?

Log in

No account? Create an account

One system administrator's opinion - Journal of Omnifarious

Dec. 21st, 2004

04:03 pm - One system administrator's opinion

Previous Entry Share Next Entry

An Open Letter to a Digital World
"The Windows platform is not just insecure - it's patently, blatantly, and unashamedly insecure by design"

And, of course, he's right. It's true. I recommend to everybody I meet that they use anything but the Microsoft platform (i.e. Windows) just because of viruses, spyware and worms. They're a menace, and they largely only happen to Microsoft because simply put, Microsoft products have (and I do not exaggerate in the slightest) utterly abysmal security.

Worse yet, people who write software for Microsoft stuff have a model for what software is that makes them think they own your computer while it's running your software. The software is theirs, it's their property, it's for them to decide what it does, and it is not for you, as a user, to decide what it does. This is, baldly stated, the mindset of people who develop non-Open Source software. The only reason the programs do anything you want them to do is in order to entice you into running them on your computer system. They are all potential trojan horses, and many of them are literally so.

Ever notice how you can't fast-forward through the commercials at the beginning of a DVD? It's because the movie industry demands that companies that make DVD players not allow you to. Why shouldn't you be able to? Didn't you buy the DVD player? That's the same mindset that non-Open Source developers have applied to a consumer electronic device.

Do you want your computer to not be able to visit a Linux website because you're using IE? That's how Microsoft would like things, and its exactly what they would do if it wouldn't raise a huge public outcry, and there wouldn't be a thing you or anybody else could do about it, because IE is not Open Source.

I have come to strongly agree with Richard Stallman's opinion that non-Free (as in Freedom, not as in beer) software is ethically wrong, and isn't a viable system to build a society (or an economy) around.

Current Mood: [mood icon] amused

Comments:

[User Picture]
From:scottscidmore
Date:December 21st, 2004 05:07 pm (UTC)
(Link)
Well, there is the aspect that as the main-almost-only OS, browser, e-mail, word processor, and presentation software, Microsoft has been the largest target by far. Now, that should have made them more concerned with security; however from the folks I know that have worked there security concerns seemed to be handled by "when it's all Microsoft, it will be secure; it will be easy to track down bad guys."

Over the years, I remember seeing releases and patches for Microsoft products to fix problems that were essentially "running software X will publish you drives on any network you are connected to". That bug is somewhat understandable, but not excusable, for an OS; however many of these occurrences were for things such as viewers for Word, Excel, and Powerpoint. The question why are file viewers doing this" was not widely raised.

I find it somewhat amusing that in the view of Libertarian Party types, those DVD ads should have lowered the cost of the DVD, if not eliminated it. Clothing with ads is more expensive than that without, movies now have ads and keep costing more, and so on.

With consumer goods such as DVDs, not only is the public being forced to watch those commercials, but any moderately successful attempt to boycott such products would likely result in more breast-beating by the industry, complaining how their sales are down because of file sharing and every bit of writable media should have a surcharge on it to prevent this lose of profit; obviously everyone recording something is making an illegal copy of some copyrighted product.
(Reply) (Thread)
[User Picture]
From:omnifarious
Date:December 21st, 2004 10:05 pm (UTC)
(Link)

Closed source software is fundamentally insecure. Especially software that's expected to be widely deployed. Closed source vendors have enormous incentive to put stuff in their software that causes your computer to do things they want it to do instead of things your want it to do. There is no good counterbalance to this incentive aside from government regulation that is so heavy handed that no innovation could take place.

As for whether or not Microsoft software is more insecure for other reasons... Long ago, when I was learning Windows 3.1 because it seemed like the next big thing, I gave up in disgust. I'd actually worked with several different windowing system before, and it was clear to me that Windows was an awful design, and one of the worst I'd ever worked with. My comment after giving up was "They'll never be able to make this stable. There are too many different calls and too many different kinds of calls that are considered part of the OS."

This had nothing to do with whether or not Windows has real memory protection (so many of the APIs (last I looked) depend on shared memory that it still really doesn't have it completely) or anything like that. It has to do with the basic design tenants upon which its based. It's very hard to make it secure because so many very complex things are so married to the core of the OS. It's hard to establish the dividing line. It is quite true that the basic design of the system assumes a single user using a particular non-networked computer.

There was an article linked to from Slashdot sometime in September or October that actually had a pretty detailed breakdown of the kinds of flaws you see in Windows. One interesting point they made is that IIS has suffered many more attacks, and many worse attacks than any Apache server, despite Apache being many times more prevalent.

(Reply) (Parent) (Thread)
[User Picture]
From:scottscidmore
Date:December 21st, 2004 11:13 pm (UTC)
(Link)
As Windows was something of a hack running on top of DOS, which grew out of a quick hack to use until CPM-86 was released, it's not surprising that Win3.X was bad (on 3.0 I liked how the program manager could crash, leaving you with no soft method to shut Windows down). Backwards compatibility issues damaged all following versions of Windows, NT was pretty good by virtue starting over with a DEC OS without paying much attention to the existing Microsoft product. Both DOS and Windows had way too much chatting between application and OS developers; too many undocumented features and usage of 'magic' functions and data structures. Yes, it was thought of as running in a single user non-networked computer for way too long. And most of the effort by MS in recent years has been targeted at merging Windows, IE, and other Win apps into one monolithic lump, as a way to lock up the market in all of those.

Closed source does not always lead to what you state, if the vendors are given a larger incentive to not mess around with your computer - bad reviews, boycotts, legal action, mass purchases of something followed be returns (making the retailers unhappy), heavy customer support (and if they charge, bad reviews and calls that disconnect when the charge point is reached, followed by immediate redial)

Open source is an easier way to reach the same ends. There's plenty of crufty OS software out there as well, it tends to get fixed or ignored as alternatives arise. But I think this is more a result of there not being a dominating application to crowd out all alternatives, as Microsoft tends to do, than something intrinsic in open source.

Back in the days when computers were fairly expensive, open source wasn't too uncommon. DEC used to ship the source for the OS with its PDP/LSI 11s, you compiled it to match your needs (I wish I'd shown Tim RT11, maybe the OS for the 8086 would have been better).

BTW - you should have seen Windows 1.X; A friend worked at a place that was trying it for their products. Besides crashing and all that, you could do fun things like 'toss' a window so the menu bar went off-screen, after which there was no way to get at any of those functions. Windows 2.X was used in a number of 3rd party apps, but it was linked into the application. Page Maker used it, as did several graphics apps.

(Reply) (Parent) (Thread)
[User Picture]
From:omnifarious
Date:December 22nd, 2004 12:04 am (UTC)
(Link)

I've seen Windows 2.0. I used PageMaker for it. It looked like a horrible hack. I never tried to program for it though.

NT sort of has a good core kernel. I actually taught myself the Win32s API and things when I ported a Unix application (that used an early version of my StreamModule framework) I wrote to Windows NT in 1996/7. But the whole design is still contaminated with old concepts from DOS and pre-NT Windows.

I don't really have anything to disagree with in your comment post though. :-)

(Reply) (Parent) (Thread)
[User Picture]
From:mabelmundane
Date:December 21st, 2004 06:41 pm (UTC)
(Link)
i really miss my mac and regret that i ever got this thing i call a computer. i never once got a virus or trojan horse or anything in my years and years of using a mac, now ive gotten one already on this thing, and ive only been using it 6 months or so.

ps: your post strangly made me want a beer.

pss: how are you enjoying this minnesota weather?
(Reply) (Thread)