Martin @ Blog

software development and life.

Flower

Computer security

Today I received another e-mail from the internet provider which I use to get internet access at my parents house. In the e-mail there was a piece of text about a recent virus outbreak of the virus Sober.Q (or something like that). The virus circumvents various security programs such as virus scanners and firewalls (according to the text in the e-mail, the Windows XP firewall among others). The virus causes a lot of spam in the German language, which slipped through most spam filters (not my spamfilter as it seems, because I hardly got any of such e-mail spam messages).
While (again) reading such stuff I wonder why people still keep using Windows. Since at least 2 to 3 years I hardly use Windows and certainly doesn’t read e-mail or install software which possibly could contain virusses. Therefore I hardly think about viruses or other malware while installing software or reading e-mail. I think this makes (computer)life rather easy and less stressfull. Since a few weeks I have also an Apple Mac Mini, which also doesn’t suffer from virus threats or things like that, but the usability is comparable to that of Windows (at least for non-computer wizards). Computer magazines and websites suggest that people should care about virusses and malware while using their computer and thus assume that everybody uses Windows. They suggest virusscanners (which costs money), firewalls (which until recently costs money, because since SP2 it is a standard component of Windows XP) and other tools to keep their computer safe from problematic software.
Why don’t they suggest to look into other operating systems? That whould make life for computer uses so much easier, because one doesn’t have to think about virusses at all which implies that one can also not forget to think about it.

Most of the time, when you say such things, they come with the argument that when people massively start using MacOS X (for example) virusses will also come to that platform. This is, however, a point which is incorrect, because the security model from MacOS X (and most Unices, except Lindows amongs other distros) is better than Windows. Windows still let the user works as administrator, while most Linux distros and MacOS X let people by default work with a ristricted user account. Therefore virusses cannot install them self systemwide. I don’t understand why this isn’t the default on Windows XP, because in my opinion this would solve a big number of problems. The only consequence is that people have to type a password when installing a program. You only have to let them understand that they must not provide that password when they don’t expect it to give (which is probably a difficult task). And ofcourse Windows shouldn’t give the administrator account an empty password – which is the default in Windows XP Home edition…

3 Responses to “Computer security”

  1. May 23rd, 2005 at 14:07

    A reader says:

    What you’re saying here literally is that Unices and MacOS have a better security model because the default installation of XP Home doesn’t set an administrator password. That at least is the summary of your last paragraph.

    If you truly believe that you’re a raving lunatic and shouldn’t be spending time on a university. The Win32 ACL security model is by all possible scientific definition measurably more controllable than any common *nix model. That is not a qualitative judgement though, the only true judgement of a security model is in the end security. In this both score comparably well.

    However, because of a design decision in the installer for the Home edition of an operating system which doesn’t quite please you (and to be honest I agree that it’s stupid) you proclaim to the world that the security model (which isn’t even remote related to the installer itself) is evil. That’s just simply plain lying, supported by false assumptions and claims.

    I’ve been reading through some posts on this blog and I admire your passion on the subject. Some aspects however put a huge “Linux Zealot” stamp on your forehead, just through the clear stubbornness with which you defend Slashdot-style claims which are simply not true. You should remember that there is no war, and there should be no crusades for your religion. Nobody believes a Microsoft manager saying that Linux is bad, except his loyal followers who have accepted both truth and lies, and likewise noone will accept anything from a known Linux fanatic, except his loyal followers who have accepted both truth and lies.

    To actually educate people, don’t force them to use any specific platform. There *is* no superior platform after all. Allow people the education so they can make their own proper choice of platform. Ease of use and graphical superiority? Get a Mac and administer it properly. Powerful servers, cheap and fast evolving applications, and you have a lot of prior knowledge about computers? Get Linux and administer it properly. Want to exchange data and software easily with work and neighbours and generally have an easy to use machine? Get Windows and administer it properly. As long as you do the “administer it properly” part correctly there is no difference between the 3 OS’es and all can make their user perfectly happy. And we didn’t have to send a Death Star to the Redmond Evil Empire to achieve that 🙂

  2. May 23rd, 2005 at 15:14

    Administrator says:

    I have to admit, that the last paragraph is maybe formulated incorrectly. What I mean is not the security model that is broken, because I have to agree with you that the ACL-based security is nice. The owner/groep/other-model which is used on most Unices is rather restricted.

    The thing I’m trying to say in the last paragraph is that I don’t understand why Windows by default let users work with an account which has complete access to the entire system (and also all applications). In my opinion this is the main reason why there are so many virusses and other threats on the Windows platform. Almost all other operation systems I know, let the user work using a restricted account and only use the superuser account when it is necessary. When there is a single security hole in whatever application, an evil person has access to the complete system – in contrast to most Unices, where applications by default run with restricted access. The security model on Windows is due to the incorrect set up of user accounts during the installation, worthless. A good systemadministrator let users work on a restricted account on Windows, but why isn’t it the default?

    I have to admit when you say that I like Linux, but I don’t think I’m a zealot. I try to stick to facts when talking about Windows and Linux and I am the first to say that Windows has certainly good things, but there are also a lot oppurtunities to improve the OS.

  3. May 23rd, 2005 at 18:35

    Felix says:

    > Windows has always had a good security model.

    The model may be ok, the (default) configuration is not.

    > So why do they not fix it?
    [..]
    > but it̢۪s the program that̢۪s to blame, not the OS.

    Then maybe the programs should change. As long as MS keeps permitting these stupid things it’ll never change. They should take responsibility for their mistakes.

    > Windows is the idiot-proof OS of the masses

    Not idiot proof at all, unless you have a very knowledgable admin (which most of the Windows user don’t have. Buy a new Dell and you’re screwed with the unsafe default configuration. Idiot proof? don’t think so.

    > They did a great thing in SP2, actually sacrificing some of the compatibility
    > for the sake of security

    SP2 is a (small) step forward, but it’s not enough, not even close…

    > You̢۪d say they̢۪re idiots, you just want your damn car repaired and make
    > sure it doesn̢۪t happen next time.

    Uh, it’s perfectly valid advice. They can fix that car in 10 minutes instead of over 6 months without even acknowledging the scratch for the first 4 months.

    > Also, if you think scale has nothing to do with the likelihood of an attack
    > you̢۪re not being realistic.

    Apache? But the most important would be a lot of different software and hardware configurations which make it harder for worms to spread (a worm written for example Red Hat’s sshd doesn’t work on Mandrake, SuSE or OpenBSD (different versions, different patches, different default settings, different compiler options, different hardware platforms, different kernels), but only on Red Hat, so it requires a lot of work on the cracker’s side to write a worm for all the different systems. With Windows you’re done with only one worm.

    > but already the security updates are more frequent than they̢۪ve ever
    > been on Internet Explorer in its 95% hightimes.

    You can’t measure the quality of the software on the number of security updates (maybe MS ‘forgot’ to patch some vulnerabilities…), you should also consider the seriousness of the issues patched.