Wednesday, October 25, 2006
Safer Windows
Bill Gates is in the business of selling, among other things, operating systems for personal computers. While he is quite successful at that, a lot of the code of these operating systems is based on older code and design dating back many years ago. And some years ago personal computers were just that, personal, and not connected to any sort of network. So the operating systems designed for these non-networked computers are generally not very good at networking, and have more security leaks than the Afghan border.
Unsurprisingly Mr. Gates, having woken up to the reality of the internet, is since some time rather busy making his operating systems safer. For the current Windows XP there is now a Windows Defender antispyware program available for free from Microsoft. And, if you believe the announcements, next years Windows Vista will be a lot safer than any previous Windows versions.
Good news? Not if you profited handsomely from the Windows security flaws. Symantec and McAfee, two of the biggest providers of security software, are claiming that Microsoft is committing anti-competitive behavior by fixing those safety holes themselves, and not giving other companies access to the kernel-level security features of Vista. Doh!
There have been years of lawsuits about whether Microsoft had the right to add features like media players and web browsers to their operating system, with mixed results. But the one thing that a company making an operating system *must* be allowed to do is to make it safe. Can you imagine a judge forcing Microsoft to leave open security holes in their operating system, just so that companies making security software still have a market? If Mr. Gates manages to bring out an operating system which is immune to spyware, viruses, and hackers, more power to him.
I recently uninstalled the McAfee security center from all of my computers, because it became more and more bossy, not wanting to let me do even perfectly safe things, like transfering files between my computers. I do have a hardware firewall in my router, and the Windows software firewall, so a third firewall really isn't necessary. Against viruses I now use the free Avira AntiVir software, which isn't any worse than the $100 per year McAfee software. And I use another free software, AdAware against spyware, although I might try out the new free Microsoft Windows Defender. In combination with some basic common sense rules, like "don't click on anything in your email" and "don't be stupid", that is more than enough security for a home computer. Worst case scenario? I spend half a day formating my hard drive and reinstalling everything. I keep my data backed up, and don't store anything really secret on my computer, so why would I need expensive and cumbersome security software?
Don't believe the panic, most of what you hear about how dangerous the internet is, is hype spread by companies selling that software. Even the BBC honeypot, which they set up specifically to show how dangerous the internet is, required the journalists to click on a lot of spam messages, voluntarily installing software, before the computer became so clogged with adware and spyware that it stopped running correctly. If they had have the Windows firewall running and not clicked on any spam, their computer would have been perfectly safe. But of course that wouldn't have been such a good story.
Comments:
<< Home
Newer› ‹Older
I hadn't heard McAfee/Symantec's complaint, but it sounds silly. It's akin to a plumber demanding that the toilets are designed to backup once per year.
It's in Microsoft's best interests to release as good a product as possible. Unfortunately, there's not really much of an option on O/S, but as that's always possible they should do their best. Will they make a bulletproof software? My magic 8-ball says "signs point to no". Virus writers aren't giving up, so they will always have something to still code against. If they were smart, they'd be in there with MS, trying to integrate their product into the O/S. Think of the profits...
I took off McAfee a few months ago and my computer runs so much better. I was turning off half of its functions each time I started up, as it was hogging resources and blocking me from doing things. For example, the firewall continuously reset and would block my MMORPG playing until I wandered through the Allow lists. I've got the windows' firewall and a router firewall running now, and all seems well. I run Trend micro's virus search once a week out of habit and have no issues, since I use the minimum internet common sense you mentioned.
It's in Microsoft's best interests to release as good a product as possible. Unfortunately, there's not really much of an option on O/S, but as that's always possible they should do their best. Will they make a bulletproof software? My magic 8-ball says "signs point to no". Virus writers aren't giving up, so they will always have something to still code against. If they were smart, they'd be in there with MS, trying to integrate their product into the O/S. Think of the profits...
I took off McAfee a few months ago and my computer runs so much better. I was turning off half of its functions each time I started up, as it was hogging resources and blocking me from doing things. For example, the firewall continuously reset and would block my MMORPG playing until I wandered through the Allow lists. I've got the windows' firewall and a router firewall running now, and all seems well. I run Trend micro's virus search once a week out of habit and have no issues, since I use the minimum internet common sense you mentioned.
Well technically what they're complaining about is MSFT is not giving them access to information on Vista so that they can come out with their anti virus tools in time.
Of course, everyone always says that. "Microsoft is using hidden unpublished hooks in their OS to access faster and better algorithms so their software runs better" yada yada /yawn.
If it's true, it's certainly anti competative. But I doubt it's true, I think McAfee is just pissed that MSFT is hiring so many execs from McAfee lately.
Of course, everyone always says that. "Microsoft is using hidden unpublished hooks in their OS to access faster and better algorithms so their software runs better" yada yada /yawn.
If it's true, it's certainly anti competative. But I doubt it's true, I think McAfee is just pissed that MSFT is hiring so many execs from McAfee lately.
Symantec / MacAfee are so overbloated.. I stick to grisoft's avg (free for personnal use) and my machine runs smooth...
I'm kind of torn about this specific situation, there aren't any good guys here only bad guys.
The AV/ security companies who are whining (apparently with success) want to continue hooking the kernel jumptables. That's probably gobbledegook to most of you, but it's basically plugging their program into the parts of the operating system that no-one is supposed to mess with, even other Microsoft product groups, in fact not even most of the OS people. This makes the system more fragile, because suddenly bugs in the "anti-virus program" crash the entire operating system. Most of the software written to hook the jumptables is malware, specifically root kits, yet this is the technique chosen by some (not all) AV vendors. Not a very reputable approach.
Microsoft wants to completely prevent/forbid hooking the jumptables. If they can achieve that, at least to the extent that you can't easily Google up a working jumptable hook, then this gives them a lot more control over what you, as either a 3rd party developer or an ordinary user can do. The public justification is that a lot of malware hooks the jumptables, in private it's pretty obvious that this is mostly about ensuring that you can't defeat Microsoft's copy control, license control and any other restrictions they invent. Vista won't work if Microsoft doesn't think you've paid for it. If by accident or design Microsoft wants another $100, you have no choice but to pay up or quit using Vista. Of course all the mechanisms to enforce this also make the operating system more fragile.
So as I said, all bad guys and no good guys. Other systems manage to get along with no restrictions on patching the OS and no significant application software that tries to do so. When Microsoft and Symantec (among others) try to pretend that this is a dilemma they're intentionally narrowing the options to eliminate those that aren't to their advantage.
The AV/ security companies who are whining (apparently with success) want to continue hooking the kernel jumptables. That's probably gobbledegook to most of you, but it's basically plugging their program into the parts of the operating system that no-one is supposed to mess with, even other Microsoft product groups, in fact not even most of the OS people. This makes the system more fragile, because suddenly bugs in the "anti-virus program" crash the entire operating system. Most of the software written to hook the jumptables is malware, specifically root kits, yet this is the technique chosen by some (not all) AV vendors. Not a very reputable approach.
Microsoft wants to completely prevent/forbid hooking the jumptables. If they can achieve that, at least to the extent that you can't easily Google up a working jumptable hook, then this gives them a lot more control over what you, as either a 3rd party developer or an ordinary user can do. The public justification is that a lot of malware hooks the jumptables, in private it's pretty obvious that this is mostly about ensuring that you can't defeat Microsoft's copy control, license control and any other restrictions they invent. Vista won't work if Microsoft doesn't think you've paid for it. If by accident or design Microsoft wants another $100, you have no choice but to pay up or quit using Vista. Of course all the mechanisms to enforce this also make the operating system more fragile.
So as I said, all bad guys and no good guys. Other systems manage to get along with no restrictions on patching the OS and no significant application software that tries to do so. When Microsoft and Symantec (among others) try to pretend that this is a dilemma they're intentionally narrowing the options to eliminate those that aren't to their advantage.
Nick,
I'll dig up the program I used to get Symantec off my laptop and post the name. It came preinstalled, but kept trying to manage the system so tightly that it would frequently break the wireless network connection because it somehow felt it was an unauthorized access attempt. I had called Dell a few times complaining how crummy the PC was running, but after nuking Norton the PC flies. Once a week I get a bubble from XP complaining that there is no AV installed, but a click sends that away.
I'll dig up the program I used to get Symantec off my laptop and post the name. It came preinstalled, but kept trying to manage the system so tightly that it would frequently break the wireless network connection because it somehow felt it was an unauthorized access attempt. I had called Dell a few times complaining how crummy the PC was running, but after nuking Norton the PC flies. Once a week I get a bubble from XP complaining that there is no AV installed, but a click sends that away.
My Dell came with Norton 2 years ago. I tried to uninstall norton to install Mccaffee, and was met with the message. Unistallation cannot be completed, need administrator code. Ok so I will just upgrade Norton then? Wrong. I purchased the update from Norton, and you guessed it, cannot install need administrator code. I tried to contact Norton by email-they have no 1800 number- and I was told to turn off many of the security features already in place and then they would automatically patch to my computer and make sure the software installed correctly. WTF?? I'm not fluent in computers, but I'm guessing that turning off my security features so that another person can manually access my computer via internet is not in my best interests. Oh well, been using a free virus scan ever since with my windows firewall activated and haven't had a problem. Note to self: the next time I purchase a computer, make sure that the security software I choose to install is purchased afterwards. Unless I'm just retarded and the administrator code is right in front of my face somewhere.
Post a Comment
<< Home