![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Computer Security - Anything But Windows. Seriously.
Amongst a swathe of other "[Win]" security alerts from AusCERT, this one stands out:
AusCERT Security Bulletin: ESB-2009.1267 - ALERT [Win] Windows TCP/IP: Multiple vulnerabilities
Product: Windows TCP/IP
Publisher:Microsoft
Operating System: Windows 2000, Windows Server 2003, Windows Vista, Windows Server 2008
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Original Bulletin: http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx
Why does this particular instance stand out to me? Because TCP/IP is the fundamental core of Internet communications - if your device does Internet, it does TCP/IP. The code to do it has been around for a few decades now, and pretty much everyone knows how to do it securely. Except, apparently, Microsoft.
This sort of security vulnerability can theoretically exist on other OS platforms, yes. That said, the only competing OS family these days is Unix - there are no extant OS platforms in common use that are not some type of Unix. Even Mac OS X is a version of Unix with a very shiny graphics layer on top.
Unix is designed from the ground up with a highly layered security approach, and in the layers where security is critical (i.e., the "kernel" - the part of the OS that deals with the computer hardware, and therefore can do things like snoop passwords, steal data from anyone on the machine, etc), the programmers tend to be very very careful, and most of the code is not actually new, and has been inspected heavily by many many people over the long decades that the technology has existed for, and tested by lots and lots of people who are pretty crazy about security, and think about it a lot.
Microsoft, fairly clearly, don't organise their code and their programmers to work that way. Every time they release a new OS version, they say "now more secure!" Every time they say that, they're proven wrong. Again. With several different hacks that break into the kernel layer, not just surface compromises. A Linux blogger describes the experience best:Windows Users - The Charlie Browns of Computing. Go on, kick the football. We promise it's secure this time. Really.
Don't get me wrong: You absolutely need to take security measures on other computers too. If you've got a Mac, you should still be purchasing anti-virus software, and if you've got Linux, or FreeBSD, or Solaris, or any other UNIX, you still need to be securing your computer in a variety of ways.
But on Windows - none of that matters. You can run all the anti-virus software you like, but if the Windows TCP/IP stack is open to a remote hacker, the remote hack will disable your anti-virus software, and install a bunch of stuff that will keep your computer broken and hacked, permanently.
If that happens to you, you can expect your computer to use all your bandwidth sending out spam email, attempt to crash and hack other computers on the Internet, send all your banking details to people who might be interested in stealing your money, send anything resembling personal data to the same people, and so on. Not good, not fun.
So, if you care about having a secure computer, don't use Windows. Ever. Really.
If you really do have to use Windows, then don't connect it directly to the Internet. Ever. Put that computer behind a secure firewall of some kind. If you don't know how to do that, find out from a tech-savvy friend. For your own sake.
AusCERT Security Bulletin: ESB-2009.1267 - ALERT [Win] Windows TCP/IP: Multiple vulnerabilities
Product: Windows TCP/IP
Publisher:Microsoft
Operating System: Windows 2000, Windows Server 2003, Windows Vista, Windows Server 2008
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Original Bulletin: http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx
Why does this particular instance stand out to me? Because TCP/IP is the fundamental core of Internet communications - if your device does Internet, it does TCP/IP. The code to do it has been around for a few decades now, and pretty much everyone knows how to do it securely. Except, apparently, Microsoft.
This sort of security vulnerability can theoretically exist on other OS platforms, yes. That said, the only competing OS family these days is Unix - there are no extant OS platforms in common use that are not some type of Unix. Even Mac OS X is a version of Unix with a very shiny graphics layer on top.
Unix is designed from the ground up with a highly layered security approach, and in the layers where security is critical (i.e., the "kernel" - the part of the OS that deals with the computer hardware, and therefore can do things like snoop passwords, steal data from anyone on the machine, etc), the programmers tend to be very very careful, and most of the code is not actually new, and has been inspected heavily by many many people over the long decades that the technology has existed for, and tested by lots and lots of people who are pretty crazy about security, and think about it a lot.
Microsoft, fairly clearly, don't organise their code and their programmers to work that way. Every time they release a new OS version, they say "now more secure!" Every time they say that, they're proven wrong. Again. With several different hacks that break into the kernel layer, not just surface compromises. A Linux blogger describes the experience best:Windows Users - The Charlie Browns of Computing. Go on, kick the football. We promise it's secure this time. Really.
Don't get me wrong: You absolutely need to take security measures on other computers too. If you've got a Mac, you should still be purchasing anti-virus software, and if you've got Linux, or FreeBSD, or Solaris, or any other UNIX, you still need to be securing your computer in a variety of ways.
But on Windows - none of that matters. You can run all the anti-virus software you like, but if the Windows TCP/IP stack is open to a remote hacker, the remote hack will disable your anti-virus software, and install a bunch of stuff that will keep your computer broken and hacked, permanently.
If that happens to you, you can expect your computer to use all your bandwidth sending out spam email, attempt to crash and hack other computers on the Internet, send all your banking details to people who might be interested in stealing your money, send anything resembling personal data to the same people, and so on. Not good, not fun.
So, if you care about having a secure computer, don't use Windows. Ever. Really.
If you really do have to use Windows, then don't connect it directly to the Internet. Ever. Put that computer behind a secure firewall of some kind. If you don't know how to do that, find out from a tech-savvy friend. For your own sake.
no subject
The thing is, it's not that MS don't have clever people in house. I know at least one of them (although she retired on stock options and is now a circus aerials teacher).
It's their toolchain usability and relatively poor engineering process that's at fault. I've used their toolchain - it's hard to make it do good things for you, doesn't help you find bugs at compile time at all, and the fact that MS SDK APIs are often horrendous does not encourage you to do Good Things when writing your own code. Xcode and the Mac OS SDKs, OTOH, are very sexy, highly usable, and helpful. Even raw lint/gcc/make is a sexy piece of work compared to the MSVC toolchain.
That process/toolchain issue is eminently fixable on MS's end... They just need to spend more time actually setting up and caring about development process that encourages first-time correctness, instead of waiting to piss on fires after they break out. So far I see little to no evidence that they have done so.
And yes, Apple took their damn sweet time for updating Bind9, but I'm not exactly sure whether anyone actually *runs* named on their mac? It certainly isn't running by default. I guess anyone running Mac OS X Server might've had a problem. Fortunately for apple that isn't actually their main market. Still bad of them, I agree. :-)
no subject
It's helpful to keep in mind here that Unix was really the first IDE. It just so happens to also be useful as an OS in itself.
no subject
That said, Windows app developers aren't forced to use MSVC at gunpoint: there are a lot of FOSS alternatives out there, so you can really pick and choose on a horses for courses basis :)
That process/toolchain issue is eminently fixable on MS's end... [...] instead of waiting to piss on fires after they break out. So far I see little to no evidence that they have done so.
I dunno. I think they've improved a long way, considering their corporate size and customer base. Compare that to Sun's Solaris or SCO's OpenServer in the same time. Still a way go, of course.
Apple took their damn sweet time for updating Bind9, but I'm not exactly sure whether anyone actually *runs* named on their mac? It certainly isn't running by default.
BIND9 libs are what Mac OS X uses to resolve DNS queries, whether they've got the BIND9 server running or not. So yeah, it was a bit of a worry! :)