whole process of
> "save the file, right-click, bring up the properties, go to the
> permissions tab, click 'executable', click 'ok', now open the file"
> process sufficiently complex to limit their exposure, and anyone more
> clued in than this is going to see the "click 'executable'" bit and write
> it off as a really bad idea.
>
> It doesn't *stop* such things from occurring, but even just reducing the
> occurrence of malware, making it less effective, is a good thing.

I agree that less malware is a good idea.  But, as unfortunate as it is, 
*most* users are "really clueless".  They trust everyone and everything they 
read on the internet as if it were all filtered and monitored by some 
benevolent internet police force.

The problem with the execute bit is that, since most users are clueless, you 
have now made the OS more unattractive  to most of your user base.  Not only 
are the malware executables more diffiult to run, but so are the truly 
benign, useful applications that they want to (and should be ablet to 
easily) run.

It's a delicate balance between security and ease-of-use.  Windows has 
previously erred on the side of ease-of-use.  Being a coporation set up to 
make money, this was the correct path to take.

Microsoft was not formed to make computing safe.  Microsoft was formed to 
make  its shareholders and upper management as much money as possible.  You 
do that by making things easy.  (Sure, you can make things more secure, but 
not at the expense of ease-of-use if your goal is to make as much money as 
possible.)

>
>> If you make it strong enough to block ANY unauthorized activity, you
>> must train the end user on what activities are ok to authorize and which
>> aren't, how to tell the difference and how to allow and deny each one.
>
> Simple enough rule on the whole: "Did *you* ask the computer to do this?
> If not, then you probably shouldn't allow it."  Again, not perfect, but a
> good rule of thumb.

Only a good rule of thumb if the user know *every* action that a program is 
supposed to take, every name of every executable and DLL for every given 
application on his/her PC and the consequences of each.

This will happen when politicians are honest.

>
>> This leads us somewhat closer to reality.  Systems still need to be
>> simple. Very simple.  Simple saves time in training, saves money in
>> hiring the employees to run the OS and makes getting replacement workers
>> relatively easy and cost effective.  But, simple means that they can
>> hurt themselves (just as they can run with scissors or a knife and they
>> can drink and drive and they can throw rocks on the playground).
>
> Sure.  Now stop and compare something like Windows, versus a machine
> running, oh, KUbuntu.  Each is, to the user, about as simple to use.
> Except they're not.  One requires the installation, care and feeding of AV
> and anti-spyware and firewalls and this and that and the other thing, not
> to mention a significantly more difficult process for installing and
> updating software - including security updates.  The other makes those
> operations simpler, and outright eliminates the need for much of the other
> overhead. Which means the safer system is actually easier.  Perfectly
> safe?  No. Just safer. Yet easier.

And KUbuntu makes coding apps more difficult, application integration more 
complex and using integrated apps (which is where most of Windows holes lie) 
a real challenge compared to Windows.

Its a trade off.  Security for reduced functionality.  Most people are not 
willing to make that trade.

For example...we offer a line of Windows PCs that we GUARANTEE will not get 
any executable virus or we will clean them for FREE.  These PCs are set up 
on-site, at businesses and locked down such that the user can use all of the 
installed apps, but cannot install or run any unauthorized applications.

Guess what?  Businesses - even local governments - will not even test the 
machines.  We even offered to drop off laptops to anyone interested to try 
and hack them for a week.  Hell, we even offered to give the laptops to 
anyone able to hack them (without physically opening the laptops).

Still, nobody was interested.  Know why?  Our research indicates (and 
current OS usages bears this out) that people would rather have ease of use 
and power than stability and security.

If Linux wants to win the desktop, it will do well to learn the same lessons 
that we have.

>
>> The reality is that education of the end user plus simple systems plus
>> SEVERE punishment of system abusers is the only realistic solution.
>
> So who is the abuser?  Some unknown attacker from Indiana - or Indonesia?
> Fine, you find him, we'll punish him.

No we won't.  In the US, we passed a federal law stating that anyone writing 
a virus can get up to 30 years in prison.  Just after passing the law, we 
tried the first person under it and found him guilty.  Can you guess how 
much time he got?  Just 18 months.  How utterly pathetic.

>
>> Even
>> then, you will have people shoot themselves in the foot with thier mouse
>> every once in a while
>
> Indeed.  You can't make things idiot proof.  You *can* make them less
> prone to most common problems.  Linux tends towards this direction;
> Windows, traditionally, has not done this.

Again, Linux and Windows have traditionaly been aimed at different users. 
Linux has been the realm of geeks (and still tends to be so) and Windows has 
been the OS for everybody (clueless as they may be).  The one values 
security and has the training and knowledge to operate a more secure OS. 
The other does good just to keep coffee out of the keyboard.

Different user bases....different goals....different OSs.

jim 



[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index